Internet Explorer starter ikke - kun timeglas

Download den nyeste version af Sun Java ->
http://java.sun.com/javase/downloads/index.jsp

Kør ned til:  Java Runtime Environment (JRE) 6 Update 14
Tryk på -Download knappen. Accepter betingelserne, og hent filen til skrivebordet

Gå så i tilføj/fjern programmer i kontrolpanel og fjern:
Alle versioner af Java

Genstart Computeren når alle Java versioner er fjernet

Dobbeltklik så på Den downloadede Java fil på skrivebordet for at installere nyeste version

Eller brug dette program > http://prm753.bchea.org/JavaRa.html

Her er en lille billedserie udarbejdet af Sander, der viser de første valg:

http://i147.photobucket.com/albums/r299/sanderjensen/SJ-5467.jpg
http://i147.photobucket.com/albums/r299/sanderjensen/SJ-5468.jpg
http://i147.photobucket.com/albums/r299/sanderjensen/SJ-5469.jpg

http://i147.photobucket.com/albums/r299/sanderjensen/SJ-5470.jpg
http://i147.photobucket.com/albums/r299/sanderjensen/SJ-5471.jpg

http://i147.photobucket.com/albums/r299/sanderjensen/SJ-5472.jpg
http://i147.photobucket.com/albums/r299/sanderjensen/SJ-5473.jpg

Tak for forslaget, men det ændrede desværre ingenting. IE og java controlpanelet vil stadig ikke starte...

Nogle andre muligheder?

Hent CCleaner her:
http://www.filehippo.com/download_ccleaner/

Installer CCleaner, og fjerne fluebenet udfor Yahoo Toolbar - ingen grund til at få det skrammel på.
Start > Fjern fluebenet i cookies.
Klik på kør Cleaner og lad den fjerne hvad den finder i både Windows og Programmer.  Kør et par gange eller til der ikke er mere og komme efter.
Klik så på Register ovre i venstre side (den blå terning), klik på Skan efter problemer, når den er færdig, klik på Udbedre valgte problemer, lav evt. en backup af registreringsdatabasen, klik så på udbedre alle valgte problemer.  Kør et par gange, eller til der ikke er mere og komme efter.
Klik på OK, klik på Luk når den er færdig.
Genstart.

Hent Malwarebytes Anti-Malware www.spywarefri.dk/downloads1/mbam-setup.exe og tryk på Kør…

Installer programmet - når det er gjort skal du lade programmet opdatere sig.  Herefter åbner et vindue, hvor du skal flytte prikken til "Kør et fuldstændigt systemscan" - klik på Skan Knappen - lad programmet arbejde.  Når det er færdig (det tager lidt tid afhængig af hvor meget du har på computeren).

Derefter - Tryk på "Vis resultater" knappen efter scanningen - og herefter tryk på "Fjern det valgte" - nu åbnes log'en og du skal gemme den et sted, hvor du kan finde den igen.

OBS!!  Ovenstående scanning skal foretages som enkelt scanning for samtlige brugere på maskinen - det vil sige, at der skal logges ind på hver enkelt bruger og køres en scanning…

Kopier loggen herind, og så træffer vi beslutning om hvad der videre skal ske…

Endnu en gang tak. Jeg gjorde som du foreslog.
Her er loggen. Den fandt noget "Rogue".

---
Malwarebytes' Anti-Malware 1.38
Database version: 2402
Windows 5.1.2600 Service Pack 3

10-07-2009 13:15:12
mbam-log-2009-07-10 (13-15-12).txt

Skan type: Fuldstændig skanning (C:\|D:\|E:\|)
Objekter skannet: 344886
Tid tilbagelagt: 2 hour(s), 6 minute(s), 36 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 3

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
C:\Programmer\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Documents\qyrupelin.sys (Rogue.Trace) -> Delete on reboot.
C:\Documents and Settings\All Users\Documents\gosub._sy (Rogue.Trace) -> Delete on reboot.

Hent Combofix, og gem den i en mappe:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Åbn mappen med Combofix, højreklik, vælg Ny->tekstdokument, åbn tekstdokumentet, kopier følgende ind:

Killall::
Snapshot::

klik på Filer->Gem som, navngiv den CFScript, luk tekstdokumentet.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/billeder/cfscript.gif
Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Kopier den fremkomne log herind.

1. Hent nyeste version af HijackThis ned til skrivebordet.

2. Dobbeltklik på installationsfilen, og følg installationsvejledningen.

3. Dobbeltklik på det nye HijackThis ikon på skrivebordet.

4. På menuen der kommer op, klikker du på: Do a systemscan and save a logfile.

5. Efter et kort øjeblik åbner en logfil i notesblok, kopier teksten herind.

6. Hvis du ikke selv vælger at gemme loggen på skrivebordet, bliver den automatisk gemt på destinationen: C:/Programmer/hijackthis.log hvor du senere kan finde den.

http://sptlarsenserious.googlepages.com/HJT-sfx.exe


Når du vender tilbage - må du gerne fortælle om det har hjulpet…

Det har desværre ikke hjulpet. Her er loggen fra Combofix:
-----

ComboFix 09-07-12.03 - Christian 13-07-2009 11:09.1.2 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.45.1030.18.3071.2446 [GMT 2:00]
Kører fra: c:\documents and settings\Christian.CHRISTIAN-HP\Skrivebord\ComboFix.exe
Kommandoer benyttet :: c:\documents and settings\Christian.CHRISTIAN-HP\Skrivebord\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
* Dannede nyt systemgendannelsespunkt

advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !!
.

(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1097052321-1951037048-3065997745-500
c:\$recycle.bin\S-1-5-21-1320405479-1341835893-2631208090-500
c:\$recycle.bin\S-1-5-21-166919370-1766595596-3472230330-1003
c:\$recycle.bin\S-1-5-21-4061406591-3088950831-480582134-500
c:\programmer\Fælles filer\PagingSYS.dll
c:\windows\Installer\125539.msi
c:\windows\Installer\13c8fd.msi
c:\windows\Installer\13c902.msi
c:\windows\Installer\193ca.msi
c:\windows\Installer\1f96f.msi
c:\windows\Installer\1f974.msi
c:\windows\Installer\1f979.msi
c:\windows\Installer\1f97e.msi
c:\windows\Installer\1f983.msi
c:\windows\Installer\1f988.msi
c:\windows\Installer\1f98d.msi
c:\windows\Installer\1f992.msi
c:\windows\Installer\1f997.msi
c:\windows\Installer\1f99c.msi
c:\windows\Installer\1f9a1.msi
c:\windows\Installer\1f9a6.msi
c:\windows\Installer\1f9ab.msi
c:\windows\Installer\1f9b0.msi
c:\windows\Installer\1f9bc.msi
c:\windows\Installer\1f9c1.msi
c:\windows\Installer\20cef.msi
c:\windows\Installer\27ca4.msi
c:\windows\Installer\27cab.msi
c:\windows\Installer\27cb2.msi
c:\windows\Installer\27cd2.msi
c:\windows\Installer\3cb7f.msi
c:\windows\Installer\3cb82.msi
c:\windows\Installer\3cb8a.msi
c:\windows\Installer\3cb8d.msi
c:\windows\Installer\3cb92.msi
c:\windows\Installer\43c3d.msp
c:\windows\Installer\501a9.msi
c:\windows\Installer\501ae.msi
c:\windows\Installer\501b3.msi
c:\windows\Installer\501c2.msi
c:\windows\Installer\501c8.msi
c:\windows\Installer\501ce.msi
c:\windows\Installer\501d4.msi
c:\windows\Installer\501da.msi
c:\windows\Installer\501e0.msi
c:\windows\Installer\50269.msi
c:\windows\Installer\5026e.msi
c:\windows\Installer\50286.msi
c:\windows\Installer\5028b.msi
c:\windows\Installer\50291.msi
c:\windows\Installer\50298.msi
c:\windows\Installer\5029c.msi
c:\windows\Installer\502a1.msi
c:\windows\Installer\502a6.msi
c:\windows\Installer\502c5.msi
D:\Autorun.inf

.
(((((((((((((((((((((((((((((  Filer skabt fra 2009-06-13 til 2009-07-13  )))))))))))))))))))))))))))))))))))
.

2009-07-12 08:14 . 2009-07-12 08:14    41013    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\_\_crt_cyberstud.1b8f431ce9dfe38861b98045dc7bc82c.dll
2009-07-12 08:14 . 2009-07-12 08:14    114822    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\_\_crt_progcyberstud.e038aa28085a77aa97b543eea1b2f3b9.dll
2009-07-12 08:01 . 2009-07-12 08:01    229486    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\c\classicblackjack.cd8f07669d8ad1880944c3c957f8a558.dll
2009-07-11 11:35 . 2009-07-11 11:35    122880    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\t\type_3reelprogressive1_2.a0c5e56438d504531121ead802e24dcf.dll
2009-07-11 11:28 . 2009-07-11 11:28    135168    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\c\cashanovagetlucky_temp.b71b6ce6d93f57e6e8d79f64bfda39ca.dll
2009-07-11 11:28 . 2009-07-11 11:28    1032192    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\s\simplepickxofybonus_flightzone.4d281f29a7152da50722695b99821fe6.dll
2009-07-11 11:27 . 2009-07-11 11:27    159744    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\c\cashanovagetlucky.70edc0ef64acff9d67d53ba965b991b4.dll
2009-07-11 11:27 . 2009-07-11 11:27    434448    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\c\cashanovafreerangebonus.c80646018f801b82af1a85ac0f07ba46.dll
2009-07-11 11:25 . 2009-07-11 11:25    217360    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\c\cashanovafreerangebonus_temp.598336f9707e832cab943342026367f4.dll
2009-07-11 11:25 . 2009-07-11 11:25    1056768    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\s\simplepickuntilbonus_flightzone.1f65e9ffaab494fa7dea6b149ec7a671.dll
2009-07-11 11:15 . 2009-07-11 11:15    155648    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\b\bonuspaigowpoker.7a255497429caa23df774f47d3465136.dll
2009-07-11 11:13 . 2009-07-11 11:13    446736    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\h\hilowbonus.ecf70c1bd892c000f22ce30d5b0ba784.dll
2009-07-11 11:13 . 2009-07-11 11:13    483600    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\h\hilowbonus_tggg.10cdcb3e64c301c60db4d11d2d7781a4.dll
2009-07-11 11:13 . 2009-07-11 11:13    958464    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\h\hilowbonus_flightzone.1173d08d2670eede892e3adf07022f08.dll
2009-07-11 11:09 . 2009-07-11 11:09    655360    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\t\transition_flightzone.2d8aa10da872f1ac4a34a2122bf3c4b2.dll
2009-07-11 11:08 . 2009-07-11 11:08    233472    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\b\bjstrategyui1.5a2f52359fe99e4484435bbaf8f92b30.dll
2009-07-11 11:08 . 2009-07-11 11:08    225280    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\b\bjgoldautoplayplugin.9e04124b2f25d98a562d14260b995f0c.dll
2009-07-11 11:08 . 2009-07-11 11:08    589824    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\b\bjgoldplugin.30ebac308b430f373d22851023dddb58.dll
2009-07-11 11:08 . 2009-07-11 11:08    512000    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\b\bjgoldxxx.098a7b3de069b4b076bd8c2cc92131be.dll
2009-07-11 11:08 . 2009-07-11 11:08    147456    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\b\bjstrategylogic1.cae96e5e68740973929725d2ac549cc0.dll
2009-07-11 11:08 . 2009-07-11 11:08    233472    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\b\bjgoldstatsplugin.67546387f1af1fe46f021dbce8a072f4.dll
2009-07-11 11:06 . 2009-07-11 11:06    421888    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\l\lua51host.65f8dee3181dee3bfc68ab23c9f2782b.dll
2009-07-11 11:06 . 2009-07-11 11:06    245760    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\p\pokerride.0e46f0612786991e4a026d6c70ac2e93.dll
2009-07-11 11:02 . 2009-07-11 11:02    594192    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\s\snakesandladdersbonus.1b7d7437b87cc53b7a00c4efd2db679d.dll
2009-07-11 11:01 . 2009-07-11 11:01    1216512    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\a\advancedslots1xxx_flightzone.a761e5b6d3a2ea66d5501258ee2ed22b.dll
2009-07-11 11:01 . 2009-07-11 11:01    1626112    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\a\advancedslots1_flightzone.40d3a7b3fae72091b79e1759db110c70.dll
2009-07-11 11:01 . 2009-07-11 11:01    122880    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\x\xmlparserplugin_mt.7619c07631f1fc927d66a473e3f53a46.dll
2009-07-11 11:01 . 2009-07-11 11:01    602112    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\g\gamble2_flightzone.d149c5c0a243e45a82d87b40855052ab.dll
2009-07-10 08:58 . 2009-07-10 08:58    3561743    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-07-10 08:57 . 2009-07-10 08:57    --------    d-----w-    c:\documents and settings\Christian.CHRISTIAN-HP\Application Data\Malwarebytes
2009-07-10 08:57 . 2009-06-17 09:27    19096    ----a-w-    c:\winxp\system32\drivers\mbam.sys
2009-07-10 08:57 . 2009-06-17 09:27    38160    ----a-w-    c:\winxp\system32\drivers\mbamswissarmy.sys
2009-07-10 08:57 . 2009-07-10 08:57    --------    d-----w-    c:\documents and settings\All Users.WINXP\Application Data\Malwarebytes
2009-07-06 14:19 . 2009-07-06 14:19    --------    dc-h--w-    c:\winxp\ie8
2009-07-06 14:18 . 2009-04-30 21:15    12800    -c----w-    c:\winxp\system32\dllcache\xpshims.dll
2009-07-06 14:18 . 2009-04-30 21:15    246272    -c----w-    c:\winxp\system32\dllcache\ieproxy.dll
2009-07-05 18:02 . 2008-03-17 09:56    103168    ----a-w-    c:\winxp\system32\drivers\ewusbfake.sys
2009-07-05 18:02 . 2008-03-17 09:03    101376    ----a-w-    c:\winxp\system32\drivers\ewusbmdm.sys
2009-07-05 18:02 . 2008-03-16 12:47    872192    ----a-w-    c:\winxp\system32\drivers\mod7700.sys
2009-07-05 18:02 . 2008-01-22 13:09    100992    ----a-w-    c:\winxp\system32\drivers\ewusbnet.sys
2009-07-05 18:02 . 2007-08-09 02:13    24448    ----a-w-    c:\winxp\system32\drivers\ewdcsc.sys
2009-06-15 11:52 . 2009-03-24 12:43    43008    ----a-w-    c:\documents and settings\Christian.CHRISTIAN-HP\Application Data\Mozilla\Firefox\Profiles\dg9rn3p2.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metricsloader.dll
2009-06-15 11:52 . 2009-03-24 12:43    43008    ----a-w-    c:\documents and settings\Christian.CHRISTIAN-HP\Application Data\Mozilla\Firefox\Profiles\dg9rn3p2.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2009-06-15 11:52 . 2009-03-24 12:43    235520    ----a-w-    c:\documents and settings\Christian.CHRISTIAN-HP\Application Data\Mozilla\Firefox\Profiles\dg9rn3p2.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\metrics-ff2.dll
2009-06-15 11:52 . 2009-03-24 12:43    338432    ----a-w-    c:\documents and settings\Christian.CHRISTIAN-HP\Application Data\Mozilla\Firefox\Profiles\dg9rn3p2.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2009-06-15 11:52 . 2009-03-24 12:42    235008    ----a-w-    c:\documents and settings\Christian.CHRISTIAN-HP\Application Data\Mozilla\Firefox\Profiles\dg9rn3p2.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\metrics-ff3.dll
2009-06-15 11:52 . 2009-03-24 12:42    345088    ----a-w-    c:\documents and settings\Christian.CHRISTIAN-HP\Application Data\Mozilla\Firefox\Profiles\dg9rn3p2.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-13 08:20 . 2006-03-02 12:00    48318    ----a-w-    c:\winxp\system32\perfc006.dat
2009-07-13 08:20 . 2006-03-02 12:00    328102    ----a-w-    c:\winxp\system32\perfh006.dat
2009-07-12 08:38 . 2009-01-01 19:03    --------    d-----w-    c:\documents and settings\Christian.CHRISTIAN-HP\Application Data\dvdcss
2009-07-11 09:48 . 2008-10-09 17:46    --------    d-----w-    c:\documents and settings\Christian.CHRISTIAN-HP\Application Data\Skype
2009-07-10 09:06 . 2008-10-07 21:47    565339    ----a-w-    c:\winxp\system32\nvModes.dat
2009-07-10 08:27 . 2008-12-07 13:00    410984    ----a-w-    c:\winxp\system32\deploytk.dll
2009-07-10 08:25 . 2008-10-07 22:15    --------    d-----w-    c:\documents and settings\All Users.WINXP\Application Data\avg8
2009-06-25 12:06 . 2009-03-23 10:53    1    ----a-w-    c:\documents and settings\Christian.CHRISTIAN-HP\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-06-18 08:14 . 2008-10-07 22:15    27784    ----a-w-    c:\winxp\system32\drivers\avgmfx86.sys
2009-06-12 10:40 . 2008-10-07 22:15    327688    ----a-w-    c:\winxp\system32\drivers\avgldx86.sys
2009-06-03 15:22 . 2009-06-03 15:22    561424    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\s\simplepickuntilbonus_tggg.ca9a61a09a35dc0843cc68f532694746.dll
2009-06-03 15:20 . 2009-06-03 15:20    266512    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\t\transition_tggg.399218aff849d2e187d4554dd62a73b6.dll
2009-06-03 15:20 . 2009-06-03 15:20    262416    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\t\transition_temp.c6aaf42b66fa6688c8ea18a671984287.dll
2009-06-03 15:20 . 2009-06-03 15:20    225280    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\m\myslot.14d73c530d6c095843c7fbfb86364c4e.dll
2009-06-03 15:20 . 2009-06-03 15:20    421888    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\l\lua51host.4f93c8cce0c64b200821a73dd29068f6.dll
2009-06-03 15:18 . 2009-06-03 15:18    49152    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\b\bjstrategylogic1.0ce35352c4c4658d12c59ec38c70398a.dll
2009-06-03 15:18 . 2009-06-03 15:18    217088    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\b\bjgoldxxx.49c3810d214dd99c8c9a10ec7d79ed46.dll
2009-06-03 15:18 . 2009-06-03 15:18    126976    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\b\bjstrategyui1.044e0fc76ee8cda8665503293a47d38a.dll
2009-06-03 15:18 . 2009-06-03 15:18    327680    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\b\bjgoldplugin.77868ad6c41073f45be5eb8a5441c690.dll
2009-06-03 15:18 . 2009-06-03 15:18    102400    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\b\bjgoldstatsplugin.6518eac98880e1c269feffe4b0025ca1.dll
2009-06-03 15:18 . 2009-06-03 15:18    94208    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\b\bjgoldautoplayplugin.9eecf610ea29425ecba27ee4d82e5058.dll
2009-06-03 15:18 . 2009-06-03 15:18    225280    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\m\mhbjgoldxxx.042cb38dc856800dc292666302eb33ed.dll
2009-06-03 15:18 . 2009-06-03 15:18    126976    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\m\mhbjstrategyui1.95a00a7e6658ab8736067b646ccd9783.dll
2009-06-03 15:18 . 2009-06-03 15:18    413696    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\m\mhbjgoldplugin.5d832144ec1b88e6caeb7446bbe13d54.dll
2009-06-03 15:17 . 2009-06-03 15:17    412685    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\g\goldseries_roulette.1edb0f45625215829abaaca345d96e06.dll
2009-06-03 15:17 . 2009-06-03 15:17    53342    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\b\blplugin.43df87da33698c32bca7a2698484452d.dll
2009-06-03 15:17 . 2009-06-03 15:17    163840    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\g\goldseries_euroroulette.c04add4a4ccdfa99acf5bc9050a74d69.dll
2009-06-03 15:16 . 2009-06-03 15:16    303204    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\m\mpvblackjackplugin.49e5f42fbdf0e1e2df5232e5ea419897.dll
2009-06-03 15:16 . 2009-06-03 15:16    311398    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\m\mpvblackjacktourxxx.e4ccb563efd75763602af7373fbd8cec.dll
2009-06-03 15:16 . 2009-06-03 15:16    327784    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\m\mpvtabletournamentlobby.fea1be7b63b308e9fdb6e8d4bd356052.dll
2009-05-29 17:21 . 2009-05-29 17:21    152576    ----a-w-    c:\documents and settings\Christian.CHRISTIAN-HP\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-05-15 13:30 . 2009-05-15 13:30    213264    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\c\choosebonus.df815bbfb8ae7a29a353f0ae65e4af17.dll
2009-05-15 13:30 . 2009-05-15 13:30    323856    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\h\hitmancontractbonus.339a969d902930975b3194643e289fc9.dll
2009-05-15 13:28 . 2009-05-15 13:28    524560    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\s\simplepickxofybonus_tggg.f8ba0ccac248b6026b2705996790640a.dll
2009-05-15 13:09 . 2009-05-15 13:09    1904753    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\a\advancedslots1_tggg.6e62948f458013fa99694cc031068e8a.dll
2009-05-15 13:09 . 2009-05-15 13:09    823568    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\a\advancedslots1_temp2.198f2a88c7f89c1d0b1ded39e546e22b.dll
2009-05-15 13:09 . 2009-05-15 13:09    909584    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\a\advancedslots1_temp.05f0b16a67acb189be99508aa088d348.dll
2009-05-15 13:09 . 2009-05-15 13:09    1249399    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\a\advancedslots1xxx_tggg.a33335318f7b89139ecd4652b6e8c4b9.dll
2009-05-15 13:09 . 2009-05-15 13:09    672016    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\a\advancedslots1xxx_temp.20587ea0b10b8a6428639d5dfe4fb9c2.dll
2009-05-15 13:09 . 2009-05-15 13:09    307472    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\g\gamble2_tggg.436ea9e59e2a2b9a2106e598920cba26.dll
2009-05-15 13:09 . 2009-05-15 13:09    221456    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\g\gamble2_temp.5a22e38498bf34a124cc458bf6408ad3.dll
2009-05-15 13:09 . 2009-05-15 13:09    367747    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\m\mptleaderboard.91fac472d1ff352976950258719d35a2.dll
2009-05-15 13:02 . 2009-05-15 13:02    413696    ----a-w-    c:\documents and settings\All Users.WINXP\Application Data\MGS\cache\m\menucore.9037a298ee3e59ea5a655d88569c2b77.dll
2009-05-13 05:05 . 2006-03-02 12:00    915456    ----a-w-    c:\winxp\system32\wininet.dll
2009-05-12 09:24 . 2008-10-07 22:15    11952    ----a-w-    c:\winxp\system32\avgrsstx.dll
2009-05-07 15:33 . 2006-03-02 12:00    346624    ------w-    c:\winxp\system32\localspl.dll
2009-04-29 14:42 . 2009-01-26 13:19    0    ----a-w-    c:\documents and settings\Christian.CHRISTIAN-HP\temp.dat
2009-04-19 19:50 . 2006-03-02 12:00    1847168    ------w-    c:\winxp\system32\win32k.sys
2009-04-15 14:53 . 2006-03-02 12:00    585216    ----a-w-    c:\winxp\system32\rpcrt4.dll
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\winxp\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\programmer\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"swg"="c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-10 68856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320]
"Simp"="c:\programmer\Secway\SimpLite-MSN 2.2\SimpLite-MSN.exe" [2009-01-07 2078208]
"ISUSPM"="c:\documents and settings\All Users.WINXP\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"ICQ"="c:\programmer\ICQ6.5\ICQ.exe" [2009-03-01 172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PTHOSTTR"="c:\programmer\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]
"IFXSPMGT"="c:\winxp\system32\ifxspmgt.exe" [2007-02-15 677408]
"SynTPEnh"="c:\programmer\Synaptics\SynTP\SynTPEnh.exe" [2007-06-07 827392]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-12 1948440]
"Adobe Reader Speed Launcher"="c:\programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SoundMAXPnP"="c:\programmer\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"NvCplDaemon"="c:\winxp\system32\NvCpl.dll" [2008-01-02 8527872]
"Matrox PowerDesk SE"="c:\programmer\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe" [2008-12-03 3091712]
"SunJavaUpdateSched"="c:\programmer\Java\jre6\bin\jusched.exe" [2009-07-10 148888]
"nwiz"="nwiz.exe" - c:\winxp\system32\nwiz.exe [2008-01-02 1626112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\winxp\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users.WINXP\Menuen Start\Programmer\Start\
Adobe Gamma Loader.lnk - c:\programmer\F‘lles filer\Adobe\Calibration\Adobe Gamma Loader.exe [2008-10-7 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2007-02-07 01:30    74240    ----a-r-    c:\programmer\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-12 09:24    11952    ----a-w-    c:\winxp\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\winxp\system32\APSHook.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages    REG_MULTI_SZ      SbHpNp scecli ASWLNPkg

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Secway\\SimpLite-MSN 2.2\\SimpLite-MSN.exe"=
"c:\\Program Files\\WS_FTP\\WS_FTP95.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 SafeBoot;SafeBoot;c:\winxp\system32\drivers\SafeBoot.sys [26-04-2007 19:23 100095]
R0 SbAlg;SbAlg;c:\winxp\system32\drivers\SbAlg.sys [09-10-2006 13:31 44720]
R0 SbFsLock;SbFsLock;c:\winxp\system32\drivers\SbFsLock.sys [29-03-2007 16:54 13696]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\winxp\system32\drivers\avgldx86.sys [08-10-2008 00:15 327688]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\winxp\system32\drivers\psd.sys [23-01-2007 22:07 39080]
R1 RsvLock;RsvLock;c:\winxp\system32\drivers\rsvlock.sys [26-04-2007 19:23 5808]
R2 ASBroker;Logon Session Broker;c:\winxp\System32\svchost.exe -k Cognizance [02-03-2006 14:00 14336]
R2 ASChannel;Local Communication Channel;c:\winxp\System32\svchost.exe -k Cognizance [02-03-2006 14:00 14336]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [08-10-2008 00:15 298776]
R2 HpFkCryptService;Drive Encryption Service;c:\programmer\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [27-04-2007 10:58 221184]
R2 Matrox Centering Service;Matrox Centering Service;c:\programmer\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe [08-09-2008 23:10 1257992]
R2 Matrox.Pdesk.ServicesHost;Matrox.Pdesk.ServicesHost;c:\programmer\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe [03-12-2008 12:00 323840]
R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\programmer\Intel\AMT\UNS.exe [07-10-2008 23:15 1489688]
R3 IFXTPM;IFXTPM;c:\winxp\system32\drivers\ifxtpm.sys [07-10-2008 23:17 36608]
R3 rismc32;RICOH Smart Card Reader;c:\winxp\system32\drivers\rismc32.sys [07-10-2008 23:22 47616]
S3 StumbleUponUpdateService;StumbleUponUpdateService;c:\programmer\StumbleUpon\StumbleUponUpdateService.exe [12-04-2009 20:19 120168]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance    REG_MULTI_SZ      ASBroker ASChannel

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\winxp\system32\rundll32.exe" "c:\winxp\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
- - - - TOMME GENVEJE FJERNET - - - -

HKLM-Run-CognizanceTS - (no file)


.
------- Yderligere scanning -------
.
uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE: E&xport to Microsoft Excel - c:\programmer\Microsoft Office\OFFICE11\EXCEL.EXE/3000
IE: Send til &Bluetooth-enhed... - c:\programmer\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: StumbleUpon PhotoBlog It! - StumbleUponIEBar.dll/blogimage
IE: {{A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - c:\poker\CDPoker\casino.exe
IE: {{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - c:\programmer\PartyGaming\PartyCasino\RunApp.exe
DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://danid.dk/csp/authenticode/tdccsp-0506.exe
DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab
FF - ProfilePath - c:\documents and settings\Christian.CHRISTIAN-HP\Application Data\Mozilla\Firefox\Profiles\dg9rn3p2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.deezer.com/

---- FIREFOX POLITIKKER ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota",      5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history",    true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata",    true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads",  true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies",    true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache",      true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions",    true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history",                true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata",                true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords",              false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads",              true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies",                true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache",                  true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions",                true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps",            false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings",            false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs",    false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-13 11:17
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'winlogon.exe'(960)
c:\programmer\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
c:\programmer\Hewlett-Packard\IAM\bin\ItMsg.dll
c:\winxp\SbHpNp.DLL
c:\programmer\Hewlett-Packard\IAM\Bin\TrayIcon.dll
c:\programmer\Hewlett-Packard\IAM\bin\HPBrand.dll
c:\programmer\Hewlett-Packard\IAM\Bin\ASChnl.dll

- - - - - - - > 'lsass.exe'(1016)
c:\winxp\SbHpNp.dll
c:\programmer\Hewlett-Packard\IAM\bin\ASWLNPkg.dll
c:\programmer\Hewlett-Packard\IAM\bin\ItMsg.dll

- - - - - - - > 'explorer.exe'(3620)
c:\winxp\system32\APSHook.dll
c:\programmer\Secway\SimpLite-MSN 2.2\Plugins\WinsockHookDLL.dll
c:\winxp\system32\webcheck.dll
c:\winxp\system32\WPDShServiceObj.dll
c:\winxp\system32\btncopy.dll
c:\winxp\system32\PortableDeviceTypes.dll
c:\winxp\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
c:\winxp\system32\scardsvr.exe
c:\program files\Hewlett-Packard\IAM\Bin\asghost.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\program files\Intel\AMT\ATCHKSRV.EXE
c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
c:\program files\Analog Devices\Core\smax4pnp.exe
c:\program files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe
c:\program files\Java\jre6\bin\jusched.exe
c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
c:\winxp\system32\IFXTCS.exe
c:\program files\Secway\SimpLite-MSN 2.2\SimpLite-MSN.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\users\All Users.WINXP\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\program files\Intel\AMT\LMS.EXE
c:\program files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe
c:\program files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\winxp\system32\nvsvc32.exe
c:\winxp\system32\IfxPsdSv.exe
c:\program files\Intel\AMT\UNS.EXE
c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files\Windows Live\Messenger\msnmsgr.exe
c:\program files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
.
**************************************************************************
.
Gennemført tid: 2009-07-13 11:19 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2009-07-13 09:19

Pre-Kørsel: 190.748.917.760 byte ledig
Post-Kørsel: 190.649.917.440 byte ledig

366    --- E O F ---    2009-06-12 10:43

-----

og loggen fra Hijackthis:

-----
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:25:50, on 13-07-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\system32\svchost.exe
C:\Programmer\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\system32\spoolsv.exe
C:\Programmer\Hewlett-Packard\IAM\bin\asghost.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\Programmer\Intel\AMT\atchksrv.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Programmer\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmer\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe
C:\Programmer\Java\jre6\bin\jusched.exe
C:\WINXP\system32\ctfmon.exe
C:\WINXP\system32\ifxspmgt.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINXP\system32\ifxtcs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Programmer\Secway\SimpLite-MSN 2.2\SimpLite-MSN.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Documents and Settings\All Users.WINXP\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Programmer\Intel\AMT\LMS.exe
C:\Programmer\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe
C:\Programmer\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINXP\system32\nvsvc32.exe
C:\WINXP\system32\IfxPsdSv.exe
C:\WINXP\system32\svchost.exe
C:\Programmer\Intel\AMT\UNS.exe
C:\Programmer\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Programmer\Windows Live\Messenger\msnmsgr.exe
C:\Programmer\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Programmer\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [PTHOSTTR] C:\Programmer\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [IFXSPMGT] C:\WINXP\system32\ifxspmgt.exe /NotifyLogon
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmer\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINXP\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Matrox PowerDesk SE] "C:\Programmer\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINXP\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\Windows Live\Messenger\msnmsgr.exe"
O4 - HKCU\..\Run: [swg] C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Simp] C:\Programmer\Secway\SimpLite-MSN 2.2\SimpLite-MSN.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users.WINXP\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ICQ] "C:\Programmer\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Programmer\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send til &Bluetooth-enhed... - C:\Programmer\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmer\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programmer\PartyGaming\PartyCasino\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programmer\PartyGaming\PartyCasino\RunApp.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmer\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmer\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programmer\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programmer\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra button: Expekt - 0FD19BAE-DA5E-41DB-BE9C-E444B023226B - C:\Microgaming\Casino\Expekt\Casinogame.exe (HKCU)
O9 - Extra button: InterCasino $$$ - {909AAEB6-C2CB-4AB5-A7BB-C33B72AB4BFB} - C:\Documents and Settings\Christian.CHRISTIAN-HP\Skrivebord\InterCasino $$$.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: InterCasino $$$ - {909AAEB6-C2CB-4AB5-A7BB-C33B72AB4BFB} - C:\Documents and Settings\Christian.CHRISTIAN-HP\Skrivebord\InterCasino $$$.lnk (file missing) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1223417855062
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://danid.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Programmer\WOT\WOT.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programmer\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\WINXP\system32\APSHook.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINXP\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: OneCard - C:\Programmer\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Programmer\Intel\AMT\atchksrv.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - C:\Programmer\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programmer\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINXP\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINXP\system32\ifxtcs.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Programmer\Intel\AMT\LMS.exe
O23 - Service: Matrox Centering Service - Matrox Graphics Inc. - C:\Programmer\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe
O23 - Service: Matrox.Pdesk.ServicesHost - Matrox Graphics Inc. - C:\Programmer\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINXP\system32\nvsvc32.exe
O23 - Service: Personal Secure Drive service (PersonalSecureDriveService) - Infineon Technologies AG - C:\WINXP\system32\IfxPsdSv.exe
O23 - Service: StumbleUponUpdateService - stumbleupon.com - C:\Programmer\StumbleUpon\StumbleUponUpdateService.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Programmer\Intel\AMT\UNS.exe

--
End of file - 10287 bytes

Der er ikke noget at komme efter.

Prøv dette:
Klik på Start->Kør skriv SFC /scannow(bemærk mellemrum), klik OK.
Din XP-CD skal sidde i drevet.
Når den er færdig, genstart, se om det hjalp.

Det hjalp desværre ikke...

Nogle andre forslag?

Ingen andre forslag til hvordan problemet kan løses?
Jeg vil meget gerne tilbyde flere point for et svar, men jeg ved bare ikke hvordan jeg gør...

Lidt generelle småtricks til HP computeres.

HP har lavet et system hvor man kan checke sin HP PC…

Gå på denne side > http://welcome.hp.com/country/dk/da/welcome.html

1. Klik på > drivere og software
2. Skriv så dit produktnavn eller nummer i tekstfeltet og > tryk på pilen.
3. Klik på > diagnose problems or chat
4. Klik på > online diagnostic tools
5. Klik på > accept

Vælg så region, land og produkt, tryk > Næst og Kør programmet.

Virker ovenstående ikke, så prøv her > http://h50203.www5.hp.com/hpisweb/customer/HPInstantsupport.aspx

Nu kommer der et scan resultat der fortæller din hvordan din PC har det samt hvad du skal gøre

Support og Drivere .
http://welcome.hp.com/country/dk/da/support.html
Her markerer du Download drivere og software, finder og indsætter Pc'en model, vælger sprog og dit styresystem.

Sådan laver du din egen Recovery DVD.
http://h10025.www1.hp.com/ewfrf/wc/document?docname=c00814731&lc=en&cc=us&dlc=en&product=3544798&rule=22435&lang=en

Sådan bruger du Recovery DVD'en.
http://h10025.www1.hp.com/ewfrf/wc/document?lc=en&dlc=en&cc=us&docname=bph07145#bph07145_cp

Bestilling af complet Recovery DVD sæt.
http://da.best2serve.com/?show_flow=RCD&land=DK&lang=da&sapos_keyword=446537-DH2&product_id=12307&category_id=1124

Fix til SP3
http://h10025.www1.hp.com/ewfrf/wc/genericSoftwareDownloadIndex?cc=dk&dlc=da&lc=da&softwareitem=pv-60484-2&jumpid=reg_R1002_DKDA

Anvendelse af HP Backup og Recovery Manager
http://h10025.www1.hp.com/ewfrf/wc/document?docname=c01778684&cc=dk&dlc=da&lc=da&jumpid=reg_R1002_DKDA#RecoverOS

God arbejdslyst.