Notifikationer

Markér alle som læst Log ud

napoleondynamite Nybegynder

18. marts 2009 - 13:38 Der er 8 kommentarer

Beskidt computer

Hej. Jeg har fulgt fromsejs guide til at fjerne virus og malware, så jeg har et par logfiler som jeg gerne vil have kigget igennem.
På forhånd tak.

Malwarebytes' Anti-Malware 1.34
Database version: 1861
Windows 6.0.6001 Service Pack 1

18-03-2009 12:10:15
mbam-log-2009-03-18 (12-10-15).txt

Skan type: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 142198
Tid tilbagelagt: 1 hour(s), 7 minute(s), 22 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 1

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
C:\Program Files\lame_enc.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.

ComboFix 09-03-15.01

((((((((((((((((((((((((((((( Filer skabt fra 2009-02-18 til 2009-03-18 )))))))))))))))))))))))))))))))))))
.

2009-03-18 11:00 . 2009-03-18 11:00 <DIR> d-------- C:\Users\All Users\Malwarebytes
2009-03-18 11:00 . 2009-03-18 11:00 <DIR> d-------- C:\ProgramData\Malwarebytes
2009-03-18 11:00 . 2009-03-18 11:00 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2009-03-18 11:00 . 2009-02-11 10:19 38,496 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2009-03-18 11:00 . 2009-02-11 10:19 15,504 --a------ C:\Windows\System32\drivers\mbam.sys
2009-03-18 10:55 . 2009-03-18 10:55 <DIR> d-------- C:\Program Files\CCleaner
2009-03-11 09:31 . 2008-12-16 04:29 8,147,456 --a------ C:\Windows\System32\wmploc.DLL
2009-03-11 09:31 . 2008-12-16 06:31 7,680 --a------ C:\Windows\System32\spwmp.dll
2009-03-11 09:31 . 2008-12-16 06:31 4,096 --a------ C:\Windows\System32\msdxm.ocx
2009-03-11 09:31 . 2008-12-16 06:31 4,096 --a------ C:\Windows\System32\dxmasf.dll
2009-03-11 09:30 . 2009-02-09 04:10 2,033,152 --a------ C:\Windows\System32\win32k.sys
2009-03-11 09:30 . 2008-11-27 05:43 268,288 --a------ C:\Windows\System32\schannel.dll
2009-03-04 16:46 . 2009-03-04 16:46 <DIR> d-------- C:\Users\All Users\Office Genuine Advantage
2009-03-04 16:46 . 2009-03-04 16:46 <DIR> d-------- C:\ProgramData\Office Genuine Advantage
2009-03-04 16:30 . 2008-06-20 02:14 781,344 --a------ C:\Windows\System32\PresentationNative_v0300.dll
2009-03-04 16:30 . 2008-06-20 02:14 622,080 --a------ C:\Windows\System32\icardagt.exe
2009-03-04 16:30 . 2008-06-20 02:14 105,016 --a------ C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2009-03-04 16:30 . 2008-06-20 02:14 97,800 --a------ C:\Windows\System32\infocardapi.dll
2009-03-04 16:30 . 2008-06-20 02:14 43,544 --a------ C:\Windows\System32\PresentationHostProxy.dll
2009-03-04 16:30 . 2008-06-20 02:14 37,384 --a------ C:\Windows\System32\infocardcpl.cpl
2009-03-04 16:30 . 2008-06-20 02:14 11,264 --a------ C:\Windows\System32\icardres.dll
2009-03-04 16:29 . 2008-06-20 02:14 326,160 --a------ C:\Windows\System32\PresentationHost.exe
2009-03-04 16:23 . 2008-07-27 19:03 282,112 --a------ C:\Windows\System32\mscoree.dll
2009-03-04 16:23 . 2008-07-27 19:03 96,760 --a------ C:\Windows\System32\dfshim.dll
2009-03-04 16:23 . 2008-07-27 19:03 41,984 --a------ C:\Windows\System32\netfxperf.dll
2009-03-04 16:22 . 2008-07-27 19:03 158,720 --a------ C:\Windows\System32\mscorier.dll
2009-03-04 16:22 . 2008-07-27 19:03 83,968 --a------ C:\Windows\System32\mscories.dll
2009-03-04 15:47 . 2009-03-15 14:28 <DIR> d--h----- C:\$AVG8.VAULT$
2009-03-04 15:18 . 2009-03-04 15:18 10,520 --a------ C:\Windows\System32\avgrsstx.dll
2009-03-04 15:17 . 2009-03-18 10:09 <DIR> d-------- C:\Windows\System32\drivers\Avg
2009-03-04 15:17 . 2009-03-04 15:17 <DIR> d-------- C:\Users\All Users\avg8
2009-03-04 15:17 . 2009-03-04 15:17 <DIR> d-------- C:\ProgramData\avg8
2009-03-04 15:17 . 2009-03-04 15:17 <DIR> d-------- C:\Program Files\AVG
2009-03-04 15:17 . 2009-03-04 15:17 325,640 --a------ C:\Windows\System32\drivers\avgldx86.sys
2009-03-04 15:17 . 2009-03-04 15:17 107,912 --a------ C:\Windows\System32\drivers\avgtdix.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-18 09:51 --------- d---a-w C:\ProgramData\TEMP
2009-03-18 09:51 --------- d-----w C:\Program Files\Spyware Doctor
2009-03-16 20:35 --------- d-----w C:\Program Files\Microsoft Works
2009-03-16 20:33 --------- d-----w C:\Program Files\Microsoft.NET
2009-03-15 20:19 --------- d-----w C:\ProgramData\Microsoft Help
2009-03-12 19:05 --------- d-----w C:\Program Files\Windows Mail
2009-02-18 19:24 --------- d-----w C:\Program Files\Google
2009-01-28 22:32 --------- d-----w C:\Program Files\Common Files\Adobe
2009-01-15 06:11 827,392 ----a-w C:\Windows\System32\wininet.dll
2008-12-31 16:04 691,560 ----a-w C:\Windows\System32\OGACheckControl.dll
2008-12-31 16:04 528,744 ----a-w C:\Windows\System32\OGAVerify.exe
2008-12-31 16:04 502,120 ----a-w C:\Windows\System32\OGAAddin.dll
2008-09-16 16:09 174 --sha-w C:\Program Files\desktop.ini
2008-02-21 04:43 625,664 ----a-w C:\Users\Anne Kathrine\iexplore.exe
2006-10-03 13:33 520,192 ----a-w C:\Program Files\lame.exe
2006-09-24 15:43 79,628 ----a-r C:\Program Files\history.html
2006-09-24 15:43 2,217 ----a-r C:\Program Files\index.html
2005-08-20 17:48 49,511 ----a-r C:\Program Files\switchs.html
2005-07-28 13:05 7,668 ----a-r C:\Program Files\id3.html
2005-07-28 13:05 4,922 ----a-r C:\Program Files\basic.html
2005-07-28 13:05 3,926 ----a-r C:\Program Files\contributors.html
2005-07-28 13:05 1,705 ----a-r C:\Program Files\examples.html
2005-07-27 21:49 3,102 ----a-r C:\Program Files\presets.html
2004-08-19 19:36 2,288 ----a-r C:\Program Files\modes.html
2001-10-24 12:44 6,967 ----a-r C:\Program Files\node6.html
2000-12-03 22:00 732 ----a-r C:\Program Files\lame.css
2008-04-24 10:20 67,696 ----a-w C:\Program Files\mozilla firefox\components\jar50.dll
2008-04-24 10:20 54,376 ----a-w C:\Program Files\mozilla firefox\components\jsd3250.dll
2008-04-24 10:20 34,952 ----a-w C:\Program Files\mozilla firefox\components\myspell.dll
2008-04-24 10:20 46,720 ----a-w C:\Program Files\mozilla firefox\components\spellchk.dll
2008-04-24 10:20 172,144 ----a-w C:\Program Files\mozilla firefox\components\xpinstal.dll
2008-04-24 19:54 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-04-24 19:54 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-04-24 19:54 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((( SnapShot@2009-03-18_12.29.51,99 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-03-18 11:28:27 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2009-03-18 11:49:22 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2009-03-18 11:49:22 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-18 20:24 39408]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 08:33 125952]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 08:33 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 04:00 815104]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 23:04 464168]
"eDSMSNfix"="C:\Acer\Empowering Technology\eDSMSNfix.exe" [2007-02-09 09:40 13312]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-12-09 04:35 614400]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 20:48 57344]
"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-01-17 08:01 151552]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-05-14 23:22 35328]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-09-08 18:44 185632]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2006-12-20 06:50 90191]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2006-12-20 06:50 7766016]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2006-12-20 06:50 81920]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2008-08-25 10:36 1168264]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-11-04 10:30 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-11-20 13:20 290088]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 01:04 39792]
"startup"="E:\startup.exe" [BU]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2009-03-04 15:17 1932568]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 08:38 4390912 C:\Windows\RtHDVCpl.exe]
"Acer Tour"="" [BU]
"eRecoveryService"="" [BU]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2007-04-13 00:13:49 528384]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{24B9A6A1-B6B5-48B2-B9D2-15E75CC99D49}"= C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{881EAB7C-8CC4-43B8-A479-CFD011BE3F9B}"= C:\Program Files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine
"{CF82881D-D922-4776-BE02-5B13DBA8DF88}"= C:\Program Files\Acer Arcade Deluxe\VideoMagician\MagicDirector.exe:CyberLink MagicDirector
"{5F183D25-1CE0-4F38-A712-70BE4DD3BD99}"= C:\Program Files\Acer Arcade Deluxe\DV Wizard\PowerDV.exe:CyberLink PowerDV
"{1B1998A1-C245-4E8B-BB3D-E19556246CBF}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{89316423-A9A0-4BE3-909A-8F9F31895DCA}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{BCF09876-85F7-4374-83ED-877A3CAAE994}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{C678CBAE-1554-4266-8F51-F28C8F3AD035}C:\\program files\\skype\\phone\\skype.exe"= UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{DA87EB72-A815-4D5E-AA52-6F09B144E68B}C:\\program files\\skype\\phone\\skype.exe"= TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{122DBA8C-772E-4227-B5BC-03EC68532A09}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{F320E448-786F-4C77-B103-5989C3410720}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"{2C6FA49A-0903-4589-823F-D266CE099C7C}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{E668BB58-33CC-44AF-8EA0-28422A459E8C}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{4D05A793-7AF6-4FC3-BFF6-8043FDDDB5FB}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{DB56DD39-402E-43C8-A12A-B1E19F930383}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{28FAD1BC-43E9-411B-A810-DF2845444575}"= C:\Program Files\AVG\AVG8\avgupd.exe:avgupd.exe
"{D4AB91A0-354A-4615-A08D-9FEF8F3EE7B9}"= C:\Program Files\AVG\AVG8\avgnsx.exe:avgnsx.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\Windows\System32\drivers\avgldx86.sys [2009-03-04 15:17:50 325640]
R1 AvgTdiX;AVG Free8 Network Redirector;C:\Windows\System32\drivers\avgtdix.sys [2009-03-04 15:17:57 107912]
R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-03-04 15:17:25 298264]
R2 sdAuxService;PC Tools Auxiliary Service;C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-09-23 20:25:03 356920]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\b57nd60x.sys [2006-11-02 11:25:16 167936]
S3 SMSCIRDA;SMSC Infrared Device Driver;C:\Windows\System32\drivers\smscirda.sys [2007-04-13 00:07:54 31232]
S3 USBAAPL;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl.sys [2008-11-07 14:23:30 32000]

--- Andre Services/Drivers i Hukommelsen ---

*Deregistered* - mchInjDrv
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.dk/webhp?sourceid=navclient&ie=UTF-8
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://da.intl.acer.yahoo.com
uInternet Settings,ProxyOverride = <local>
IE: E&ksporter til Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
Trusted Zone: jcvu.dk\edunet
FF - ProfilePath - C:\Users\ANNEKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\qpbiha71.default\
FF - component: C:\Program Files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: C:\Program Files\Mozilla Firefox\components\xpinstal.dll
FF - component: C:\Program Files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll

---- FIREFOX POLITIKKER ----
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("ui.allow_platform_file_picker", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.hideGoButton", false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("signon.prefillForms", true);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}&");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}&");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-18 12:49:29
Windows 6.0.6001 Service Pack 1 NTFS

detected NTDLL code modification:
ZwClose

scanner skjulte processer ...

scanner skjulte autostarter ...

scanner skjulte filer ...

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'Explorer.exe'(4024)
C:\Windows\system32\MsnChatHook.dll
C:\Windows\system32\ShowErrMsg.dll
C:\Windows\system32\sysenv.dll
C:\Windows\system32\BatchCrypto.dll
C:\Windows\system32\CryptoAPI.dll
C:\Windows\system32\keyManager.dll
C:\Acer\Empowering Technology\EPOWER\SysHook.dll
.
Gennemført tid: 2009-03-18 12:53:22
ComboFix-quarantined-files.txt 2009-03-18 11:53:13
ComboFix2.txt 2009-03-18 11:32:37

Pre-Kørsel: 39,337,963,520 byte ledig
Post-Kørsel: 39,309,443,072 byte ledig

221 --- E O F --- 2009-03-17 11:42:59

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:23, on 2009-03-18
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Acer\Empowering Technology\eNet\eNet Service.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Windows\system32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\eDSMSNfix.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\WgaTray.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/webhp?sourceid=navclient&ie=UTF-8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://da.intl.acer.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [startup] E:\startup.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://edunet.jcvu.dk
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11746 bytes

Synes godt om

arkil Nybegynder

18. marts 2009 - 14:35 #1

Hej ;-)

Der er intet at komme efter i de logs - er der problemer ?

Synes godt om

Computer Hjælp (Gratis) Mester

18. marts 2009 - 15:27 #2

... oplever du problemer ?

Synes godt om

napoleondynamite Nybegynder

18. marts 2009 - 16:22 #3

Tak for at kigge det igennem.
Computeren kører generelt ikke for stabilt, og mine programmer fryser tit, så jeg får meddelelsen svarer ikke. Desuden er den begyndt at hakke når jeg afspiller dvd'er, billedet altså, der er ikke noget galt med lyden. Det er samme problem uanset hvilken afspiller jeg bruger. Det er vel ikke drevet der er noget galt med, når lyden fungerer som den skal?

Synes godt om

arkil Nybegynder

18. marts 2009 - 16:52 #4

Prøv og kontroller dine systemfiler.

1. Åben en kommandoprompt kørt som administrator (start\alle programmer\tilbehør\højreklik kommandoprompt og vælg kør som administrator)
2. Skriv: SFC.exe /Scannow
3. ENTER
4. Indsæt din Windows CD/DVD, hvis du bliver bedt om det.
5. Genstart computeren, hvis du bliver anvist om dette.

PS. Hvor meget Ram er der i maskinen.
Oplever du stadig de samme problemer ?

Synes godt om

napoleondynamite Nybegynder

19. marts 2009 - 16:28 #5

Min computer er købt med windows installeret, og jeg har det ikke på en cd, så det er lidt et problem. Den har 1 GB ram

Synes godt om

napoleondynamite Nybegynder

19. marts 2009 - 16:29 #6

Det var forkert, den har 2 GB ram

Synes godt om

arkil Nybegynder

19. marts 2009 - 17:05 #7

Prøv dette med AVG og se om det hjalp på at billedet hakker.

Højreklik på AVG ikon ved uret - Open AVG User Interface - gå ind under "Resident Shield"
fjern flueben ved "Resident Shield active" - klik "Save Changes".

Har du forsøgt at køre SFC.exe /Scannow > Du kan måske køre den uden ?

Synes godt om

napoleondynamite Nybegynder

19. marts 2009 - 17:13 #8

Jeg har kørt SFC, men den beder om cden:(
jeg prøver lige det med AVG

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus	22	26/11/202510:42	23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus	8	31/08/202519:08	01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus	10	03/02/202514:20	04/02/202511:05
mulig ukendt virus Af jackie18 i Virus	3	18/01/202514:07	18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus	13	18/01/202511:40	20/01/202517:53

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS

27/12

AI er blevet forretningskritisk: Her er de fem skift, der definerer 2026

26/12

Nørgaard: Jeg har sparet MANGE penge for jer

24/12

AI-lab #17: Jeg mistede en af mine AI-superkræfter – men fandt en endnu stærkere en midt i juletravlheden

23/12

Dansk pensionskæmpe køber op i hemmelighedsfuld it-komet fra Aalborg

23/12

Vil publicere millioner af hackede sange fra Spotify: Enhver vil kunne lave sin egen version af musiktjenesten, advarer eksperter

23/12

Hackerangreb rammer dansk a-kasse med 86.000 medlemmer: Cpr-numre og personlige oplysninger i fare for misbrug

23/12

Fransk postvæsen ramt af omfattende cyberangreb midt i juleræset

23/12

Investeringerne i datacentre slår alle rekorder - så mange milliarder bruges der i år

23/12

Flygiganten Airbus vil flytte sin kritiske it-systemer til en suveræn europæisk cloud: På vej med stort udbud

23/12

Vil du have fuldt udbytte af AI, så skal du lære dette nye begreb

23/12

Film: Too rich to care

Vis flere artikler

IT-JOB

Erhvervsstyrelsen

AI-udvikler til LLM-team i Erhvervsstyrelsen

TV2

Kompetenceleder til Data-området i TV 2

KMD A/S

Domain and Sales Specialist

KMD A/S

Senior Sales Specialist - Security

Evida

Head of IT Business Applications

Vis flere jobs

Seneste spørgsmål Seneste aktivitet

27/1222:02	Låse brugt iPad op Af drstein i iOS, iPhone & iPad
27/1219:21	Hvor finder jeg en oversigt over mine spørgsmål Af KurtG i Hjælp og fejl
27/1211:31	TP-Link Wifi extender opsat som accesspoint giver 50% up- og download, Af Uvanga i Wifi
26/1213:05	Hvorfor bliver tiff-filer større ved konvertering til samme format Af KurtG i Billedbehandling
23/1221:36	Gøre Ikonerne lidt større i proceslinjen (Windows 10) Af Ikke-ekspert i Windows

White papers

Revolutionér kundeoplevelsen med AI og automatisering
Sabio
Samarbejde mellem AI og mennesker styrker sikkerheden
Konica Minolta
Udnyt Genesys Cloud CX optimalt og styrk kundeoplevelsen
Sabio
Er I klar til at tage næste skridt på den digitale retailrejse?
TDC Erhverv

Flere white papers »