Avatar billede klaske_ko Nybegynder
11. juni 2010 - 15:50 Der er 18 kommentarer

Hjælp til HiJackThis log fil efter 6xvirus

Hey, jeg har fået min lille Acer Aspire One hjem, efter at have haft den lånt ud. Den er kommet tilbage super langsom og helt "ødelagt".

jeg har kørt AVG scan samt Ad-Aware, og nu vil jeg høre hvad jeg kan gøre mere, udover at poste en HJT logfil :)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:34:25, on 11-06-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmer\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmer\Fælles filer\InterVideo\RegMgr\iviRegMgr.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Programmer\Fælles filer\Java\Java Update\jusched.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Webroot\Washer\WasherSvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Programmer\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\DOCUME~1\ANNECH~1\LOKALE~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\SoftwareDistribution\Download\Install\NDP20SP2-KB979909-x86.exe
c:\72b947d7e5f2ba5ca8b14b\HotFixInstaller.exe
c:\WINDOWS\system32\MsiExec.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programmer\AVG\AVG9\avgchsvx.exe
C:\Programmer\AVG\AVG9\avgrsx.exe
C:\Programmer\AVG\AVG9\avgnsx.exe
C:\Programmer\AVG\AVG9\avgam.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\Programmer\AVG\AVG9\avgemc.exe
C:\Programmer\AVG\AVG9\avgfws9.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
c:\WINDOWS\system32\MsiExec.exe
C:\Programmer\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
C:\Programmer\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Programmer\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://da.intl.acer.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmer\AVG\AVG9\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmer\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programmer\AVG\AVG8\avgtoolbar.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (file missing)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmer\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmer\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programmer\AVG\AVG8\avgtoolbar.dll (file missing)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmer\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [M3000Mnt] Rundll32.exe M3000Rmv.dll ,WinMainRmv /StartStillMnt
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Fælles filer\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmer\Realtek\Audio\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O15 - Trusted Zone: *.danskebank.dk
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.portalbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/digitalsignatur-csp.exe
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Bonjour tjeneste (Bonjour Service) - Apple Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Programmer\Fælles filer\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Programmer\Webroot\Washer\WasherSvc.exe

--
End of file - 10116 bytes
Avatar billede f-arn Guru
11. juni 2010 - 16:09 #1
Hent "Malwarebytes' Anti-Malware" her: http://www.besttechie.net/tools/mbam-setup.exe

Eller her ->
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?tag=mncol;pop&cdlPid=10878968

Installer og start programmet, klik på fanen opdater, klik Tjek for opdatering, lav "Hurtig skan" under fanebladet "skanner"
Bagefter klik på "vis resultater", tryk på "Fjern det valgte" og send loggen herind sammen med en log fra DDS som du finder her: http://download.bleepingcomputer.com/sUBs/dds.scr

eller her: http://www.forospyware.com/sUBs/dds

Den laver to logs,(DDS.txt og Attach.txt) gem dem på skrivebordet og kopier indholdet af DDS.txt  herind.

OBS - DDS skal gemmes på computeren og ikke køres fra nettet

Mht.: Vista og Windows 7 - højreklik på filen - Kør som Administrator.

NB Når du opdaterer Malwarebytes, så klik på Tjek for opdatering til den skriver at der ikke er flere opdateringer.
Avatar billede klaske_ko Nybegynder
11. juni 2010 - 16:55 #2
Der er filen her


DDS.txt



DDS (Ver_10-03-17.01) - NTFSx86 
Run by Anne Christensen at 16:49:45,76 on 11-06-2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition  5.1.2600.3.1252.45.1030.18.1012.278 [GMT 2:00]

AV: AVG Internet Security *On-access scanning enabled* (Updated)  {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled*  {8decf618-9569-4340-b34a-d78d28969b66}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmer\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmer\Fælles filer\InterVideo\RegMgr\iviRegMgr.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Programmer\Fælles filer\Java\Java Update\jusched.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Programmer\Webroot\Washer\WasherSvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Programmer\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\DOCUME~1\ANNECH~1\LOKALE~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programmer\AVG\AVG9\avgchsvx.exe
C:\Programmer\AVG\AVG9\avgrsx.exe
C:\Programmer\AVG\AVG9\avgnsx.exe
C:\Programmer\AVG\AVG9\avgam.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\Programmer\AVG\AVG9\avgemc.exe
C:\Programmer\AVG\AVG9\avgfws9.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\Programmer\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Programmer\Trend Micro\HijackThis\HijackThis.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Programmer\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Anne Christensen\Dokumenter\Hentede filer\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://da.intl.acer.yahoo.com/
uInternet Settings,ProxyOverride = *.local
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmer\fælles filer\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\programmer\avg\avg9\avgssie.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\programmer\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Hjælp til tilmelding til Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programmer\fælles filer\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\programmer\avg\avg8\avgtoolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\programmer\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\programmer\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\programmer\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programmer\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\programmer\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programmer\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\programmer\google\google toolbar\GoogleToolbar_32.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\programmer\avg\avg8\avgtoolbar.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\programmer\windows live\toolbar\wltcore.dll
uRun: [MsnMsgr] "c:\programmer\windows live\messenger\MsnMsgr.Exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [LaunchApp] Alaunch
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [SynTPEnh] c:\programmer\synaptics\syntp\SynTPEnh.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [M3000Mnt] Rundll32.exe M3000Rmv.dll ,WinMainRmv /StartStillMnt
mRun: [eRecoveryService] c:\acer\empowering technology\erecovery\eRAgent.exe
mRun: [SunJavaUpdateSched] "c:\programmer\fælles filer\java\java update\jusched.exe"
mRun: [AzMixerSel] c:\programmer\realtek\audio\installshield\AzMixerSel.exe
mRun: [iTunesHelper] "c:\programmer\itunes\iTunesHelper.exe"
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRunOnce: [Malwarebytes' Anti-Malware] c:\programmer\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programmer\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\programmer\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
Trusted Zone: danskebank.dk
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.portalbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/digitalsignatur-csp.exe
DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\programmer\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\annech~1\applic~1\mozilla\firefox\profiles\twkcbswg.default\
FF - component: c:\programmer\avg\avg9\firefox\components\avgssff.dll
FF - plugin: c:\programmer\microsoft\office live\npOLW.dll
FF - plugin: c:\programmer\windows live\photo gallery\NPWLPG.dll

---- FIREFOX POLICIES ----
c:\programmer\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmer\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmer\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmer\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmer\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",  1600);
c:\programmer\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmer\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmer\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight",      2);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize",      1);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",  25);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",    5);
c:\programmer\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\programmer\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmer\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmer\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmer\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [2010-6-10 25096]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2010-6-10 52872]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-10-24 64288]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-6-10 216200]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-6-10 29584]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-6-10 242896]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-11-6 54752]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2010-6-10 30104]
R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\programmer\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSDriver.sys [2010-6-10 122376]
R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\programmer\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSFilter.sys [2010-6-10 30216]
R3 AVGIDSShimxpx;AVG9IDSShim;c:\programmer\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSShim.sys [2010-6-10 26120]
R3 M3000Srv;Acer Crystal Eye webcam Driver;c:\windows\system32\drivers\M3000KNT.sys [2008-5-5 254976]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-6-11 38224]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2010-6-10 30104]

=============== Created Last 30 ================

2010-06-11 14:40:52    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-11 14:40:45    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-06-11 14:40:45    0    d-----w-    c:\programmer\Malwarebytes' Anti-Malware
2010-06-11 13:19:04    0    d-----w-    c:\docume~1\annech~1\applic~1\AVG9
2010-06-10 12:59:06    0    d--h--w-    C:\$AVG
2010-06-10 12:25:36    12464    ----a-w-    c:\windows\system32\avgrsstx.dll
2010-06-10 12:25:34    25096    ----a-w-    c:\windows\system32\drivers\AVGIDSxx.sys
2010-06-10 12:25:33    52872    ----a-w-    c:\windows\system32\drivers\avgrkx86.sys
2010-06-10 12:25:31    242896    ----a-w-    c:\windows\system32\drivers\avgtdix.sys
2010-06-10 12:25:09    216200    ----a-w-    c:\windows\system32\drivers\avgldx86.sys
2010-06-10 12:24:09    0    d-----w-    c:\windows\system32\drivers\Avg
2010-06-10 12:22:44    50968    ----a-w-    c:\windows\system32\avgfwdx.dll
2010-06-10 12:22:44    30104    ----a-w-    c:\windows\system32\drivers\avgfwdx.sys
2010-06-10 12:22:38    0    d-----w-    c:\programmer\AVG
2010-06-10 12:22:30    0    d-----w-    c:\docume~1\alluse~1\applic~1\avg9
2010-06-09 12:04:20    0    d-----w-    c:\programmer\Trend Micro
2010-06-09 11:54:50    0    d-----w-    C:\87403ba1b69ca69db7b9ac8c778d4376
2010-06-09 11:06:46    0    d-----w-    C:\c1c9594bfb432c5e51af
2010-06-08 18:56:54    743424    -c----w-    c:\windows\system32\dllcache\iedvtool.dll
2010-05-15 12:23:42    0    d-----w-    c:\programmer\iPod
2010-05-15 12:21:11    0    d-----w-    c:\programmer\iTunes
2010-05-15 12:04:06    0    d-----w-    c:\programmer\Bonjour
2010-05-13 17:34:52    0    d-----w-    c:\docume~1\annech~1\applic~1\MozillaControl
2010-05-13 16:45:43    0    d-----w-    c:\programmer\Mozilla ActiveX Control v1.7.12
2010-05-13 16:38:52    0    d-----w-    c:\programmer\Graboid

==================== Find3M  ====================

2010-06-11 13:46:54    83762    ----a-w-    c:\windows\system32\perfc006.dat
2010-06-11 13:46:54    458234    ----a-w-    c:\windows\system32\perfh006.dat
2010-05-06 10:34:44    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-05-02 08:09:40    1851264    ----a-w-    c:\windows\system32\win32k.sys
2010-04-20 05:31:39    285696    ----a-w-    c:\windows\system32\atmfd.dll
2010-04-12 15:29:19    411368    ----a-w-    c:\windows\system32\deployJava1.dll
2010-04-08 11:20:02    91424    ----a-w-    c:\windows\system32\dnssd.dll
2010-04-08 11:20:02    107808    ----a-w-    c:\windows\system32\dns-sd.exe
2009-07-22 15:05:36    245760    --sha-w-    c:\windows\system32\config\systemprofile\ietldcache\index.dat
2008-08-21 23:29:28    32768    --sha-w-    c:\windows\system32\config\systemprofile\lokale indstillinger\application data\microsoft\feeds cache\index.dat
2008-09-23 16:24:45    32768    --sha-w-    c:\windows\system32\config\systemprofile\lokale indstillinger\oversigt\history.ie5\mshist012008092320080924\index.dat

============= FINISH: 16:53:13,12 ===============
Avatar billede klaske_ko Nybegynder
11. juni 2010 - 17:20 #3
Og loggen fra Malwarebytes:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4189

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11-06-2010 17:19:53
mbam-log-2010-06-11 (17-19-53).txt

Skanningstype: Hurtig skanning
Objekter skannet: 120429
Tid gået: 31 minut(ter), 25 sekund(er)

Hukommelses Processorer Inficeret: 0
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 4
Registreringsdatabaseværdier Inficeret: 0
Registreringsdatabasedata Objekter Inficeret: 0
Inficerede Mapper: 1
Inficerede Filer: 2

Hukommelses Processorer Inficeret:
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{258c9770-1713-4021-8d7e-1f184a2bd754} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bdea95cf-f0e6-41e0-bd3d-b00f39a4e939} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servises (Malware.Trace) -> Quarantined and deleted successfully.

Registreringsdatabaseværdier Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasedata Objekter Inficeret:
(Ingen skadelige objekter blev fundet)

Inficerede Mapper:
C:\Programmer\Fælles filer\CSUninstall (Rogue.CyberSecurity) -> Quarantined and deleted successfully.

Inficerede Filer:
C:\Programmer\Fælles filer\CSUninstall\Uninstall.lnk (Rogue.CyberSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\Anne Christensen\Application Data\Microsoft\Internet Explorer\Quick Launch\CS.lnk (Rogue.CyberSecurity) -> Quarantined and deleted successfully.
Avatar billede johnstigers Seniormester
11. juni 2010 - 19:01 #4
Når den er renset, så lav en fiktiv regning for denne rens, til vedkommende der lånte den :)
Avatar billede f-arn Guru
11. juni 2010 - 19:05 #5
Vil du godt lave en ny DDS.txt; send den herind.
Jeg vil gerne se en log der er lavet efter Malwarebytes er kørt. Hvad der kørte på maskinen før, er jeg ret ligeglad med.
Avatar billede klaske_ko Nybegynder
11. juni 2010 - 19:32 #6
årh, undskyld! Vidste ikke at det gjorde nogen forskel. Den kommer her :


DDS (Ver_10-03-17.01) - NTFSx86 
Run by Anne Christensen at 19:28:08,43 on 11-06-2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition  5.1.2600.3.1252.45.1030.18.1012.433 [GMT 2:00]

AV: AVG Internet Security *On-access scanning enabled* (Updated)  {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled*  {8decf618-9569-4340-b34a-d78d28969b66}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\Programmer\AVG\AVG9\avgchsvx.exe
C:\Programmer\AVG\AVG9\avgrsx.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
svchost.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmer\AVG\AVG9\avgwdsvc.exe
C:\Programmer\AVG\AVG9\avgfws9.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\Programmer\Fælles filer\InterVideo\RegMgr\iviRegMgr.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\AVG\AVG9\avgam.exe
C:\Programmer\AVG\AVG9\avgnsx.exe
C:\Programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Programmer\Webroot\Washer\WasherSvc.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programmer\AVG\AVG9\avgemc.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\DOCUME~1\ANNECH~1\LOKALE~1\Temp\RtkBtMnt.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Anne Christensen\Dokumenter\Hentede filer\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://da.intl.acer.yahoo.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmer\fælles filer\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\programmer\avg\avg9\avgssie.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\programmer\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Hjælp til tilmelding til Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programmer\fælles filer\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\programmer\avg\avg8\avgtoolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\programmer\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\programmer\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\programmer\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programmer\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\programmer\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programmer\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\programmer\google\google toolbar\GoogleToolbar_32.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\programmer\avg\avg8\avgtoolbar.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\programmer\windows live\toolbar\wltcore.dll
uRun: [MsnMsgr] "c:\programmer\windows live\messenger\MsnMsgr.Exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRunOnce: [Index Washer] c:\programmer\webroot\washer\WashIdx.exe "Anne Christensen"
mRun: [LaunchApp] Alaunch
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [SynTPEnh] c:\programmer\synaptics\syntp\SynTPEnh.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [M3000Mnt] Rundll32.exe M3000Rmv.dll ,WinMainRmv /StartStillMnt
mRun: [AzMixerSel] c:\programmer\realtek\audio\installshield\AzMixerSel.exe
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
Trusted Zone: danskebank.dk
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.portalbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/digitalsignatur-csp.exe
DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\programmer\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\annech~1\applic~1\mozilla\firefox\profiles\twkcbswg.default\
FF - component: c:\programmer\avg\avg9\firefox\components\avgssff.dll
FF - plugin: c:\programmer\microsoft\office live\npOLW.dll
FF - plugin: c:\programmer\windows live\photo gallery\NPWLPG.dll

---- FIREFOX POLICIES ----
c:\programmer\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmer\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmer\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmer\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmer\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",  1600);
c:\programmer\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmer\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmer\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight",      2);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize",      1);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",  25);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",    5);
c:\programmer\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\programmer\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmer\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmer\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmer\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [2010-6-10 25096]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2010-6-10 52872]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-10-24 64288]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-6-10 216200]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-6-10 29584]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-6-10 242896]
R2 avg9emc;AVG E-mail Scanner;c:\programmer\avg\avg9\avgemc.exe [2010-6-10 916760]
R2 avg9wd;AVG WatchDog;c:\programmer\avg\avg9\avgwdsvc.exe [2010-6-10 308064]
R2 avgfws9;AVG Firewall;c:\programmer\avg\avg9\avgfws9.exe [2010-6-11 2331544]
R2 AVGIDSAgent;AVG9IDSAgent;c:\programmer\avg\avg9\identity protection\agent\bin\AVGIDSAgent.exe [2010-6-10 5888008]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-11-6 54752]
R2 wwEngineSvc;Window Washer Engine;c:\programmer\webroot\washer\WasherSvc.exe [2009-10-16 598856]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2010-6-10 30104]
R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\programmer\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSDriver.sys [2010-6-10 122376]
R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\programmer\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSFilter.sys [2010-6-10 30216]
R3 AVGIDSShimxpx;AVG9IDSShim;c:\programmer\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSShim.sys [2010-6-10 26120]
R3 M3000Srv;Acer Crystal Eye webcam Driver;c:\windows\system32\drivers\M3000KNT.sys [2008-5-5 254976]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2010-6-10 30104]
S3 fsssvc;Windows Live-tjenesten Family Safety;c:\programmer\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programmer\lavasoft\ad-aware\AAWService.exe [2009-9-24 1181328]

=============== Created Last 30 ================

2010-06-11 14:40:52    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-11 14:40:45    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-06-11 14:40:45    0    d-----w-    c:\programmer\Malwarebytes' Anti-Malware
2010-06-11 13:19:04    0    d-----w-    c:\docume~1\annech~1\applic~1\AVG9
2010-06-10 12:59:06    0    d--h--w-    C:\$AVG
2010-06-10 12:25:36    12464    ----a-w-    c:\windows\system32\avgrsstx.dll
2010-06-10 12:25:34    25096    ----a-w-    c:\windows\system32\drivers\AVGIDSxx.sys
2010-06-10 12:25:33    52872    ----a-w-    c:\windows\system32\drivers\avgrkx86.sys
2010-06-10 12:25:31    242896    ----a-w-    c:\windows\system32\drivers\avgtdix.sys
2010-06-10 12:25:09    216200    ----a-w-    c:\windows\system32\drivers\avgldx86.sys
2010-06-10 12:24:09    0    d-----w-    c:\windows\system32\drivers\Avg
2010-06-10 12:22:44    50968    ----a-w-    c:\windows\system32\avgfwdx.dll
2010-06-10 12:22:44    30104    ----a-w-    c:\windows\system32\drivers\avgfwdx.sys
2010-06-10 12:22:38    0    d-----w-    c:\programmer\AVG
2010-06-10 12:22:30    0    d-----w-    c:\docume~1\alluse~1\applic~1\avg9
2010-06-09 12:04:20    0    d-----w-    c:\programmer\Trend Micro
2010-06-09 11:54:50    0    d-----w-    C:\87403ba1b69ca69db7b9ac8c778d4376
2010-06-09 11:06:46    0    d-----w-    C:\c1c9594bfb432c5e51af
2010-06-08 18:56:54    743424    -c----w-    c:\windows\system32\dllcache\iedvtool.dll
2010-05-15 12:23:42    0    d-----w-    c:\programmer\iPod
2010-05-15 12:21:11    0    d-----w-    c:\programmer\iTunes
2010-05-15 12:04:06    0    d-----w-    c:\programmer\Bonjour
2010-05-13 17:34:52    0    d-----w-    c:\docume~1\annech~1\applic~1\MozillaControl
2010-05-13 16:45:43    0    d-----w-    c:\programmer\Mozilla ActiveX Control v1.7.12
2010-05-13 16:38:52    0    d-----w-    c:\programmer\Graboid

==================== Find3M  ====================

2010-06-11 13:46:54    83762    ----a-w-    c:\windows\system32\perfc006.dat
2010-06-11 13:46:54    458234    ----a-w-    c:\windows\system32\perfh006.dat
2010-05-06 10:34:44    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-05-02 08:09:40    1851264    ----a-w-    c:\windows\system32\win32k.sys
2010-04-20 05:31:39    285696    ----a-w-    c:\windows\system32\atmfd.dll
2010-04-12 15:29:19    411368    ----a-w-    c:\windows\system32\deployJava1.dll
2010-04-08 11:20:02    91424    ----a-w-    c:\windows\system32\dnssd.dll
2010-04-08 11:20:02    107808    ----a-w-    c:\windows\system32\dns-sd.exe
2009-07-22 15:05:36    245760    --sha-w-    c:\windows\system32\config\systemprofile\ietldcache\index.dat
2008-08-21 23:29:28    32768    --sha-w-    c:\windows\system32\config\systemprofile\lokale indstillinger\application data\microsoft\feeds cache\index.dat
2008-09-23 16:24:45    32768    --sha-w-    c:\windows\system32\config\systemprofile\lokale indstillinger\oversigt\history.ie5\mshist012008092320080924\index.dat

============= FINISH: 19:30:01,43 ===============
Avatar billede f-arn Guru
12. juni 2010 - 11:41 #7
Hvis det var min PC, fjernede jeg Ad-Avare. Du skal ikke bruge den, når du har AVG Internet Security.

------

Start hijackthis, klik på "do  a system scan only" og sæt flueben ved følgende.

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programmer\AVG\AVG8\avgtoolbar.dll (file missing)
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE


Luk så alle andre vinduer og klik "fix checked"


Genstart og fortæl så hvordan computeren kører?
Avatar billede klaske_ko Nybegynder
12. juni 2010 - 15:51 #8
Jeg har slettet ad aware, og de to du nævner. Efter genstart tager den kun 7 minutter om at starte op. Dog har jeg lidt netværksproblemer, da min telefon godt kan gå på wifi. Men måske er det bare noget jeg har overset. Skal jeg poste en ny HJT-log?
Avatar billede f-arn Guru
12. juni 2010 - 16:00 #9
Send lige Attach.txt herind. Det er den fra DDS jeg ikke ville ha' før.
Avatar billede klaske_ko Nybegynder
12. juni 2010 - 18:35 #10
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 23-09-2008 18:28:23
System Uptime: 06-12-2010 15:23:44 (-4247 hours ago)

Motherboard: Acer |  |           
Processor:          Intel(R) Atom(TM) CPU N270  @ 1.60GHz | CPU | 1596/533mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 107 GiB total, 79,102 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP248: 14-03-2010 03:28:00 - Systemkontrolpunkt
RP249: 18-03-2010 19:41:21 - Systemkontrolpunkt
RP250: 23-03-2010 17:09:20 - Software Distribution Service 3.0
RP251: 25-03-2010 14:58:49 - Systemkontrolpunkt
RP252: 27-03-2010 14:49:18 - Systemkontrolpunkt
RP253: 28-03-2010 16:44:16 - Systemkontrolpunkt
RP254: 29-03-2010 22:14:24 - Systemkontrolpunkt
RP255: 30-03-2010 22:50:08 - Software Distribution Service 3.0
RP256: 01-04-2010 14:45:44 - Systemkontrolpunkt
RP257: 02-04-2010 17:05:22 - Systemkontrolpunkt
RP258: 11-04-2010 00:00:48 - Systemkontrolpunkt
RP259: 13-04-2010 14:16:09 - Systemkontrolpunkt
RP260: 13-04-2010 23:26:02 - Software Distribution Service 3.0
RP261: 15-04-2010 23:21:51 - Systemkontrolpunkt
RP262: 19-04-2010 19:28:49 - Systemkontrolpunkt
RP263: 20-04-2010 14:02:31 - Installed Java(TM) 6 Update 20
RP264: 22-04-2010 23:23:07 - Systemkontrolpunkt
RP265: 25-04-2010 21:46:52 - Systemkontrolpunkt
RP266: 26-04-2010 23:46:09 - Systemkontrolpunkt
RP267: 01-05-2010 01:04:10 - Systemkontrolpunkt
RP268: 02-05-2010 01:34:16 - Systemkontrolpunkt
RP269: 03-05-2010 04:47:38 - Systemkontrolpunkt
RP270: 05-05-2010 15:11:09 - Systemkontrolpunkt
RP271: 11-05-2010 18:38:17 - Systemkontrolpunkt
RP272: 12-05-2010 18:54:20 - Systemkontrolpunkt
RP273: 12-05-2010 21:24:00 - Software Distribution Service 3.0
RP274: 14-05-2010 16:34:00 - Systemkontrolpunkt
RP275: 16-05-2010 18:12:32 - Systemkontrolpunkt
RP276: 20-05-2010 13:27:16 - Systemkontrolpunkt
RP277: 23-05-2010 11:16:34 - Systemkontrolpunkt
RP278: 25-05-2010 08:55:24 - Software Distribution Service 3.0
RP279: 27-05-2010 07:34:23 - Systemkontrolpunkt
RP280: 29-05-2010 07:40:03 - Systemkontrolpunkt
RP281: 31-05-2010 03:17:06 - Systemkontrolpunkt
RP282: 05-06-2010 17:31:19 - Software Distribution Service 3.0
RP283: 09-06-2010 12:59:28 - Software Distribution Service 3.0
RP284: 09-06-2010 13:35:47 - Software Distribution Service 3.0
RP285: 10-06-2010 04:55:26 - Software Distribution Service 3.0
RP286: 10-06-2010 14:22:29 - Installed AVG 9.0
RP287: 11-06-2010 03:01:34 - Software Distribution Service 3.0
RP288: 11-06-2010 09:28:43 - Avg Update
RP289: 11-06-2010 15:16:47 - Software Distribution Service 3.0

==== Installed Programs ======================


Acer Crystal Eye Webcam 1.0.1.3
Acer ScreenSaver
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.2
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros for Acer Driver v7.6.0.224_Foxconn Installation Program
AVG 9.0
Bonjour
Google Toolbar for Internet Explorer
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
Hotfix til Windows XP (KB952287)
Hotfix til Windows XP (KB961118)
Hotfix til Windows XP (KB970653-v3)
Hotfix til Windows XP (KB976098-v2)
Hotfix til Windows XP (KB979306)
Hotfix til Windows XP (KB981793)
Intel(R) Graphics Media Accelerator Driver
InterVideo Register Manager
InterVideo WinDVD
iTunes
Java Auto Updater
Java(TM) 6 Update 20
JMicron JMB38X Flash Media Controller
Junk Mail filter update
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Danish Language Pack
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (Danish) 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (Danish) 2007
Microsoft Office PowerPoint MUI (Danish) 2007
Microsoft Office Proof (Danish) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proofing (Danish) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (Danish) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (Danish) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Software Update for Web Folders  (Danish) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Mozilla Firefox (3.6.3)
MSVCRT
OGA Notifier 1.7.0105.35.0
Opdatering til Windows Internet Explorer 8 (KB976662)
Opdatering til Windows Internet Explorer 8 (KB976749)
Opdatering til Windows Internet Explorer 8 (KB980182)
Opdatering til Windows XP (KB898461)
Opdatering til Windows XP (KB942763)
Opdatering til Windows XP (KB951072-v2)
Opdatering til Windows XP (KB951978)
Opdatering til Windows XP (KB955759)
Opdatering til Windows XP (KB955839)
Opdatering til Windows XP (KB961503)
Opdatering til Windows XP (KB967715)
Opdatering til Windows XP (KB968389)
Opdatering til Windows XP (KB971737)
Opdatering til Windows XP (KB973687)
Opdatering til Windows XP (KB973815)
OpenOffice.org 3.0
Overførselsværktøj til Windows Live
QuickTime
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Segoe UI
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB938127-v2)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB953838)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB956390)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB958215)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB960714)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB961260)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB963027)
Sikkerhedsopdatering til Windows Internet Explorer 7 (KB969897)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB969897)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB971961)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB972260)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB974455)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB976325)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB978207)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB981332)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB982381)
Sikkerhedsopdatering til Windows Media Player (KB952069)
Sikkerhedsopdatering til Windows Media Player (KB954155)
Sikkerhedsopdatering til Windows Media Player (KB968816)
Sikkerhedsopdatering til Windows Media Player (KB973540)
Sikkerhedsopdatering til Windows Media Player (KB978695)
Sikkerhedsopdatering til Windows Media Player (KB979402)
Sikkerhedsopdatering til Windows XP (KB923561)
Sikkerhedsopdatering til Windows XP (KB923689)
Sikkerhedsopdatering til Windows XP (KB938464)
Sikkerhedsopdatering til Windows XP (KB941569)
Sikkerhedsopdatering til Windows XP (KB946648)
Sikkerhedsopdatering til Windows XP (KB950760)
Sikkerhedsopdatering til Windows XP (KB950762)
Sikkerhedsopdatering til Windows XP (KB950974)
Sikkerhedsopdatering til Windows XP (KB951066)
Sikkerhedsopdatering til Windows XP (KB951376-v2)
Sikkerhedsopdatering til Windows XP (KB951698)
Sikkerhedsopdatering til Windows XP (KB951748)
Sikkerhedsopdatering til Windows XP (KB952004)
Sikkerhedsopdatering til Windows XP (KB952954)
Sikkerhedsopdatering til Windows XP (KB953839)
Sikkerhedsopdatering til Windows XP (KB954211)
Sikkerhedsopdatering til Windows XP (KB954459)
Sikkerhedsopdatering til Windows XP (KB954600)
Sikkerhedsopdatering til Windows XP (KB955069)
Sikkerhedsopdatering til Windows XP (KB956391)
Sikkerhedsopdatering til Windows XP (KB956572)
Sikkerhedsopdatering til Windows XP (KB956744)
Sikkerhedsopdatering til Windows XP (KB956802)
Sikkerhedsopdatering til Windows XP (KB956803)
Sikkerhedsopdatering til Windows XP (KB956841)
Sikkerhedsopdatering til Windows XP (KB956844)
Sikkerhedsopdatering til Windows XP (KB957095)
Sikkerhedsopdatering til Windows XP (KB957097)
Sikkerhedsopdatering til Windows XP (KB958644)
Sikkerhedsopdatering til Windows XP (KB958687)
Sikkerhedsopdatering til Windows XP (KB958690)
Sikkerhedsopdatering til Windows XP (KB958869)
Sikkerhedsopdatering til Windows XP (KB959426)
Sikkerhedsopdatering til Windows XP (KB960225)
Sikkerhedsopdatering til Windows XP (KB960715)
Sikkerhedsopdatering til Windows XP (KB960803)
Sikkerhedsopdatering til Windows XP (KB960859)
Sikkerhedsopdatering til Windows XP (KB961371)
Sikkerhedsopdatering til Windows XP (KB961373)
Sikkerhedsopdatering til Windows XP (KB961501)
Sikkerhedsopdatering til Windows XP (KB968537)
Sikkerhedsopdatering til Windows XP (KB969059)
Sikkerhedsopdatering til Windows XP (KB969898)
Sikkerhedsopdatering til Windows XP (KB969947)
Sikkerhedsopdatering til Windows XP (KB970238)
Sikkerhedsopdatering til Windows XP (KB970430)
Sikkerhedsopdatering til Windows XP (KB971468)
Sikkerhedsopdatering til Windows XP (KB971486)
Sikkerhedsopdatering til Windows XP (KB971557)
Sikkerhedsopdatering til Windows XP (KB971633)
Sikkerhedsopdatering til Windows XP (KB971657)
Sikkerhedsopdatering til Windows XP (KB972270)
Sikkerhedsopdatering til Windows XP (KB973346)
Sikkerhedsopdatering til Windows XP (KB973354)
Sikkerhedsopdatering til Windows XP (KB973507)
Sikkerhedsopdatering til Windows XP (KB973525)
Sikkerhedsopdatering til Windows XP (KB973869)
Sikkerhedsopdatering til Windows XP (KB973904)
Sikkerhedsopdatering til Windows XP (KB974112)
Sikkerhedsopdatering til Windows XP (KB974318)
Sikkerhedsopdatering til Windows XP (KB974392)
Sikkerhedsopdatering til Windows XP (KB974571)
Sikkerhedsopdatering til Windows XP (KB975025)
Sikkerhedsopdatering til Windows XP (KB975467)
Sikkerhedsopdatering til Windows XP (KB975560)
Sikkerhedsopdatering til Windows XP (KB975561)
Sikkerhedsopdatering til Windows XP (KB975562)
Sikkerhedsopdatering til Windows XP (KB975713)
Sikkerhedsopdatering til Windows XP (KB977165-v2)
Sikkerhedsopdatering til Windows XP (KB977816)
Sikkerhedsopdatering til Windows XP (KB977914)
Sikkerhedsopdatering til Windows XP (KB978037)
Sikkerhedsopdatering til Windows XP (KB978251)
Sikkerhedsopdatering til Windows XP (KB978262)
Sikkerhedsopdatering til Windows XP (KB978338)
Sikkerhedsopdatering til Windows XP (KB978542)
Sikkerhedsopdatering til Windows XP (KB978601)
Sikkerhedsopdatering til Windows XP (KB978706)
Sikkerhedsopdatering til Windows XP (KB979309)
Sikkerhedsopdatering til Windows XP (KB979482)
Sikkerhedsopdatering til Windows XP (KB979559)
Sikkerhedsopdatering til Windows XP (KB979683)
Sikkerhedsopdatering til Windows XP (KB980195)
Sikkerhedsopdatering til Windows XP (KB980218)
Sikkerhedsopdatering til Windows XP (KB980232)
Synaptics Pointing Device Driver
TDC Digital Signatur CSP
Tilmeldingsassistent til Windows Live
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.0.1
WebFldrs XP
Winamp
Window Washer
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Writer
Windows Media Format Runtime
WinRAR arkivering
Xvid 1.2.1 final uninstall

==== End Of File ===========================
Avatar billede f-arn Guru
12. juni 2010 - 20:31 #11
Hent og installér CCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm
Under installationen får du tilbudt [Yahoo Toolbar]. Den bør du sige nej til.
Lad programmet foretage en oprydning. (Både Renser og Register)

http://vistaguide.dk/?Artikler/CCleaner-GuideTilOptimeringAfVista/763

Under Værktøjer -> opstart finder du:

AzMixerSe
MsnMsg
Med mindre du bruger Messenger

Deaktiver dem.

------

Klik Start -> kør og kopier dette ind: services.msc
Klik oK

Find disse:

Apple Mobile Device
Bonjour
gusvc
iPod Service
JavaQuickStarterService


Dobbelt klik på hver af dem og vælg starttype: Manuel

------

Hvornår har du sidst Defragmenteret PCen?

Hvor meget RAM er der i PCen?
Avatar billede klaske_ko Nybegynder
12. juni 2010 - 20:54 #12
Hvis jeg kører en analyse før defrag siger den at det ikke er nødvendigt at lave en defragmentering, bør jeg gøre det alligevel?
Jeg mener den har 512 mb ram.

Jeg kunne ikke finde : "gusvc" den var ikke derinde da jeg søgte efter den, men de andre var. Jeg bruger stadig messenger fra tid til anden, men hvis jeg deaktiverer den, betyder det så ikke bare jeg skal ind og starte den op selv? For hvis det kan gøre en forskel, så er det det værd :)
Avatar billede klaske_ko Nybegynder
12. juni 2010 - 21:04 #13
Lige en ændring, der er 1 GB ram i . Det er en Acer Apire One
Avatar billede f-arn Guru
12. juni 2010 - 21:26 #14
gusvc kommer herfra:

Google Software Updater (gusvc) - Google

Så du skal kigge efter noget Google.

Lad messenger være.

Brugte du CCleaner til en oprydning?

Har du genstartet?
Avatar billede klaske_ko Nybegynder
13. juni 2010 - 05:51 #15
Jeg har fået det fjernet nu. Jeg har smidt messenger væk alligevel. Det er ikke super vigtigt. Og ja, jeg har brugt CCleaner og genstartet samt defragmenteret. Den sagde dog at den ikke kunne gøre det på hele disken.

Har kørt alle skan igen og gemt dem. Skal jeg uploade dem et sted som zip, for det kommer til at fylde ret meget. Den tager stadig 5 minutter om at starte op fra jeg trykker tænd. hvor af halvdelen af tiden, stort set, er før "Velkommen" skærmen, og det andet er bare for at "gøre klar".
Avatar billede f-arn Guru
13. juni 2010 - 09:27 #16
Acer Crystal Eye webcam; bruger du det?

Send HijachThis og DDS.txt herind i hvert sit indlæg.
Avatar billede klaske_ko Nybegynder
14. juni 2010 - 14:34 #17
Hey, undskyld jeg først skriver nu, men mit net har været ret dårligt. Jeg bruger indimellem webcam til kontakt med med nogle fra australien. :)

DDS.txt :


DDS (Ver_10-03-17.01) - NTFSx86 
Run by Anne Christensen at 14:10:03,70 on 14-06-2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition  5.1.2600.3.1252.45.1030.18.1012.501 [GMT 2:00]

AV: AVG Internet Security *On-access scanning enabled* (Updated)  {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled*  {8decf618-9569-4340-b34a-d78d28969b66}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\Programmer\AVG\AVG9\avgchsvx.exe
C:\Programmer\AVG\AVG9\avgrsx.exe
svchost.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
svchost.exe
C:\Programmer\AVG\AVG9\avgwdsvc.exe
C:\Programmer\AVG\AVG9\avgfws9.exe
C:\Programmer\Fælles filer\InterVideo\RegMgr\iviRegMgr.exe
C:\Programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Programmer\AVG\AVG9\avgam.exe
C:\Programmer\AVG\AVG9\avgnsx.exe
C:\Programmer\Webroot\Washer\WasherSvc.exe
C:\Programmer\AVG\AVG9\avgemc.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\DOCUME~1\ANNECH~1\LOKALE~1\Temp\RtkBtMnt.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Programmer\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Anne Christensen\Dokumenter\Hentede filer\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://da.intl.acer.yahoo.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmer\fælles filer\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\programmer\avg\avg9\avgssie.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\programmer\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Hjælp til tilmelding til Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programmer\fælles filer\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programmer\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\programmer\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programmer\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\programmer\windows live\toolbar\wltcore.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [LaunchApp] Alaunch
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SynTPEnh] c:\programmer\synaptics\syntp\SynTPEnh.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [M3000Mnt] Rundll32.exe M3000Rmv.dll ,WinMainRmv /StartStillMnt
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
Trusted Zone: danskebank.dk
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.portalbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/digitalsignatur-csp.exe
DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\programmer\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\annech~1\applic~1\mozilla\firefox\profiles\twkcbswg.default\
FF - component: c:\programmer\avg\avg9\firefox\components\avgssff.dll
FF - plugin: c:\programmer\microsoft\office live\npOLW.dll
FF - plugin: c:\programmer\windows live\photo gallery\NPWLPG.dll

---- FIREFOX POLICIES ----
c:\programmer\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmer\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programmer\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programmer\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programmer\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",  1600);
c:\programmer\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmer\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmer\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight",      2);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize",      1);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",  25);
c:\programmer\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",    5);
c:\programmer\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\programmer\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\programmer\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programmer\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\programmer\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programmer\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programmer\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [2010-6-10 25096]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2010-6-10 52872]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-6-10 216200]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-6-10 29584]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-6-10 242896]
R2 avg9emc;AVG E-mail Scanner;c:\programmer\avg\avg9\avgemc.exe [2010-6-10 916760]
R2 avg9wd;AVG WatchDog;c:\programmer\avg\avg9\avgwdsvc.exe [2010-6-10 308064]
R2 avgfws9;AVG Firewall;c:\programmer\avg\avg9\avgfws9.exe [2010-6-11 2331544]
R2 AVGIDSAgent;AVG9IDSAgent;c:\programmer\avg\avg9\identity protection\agent\bin\AVGIDSAgent.exe [2010-6-10 5888008]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-11-6 54752]
R2 wwEngineSvc;Window Washer Engine;c:\programmer\webroot\washer\WasherSvc.exe [2009-10-16 598856]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2010-6-10 30104]
R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\programmer\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSDriver.sys [2010-6-10 122376]
R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\programmer\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSFilter.sys [2010-6-10 30216]
R3 AVGIDSShimxpx;AVG9IDSShim;c:\programmer\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSShim.sys [2010-6-10 26120]
R3 M3000Srv;Acer Crystal Eye webcam Driver;c:\windows\system32\drivers\M3000KNT.sys [2008-5-5 254976]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2010-6-10 30104]
S3 fsssvc;Windows Live-tjenesten Family Safety;c:\programmer\windows live\family safety\fsssvc.exe [2009-8-5 704864]

=============== Created Last 30 ================

2010-06-12 18:57:55    0    d-----w-    c:\programmer\CCleaner
2010-06-11 14:40:52    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-11 14:40:45    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-06-11 14:40:45    0    d-----w-    c:\programmer\Malwarebytes' Anti-Malware
2010-06-11 13:19:04    0    d-----w-    c:\docume~1\annech~1\applic~1\AVG9
2010-06-10 12:59:06    0    d--h--w-    C:\$AVG
2010-06-10 12:25:36    12464    ----a-w-    c:\windows\system32\avgrsstx.dll
2010-06-10 12:25:34    25096    ----a-w-    c:\windows\system32\drivers\AVGIDSxx.sys
2010-06-10 12:25:33    52872    ----a-w-    c:\windows\system32\drivers\avgrkx86.sys
2010-06-10 12:25:31    242896    ----a-w-    c:\windows\system32\drivers\avgtdix.sys
2010-06-10 12:25:09    216200    ----a-w-    c:\windows\system32\drivers\avgldx86.sys
2010-06-10 12:24:09    0    d-----w-    c:\windows\system32\drivers\Avg
2010-06-10 12:22:44    50968    ----a-w-    c:\windows\system32\avgfwdx.dll
2010-06-10 12:22:44    30104    ----a-w-    c:\windows\system32\drivers\avgfwdx.sys
2010-06-10 12:22:38    0    d-----w-    c:\programmer\AVG
2010-06-10 12:22:30    0    d-----w-    c:\docume~1\alluse~1\applic~1\avg9
2010-06-09 12:04:20    0    d-----w-    c:\programmer\Trend Micro
2010-06-09 11:54:50    0    d-----w-    C:\87403ba1b69ca69db7b9ac8c778d4376
2010-06-09 11:06:46    0    d-----w-    C:\c1c9594bfb432c5e51af
2010-06-08 18:56:54    743424    -c----w-    c:\windows\system32\dllcache\iedvtool.dll
2010-05-15 12:23:42    0    d-----w-    c:\programmer\iPod
2010-05-15 12:21:11    0    d-----w-    c:\programmer\iTunes

==================== Find3M  ====================

2010-06-11 13:46:54    83762    ----a-w-    c:\windows\system32\perfc006.dat
2010-06-11 13:46:54    458234    ----a-w-    c:\windows\system32\perfh006.dat
2010-05-06 10:34:44    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-05-02 08:09:40    1851264    ----a-w-    c:\windows\system32\win32k.sys
2010-04-20 05:31:39    285696    ----a-w-    c:\windows\system32\atmfd.dll
2010-04-12 15:29:19    411368    ----a-w-    c:\windows\system32\deployJava1.dll
2010-04-08 11:20:02    91424    ----a-w-    c:\windows\system32\dnssd.dll
2010-04-08 11:20:02    107808    ----a-w-    c:\windows\system32\dns-sd.exe
2009-07-22 15:05:36    245760    --sha-w-    c:\windows\system32\config\systemprofile\ietldcache\index.dat
2008-08-21 23:29:28    32768    --sha-w-    c:\windows\system32\config\systemprofile\lokale indstillinger\application data\microsoft\feeds cache\index.dat
2008-09-23 16:24:45    32768    --sha-w-    c:\windows\system32\config\systemprofile\lokale indstillinger\oversigt\history.ie5\mshist012008092320080924\index.dat

============= FINISH: 14:14:30,81 ===============


HJT.log :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:09:03, on 14-06-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\AVG\AVG9\avgchsvx.exe
C:\Programmer\AVG\AVG9\avgrsx.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Programmer\AVG\AVG9\avgwdsvc.exe
C:\Programmer\AVG\AVG9\avgfws9.exe
C:\Programmer\Fælles filer\InterVideo\RegMgr\iviRegMgr.exe
C:\Programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\AVG\AVG9\avgam.exe
C:\Programmer\AVG\AVG9\avgnsx.exe
C:\Programmer\Webroot\Washer\WasherSvc.exe
C:\Programmer\AVG\AVG9\avgemc.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\DOCUME~1\ANNECH~1\LOKALE~1\Temp\RtkBtMnt.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://da.intl.acer.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmer\AVG\AVG9\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmer\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmer\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [M3000Mnt] Rundll32.exe M3000Rmv.dll ,WinMainRmv /StartStillMnt
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: *.danskebank.dk
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.portalbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/digitalsignatur-csp.exe
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Bonjour tjeneste (Bonjour Service) - Apple Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Programmer\Fælles filer\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Programmer\Webroot\Washer\WasherSvc.exe

--
End of file - 7235 bytes
Avatar billede f-arn Guru
14. juni 2010 - 15:27 #18
men mit net har været ret dårligt

Tekniske problemer hos udbyder eller ?
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester