Kandu.dk - Hjælp til HijackThis


/ Forside/ Teknologi / Hardware / Pc'er / Spørgsmål

Glemt dit kodeord?

Brugernavn*

Kodeord *

Husk mig

Brugerservice

Kom godt i gang

Bliv medlem

Seneste indlæg

Find en bruger

Stil et spørgsmål

Skriv et tip

Fortæl en ven

Pointsystemet

Kontakt Kandu.dk

Emnevisning

Kategorier

Alfabetisk

Karriere

Interesser

Teknologi

Reklame

Top 10 brugere

Pc'er

#	Navn	Point
1	Klaudi	48441
2	o.v.n.	40523
3	refi	29114
4	Fijala	19253
5	molokyle	16243
6	webnoob	14995
7	Brassovit..	12463
8	peet49	11383
9	EXTERMINA..	10755
10	severino	10622

Hjælp til HijackThis
Fra : Er ikke online

valdera

Vist : 575 gange
300 point
Dato : 11-03-07 10:13

Hej
Jeg har af andre på kandu fortalt at det hjælper at få min pc til at gå hurtigere
med hjælp fra en expert. Feks Sti_s og jeg vil være glad hvis det er rigtig
Hilsen Valder
-------------------------------------------------------------------------------

NB. det computeren er mest langsom med er når den skal skifte fra et ikon til et andet.

Logfile of HijackThis v1.99.1
Scan saved at 09:47:25, on 10-03-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\csrss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\Ati2evxx.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\Programmer\Ahead\InCD\InCDsrv.exe
C:\Programmer\Norman\npm\bin\nvoy.exe
G:\WINDOWS\system32\Ati2evxx.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\System32\svchost.exe
C:\Programmer\Norman\npf\bin\npfsvc32.exe
G:\WINDOWS\system32\brsvc01a.exe
G:\WINDOWS\system32\spoolsv.exe
G:\WINDOWS\system32\brss01a.exe
C:\Programmer\Norman\npm\Bin\Zanda.exe
G:\WINDOWS\system32\pctspk.exe
G:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\wdfmgr.exe
C:\Programmer\Norman\npc\bin\npcsvc32.exe
C:\Programmer\Norman\npm\bin\NJEEVES.EXE
C:\Programmer\Norman\Nvc\bin\nvcoas.exe
C:\Programmer\Norman\npm\bin\ZLH.EXE
G:\WINDOWS\system32\usbtapnp.exe
G:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
G:\WINDOWS\system32\hphmon04.exe
G:\Programmer\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
G:\Programmer\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
G:\Programmer\Creative\Audio2K\PROGRAM\CTMIX32.EXE
G:\WINDOWS\System32\alg.exe
G:\Programmer\Analog Devices\SoundMAX\SMTray.exe
G:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
G:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
G:\Programmer\Ahead\InCD\InCD.exe
C:\Programmer\Norman\npc\bin\nuaa.exe
G:\Programmer\Java\jre1.5.0_10\bin\jusched.exe
G:\Programmer\ScanSoft\PaperPort\pptd40nt.exe
G:\Programmer\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
G:\Programmer\Brother\ControlCenter2\brctrcen.exe
G:\Programmer\Macrogaming\SweetIM\SweetIM.exe
G:\Programmer\SPAMfighter\SFAgent.exe
G:\Programmer\SPYWAREfighter\spftray.exe
G:\Programmer\Messenger\msmsgs.exe
G:\Programmer\LiveUpdate\LiveUpdate.exe
C:\Programmer\Norman\nvc\BIN\NIP.EXE
C:\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
G:\Programmer\SPYWAREfighter\spfprc.exe
G:\Programmer\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Programmer\Norman\nvc\bin\cclaw.exe
G:\Programmer\Brother\Brmfcmon\BrMfcWnd.exe
G:\Programmer\Brother\Brmfcmon\BrMfcmon.exe
G:\Programmer\Outlook Express\msimn.exe
G:\Programmer\Internet Explorer\iexplore.exe
G:\Programmer\HJTrenamed.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - G:\Programmer\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - g:\programmer\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - G:\Programmer\Windows Live Toolbar\msntb.dll
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - G:\Programmer\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - G:\Programmer\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - g:\programmer\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Norman ZANDA] C:\Programmer\Norman\npm\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [USBTA] G:\WINDOWS\system32\usbtapnp.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] G:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [HPHmon04] G:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "G:\Programmer\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] G:\Programmer\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [CamMonitor] G:\Programmer\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [CreativeMixer] G:\Programmer\Creative\Audio2K\PROGRAM\CTMIX32.EXE /t
O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Smapp] G:\Programmer\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [ATIPTA] G:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RemoteControl] G:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [InCD] G:\Programmer\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [BearShare] "G:\Programmer\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Programmer\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [NI.UERSK_0001_N68M2202] "G:\Documents and Settings\Valder&Birthe\Lokale indstillinger\Temporary Internet Files\Content.IE5\A1HUNQXG\ErrorSafeFreeInstall_dk[1].exe" -nag
O4 - HKLM\..\Run: [NPCTray] C:\Programmer\Norman\npc\bin\npc_tray.exe /LOAD
O4 - HKLM\..\Run: [SSBkgdUpdate] "G:\Programmer\Fælles filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] G:\Programmer\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] G:\Programmer\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] G:\Programmer\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] G:\Programmer\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [muBlinder] G:\Documents and Settings\Valder&Birthe\Lokale indstillinger\Temp\Rar$EX00.822\muBlinder.exe -startup
O4 - HKLM\..\Run: [SweetIM] G:\Programmer\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [SPAMfighter Agent] "G:\Programmer\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [spywarefighterguard] G:\Programmer\SPYWAREfighter\spftray.exe
O4 - HKCU\..\Run: [MSMSGS] "G:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BTCLiveUpdate] "G:\Programmer\LiveUpdate\LiveUpdate.exe" /autostart
O4 - HKCU\..\Run: [LDM] C:\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [NBJ] "G:\Programmer\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [SweetIM] G:\Programmer\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [swg] G:\Programmer\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = ?
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = G:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Statusmonitor.lnk = G:\Programmer\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: &Windows Live Search - res://G:\Programmer\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Åbn på ny baggrundsfane - res://G:\Programmer\Windows Live Toolbar\Components\da-dk\msntabres.dll.mui/229?c133c82c889a43dda8931c597307336c
O8 - Extra context menu item: Åbn på ny forgrundsfane - res://G:\Programmer\Windows Live Toolbar\Components\da-dk\msntabres.dll.mui/230?c133c82c889a43dda8931c597307336c
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Programmer\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\programmer\norman\npc\bin\nlf.dll
O10 - Unknown file in Winsock LSP: c:\programmer\norman\npc\bin\nlf.dll
O10 - Unknown file in Winsock LSP: c:\programmer\norman\npc\bin\nlf.dll
O10 - Unknown file in Winsock LSP: c:\programmer\norman\npc\bin\nlf.dll
O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.tvlution.com/KooPlayer.ocx
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://kort.frederikshavn.dk/plugin/mgaxctrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1111868230736
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CS1\Services\Tcpip\..\{2F2F3726-CA02-44BC-B696-76BEDA89A763}: NameServer = 194.239.134.83,193.162.153.164
O18 - Protocol: bw+0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - G:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - G:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {03D24A47-E60F-4906-BF44-1CC007385465} - C:\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - G:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - G:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - G:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - G:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - G:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - G:\Programmer\Ahead\InCD\InCDsrv.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Programmer\Norman\npm\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Programmer\Norman\npm\Bin\Zanda.exe
O23 - Service: Norman Parental Control (NPC) - Norman ASA - C:\Programmer\Norman\npc\bin\npcsvc32.exe
O23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman ASA - C:\Programmer\Norman\npf\bin\npfsvc32.exe
O23 - Service: Norman User Activity Agent (NUAA) - Norman ASA - C:\Programmer\Norman\npc\bin\nuaa.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Programmer\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - C:\Programmer\Norman\Nvc\BIN\NVCSCHED.EXE (file missing)
O23 - Service: Norman V.O.Y. (NVOY) - Norman ASA - C:\Programmer\Norman\npm\bin\nvoy.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - G:\WINDOWS\system32\pctspk.exe
O23 - Service: Pml Driver HPH11 - HP - G:\WINDOWS\system32\HPHipm11.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - G:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SPYWAREfighterRP - SpamFighter APS - G:\Programmer\SPYWAREfighter\spfprc.exe

Kommentar
Fra : Er ikke online

miritdk

Dato : 11-03-07 10:40

med lidt tålmodighed dukker stl_s nok op før eller senere - du kan med held træffe ham her også

http://www.malwarecheck.dk/forum/

Glad

Kommentar
Fra : Er ikke online

fooler

Dato : 11-03-07 11:31

Skynd dig at gå ind på www.spywarefri.dk og ret dig som bruger inde i deres forum, så får du hjælp med det samme.

Kommentar
Fra : Er ikke online

metteto

Dato : 11-03-07 13:29

Hej Valdera

Så komdu så langt. stl_s har idag åbnet sit eget site, det som dova henviser til.
Det vidste jeg ikke.
Gå derind. Opret dig som bruger og læg din hijackthis-log til redaktøren=stl_s
Jeg beklager,jegikkevar opdateret.

Kommentar
Fra : Er ikke online

refi

Dato : 11-03-07 13:29

Neeej....

Vent du nu bare som vi foreslog i dit andet spørgsmål....

Stl_s skal nok dukke op..... Blink

Kommentar
Fra : Er ikke online

fooler

Dato : 11-03-07 15:30

Hvorfor vente på en skal dukke op, hvis man kan få det fikset et andet sted med det samme.

Kommentar
Fra : Er ikke online

miritdk

Dato : 11-03-07 15:43

fooler hvorfor i alverden skulle spørger ikke vente på kvalificeret hjælp ???? Synes din holdning er temmelig underlig - Valdera har tilsyneladende fået et tip fra en anden bruger der kender stl_s kompetence - hvorfor modarbejder du så ???

Der er svaret udemærket til både at vente på stl_s der måske ikke er hjemme lige nu - eller metteto´s udemærkede link .

Sur

Kommentar
Fra : Er ikke online

stl_s

Dato : 11-03-07 17:25

Hej valdera.

Jeg vil foreslå at du afinstallerer Logitech Desktop Messenger. Den sluger ressourcer, og er ganske unyttig (mener jeg).

Du har også lidt "snavs". Jeg vil foreslå at du kører Trin 1 - 4 og 5 herfra http://www.malwarecheck.dk/forum/viewtopic.php?t=11

Og kun de tre trin, ind til videre.

Tag en genstart, og kom med en frisk HijackThis log bagefter.

Kommentar
Fra : Er ikke online

metteto

Dato : 11-03-07 21:39

Så Valder, nu er du i sikre hænder.
Håber det løser dit problem.
KH Mette

Kommentar
Fra : Er ikke online

valdera

Dato : 11-03-07 23:22

Hej Sti_s
Dejlig du vil hjælpe mig
Nu skulle det være klaret. Hvad så ?
Hvad mener du så der kan gøres
MVH Valder

Logfile of HijackThis v1.99.1
Scan saved at 23:09:45, on 11-03-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\csrss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\Ati2evxx.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\Programmer\Ahead\InCD\InCDsrv.exe
C:\Programmer\Norman\npm\bin\nvoy.exe
G:\WINDOWS\system32\Ati2evxx.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\System32\svchost.exe
C:\Programmer\Norman\npf\bin\npfsvc32.exe
G:\WINDOWS\system32\brsvc01a.exe
G:\WINDOWS\system32\brss01a.exe
G:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Norman\npm\bin\ZLH.EXE
G:\WINDOWS\system32\usbtapnp.exe
G:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
G:\WINDOWS\system32\hphmon04.exe
G:\Programmer\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
G:\Programmer\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
G:\Programmer\Creative\Audio2K\PROGRAM\CTMIX32.EXE
G:\Programmer\Analog Devices\SoundMAX\SMTray.exe
G:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
G:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
G:\Programmer\Ahead\InCD\InCD.exe
G:\Programmer\Java\jre1.5.0_10\bin\jusched.exe
G:\Programmer\ScanSoft\PaperPort\pptd40nt.exe
G:\Programmer\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
G:\Programmer\Brother\ControlCenter2\brctrcen.exe
G:\Programmer\SPAMfighter\SFAgent.exe
G:\Programmer\SPYWAREfighter\spftray.exe
G:\Programmer\Messenger\msmsgs.exe
G:\Programmer\LiveUpdate\LiveUpdate.exe
G:\Programmer\Macrogaming\SweetIM\SweetIM.exe
G:\Programmer\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
G:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
G:\Programmer\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Programmer\Norman\npm\Bin\Zanda.exe
G:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
G:\Programmer\Brother\Brmfcmon\BrMfcWnd.exe
G:\WINDOWS\system32\pctspk.exe
G:\Programmer\Brother\Brmfcmon\BrMfcmon.exe
C:\Programmer\Norman\nvc\BIN\NIP.EXE
G:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\wdfmgr.exe
G:\WINDOWS\system32\msiexec.exe
G:\Programmer\SPYWAREfighter\spfprc.exe
C:\Programmer\Norman\npm\bin\NJEEVES.EXE
C:\Programmer\Norman\npc\bin\npcsvc32.exe
C:\Programmer\Norman\Nvc\bin\nvcoas.exe
G:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Programmer\Norman\npc\bin\nuaa.exe
G:\WINDOWS\System32\alg.exe
C:\Programmer\Norman\nvc\bin\cclaw.exe
G:\WINDOWS\system32\wuauclt.exe
G:\Programmer\HJTrenamed.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - G:\Programmer\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - g:\programmer\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - G:\Programmer\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - G:\Programmer\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - g:\programmer\google\googletoolbar3.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - G:\Programmer\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Norman ZANDA] C:\Programmer\Norman\npm\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [USBTA] G:\WINDOWS\system32\usbtapnp.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] G:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [HPHmon04] G:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "G:\Programmer\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] G:\Programmer\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [CamMonitor] G:\Programmer\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [CreativeMixer] G:\Programmer\Creative\Audio2K\PROGRAM\CTMIX32.EXE /t
O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Smapp] G:\Programmer\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [ATIPTA] G:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RemoteControl] G:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [InCD] G:\Programmer\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [BearShare] "G:\Programmer\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Programmer\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [NI.UERSK_0001_N68M2202] "G:\Documents and Settings\Valder&Birthe\Lokale indstillinger\Temporary Internet Files\Content.IE5\A1HUNQXG\ErrorSafeFreeInstall_dk[1].exe" -nag
O4 - HKLM\..\Run: [NPCTray] C:\Programmer\Norman\npc\bin\npc_tray.exe /LOAD
O4 - HKLM\..\Run: [SSBkgdUpdate] "G:\Programmer\Fælles filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] G:\Programmer\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] G:\Programmer\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] G:\Programmer\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] G:\Programmer\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [muBlinder] G:\Documents and Settings\Valder&Birthe\Lokale indstillinger\Temp\Rar$EX00.822\muBlinder.exe -startup
O4 - HKLM\..\Run: [SweetIM] G:\Programmer\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [SPAMfighter Agent] "G:\Programmer\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [spywarefighterguard] G:\Programmer\SPYWAREfighter\spftray.exe
O4 - HKCU\..\Run: [MSMSGS] "G:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BTCLiveUpdate] "G:\Programmer\LiveUpdate\LiveUpdate.exe" /autostart
O4 - HKCU\..\Run: [NBJ] "G:\Programmer\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [SweetIM] G:\Programmer\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [swg] G:\Programmer\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] G:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [RoboForm] "G:\Programmer\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = ?
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = G:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Statusmonitor.lnk = G:\Programmer\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: &Windows Live Search - res://G:\Programmer\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Gem formularer - file://G:\Programmer\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: RF værktøjslinie - file://G:\Programmer\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Tilpas RF menu - file://G:\Programmer\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Udfyld formularer - file://G:\Programmer\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Åbn på ny baggrundsfane - res://G:\Programmer\Windows Live Toolbar\Components\da-dk\msntabres.dll.mui/229?c133c82c889a43dda8931c597307336c
O8 - Extra context menu item: Åbn på ny forgrundsfane - res://G:\Programmer\Windows Live Toolbar\Components\da-dk\msntabres.dll.mui/230?c133c82c889a43dda8931c597307336c
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Udfyld - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://G:\Programmer\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Udfyld formularer - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://G:\Programmer\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Gem - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://G:\Programmer\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Gem formularer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://G:\Programmer\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://G:\Programmer\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RF værktøjslinie - {724d43aa-0d85-11d4-9908-00400523e39a} - file://G:\Programmer\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Programmer\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\programmer\norman\npc\bin\nlf.dll
O10 - Unknown file in Winsock LSP: c:\programmer\norman\npc\bin\nlf.dll
O10 - Unknown file in Winsock LSP: c:\programmer\norman\npc\bin\nlf.dll
O10 - Unknown file in Winsock LSP: c:\programmer\norman\npc\bin\nlf.dll
O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.tvlution.com/KooPlayer.ocx
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://kort.frederikshavn.dk/plugin/mgaxctrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1111868230736
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CS1\Services\Tcpip\..\{2F2F3726-CA02-44BC-B696-76BEDA89A763}: NameServer = 194.239.134.83,193.162.153.164
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - G:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - G:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - G:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - G:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - G:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - G:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - G:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - G:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - G:\Programmer\Ahead\InCD\InCDsrv.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Programmer\Norman\npm\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Programmer\Norman\npm\Bin\Zanda.exe
O23 - Service: Norman Parental Control (NPC) - Norman ASA - C:\Programmer\Norman\npc\bin\npcsvc32.exe
O23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman ASA - C:\Programmer\Norman\npf\bin\npfsvc32.exe
O23 - Service: Norman User Activity Agent (NUAA) - Norman ASA - C:\Programmer\Norman\npc\bin\nuaa.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Programmer\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - C:\Programmer\Norman\Nvc\BIN\NVCSCHED.EXE (file missing)
O23 - Service: Norman V.O.Y. (NVOY) - Norman ASA - C:\Programmer\Norman\npm\bin\nvoy.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - G:\WINDOWS\system32\pctspk.exe
O23 - Service: Pml Driver HPH11 - HP - G:\WINDOWS\system32\HPHipm11.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - G:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SPYWAREfighterRP - SpamFighter APS - G:\Programmer\SPYWAREfighter\spfprc.exe

Kommentar
Fra : Er ikke online

stl_s

Dato : 12-03-07 00:10

Kør en scanning med HijackThis, og maximer derefter Hijackthis vinduet, så du kan se alle linierne.

Luk alle vinduer, på nær HijackThis. Sæt flueben ved disse linier, og klik på fix checked knappen.

O4 - HKLM\..\Run: [NI.UERSK_0001_N68M2202] "G:\Documents and Settings\Valder&Birthe\Lokale indstillinger\Temporary Internet Files\Content.IE5\A1HUNQXG\ErrorSafeFreeInstall_dk[1].exe" -nag

Hvis linien er væk efter en genstart, så skulle den være i vinkel.

Kommentar
Fra : Er ikke online

valdera

Dato : 12-03-07 09:35

Hej Sti_s

Den omtalte linie vil ikke forsvinde, jeg har prøvet 3 gange den er sejlivet. Og jeg ved jeg har gjort det rigtigt da jeg så der også var en rest af Bear Share så den prøvede jeg særskilt at fjerne og det gik meget nemt. Hvad gør jeg nu ?
Hilsen Valder

O4 - HKLM\..\Run: [NI.UERSK_0001_N68M2202] "G:\Documents and Settings\Valder&Birthe\Lokale indstillinger\Temporary Internet Files\Content.IE5\A1HUNQXG\ErrorSafeFreeInstall_dk[1].exe" -nag

Kommentar
Fra : Er ikke online

valdera

Dato : 12-03-07 09:41

Hej Mette
Det er dejligt med noget positiv opbakning når der er noget der er træls

Mange tak
Valder Glad

Kommentar
Fra : Er ikke online

stl_s

Dato : 12-03-07 10:21

Ja, den kan være drilagtig.

Gå i Start/Kør, skriv MSCONFIG klik OK. Fjern fluebenet ved den i fanebladet Start, klik OK og genstart. Du får en meddelelse om at start er lavet om. Kør ATF Cleaner igen. Så er den forhåbentlig væk.

Jeg går på arbejde nu, og kommer nok først på, senere på aftenen.

Kommentar
Fra : Er ikke online

valdera

Dato : 12-03-07 13:36

Hej Sti_s
Det går ikke altid som præsten prædiker, den vil ikke ud derfra,

det er vist en satan. Hvad gør vi så ved sådan en tyran ?

Hilsen Valder Ked af det

Kommentar
Fra : Er ikke online

fooler

Dato : 12-03-07 15:48

Citat
fooler hvorfor i alverden skulle spørger ikke vente på kvalificeret hjælp ???? Synes din holdning er temmelig underlig

Tjaaa meritdk, jeg har svært ved at se min holdning skulle være underlig, jeg siger blot til spørgeren, at er vedkommede utålmodig, så er spywarefri en mulighed. Pudsig i øvrigt var det DIG der fortalte mig om den mulighed.

Kommentar
Fra : Er ikke online

miritdk

Dato : 12-03-07 18:20

fooler - citeret fra spørger

Citat
hjælp fra en expert. Feks Sti_s

.... DERFOR !

og som omtalt er siden lige åbnet her : http://www.malwarecheck.dk/forum/ - som du kan se spørger har benyttet sig af også.

Valdera - stl_s skal nok komme på banen igen - du er vist rendt ind i en travl dag Blink

- men vær sikker på at han nok skal sørge for at følge dig hele vejen Glad

undskylder for misbrug af tråden - skal ikke ske igen

Accepteret svar
Fra : Er ikke online

stl_s

Modtaget 300 point
Dato : 13-03-07 00:26

Den er ikke særlig skadelig den der, men væk skal den da.

Hent IE History View her http://www.nirsoft.net/utils/iehv.zip Pak programmet ud.

Så starter du op i fejlsikret tilstand http://www.spywareinfo.dk/htm/fejlsikret_tilstand.htm og log ind med din egen bruger.

Lykkes det ikke, så se her http://www.ctrlaltdel.dk/forum/forum_posts.asp?TID=110&PN=1

(OBS: Hvis du bruger Bootsafe, som er en nødløsning, så tjek vejledningen for hvordan du kommer tilbage i normal tilstand).

Kør IE History View og vælg at lade den slette alt hvad den viser.

Fix linien i HijackThis igen.

Kør ATF Cleaner igen.

Vil den stadigvæk ikke blive væk, så hent Ewido Micro her http://download.ewido.net/ewido_micro.exe
og scan med den.

Godkendelse af svar
Fra : Er ikke online

valdera

Dato : 13-03-07 22:35

Tak for svaret stl_s.
Jeg kunne ikke få den sidste væk men det kan jeg godt leve med der var så meget andet der forsvandt Mange Tak du ville hjælpe
MVH. Valder

Kommentar
Fra : Er ikke online

stl_s

Dato : 13-03-07 23:07

Hmm, jeg kan nu bedst lide når skidtet er helt væk. Gør lige dette:

Så starter du op i fejlsikret igen. Klik dig frem til denne mappe:

C:\Documents and Settings\Valder&Birthe\Lokale indstillinger\Temp

Slet indholdet af den mappe, og fix linien i Hijackthis igen.

Kommentar
Fra : Er ikke online

stl_s

Dato : 13-03-07 23:43

Eller endnu bedre. Scannerne misser nok noget af den danske version af Errorsafe. Nu har jeg selv tilføjet linien i dette script, og så går den væk Blink

.

Hent denne fil og pak den ud http://sptlarsenserious.googlepages.com/winsoftware-bfu.zip

Åbn mappen og kør bfu.exe. Klik på den lille mappe øverst til højre, marker Winsoftware.bfu og klik åbn.

Klik derefter EXECUTE. Vent til scriptet er færdigt. Linien burde være væk i HijackThis nu.

Du har følgende muligheder

Eftersom du ikke er logget ind i systemet, kan du ikke skrive et indlæg til dette spørgsmål.

Hvis du ikke allerede er registreret, kan du gratis blive medlem, ved at trykke på "Bliv medlem" ude i menuen.

Søg

Reklame

Statistik

Spørgsmål :	177425
Tips :	31962
Nyheder :	719565
Indlæg :	6407916
Brugere :	218877

Månedens bedste

Årets bedste

Sidste års bedste