CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg

Log ind eller opret profil

Du kan også logge ind via nedenstående tjenester

tgs Nybegynder

09. maj 2012 - 21:08 Der er 15 kommentarer

Spam/virus logfiler

Hej eksperten

Jeg har en efterhånden MEGET langsom computer, så nu har jeg fulgt fromsejs virus malware guide og har dannet følgende logfiler fra malwarebytes, combofix og hijackthis - håber der er en der har forstand på at kigge på loggerne og vil hjælpe mig videre med hvad jeg nu skal gøre:

Malwarebytes:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.07.03

Windows XP Service Pack 3 x86 FAT32
Internet Explorer 8.0.6001.18702
Heidi :: ACER-PC [administrator]

07-05-2012 20:54:12
mbam-log-2012-05-07 (20-54-12).txt

Skanningstype: Fuldstændig skanning
Skanningsmuligheder valgt: Hukommelse | Opstart | Registreringsdatabasen | Filsystem | Heuristics/Ekstra | Heuristics/Shuriken | PUP | PUM
Skanningsmuligheder som er deaktiverede: P2P
Objekter skannet: 260609
Tid gået: 3 time(e), 9 minut(ter), 4 sekund(er)

Hukommelses Processorer Inficeret: 0
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret: 0
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret: 152
HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302} (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearch.MultipleButton.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearch.MultipleButton (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearch.UrlAlertButton.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearch.UrlAlertButton (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{67FA02C4-AB30-4e77-A640-78EE8EC8673B} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearch.ThirdPartyInstaller (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\MyWebSearch.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> Ingen handling valgt.
HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCR\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A} (PUP.MyWebSearch) -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (PUP.MyWebSearch) -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Sat i karantæne og slettet succesfuldt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Sat i karantæne og slettet succesfuldt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Sat i karantæne og slettet succesfuldt.
HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Sat i karantæne og slettet succesfuldt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Sat i karantæne og slettet succesfuldt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Sat i karantæne og slettet succesfuldt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Sat i karantæne og slettet succesfuldt.
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Sat i karantæne og slettet succesfuldt.
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Sat i karantæne og slettet succesfuldt.
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Sat i karantæne og slettet succesfuldt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Trojan.BHO) -> Sat i karantæne og slettet succesfuldt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Sat i karantæne og slettet succesfuldt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Sat i karantæne og slettet succesfuldt.

Registreringsdatabaseværdier Inficeret: 12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Data: -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: ©Ž±#¥aI¶»
äG\Ê -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Data: -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Programmer\MyWebSearch\bar\1.bin\F3SCRCTR.DLL -> Ingen handling valgt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data: -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search| (Adware.Hotbar) -> Data: http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?s=100000349&p=ZNxpt444YYDK&si=2791&a=C7D0WVFKeWaWZuycLF_Dxg&n=2011020503 -> Sat i karantæne og slettet succesfuldt.

Registreringsdatabasedata Objekter Inficeret: 0
(Ingen skadelige objekter blev fundet)

Inficerede Mapper: 19
C:\Programmer\FunWebProducts (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\FunWebProducts\Shared (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\FunWebProducts\Shared\Cache (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\chrome (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Avatar (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Message (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Overlay (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Notifier (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Game (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\icons (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Cache (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\History (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\setups (PUP.MyWebSearch) -> Ingen handling valgt.

Inficerede Filer: 93
C:\Programmer\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\M3DLGHK.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\MWSSVC.EXE (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\MWSBAR.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\M3HTML.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\M3FFTBPR.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3POPSWT.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\M3SKIN.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\M3MSG.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3REPROX.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\WINDOWS\system32\f3PSSavr.scr (PUP.FunWebProducts) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (PUP.FunWebProducts) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (PUP.FunWebProducts) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3REGHK.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3RESTUB.DLL (PUP.FunWebProducts) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3SCHMON.EXE (PUP.FunWebProducts) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\M3IDLE.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\M3MEDINT.EXE (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\MWSMLBTN.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\MWSUABTN.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\M3PATCH.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\FunWebProducts\Shared\Cache\CursorManiaBtn.html (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\FunWebProducts\Shared\Cache\WebfettiBtn.html (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\CHROME.MANIFEST (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3BKGERR.JPG (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3SPACER.WMV (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\F3WALLPP.DAT (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\INSTALL.RDF (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\M3TPINST.DLL (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Avatar\COMMON.F3S (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Message\COMMON.F3S (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Overlay\COMMON.F3S (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Notifier\COMMON.F3S (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Notifier\DOG.F3S (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Notifier\FISH.F3S (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Notifier\KUNGFU.F3S (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Notifier\LIFEGARD.F3S (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Notifier\MAID.F3S (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Notifier\MAILBOX.F3S (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Notifier\OPERA.F3S (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Notifier\ROBOT.F3S (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Notifier\SEDUCT.F3S (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Notifier\SURFER.F3S (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Game\CHECKERS.F3S (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Game\CHESS.F3S (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Game\REVERSI.F3S (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Settings\s_FeatCk.dat (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Cache\files.ini (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Cache\001FFFD5 (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Cache\00200207.bin (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Cache\0020038E.bmp (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Cache\00200718.bin (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Cache\00200F46.bin (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Cache\00201030.exe (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Cache\00A968F5.bmp (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Cache\00A980B3.bin (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Cache\0070823F (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\Cache\0004EE54 (PUP.MyWebSearch) -> Ingen handling valgt.
C:\Programmer\MyWebSearch\bar\History\search3 (PUP.MyWebSearch) -> Ingen handling valgt.
C:\WINDOWS\system32\f3PSSavr.scr (Trojan.Agent) -> Sat i karantæne og slettet succesfuldt.
C:\Programmer\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Trojan.BHO) -> Bliver slettet ved genstart.
C:\Programmer\MyWebSearch\bar\1.bin\MWSBAR.DLL (Trojan.BHO) -> Sat i karantæne og slettet succesfuldt.

(færdig)

Combofix - en alm autoscan:
ComboFix 12-05-09.01 - Heidi 09-05-2012 20:16:43.1.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.45.1030.18.2430.1702 [GMT 2:00]
Kører fra: c:\documents and settings\Heidi\Skrivebord\combofix\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Heidi\Application Data\Toolbar4
c:\progra~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
c:\programmer\FunWebProducts
c:\programmer\FunWebProducts\Shared\Cache\CursorManiaBtn.html
c:\programmer\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
c:\programmer\FunWebProducts\Shared\Cache\WebfettiBtn.html
c:\programmer\MyWebSearch
c:\programmer\MyWebSearch\bar\1.bin\CHROME.MANIFEST
c:\programmer\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR
c:\programmer\MyWebSearch\bar\1.bin\F3BKGERR.JPG
c:\programmer\MyWebSearch\bar\1.bin\F3CJPEG.DLL
c:\programmer\MyWebSearch\bar\1.bin\F3DTactl.dll
c:\programmer\MyWebSearch\bar\1.bin\F3HISTSW.DLL
c:\programmer\MyWebSearch\bar\1.bin\F3HKSTUB.DLL
c:\programmer\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
c:\programmer\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
c:\programmer\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
c:\programmer\MyWebSearch\bar\1.bin\F3POPSWT.DLL
c:\programmer\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
c:\programmer\MyWebSearch\bar\1.bin\F3REGHK.DLL
c:\programmer\MyWebSearch\bar\1.bin\F3REPROX.DLL
c:\programmer\MyWebSearch\bar\1.bin\F3RESTUB.DLL
c:\programmer\MyWebSearch\bar\1.bin\F3SCHMON.EXE
c:\programmer\MyWebSearch\bar\1.bin\F3SCrctr.dll
c:\programmer\MyWebSearch\bar\1.bin\F3SPACER.WMV
c:\programmer\MyWebSearch\bar\1.bin\F3WALLPP.DAT
c:\programmer\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
c:\programmer\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
c:\programmer\MyWebSearch\bar\1.bin\INSTALL.RDF
c:\programmer\MyWebSearch\bar\1.bin\M3AUXSTB.DLL
c:\programmer\MyWebSearch\bar\1.bin\M3DLGHK.DLL
c:\programmer\MyWebSearch\bar\1.bin\M3FFtbpr.dll
c:\programmer\MyWebSearch\bar\1.bin\M3HIGHIN.EXE
c:\programmer\MyWebSearch\bar\1.bin\M3HTml.dll
c:\programmer\MyWebSearch\bar\1.bin\M3IDLE.DLL
c:\programmer\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
c:\programmer\MyWebSearch\bar\1.bin\M3MEDINT.EXE
c:\programmer\MyWebSearch\bar\1.bin\M3MSG.DLL
c:\programmer\MyWebSearch\bar\1.bin\M3OUtlcn.dll
c:\programmer\MyWebSearch\bar\1.bin\M3PATCH.DLL
c:\programmer\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
c:\programmer\MyWebSearch\bar\1.bin\M3SKIN.DLL
c:\programmer\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
c:\programmer\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
c:\programmer\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
c:\programmer\MyWebSearch\bar\1.bin\M3TPINST.DLL
c:\programmer\MyWebSearch\bar\1.bin\MWSMLBTN.DLL
c:\programmer\MyWebSearch\bar\1.bin\MWSOEMON.EXE
c:\programmer\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
c:\programmer\MyWebSearch\bar\1.bin\MWSOESTB.DLL
c:\programmer\MyWebSearch\bar\1.bin\MWSSVC.EXE
c:\programmer\MyWebSearch\bar\1.bin\MWSUABTN.DLL
c:\programmer\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
c:\programmer\MyWebSearch\bar\Avatar\COMMON.F3S
c:\programmer\MyWebSearch\bar\Cache\0004EE54
c:\programmer\MyWebSearch\bar\Cache\001FFFD5
c:\programmer\MyWebSearch\bar\Cache\00200207.bin
c:\programmer\MyWebSearch\bar\Cache\0020038E.bmp
c:\programmer\MyWebSearch\bar\Cache\00200718.bin
c:\programmer\MyWebSearch\bar\Cache\00200F46.bin
c:\programmer\MyWebSearch\bar\Cache\00201030.exe
c:\programmer\MyWebSearch\bar\Cache\0070823F
c:\programmer\MyWebSearch\bar\Cache\00A968F5.bmp
c:\programmer\MyWebSearch\bar\Cache\00A980B3.bin
c:\programmer\MyWebSearch\bar\Cache\files.ini
c:\programmer\MyWebSearch\bar\Game\CHECKERS.F3S
c:\programmer\MyWebSearch\bar\Game\CHESS.F3S
c:\programmer\MyWebSearch\bar\Game\REVERSI.F3S
c:\programmer\MyWebSearch\bar\History\search3
c:\programmer\MyWebSearch\bar\icons\CM.ICO
c:\programmer\MyWebSearch\bar\icons\MFC.ICO
c:\programmer\MyWebSearch\bar\icons\PSS.ICO
c:\programmer\MyWebSearch\bar\icons\SMILEY.ICO
c:\programmer\MyWebSearch\bar\icons\WB.ICO
c:\programmer\MyWebSearch\bar\icons\ZWINKY.ICO
c:\programmer\MyWebSearch\bar\Message\COMMON.F3S
c:\programmer\MyWebSearch\bar\Notifier\COMMON.F3S
c:\programmer\MyWebSearch\bar\Notifier\DOG.F3S
c:\programmer\MyWebSearch\bar\Notifier\FISH.F3S
c:\programmer\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\programmer\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\programmer\MyWebSearch\bar\Notifier\MAID.F3S
c:\programmer\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\programmer\MyWebSearch\bar\Notifier\OPERA.F3S
c:\programmer\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\programmer\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\programmer\MyWebSearch\bar\Notifier\SURFER.F3S
c:\programmer\MyWebSearch\bar\Overlay\COMMON.F3S
c:\programmer\MyWebSearch\bar\Settings\prevcfg2.htm
c:\programmer\MyWebSearch\bar\Settings\s_FeatCk.dat
c:\programmer\MyWebSearch\bar\Settings\s_pid.dat
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
c:\windows\system32\SET40.tmp
c:\windows\system32\SET44.tmp
c:\windows\system32\SET4C.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Tjenester )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MYWEBSEARCHSERVICE
-------\Service_MyWebSearchService
.
.
((((((((((((((((((((((((((((( Filer skabt fra 2012-04-09 til 2012-05-09 )))))))))))))))))))))))))))))))))))
.
.
2012-05-09 05:50 . 2012-04-13 07:36 6734704 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{214B0B91-AC5E-43C3-B220-36B0A541EAD4}\mpengine.dll
2012-05-07 18:42 . 2012-05-07 18:42 -------- d-----w- c:\documents and settings\Heidi\Application Data\Malwarebytes
2012-05-07 18:41 . 2012-05-07 18:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-05-07 18:41 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-07 18:41 . 2012-05-07 18:41 -------- d-----w- c:\programmer\Malwarebytes' Anti-Malware
2012-05-07 18:17 . 2012-05-07 18:17 -------- d-----w- c:\programmer\CCleaner
2012-04-30 06:06 . 2012-05-06 18:03 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-25 07:25 . 2012-04-25 07:25 1491 ----a-w- C:\user.js
2012-04-25 07:25 . 2012-04-25 07:25 -------- d-----w- c:\documents and settings\Heidi\Lokale indstillinger\Application Data\Babylon
2012-04-25 07:25 . 2012-04-25 07:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon
2012-04-25 07:25 . 2012-04-25 07:25 -------- d-----w- c:\documents and settings\Heidi\Application Data\Babylon
2012-04-25 07:24 . 2012-04-25 07:24 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-06 18:03 . 2011-12-28 06:42 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-13 08:08 . 2010-06-30 16:51 4946 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2012-04-13 07:36 . 2010-07-07 17:58 6734704 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-03-20 18:44 . 2011-04-18 11:18 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-01 10:59 . 2006-01-09 18:08 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 10:59 . 2004-08-27 03:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 10:59 . 2004-08-27 03:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2004-08-27 03:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2004-08-27 03:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2004-08-27 03:00 385024 ----a-w- c:\windows\system32\html.iec
2012-02-15 09:01 . 2010-07-13 15:21 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-02-15 09:01 . 2010-07-13 15:21 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys
.
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"gStart"="c:\garmin\gStart.exe" [2008-08-13 1891416]
"swg"="c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-13 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\programmer\Fælles filer\Nokia\MPlatform\NokiaMServer" [X]
"AzMixerSel"="c:\programmer\Realtek\InstallShield\AzMixerSel.exe" [2006-04-14 53248]
"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2006-04-27 151552]
"ntiMUI"="c:\programmer\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
"Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 204800]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-27 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-27 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-27 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-27 455168]
"ATICCC"="c:\programmer\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-05-30 421888]
"Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-27 16248320]
"SkyTel"="SkyTel.EXE" [2006-05-15 2879488]
"SynTPEnh"="c:\programmer\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-06-22 602112]
"AppleSyncNotifier"="c:\programmer\Fælles filer\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"SunJavaUpdateSched"="c:\programmer\Fælles filer\Java\Java Update\jusched.exe" [2010-05-14 248552]
"HP Software Update"="c:\programmer\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"APSDaemon"="c:\programmer\Fælles filer\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\programmer\QuickTime\qttask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\programmer\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"MSC"="c:\programmer\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\FÆLLES~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
c:\documents and settings\All Users\Menuen Start\Programmer\Start\
Adobe Reader Speed Launch.lnk - c:\programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
HP Digital Imaging Monitor.lnk - c:\programmer\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\EasySetupAssistant\\EasySetupAssistant.exe"=
"c:\\Programmer\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmer\\Fælles filer\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programmer\\iTunes\\iTunes.exe"=
.
R2 BBSvc;Bing Bar Update Service;c:\programmer\Microsoft\BingBar\BBSvc.EXE [09-11-2011 13:16 196376]
R2 BBUpdate;BBUpdate;c:\programmer\Microsoft\BingBar\SeaPort.EXE [13-10-2011 16:21 249648]
R3 arusb(TP-LINK);Atheros Wireless Network Adapter Service(TP-LINK);c:\windows\system32\drivers\arusb.sys [18-08-2010 20:08 458240]
S1 MpKsl58022f25;MpKsl58022f25;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{214B0B91-AC5E-43C3-B220-36B0A541EAD4}\MpKsl58022f25.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{214B0B91-AC5E-43C3-B220-36B0A541EAD4}\MpKsl58022f25.sys [?]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;\??\c:\windows\system32\eLock2BurnerLockDriver.sys --> c:\windows\system32\eLock2BurnerLockDriver.sys [?]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;\??\c:\windows\system32\eLock2FSCTLDriver.sys --> c:\windows\system32\eLock2FSCTLDriver.sys [?]
S2 gupdate;Tjenesten Google Update (gupdate);c:\programmer\Google\Update\GoogleUpdate.exe [13-07-2010 16:43 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [30-04-2012 08:06 257696]
S3 gupdatem;Google Update Tjeneste (gupdatem);c:\programmer\Google\Update\GoogleUpdate.exe [13-07-2010 16:43 135664]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [13-07-2010 17:21 43520]
.
--- Andre Services/Drivers i Hukommelsen ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Indhold af mappen 'Planlagte Opgaver'
.
2012-05-09 c:\windows\Tasks\User_Feed_Synchronization-{0880BB4C-4266-4188-BA83-6C03CFE73D27}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
2012-05-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-30 18:03]
.
2012-04-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmer\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2012-05-09 c:\windows\Tasks\MpIdleTask.job
- c:\programmer\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
2012-05-09 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\programmer\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
2012-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-07-13 14:43]
.
2012-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-07-13 14:43]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.dk/
uInternet Connection Wizard,ShellNext = hxxp://www.avast.com/go.php?verb=register-home&lang=dan
uInternet Settings,ProxyOverride = *.local
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 212.10.10.5 212.10.10.4
DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} - hxxp://bestilling.photocare.dk/ImageUploader6.cab
.
- - - - TOMME GENVEJE FJERNET - - - -
.
HKLM-Run-LaunchApp - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-09 20:29
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
scanner skjulte processer ...
.
scanner skjulte autostarter ...
.
scanner skjulte filer ...
.
scanning gennemført med succes
skjulte filer: 0
.
**************************************************************************
.
--------------------- DLLs startet under kørende Processer ---------------------
.
- - - - - - - > 'winlogon.exe'(768)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1492)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\programmer\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programmer\Bonjour\mDNSResponder.exe
c:\program files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
c:\programmer\Java\jre6\bin\jqs.exe
c:\programmer\Fælles filer\LightScribe\LSSrvc.exe
c:\programmer\CyberLink\Shared Files\RichVideo.exe
c:\program files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\programmer\Fælles filer\Nokia\MPlatform\NokiaMServer.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\programmer\iPod\bin\iPodService.exe
c:\windows\system32\wbem\unsecapp.exe
c:\programmer\Fælles filer\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Gennemført tid: 2012-05-09 20:34:21 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2012-05-09 18:34
.
Pre-Kørsel: 7.688.028.160 byte ledig
Post-Kørsel: 7.947.288.576 byte ledig
.
WindowsXP-KB310994-SP2-Home-BootDisk-DAN.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - D897DBC6B3E1290CFDB9C4F16E15B14C

Hijackthis:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:51:45, on 09-05-2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
c:\Programmer\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmer\Microsoft\BingBar\SeaPort.EXE
C:\Programmer\Bonjour\mDNSResponder.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Programmer\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Programmer\Fælles filer\Nokia\MPlatform\NokiaMServer.exe
C:\Programmer\Fælles filer\Java\Java Update\jusched.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\Microsoft Security Client\msseces.exe
C:\Garmin\gStart.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\ATI Technologies\ATI.ACE\cli.exe
C:\Programmer\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\explorer.exe
C:\Programmer\Fælles filer\Java\Java Update\jucheck.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programmer\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.avast.com/go.php?verb=register-home&lang=dan
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Programmer\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Programmer\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmer\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [ntiMUI] C:\Programmer\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATICCC] "C:\Programmer\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Programmer\Fælles filer\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Fælles filer\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Programmer\Fælles filer\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSC] "c:\Programmer\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe
O4 - HKCU\..\Run: [swg] "C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\FÆLLES~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} (Image Uploader Control) - http://bestilling.photocare.dk/ImageUploader6.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour tjeneste (Bonjour Service) - Apple Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Tjeneste (gupdatem) (gupdatem) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmer\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Programmer\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10541 bytes

Synes godt om

Computer Hjælp (Gratis) Mester

09. maj 2012 - 21:22 #1

Om igen med MalwareBytes !!!
Ingen handling valgt.

Tryk på "Vis resultater" knappen efter scanningen - og herefter tryk på "Fjern det valgte" - nu åbnes log'en og du skal gemme den et sted, hvor du kan finde den igen.
Kopier indholdet herind...

---

Afinstall
* Bing Bar

Synes godt om

tgs Nybegynder

09. maj 2012 - 21:39 #2

Det var nu også det jeg gjorde, men jeg tænkte godt på om jeg skulle markere alle de fundne filer før jeg trykkede på "fjern det valgte" - men det sagde guiden ikke noget om, så jeg regnede med den nok skulle herind omkring først, så en kunne kigge på den. Jeg har da lagt en lang logfil ind, hvad har jeg gjort forkert?

Mvh Thomas

Synes godt om

Computer Hjælp (Gratis) Mester

09. maj 2012 - 22:00 #3

Hvad forstår/oplever du ikke med ->

Tryk på "Vis resultater" knappen efter scanningen - og herefter
tryk på "Fjern det valgte"

??

Synes godt om

johnstigers Seniormester

09. maj 2012 - 22:10 #4

#3
Det er set før at malwarebytes ikke vælger noget - deraf resultatet :)

Synes godt om

tgs Nybegynder

10. maj 2012 - 08:20 #5

John - vil det sige jeg skal køre malwarebytes igen OG så manuelt sætte kryds i alle resultaterne OG så fjerne dem?

Jeg troede bare det fungerede som Hijackthis, hvor man skal slette noget, men ikke det hele?

Synes godt om

tgs Nybegynder

10. maj 2012 - 21:11 #6

Er der evt. andre der kan hjælpe mig?

Synes godt om

Computer Hjælp (Gratis) Mester

15. maj 2012 - 17:05 #7

Jeg/Vi skal se LOG filen fra MalwareBytes ...

Synes godt om

tgs Nybegynder

15. maj 2012 - 21:55 #8

Så har jeg lavet en ny logfil fra MalwareBytes, kommer her, hvad er næste skridt så? Iøvrigt google toolbar bruger jeg (eller det vil sige min kæreste - hendes computer der skal renses):

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.15.04

Windows XP Service Pack 3 x86 FAT32
Internet Explorer 8.0.6001.18702
Heidi :: ACER-PC [administrator]

15-05-2012 19:24:53
mbam-log-2012-05-15 (19-24-53).txt

Skanningstype: Fuldstændig skanning
Skanningsmuligheder valgt: Hukommelse | Opstart | Registreringsdatabasen | Filsystem | Heuristics/Ekstra | Heuristics/Shuriken | PUP | PUM
Skanningsmuligheder som er deaktiverede: P2P
Objekter skannet: 268527
Tid gået: 2 time(e), 6 minut(ter), 56 sekund(er)

Hukommelses Processorer Inficeret: 0
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret: 0
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret: 10
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
HKCR\Typelib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
HKCR\MyWebSearch.ThirdPartyInstaller (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
HKCR\MyWebSearch.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.

Registreringsdatabaseværdier Inficeret: 1
HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Programmer\MyWebSearch\bar\1.bin\F3SCRCTR.DLL -> Sat i karantæne og slettet succesfuldt.

Registreringsdatabasedata Objekter Inficeret: 0
(Ingen skadelige objekter blev fundet)

Inficerede Mapper: 0
(Ingen skadelige objekter blev fundet)

Inficerede Filer: 38
C:\Qoobox\Quarantine\C\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\F3CJPEG.DLL.vir (PUP.FunWebProducts) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\F3DTactl.dll.vir (PUP.FunWebProducts) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\F3HISTSW.DLL.vir (PUP.FunWebProducts) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\F3HKSTUB.DLL.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\F3HTMLMU.DLL.vir (PUP.FunWebProducts) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\F3HTTPCT.DLL.vir (PUP.FunWebProducts) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\F3IMSTUB.DLL.vir (PUP.FunWebProducts) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\F3POPSWT.DLL.vir (PUP.FunWebProducts) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\F3PSSAVR.SCR.vir (PUP.FunWebProducts) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\F3REGHK.DLL.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\F3REPROX.DLL.vir (PUP.FunWebProducts) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\F3RESTUB.DLL.vir (PUP.FunWebProducts) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\F3SCHMON.EXE.vir (PUP.FunWebProducts) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\F3SCrctr.dll.vir (PUP.FunWebProducts) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\F3WPHOOK.DLL.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\M3AUXSTB.DLL.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\M3DLGHK.DLL.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\M3FFtbpr.dll.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\M3HIGHIN.EXE.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\M3HTml.dll.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\M3IDLE.DLL.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\M3IMPIPE.EXE.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\M3MEDINT.EXE.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\M3MSG.DLL.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\M3OUtlcn.dll.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\M3PATCH.DLL.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\M3PLUGIN.DLL.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\M3SKIN.DLL.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\M3SKPLAY.EXE.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\M3SLSRCH.EXE.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\M3SRCHMN.EXE.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\MWSMLBTN.DLL.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\MWSOEPLG.DLL.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\MWSOESTB.DLL.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\MWSSVC.EXE.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\MWSUABTN.DLL.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.
C:\Qoobox\Quarantine\C\Programmer\MyWebSearch\bar\1.bin\NPMYWEBS.DLL.vir (PUP.MyWebSearch) -> Sat i karantæne og slettet succesfuldt.

(færdig)

Synes godt om

Computer Hjælp (Gratis) Mester

15. maj 2012 - 22:33 #9

Bingo !

Øhhh - kører Harddisken med det gamle system FAT32 ?

Synes godt om

tgs Nybegynder

16. maj 2012 - 21:42 #10

Ja den kører fat32, jo ikke en nyeste computer ;-)
Er det et problem?

Synes godt om

Computer Hjælp (Gratis) Mester

17. maj 2012 - 01:21 #11

Generelt vil jeg anbefale dig at konvertere til NTFS ->
http://support.microsoft.com/default.aspx?scid=kb;EN-US;314097

---

Evt. CCleaner + diskfragmentering derefter ...

---

Hvordan kører putteren så nu ???

Synes godt om

tgs Nybegynder

17. maj 2012 - 10:59 #12

Den kører lidt hurtiger, har fragmenteret disken. Men hvad med hijackthis-filen, skal der ikke gøres noget der udover de ting du har foreslået at fjerne?

Synes godt om

Computer Hjælp (Gratis) Mester

17. maj 2012 - 11:25 #13

Opfølgning ->

Du bør (skal) opdatere din gamle AcrobatReader ->
http://get.adobe.com/dk/reader/ (FRAKlik det der Google halløj)

Evt. afinstall den gamle AcrobatReader først!

---

Afinstall
* Bonjour tjeneste
* Apple Mobile Device
* Google Update Tjeneste
* Google Software Updater
* iPod-tjeneste

---

CCleaner - værktøjer - opstart - her kan du disable/fjern følgende fra din opstart:

[AppleSyncNotifier]
[NokiaMServer]
[HP Software Update]
[APSDaemon]
[QuickTime Task]
[iTunesHelper]
[gStart]
Adobe Reader Speed Launch
[swg]

---

Mere check -> http://kundeservice.tdc.dk/testcenter/

---

Synes godt om

Computer Hjælp (Gratis) Mester

17. maj 2012 - 11:26 #14

Tid til oprydning efter ComboFix

Klik på START derefter Kør

Skriv/kopier: Combofix /Uninstall i boxen, og klik OK.

Ovennævnte procedure vil:
Slette følgende:
ComboFix og tilhørende filer og mapper.
Nulstille uret indstillinger.
Skjule filtypenavne, hvis det kræves.
Skjule System / Skjulte filer, hvis det kræves.

C:\Qoobox\
kan slettes...

Synes godt om

johnstigers Seniormester

17. maj 2012 - 11:27 #15

Bruger du Google Chrome skal du IKKE fjerne Google Update Tjeneste + Google Software Updater.

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
Findes der mon et Antivirus program, som ikke, konstant, reklamerer, for at købe ? Af Ikke-ekspert i Virus	21	22/06/202419:22	23/06/202412:54
Anbefaling af antivirusprogram med firewall Af OnePlusFan i Virus	23	07/05/202421:02	13/05/202419:48
trusler Af gerhardpet i Virus	4	26/01/202410:02	27/01/202408:32
Kan ikke fjerne virus Af mik28 i Virus	16	09/01/202416:37	10/01/202419:59
virusscanning Af JetteD i Virus	2	10/11/202312:55	10/11/202316:36

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS