Søg
Avatar billede erdettetaget Nybegynder
02. oktober 2008 - 19:37 Der er 5 kommentarer

Tjeck af min logfil

Har gennemgået Ejvindh´s procedure for at scanne og rense maskinen da jeg havde problemer med at åbne visse hjemmesider.

Jeg har gennemgået Ccleaner, Hijackthis, SuperAntiSpyware og Combofix som omtalt i:

www.eksperten.dk/artikler/1123

Her er mine 3 logfiler. Er der en rar person der vil tjecke dem for mig og give mig et par råd?

Logfile of HijackThis v1.99.1
Scan saved at 19:07:55, on 02-10-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Programmer\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programmer\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Programmer\CyberLink\PowerCinema\PCMService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\HP\HP Software Update\HPwuSchd2.exe
C:\Programmer\Java\jre1.6.0_07\bin\jusched.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Programmer\SetWeb\SetWeb.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\Creative\Shared Files\CamTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Documents and Settings\HP_Ejer\Skrivebord\Cleaner\alternativ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ekstrabladet.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programmer\Fælles filer\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FLLESF~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar4.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar4.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programmer\Fælles filer\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [HPHUPD08] c:\Programmer\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programmer\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Programmer\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [SetecCertUtil] C:\Programmer\SetWeb\SetWeb.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Programmer\Norton 360\osCheck.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Programmer\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU\..\Run: [Creative WebCam Tray] C:\Programmer\Creative\Shared Files\CamTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Tilslutningshjælp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Tilslutningshjælp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.sparnord.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.20.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmer\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1159249426421
O16 - DPF: {C07E5288-22FB-11D7-962E-0004AC77C761} (Dataloen.ctlVirtuelDesktop) - http://activex.dataloen.dk/controls/Dataloen3332.CAB
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp03.photoprintit.de/microsite/10021/defaults/activex/IPSUploader.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.fruronne.s-2.dk/skandia/archive/multiupload/XUpload.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FLLESF~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programmer\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Automatisk LiveUpdate-planlægning - Symantec Corporation - C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programmer\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programmer\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\VAScanner\comHost.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programmer\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Programmer\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Unknown owner - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FLLESF~1\SYMANT~1\CCPD-LC\symlcsvc.exe


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/02/2008 at 06:18 PM

Application Version : 4.0.1154

Core Rules Database Version : 3584
Trace Rules Database Version: 1572

Scan type      : Complete Scan
Total Scan Time : 00:33:12

Memory items scanned      : 528
Memory threats detected  : 0
Registry items scanned    : 6132
Registry threats detected : 0
File items scanned        : 29577
File threats detected    : 99

Adware.Tracking Cookie
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@edsa.122.2o7[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@a.findarticles[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@www.entrepreneur[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@advertising[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@bold.adservinginternational[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@kontera[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@ilead.itrack[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@aller.112.2o7[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@hitbox[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@tigermedia[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@indexstats[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@track.adform[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@track.adform[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@valueclick[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@statse.webtrendslive[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@adtracking.servnet[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@sexdebut[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@atdmt[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@ad1.emediate[3].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@ad1.emediate[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@atdmt[3].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@ads.morethanaclub[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@banner2.fynskemedier[3].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@banner2.fynskemedier[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@adtech[3].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@adtech[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@4.adbrite[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@stat.mthojgaard[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@ads.habbogroup[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@traffictracker[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@adfair[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@hypertracker[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@eas4.emediate[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@ads2.jubii[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@statsforvaltning[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@eas4.emediate[3].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@eas.apm.emediate[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@stat.nationenblog[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@videoegg.adbureau[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@adserver.banneradministration[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@ads.rejsestart[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@e2.emediate[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@socialmedia[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@e2.emediate[3].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@tracking.notabenestats[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@date.ventivmedia[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@friendlytrack[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@www.googleadservices[4].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@www.googleadservices[3].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@www.googleadservices[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@www.googleadservices[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@adbrite[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@findarticles[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@rocku.adbureau[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@ad.zanox[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@doubleclick[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@optimize.indieclick[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@ordie.adbureau[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@fastclick[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@doubleclick[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@adbrite[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@webstat.dfdstransport[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@track.webtrekk[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@revsci[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@ads.estart[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@ad.bolddk[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@indextools[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@imrworldwide[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@mediametrics.mpsa[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@mediaplex[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@ads.planetactive[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@mediaplex[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@ad2.doublepimp[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@medialine[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@sparnordbank.112.2o7[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@sparnordbank.112.2o7[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@adserver.easyad[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@sdc.okistats[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@atlas.entrepreneur[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@griffin.adservinginternational[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@stat.postdanmark[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@trackingx[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@apmebf[3].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@apmebf[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@trafficregenerator[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@tdstats[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@ads.prisacom[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@banner.jv[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@insightexpressai[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@ads.habbohotel[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@danskespil.112.2o7[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@www.fatpenguinmedia[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@adserver.adservinginternational[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@publicidad1.webfg[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@adserver.adservinginternational[3].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@www7.addfreestats[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@tradedoubler[1].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@ehg-skistar.hitbox[2].txt
    C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@hitcount[1].txt


ComboFix 08-10-01.06 - HP_Ejer 2008-10-02 19:11:29.1 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1030.18.171 [GMT 2:00]
Running from: C:\Documents and Settings\HP_Ejer\Skrivebord\Cleaner\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((((((  Other Deletions  )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@hjlas[2].txt
C:\Documents and Settings\HP_Ejer\Cookies\hp_ejer@sterling[1].txt
C:\WINDOWS\Downloaded Program Files\setup.inf
D:\Autorun.inf

.
(((((((((((((((((((((((((  Files Created from 2008-09-02 to 2008-10-02  )))))))))))))))))))))))))))))))
.

2008-10-02 19:09 . 2008-10-02 19:09    6,736    --a------    C:\WINDOWS\system32\drivers\PROCEXP90.SYS
2008-10-02 17:26 . 2008-10-02 17:26    <DIR>    d--------    C:\Programmer\SUPERAntiSpyware
2008-10-02 17:26 . 2008-10-02 17:26    <DIR>    d--------    C:\Documents and Settings\HP_Ejer\Application Data\SUPERAntiSpyware.com
2008-10-02 17:26 . 2008-10-02 17:26    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-09-29 17:55 . 2008-09-29 17:55    391,680    --a------    C:\WINDOWS\system32\cmd.cfexe
2008-09-29 14:38 . 2008-09-29 14:39    <DIR>    d--------    C:\Programmer\Malwarebytes' Anti-Malware
2008-09-29 14:38 . 2008-09-29 14:38    <DIR>    d--------    C:\Documents and Settings\HP_Ejer\Application Data\Malwarebytes
2008-09-29 14:38 . 2008-09-29 14:38    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-29 14:38 . 2008-09-10 00:04    38,528    --a------    C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-29 14:38 . 2008-09-10 00:03    17,200    --a------    C:\WINDOWS\system32\drivers\mbam.sys
2008-09-26 14:00 . 2008-09-26 14:32    <DIR>    d--------    C:\Programmer\Yahoo!
2008-09-26 14:00 . 2008-09-26 14:01    <DIR>    d--------    C:\Programmer\CCleaner
2008-09-22 16:40 . 2008-09-23 08:03    <DIR>    d--------    C:\Programmer\NOS
2008-09-22 16:40 . 2008-09-23 08:03    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\NOS
2008-09-19 16:01 . 2008-09-19 16:01    <DIR>    d--------    C:\Programmer\Electronic Arts
2008-09-18 14:20 . 2008-09-18 14:20    <DIR>    d--------    C:\WINDOWS\system32\da
2008-09-18 14:20 . 2008-09-18 14:20    <DIR>    d--------    C:\WINDOWS\system32\bits
2008-09-18 14:20 . 2008-09-18 14:20    <DIR>    d--------    C:\WINDOWS\l2schemas
2008-09-18 14:16 . 2008-09-18 14:21    <DIR>    d--------    C:\WINDOWS\ServicePackFiles
2008-09-18 14:08 . 2008-09-18 14:08    <DIR>    d--------    C:\WINDOWS\EHome
2008-09-17 19:19 . 2004-08-26 17:48    701,440    ---------    C:\WINDOWS\system32\drivers\ati2mtag.sys

.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-02 17:14    ---------    d-----w    C:\Programmer\Fælles filer\Symantec Shared
2008-10-02 15:25    ---------    d-----w    C:\Programmer\Fælles filer\Wise Installation Wizard
2008-09-26 12:14    ---------    d-----w    C:\Documents and Settings\HP_Ejer\Application Data\Skype
2008-09-17 05:49    805    ----a-w    C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-09-17 05:49    123,952    ----a-w    C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-09-17 05:49    10,671    ----a-w    C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-09-17 05:49    ---------    d-----w    C:\Programmer\Symantec
2008-09-17 05:46    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\Symantec
2008-09-16 06:19    ---------    d-----w    C:\Programmer\Norton 360
2008-09-16 05:40    ---------    d-----w    C:\Programmer\Java
2008-08-02 14:11    ---------    d-----w    C:\Programmer\Apple Software Update
2007-10-05 06:23    220    ----a-w    C:\Documents and Settings\HP_Ejer\Application Data\wklnhst.dat
2006-09-28 14:22    91,265    ----a-w    C:\Programmer\OCT2006_xinput_x64.cab
2006-09-28 14:22    49,149    ----a-w    C:\Programmer\OCT2006_xinput_x86.cab
2006-09-28 14:21    41,996    ----a-w    C:\Programmer\dxdllreg_x86.cab
2006-09-28 14:21    183,321    ----a-w    C:\Programmer\OCT2006_XACT_x64.cab
2006-09-28 14:21    138,977    ----a-w    C:\Programmer\OCT2006_XACT_x86.cab
2006-09-28 14:21    1,413,862    ----a-w    C:\Programmer\OCT2006_d3dx9_31_x64.cab
2006-09-28 14:21    1,128,177    ----a-w    C:\Programmer\OCT2006_d3dx9_31_x86.cab
.

(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayExcluded]
@="{4433A54A-1AC8-432F-90FC-85F045CF383C}"
[HKEY_CLASSES_ROOT\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}]
2008-02-26 10:34    576352    --a------    C:\Programmer\Fælles filer\Symantec Shared\Backup\buShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayPending]
@="{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}"
[HKEY_CLASSES_ROOT\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}]
2008-02-26 10:34    576352    --a------    C:\Programmer\Fælles filer\Symantec Shared\Backup\buShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayProtected]
@="{476D0EA3-80F9-48B5-B70B-05E677C9C148}"
[HKEY_CLASSES_ROOT\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}]
2008-02-26 10:34    576352    --a------    C:\Programmer\Fælles filer\Symantec Shared\Backup\buShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Programmer\Messenger\msmsgs.exe" [2008-04-14 1695232]
"updateMgr"="C:\Programmer\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"Creative WebCam Tray"="C:\Programmer\Creative\Shared Files\CamTray.exe" [2005-10-27 299008]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"SUPERAntiSpyware"="C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-14 7323648]
"HPHUPD08"="c:\Programmer\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"PCMService"="C:\Programmer\CyberLink\PowerCinema\PCMService.exe" [2006-02-25 147456]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="C:\Programmer\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-11-10 249856]
"Reminder"="C:\Windows\Creator\Remind_XP.exe" [2004-12-14 663552]
"HP Software Update"="C:\Programmer\HP\HP Software Update\HPwuSchd2.exe" [2005-05-12 49152]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"TkBellExe"="C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" [2005-01-02 180269]
"SetecCertUtil"="C:\Programmer\SetWeb\SetWeb.exe" [2004-06-17 704512]
"QuickTime Task"="C:\Programmer\QuickTime\qttask.exe" [2007-04-27 282624]
"iTunesHelper"="C:\Programmer\iTunes\iTunesHelper.exe" [2006-09-12 229952]
"ccApp"="C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe" [2008-02-18 51048]
"osCheck"="C:\Programmer\Norton 360\osCheck.exe" [2008-02-26 988512]
"RTHDCPL"="RTHDCPL.EXE" [2006-01-12 C:\WINDOWS\RTHDCPL.EXE]
"nwiz"="nwiz.exe" [2005-12-14 C:\WINDOWS\system32\nwiz.exe]

C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\
Adobe Reader Hurtigstart.lnk - C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
HP Digital Imaging Monitor.lnk - C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 282624]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Programmer\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 12:41 294912 C:\Programmer\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
--a------ 2007-02-09 17:00 25388584 C:\Programmer\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmer\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Programmer\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Programmer\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Programmer\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Programmer\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Programmer\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Programmer\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Programmer\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Programmer\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Programmer\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Programmer\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Programmer\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Programmer\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Programmer\\CyberLink\\PowerCinema\\PowerCinema.exe"=
"C:\\Programmer\\CyberLink\\PowerCinema\\PCMService.exe"=
"C:\\Programmer\\Skype\\Phone\\Skype.exe"=
"C:\\Programmer\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R2 LiveUpdate Notice;LiveUpdate Notice;C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe [2008-02-18 149352]
R3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
R3 cxbu0wdm;CardMan 3x21;C:\WINDOWS\system32\DRIVERS\cxbu0wdm.sys [2004-01-19 52026]
R3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-04-01 162176]
S2 Automatisk LiveUpdate-planlægning;Automatisk LiveUpdate-planlægning;C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2008-02-21 238968]

*Newly Created Service* - COMHOST
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.ekstrabladet.dk/
O8 -: E&ksporter til Microsoft Excel - C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O16 -: {029FDBA6-3547-11D7-AA4C-0050BF051A00} - hxxp://downol.dr.dk/download/netradio/Rawflow.cab
C:\WINDOWS\Downloaded Program Files\Rawflow.ocx

O16 -: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.sparnord.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.20.cab
C:\WINDOWS\Downloaded Program Files\comp.inf
C:\WINDOWS\Downloaded Program Files\EBJSecurity_2.dll
C:\WINDOWS\Downloaded Program Files\ActiveXSikkerhedssoftware.ocx
C:\WINDOWS\Downloaded Program Files\EBJSecurity_3.dll

O16 -: {C07E5288-22FB-11D7-962E-0004AC77C761} - hxxp://activex.dataloen.dk/controls/Dataloen3332.CAB
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\dataloen.INF
C:\WINDOWS\system32\Tabctl32.ocx
C:\WINDOWS\system32\Mscomctl.ocx
C:\WINDOWS\system32\Msmask32.ocx
C:\WINDOWS\system32\MSVBVM60.DLL
C:\WINDOWS\system32\Oleaut32.dll
C:\WINDOWS\system32\OLEPRO32.DLL
C:\WINDOWS\system32\ASYCFILT.DLL
C:\WINDOWS\system32\STDOLE2.TLB
C:\WINDOWS\system32\COMCAT.DLL
C:\WINDOWS\Downloaded Program Files\dataloen.ocx
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\dataloen.ocx
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\dataloen.ocx
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\dataloen.ocx
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\dataloen.ocx

O16 -: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe

O16 -: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} - hxxp://asp03.photoprintit.de/microsite/10021/defaults/activex/IPSUploader.cab
C:\WINDOWS\Downloaded Program Files\IPSUploader.inf
C:\WINDOWS\Downloaded Program Files\ImageUploader_3.ocx
C:\WINDOWS\system32\unicows.dll
C:\WINDOWS\Downloaded Program Files\IPSUploader.ocx
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-02 19:14:24
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-10-02 19:16:14
ComboFix-quarantined-files.txt  2008-10-02 17:16:10

Pre-Run: 216.038.002.688 byte ledig
Post-Run: 216,045,580,288 byte ledig

197    --- E O F ---    2008-09-18 21:35:36


På forhånd tak

Nikolai
Avatar billede nva Praktikant
03. oktober 2008 - 08:14 #1
Der er umiddelbart ikke noget jeg kan få øje på af 'snavs' i loggen.

Prøv at give den en tur med "Malwarebytes' Anti-Malware" her: http://www.malwarebytes.org/mbam.php
Installer programmet, start det, lav "fuld systemscanning" under fanebladet "skanner".
Bagefter klik på "vis resultater", tryk på "Fjern det valgte" og send loggen herind.

Bagefter hent http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis.
Kør HijackThis, klik på scan, kopier loggens tekst og smidt den herind.
Avatar billede erdettetaget Nybegynder
03. oktober 2008 - 10:11 #2
Her er resultatet:

Malwarebytes' Anti-Malware 1.28
Database version: 1134
Windows 5.1.2600 Service Pack 3

03-10-2008 10:06:05
mbam-log-2008-10-03 (10-06-05).txt

Skan type: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 126876
Tid tilbagelagt: 45 minute(s), 32 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:09:32, on 03-10-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Programmer\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programmer\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmer\CyberLink\PowerCinema\PCMService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\HP\HP Software Update\HPwuSchd2.exe
C:\Programmer\Java\jre1.6.0_07\bin\jusched.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Programmer\SetWeb\SetWeb.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\Creative\Shared Files\CamTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\Microsoft Office\OFFICE11\WINWORD.EXE
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE
C:\PROGRA~1\FLLESF~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ekstrabladet.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programmer\Fælles filer\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FLLESF~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar4.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar4.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programmer\Fælles filer\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [HPHUPD08] c:\Programmer\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programmer\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Programmer\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [SetecCertUtil] C:\Programmer\SetWeb\SetWeb.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Programmer\Norton 360\osCheck.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Programmer\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU\..\Run: [Creative WebCam Tray] C:\Programmer\Creative\Shared Files\CamTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Tilslutningshjælp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Tilslutningshjælp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.sparnord.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.20.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmer\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1159249426421
O16 - DPF: {C07E5288-22FB-11D7-962E-0004AC77C761} (Dataloen.ctlVirtuelDesktop) - http://activex.dataloen.dk/controls/Dataloen3332.CAB
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp03.photoprintit.de/microsite/10021/defaults/activex/IPSUploader.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.fruronne.s-2.dk/skandia/archive/multiupload/XUpload.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FLLESF~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programmer\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Automatisk LiveUpdate-planlægning - Symantec Corporation - C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programmer\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programmer\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\VAScanner\comHost.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programmer\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Programmer\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FLLESF~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 10509 bytes


Hilsen
Nikolai
Avatar billede nva Praktikant
07. oktober 2008 - 12:32 #3
Din log er ren. Hvis problemet stadig er der, må du lige fortælle hvilke sider, der giver problemer.
Avatar billede erdettetaget Nybegynder
07. oktober 2008 - 15:49 #4
Hej nva

Tak for at du har tjecket min logfil - jeg skal nok sørge for at du får de point.
Men problemet er stadig at jeg ikke kan åbne facebook. Det er den eneste side jeg ikke kan åbne. Den står bare og tænker.

Hvad kan jeg gøre?

Mvh
Nikolai
Avatar billede nva Praktikant
08. oktober 2008 - 15:14 #5
Jeg har ikke rigtig noget bud på hvad problemet med den side kan være :(
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Andre onlineløsninger kategorien

Titel Indlæg Oprettet Seneste aktivitet
Eboks.dk og Borger.dk Af nu_igen i Andre onlineløsninger 9 25/02/202612:56 27/02/202622:12
Mobilpay svindel Af nu_igen i Andre onlineløsninger 8 24/01/202609:50 26/01/202612:02
Streaming af film Af jgormm i Andre onlineløsninger 4 27/09/202508:01 28/09/202510:12
Drop i Core Web Vitals i Google search console Af Elby i Andre onlineløsninger 0 08/08/202514:32 -
hvilken AI foretrækker I ? Af jcr18 i Andre onlineløsninger 5 07/05/202521:10 24/01/202611:03
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
15 min siden Windows 10 upgrade til Windows 11 på PC der ikke opfylder krav, og samtidig bevare filer. Af Uvanga i Windows
I går 22:03 Finde og liste billeder med reference til folder Af Malm i Windows
01/0311:19 Besked om maximum i spambakker er nået på Samsung XCover 5 Galaxy Af ErikHg i Mobiltelefoner
28/0216:27 Forskellen på originalt og uoriginalt blæk Af vbr i Printere
28/0209:34 overføre billeder fra android tablet til pc Af Malm i Windows
White papers
Flere white papers »