BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Hijackthis
   
BullGuard Antivirus Forum > BullGuard zone > BullGuard Customers > Hijackthis  
Forum Quick Jump
 
New Topic Post reply to : Hijackthis Printable version of : Hijackthis
[ << Previous Thread | Next Thread >> ]

hhb
New Member


Date Joined Jun 2009
Total Posts : 16
 
   Posted 4/23/2010 2:58 PM (GMT +3)    Quote: HijackthisAlert an admin about: Hijackthis
hej er der nogen der kan give et godt råd til hvad jeg kan og skal stille op med denne hjt log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:49:04, on 23-04-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\SvcHost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\SvcHost.exe
C:\WINDOWS\System32\SvcHost.exe
C:\Programmer\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe
C:\Programmer\BullGuard Ltd\BullGuard\BullGuard.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmer\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\hhbuur\Skrivebord\Ny mappe\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.ati.com/online/cccwelcome/drivers.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: BGAntiphishingBHO - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Programmer\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IE Privacy Keeper] "C:\Programmer\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup
O4 - HKLM\..\Run: [BullGuard] "C:\Programmer\BullGuard Ltd\BullGuard\BullGuard.exe" -boot
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_93C8148BBB233F43.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Programmer\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1271233916125
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: BgGamingMonitor.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BgRaSvc - BullGuard Ltd. - C:\Programmer\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Programmer\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Programmer\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
--
End of file - 6614 bytes
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 4/23/2010 5:42 PM (GMT +3)    Quote: HijackthisAlert an admin about: Hijackthis
Hej  smile
 
er der nogen der kan give et godt råd til hvad jeg kan og skal stille op med denne hjt log
 Ikke umidelbart, men det ville hjælpe hvis du fortalte om du har nogen problemer, eller om det bare er et tjek ?


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
 

 

Back to Top
 

hhb
New Member


Date Joined Jun 2009
Total Posts : 16
 
   Posted 4/23/2010 7:01 PM (GMT +3)    Quote: HijackthisAlert an admin about: Hijackthis
ja der er et problem med genvejs ikonerne på skrivebored der blinker når jeg åbner eller lukker dokumenter eller programmer, der er også et med internet explore den opdater meget langsomt og det har nognle gange været vanskeligt af få job databassers logind til at acceptere bruger navn og kode.
jeg har køret en scan med mbam som fandt en
Registreringsdatabase Data Objekter Inficeret:
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\Homepage (Hijack.Homepage) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
og her er en ny hjt log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:00:25, on 23-04-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\SvcHost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\SvcHost.exe
C:\Programmer\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe
C:\Programmer\BullGuard Ltd\BullGuard\BullGuard.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\hhbuur\Skrivebord\Ny mappe\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.ati.com/online/cccwelcome/drivers.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: BGAntiphishingBHO - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Programmer\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IE Privacy Keeper] "C:\Programmer\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup
O4 - HKLM\..\Run: [BullGuard] "C:\Programmer\BullGuard Ltd\BullGuard\BullGuard.exe" -boot
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_93C8148BBB233F43.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Programmer\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1271233916125
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: BgGamingMonitor.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BgRaSvc - BullGuard Ltd. - C:\Programmer\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Programmer\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Programmer\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe

--
End of file - 6494 bytes
mvh hhb
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 4/24/2010 4:59 AM (GMT +3)    Quote: HijackthisAlert an admin about: Hijackthis
der er et problem med genvejs ikonerne på skrivebored der blinker når jeg åbner eller lukker dokumenter eller programmer, der er også et med internet explore den opdater meget langsomt
Ok.
 
Så følg lige denne vejledning ->
 

 Follow the instructions and copy the logs here,
in this Topic.


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
 

 

Back to Top
 

hhb
New Member


Date Joined Jun 2009
Total Posts : 16
 
   Posted 4/24/2010 3:28 PM (GMT +3)    Quote: HijackthisAlert an admin about: Hijackthis
hej jeg har installeret av og der var lidt problemer med at opdater og igen med afinstallering.
dds.scr kan jeg ikke på til at køre der skriver at filtype er AutoCAD Script
og det ser sådan her ud "MZ   ÿÿ ¸ @ € º ´ Í!¸LÍ!This program cannot be run in DOS mode.

$ PE L +I à  2 n Z    @     0 "

log fra hj og mbam er her

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:19:28, on 24-04-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\SvcHost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\SvcHost.exe
C:\Programmer\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe
C:\Programmer\Fælles filer\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmer\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\hhbuur\Skrivebord\Ny mappe\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.ati.com/online/cccwelcome/drivers.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: BGAntiphishingBHO - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Programmer\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IE Privacy Keeper] "C:\Programmer\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup
O4 - HKLM\..\Run: [BullGuard] "C:\Programmer\BullGuard Ltd\BullGuard\BullGuard.exe" -boot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Fælles filer\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_93C8148BBB233F43.dll/cmsidewiki.html
O9 - Extra button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Programmer\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1271233916125
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BgRaSvc - BullGuard Ltd. - C:\Programmer\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Programmer\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Programmer\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe

--
End of file - 6595 bytes


Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Database version: 4029

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

24-04-2010 13:20:29
mbam-log-2010-04-24 (13-20-29).txt

Skanningstype: Hurtig skanning
Objekter skannet: 108515
Tid gået: 12 minut(ter), 58 sekund(er)

Hukommelses Processorer Inficeret: 0
Hukommelses Moduler Inficeret: 0
Registreringsdatabase Nøgler Inficeret: 0
Registreringsdatabase Værdier Inficeret: 0
Registreringsdatabase Data Objekter Inficeret: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Hukommelses Processorer Inficeret:
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabase Nøgler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabase Værdier Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabase Data Objekter Inficeret:
(Ingen skadelige objekter blev fundet)

Inficerede Mapper:
(Ingen skadelige objekter blev fundet)

Inficerede Filer:
(Ingen skadelige objekter blev fundet)
mvh hhb
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 4/24/2010 3:32 PM (GMT +3)    Quote: HijackthisAlert an admin about: Hijackthis
Ok. Så prøv om det går bedre med Combofix ->
 
 
Hent Combofix, og gem den på dit skrivebord:
 
Vigtigt-> Deaktiver dit antivirus/antispyware program. Da det/de kan ”forstyrre” og konflikte med combofix, eller fjerne vigtige combofix filer, hvilket kan få computeren til fryse. 
 
 
Kør så combofix.exe, og følg anvisningerne.
 
 
Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
 
Når combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt
Indholdet af denne fil må du gerne lægge herind.
 
Den kan også findes her - > C: combofix txt


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
 

 

Back to Top
 

hhb
New Member


Date Joined Jun 2009
Total Posts : 16
 
   Posted 4/24/2010 4:35 PM (GMT +3)    Quote: HijackthisAlert an admin about: Hijackthis
log fra combofix der ikke genstardet pc efter scan, jeg af!!!!tede antivirus via jobliste.

ComboFix 10-04-21.01 - hhbuur 24-04-2010 15:22:55.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.45.1030.18.2047.1480 [GMT 2:00]
Kører fra: c:\documents and settings\hhbuur\Skrivebord\Ny mappe\ComboFix.exe
AV: BullGuard Antivirus *On-access scanning enabled* (Updated) {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913}
FW: BullGuard Firewall *disabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1}
* Resident AV is active


advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !!
.

((((((((((((((((((((((((((((( Filer skabt fra 2010-03-24 til 2010-04-24 )))))))))))))))))))))))))))))))))))
.

2010-04-24 12:19 . 2010-04-24 12:19 388096 ----a-r- c:\documents and settings\hhbuur\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-04-24 11:01 . 2010-04-24 11:01 503808 ----a-w- c:\documents and settings\hhbuur\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1f5abd82-n\msvcp71.dll
2010-04-24 11:01 . 2010-04-24 11:01 499712 ----a-w- c:\documents and settings\hhbuur\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1f5abd82-n\jmc.dll
2010-04-24 11:01 . 2010-04-24 11:01 348160 ----a-w- c:\documents and settings\hhbuur\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1f5abd82-n\msvcr71.dll
2010-04-24 11:01 . 2010-04-24 11:01 61440 ----a-w- c:\documents and settings\hhbuur\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-632310b1-n\decora-sse.dll
2010-04-24 11:01 . 2010-04-24 11:01 12800 ----a-w- c:\documents and settings\hhbuur\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-632310b1-n\decora-d3d.dll
2010-04-24 11:01 . 2010-04-24 11:00 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-24 10:31 . 2010-04-24 10:31 -------- d-----w- c:\programmer\Alwil Software
2010-04-24 10:31 . 2010-04-24 10:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-04-23 14:32 . 2010-04-23 14:32 -------- d-----w- c:\documents and settings\hhbuur\Application Data\Malwarebytes
2010-04-23 14:32 . 2010-03-29 22:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-23 14:32 . 2010-04-23 14:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-23 14:32 . 2010-04-23 14:32 -------- d-----w- c:\programmer\Malwarebytes' Anti-Malware
2010-04-23 14:32 . 2010-03-29 22:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-23 11:41 . 2010-04-23 11:42 -------- d-----w- c:\programmer\CCleaner
2010-04-21 11:58 . 2010-04-21 11:58 246608 ----a-w- c:\documents and settings\All Users\Application Data\BullGuard\Update\Download\APPDIR\Antiphishing\IE\BGToolBand.dll
2010-04-21 11:58 . 2010-04-21 11:58 59728 ----a-w- c:\documents and settings\All Users\Application Data\BullGuard\Update\Download\APPDIR\Support\BgRaHlp.exe
2010-04-21 11:58 . 2010-04-21 11:58 17744 ----a-w- c:\documents and settings\All Users\Application Data\BullGuard\Update\Download\APPDIR\res\dk\MailWizardRes.dll
2010-04-21 11:53 . 2010-04-21 11:53 -------- d-----w- c:\programmer\BullGuard Ltd
2010-04-21 07:51 . 2010-04-21 08:17 -------- d-----w- c:\programmer\Aspell
2010-04-20 15:57 . 2010-04-20 15:59 -------- d-----w- C:\CodeBlocks
2010-04-20 14:35 . 2010-04-20 14:35 -------- d-----w- c:\documents and settings\NetworkService\Lokale indstillinger\Application Data\Google
2010-04-20 14:30 . 2010-04-20 14:30 -------- d-----w- c:\documents and settings\LocalService\Lokale indstillinger\Application Data\Google
2010-04-20 14:30 . 2010-04-20 14:30 -------- d-----w- c:\documents and settings\hhbuur\Lokale indstillinger\Application Data\Google
2010-04-20 14:29 . 2010-04-20 14:30 -------- d-----w- c:\programmer\Google
2010-04-20 09:45 . 2010-04-20 09:45 -------- d-----w- c:\programmer\Empty Temp Folders 2.8.3
2010-04-19 18:24 . 2010-04-19 18:25 -------- d-----w- c:\documents and settings\hhbuur\Application Data\Notepad++
2010-04-19 18:24 . 2010-04-19 18:25 -------- d-----w- c:\programmer\Notepad++
2010-04-19 17:51 . 2010-04-21 08:00 -------- d-----w- c:\documents and settings\hhbuur\Application Data\codeblocks
2010-04-19 17:16 . 2010-04-19 17:17 -------- d-----w- C:\Dx
2010-04-19 12:16 . 2010-04-19 12:16 150864 ----a-w- c:\windows\system32\BGLsp.dll
2010-04-18 13:25 . 2010-04-18 13:25 -------- d-----w- c:\documents and settings\hhbuur\Lokale indstillinger\Application Data\Help
2010-04-18 09:07 . 2010-04-18 09:07 -------- d-----w- C:\Borland
2010-04-18 07:53 . 2010-04-18 07:53 -------- d-----w- c:\documents and settings\hhbuur\Lokale indstillinger\Application Data\Identities
2010-04-16 08:36 . 2010-04-16 08:36 116784 ----a-w- c:\documents and settings\LocalService\Lokale indstillinger\Application Data\FontCache3.0.0.0.dat
2010-04-16 08:23 . 2010-04-16 08:23 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2010-04-15 10:09 . 2010-04-15 10:09 -------- d-----w- c:\programmer\Fælles filer\Macrovision Shared
2010-04-15 10:04 . 2010-04-15 10:12 -------- d-----w- c:\documents and settings\hhbuur\Lokale indstillinger\Application Data\Autodesk
2010-04-15 10:04 . 2010-04-15 10:04 -------- d-----w- c:\programmer\Autodesk
2010-04-15 10:04 . 2010-04-15 10:04 -------- d-----w- C:\ProgramData
2010-04-15 09:59 . 2010-04-15 10:11 -------- d-----w- c:\programmer\Fælles filer\Autodesk Shared
2010-04-15 09:58 . 2009-03-09 13:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2010-04-15 09:58 . 2009-03-09 13:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2010-04-15 09:58 . 2009-03-09 13:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2010-04-15 09:57 . 2010-04-15 09:57 -------- d-----w- c:\windows\Logs
2010-04-15 09:50 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-04-15 09:44 . 2010-04-15 09:50 -------- d-----w- c:\windows\system32\XPSViewer
2010-04-15 09:23 . 2010-04-15 10:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk
2010-04-15 09:23 . 2010-04-15 10:04 -------- d-----w- c:\documents and settings\hhbuur\Application Data\Autodesk
2010-04-15 09:06 . 2010-04-15 09:06 -------- d-----w- C:\Autodesk
2010-04-15 08:24 . 2010-04-15 08:24 -------- d-----w- c:\windows\Sun
2010-04-15 08:20 . 2010-04-24 13:08 -------- d-----w- c:\programmer\Fælles filer\Akamai
2010-04-15 07:10 . 2010-04-17 13:17 -------- d-----w- c:\windows\system32\Adobe
2010-04-14 18:12 . 2008-04-14 16:05 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-04-14 18:12 . 2001-10-04 15:07 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-04-14 18:12 . 2008-04-14 16:05 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-04-14 18:12 . 2001-10-04 15:07 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-04-14 18:11 . 2001-10-04 15:07 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-04-14 18:11 . 2001-08-18 04:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2010-04-14 18:11 . 2001-08-17 18:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-04-14 18:11 . 2004-08-03 20:29 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-04-14 18:11 . 2008-04-13 18:46 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys
2010-04-14 18:11 . 2004-08-03 20:29 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-04-14 18:11 . 2008-04-14 16:05 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2010-04-14 18:11 . 2004-08-03 20:31 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2010-04-14 18:11 . 2001-10-04 14:36 35402 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2010-04-14 18:11 . 2001-08-17 19:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2010-04-14 18:11 . 2001-10-04 15:07 54272 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2010-04-14 18:09 . 2001-08-17 19:28 64605 -c--a-w- c:\windows\system32\dllcache\vvoice.sys
2010-04-14 18:09 . 2001-08-17 19:28 397502 -c--a-w- c:\windows\system32\dllcache\vpctcom.sys
2010-04-14 18:09 . 2001-08-17 19:28 604253 -c--a-w- c:\windows\system32\dllcache\vmodem.sys
2010-04-14 18:09 . 2001-08-17 18:14 249402 -c--a-w- c:\windows\system32\dllcache\vinwm.sys
2010-04-14 18:09 . 2001-08-17 19:49 24576 -c--a-w- c:\windows\system32\dllcache\viairda.sys
2010-04-14 18:09 . 2008-04-13 18:40 5376 -c--a-w- c:\windows\system32\dllcache\viaide.sys
2010-04-14 18:09 . 2008-04-14 16:05 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-04-14 18:09 . 2001-08-17 19:28 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys
2010-04-14 18:09 . 2001-08-17 19:28 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys
2010-04-14 18:09 . 2001-08-17 19:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys
2010-04-14 18:09 . 2001-08-17 19:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys
2010-04-14 18:09 . 2001-08-17 19:28 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys
2010-04-14 18:07 . 2001-08-17 19:58 22912 -c--a-w- c:\windows\system32\dllcache\umaxpcls.sys
2010-04-14 18:07 . 2001-10-04 15:07 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll
2010-04-14 18:07 . 2001-10-04 15:07 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2010-04-14 18:07 . 2001-10-04 15:07 212480 -c--a-w- c:\windows\system32\dllcache\um54scan.dll
2010-04-14 18:07 . 2001-10-04 15:07 216576 -c--a-w- c:\windows\system32\dllcache\um34scan.dll
2010-04-14 18:07 . 2001-08-17 19:52 36736 -c--a-w- c:\windows\system32\dllcache\ultra.sys
2010-04-14 18:07 . 2004-08-27 12:00 14336 -c--a-w- c:\windows\system32\dllcache\tsprof.exe
2010-04-14 18:07 . 2001-08-17 19:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys
2010-04-14 18:07 . 2001-08-17 18:51 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys
2010-04-14 18:07 . 2001-10-04 15:07 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll
2010-04-14 18:07 . 2001-08-17 18:51 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys
2010-04-14 18:05 . 2001-08-17 18:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2010-04-14 18:04 . 2001-08-17 20:07 30688 -c--a-w- c:\windows\system32\dllcache\sym_u3.sys
2010-04-14 18:04 . 2001-08-17 20:07 28384 -c--a-w- c:\windows\system32\dllcache\sym_hi.sys
2010-04-14 18:04 . 2001-10-04 15:07 94293 -c--a-w- c:\windows\system32\dllcache\sxports.dll
2010-04-14 18:04 . 2001-08-17 19:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2010-04-14 18:04 . 2001-08-17 20:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys
2010-04-14 18:04 . 2001-10-04 15:07 10240 -c--a-w- c:\windows\system32\dllcache\swpidflt.dll
2010-04-14 18:04 . 2001-10-04 15:07 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll
2010-04-14 18:04 . 2001-10-04 15:07 53760 -c--a-w- c:\windows\system32\dllcache\sw_wheel.dll
2010-04-14 18:04 . 2001-10-04 15:07 41472 -c--a-w- c:\windows\system32\dllcache\sw_effct.dll
2010-04-14 18:04 . 2008-04-13 18:46 15232 -c--a-w- c:\windows\system32\dllcache\streamip.sys
2010-04-14 18:04 . 2001-10-04 15:07 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll
2010-04-14 18:04 . 2001-10-04 15:07 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll
2010-04-14 18:04 . 2001-10-04 14:28 285760 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2010-04-14 18:03 . 2001-10-04 14:28 17024 -c--a-w- c:\windows\system32\dllcache\stcusb.sys
2010-04-14 18:03 . 2001-08-17 18:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2010-04-14 18:03 . 2001-10-04 15:07 99328 -c--a-w- c:\windows\system32\dllcache\srusd.dll
2010-04-14 18:03 . 2004-08-27 12:00 101376 -c--a-w- c:\windows\system32\dllcache\srusbusd.dll
2010-04-14 18:03 . 2001-10-04 15:07 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll
2010-04-14 18:03 . 2001-08-17 19:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2010-04-14 18:03 . 2001-10-04 15:07 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll
2010-04-14 18:03 . 2001-08-17 20:07 19072 -c--a-w- c:\windows\system32\dllcache\sparrow.sys
2010-04-14 18:03 . 2001-08-17 19:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2010-04-14 18:03 . 2001-08-17 18:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys
2010-04-14 18:03 . 2001-10-04 15:07 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll
2010-04-14 18:01 . 2001-10-04 15:07 33792 -c--a-w- c:\windows\system32\dllcache\smb0w.dll
2010-04-14 18:00 . 2001-10-04 15:07 150144 -c--a-w- c:\windows\system32\dllcache\sis6306v.dll
2010-04-14 18:00 . 2001-08-17 18:50 68608 -c--a-w- c:\windows\system32\dllcache\sis6306p.sys
2010-04-14 18:00 . 2001-10-04 15:07 252032 -c--a-w- c:\windows\system32\dllcache\sis300iv.dll
2010-04-14 18:00 . 2004-08-27 12:00 18944 -c--a-w- c:\windows\system32\dllcache\simptcp.dll
2010-04-14 18:00 . 2001-08-17 18:50 101760 -c--a-w- c:\windows\system32\dllcache\sis300ip.sys
2010-04-14 18:00 . 2001-10-04 14:50 161760 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys
2010-04-14 18:00 . 2001-07-21 20:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2010-04-14 18:00 . 2001-08-17 18:51 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-24 13:19 . 2010-04-13 19:13 -------- d-----w- c:\documents and settings\All Users\Application Data\BullGuard
2010-04-24 11:01 . 2010-04-13 18:39 -------- d-----w- c:\programmer\Fælles filer\Java
2010-04-24 11:00 . 2010-04-13 18:39 -------- d-----w- c:\programmer\Java
2010-04-21 11:56 . 2010-04-13 19:13 -------- d-----w- c:\documents and settings\hhbuur\Application Data\BullGuard
2010-04-16 08:23 . 2010-04-13 18:58 50648 ----a-w- c:\documents and settings\hhbuur\Lokale indstillinger\Application Data\GDIPFONTCACHEV1.DAT
2010-04-15 15:19 . 2004-08-27 12:00 82674 ----a-w- c:\windows\system32\perfc006.dat
2010-04-15 15:19 . 2004-08-27 12:00 456534 ----a-w- c:\windows\system32\perfh006.dat
2010-04-15 09:44 . 2010-04-15 09:44 -------- d-----w- c:\programmer\MSBuild
2010-04-15 09:44 . 2010-04-15 09:44 -------- d-----w- c:\programmer\Reference Assemblies
2010-04-14 06:56 . 2010-04-13 18:35 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-13 19:21 . 2009-03-23 12:07 31640 ----a-r- c:\windows\system32\drivers\Afw.sys
2010-04-13 19:21 . 2009-03-23 12:07 256792 ----a-r- c:\windows\system32\drivers\AfwCore.sys
2010-04-13 18:58 . 2010-04-13 18:58 -------- d-----w- c:\documents and settings\hhbuur\Application Data\ATI
2010-04-13 18:58 . 2010-04-13 18:58 135 ----a-w- c:\documents and settings\hhbuur\Lokale indstillinger\Application Data\fusioncache.dat
2010-04-13 18:56 . 2010-04-13 18:56 -------- d-----w- c:\programmer\CyberLink
2010-04-13 18:56 . 2010-04-13 18:53 -------- d--h--w- c:\programmer\InstallShield Installation Information
2010-04-13 18:56 . 2010-04-13 18:56 -------- d-----w- c:\programmer\Synaptics
2010-04-13 18:55 . 2010-04-13 18:55 -------- d-----w- c:\programmer\Realtek
2010-04-13 18:54 . 2010-04-13 18:54 -------- d-----w- c:\programmer\ATI Technologies
2010-04-13 18:54 . 2010-04-13 18:53 -------- d-----w- c:\programmer\Fælles filer\InstallShield
2010-04-13 18:53 . 2010-04-13 18:53 -------- d-----w- c:\programmer\Intel
2010-04-13 18:39 . 2010-04-13 18:39 -------- d-----w- c:\programmer\microsoft frontpage
2010-04-13 18:35 . 2010-04-13 18:35 -------- d-----w- c:\programmer\Onlinetjenester
2010-04-13 18:34 . 2010-04-13 18:34 -------- d-----w- c:\programmer\Fælles filer\Tjenester
2010-04-13 18:33 . 2010-04-13 18:33 21644 ----a-w- c:\windows\system32\emptyregdb.dat
2010-04-01 11:53 . 2010-04-01 11:53 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-03-18 16:03 . 2010-03-18 16:03 98128 ----a-w- c:\windows\system32\BgGamingMonitor.dll
2010-03-12 09:34 . 2010-03-12 09:34 58448 ----a-w- c:\windows\system32\drivers\BdSpy.sys
2010-03-10 06:17 . 2004-08-27 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-25 06:18 . 2004-09-29 18:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2004-10-28 01:14 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-17 12:09 . 2004-08-27 12:00 2192512 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:09 . 2004-08-26 17:50 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:34 . 2004-08-27 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2004-08-27 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-09 21:48 . 2010-02-09 21:48 14560 ----a-w- c:\windows\system32\AcSignExtRes.dll
2010-02-09 21:48 . 2010-02-09 21:48 429792 ----a-w- c:\windows\system32\AcSignOpt.exe
2010-02-09 21:48 . 2010-02-09 21:48 43232 ----a-w- c:\windows\system32\AcSignIcon.dll
2010-02-09 21:48 . 2010-02-09 21:48 29920 ----a-w- c:\windows\system32\AcSignExt.dll
2010-02-01 17:42 . 2010-02-01 17:42 123256 ----a-w- c:\windows\system32\BdInstHk.dll
.

((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmer\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\programmer\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2005-03-10 07:46 90112 ----a-w- c:\windows\SOUNDMAN.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=

R1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [12-03-2010 11:34 58448]
R1 SASDIFSV;SASDIFSV;c:\programmer\SUPERAntiSpyware\sasdifsv.sys [17-02-2010 11:25 12872]
R1 SASKUTIL;SASKUTIL;c:\programmer\SUPERAntiSpyware\SASKUTIL.SYS [17-02-2010 11:15 66632]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [27-08-2004 14:00 14336]
R2 BsBrowser;BullGuard antiphishing service;c:\windows\System32\SvcHost.exe -k BullGuard_LowPriv [27-08-2004 14:00 14336]
R2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe -k BullGuard [27-08-2004 14:00 14336]
R2 BsFire;BullGuard firewall service;c:\windows\System32\SvcHost.exe -k BullGuard [27-08-2004 14:00 14336]
R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe -k BullGuard [27-08-2004 14:00 14336]
R2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe -k BullGuard_Main [27-08-2004 14:00 14336]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\Afw.sys [23-03-2009 14:07 31640]
R3 afwcore;afwcore;c:\windows\system32\drivers\AfwCore.sys [23-03-2009 14:07 256792]
R3 SASENUM;SASENUM;c:\programmer\SUPERAntiSpyware\SASENUM.SYS [17-02-2010 11:15 12872]
S2 BsUpdate;BullGuard update service;c:\programmer\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [09-04-2010 09:31 341328]
S2 gupdate;Tjenesten Google Update (gupdate);c:\programmer\Google\Update\GoogleUpdate.exe [20-04-2010 16:30 136176]
S3 BgRaSvc;BgRaSvc;c:\programmer\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe [03-03-2010 22:07 120144]
S3 BsScanner;BullGuard scanning service;c:\programmer\BullGuard Ltd\BullGuard\BullGuardScanner.exe [03-03-2010 22:07 297808]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
Akamai REG_MULTI_SZ Akamai
BullGuard_Main REG_MULTI_SZ BsMain
BullGuard REG_MULTI_SZ BsFileScan BsMailProxy BsFire
BullGuard_LowPriv REG_MULTI_SZ BsBrowser
.
Indhold af mappen 'Planlagte Opgaver'

2010-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-04-20 14:30]

2010-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-04-20 14:30]

2010-04-24 c:\windows\Tasks\User_Feed_Synchronization-{C22ADA38-F97C-4F27-BDDD-FF549FDFA852}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.dk/
uInternet Connection Wizard,ShellNext = hxxp://www.ati.com/online/cccwelcome/drivers.html
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki ... - c:\programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_93C8148BBB233F43.dll/cmsidewiki.html
IE: {{27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\programmer\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll
Trusted Zone: google.dk\www
Trusted Zone: nordea.dk\www.netbank
Trusted Zone: sol.dk\bruger
Trusted Zone: tdconline.dk\mail
Trusted Zone: yahoo.com\login
.
.
------- Fil Associationer -------
.
.scr=AutoCADScriptFile
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-24 15:28
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ...

scanner skjulte autostarter ...

scanner skjulte filer ...

scanning gennemført med succes
skjulte filer: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
"ServiceDll"="C:/Programmer/Fælles filer/Akamai/rswin_3653.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
"ServiceDll"="C:/Programmer/Fælles filer/Akamai/rswin_3653.dll"
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'winlogon.exe'(1500)
c:\programmer\SUPERAntiSpyware\SASWINLO.dll
c:\documents and settings\hhbuur\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
c:\documents and settings\hhbuur\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2268)
c:\windows\system32\AcSignIcon.dll
c:\windows\system32\msi.dll
c:\programmer\Fælles filer\Autodesk Shared\AcSignCore16.dll
c:\windows\system32\webcheck.dll
.
Gennemført tid: 2010-04-24 15:30:24
ComboFix-quarantined-files.txt 2010-04-24 13:30

Pre-Kørsel: 59.503.775.744 byte ledig
Post-Kørsel: 59.481.899.008 byte ledig

- - End Of File - - 3324AEE5B081CF3B057F9E96B48ABFCC
mvh hhb
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 4/26/2010 6:27 AM (GMT +3)    Quote: HijackthisAlert an admin about: Hijackthis
Det ser godt nok ud. Hvordan kører tingene nu ?


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
 

 

Back to Top
 

hhb
New Member


Date Joined Jun 2009
Total Posts : 16
 
   Posted 4/26/2010 9:08 AM (GMT +3)    Quote: HijackthisAlert an admin about: Hijackthis
umidelbart godt er der noget i hj log jeg kan fjerne. mvh hhb
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 4/26/2010 10:20 AM (GMT +3)    Quote: HijackthisAlert an admin about: Hijackthis
Send lige en ny hijackthis log herind, så tjekker vi lige.


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
 

 

Back to Top
 

hhb
New Member


Date Joined Jun 2009
Total Posts : 16
 
   Posted 4/26/2010 11:15 AM (GMT +3)    Quote: HijackthisAlert an admin about: Hijackthis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:14:56, on 26-04-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\SvcHost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SvcHost.exe
C:\Programmer\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe
C:\Programmer\BullGuard Ltd\BullGuard\BullGuard.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\WINDOWS\System32\svchost.exe
C:\DOCUME~1\hhbuur\LOKALE~1\Temp\_AI7.tmp\setup.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\hh.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\hhbuur\Skrivebord\Ny mappe\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.ati.com/online/cccwelcome/drivers.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: BGAntiphishingBHO - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Programmer\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IE Privacy Keeper] "C:\Programmer\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup
O4 - HKLM\..\Run: [BullGuard] "C:\Programmer\BullGuard Ltd\BullGuard\BullGuard.exe" -boot
O4 - HKCU\..\Run: [swg] "C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_93C8148BBB233F43.dll/cmsidewiki.html
O9 - Extra button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Programmer\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1271233916125
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: BgGamingMonitor.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BgRaSvc - BullGuard Ltd. - C:\Programmer\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Programmer\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Programmer\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe

--
End of file - 7547 bytes
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 4/26/2010 12:14 PM (GMT +3)    Quote: HijackthisAlert an admin about: Hijackthis
Det eneste jeg kan få øje på er -> C:\DOCUME~1\hhbuur\LOKALE~1\Temp\_AI7.tmp\setup.exe
 
Hvis du ikke kender den, så slet den. Muligvis fra fejlsikret tilstand.


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
 

 

Back to Top
 

hhb
New Member


Date Joined Jun 2009
Total Posts : 16
 
   Posted 4/26/2010 12:17 PM (GMT +3)    Quote: HijackthisAlert an admin about: Hijackthis
ok .mvh hhb
Back to Top
 
New Topic Post reply to : Hijackthis Printable version of : Hijackthis
 
Forum Information
Currently it is Monday, July 28, 2014 7:24 PM (GMT +3)
There are a total of 60,529 posts in 13,304 threads.
In the last 3 days there were 1 new threads and 3 reply posts. View Active Threads
Who's Online
This forum has 36179 registered members. Please welcome our newest member, laurenschultz.
2 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Bullguard removes CODWAW.exe says its a trojen generic (1)7/26/2014 5:56:15 PM (Andreea-Luciana Ostache)
Virus Through Email (8)7/25/2014 10:44:18 PM (tbush004)