CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede webguru Nybegynder
12. juni 2009 - 18:08 Der er 4 kommentarer og
1 løsning

sløv pc.. tror der er virus/spyware på ??

hejsa
er der nogen der kan hjælpe.. den er meget sløv. kører xp og kan ikke få lov at lave opdateringer fra microsoft, har fået fjernet noget men der er stadigvæk bøvl.

her er en log:

kan nogen hjælpe mig

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:01:55, on 12-06-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Programmer\Norman\Npm\Bin\Elogsvc.exe
C:\Programmer\Norman\Ngs\bin\NPROSEC.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Norman\Npm\Bin\Zanda.exe
C:\Programmer\Norman\npm\bin\nvoy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Norman\npf\bin\npfsvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Programmer\Google\Update\GoogleUpdate.exe
C:\Programmer\Norman\Npm\Bin\ZLH.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\msdtc.exe
C:\Programmer\Intel\ASF Agent\ASFAgent.exe
C:\Programmer\Intel\AMT\atchksrv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programmer\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Programmer\Canon\IJPLM\IJPLMSVC.EXE
C:\Programmer\Intel\AMT\LMS.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Intel\AMT\UNS.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Programmer\Windows Live\Toolbar\wltuser.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Norman\Npm\Bin\scheduler.exe
C:\Programmer\Norman\npc\bin\npcsvc32.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\Norman\nse\bin\NSESVC.EXE
C:\Programmer\Norman\npc\bin\nuaa.exe
C:\Programmer\Norman\Nvc\bin\nvcoas.exe
C:\Programmer\Norman\Nvc\Bin\Nip.exe
C:\Programmer\Norman\Nvc\Bin\cclaw.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
F:\sikkerhed\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dk.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.dk/ig/dell?hl=da&client=dell-row-rel&channel=dk&ibd=2071213
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmer\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmer\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmer\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programmer\Dell\BAE\BAE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmer\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmer\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Norman ZANDA] "C:\Programmer\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmer\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\programmer\norman\npc\bin\nlf.dll
O10 - Unknown file in Winsock LSP: c:\programmer\norman\npc\bin\nlf.dll
O10 - Unknown file in Winsock LSP: c:\programmer\norman\npc\bin\nlf.dll
O10 - Unknown file in Winsock LSP: c:\programmer\norman\npc\bin\nlf.dll
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.sparnord.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmer\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1211119469312
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
O16 - DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} (FileOpenInstaller) - http://plugin.fileopen.com/current/FileOpen.CAB
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FÆLLES~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programmer\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O22 - SharedTaskScheduler: awash - {e3623691-f85d-48d8-8e4d-abe79077f841} - (no file)
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Programmer\Intel\ASF Agent\ASFAgent.exe
O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Programmer\Intel\AMT\atchksrv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Programmer\Norman\Npm\Bin\Elogsvc.exe
O23 - Service: getPlus(R) Helper - Unknown owner - C:\Programmer\NOS\bin\getPlus_HelperSvc.exe (file missing)
O23 - Service: GoogleDesktopManager-061008-081103 - Gemplus - (no file)
O23 - Service: Tjenesten Google Update (gupdate1c9b5f96c95a380) (gupdate1c9b5f96c95a380) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programmer\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Programmer\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel - C:\Programmer\Intel\AMT\LMS.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norman NJeeves - Norman ASA - C:\Programmer\Norman\Npm\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:\Programmer\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Parental Control (NPC) - Norman ASA - C:\Programmer\Norman\npc\bin\npcsvc32.exe
O23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman ASA - C:\Programmer\Norman\npf\bin\npfsvc32.exe
O23 - Service: Norman Security service (NPROSECSVC) - Norman ASA - C:\Programmer\Norman\Ngs\bin\NPROSEC.EXE
O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Programmer\Norman\nse\bin\NSESVC.EXE
O23 - Service: Norman User Activity Agent (NUAA) - Norman ASA - C:\Programmer\Norman\npc\bin\nuaa.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Programmer\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - C:\Programmer\Norman\Npm\bin\NVCSCHED.EXE (file missing)
O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Programmer\Norman\npm\bin\nvoy.exe
O23 - Service: Norman Scheduler Service (Scheduler) - Norman ASA - C:\Programmer\Norman\Npm\Bin\scheduler.exe
O23 - Service: stllssvr - Unknown owner - C:\Programmer\Fælles filer\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel - C:\Programmer\Intel\AMT\UNS.exe

--
End of file - 12211 bytes
Avatar billede f-arn Guru
12. juni 2009 - 18:58 #1
Hent "Malwarebytes' Anti-Malware" her: http://www.besttechie.net/tools/mbam-setup.exe
Installer og start programmet, opdater, lav "Hurtig skan" under fanebladet "skanner".
Bagefter klik på "vis resultater", tryk på "Fjern det valgte" og send loggen herind sammen med en log fra DDS som du finder her: http://download.bleepingcomputer.com/sUBs/dds.scr

eller her: http://www.forospyware.com/sUBs/dds


Den laver to logs,(DDS.txt og Attach.txt) gem dem på skrivebordet og kopier indholdet af DDS.txt  herind.

OBS - DDS skal gemmes på computeren og ikke køres fra nettet
Avatar billede webguru Nybegynder
12. juni 2009 - 19:54 #2
Hej igen
de kommer så begge her...


DDS (Ver_09-05-14.01) - NTFSx86 
Run by STIG PEDERSEN at 19:51:20,07 on 12-06-2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional  5.1.2600.3.1252.45.1030.18.2014.1411 [GMT 2:00]

AV: Norman Security Suite *On-access scanning enabled* (Updated)  {EB9EFB40-AE72-4C43-B204-0FCD0E92D5F1}
FW: Norman Security Suite *enabled*  {83B29CE9-9DE2-2CB5-9AB3-780D70FF12B0}

============== Running Processes ===============

C:\Programmer\Norman\Npm\Bin\Elogsvc.exe
C:\Programmer\Norman\Ngs\bin\NPROSEC.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Programmer\Norman\Npm\Bin\Zanda.exe
C:\Programmer\Norman\npm\bin\nvoy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Programmer\Norman\npf\bin\npfsvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\msdtc.exe
C:\Programmer\Intel\ASF Agent\ASFAgent.exe
C:\Programmer\Intel\AMT\atchksrv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programmer\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Programmer\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Programmer\Canon\IJPLM\IJPLMSVC.EXE
C:\Programmer\Intel\AMT\LMS.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Programmer\Intel\AMT\UNS.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Programmer\Norman\Npm\bin\NJEEVES.EXE
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\Norman\Npm\Bin\scheduler.exe
C:\Programmer\Norman\npc\bin\npcsvc32.exe
C:\Programmer\Norman\nse\bin\NSESVC.EXE
C:\Programmer\Norman\npc\bin\nuaa.exe
C:\WINDOWS\System32\alg.exe
C:\Programmer\Norman\Npm\Bin\ZLH.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\Norman\Nvc\bin\nvcoas.exe
C:\Programmer\Norman\Nvc\Bin\Nip.exe
C:\Programmer\Norman\Nvc\Bin\cclaw.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programmer\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\STIG PEDERSEN\Skrivebord\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Bar =
uSearchMigratedDefaultURL = hxxp://www.google.com/
mDefault_Search_URL = hxxp://www.google.com/
mSearch Page = hxxp://www.google.com/
mSearch Bar = hxxp://www.google.com/
mSearchMigratedDefaultURL = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchURL = hxxp://www.google.com/
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmer\fælles filer\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\programmer\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\programmer\spybot - search & destroy\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\programmer\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\programmer\java\jre1.6.0_07\bin\ssv.dll
BHO: Hjælp til tilmelding til Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programmer\fælles filer\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\programmer\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\programmer\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\programmer\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\programmer\dell\bae\BAE.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\programmer\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\programmer\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\programmer\google\google toolbar\GoogleToolbar.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
mRun: [Norman ZANDA] "c:\programmer\norman\npm\bin\ZLH.EXE" /LOAD /SPLASH
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menuen~1\progra~1\start\logite~1.lnk - c:\programmer\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programmer\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\programmer\java\jre1.6.0_07\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\programmer\windows live\writer\WriterBrowserExtension.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\programmer\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\programmer\spybot - search & destroy\SDHelper.dll
LSP: c:\programmer\norman\npc\bin\nlf.dll
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.sparnord.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\programmer\yahoo!\common\yinsthelper.dll
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1211119469312
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} - hxxp://plugin.fileopen.com/current/FileOpen.CAB
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\programmer\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programmer\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: {e3623691-f85d-48d8-8e4d-abe79077f841} - No File

============= SERVICES / DRIVERS ===============

R0 NDIS_RD;Norman Firewall NDIS driver;c:\windows\system32\drivers\ndis_rd.sys [2008-9-22 79752]
R1 NGS;Norman General Security Driver;c:\programmer\norman\ngs\bin\ngs.sys [2009-2-27 22712]
R1 NPROSEC;Norman Security driver;c:\programmer\norman\ngs\bin\nprosec.sys [2008-9-22 53816]
R1 TDI_RD;Norman Firewall TDI driver;c:\windows\system32\drivers\tdi_rd.sys [2008-9-22 74624]
R2 ASFAgent;ASF Agent;c:\programmer\intel\asf agent\ASFAgent.exe [2007-1-23 133968]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-5-9 55152]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor;c:\programmer\intel\intel matrix storage manager\IAANTmon.exe [2007-12-13 358936]
R2 Ndiskio;Ndiskio;c:\programmer\norman\nse\bin\Ndiskio.sys [2008-9-22 20448]
R2 Norman ZANDA;Norman ZANDA;c:\programmer\norman\npm\bin\Zanda.exe [2007-12-14 408696]
R2 NPFSvc32;Norman Personal Firewall Service;c:\programmer\norman\npf\bin\npfsvc32.exe [2008-9-22 597104]
R2 NPROSECSVC;Norman Security service;c:\programmer\norman\ngs\bin\nprosec.exe [2008-9-22 121912]
R2 NVOY;Norman Resource Provider;c:\programmer\norman\npm\bin\nvoy.exe [2008-9-22 126008]
R2 SeaPort;SeaPort;c:\programmer\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-1-14 226656]
R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\programmer\intel\amt\UNS.exe [2007-12-13 2521880]
R3 GKUPRO2D;GKUPRO2D;c:\windows\system32\drivers\GKUPRO2D.sys [2007-12-13 62048]
R3 NPC;Norman Parental Control;c:\programmer\norman\npc\bin\npcsvc32.exe [2008-9-22 416880]
R3 nsesvc;Norman Scanner Engine Service;c:\programmer\norman\nse\bin\Nsesvc.exe [2009-5-20 310328]
R3 NUAA;Norman User Activity Agent;c:\programmer\norman\npc\bin\nuaa.exe [2008-9-22 121912]
R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcw32mf.sys [2008-9-22 19512]
R3 nvcoas;Norman Virus Control on-access component;c:\programmer\norman\nvc\bin\Nvcoas.exe [2009-2-19 195640]
R3 pmxmouse;PMXMOUSE;c:\windows\system32\drivers\pmxmouse.sys [2008-1-14 18432]
R3 pmxusblf;PMXUSBLF;c:\windows\system32\drivers\pmxusblf.sys [2008-1-14 14336]
R3 Scheduler;Norman Scheduler Service;c:\programmer\norman\npm\bin\scheduler.exe [2009-5-13 130104]
S0 qvlkqz;qvlkqz;c:\windows\system32\drivers\vfzdhvg.sys --> c:\windows\system32\drivers\vfzdhvg.sys [?]
S2 gupdate1c9b5f96c95a380;Tjenesten Google Update (gupdate1c9b5f96c95a380);c:\programmer\google\update\GoogleUpdate.exe [2009-4-5 133104]
S3 fsssvc;Windows Live Family Safety;c:\programmer\windows live\family safety\fsssvc.exe [2009-2-6 533360]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\programmer\nos\bin\getplus_helpersvc.exe --> c:\programmer\nos\bin\getPlus_HelperSvc.exe [?]
S3 GoogleDesktopManager-061008-081103;GoogleDesktopManager-061008-081103; [x]
S3 NVCScheduler;Norman Virus Control Scheduler;"c:\programmer\norman\npm\bin\nvcsched.exe" --> c:\programmer\norman\npm\bin\NVCSCHED.EXE [?]

=============== Created Last 30 ================

2009-06-12 17:42    <DIR>    --d-----    c:\docume~1\stigpe~1\applic~1\Malwarebytes
2009-06-12 17:42    19,096    a-------    c:\windows\system32\drivers\mbam.sys
2009-06-12 17:42    40,160    a-------    c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-12 17:42    <DIR>    --d-----    c:\programmer\Malwarebytes' Anti-Malware
2009-06-12 17:42    <DIR>    --d-----    c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-06-12 17:11    <DIR>    --d-----    c:\programmer\Perfect Uninstaller
2009-06-12 16:55    <DIR>    --d-----    c:\windows\pss
2009-06-12 16:53    <DIR>    --d-----    c:\programmer\Spybot - Search & Destroy
2009-06-12 16:53    <DIR>    --d-----    c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy

==================== Find3M  ====================

2009-06-12 18:39    0    a-------    c:\windows\system32\drivers\lvuvc.hs
2009-06-12 18:38    0    a-------    c:\windows\system32\drivers\logiflt.iad
2009-05-27 14:25    0    a-------    c:\documents and settings\stig pedersen\temp.dat
2009-05-09 13:07    520,540    a-------    c:\windows\system32\perfh006.dat
2009-05-09 13:07    108,008    a-------    c:\windows\system32\perfc006.dat
2009-05-01 20:30    3,366,912    a-------    c:\windows\system32\GPhotos.scr
2009-03-21 16:08    1,006,080    --------    c:\windows\system32\dllcache\kernel32.dll
2008-02-25 21:22    32    --------    c:\docume~1\alluse~1\applic~1\ezsid.dat
2008-05-18 16:51    32,768    a--sh---    c:\windows\system32\config\systemprofile\lokale indstillinger\oversigt\history.ie5\mshist012008051820080519\index.dat

============= FINISH: 19:51:39,03 ===============


Malwarebytes' Anti-Malware 1.37
Database version: 2266
Windows 5.1.2600 Service Pack 3

12-06-2009 19:46:43
mbam-log-2009-06-12 (19-46-43).txt

Skan type: Fuldstændig skanning (C:\|)
Objekter skannet: 149524
Tid tilbagelagt: 24 minute(s), 37 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)
Avatar billede webguru Nybegynder
12. juni 2009 - 21:30 #3
Hej igen
de kommer så begge her...


DDS (Ver_09-05-14.01) - NTFSx86 
Run by STIG PEDERSEN at 19:51:20,07 on 12-06-2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional  5.1.2600.3.1252.45.1030.18.2014.1411 [GMT 2:00]

AV: Norman Security Suite *On-access scanning enabled* (Updated)  {EB9EFB40-AE72-4C43-B204-0FCD0E92D5F1}
FW: Norman Security Suite *enabled*  {83B29CE9-9DE2-2CB5-9AB3-780D70FF12B0}

============== Running Processes ===============

C:\Programmer\Norman\Npm\Bin\Elogsvc.exe
C:\Programmer\Norman\Ngs\bin\NPROSEC.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Programmer\Norman\Npm\Bin\Zanda.exe
C:\Programmer\Norman\npm\bin\nvoy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Programmer\Norman\npf\bin\npfsvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\msdtc.exe
C:\Programmer\Intel\ASF Agent\ASFAgent.exe
C:\Programmer\Intel\AMT\atchksrv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programmer\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Programmer\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Programmer\Canon\IJPLM\IJPLMSVC.EXE
C:\Programmer\Intel\AMT\LMS.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Programmer\Intel\AMT\UNS.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Programmer\Norman\Npm\bin\NJEEVES.EXE
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\Norman\Npm\Bin\scheduler.exe
C:\Programmer\Norman\npc\bin\npcsvc32.exe
C:\Programmer\Norman\nse\bin\NSESVC.EXE
C:\Programmer\Norman\npc\bin\nuaa.exe
C:\WINDOWS\System32\alg.exe
C:\Programmer\Norman\Npm\Bin\ZLH.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\Norman\Nvc\bin\nvcoas.exe
C:\Programmer\Norman\Nvc\Bin\Nip.exe
C:\Programmer\Norman\Nvc\Bin\cclaw.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programmer\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\STIG PEDERSEN\Skrivebord\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Bar =
uSearchMigratedDefaultURL = hxxp://www.google.com/
mDefault_Search_URL = hxxp://www.google.com/
mSearch Page = hxxp://www.google.com/
mSearch Bar = hxxp://www.google.com/
mSearchMigratedDefaultURL = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchURL = hxxp://www.google.com/
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmer\fælles filer\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\programmer\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\programmer\spybot - search & destroy\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\programmer\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\programmer\java\jre1.6.0_07\bin\ssv.dll
BHO: Hjælp til tilmelding til Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programmer\fælles filer\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\programmer\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\programmer\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\programmer\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\programmer\dell\bae\BAE.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\programmer\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\programmer\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\programmer\google\google toolbar\GoogleToolbar.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
mRun: [Norman ZANDA] "c:\programmer\norman\npm\bin\ZLH.EXE" /LOAD /SPLASH
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menuen~1\progra~1\start\logite~1.lnk - c:\programmer\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programmer\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\programmer\java\jre1.6.0_07\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\programmer\windows live\writer\WriterBrowserExtension.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\programmer\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\programmer\spybot - search & destroy\SDHelper.dll
LSP: c:\programmer\norman\npc\bin\nlf.dll
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.sparnord.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\programmer\yahoo!\common\yinsthelper.dll
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1211119469312
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} - hxxp://plugin.fileopen.com/current/FileOpen.CAB
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\programmer\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programmer\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: {e3623691-f85d-48d8-8e4d-abe79077f841} - No File

============= SERVICES / DRIVERS ===============

R0 NDIS_RD;Norman Firewall NDIS driver;c:\windows\system32\drivers\ndis_rd.sys [2008-9-22 79752]
R1 NGS;Norman General Security Driver;c:\programmer\norman\ngs\bin\ngs.sys [2009-2-27 22712]
R1 NPROSEC;Norman Security driver;c:\programmer\norman\ngs\bin\nprosec.sys [2008-9-22 53816]
R1 TDI_RD;Norman Firewall TDI driver;c:\windows\system32\drivers\tdi_rd.sys [2008-9-22 74624]
R2 ASFAgent;ASF Agent;c:\programmer\intel\asf agent\ASFAgent.exe [2007-1-23 133968]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-5-9 55152]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor;c:\programmer\intel\intel matrix storage manager\IAANTmon.exe [2007-12-13 358936]
R2 Ndiskio;Ndiskio;c:\programmer\norman\nse\bin\Ndiskio.sys [2008-9-22 20448]
R2 Norman ZANDA;Norman ZANDA;c:\programmer\norman\npm\bin\Zanda.exe [2007-12-14 408696]
R2 NPFSvc32;Norman Personal Firewall Service;c:\programmer\norman\npf\bin\npfsvc32.exe [2008-9-22 597104]
R2 NPROSECSVC;Norman Security service;c:\programmer\norman\ngs\bin\nprosec.exe [2008-9-22 121912]
R2 NVOY;Norman Resource Provider;c:\programmer\norman\npm\bin\nvoy.exe [2008-9-22 126008]
R2 SeaPort;SeaPort;c:\programmer\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-1-14 226656]
R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\programmer\intel\amt\UNS.exe [2007-12-13 2521880]
R3 GKUPRO2D;GKUPRO2D;c:\windows\system32\drivers\GKUPRO2D.sys [2007-12-13 62048]
R3 NPC;Norman Parental Control;c:\programmer\norman\npc\bin\npcsvc32.exe [2008-9-22 416880]
R3 nsesvc;Norman Scanner Engine Service;c:\programmer\norman\nse\bin\Nsesvc.exe [2009-5-20 310328]
R3 NUAA;Norman User Activity Agent;c:\programmer\norman\npc\bin\nuaa.exe [2008-9-22 121912]
R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcw32mf.sys [2008-9-22 19512]
R3 nvcoas;Norman Virus Control on-access component;c:\programmer\norman\nvc\bin\Nvcoas.exe [2009-2-19 195640]
R3 pmxmouse;PMXMOUSE;c:\windows\system32\drivers\pmxmouse.sys [2008-1-14 18432]
R3 pmxusblf;PMXUSBLF;c:\windows\system32\drivers\pmxusblf.sys [2008-1-14 14336]
R3 Scheduler;Norman Scheduler Service;c:\programmer\norman\npm\bin\scheduler.exe [2009-5-13 130104]
S0 qvlkqz;qvlkqz;c:\windows\system32\drivers\vfzdhvg.sys --> c:\windows\system32\drivers\vfzdhvg.sys [?]
S2 gupdate1c9b5f96c95a380;Tjenesten Google Update (gupdate1c9b5f96c95a380);c:\programmer\google\update\GoogleUpdate.exe [2009-4-5 133104]
S3 fsssvc;Windows Live Family Safety;c:\programmer\windows live\family safety\fsssvc.exe [2009-2-6 533360]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\programmer\nos\bin\getplus_helpersvc.exe --> c:\programmer\nos\bin\getPlus_HelperSvc.exe [?]
S3 GoogleDesktopManager-061008-081103;GoogleDesktopManager-061008-081103; [x]
S3 NVCScheduler;Norman Virus Control Scheduler;"c:\programmer\norman\npm\bin\nvcsched.exe" --> c:\programmer\norman\npm\bin\NVCSCHED.EXE [?]

=============== Created Last 30 ================

2009-06-12 17:42    <DIR>    --d-----    c:\docume~1\stigpe~1\applic~1\Malwarebytes
2009-06-12 17:42    19,096    a-------    c:\windows\system32\drivers\mbam.sys
2009-06-12 17:42    40,160    a-------    c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-12 17:42    <DIR>    --d-----    c:\programmer\Malwarebytes' Anti-Malware
2009-06-12 17:42    <DIR>    --d-----    c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-06-12 17:11    <DIR>    --d-----    c:\programmer\Perfect Uninstaller
2009-06-12 16:55    <DIR>    --d-----    c:\windows\pss
2009-06-12 16:53    <DIR>    --d-----    c:\programmer\Spybot - Search & Destroy
2009-06-12 16:53    <DIR>    --d-----    c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy

==================== Find3M  ====================

2009-06-12 18:39    0    a-------    c:\windows\system32\drivers\lvuvc.hs
2009-06-12 18:38    0    a-------    c:\windows\system32\drivers\logiflt.iad
2009-05-27 14:25    0    a-------    c:\documents and settings\stig pedersen\temp.dat
2009-05-09 13:07    520,540    a-------    c:\windows\system32\perfh006.dat
2009-05-09 13:07    108,008    a-------    c:\windows\system32\perfc006.dat
2009-05-01 20:30    3,366,912    a-------    c:\windows\system32\GPhotos.scr
2009-03-21 16:08    1,006,080    --------    c:\windows\system32\dllcache\kernel32.dll
2008-02-25 21:22    32    --------    c:\docume~1\alluse~1\applic~1\ezsid.dat
2008-05-18 16:51    32,768    a--sh---    c:\windows\system32\config\systemprofile\lokale indstillinger\oversigt\history.ie5\mshist012008051820080519\index.dat

============= FINISH: 19:51:39,03 ===============


Malwarebytes' Anti-Malware 1.37
Database version: 2266
Windows 5.1.2600 Service Pack 3

12-06-2009 19:46:43
mbam-log-2009-06-12 (19-46-43).txt

Skan type: Fuldstændig skanning (C:\|)
Objekter skannet: 149524
Tid tilbagelagt: 24 minute(s), 37 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)
Avatar billede Computer Hjælp (Gratis) Mester
13. juni 2009 - 09:38 #4
http://www.eksperten.dk/spm/878049 ?
Avatar billede webguru Nybegynder
13. juni 2009 - 12:29 #5
ja det var mig der lavede en bøf sorry.. så jeg oprettede en ny på http://www.eksperten.dk/spm/878049 som du skriver :-)
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Findes der mon et Antivirus program, som ikke, konstant, reklamerer, for at købe ? Af Ikke-ekspert i Virus 21 22/06/202419:22 23/06/202412:54
Anbefaling af antivirusprogram med firewall Af OnePlusFan i Virus 23 07/05/202421:02 13/05/202419:48
trusler Af gerhardpet i Virus 4 26/01/202410:02 27/01/202408:32
Kan ikke fjerne virus Af mik28 i Virus 16 09/01/202416:37 10/01/202419:59
virusscanning Af JetteD i Virus 2 10/11/202312:55 10/11/202316:36
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I dag 10:57 Pinnacle videoredigering Af gerhardpet i Billedbehandling
I går 16:51 UNILOGIN i GOOGLE Af lao i Browsere
I går 10:07 Kan det gøres lettere Af densortehingst i Excel
01/0821:49 En app vækker mig om morgenen og giver en vejrudsigt - hvordan stoppe det? Af Philip Kuhlmann i Apps til Android
01/0821:28 visning af heltal som resultat efter beregning Af Brian_Skovgaard i Excel
White papers
Flere white papers »


Premium
Teaser billede
Nvidia efterforskes for brud på konkurrencelov
Læs mere »
Den store cloud-krig raser stadigvæk - og Amazon ser lige nu ud til at have overhånden
Apple præsenter første regnskab siden AI-udmelding: Her er tre bemærkelsesværdige pointer derfra
Sårbarhed kan let give administratorrettigheder til alle: Udnyttes allerede af ransomware-grupper
Se alle »
Computerworld
Teaser billede
Første test: Denne helt nye wunder-CPU vil du have i din næste laptop
Læs mere »
Alvorlig fejl i Intel-chips breder sig: Listen over ramte processor vokser og vokser – og de kan blive permanent beskadigede
’Apple Intelligence’ slippes løs: Her kommer første mulighed for at afprøve Apples kunstige intelligens
Flere statslige it-løsninger ramt af netværksproblemer - ansatte kunne ikke få mail-adgang
Se alle »
CIO
Teaser billede
Stor aftale gør Microsofts datacentre hurtigere - investerer i netværksudstyr
Læs mere »
Telenor skrotter ældre it-system: Nyt system er en hyldevare
Derfor står Danske Bank foran en kæmpe AWS-transformation: Ellers skulle vi bygge en ny infrastruktur for at følge med
NIS2 i Danmark udskydes med flere måneder: Her er den nye dato, hvor loven træder i kraft
Se alle »
Job & Karriere
Teaser billede
Efter 12 år er NNIT's hovedkvarter i Søborg nu ryddet og tomt - alle arbejder hjemme: "Det er med et vist vemod"
Læs mere »
KMD-direktør forlader selskabet: Det skal hun nu
Dansk top-profil trækker sig fra Microsoft: Skal være direktør i TDC Erhverv
IBM Danmark skifter ud i sin øverste ledelse - her er den nye direktion
Se alle »
White paper
Teaser billede
Informationshåndtering på frontlinjen: Sådan optimerer du med automatisering
Læs mere »
Nemmere overblik, styring og omkostningskontrol i dit multicloud-miljø
Sådan gør du: Elektronisk dokumentudveksling i praksis
Rapport kortlægger de 13 bedste muligheder for at sætte turbo på din cloud computing
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »