CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede benneharli Juniormester
24. marts 2010 - 13:39 Der er 14 kommentarer og
1 løsning

HiJack this log

Logfile of HijackThis v1.99.1
Scan saved at 13:32:16, on 24-03-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Logishrd\Bluetooth\LBTServ.exe
C:\Programmer\Symantec\Symantec Endpoint Protection\Smc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Programmer\Citrix\ICA Client\ssonsvr.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Abyss Web Server\abyssws.exe
C:\Programmer\Abyss Web Server\abyssws.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\crypserv.exe
C:\Programmer\VPN Client\cvpnd.exe
C:\Programmer\TAC\TAC Vista 5.1.3\DSSWriterService.exe
C:\Programmer\TAC\Fm32\FMServer\srvany.exe
C:\Programmer\MNView\Binary\VCommon\NTServApp.exe
C:\Programmer\TAC\Fm32\FMServer\FMServer.exe
C:\WINDOWS\system32\hasplms.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\LogMeIn\x86\RaMaint.exe
C:\LonWorks\bin\LnsMtsSvc.exe
C:\Programmer\LogMeIn\x86\LogMeIn.exe
C:\Programmer\LogMeIn\x86\LMIGuardian.exe
C:\Programmer\LOYTEC\NIC\Windows\Driver\SRV\srvany.exe
C:\Programmer\LOYTEC\NIC\Windows\LConfig\legacydrv.exe
C:\Programmer\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Programmer\NTP\bin\ntpd.exe
C:\WINDOWS\system32\PLServ.exe
C:\Programmer\MNView\Binary\VCommon\slssvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\snmptrap.exe
C:\Programmer\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Programmer\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\WINDOWS\system32\vmnat.exe
C:\Programmer\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
C:\Programmer\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
C:\Programmer\MNView\Binary\VCommon\wwlogsvc.exe
C:\Programmer\Obermeier Software\SNMP-OPC Server\snmpopc.exe
C:\Programmer\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE
C:\Programmer\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Programmer\VMware\VMware Workstation\vmware-authd.exe
C:\WINDOWS\system32\cmd.exe
C:\Programmer\LOYTEC\NIC\Windows\LConfig\MniMaster.exe
C:\Programmer\Merlinia\OutBack\Client\OutBack.exe
C:\WINDOWS\System32\alg.exe
C:\Programmer\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\Programmer\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Programmer\Logitech\SetPoint\LBTWiz.exe
C:\Programmer\LogMeIn\x86\LMIGuardian.exe
C:\Programmer\Fælles filer\Java\Java Update\jusched.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programmer\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Programmer\VMware\VMware Workstation\vmware-tray.exe
C:\Programmer\Windows Live\Messenger\msnmsgr.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\ATnotes\ATnotes.exe
C:\Programmer\Skype\Phone\Skype.exe
C:\Programmer\DAEMON Tools Lite\DTLite.exe
C:\Programmer\Citrix\ICA Client\PNAMAIN.EXE
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\Infotriever\Agent\infoclient.exe
C:\Programmer\Fælles filer\Logishrd\KHAL2\KHALMNPR.EXE
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\Windows Live\Contacts\wlcomm.exe
C:\Programmer\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmer\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\br\Skrivebord\ProcessExplorer\procexp.exe
C:\Programmer\Google\Chrome\Application\chrome.exe
C:\Programmer\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://delphi.tac.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://delphi.tac.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
F2 - REG:system.ini: Shell=Explorer.exe rundll32.exe
O1 - Hosts: 192.165.248.241 esxcol
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programmer\SnagIt 8\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programmer\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v3] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Programmer\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Fælles filer\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programmer\Fælles filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [vmware-tray] "C:\Programmer\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ATnotes.exe] C:\Programmer\ATnotes\ATnotes.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programmer\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Infotriever.lnk = C:\Programmer\Infotriever\Agent\infoclient.exe
O4 - Global Startup: Acelerador de inicio de AutoCAD LT.lnk = ?
O4 - Global Startup: Citrix XenApp.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: LOYTEC NIC Legacy Driver.lnk = C:\Programmer\LOYTEC\NIC\Windows\LConfig\legacydrv.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash - res://C:\Programmer\Flash Saving Plugin\FlashSButton.dll/210
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Programmer\Flash Saving Plugin\FlashSButton.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\programmer\bonjour\mdnsnsp.dll
O10 - Unknown file in Winsock LSP: c:\programmer\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\programmer\vmware\vmware workstation\vsocklib.dll
O11 - Options group: [INTERNATIONAL] International
O15 - Trusted Zone: http://*.danid.dk
O15 - Trusted IP range: http://192.9.2.1
O16 - DPF: {4F2A3649-7A9F-4950-9C31-409FAC6FC7C8} (IssueUtilCtrl Class) - https://danid.dk/csp/authenticode/csp.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258059542031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1258058607156
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} (Diagnostics ActiveX WebControl) - http://support.microsoft.com/mats/DiagWebControl.cab
O16 - DPF: {A8203263-E018-4106-BDBE-8BF6915E8190} (InforbitHelper Class) - https://download.infotriever.com/bin/ifhelper.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FAB9B41C-87D6-474D-AB7E-F07D78F2422E} (TeeChart Pro Activex control v7) - http://192.9.2.3/ion/Historical/teechart7.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = main.root.tac.com
O17 - HKLM\Software\..\Telephony: DomainName = main.root.tac.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = main.root.tac.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = main.root.tac.com
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = main.root.tac.com
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - c:\Programmer\Fælles filer\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FLLESF~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: LBTWlgn - c:\programmer\fælles filer\logishrd\bluetooth\LBTWlgn.dll
O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Abyss Web Server (AbyssWebServer) - Aprelium - C:\Programmer\Abyss Web Server\abyssws.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmer\Fælles filer\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programmer\VPN Client\cvpnd.exe
O23 - Service: TAC DSS Writer Service (DSSWriterService) - Unknown owner - C:\Programmer\TAC\TAC Vista 5.1.3\DSSWriterService.exe
O23 - Service: ESMI OPC DA Server (ESMIOPC) - ESMI Oy - C:\Programmer\ESMI\ESMIOPCServer\ESMIOPCServer.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FMServer - Unknown owner - C:\Programmer\TAC\Fm32\FMServer\srvany.exe
O23 - Service: FS Service Control - Wonderware Corporation - C:\Programmer\MNView\Binary\VCommon\NTServApp.exe
O23 - Service: Tjenesten Google Update (gupdate1ca2fa888cb8672) (gupdate1ca2fa888cb8672) - Unknown owner - C:\Programmer\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Remote Alarm Manager Engine (IRAMEngineService) - TAC - C:\Programmer\Satchwell\Binary\Remote Alarm Manager\IRAMEngine.exe
O23 - Service: Remote Alarm Manager Interface Host (IRAMInterfaceHostService) - TAC - C:\Programmer\Satchwell\Binary\Remote Alarm Manager\IRAMIHost.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Programmer\Java\jre6\bin\jqs.exe" -service -config "C:\Programmer\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programmer\Fælles filer\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Echelon xDriver Connection Broker (LdvxBroker) - Echelon Corporation - C:\LonWorks\bin\LdvxBroker.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Programmer\LogMeIn\x86\RaMaint.exe
O23 - Service: Echelon Support Service for Microsoft Terminal Services (MTS) (LnsMtsSvc) - Echelon Corporation - C:\LonWorks\bin\LnsMtsSvc.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Programmer\LogMeIn\x86\LogMeIn.exe
O23 - Service: LoytecSrv - Unknown owner - C:\Programmer\LOYTEC\NIC\Windows\Driver\SRV\srvany.exe
O23 - Service: SQL Server (SQL2005) (MSSQL$SQL2005) - Unknown owner - C:\Programmer\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQL2005 (file missing)
O23 - Service: Network Time Protocol Daemon (NTP) - Unknown owner - C:\Programmer\NTP\bin\ntpd.exe
O23 - Service: Privilege Win32 Server - Aladdin Knowledge Systems - C:\WINDOWS\system32\PLServ.exe
O23 - Service: Servers Alive (salive) - Woodstone bvba - C:\PROGRA~1\Salive\serversalive.exe
O23 - Service: Wonderware SuiteLink (slssvc) - Wonderware Corporation - C:\Programmer\MNView\Binary\VCommon\slssvc.exe
O23 - Service: Symantec Auto-upgrade Agent (Smcinst) - Unknown owner - C:\Programmer\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe (file missing)
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Programmer\Symantec\Symantec Endpoint Protection\Smc.exe
O23 - Service: SNMP-OPC Server 3.0 (SOSERVER) - Obermeier Software - C:\Programmer\Obermeier Software\SNMP-OPC Server\snmpopc.exe
O23 - Service: SQL Server Agent (SQL2005) (SQLAgent$SQL2005) - Unknown owner - C:\Programmer\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE" -i SQL2005 (file missing)
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\StacSV.exe
O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Programmer\Symantec\Symantec Endpoint Protection\Rtvscan.exe
O23 - Service: TheTerminator - TAC Satchwell. - C:\Programmer\VisiSat\Binary\VisiSat\TheTerminator.exe
O23 - Service: VMware Agent Service (ufad-ws60) - Unknown owner - C:\Programmer\VMware\VMware Workstation\vmware-ufad.exe" -d "C:\Programmer\VMware\VMware Workstation\\" -s ufad-p2v.xml (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Programmer\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Programmer\Fælles filer\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Programmer\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: VMware vCenter Converter Agent (vmware-converter-agent) - Unknown owner - C:\Programmer\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe" -s "C:\Documents and Settings\All Users\Application Data\VMware\VMware vCenter Converter Standalone\converter-agent.xml (file missing)
O23 - Service: VMware vCenter Converter Server (vmware-converter-server) - Unknown owner - C:\Programmer\VMware\VMware vCenter Converter Standalone\vmware-converter.exe" -s "C:\Documents and Settings\All Users\Application Data\VMware\VMware vCenter Converter Standalone\converter-server.xml (file missing)
O23 - Service: VSSGateway - TAC Satchwell. - C:\Programmer\VisiSat\Binary\VisiSat\VSSGateway.exe
O23 - Service: Wonderware Logger (WWLOGSVC) - Wonderware Corporation - C:\Programmer\MNView\Binary\VCommon\wwlogsvc.exe
O23 - Service: Wonderware NetDDE Helper (WWNetDDE) - Wonderware Corporation - C:\Programmer\MNView\Binary\VCommon\wwnetdde.exe
O23 - Service: WwRpcSvr - Wonderware Corporation - C:\WINDOWS\system32\wwinstsvc.exe
Avatar billede Computer Hjælp (Gratis) Mester
24. marts 2010 - 13:46 #1
Er det er firma PC ?

Oplever du problemer ?

Du har pokkers mange elementer i din opstart ?
Avatar billede benneharli Juniormester
24. marts 2010 - 14:08 #2
Yep, det er en firma PC, og ja det taget LAAANG tid at starte op, men sådan er det..

Det jeg oplever er at mine browsere har 2 processer i task manageren, og firefox vil slet ikke starte.

Jeg er meget overbevist om at det er noget smuds der er kommet ind, for det er kommet efter at "jeg er kommet til" at køre en fil.

Derudover bliver jeg hele tiden forwarded til en anden side når jeg klikker på et link efter at have søgt på google.
Avatar billede Computer Hjælp (Gratis) Mester
24. marts 2010 - 14:18 #3
Gennemfør denne 'pakke' ->

Hent og instalér CCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/manual-for-installation-og-brug-af-ccleaner/
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller *NEJ* til den.
http://vistaguide.dk/?Artikler/CCleaner-GuideTilOptimeringAfVista/763
Lad programmet foretage en oprydning...

--------

Hent Malwarebytes Anti-Malware herfra:
http://www.besttechie.net/tools/mbam-setup.exe
Eller herfra ->
http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html

Installer programmet - når det er gjort skal du lade programmet opdatere sig. Herefter åbner et vindue, hvor du skal flytte prikken til "Kør et fuldstændigt systemscan" - klik på Skan Knappen - lad programmet arbejde. Når det er færdig (det tager lidt tid afhængig af hvor meget du har på computeren).
Derefter - Tryk på "Vis resultater" knappen efter scanningen - og herefter tryk på "Fjern det valgte" - nu åbnes log'en og du skal gemme den et sted, hvor du kan finde den igen.
Kopier indholdet herind sammen med en frisk log fra HiJackThis...


PS: Brug denne version af HJT -> http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe
Avatar billede benneharli Juniormester
24. marts 2010 - 18:32 #4
Det ser ud til at jeg er oppe igen efter at køre Malwarebytes...

Takker.

Smid svar
Avatar billede Computer Hjælp (Gratis) Mester
24. marts 2010 - 18:58 #5
NOPE - jeg/vi skal se omtalte Logs fra MalwareBytes + HiJackThis !!!
Der ka' let være andre uønskede elementer tilbage...
Avatar billede johnstigers Seniormester
24. marts 2010 - 20:11 #6
Enig.
Avatar billede benneharli Juniormester
25. marts 2010 - 07:51 #7
Malwarebytes' Anti-Malware 1.43
Database version: 3458
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

25-03-2010 07:46:42
mbam-log-2010-03-25 (07-46-42).txt

Skan type: Fuldstændig skanning (C:\|N:\|P:\|)
Objekter skannet: 525492
Tid tilbagelagt: 1 hour(s), 34 minute(s), 47 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)
Avatar billede benneharli Juniormester
25. marts 2010 - 07:52 #8
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:48:57, on 25-03-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Logishrd\Bluetooth\LBTServ.exe
C:\Programmer\Symantec\Symantec Endpoint Protection\Smc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Abyss Web Server\abyssws.exe
C:\Programmer\Abyss Web Server\abyssws.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\crypserv.exe
C:\Programmer\VPN Client\cvpnd.exe
C:\Programmer\TAC\TAC Vista 5.1.3\DSSWriterService.exe
C:\Programmer\TAC\Fm32\FMServer\srvany.exe
C:\Programmer\MNView\Binary\VCommon\NTServApp.exe
C:\Programmer\TAC\Fm32\FMServer\FMServer.exe
C:\WINDOWS\system32\hasplms.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\LogMeIn\x86\RaMaint.exe
C:\LonWorks\bin\LnsMtsSvc.exe
C:\Programmer\LogMeIn\x86\LogMeIn.exe
C:\Programmer\LogMeIn\x86\LMIGuardian.exe
C:\Programmer\LOYTEC\NIC\Windows\Driver\SRV\srvany.exe
C:\Programmer\LOYTEC\NIC\Windows\LConfig\legacydrv.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmer\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Programmer\NTP\bin\ntpd.exe
C:\WINDOWS\system32\PLServ.exe
C:\Programmer\MNView\Binary\VCommon\slssvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\snmptrap.exe
C:\Programmer\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Programmer\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\WINDOWS\system32\vmnat.exe
C:\Programmer\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
C:\Programmer\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
C:\Programmer\MNView\Binary\VCommon\wwlogsvc.exe
C:\Programmer\Obermeier Software\SNMP-OPC Server\snmpopc.exe
C:\Programmer\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE
C:\Programmer\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Programmer\VMware\VMware Workstation\vmware-authd.exe
C:\Programmer\LOYTEC\NIC\Windows\LConfig\MniMaster.exe
C:\WINDOWS\System32\alg.exe
C:\Programmer\Citrix\ICA Client\ssonsvr.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\Programmer\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Programmer\Logitech\SetPoint\LBTWiz.exe
C:\Programmer\LogMeIn\x86\LMIGuardian.exe
C:\Programmer\Fælles filer\Java\Java Update\jusched.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmer\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Programmer\VMware\VMware Workstation\vmware-tray.exe
C:\Programmer\Windows Live\Messenger\msnmsgr.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\ATnotes\ATnotes.exe
C:\Programmer\Skype\Phone\Skype.exe
C:\Programmer\DAEMON Tools Lite\DTLite.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\Citrix\ICA Client\PNAMAIN.EXE
C:\Programmer\Fælles filer\Logishrd\KHAL2\KHALMNPR.EXE
C:\Programmer\Infotriever\Agent\infoclient.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\Windows Live\Contacts\wlcomm.exe
C:\Programmer\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmer\iTunes\iTunes.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\distnoted.exe
C:\Programmer\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Programmer\Malwarebytes' Anti-Malware\mbam.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\Documents and Settings\br\Skrivebord\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://delphi.tac.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://delphi.tac.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O1 - Hosts: 192.165.248.241 esxcol
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programmer\SnagIt 8\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programmer\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v3] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Programmer\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Fælles filer\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programmer\Fælles filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [vmware-tray] "C:\Programmer\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] :%systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ATnotes.exe] C:\Programmer\ATnotes\ATnotes.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programmer\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-21-1202660629-1637723038-1417001333-500\..\Run: [msnmsgr] "C:\Programmer\Windows Live\Messenger\msnmsgr.exe" /background (User 'Administrator')
O4 - HKUS\S-1-5-21-1202660629-1637723038-1417001333-500\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background (User 'Administrator')
O4 - HKUS\S-1-5-21-1202660629-1637723038-1417001333-500\..\Run: [DAEMON Tools Lite] "C:\Programmer\DAEMON Tools Lite\daemon.exe" -autorun (User 'Administrator')
O4 - Startup: Infotriever.lnk = C:\Programmer\Infotriever\Agent\infoclient.exe
O4 - Global Startup: Acelerador de inicio de AutoCAD LT.lnk = ?
O4 - Global Startup: Citrix XenApp.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: LOYTEC NIC Legacy Driver.lnk = C:\Programmer\LOYTEC\NIC\Windows\LConfig\legacydrv.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash - res://C:\Programmer\Flash Saving Plugin\FlashSButton.dll/210
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Programmer\Flash Saving Plugin\FlashSButton.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\programmer\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\programmer\vmware\vmware workstation\vsocklib.dll
O15 - Trusted Zone: http://*.danid.dk
O15 - Trusted IP range: http://192.9.2.1
O16 - DPF: {4F2A3649-7A9F-4950-9C31-409FAC6FC7C8} (IssueUtilCtrl Class) - https://danid.dk/csp/authenticode/csp.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258059542031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1258058607156
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} (Diagnostics ActiveX WebControl) - http://support.microsoft.com/mats/DiagWebControl.cab
O16 - DPF: {A8203263-E018-4106-BDBE-8BF6915E8190} (InforbitHelper Class) - https://download.infotriever.com/bin/ifhelper.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FAB9B41C-87D6-474D-AB7E-F07D78F2422E} (TeeChart Pro Activex control v7) - http://192.9.2.3/ion/Historical/teechart7.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = main.root.tac.com
O17 - HKLM\Software\..\Telephony: DomainName = main.root.tac.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = main.root.tac.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = main.root.tac.com
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = main.root.tac.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FLLESF~1\Skype\SKYPE4~1.DLL
O23 - Service: Abyss Web Server (AbyssWebServer) - Aprelium - C:\Programmer\Abyss Web Server\abyssws.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmer\Fælles filer\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programmer\VPN Client\cvpnd.exe
O23 - Service: TAC DSS Writer Service (DSSWriterService) - Unknown owner - C:\Programmer\TAC\TAC Vista 5.1.3\DSSWriterService.exe
O23 - Service: ESMI OPC DA Server (ESMIOPC) - ESMI Oy - C:\Programmer\ESMI\ESMIOPCServer\ESMIOPCServer.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FMServer - Unknown owner - C:\Programmer\TAC\Fm32\FMServer\srvany.exe
O23 - Service: FS Service Control - Wonderware Corporation - C:\Programmer\MNView\Binary\VCommon\NTServApp.exe
O23 - Service: Tjenesten Google Update (gupdate1ca2fa888cb8672) (gupdate1ca2fa888cb8672) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Remote Alarm Manager Engine (IRAMEngineService) - TAC - C:\Programmer\Satchwell\Binary\Remote Alarm Manager\IRAMEngine.exe
O23 - Service: Remote Alarm Manager Interface Host (IRAMInterfaceHostService) - TAC - C:\Programmer\Satchwell\Binary\Remote Alarm Manager\IRAMIHost.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programmer\Fælles filer\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Echelon xDriver Connection Broker (LdvxBroker) - Echelon Corporation - C:\LonWorks\bin\LdvxBroker.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Programmer\LogMeIn\x86\RaMaint.exe
O23 - Service: Echelon Support Service for Microsoft Terminal Services (MTS) (LnsMtsSvc) - Echelon Corporation - C:\LonWorks\bin\LnsMtsSvc.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Programmer\LogMeIn\x86\LogMeIn.exe
O23 - Service: LoytecSrv - Unknown owner - C:\Programmer\LOYTEC\NIC\Windows\Driver\SRV\srvany.exe
O23 - Service: Network Time Protocol Daemon (NTP) - Unknown owner - C:\Programmer\NTP\bin\ntpd.exe
O23 - Service: Privilege Win32 Server - Aladdin Knowledge Systems - C:\WINDOWS\system32\PLServ.exe
O23 - Service: Servers Alive (salive) - Woodstone bvba - C:\PROGRA~1\Salive\serversalive.exe
O23 - Service: Wonderware SuiteLink (slssvc) - Wonderware Corporation - C:\Programmer\MNView\Binary\VCommon\slssvc.exe
O23 - Service: Symantec Auto-upgrade Agent (Smcinst) - Unknown owner - C:\Programmer\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe (file missing)
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Programmer\Symantec\Symantec Endpoint Protection\Smc.exe
O23 - Service: SNMP-OPC Server 3.0 (SOSERVER) - Obermeier Software - C:\Programmer\Obermeier Software\SNMP-OPC Server\snmpopc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\StacSV.exe
O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Programmer\Symantec\Symantec Endpoint Protection\Rtvscan.exe
O23 - Service: TheTerminator - TAC Satchwell. - C:\Programmer\VisiSat\Binary\VisiSat\TheTerminator.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Programmer\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Programmer\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Programmer\Fælles filer\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Programmer\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: VMware vCenter Converter Agent (vmware-converter-agent) - VMware, Inc. - C:\Programmer\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
O23 - Service: VMware vCenter Converter Server (vmware-converter-server) - VMware, Inc. - C:\Programmer\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
O23 - Service: VSSGateway - TAC Satchwell. - C:\Programmer\VisiSat\Binary\VisiSat\VSSGateway.exe
O23 - Service: Wonderware Logger (WWLOGSVC) - Wonderware Corporation - C:\Programmer\MNView\Binary\VCommon\wwlogsvc.exe
O23 - Service: Wonderware NetDDE Helper (WWNetDDE) - Wonderware Corporation - C:\Programmer\MNView\Binary\VCommon\wwnetdde.exe
O23 - Service: WwRpcSvr - Wonderware Corporation - C:\WINDOWS\system32\wwinstsvc.exe

--
End of file - 18396 bytes
Avatar billede Computer Hjælp (Gratis) Mester
25. marts 2010 - 09:59 #9
Principielt skal du lige opdatere MalwareBytes
Din version:
Database version: 3458
Nuværende version:
Database version: 3910

---

Rent oprydnings mæssigt:

Afinstall
*  (Bonjour Service)

---

Kør en scanning med Hijackthis,
Du får herunder nogle filer, som du skal fixe. Det, du skal gøre, er at sætte et flueben ud for disse filer. Når du har gjort det, så lukker du alle andre vinduer ned. Det er meget vigtigt at det eneste vindue, som er åbent er HijackThis vinduet. Husk også at lukke dette vindue, når du har markeret filerne. Nu må du fixe. Klik på Fix checked.

Det er disse, som kan fixes:

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programmer\SnagIt 8\SnagItBHO.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programmer\SnagIt 8\SnagItIEAddin.dll

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programmer\Fælles filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [KernelFaultCheck] :%systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
(Eller bruger du aktivt messenger?)

Genstart normalt...

---

Oprydning med CCleaner

---

Defragmentering...

---
Avatar billede f-arn Guru
25. marts 2010 - 19:25 #10
@ benneharli
Hvis du kører Malwarebytes igen, skal du opdatere 2 gange. Ellers får du ikke både program, og database version på plads
Avatar billede benneharli Juniormester
26. marts 2010 - 12:45 #11
@karise_larry
dumprep kan jeg forstå, men resten bruger jeg faktisk :-$

@f-arn
tak for tippet. kan se at jeg ikke var helt opdateret. kører en ny skanning.
Avatar billede johnstigers Seniormester
26. marts 2010 - 21:25 #12
Disse kan godt slettes, da du ikke aktivt kan bruge dem:
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programmer\Fælles filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [KernelFaultCheck] :%systemroot%\system32\dumprep 0 -k

De sørger blot for at programmerne starter hurtigere de sjældne gange man bruger dem.
Avatar billede Computer Hjælp (Gratis) Mester
26. marts 2010 - 22:57 #13
Enig med <john_stigers> !!!

Eksempel - hvis du lader [Adobe Reader Speed Launcher] starte op med din opstart tager det ~5 sekunder længere opstartstid og happer ~50 Mb af din RAM - HELE TIDEN. Hvis du meeeeeeget gerne vil ha' det så la' den være ...
Fordelen skulle være at de meeeeeeeget få gange du bruger AcrobatReader, så vil den starte op ~2 sekunder hurtigere - Doooooh...

Samme med QuickTime + iTunes ...
Avatar billede benneharli Juniormester
29. marts 2010 - 08:34 #14
Ok. Smid et svar.
Avatar billede Computer Hjælp (Gratis) Mester
29. marts 2010 - 09:05 #15
Ping...
(Det var et [svar]...)
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Andet sikkerhed kategorien

Titel Indlæg Oprettet Seneste aktivitet
Password sikkerhed Af jhjorsal i Andet sikkerhed 2 13/07/202413:12 13/07/202422:46
Automatisering af certifikat proces - Danske virksomheder Af Søren i Andet sikkerhed 1 29/05/202414:23 30/05/202409:03
VPN i forhold til facebook? Af Novice-1 i Andet sikkerhed 2 26/05/202412:09 26/05/202420:54
Fjerne adgangskode Af Geo" søster i Andet sikkerhed 4 25/04/202418:19 26/04/202422:46
Krypetring af USB -stick Af FinBalance i Andet sikkerhed 16 04/03/202412:39 08/03/202415:52
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I går 21:49 En app vækker mig om morgenen og giver en vejrudsigt - hvordan stoppe det? Af Philip Kuhlmann i Apps til Android
I går 21:28 visning af heltal som resultat efter beregning Af Brian_Skovgaard i Excel
I går 14:48 Microsoft Business - kan ikke logge ind Af Lasse i Office & Kontorpakker
I går 05:32 Kan VPN hjælpe mig med at se Disney - Amazon betalt i Colombia, men bruge i DK? Af klavil i Andet software
31/0713:45 Udskrivningsproblemer Af Faxholm i PC
White papers
Flere white papers »


Premium
Teaser billede
Sårbarhed kan let give administratorrettigheder til alle: Udnyttes allerede af ransomware-grupper
Læs mere »
Datatilsynet fik hård kritik af Rigsrevisionen - men nu er der fremgang at spore, lyder det i nyt notat
Svimlende milliard-vækst i sigte: AI-platformes omsætning spås at vokse med 40 procent hvert af de næste fem år
Markant stigning i antallet af cyberangreb mod logistikfirmaer
Se alle »
Computerworld
Teaser billede
Med SearchGPT har verden fået en spritny søgemaskine: Kan den true Googles dominans?
Læs mere »
Første test: Denne helt nye wunder-CPU vil du have i din næste laptop
Test: Endelig kan man få en soundbar der lyder godt - og som ikke behøver nogen klodset subwoofer
Nørgaard: Jeg har jo sagt det gang på gang på gang! VMS er det bedste styresystem EVER! Men lytter folk?! Nej, nej og atter nej!
Se alle »
CIO
Teaser billede
Stor aftale gør Microsofts datacentre hurtigere - investerer i netværksudstyr
Læs mere »
Telenor skrotter ældre it-system: Nyt system er en hyldevare
Derfor står Danske Bank foran en kæmpe AWS-transformation: Ellers skulle vi bygge en ny infrastruktur for at følge med
Top-CIO Rasmus Lundgaard Pedersen balancerer hele tiden mellem to poler
Se alle »
Job & Karriere
Teaser billede
Efter 12 år er NNIT's hovedkvarter i Søborg nu ryddet og tomt - alle arbejder hjemme: "Det er med et vist vemod"
Læs mere »
KMD-direktør forlader selskabet: Det skal hun nu
Dansk top-profil trækker sig fra Microsoft: Skal være direktør i TDC Erhverv
IBM Danmark skifter ud i sin øverste ledelse - her er den nye direktion
Se alle »
White paper
Teaser billede
Nemmere overblik, styring og omkostningskontrol i dit multicloud-miljø
Læs mere »
Vejen væk fra WAN: Sådan skifter du til en moderne infrastruktur
Optimering af Source-to-Pay: Identificér oplagte gevinster og skær omkostninger
Sådan får du overblik og beskytter dine cloudapplikationer
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »