Oprettet lør. d. 05. december 2009 kl. 13:51:35

swordcat
swordcat (17.288 point. Point ude: 415)


Tjenesten sikkerhedscenter kan ikke startes

Jeg tror sku jeg har fået virus på min fine bærbar. Problemet startede da jeg downloadede en fil, som jeg nok aldrig skulle have rørt. Irriterende pop-ups og unødvendige pornoikoner blev lagt på mit skrivebord. Det er nu ikke længere et problem, for de dukker ikke op mere.

Nu kan og vil sikkerhedscenteret ikke startes. Det røde skjold med det hvide kryds nederest til højre minder mig om problemet, hver gang jeg tænder for computeren.

Har læst og gjort præcis hvad der står: http://www.eksperten.dk/guide/1232

ccleaner, malwarebytes, combofixog hijackthis er taget i brug og har nu brug for Jer ekspertes bud på hvad der er galt. Her er logs'ne fra de ovennævnte programmer foruden ccleaner.

Malwarebytes:

Malwarebytes' Anti-Malware 1.42
Database version: 3299
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18828

05-12-2009 11:27:56
mbam-log-2009-12-05 (11-27-56).txt

Skan type: Fuldstændig skanning (C:\|)
Objekter skannet: 211202
Tid tilbagelagt: 2 hour(s), 31 minute(s), 56 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)

ComboFix:
ComboFix 09-12-04.02 - Volkan 05-12-2009 12:40.2.2 - x86
Microsoft® Windows Vista™ Home Basic  6.0.6002.2.1252.45.1030.18.1013.211 [GMT 1:00]
Kører fra: c:\users\Volkan\Desktop\Ny\ComboFix.exe
Kommandoer benyttet :: c:\users\Volkan\Desktop\Ny\CFScript.txt
.

(((((((((((((((((((((((((((((  Filer skabt fra 2009-11-05 til 2009-12-05  )))))))))))))))))))))))))))))))))))
.

2009-12-05 11:58 . 2009-12-05 11:58    --------    d-----w-    c:\users\Public\AppData\Local\temp
2009-12-05 11:58 . 2009-12-05 11:58    --------    d-----w-    c:\users\Default\AppData\Local\temp
2009-12-05 11:40 . 2009-12-05 11:40    --------    d-----w-    c:\program files\Trend Micro
2009-12-05 11:03 . 2009-12-05 12:01    4096    d-----w-    c:\users\Volkan\AppData\Local\temp
2009-12-05 07:54 . 2009-12-05 07:54    --------    d-----w-    c:\users\Volkan\AppData\Roaming\Malwarebytes
2009-12-05 07:54 . 2009-12-03 15:14    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-05 07:54 . 2009-12-05 07:54    --------    d-----w-    c:\programdata\Malwarebytes
2009-12-05 07:54 . 2009-12-05 07:54    4096    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2009-12-05 07:54 . 2009-12-03 15:13    19160    ----a-w-    c:\windows\system32\drivers\mbam.sys
2009-12-05 07:52 . 2009-12-05 07:52    --------    d-----w-    c:\program files\CCleaner
2009-12-05 07:30 . 2009-12-05 12:02    4096    d-----w-    c:\windows\system32\wbem\repository
2009-12-04 17:22 . 2009-07-28 14:33    55656    ----a-w-    c:\windows\system32\drivers\avgntflt.sys
2009-12-04 17:22 . 2009-03-30 08:33    96104    ----a-w-    c:\windows\system32\drivers\avipbb.sys
2009-12-04 17:22 . 2009-12-04 17:22    --------    d-----w-    c:\programdata\Avira
2009-12-04 17:22 . 2009-12-04 17:22    --------    d-----w-    c:\program files\Avira
2009-11-25 15:43 . 2009-10-29 09:17    2048    ----a-w-    c:\windows\system32\tzres.dll
2009-11-25 15:42 . 2009-11-25 15:42    --------    d-----w-    c:\program files\MSXML 4.0
2009-11-25 15:41 . 2009-08-11 16:44    1401856    ----a-w-    c:\windows\system32\msxml6.dll
2009-11-25 15:41 . 2009-08-11 16:44    1248768    ----a-w-    c:\windows\system32\msxml3.dll
2009-11-15 09:54 . 2009-11-15 09:54    --------    d-----w-    c:\users\Volkan\AppData\Local\Apple
2009-11-13 18:00 . 2009-12-05 07:30    --------    d-----w-    c:\users\Volkan\Tracing
2009-11-11 08:36 . 2009-08-14 13:27    2036736    ----a-w-    c:\windows\system32\win32k.sys
2009-11-11 08:36 . 2009-08-10 12:35    355328    ----a-w-    c:\windows\system32\WSDApi.dll
2009-11-09 21:03 . 2009-11-09 21:03    --------    d-----w-    c:\program files\Common Files\Adobe
2009-11-06 06:12 . 2009-08-07 02:24    44768    ----a-w-    c:\windows\system32\wups2.dll
2009-11-06 06:12 . 2009-08-07 02:24    53472    ----a-w-    c:\windows\system32\wuauclt.exe
2009-11-06 06:12 . 2009-08-07 02:23    1929952    ----a-w-    c:\windows\system32\wuaueng.dll
2009-11-06 06:12 . 2009-08-07 01:45    2421760    ----a-w-    c:\windows\system32\wucltux.dll
2009-11-06 06:11 . 2009-08-07 02:24    35552    ----a-w-    c:\windows\system32\wups.dll
2009-11-06 06:11 . 2009-08-07 02:23    575704    ----a-w-    c:\windows\system32\wuapi.dll
2009-11-06 06:11 . 2009-08-07 01:44    87552    ----a-w-    c:\windows\system32\wudriver.dll
2009-11-06 06:11 . 2009-08-06 18:23    171608    ----a-w-    c:\windows\system32\wuwebv.dll
2009-11-06 06:11 . 2009-08-06 17:44    33792    ----a-w-    c:\windows\system32\wuapp.exe

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-02 16:24 . 2006-11-21 04:45    78210    ----a-w-    c:\windows\system32\perfc006.dat
2009-12-02 16:24 . 2006-11-21 04:45    466378    ----a-w-    c:\windows\system32\perfh006.dat
2009-11-13 17:54 . 2009-07-05 17:23    4096    d-----w-    c:\programdata\avg8
2009-11-13 17:40 . 2009-02-22 13:15    4096    d-----w-    c:\program files\DivX
2009-11-11 14:13 . 2006-11-02 11:18    4096    d-----w-    c:\program files\Windows Mail
2009-11-11 08:47 . 2009-05-08 09:24    12288    d-----w-    c:\programdata\Microsoft Help
2009-11-02 19:42 . 2009-10-08 00:07    195456    ------w-    c:\windows\system32\MpSigStub.exe
2009-11-01 18:44 . 2009-11-01 16:15    4096    d-----w-    c:\users\Volkan\AppData\Roaming\vlc
2009-11-01 16:14 . 2009-11-01 16:14    --------    d-----w-    c:\program files\VideoLAN
2009-10-31 16:17 . 2009-10-31 16:15    4096    d-----w-    c:\program files\iTunes
2009-10-31 16:16 . 2009-10-31 16:16    --------    d-----w-    c:\program files\iPod
2009-10-31 16:15 . 2009-09-15 15:41    --------    d-----w-    c:\program files\Common Files\Apple
2009-10-31 16:09 . 2009-10-31 16:09    79144    ----a-w-    c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-28 22:58 . 2009-10-28 22:58    --------    d-----w-    c:\program files\Windows Portable Devices
2009-10-28 22:57 . 2006-11-02 10:25    665600    ----a-w-    c:\windows\inf\drvindex.dat
2009-10-28 22:57 . 2009-10-28 22:57    0    ---ha-w-    c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-10-28 22:56 . 2009-10-28 22:56    0    ---ha-w-    c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-10-17 13:37 . 2009-01-20 13:35    4096    d-----w-    c:\programdata\CanonIJPLM
2009-10-16 11:42 . 2007-09-06 16:09    24576    d-----w-    c:\program files\Microsoft Works
2009-10-10 10:04 . 2007-09-12 18:38    4096    d-----w-    c:\users\Volkan\AppData\Roaming\Apple Computer
2009-10-10 10:04 . 2009-02-22 06:51    4096    d-----w-    c:\program files\QuickTime
2009-10-08 21:08 . 2009-10-28 12:55    555520    ----a-w-    c:\windows\system32\UIAutomationCore.dll
2009-10-08 21:08 . 2009-10-28 12:55    234496    ----a-w-    c:\windows\system32\oleacc.dll
2009-10-08 21:07 . 2009-10-28 12:55    4096    ----a-w-    c:\windows\system32\oleaccrc.dll
2009-10-01 01:02 . 2009-10-28 12:56    2537472    ----a-w-    c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-10-28 12:56    30208    ----a-w-    c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-10-28 12:56    334848    ----a-w-    c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-10-28 12:56    87552    ----a-w-    c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-10-28 12:56    31232    ----a-w-    c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-10-28 12:56    546816    ----a-w-    c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-10-28 12:56    160256    ----a-w-    c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-10-28 12:56    60928    ----a-w-    c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-10-28 12:56    350208    ----a-w-    c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-10-28 12:56    196608    ----a-w-    c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-10-28 12:56    100864    ----a-w-    c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-10-28 12:56    81920    ----a-w-    c:\windows\system32\wpdbusenum.dll
2009-10-01 01:01 . 2009-10-28 12:56    40448    ----a-w-    c:\windows\system32\drivers\WpdUsb.sys
2009-10-01 01:01 . 2009-10-28 12:56    226816    ----a-w-    c:\windows\system32\WpdMtp.dll
2009-10-01 01:01 . 2009-10-28 12:56    61952    ----a-w-    c:\windows\system32\WpdMtpUS.dll
2009-10-01 01:01 . 2009-10-28 12:56    33280    ----a-w-    c:\windows\system32\WpdConns.dll
2009-09-25 02:10 . 2009-10-28 12:57    974848    ----a-w-    c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07 . 2009-10-28 12:57    189440    ----a-w-    c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04 . 2009-10-28 12:57    321024    ----a-w-    c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49 . 2009-10-28 12:57    1554432    ----a-w-    c:\windows\system32\xpsservices.dll
2009-09-25 01:48 . 2009-10-28 12:57    351232    ----a-w-    c:\windows\system32\XpsPrint.dll
2009-09-25 01:38 . 2009-10-28 12:57    847360    ----a-w-    c:\windows\system32\OpcServices.dll
2009-09-25 01:36 . 2009-10-28 12:57    280064    ----a-w-    c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35 . 2009-10-28 12:57    135680    ----a-w-    c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33 . 2009-10-28 12:57    195584    ----a-w-    c:\windows\system32\dxdiagn.dll
2009-09-25 01:33 . 2009-10-28 12:57    829440    ----a-w-    c:\windows\system32\d3d10warp.dll
2009-09-25 01:33 . 2009-10-28 12:57    369664    ----a-w-    c:\windows\system32\WMPhoto.dll
2009-09-25 01:32 . 2009-10-28 12:57    252928    ----a-w-    c:\windows\system32\dxdiag.exe
2009-09-25 01:31 . 2009-10-28 12:57    519680    ----a-w-    c:\windows\system32\d3d11.dll
2009-09-25 01:31 . 2009-10-28 12:57    486912    ----a-w-    c:\windows\system32\d3d10level9.dll
2009-09-25 01:31 . 2009-10-28 12:57    161280    ----a-w-    c:\windows\system32\d3d10_1.dll
2009-09-25 01:31 . 2009-10-28 12:57    218112    ----a-w-    c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31 . 2009-10-28 12:57    1030144    ----a-w-    c:\windows\system32\d3d10.dll
2009-09-25 01:31 . 2009-10-28 12:57    828928    ----a-w-    c:\windows\system32\d2d1.dll
2009-09-25 01:30 . 2009-10-28 12:57    481792    ----a-w-    c:\windows\system32\dxgi.dll
2009-09-25 01:30 . 2009-10-28 12:57    190464    ----a-w-    c:\windows\system32\d3d10core.dll
2009-09-25 01:27 . 2009-10-28 12:57    634880    ----a-w-    c:\windows\system32\drivers\dxgkrnl.sys
2009-09-25 01:27 . 2009-10-28 12:57    37888    ----a-w-    c:\windows\system32\cdd.dll
2009-09-25 01:27 . 2009-10-28 12:57    793088    ----a-w-    c:\windows\system32\FntCache.dll
2009-09-25 01:27 . 2009-10-28 12:57    1064448    ----a-w-    c:\windows\system32\DWrite.dll
2009-09-24 22:54 . 2009-10-28 12:57    258048    ----a-w-    c:\windows\system32\winspool.drv
2009-09-24 22:54 . 2009-10-28 12:57    667648    ----a-w-    c:\windows\system32\printfilterpipelinesvc.exe
2009-09-24 22:54 . 2009-10-28 12:57    26112    ----a-w-    c:\windows\system32\printfilterpipelineprxy.dll
2009-09-18 14:35 . 2008-05-12 19:14    934    ----a-w-    c:\users\Volkan\AppData\Roaming\wklnhst.dat
2009-09-14 09:29 . 2009-10-16 11:33    144896    ----a-w-    c:\windows\system32\drivers\srv2.sys
2009-09-10 16:48 . 2009-10-16 11:33    218624    ----a-w-    c:\windows\system32\msv1_0.dll
2009-09-10 14:59 . 2009-10-28 12:51    8147456    ----a-w-    c:\windows\system32\wmploc.DLL
2009-09-10 14:58 . 2009-10-28 12:51    310784    ----a-w-    c:\windows\system32\unregmp2.exe
2009-09-10 02:01 . 2009-10-28 12:58    3023360    ----a-w-    c:\windows\system32\UIRibbon.dll
2009-09-10 02:00 . 2009-10-28 12:58    1164800    ----a-w-    c:\windows\system32\UIRibbonRes.dll
2009-09-10 02:00 . 2009-10-28 12:58    92672    ----a-w-    c:\windows\system32\UIAnimation.dll
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-14 14:07    1004800    ----a-w-    c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-18 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-18 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-18 133656]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-11-26 2029336]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-11-07 3772416]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Users^Volkan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Media Player.lnk]
backup=c:\windows\pss\Adobe Media Player.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Volkan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):28,8e,15,40,19,fa,c9,01

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [05-07-2009 18:23 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [05-07-2009 18:24 108552]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [04-12-2009 18:22 108289]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [05-07-2009 18:23 297752]
R3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys [21-12-2006 11:33 7168]
S3 FontCache;Tjenesten Windows-skrifttypecache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [05-10-2008 13:27 21504]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\System32\drivers\usbaapl.sys [28-08-2009 18:42 40448]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork    REG_MULTI_SZ      PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation    REG_MULTI_SZ      FontCache
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.dk/
uInternet Settings,ProxyOverride = *.local
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?DK
Trusted Zone: microsoft.com\update
TCP: {59E7E360-D930-4F4B-941C-4572E6E6AD37} = 208.67.222.222,208.67.220.220
.

**************************************************************************
scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer:

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\agrsmsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\AVG\AVG8\avgtray.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Gennemført tid: 2009-12-05 13:12 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2009-12-05 12:12
ComboFix2.txt  2009-12-05 11:03

Pre-Kørsel: 25.646.542.848 byte ledig
Post-Kørsel: 25.711.050.752 byte ledig

- - End Of File - - E0A68F407370DB09CF38BD4F98AEF20B

Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:32:35, on 05-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?DK (file missing)
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (Lotus Quickr Class) - http://kpssemsrv03.udd.sembsc.dk/qp2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldda-dk.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldda-dk.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59E7E360-D930-4F4B-941C-4572E6E6AD37}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 6564 bytes

Skrevet lør. d. 05. december 2009 kl. 13:56:26| #1

swordcat
swordcat (17.288 point)
Glemte at sige at jeg kører på Vista

Skrevet lør. d. 05. december 2009 kl. 14:59:50| #2

milter
milter (59.910 point)
Prøv det her:

Klik på Start > Kør > I vinduet skriver du "services.msc" (uden anførselstegn) > Rul ned, til du finder linien med "Sikkerhedscenter" > Dobbeltklik på linien > Sæt "Starttype" til "Automatisk" > Anvend > OK > Genstart.

Skrevet lør. d. 05. december 2009 kl. 15:01:29| #3

karise_larry
karise_larry (281.099 point)
www.ballade.dk

Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)


---

Under alle omstændigheder så kørere du både med
* AVG8 (Gammel version !!!)
* Avira

Afinstall den begge - Genstart - Opryd med CCleaner - Install
* AVG9 http://www.spywarefri.dk/software/avast-antivirus-home-edition/
eller
* Avast! http://www.spywarefri.dk/software/avg-anti-virus-free-edition/

---

Skrevet lør. d. 05. december 2009 kl. 19:34:56| #4

swordcat
swordcat (17.288 point)
Ja det har du ret i. Det skal dog siges at jeg først installerede Avast, efter at fejlmeldingen omkring sikkerhedscentret poppede op, samt de omtalte popups. Gjorde det for at se om Avast kunne finde nogle virusser, da AVG ikke fandt nogle. Eller det gjorde AVG rent faktisk efter et stykke tid. Virusset hed noget ala: richtx.exe ...kan ikke huske det helt :(

Men er det et problem at have 2 antivirusprogrammer kørende?

Du anbefaler altså kun 1, hvis jeg har forstået det rigtigt?

Jeg har nu ikke længere problemet, det viste sig at sikkerhedscentret efter en genstart af computeren blev sat iorden så at sige.

fromsej's guide gav med andre ord pote.

Vil dog stadig give dig point's for at have gennemgået logs'ne...

Skrevet lør. d. 05. december 2009 kl. 19:41:43| #5

karise_larry
karise_larry (281.099 point)
www.ballade.dk
Jeg vil nu gerne se en frisk Log fra HiJackThis - der er bla. lidt oprydning/optimering's detaljer...

Skrevet søn. d. 06. december 2009 kl. 07:21:04| #6

swordcat
swordcat (17.288 point)
HER HAR DU DEN:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:32:35, on 05-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?DK (file missing)
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (Lotus Quickr Class) - http://kpssemsrv03.udd.sembsc.dk/qp2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldda-dk.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldda-dk.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59E7E360-D930-4F4B-941C-4572E6E6AD37}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 6564 bytes

Skrevet søn. d. 06. december 2009 kl. 10:22:42| #7

karise_larry
karise_larry (281.099 point)
www.ballade.dk
Scan saved at 13:32:35, on 05-12-2009 - der er den gamle Log ! Opret en ny...

Skrevet tor. d. 10. december 2009 kl. 18:18:41| #8

swordcat
swordcat (17.288 point)
Lig et svar.....problemmet er løst ;)

Skrevet tor. d. 10. december 2009 kl. 19:01:37| #9

karise_larry
karise_larry (281.099 point)
www.ballade.dk
...Jeg vil nu gerne se en frisk Log fra HiJackThis - der er bla. lidt oprydning/optimering's detaljer...
...

Skrevet fre. d. 11. december 2009 kl. 06:44:31| #10

swordcat
swordcat (17.288 point)
Hver gang jeg bruger Hijackthis, så gemmer/kommer den gamle logfil frem. Det er den samme som vist foroven....hmmm. Hvad gør jeg karise?
Desuden kommer den med en meddelelse inden scanningen? http://img294.imageshack.us/img294/1641/desktopk.jpg

Skrevet fre. d. 11. december 2009 kl. 06:57:02| #11

karise_larry
karise_larry (281.099 point)
www.ballade.dk
SLET den gamle LOG fil helt - så ka' den tihvertifald ikke drille *S*

Mht. HiJackThis & Vista ->
HøjreMsseTast - "Kør som Administrator..."

Skrevet fre. d. 11. december 2009 kl. 17:17:34| #12

swordcat
swordcat (17.288 point)
Her er den så :) og tak for hjælpen




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:16:27, on 11-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?DK (file missing)
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (Lotus Quickr Class) - http://kpssemsrv03.udd.sembsc.dk/qp2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldda-dk.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldda-dk.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59E7E360-D930-4F4B-941C-4572E6E6AD37}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 6631 bytes

Skrevet lør. d. 12. december 2009 kl. 12:28:36| #13

karise_larry
karise_larry (281.099 point)
www.ballade.dk
Der er stadig (rester efter?)
* Avira AntiVir
* AVG Free8

Se #3 ... igen ...

Skrevet lør. d. 19. december 2009 kl. 09:21:48| #14

swordcat
swordcat (17.288 point)
Jamen gør det noget at have 2 anti-virus programer installeret?

Skrevet lør. d. 19. december 2009 kl. 10:21:16| #15

karise_larry
karise_larry (281.099 point)
www.ballade.dk
"Gør det noget at have to kærester samtidig" *G*
De vil modarbejde hinanden...

Mht nævnte AVG8 -> http://www.spywarefri.dk/artikel/computerblade-misinformerer/

Se #3 ... igen ... igen...

Skrevet tir. d. 22. december 2009 kl. 18:40:14| #16

swordcat
swordcat (17.288 point)
tak for hjælpen lig et svar ;)

Skrevet tir. d. 22. december 2009 kl. 19:34:55| #17

karise_larry
karise_larry (281.099 point)
www.ballade.dk
Ping...
(Det var et [svar]...)

Skriv et indlæg




Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] [img]link til billede[/img]
Web- og emailadresser omdannes automatisk til links

Log ind

   


Seneste spørgsmål

Pop-up reclaimer på mac

Oprettet den 16. september 2014 kl. 21.00
Hvims giver 30 point for svar | Giv et svar »

PRICECHOP

Oprettet den 11. september 2014 kl. 12.46
maska giver 30 point for svar | Giv et svar »

Er der nogen der har tid til at tjekke denne Hijackthis...

Oprettet den 7. september 2014 kl. 10.27
spasseren giver 200 point for svar | Giv et svar »






Computerworld

Teaser billede

Her er de så: Alle anmeldelserne af Apples nye iPhone 6

Apples iPhone 6 er på vej ud i butikkerne, og nu offentliggøres anmeldelserne af den nye iPhone i en lind strøm. Få overblikket her.

CIO

Teaser billede

Kæmpe cloud-satsning hos DSB: Flytter data til SAP og Microsoft

DSB er i gang med at luge kraftigt ud i antallet af applikationer og modernisere hele it-miljøet. Det betyder blandt andet en satsning på cloud-services fra SAP og Microsoft.

Comon

Teaser billede

Test: Android- eller Windows-hybrid - hvad fungerer egentlig bedst?

Windows-computere er i stigende grad begyndt at komme i forskellige hybridformer, hvor de fungerer på den ene eller anden måde som en tablet. Omvendt ser vi flere og flere Androidtablets med...

Channelworld

Teaser billede

Kommune droppede iPads: De var for billige - og for besværlige

En klar pædagogisk strategi og hensynet til det eksisterende it-setup fik lærere og politikere i Nordfyn Kommune til at dumpe iPads, da der skulle købes tablet-computere til eleverne - også selv om...

White paper

Teaser billede

Forretningansvarlig it-arkitektur

Actionable enterprise architecture fra IBM kan hjælpe til at styre kompleksiteten og afstemme it-projekter og løsninger med forretningsmål.



Udgiver · © 2014 Computerworld A/S · Hørkær 18 · 2730 Herlev · Tlf.: 77 300 300 · Fax: 77 300 301 · Brug af personoplysninger