Søg
Avatar billede niclask Nybegynder
21. marts 2008 - 21:30 Der er 9 kommentarer og
1 løsning

HijackThis log m.fl

Hej eksperter

Så blev det min bærbares tur til at få en scanning.

Håber der er nogle af jer herinde der vil tage jer tid til at kigge disse logs igennem, for at se om der er noget der gerne må fjernes..


Logfile of HijackThis v1.99.1
Scan saved at 20:31:43, on 21-03-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Intel\Wireless\Bin\EvtEng.exe
C:\Programmer\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmer\Intel\Wireless\Bin\WLKeeper.exe
C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Cisco Systems\VPN Client\cvpnd.exe
C:\Programmer\Fælles filer\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\programmer\fælles filer\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\FÆLLES~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\FÆLLES~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Programmer\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Programmer\McAfee\MSK\MskSrver.exe
C:\Programmer\Intel\Wireless\Bin\RegSrvc.exe
C:\Programmer\SiteAdvisor\6253\SAService.exe
C:\Programmer\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Programmer\McAfee\MPS\mpsevh.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programmer\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\Programmer\Intel\Wireless\bin\ZCfgSvc.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmer\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe
C:\Programmer\Dell\MediaDirect\PCMService.exe
C:\Programmer\DAEMON Tools\daemon.exe
C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\McAfee\MSK\MskAgent.exe
C:\Programmer\SiteAdvisor\6253\SiteAdv.exe
C:\Programmer\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Programmer\Windows Desktop Search\WindowsSearch.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\Niclas Kevin\Skrivebord\Programmer\Sikkerhed\alternativ.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.dk/ig/dell?hl=da&client=dell-row&channel=dk&ibd=0061124
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.dk/ig/dell?hl=da&client=dell-row&channel=dk&ibd=0061124
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Programmer\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programmer\BitComet\tools\BitCometBHO.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Programmer\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmer\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programmer\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FÆLLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PCMService] "C:\Programmer\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Programmer\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programmer\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MskAgentexe] C:\Programmer\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Programmer\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Programmer\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Programmer\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Programmer\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Programmer\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll/search.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmer\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download all links using BitComet - res://C:\Programmer\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Programmer\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Programmer\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.basisbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.20.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Programmer\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by128fd.bay128.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.vivitv.com/KooPlayer.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp01.photoprintit.de/microsite/1393/defaults/activex/IPSUploader.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://flashcasino.ladbrokes.com/instant-play-en/FlashAX2.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmer\Fælles filer\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Programmer\SiteAdvisor\6253\SiteAdv.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FÆLLES~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: McAfee Application Installer Cleanup (0037321205830263) (0037321205830263mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\003732~1.EXE (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programmer\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FÆLLES~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Programmer\Fælles filer\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\programmer\fælles filer\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FÆLLES~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FÆLLES~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Programmer\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Programmer\McAfee\MSK\MskSrver.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Programmer\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SiteAdvisor-tjeneste (SiteAdvisor Service) - Unknown owner - C:\Programmer\SiteAdvisor\6253\SAService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Programmer\Viewpoint\Common\ViewpointService.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Programmer\Intel\Wireless\Bin\WLKeeper.exe




----------------




ComboFix 08-03-21.1 - Niclas Kevin 2008-03-21 20:35:56.1 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1030.18.380 [GMT 1:00]
Running from: C:\Documents and Settings\Niclas Kevin\Lokale indstillinger\Temporary Internet Files\Content.IE5\5ETF9CRG\ComboFix[1].exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((  Files Created from 2008-02-21 to 2008-03-21  )))))))))))))))))))))))))))))))
.

2008-03-18 10:16 . 2008-03-21 20:28    <DIR>    d--------    C:\Programmer\SUPERAntiSpyware
2008-03-18 10:16 . 2008-03-18 10:16    <DIR>    d--------    C:\Documents and Settings\Niclas Kevin\Application Data\SUPERAntiSpyware.com
2008-03-18 10:16 . 2008-03-18 10:16    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-03-11 22:03 . 2008-03-11 22:03    <DIR>    d--------    C:\Programmer\CCleaner
2008-03-04 23:29 . 2008-03-04 23:30    <DIR>    d--------    C:\Documents and Settings\Niclas Kevin\Application Data\TVU networks
2008-03-04 23:29 . 2008-03-04 23:29    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\TVU networks
2008-02-22 18:42 . 2008-02-22 18:42    <DIR>    d--------    C:\Documents and Settings\Niclas Kevin\Application Data\QQ Games Plugin
2008-02-22 18:28 . 2008-02-22 18:28    <DIR>    d--------    C:\Documents and Settings\Niclas Kevin\Application Data\acccore
2008-02-22 18:27 . 2008-02-22 18:27    <DIR>    d--------    C:\Programmer\Tencent
2008-02-22 18:25 . 2008-02-22 18:25    21    --a------    C:\WINDOWS\atid.ini
2008-02-22 18:23 . 2008-02-22 18:23    <DIR>    d--------    C:\Programmer\Fælles filer\AOL
2008-02-22 18:23 . 2008-02-22 18:28    <DIR>    d--------    C:\Programmer\AIM6

.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-18 09:20    ---------    d-----w    C:\Programmer\McAfee
2008-03-18 09:16    ---------    d-----w    C:\Programmer\Fælles filer\Wise Installation Wizard
2008-03-13 23:04    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-07 18:57    ---------    d-----w    C:\Programmer\Java
2008-03-04 22:29    ---------    d-----w    C:\Programmer\TVU Player
2008-03-02 20:01    ---------    d-----w    C:\Programmer\Microsoft Silverlight
2008-02-22 17:25    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\AOL Downloads
2008-02-22 17:24    ---------    d-----w    C:\Programmer\Viewpoint
2008-02-22 17:24    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-02-22 17:24    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\AOL
2008-02-21 23:48    ---------    d-----w    C:\Documents and Settings\Niclas Kevin\Application Data\SiteAdvisor
2008-02-06 08:51    171,400    ----a-w    C:\WINDOWS\system32\drivers\mfehidk.sys
2008-01-31 18:39    107,888    ----a-w    C:\WINDOWS\system32\CmdLineExt.dll
2008-01-31 18:39    ---------    d--h--r    C:\Documents and Settings\Niclas Kevin\Application Data\SecuROM
2008-01-31 18:32    ---------    d-----w    C:\Programmer\EA SPORTS
2008-01-11 05:40    44,544    ----a-w    C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-06-08 15:43    88    --sh--r    C:\WINDOWS\system32\3C5C645DC7.sys
2007-06-08 15:40    88    --sh--r    C:\WINDOWS\system32\AD0D154CAA.sys
2007-06-08 15:43    5,798    --sha-w    C:\WINDOWS\system32\KGyGaAvL.sys
.

(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-27 13:00 15360]
"Aim6"="" []
"SUPERAntiSpyware"="C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-12-13 10:44 98304]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-12-13 10:41 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-12-13 10:45 118784]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-25 00:30 282624 C:\WINDOWS\stsystra.exe]
"SynTPEnh"="C:\Programmer\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 19:48 761947]
"IntelZeroConfig"="C:\Programmer\Intel\Wireless\bin\ZCfgSvc.exe" [2006-05-01 10:28 667718]
"IntelWireless"="C:\Programmer\Intel\Wireless\Bin\ifrmewrk.exe" [2006-05-01 10:28 602182]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 06:20 122940]
"ISUSPM Startup"="C:\PROGRA~1\FÆLLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 17:50 221184]
"ISUSScheduler"="C:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe" [2004-07-27 17:50 81920]
"PCMService"="C:\Programmer\Dell\MediaDirect\PCMService.exe" [2006-08-22 16:32 184320]
"Corel Photo Downloader"="C:\Programmer\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2006-08-14 15:20 462336]
"DAEMON Tools"="C:\Programmer\DAEMON Tools\daemon.exe" [2006-11-12 11:48 157592]
"GrooveMonitor"="C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]
"TkBellExe"="C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" [2006-12-02 14:05 185896]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-27 13:00 110592 C:\WINDOWS\system32\bthprops.cpl]
"MskAgentexe"="C:\Programmer\McAfee\MSK\MskAgent.exe" [2007-01-17 17:30 152144]
"SiteAdvisor"="C:\Programmer\SiteAdvisor\6253\SiteAdv.exe" [2007-02-09 18:18 36904]
"QuickTime Task"="C:\Programmer\QuickTime\qttask.exe" [2007-02-16 10:54 282624]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-27 13:00 15360]

C:\Documents and Settings\Niclas Kevin\Menuen Start\Programmer\Start\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Programmer\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54 98632]

C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\
Adobe Reader Speed Launch.lnk - C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Cisco Systems VPN Client.lnk - C:\Programmer\Cisco Systems\VPN Client\vpngui.exe [2006-11-30 09:34:38 1445904]
Windows Desktop Search.lnk - C:\Programmer\Windows Desktop Search\WindowsSearch.exe [2007-02-05 15:40:46 118784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Programmer\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 15:39 294400]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programmer\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Programmer\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programmer\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmer\\Dell Network Assistant\\ezi_hnm2.exe"=
"C:\\Programmer\\Dell\\MediaDirect\\PCMService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programmer\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Programmer\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Programmer\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Programmer\\LimeWire\\LimeWire.exe"=
"C:\\Programmer\\Messenger\\msmsgs.exe"=
"C:\\Programmer\\TVU Player\\TVUPlayer.exe"=
"C:\\Programmer\\EA SPORTS\\Madden NFL 07\\Updater.exe"=
"C:\\Programmer\\BitComet\\BitComet.exe"=
"C:\\Programmer\\Fælles filer\\McAfee\\MNA\\McNASvc.exe"=
"C:\\Programmer\\MSN Messenger\\msnmsgr.exe"=
"C:\\Programmer\\MSN Messenger\\livecall.exe"=
"C:\\Programmer\\Fælles filer\\AOL\\Loader\\aolload.exe"=
"C:\\Programmer\\Sierra\\Empire Earth II\\EE2.exe"=
"C:\\Programmer\\Internet Explorer\\iexplore.exe"=
"C:\\Programmer\\AIM6\\aim6.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10421:UDP"= 10421:UDP:SingleClick Discovery Protocol
"10426:UDP"= 10426:UDP:SingleClick ICC
"14702:TCP"= 14702:TCP:BitComet 14702 TCP
"14702:UDP"= 14702:UDP:BitComet 14702 UDP

R2 hnmwrlspkt;HomeNet Manager Wireless Protocol;C:\WINDOWS\system32\DRIVERS\hnm_wrls_pkt.sys [2006-01-12 23:27]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Programmer\Viewpoint\Common\ViewpointService.exe" [2007-01-04 22:38]
R2 wsppkt;Wireless Security Protocol;C:\WINDOWS\system32\DRIVERS\wsp_pkt.sys [2006-01-12 23:29]
S2 0037321205830263mcinstcleanup;McAfee Application Installer Cleanup (0037321205830263);C:\WINDOWS\TEMP\003732~1.EXE C:\PROGRA~1\FÆLLES~1\McAfee\INSTAL~1\cleanup.ini []

.
Contents of the 'Scheduled Tasks' folder
"2007-05-22 08:12:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Programmer\Apple Software Update\SoftwareUpdate.exe
"2008-03-21 19:25:32 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Programmer\Windows Live Toolbar\MSNTBUP.EXE
"2008-02-22 17:30:01 C:\WINDOWS\Tasks\McAfee.com Scan for virus - Denne computer (NICLAS-Niclas Kevin).job"
- c:\programmer\mcafee.com\vso\mcmnhdlr.exe
"2007-05-14 23:00:01 C:\WINDOWS\Tasks\McDefragTask.job"
- c:\programmer\mcafee\mqc\QcConsol.exe'
"2007-05-31 23:00:01 C:\WINDOWS\Tasks\McQcTask.job"
- c:\programmer\mcafee\mqc\QcConsol.exe
"2008-03-21 19:40:01 C:\WINDOWS\Tasks\User_Feed_Synchronization-{FC123113-0C40-489B-80C0-5D31DB296C8C}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-21 20:40:44
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\Programmer\SiteAdvisor\6253\saHook.dll
.
Completion time: 2008-03-21 20:43:02
.
2008-03-13 23:05:00    --- E O F --- 




-----------------




SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/18/2008 at 11:19 AM

Application Version : 4.0.1154

Core Rules Database Version : 3421
Trace Rules Database Version: 1413

Scan type      : Complete Scan
Total Scan Time : 00:54:38

Memory items scanned      : 192
Memory threats detected  : 0
Registry items scanned    : 6099
Registry threats detected : 0
File items scanned        : 14511
File threats detected    : 18

Adware.Tracking Cookie
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@2o7[2].txt
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@atdmt[1].txt
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@ad.yieldmanager[1].txt
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@xiti[2].txt
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@messagespace.advertserve[1].txt
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@adtech[1].txt
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@specificclick[2].txt
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@doubleclick[2].txt
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@track.adform[1].txt
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@overture[1].txt
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@adbrite[2].txt
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@basisbank.112.2o7[1].txt
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@doubleclick[1].txt
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@e-2dj6wjmiumczsco.stats.esomniture[2].txt
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@2o7[1].txt
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@atdmt[2].txt
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@bwincom.122.2o7[1].txt
    C:\Documents and Settings\Niclas Kevin\Cookies\niclas_kevin@mediaplex[1].txt
Avatar billede Computer Hjælp (Gratis) Mester
22. marts 2008 - 12:02 #1
*SUK* - du invitere jo selv til evt. 'snavs' ->

Afinstaller
* BitComet
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=40284
via
[Start][Indstilninger][Kontrolpanel][Tilføj/fjern programmer]

Genstart for at fuldføre afinstalationen...

---------------------------------------
Avatar billede Computer Hjælp (Gratis) Mester
22. marts 2008 - 12:04 #2
Forsigtig erindring - dine tidl. spm. bør/skal du pænt vende tilbage til -> http://www.eksperten.dk/list.phtml?sort=&order=DESC&status_1=on&status_2=on&spm_creator=niclask&spm_part=&spm_answer=&find=&engine=exp

http://expfaq.dk/behandling_af_svar#behandling_af_svar
Avatar billede niclask Nybegynder
24. marts 2008 - 23:16 #3
Til den anden tråd havde jeg fulgt linket du refererede til og lagt et nyt indlæg her:
http://www.eksperten.dk/spm/822636

... som du også har svaret på, så gik ud fra den var helt i orden :-)
Men kan se jeg, i fremtiden, også lige skal huske at få skrevet en afslutning på mine indlæg jeg har fået lavet herinde.

Mht. BitComet så har jeg samme problem som med min stationære PC da den skulle renses (har nemlig fået det slettet på denne her også efter jeg slettede det på den anden). Programmet var åbenbart ikke blevet fjernet helt ved bare at bruge tilføj/fjern programmer. Men jeg har fulgt instrukserne i den anden tråd og de burde begge været fjernet nu i:

C:\Programmer\LimeWire
C:\Documents and Settings\Niclas Hansen\Application Data\LimeWire

Og det samme med BitComet.

Vil du have en frisk log efter de er blevet helt fjernet nu?
Avatar billede Computer Hjælp (Gratis) Mester
25. marts 2008 - 08:23 #4
Jeps ... HiJackThis.log
Avatar billede niclask Nybegynder
25. marts 2008 - 23:14 #5
Her er den friske log så


-----------------


Logfile of HijackThis v1.99.1
Scan saved at 23:09:53, on 25-03-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Intel\Wireless\Bin\EvtEng.exe
C:\Programmer\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmer\Intel\Wireless\Bin\WLKeeper.exe
C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Cisco Systems\VPN Client\cvpnd.exe
C:\Programmer\Fælles filer\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\programmer\fælles filer\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\FÆLLES~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\FÆLLES~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Programmer\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Programmer\McAfee\MSK\MskSrver.exe
C:\Programmer\Intel\Wireless\Bin\RegSrvc.exe
C:\Programmer\SiteAdvisor\6253\SAService.exe
C:\Programmer\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programmer\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\Programmer\Intel\Wireless\bin\ZCfgSvc.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmer\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe
C:\Programmer\Dell\MediaDirect\PCMService.exe
C:\Programmer\DAEMON Tools\daemon.exe
C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\McAfee\MSK\MskAgent.exe
C:\Programmer\McAfee\MPS\mpsevh.exe
C:\Programmer\SiteAdvisor\6253\SiteAdv.exe
C:\Programmer\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Windows Desktop Search\WindowsSearch.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\System32\svchost.exe
c:\programmer\fælles filer\installshield\updateservice\isuspm.exe
C:\Programmer\Fælles filer\InstallShield\UpdateService\agent.exe
c:\programmer\mcafee\msc\mcshell.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programmer\Windows Live\installer\WLSetupSvc.exe
C:\Programmer\Windows Live\Messenger\msnmsgr.exe
C:\Programmer\Windows Live\Messenger\usnsvc.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Niclas Kevin\Skrivebord\Programmer\Sikkerhed\alternativ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.dk/ig/dell?hl=da&client=dell-row&channel=dk&ibd=0061124
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Programmer\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Programmer\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programmer\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programmer\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FÆLLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PCMService] "C:\Programmer\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Programmer\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programmer\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MskAgentexe] C:\Programmer\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Programmer\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TXP] c:\programmer\topthemesxp\txp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Programmer\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Programmer\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Programmer\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Programmer\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll/search.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmer\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.basisbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.20.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Programmer\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by128fd.bay128.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.vivitv.com/KooPlayer.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp01.photoprintit.de/microsite/1393/defaults/activex/IPSUploader.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://flashcasino.ladbrokes.com/instant-play-en/FlashAX2.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmer\Fælles filer\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Programmer\SiteAdvisor\6253\SiteAdv.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programmer\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FÆLLES~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: McAfee Application Installer Cleanup (0013891206481779) (0013891206481779mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\001389~1.EXE
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programmer\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FÆLLES~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Programmer\Fælles filer\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\programmer\fælles filer\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FÆLLES~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FÆLLES~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Programmer\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Programmer\McAfee\MSK\MskSrver.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Programmer\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SiteAdvisor-tjeneste (SiteAdvisor Service) - Unknown owner - C:\Programmer\SiteAdvisor\6253\SAService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Programmer\Viewpoint\Common\ViewpointService.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Programmer\Intel\Wireless\Bin\WLKeeper.exe
Avatar billede Computer Hjælp (Gratis) Mester
26. marts 2008 - 15:41 #6
Log mæssigt er du 'ren' ...

Hvordan kører PC'en så nu ?
Avatar billede niclask Nybegynder
29. marts 2008 - 00:38 #7
Indtil videre ser det ud til at den kører noget hurtigere end før. Så håber det varer ved. Tak for hjælpen, du får hermed pointene for det.
Avatar billede niclask Nybegynder
29. marts 2008 - 00:39 #8
Hvis blot du vil lægge et svar hertil :-)
Avatar billede Computer Hjælp (Gratis) Mester
29. marts 2008 - 08:54 #9
Der er ikke mere 'snavs' ifølge din Log...

Du er velkommen en anden gang...

Du bør rense temp med denne fil, det tager kun få sek.
http://www.spywareinfo.dk/download/cleantempxp2k.bat

Efter sådan en tur er det altid en god ide og rydde op i systemgendannelsesfilerne.
Deaktiver systemgendannelse -> http://www.spywareinfo.dk/#/tip-og-tricks/deaktiver_systemgendannelse.htm
Genstart din computer - aktiver systemgendannelse. Dette gøres samme sted, hvor du deaktiverede, denne gang skal du blot aktivere.
Det vil også være en god idé manuelt at oprette et nyt punkt, som du kan navngive, og vende tilbage til, hvis du skulle få problemer af nogen art.

Et par artikler om sikker surfing finder du her:
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=14414

Safe Surfing...
Avatar billede niclask Nybegynder
07. april 2008 - 17:29 #10
Undskyld for det sene svar!

Systemgendannelse er fixet nu fra det "rene" punkt. Og den kører stadig bedre end før rensningen.

Tusind tak for hjælpen!
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Windows kategorien

Titel Indlæg Oprettet Seneste aktivitet
Gøre Ikonerne lidt større i proceslinjen (Windows 10) Af Ikke-ekspert i Windows 9 23/12/202521:36 25/12/202517:10
Glemt kodeord til BitLocker Af valby i Windows 11 23/12/202518:05 28/12/202515:58
Kan ikke komme på nettet med nogen browser Af Malm i Windows 7 20/12/202512:02 22/12/202514:22
Søgefelt i Billed- video- musikmapper osv. Af ErikHg i Windows 7 16/12/202515:12 16/12/202520:57
Glemt kodeord til W11. Af valby i Windows 13 15/12/202518:25 23/12/202517:34
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
27/1222:02 Låse brugt iPad op Af drstein i iOS, iPhone & iPad
27/1219:21 Hvor finder jeg en oversigt over mine spørgsmål Af KurtG i Hjælp og fejl
27/1211:31 TP-Link Wifi extender opsat som accesspoint giver 50% up- og download, Af Uvanga i Wifi
26/1213:05 Hvorfor bliver tiff-filer større ved konvertering til samme format Af KurtG i Billedbehandling
23/1221:36 Gøre Ikonerne lidt større i proceslinjen (Windows 10) Af Ikke-ekspert i Windows
White papers
Flere white papers »