Avatar billede kenneth25 Nybegynder
27. maj 2011 - 21:25 Der er 11 kommentarer

trojansk hest

hej har fået en trojansk hest på min pc kan ikke huske nøjagtig navn på den. har brugt Ccleane,  malwarebytes, superantinspyware,ESET Online Scanner og DDS. og tror kun de programmer har fjernet den delvist. Der er stadigvæk fejl på min pc:

Kan ikke bruge internet Explorer. microsoft windows: skriver explorer er holdt op med at fungere. der er noget der bloker den ved ikke hvad. for også en sikkerhedsmeddelese fra windows at tjensten sikkerhedscenter er deakiveret. og kan ikke slå det til. nu bruger jeg google crom den køre nogen lunden på min pc. men den Browser zoommer op og ned på skrifte størrelsen hele tiden mega irerterne;(  jeg køre windows vista home premium. håber en kan hjælpe mig videre



Kenneth
Avatar billede doc_dozy Nybegynder
27. maj 2011 - 21:47 #1
Du kan evt bruge Windows Systemgendannelse - og gå tilbage i fase, før din computer blev inficeret. Dette slette dog også alt arbejde der er udført efter gendannelsespunktet.
27. maj 2011 - 22:12 #2
Velkommen til E. ...

Win98, ME, W2000, XP, Vista, Win7, OS/2, Unix, Linux, ... ?

---

...Dette slette dog også alt arbejde der er udført efter gendannelsespunktet... - vrøvl. Evt. instalationer/opsætninger/ændriger i SYSTEMET vil blive slettet; deraf navnet SYSTEMgendannelse.
EGNE DATA, Mail, ... vil ikke blive berørt...

---

Vil gerne se loggen fra malwarebytes - findes i - tja - fanebladet Logs ...
Samt en frisk Log fra HiJackThis / DDS ...

---

Fejlsikker tilstand - SYSTEMgendannelse DERFRA...
Avatar billede doc_dozy Nybegynder
27. maj 2011 - 22:23 #3
beklager at jeg ikke udtrykte mig forkert, alle programmer installeret efter gendannelsespunktet går tabt. Sådan skulle det have lydt.
Avatar billede kenneth25 Nybegynder
27. maj 2011 - 22:39 #4
tak

jeg køre vista, kan ikke gen denne med SYSTEMgendannelse. men har ikke prøvet i fejlsikker tilstand det må jeg prøve superantispywaer har fundet lidt som du kan se neders i indlæget måske du kan bruge det til noget.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6686

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

27-05-2011 11:53:25
mbam-log-2011-05-27 (11-53-25).txt

Skanningstype: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 282336
Tid gået: 1 time(e), 0 minut(ter), 58 sekund(er)

Hukommelses Processorer Inficeret: 0
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 0
Registreringsdatabaseværdier Inficeret: 0
Registreringsdatabasedata Objekter Inficeret: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Hukommelses Processorer Inficeret:
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabaseværdier Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasedata Objekter Inficeret:
(Ingen skadelige objekter blev fundet)

Inficerede Mapper:
(Ingen skadelige objekter blev fundet)

Inficerede Filer:
(Ingen skadelige objekter blev fundet)



.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by ove at 22:30:35 on 2011-05-27
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uStart Page = hxxp://www.google.dk/
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0406&s=2&o=vp32&d=1008&m=aspire_5735
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0406&s=2&o=vp32&d=1008&m=aspire_5735
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\program files\acer\empowering technology\edatasecurity\x86\ActiveToolBand.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\program files\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - No File
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [BkupTray] "c:\program files\newtech infosystems\nti backup now 5\BkupTray.exe"
mRun: [ArcadeDeluxeAgent] "c:\program files\acer arcade deluxe\acer arcade deluxe\ArcadeDeluxeAgent.exe"
mRun: [CLMLServer] "c:\program files\acer arcade deluxe\acer arcade deluxe\kernel\clml\CLMLSvc.exe"
mRun: [PlayMovie] "c:\program files\acer arcade deluxe\playmovie\PMVService.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [PLFSetI] c:\windows\PLFSetI.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [eDataSecurity Loader] c:\program files\acer\empowering technology\edatasecurity\x86\eDSloader.exe
mRun: [ePower_DMC] c:\program files\acer\empowering technology\epower\ePower_DMC.exe
mRun: [eRecoveryService]
mRun: [WarReg_PopUp] c:\program files\acer\wr_popup\WarReg_PopUp.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [aswSdWiz] c:\progra~1\alwils~1\avast4\aswSdWiz.exe /i
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [UIExec] "c:\program files\mobile broadband\UIExec.exe"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_09\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: danid.dk
Trusted Zone: danid.dk
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {C1F05373-3AF1-4500-89F0-D27C9DFD643C} = 212.242.40.51 212.242.40.3
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~1\goec62~1dll c:\progra~1\google\google~1\GOEC62~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R? b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? GoogleDesktopManager-051210-111108;Google Desktop-administrator 5.9.1005.12335
R? gupdate;Tjenesten Google Update (gupdate)
R? gupdatem;Google Update Tjeneste (gupdatem)
R? massfilter;ZTE Mass Storage Filter Driver
R? RkHit;RkHit
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
R? WSDPrintDevice;Support til WSD-udskrivning via UMB
S? aswFsBlk;aswFsBlk
S? aswMonFlt;aswMonFlt
S? aswSnx;aswSnx
S? aswSP;aswSP
S? avast! Antivirus;avast! Antivirus
S? BUNAgentSvc;NTI Backup Now 5 Agent Service
S? CLHNService;CLHNService
S? ETService;Empowering Technology Service
S? FontCache;Tjenesten Windows-skrifttypecache
S? LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter
S? LHidEqd;Logitech SetPoint Unifying KMDF HID Filter
S? NTIBackupSvc;NTI Backup Now 5 Backup Service
S? NTIPPKernel;NTIPPKernel
S? NTISchedulerSvc;NTI Backup Now 5 Scheduler Service
S? PSI;PSI
S? SASDIFSV;SASDIFSV
S? Secunia PSI Agent;Secunia PSI Agent
S? Secunia Update Agent;Secunia Update Agent
S? UI Assistant Service;UI Assistant Service
.
=============== Created Last 30 ================
.
2011-05-27 19:47:36    --------    d-----w-    c:\users\ove\appdata\local\PokerStars
2011-05-27 19:47:11    --------    d-----w-    c:\program files\PokerStars
2011-05-27 11:56:21    --------    d-----w-    c:\program files\MSECache
2011-05-27 11:52:28    472808    ----a-w-    c:\windows\system32\deployJava1.dll
2011-05-27 11:49:53    404640    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-27 11:46:02    --------    d-----w-    c:\users\ove\appdata\local\Secunia PSI
2011-05-27 11:45:51    --------    d-----w-    c:\program files\Secunia
2011-05-27 11:42:16    6962000    ----a-w-    c:\programdata\microsoft\windows defender\definition updates\{bf943f69-ff25-45e2-b8c2-02e0536e9d63}\mpengine.dll
2011-05-27 10:28:30    --------    d-----w-    c:\users\ove\appdata\roaming\SUPERAntiSpyware.com
2011-05-27 10:28:16    --------    d-----w-    c:\program files\SUPERAntiSpyware
2011-05-26 20:13:11    --------    d-----w-    c:\program files\ESET
2011-05-26 20:02:45    --------    d-----w-    c:\program files\CCleaner
2011-05-26 18:21:20    9216    ----a-w-    c:\windows\system32\drivers\massfilter.sys
2011-05-26 18:21:20    105088    ----a-w-    c:\windows\system32\drivers\ZTEusbser6k.sys
2011-05-26 18:21:20    105088    ----a-w-    c:\windows\system32\drivers\ZTEusbnmea.sys
2011-05-26 18:21:20    105088    ----a-w-    c:\windows\system32\drivers\ZTEusbmdm6k.sys
2011-05-26 18:20:50    --------    d-----w-    c:\windows\system32\SupportAppCB
2011-05-26 18:20:49    --------    d-----w-    c:\program files\Mobile Broadband
2011-05-25 19:39:12    441176    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2011-05-25 19:39:11    53592    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2011-05-25 19:38:20    40112    ----a-w-    c:\windows\avastSS.scr
2011-05-25 19:38:02    --------    d-----w-    c:\programdata\AVAST Software
2011-05-25 19:38:02    --------    d-----w-    c:\program files\AVAST Software
2011-05-25 18:44:40    --------    d-----w-    c:\programdata\SUPERAntiSpyware.com
2011-05-25 16:47:50    --------    d-----w-    c:\programdata\PC Tools
2011-05-25 15:55:03    --------    d-----w-    c:\users\ove\appdata\roaming\Malwarebytes
2011-05-25 15:54:52    --------    d-----w-    c:\programdata\Malwarebytes
2011-05-25 15:37:27    15712    ----a-w-    c:\program files\common files\windows live\.cache\a6ac23701cc1af135\MeshBetaRemover.exe
2011-05-25 15:35:51    94040    ----a-w-    c:\program files\common files\windows live\.cache\6d1c44a01cc1af128\DSETUP.dll
2011-05-25 15:35:51    525656    ----a-w-    c:\program files\common files\windows live\.cache\6d1c44a01cc1af128\DXSETUP.exe
2011-05-25 15:35:51    1691480    ----a-w-    c:\program files\common files\windows live\.cache\6d1c44a01cc1af128\dsetup32.dll
2011-05-25 15:35:38    94040    ----a-w-    c:\program files\common files\windows live\.cache\6529d0501cc1af127\DSETUP.dll
2011-05-25 15:35:38    525656    ----a-w-    c:\program files\common files\windows live\.cache\6529d0501cc1af127\DXSETUP.exe
2011-05-25 15:35:38    1691480    ----a-w-    c:\program files\common files\windows live\.cache\6529d0501cc1af127\dsetup32.dll
2011-05-25 15:32:10    --------    d-----w-    c:\users\ove\appdata\local\Windows Live
2011-05-25 15:32:08    --------    d-----w-    c:\program files\common files\Windows Live
2011-05-25 15:31:21    754688    ----a-w-    c:\windows\system32\webservices.dll
2011-05-11 19:20:53    2409784    ----a-w-    c:\program files\windows mail\OESpamFilter.dat
2011-05-08 08:33:36    --------    d-----w-    c:\program files\Photo Notifier and Animation Creator
2011-05-08 08:33:32    --------    d-----w-    c:\programdata\Photo Notifier and Animation Creator
2011-05-08 08:32:05    --------    d-----w-    c:\users\ove\appdata\local\IM
2011-05-08 08:31:25    --------    d-----w-    c:\programdata\IncrediMail
2011-05-08 08:31:25    --------    d-----w-    c:\programdata\IM
2011-05-06 20:58:38    --------    d-----w-    C:\anette mp3 nr1
2011-05-06 17:02:51    --------    d-----w-    C:\anette 2
2011-05-03 21:24:23    319488    ----a-w-    c:\windows\system32\spool\prtprocs\w32x86\hpfpp101.dll
2011-05-03 21:23:56    452736    ----a-w-    c:\windows\system32\hpzids01.dll
2011-05-03 21:23:55    125952    ----a-w-    c:\windows\system32\hpf3l101.dll
2011-05-02 20:01:29    --------    d-----w-    c:\programdata\Skype Extras
2011-04-28 06:44:01    4240384    ----a-w-    c:\windows\system32\GameUXLegacyGDFs.dll
2011-04-28 06:44:01    28672    ----a-w-    c:\windows\system32\Apphlpdm.dll
2011-04-28 06:43:53    876032    ----a-w-    c:\windows\system32\XpsPrint.dll
.
==================== Find3M  ====================
.
2011-03-10 17:03:51    1162240    ----a-w-    c:\windows\system32\mfc42u.dll
2011-03-10 17:03:51    1136640    ----a-w-    c:\windows\system32\mfc42.dll
2011-03-03 15:42:03    739328    ----a-w-    c:\windows\system32\inetcomm.dll
2011-03-03 15:40:07    173056    ----a-w-    c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40:05    542720    ----a-w-    c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40:05    458752    ----a-w-    c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40:04    2159616    ----a-w-    c:\windows\apppatch\AcGenral.dll
2011-03-03 13:25:11    2041856    ----a-w-    c:\windows\system32\win32k.sys
2011-03-02 15:44:27    86528    ----a-w-    c:\windows\system32\dnsrslvr.dll
.
============= FINISH: 22:32:53,29 ===============

.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
Acer Arcade Deluxe
Acer Crystal Eye Webcam 2.0.8
Acer eDataSecurity Management
Acer Empowering Technology
Acer ePower Management
Acer eRecovery Management
Acer eSettings Management
Acer GameZone Console 2.0.1.1
Acer GridVista
Acer Mobility Center Plug-In
Acer ScreenSaver
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.4 - Dansk
Agere Systems HDA Modem
avast! Free Antivirus
avast! Server Edition
CCleaner
Digital Signatur
DVD Decrypter (Remove Only)
DVD Shrink 3.2
eReg
ESET Online Scanner v3
Garmin Communicator Plugin
Garmin MapSource
Garmin Trip and Waypoint Manager v5
Garmin USB Drivers
Garmin WebUpdater
Google Chrome
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
ImgBurn
Intel(R) Graphics Media Accelerator Driver
IrfanView (remove only)
J2SE Runtime Environment 5.0 Update 9
Launch Manager
LightScribe  1.4.142.1
Logitech SetPoint 6.20
Marvell Miniport Driver
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 Language Pack SP1 - dan
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DAN Language Pack
Microsoft .NET Framework 4 Client Profile DAN sprogpakke
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (Danish) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Danish) 2007
Microsoft Office Groove MUI (Danish) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (Danish) 2007
Microsoft Office OneNote MUI (Danish) 2007
Microsoft Office Outlook MUI (Danish) 2007
Microsoft Office PowerPoint MUI (Danish) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (Danish) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proofing (Danish) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (Danish) 2007
Microsoft Office Shared MUI (Danish) 2007
Microsoft Office Word MUI (Danish) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Mobilt Bredbånd
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 7 Premium
neroxml
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
OGA Notifier 2.0.0048.0
Opdatering til Microsoft Office Excel 2007 Help (KB963678)
Opdatering til Microsoft Office Powerpoint 2007 Help (KB963669)
Opdatering til Microsoft Office Word 2007 Help (KB963665)
Photo Notifier and Animation Creator
PokerStars
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Secunia PSI (2.0.0.3003)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Sprogpakke til Microsoft .NET Framework 3.5 SP1 - dansk
SUPERAntiSpyware
Synaptics Pointing Device Driver
Total Commander (Remove or Repair)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Outlook 2007 Junk Email Filter (KB2536413)
WIDCOMM Bluetooth Software 6.0.1.6300
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
WinRAR archiver
Yahoo! Install Manager
Yahoo! Widgets
.
==== End Of File ===========================


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:34:48, on 27-05-2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\PLFSetI.exe
C:\Users\ove\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Mobile Broadband\UIExec.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Mobile Broadband\UIMain.exe
C:\Program Files\Mobile Broadband\CMUpdater.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\ove\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0406&s=2&o=vp32&d=1008&m=aspire_5735
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0406&s=2&o=vp32&d=1008&m=aspire_5735
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [aswSdWiz] C:\PROGRA~1\ALWILS~1\Avast4\aswSdWiz.exe /i
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [UIExec] "C:\Program Files\Mobile Broadband\UIExec.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Orion.lnk = C:\Program Files\Convesoft\Orion\Messenger.exe
O4 - Startup: Screen Clipper and Launcher til OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.danid.dk
O15 - Trusted Zone: http://*.danid.dk (HKLM)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1F05373-3AF1-4500-89F0-D27C9DFD643C}: NameServer = 212.242.40.51 212.242.40.3
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1DLL C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Desktop-administrator 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Tjeneste (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files\Mobile Broadband\AssistantServices.exe

--
End of file - 11567 bytes


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/27/2011 at 01:24 PM

Application Version : 4.53.1000

Core Rules Database Version : 7152
Trace Rules Database Version: 4964

Scan type      : Complete Scan
Total Scan Time : 00:49:18

Memory items scanned      : 919
Memory threats detected  : 0
Registry items scanned    : 10270
Registry threats detected : 0
File items scanned        : 30405
File threats detected    : 13

Trojan.Agent/Gen-Frauder
    C:\PROGRAM FILES\MOBILE BROADBAND\COMPONENT\BIUSBSOUND.DLL

Adware.Tracking Cookie
    .doubleclick.net [ C:\Users\ove\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    track.adform.net [ C:\Users\ove\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    eas4.emediate.eu [ C:\Users\ove\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    eas4.emediate.eu [ C:\Users\ove\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    eas4.emediate.eu [ C:\Users\ove\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adtech.de [ C:\Users\ove\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adtech.de [ C:\Users\ove\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adtech.de [ C:\Users\ove\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adtech.de [ C:\Users\ove\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    track.adform.net [ C:\Users\ove\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adform.net [ C:\Users\ove\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adtech.de [ C:\Users\ove\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
Avatar billede kenneth25 Nybegynder
27. maj 2011 - 22:58 #5
nu har jeg prøvet at gen denne i fejlsikker tilstand uden held. den skriver der op stod en fejl under gen dennels.
Avatar billede 220661 Ekspert
28. maj 2011 - 08:19 #6
Kunne tænkes at virus har ødelagt nogle filer i Windows som ikke er blevet genoprettet når denne er blevet fjernet.
Til denne reparation kunne forsøges to ting i første omgang.
1 Chkdsk: http://pctricks.dk/chkdsk-pa-vista-215.html
2 sfc /scannow: http://support.microsoft.com/kb/929833
Avatar billede kenneth25 Nybegynder
28. maj 2011 - 14:40 #7
den først Chkdsk scan gik fint. men kunne ikke fuldføre sfc /scan
hvad gør jeg så?
28. maj 2011 - 15:02 #8
... men kunne ikke fuldføre sfc /scan ... - hvad mener du her ?

Husk du skal være [Administrator] for at det går godt. Som beskrevet ved nævnte http://support.microsoft.com/kb/929833
Avatar billede kenneth25 Nybegynder
28. maj 2011 - 15:09 #9
det mener jeg også jeg gjorde. jamen der jeg skrive sfc /scan i Kommandoprompt begyndet scane godt nok men den blive kun 78% færdig så kunne ikke komme videre
Avatar billede kenneth25 Nybegynder
28. maj 2011 - 15:20 #10
den skriver:
windows ressourcebeskyttelse kunne ikke udføre den anmodede handling
Avatar billede kenneth25 Nybegynder
28. maj 2011 - 15:32 #11
har skrevet  edit sfcdetails.txt den har fundet to filer den ikke har kunne lave. det er svært det her:) syns ikke jeg finde ud af at lave dem med det info jeg for på http://support.microsoft.com/ (...)
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester