CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede kabbak Professor
21. november 2011 - 22:23 Der er 9 kommentarer og
1 løsning

Tjek af log, PC arbejder langsomt

Hej, jeg har fulgt anvisningerne fra http://www.eksperten.dk/guide/1232, så her er log:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8209

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

21-11-2011 20:35:28
mbam-log-2011-11-21 (20-35-28).txt

Skanningstype: Fuldstændig skanning (C:\|D:\|E:\|N:\|P:\|S:\|V:\|)
Objekter skannet: 310704
Tid gået: 1 time(e), 51 minut(ter), 41 sekund(er)

Hukommelses Processorer Inficeret: 0
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 0
Registreringsdatabaseværdier Inficeret: 0
Registreringsdatabasedata Objekter Inficeret: 0
Inficerede Mapper: 0
Inficerede Filer: 4

Hukommelses Processorer Inficeret:
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabaseværdier Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasedata Objekter Inficeret:
(Ingen skadelige objekter blev fundet)

Inficerede Mapper:
(Ingen skadelige objekter blev fundet)

Inficerede Filer:
c:\documents and settings\hb\dokumenter\downloads\help.exe (PUP.Radmin) -> Quarantined and deleted successfully.
c:\programmer\fælles filer\Spigot\wtxpcom\components\widgitoolbarff.dll.5 (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fdff6704-b445-46dc-a83c-5857ed410a5e}\RP1179\A0144648.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fdff6704-b445-46dc-a83c-5857ed410a5e}\RP1182\A0145237.old (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

ComboFix 11-11-21.01 - hb 21-11-2011  20:51:01.1.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.45.1030.18.1022.444 [GMT 1:00]
Kører fra: c:\documents and settings\hb\Skrivebord\REMOWER\ComboFix.exe
Kommandoer benyttet :: c:\documents and settings\hb\Skrivebord\REMOWER\CFScript.txt
AV: F-Secure Anti-Virus Client Security 5.54 *Disabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\hb\WINDOWS
C:\Thumbs.db
c:\windows\unin0407.exe
.
.
(((((((((((((((((((((((((((((((((((((((  Drivers/Tjenester  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_usnjsvc
.
.
(((((((((((((((((((((((((((((  Filer skabt fra 2011-10-21 til 2011-11-21  )))))))))))))))))))))))))))))))))))
.
.
2071-07-25 08:13 . 2006-11-21 19:48    203576    ------w-    c:\programmer\Microsoft Games\Age of Empires III\autopatcher2.exe
2011-11-21 20:02 . 2011-11-21 20:02    56200    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9B139C8D-4BCD-43FA-AC6F-556BB09E5015}\offreg.dll
2011-11-21 19:38 . 2011-11-21 19:38    28752    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9B139C8D-4BCD-43FA-AC6F-556BB09E5015}\MpKsla05780e6.sys
2011-11-21 17:20 . 2011-11-21 17:20    388096    ----a-r-    c:\documents and settings\hb\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-21 17:06 . 2011-08-31 16:00    22216    ----a-w-    c:\windows\system32\drivers\mbam.sys
2011-11-21 16:36 . 2011-10-07 03:48    6668624    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9B139C8D-4BCD-43FA-AC6F-556BB09E5015}\mpengine.dll
2011-11-19 20:49 . 2011-11-19 20:49    --------    d-----w-    c:\documents and settings\LocalService\Application Data\Fighters
.
.
.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-18 22:33 . 2011-05-21 13:06    414368    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22 . 2005-10-20 07:09    692736    ----a-w-    c:\windows\system32\inetcomm.dll
2011-10-07 03:48 . 2010-02-21 19:06    6668624    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-09-28 07:06 . 2005-10-20 06:51    602112    ----a-w-    c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2008-07-29 18:59    613376    ----a-w-    c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2005-10-20 06:51    21504    ----a-w-    c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2005-10-20 06:51    220160    ----a-w-    c:\windows\system32\oleacc.dll
2011-09-06 14:10 . 2009-06-12 04:59    1858944    ----a-w-    c:\windows\system32\win32k.sys
2011-11-19 20:45 . 2011-03-24 16:17    134104    ----a-w-    c:\programmer\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CmUCRRun"="c:\windows\system32\CmUCReye.exe" [2005-10-12 241664]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16270848]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 69632]
"LogitechCommunicationsManager"="c:\programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe" [2007-01-12 488984]
"LVCOMSX"="c:\programmer\Fælles filer\LogiShrd\LComMgr\LVComSX.exe" [2007-01-12 244512]
"Omnipage"="c:\programmer\ScanSoft\OmniPageSE\opware32.exe" [2002-02-20 49152]
"CanonSolutionMenu"="c:\programmer\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\programmer\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"IJNetworkScanUtility"="c:\programmer\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-21 124512]
"BCSSync"="c:\programmer\Microsoft Office\2010\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"sfagent"="c:\programmer\Fighters\sfagent.exe" [2010-10-21 760968]
"MSC"="c:\programmer\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"nwiz"="c:\programmer\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"Adobe Reader Speed Launcher"="c:\programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"HTC Sync Loader"="c:\programmer\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-08-22 593920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\FLLESF~1\MICROS~1\DW\dwtrig20.exe" [2010-02-28 519584]
.
c:\documents and settings\All Users\Menuen Start\Programmer\Start\
Logitech SetPoint.lnk - c:\programmer\Logitech\SetPoint\SetPoint.exe [2009-1-21 809488]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-11-07 15:41    72208    ----a-w-    c:\programmer\Fælles filer\Logitech\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 4
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vcdplayx
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualDrive
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58    37296    ----a-w-    c:\programmer\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 16:05    15360    ----a-w-    c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
2006-06-13 03:20    127036    ----a-w-    c:\windows\system32\DLA\DLACTRLW.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2008-09-03 16:02    133104    ----atw-    c:\documents and settings\hb\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-27 12:00    208952    ----a-w-    c:\windows\ime\imjp8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-03-25 23:10    142120    ----a-w-    c:\programmer\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2004-08-27 12:00    59392    ----a-w-    c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50    155648    ----a-w-    c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2004-08-27 12:00    455168    ----a-w-    c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2004-08-27 12:00    455168    ----a-w-    c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 16:04    2879488    ----a-w-    c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-06-21 18:04    68856    ----a-w-    c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2011-04-22 12:21    247728    ----a-w-    c:\programmer\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-11-15 08:30    204288    ------w-    c:\programmer\Windows Media Player\wmpnscfg.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Programmer\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Programmer\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Spil\\aoe2conq\\age2_x1.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmer\\Electronic Arts\\Crytek\\Crysis SP Demo\\Bin32\\Crysis.exe"=
"c:\\Programmer\\Ubisoft\\THE SETTLERS - Rise of an Empire Demo\\base\\bin\\Settlers6Demo.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmer\\MSN Messenger\\msnmsgr.exe"=
"c:\\Programmer\\MSN Messenger\\livecall.exe"=
"c:\\Programmer\\Synology\\Assistant\\DSAssistant.exe"=
"c:\\Spil\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\Spil\\Firaxis Games\\Sid Meier's Railroads!\\RailRoads.exe"=
"c:\\Programmer\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmer\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Spil\\Ubisoft\\DEMO\\The Settlers 7 - Paths to a Kingdom DEMO\\Data\\Base\\_Dbg\\Bin\\Release\\Settlers7R.exe"=
"c:\\Programmer\\Microsoft Office\\2010\\Office14\\GROOVE.EXE"=
"c:\\Programmer\\Microsoft Office\\2010\\Office14\\ONENOTE.EXE"=
"c:\\Programmer\\Microsoft Office\\2010\\Office14\\OUTLOOK.EXE"=
"c:\\Programmer\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Programmer\\GameSpy Arcade\\Aphex.exe"=
"c:\\Programmer\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Spil\\EA GAMES\\Medal of Honor Pacific Assault(tm)\\mohpa.exe"=
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [24-09-2009 05:40 19592]
R1 MpKsla05780e6;MpKsla05780e6;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9B139C8D-4BCD-43FA-AC6F-556BB09E5015}\MpKsla05780e6.sys [21-11-2011 20:38 28752]
R2 !SASCORE;SAS Core Service;c:\programmer\SUPERAntiSpyware\SASCORE.EXE [03-07-2010 08:42 116608]
R2 PassThru Service;Internet Pass-Through Service;c:\programmer\HTC\Internet Pass-Through\PassThruSvr.exe [12-08-2011 16:13 87040]
R2 Suite Service;Suite Service;c:\programmer\Fighters\FighterSuiteService.exe [29-09-2011 15:55 1318536]
R2 TomTomHOMEService;TomTomHOMEService;c:\programmer\TomTom HOME 2\TomTomHOMEService.exe [22-04-2011 13:21 92592]
R2 UsbClientService;UsbClientService;c:\programmer\Synology\Assistant\UsbClientService.exe [18-02-2011 07:18 245760]
R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [18-10-2005 14:01 1302368]
R3 busenum;Synology Virtual USB Hub;c:\windows\system32\drivers\busenum.sys [18-02-2011 07:20 46304]
R3 CMISTOR;CMIUCR.SYS CM220 Card Reader Driver;c:\windows\system32\drivers\cmiucr.SYS [20-10-2005 08:27 72320]
S0 rseb;rseb; [x]
S1 MpKsl0315112a;MpKsl0315112a; [x]
S1 MpKsl29c573bc;MpKsl29c573bc; [x]
S1 MpKsl750a3995;MpKsl750a3995;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A1C6180A-8B30-41BC-80EC-5900735ADD82}\MpKsl750a3995.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A1C6180A-8B30-41BC-80EC-5900735ADD82}\MpKsl750a3995.sys [?]
S1 MpKsl8847b144;MpKsl8847b144; [x]
S1 MpKsl90f5f25b;MpKsl90f5f25b; [x]
S1 MpKslbf236ce7;MpKslbf236ce7; [x]
S1 MpKsld912038d;MpKsld912038d; [x]
S1 MpKsldfc18bc2;MpKsldfc18bc2; [x]
S1 MpKslf9e4a03c;MpKslf9e4a03c; [x]
S1 SASDIFSV;SASDIFSV; [x]
S1 SASKUTIL;SASKUTIL; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-03-2010 12:16 130384]
S2 F-Secure Filter;F-Secure File System Filter; [x]
S2 F-Secure Gatekeeper;F-Secure Gatekeeper; [x]
S2 F-Secure Recognizer;F-Secure File System Recognizer; [x]
S2 gupdate1c9863a6301e124;Google Update Service (gupdate1c9863a6301e124);c:\programmer\Google\Update\GoogleUpdate.exe [03-02-2009 21:02 133104]
S2 SPAMfighter Update Service;SPAMfighter Update Service;c:\programmer\Fighters\sfus.exe service --> c:\programmer\Fighters\sfus.exe service [?]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [24-09-2009 13:41 29192]
S3 Common Toolkit Tools;Common Toolkit Tools;c:\programmer\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [19-10-2011 20:22 216712]
S3 cpuz130;cpuz130; [x]
S3 gupdatem;Google Update Tjeneste (gupdatem);c:\programmer\Google\Update\GoogleUpdate.exe [03-02-2009 21:02 133104]
S3 hcw66xxx;WinTV HVR-900H;c:\windows\system32\drivers\hcw66xxx.sys [23-07-2009 15:42 420096]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22-06-2010 17:01 21248]
S3 imvad_multi;NETGEAR Digital Entertainer Virtual Audio Device;c:\windows\system32\drivers\imvad.sys [26-04-2007 12:35 17792]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [17-06-2009 14:01 25480]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\programmer\Microsoft Office\2010\Office14\GROOVE.EXE [12-06-2011 10:15 31125880]
S3 osppsvc;Office Software Protection Platform;c:\programmer\Fælles filer\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [09-01-2010 20:37 4640000]
S3 SASENUM;SASENUM; [x]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-03-2010 12:16 753504]
S4 cdawdm;CDAWDM;c:\windows\system32\DRIVERS\CDAWDM.sys --> c:\windows\system32\DRIVERS\CDAWDM.sys [?]
.
Indhold af mappen 'Planlagte Opgaver'
.
2011-05-29 c:\windows\Tasks\expressburnShakeIcon.job
- c:\programmer\NCH Swift Sound\ExpressBurn\expressburn.exe [2010-10-04 15:23]
.
2011-11-21 c:\windows\Tasks\Google Software Updater.job
- c:\programmer\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-04-26 17:21]
.
2011-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc05c034843fa6.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2009-02-03 20:01]
.
2011-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2009-02-03 20:01]
.
2011-11-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3109519377-2962857464-2048118004-1006Core1ca5ccd635af77c.job
- c:\documents and settings\hb\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 16:02]
.
2011-11-21 c:\windows\Tasks\SLOW-PCfighter-hb-Notification.job
- c:\programmer\Fighters\SLOW-PCfighter\Sync.exe [2011-10-17 08:58]
.
2011-11-21 c:\windows\Tasks\SLOW-PCfighter-hb-Startup.job
- c:\programmer\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe [2011-10-17 08:58]
.
2011-11-21 c:\windows\Tasks\User_Feed_Synchronization-{86F19882-7DE1-45C6-97D9-A0B0B6B62B53}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.dk/ig?hl=da&source=iglk
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download with SupersonicDownloadAccelerator! - c:\programmer\Supersonic Download Accelerator\supersonicdownloadaccelerator.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~4\2010\Office14\EXCEL.EXE/3000
IE: S&end til OneNote - c:\progra~1\MICROS~4\2010\Office14\ONBttnIE.dll/105
Trusted Zone: agrsci.dk\nfuse
Trusted Zone: danid.dk
Trusted Zone: microsoft.com\office
Trusted Zone: nykredit.dk\www
Trusted Zone: tv2.dk\sputnik
Trusted Zone: danid.dk
TCP: Interfaces\{FAAD5F04-D014-4797-AF80-42AAA397C71B}: NameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\hb\Application Data\Mozilla\Firefox\Profiles\3qwe1mhh.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.dk/ig?hl=da
FF - prefs.js: keyword.URL - hxxp://dk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
.
- - - - TOMME GENVEJE FJERNET - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-MsnMsgr - messenger\msnmsgr.exe
AddRemove-Caesar 3 - c:\spil\SIERRA\Caesar3\Uninst.isu
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-21 21:03
Windows 5.1.2600 Service Pack 3 NTFS
.
scanner skjulte processer ... 
.
scanner skjulte autostarter ...
.
scanner skjulte filer ... 
.
scanning gennemført med succes
skjulte filer: 0
.
**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
.
[HKEY_USERS\S-1-5-21-3109519377-2962857464-2048118004-1006\Software\Buhl Data Service\On4u2\TVc200\ExtData*]
"OfflineKey"="HWi0mFpsDvxjBF6HOdrS4B1TQLrjGN09XuraO0rdFlvyB7RVNPQfsZK42mrZDZYxpXzYXHV9culCL1cIRJyYvQHZYYqGffjLzOQRqrO6H5GSNJymdtYHgymAmD/3uToaKx6YC7eHwtJEaBTXj+tKsfy0DLpoUlXJaXD76KV+bA+zOYJSuDn0HuKA6eFL7gmpUEnBVBNdMqJoY9MIOZAIew==ywHSYCyZ+lT0HrOy4aR01GZWBCsZQavAQmWOnz6JVKWRSfG9O0SySR0EvZWkbCto3RwFJqlA5AumLyRaEVXNug=="
"InitTime"=dword:0000979c
"LastTime"=dword:0000979d
"Keyindex"=dword:00000000
.
[HKEY_USERS\S-1-5-21-3109519377-2962857464-2048118004-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:fd,a0,21,31,dd,a5,24,c7,da,3d,dc,a9,81,bc,92,c4,d5,2d,e8,ef,37,ad,05,
  c2,ee,70,1a,00,76,7e,17,ba,4f,52,97,4b,8a,9f,d0,da,2b,35,de,29,d8,8b,34,bf,\
"??"=hex:03,19,76,33,70,8c,2e,19,d1,71,a8,71,bc,15,cf,05
.
[HKEY_USERS\S-1-5-21-3109519377-2962857464-2048118004-1006\Software\SecuROM\License information*]
"datasecu"=hex:77,f8,34,4c,36,f8,24,f3,35,d6,85,32,2e,f8,14,0e,ef,0b,e9,97,10,
  b2,2d,2d,c5,c9,a8,a1,94,d9,c5,3e,8a,3a,88,ed,aa,e4,1e,e2,99,0a,0a,8f,df,f3,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
--------------------- DLLs startet under kørende Processer ---------------------
.
- - - - - - - > 'winlogon.exe'(616)
c:\programmer\fælles filer\logitech\bluetooth\LBTWlgn.dll
c:\programmer\fælles filer\logitech\bluetooth\LBTServ.dll
.
- - - - - - - > 'explorer.exe'(2868)
c:\programmer\ScanSoft\OmniPageSE\ophook32.dll
c:\programmer\Logitech\SetPoint\GameHook.dll
c:\programmer\Logitech\SetPoint\lgscroll.dll
c:\progra~1\FLLESF~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~4\2010\Office14\1030\GrooveIntlResource.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\programmer\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\programmer\Canon\IJPLM\IJPLMSVC.EXE
c:\programmer\Java\jre6\bin\jqs.exe
c:\programmer\Fælles filer\LightScribe\LSSrvc.exe
c:\programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\programmer\CyberLink\Shared Files\RichVideo.exe
c:\progra~1\COMMON~1\X10\Common\x10nets.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
c:\programmer\Fælles filer\Logishrd\KHAL2\KHALMNPR.EXE
c:\windows\ALCFDRTM.EXE
.
**************************************************************************
.
Gennemført tid: 2011-11-21  21:09:22 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2011-11-21 20:09
.
Pre-Kørsel: 39.631.048.704 byte ledig
Post-Kørsel: 39.844.999.168 byte ledig
.
- - End Of File - - 995FDC85E9CB7506C397938A8CB86042

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:13:51, on 21-11-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Canon\IJPLM\IJPLMSVC.EXE
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmer\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Programmer\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Fighters\FighterSuiteService.exe
C:\Programmer\TomTom HOME 2\TomTomHOMEService.exe
C:\Programmer\Synology\Assistant\UsbClientService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\CmUCReye.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe
C:\Programmer\Fælles filer\LogiShrd\LComMgr\LVComSX.exe
C:\Programmer\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmer\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Programmer\Microsoft Security Client\msseces.exe
C:\Programmer\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\Fælles filer\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\ALCFDRTM.EXE
C:\WINDOWS\explorer.exe
C:\Documents and Settings\hb\Skrivebord\REMOWER\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/ig?hl=da&source=iglk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\2010\Office14\GROOVEEX.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\2010\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCReye.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Programmer\Fælles filer\LogiShrd\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Omnipage] C:\Programmer\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Programmer\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Programmer\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Programmer\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [BCSSync] "C:\Programmer\Microsoft Office\2010\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sfagent] C:\Programmer\Fighters\sfagent.exe
O4 - HKLM\..\Run: [MSC] "C:\Programmer\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [nwiz] C:\Programmer\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Programmer\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FLLESF~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Download with SupersonicDownloadAccelerator! - C:\Programmer\Supersonic Download Accelerator\supersonicdownloadaccelerator.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~4\2010\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: S&end til OneNote - res://C:\PROGRA~1\MICROS~4\2010\Office14\ONBttnIE.dll/105
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmer\Microsoft Office\2010\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmer\Microsoft Office\2010\Office14\ONBttnIE.dll
O9 - Extra button: &Sammenkædede OneNote-noter - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmer\Microsoft Office\2010\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Sammenkædede OneNote-noter - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmer\Microsoft Office\2010\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Programmer\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Programmer\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/
O15 - Trusted Zone: http://*.danid.dk
O15 - Trusted Zone: http://www.nykredit.dk
O15 - Trusted Zone: http://sputnik.tv2.dk
O15 - Trusted Zone: http://*.danid.dk (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FAAD5F04-D014-4797-AF80-42AAA397C71B}: NameServer = 192.168.1.1
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Programmer\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Common Toolkit Tools - SPAMfighter ApS - C:\Programmer\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe
O23 - Service: Google Update Service (gupdate1c9863a6301e124) (gupdate1c9863a6301e124) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Tjeneste (gupdatem) (gupdatem) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Programmer\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programmer\Fælles filer\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Programmer\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmer\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Programmer\Fighters\sfus.exe
O23 - Service: Suite Service - SPAMfighter ApS - C:\Programmer\Fighters\FighterSuiteService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Programmer\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: UsbClientService - Unknown owner - C:\Programmer\Synology\Assistant\UsbClientService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 10789 bytes
Avatar billede Computer Hjælp (Gratis) Mester
22. november 2011 - 17:08 #1
"langsom" ???

Under
* Opstart
* Internet
* Generelt programbrug ? Og typisk hvilken programmer ???

---

I første omgang ->

Afinstall
* SLOW-PCfighter
* Google Software Updater

---

Du bør/skal opdatere din gamle AcrobatReader ->
http://get.adobe.com/dk/reader/  (Fraklik det der Google halløj!!!)

---
Avatar billede kabbak Professor
22. november 2011 - 21:52 #2
Hej karise_larry

hvad har du imod SLOW-PCfighter
, jeg har betalt for den.

Men jeg har gjort som du siger:
Afinstalleret
* SLOW-PCfighter
* Google Software Updater

og opdateret AcrobatReader.

Den er begyndt at arbejde utrolig meget på harddisken, jeg har kørt, diskoprydning og defragmentering.
maskinen er en pentium D 3 GHz med 1 GB ram og der er 40GB fri på harddisken.

Den arbejder så meget, at programmer/spil jeg arbejder med, fryser en gang imellem i nogle sekunder.
Avatar billede Computer Hjælp (Gratis) Mester
22. november 2011 - 22:29 #3
www.eksperten.dk/spm/896485
Avatar billede kabbak Professor
27. november 2011 - 00:31 #4
er der ikke mere der skal gøres ??
Avatar billede Computer Hjælp (Gratis) Mester
27. november 2011 - 00:58 #5
Stik mig lige en frisk Log fra HiJackThis ...
Avatar billede kabbak Professor
30. november 2011 - 17:20 #6
gfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:18:08, on 30-11-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Canon\IJPLM\IJPLMSVC.EXE
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmer\HTC\Internet Pass-Through\PassThruSvr.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CmUCReye.exe
C:\Programmer\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\Synology\Assistant\UsbClientService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe
C:\Programmer\Fælles filer\LogiShrd\LComMgr\LVComSX.exe
C:\Programmer\ScanSoft\OmniPageSE\opware32.exe
C:\Programmer\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Programmer\Microsoft Security Client\msseces.exe
C:\Programmer\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Fælles filer\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\ALCFDRTM.EXE
C:\Documents and Settings\hb\Skrivebord\REMOWER\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/ig?hl=da&source=iglk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\2010\Office14\GROOVEEX.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\2010\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCReye.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Programmer\Fælles filer\LogiShrd\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Omnipage] C:\Programmer\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Programmer\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Programmer\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Programmer\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [BCSSync] "C:\Programmer\Microsoft Office\2010\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [sfagent] C:\Programmer\Fighters\sfagent.exe
O4 - HKLM\..\Run: [MSC] "C:\Programmer\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [nwiz] C:\Programmer\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Programmer\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FLLESF~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Download with SupersonicDownloadAccelerator! - C:\Programmer\Supersonic Download Accelerator\supersonicdownloadaccelerator.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~4\2010\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: S&end til OneNote - res://C:\PROGRA~1\MICROS~4\2010\Office14\ONBttnIE.dll/105
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmer\Microsoft Office\2010\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmer\Microsoft Office\2010\Office14\ONBttnIE.dll
O9 - Extra button: &Sammenkædede OneNote-noter - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmer\Microsoft Office\2010\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Sammenkædede OneNote-noter - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmer\Microsoft Office\2010\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Programmer\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Programmer\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/
O15 - Trusted Zone: http://*.danid.dk
O15 - Trusted Zone: http://www.nykredit.dk
O15 - Trusted Zone: http://sputnik.tv2.dk
O15 - Trusted Zone: http://*.danid.dk (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FAAD5F04-D014-4797-AF80-42AAA397C71B}: NameServer = 192.168.1.1
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmer\Fælles filer\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Programmer\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Common Toolkit Tools - SPAMfighter ApS - C:\Programmer\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe
O23 - Service: Google Update Service (gupdate1c9863a6301e124) (gupdate1c9863a6301e124) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Tjeneste (gupdatem) (gupdatem) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Programmer\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programmer\Fælles filer\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Programmer\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmer\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Programmer\Fighters\sfus.exe
O23 - Service: Suite Service - SPAMfighter ApS - C:\Programmer\Fighters\FighterSuiteService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Programmer\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: UsbClientService - Unknown owner - C:\Programmer\Synology\Assistant\UsbClientService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 10873 bytes
Avatar billede Computer Hjælp (Gratis) Mester
30. november 2011 - 18:26 #7
Oplever du problemer ?
Avatar billede kabbak Professor
30. november 2011 - 18:38 #8
nææ, kun det jeg beskrev i #2
Avatar billede kabbak Professor
14. december 2011 - 12:53 #9
læg venligst et svar, så jeg kan lukke
Avatar billede Computer Hjælp (Gratis) Mester
14. december 2011 - 15:46 #10
Ping...
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Total AV Af Malm i Virus 10 16/01/202516:48 17/01/202520:47
pop up black friday Af Malm i Virus 12 22/11/202420:49 03/12/202411:04
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I dag 16:05 iPhone 4 Af genbrugsteenager i iOS, iPhone & iPad
I dag 13:55 Se og ændre html på en webside Af magger i HTML
I dag 13:25 Se om det er en ny bruger, der ikke er logget ind Af KurtG i PHP
I dag 08:24 Eksportere billede fra word 2003 office. Af nu_igen i Billedbehandling
I dag 08:04 Opgaver kan ikke slettes i Outlook Af barth i E-mail programmer
White papers
Flere white papers »


Premium
Teaser billede
Oracle bruger alle de penge, som selskabet kan skrabe sammen, på AI: Vil nu også udbetale milliarder til ejerne
Læs mere »
Microsoft-direktør Mette Kaagaard tager kritik af Microsofts høje priser helt roligt: Derfor stiger priserne
Vil HPE fyre blandt de 130 medarbejdere i Danmark?: "Vi har ingen kommentarer"
Rapport afslører: Sådan er det cyberkriminelle økosystem opbygget
Se alle »
Computerworld
Teaser billede
Kan man overhovedet droppe amerikansk tech som iPhone, Gmail og Facebook? Her er de europæiske alternativer
Læs mere »
Test: Knaldhurtig budget-Volvo er nok mere legesyg end godt er
Topscorer til test: Stærk lille 5G-mobilrouter fås nu til den helt rigtige pris
Massiv kovending: Endnu en tech-gigant dropper inklusionsmål efter Trump-ordre
Se alle »
CIO
Teaser billede
Hver dag betaler Region Hovedstaden mere end 174.000 kroner for Microsoft-licenser: "Vi betaler rigtig mange penge for at sende en mail"
Læs mere »
Bliver næsten ikke anvendt: Alligevel tvinger Microsoft Region Syddanmark til at betale fuld pris for alle 25.000 medarbejdere
Den danske it-top samlet til en slags krisemøde med Trump på agendaen: Det er nødvendigt at reagere
Statens It har siden 2019 haft en pc med OpenOffice som alternativ til Microsoft – men ingen gider bruge den
Se alle »
Job & Karriere
Teaser billede
40 år gammelt dansk it-selskab fusionerer med hollandsk firma og skifter navn
Læs mere »
Her er deres månedsløn: Så meget tjener CIO'erne i de danske regioner - den bedst lønnede får mere end digitaliseringsministeren
Carsten advarede som it-sikkerhedschef om problemer og blev fyret: "Det endte med voksen-mobning af værste skuffe"
Microsoft fyrer de dårligst performende ansatte: Disse jobtitler bliver ramt
Se alle »
White paper
Teaser billede
Sådan sikrer du nem og beskyttet adgang til dine ressourcer
Læs mere »
Sikkerhed gjort enkelt: Beskyt din virksomhed direkte i browseren
TIDSBEGRÆNSET KAMPAGNE: Overvejer du at udskifte eller tilføje printere i din forretning? Vi kan tilbyde én eller flere maskiner GRATIS.
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »