Oprettet lør. d. 05. december 2009 kl. 13:51:35

swordcat
swordcat (17.133 point. Point ude: 415)


Tjenesten sikkerhedscenter kan ikke startes

Jeg tror sku jeg har fået virus på min fine bærbar. Problemet startede da jeg downloadede en fil, som jeg nok aldrig skulle have rørt. Irriterende pop-ups og unødvendige pornoikoner blev lagt på mit skrivebord. Det er nu ikke længere et problem, for de dukker ikke op mere.

Nu kan og vil sikkerhedscenteret ikke startes. Det røde skjold med det hvide kryds nederest til højre minder mig om problemet, hver gang jeg tænder for computeren.

Har læst og gjort præcis hvad der står: http://www.eksperten.dk/guide/1232

ccleaner, malwarebytes, combofixog hijackthis er taget i brug og har nu brug for Jer ekspertes bud på hvad der er galt. Her er logs'ne fra de ovennævnte programmer foruden ccleaner.

Malwarebytes:

Malwarebytes' Anti-Malware 1.42
Database version: 3299
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18828

05-12-2009 11:27:56
mbam-log-2009-12-05 (11-27-56).txt

Skan type: Fuldstændig skanning (C:\|)
Objekter skannet: 211202
Tid tilbagelagt: 2 hour(s), 31 minute(s), 56 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)

ComboFix:
ComboFix 09-12-04.02 - Volkan 05-12-2009 12:40.2.2 - x86
Microsoft® Windows Vista™ Home Basic  6.0.6002.2.1252.45.1030.18.1013.211 [GMT 1:00]
Kører fra: c:\users\Volkan\Desktop\Ny\ComboFix.exe
Kommandoer benyttet :: c:\users\Volkan\Desktop\Ny\CFScript.txt
.

(((((((((((((((((((((((((((((  Filer skabt fra 2009-11-05 til 2009-12-05  )))))))))))))))))))))))))))))))))))
.

2009-12-05 11:58 . 2009-12-05 11:58    --------    d-----w-    c:\users\Public\AppData\Local\temp
2009-12-05 11:58 . 2009-12-05 11:58    --------    d-----w-    c:\users\Default\AppData\Local\temp
2009-12-05 11:40 . 2009-12-05 11:40    --------    d-----w-    c:\program files\Trend Micro
2009-12-05 11:03 . 2009-12-05 12:01    4096    d-----w-    c:\users\Volkan\AppData\Local\temp
2009-12-05 07:54 . 2009-12-05 07:54    --------    d-----w-    c:\users\Volkan\AppData\Roaming\Malwarebytes
2009-12-05 07:54 . 2009-12-03 15:14    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-05 07:54 . 2009-12-05 07:54    --------    d-----w-    c:\programdata\Malwarebytes
2009-12-05 07:54 . 2009-12-05 07:54    4096    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2009-12-05 07:54 . 2009-12-03 15:13    19160    ----a-w-    c:\windows\system32\drivers\mbam.sys
2009-12-05 07:52 . 2009-12-05 07:52    --------    d-----w-    c:\program files\CCleaner
2009-12-05 07:30 . 2009-12-05 12:02    4096    d-----w-    c:\windows\system32\wbem\repository
2009-12-04 17:22 . 2009-07-28 14:33    55656    ----a-w-    c:\windows\system32\drivers\avgntflt.sys
2009-12-04 17:22 . 2009-03-30 08:33    96104    ----a-w-    c:\windows\system32\drivers\avipbb.sys
2009-12-04 17:22 . 2009-12-04 17:22    --------    d-----w-    c:\programdata\Avira
2009-12-04 17:22 . 2009-12-04 17:22    --------    d-----w-    c:\program files\Avira
2009-11-25 15:43 . 2009-10-29 09:17    2048    ----a-w-    c:\windows\system32\tzres.dll
2009-11-25 15:42 . 2009-11-25 15:42    --------    d-----w-    c:\program files\MSXML 4.0
2009-11-25 15:41 . 2009-08-11 16:44    1401856    ----a-w-    c:\windows\system32\msxml6.dll
2009-11-25 15:41 . 2009-08-11 16:44    1248768    ----a-w-    c:\windows\system32\msxml3.dll
2009-11-15 09:54 . 2009-11-15 09:54    --------    d-----w-    c:\users\Volkan\AppData\Local\Apple
2009-11-13 18:00 . 2009-12-05 07:30    --------    d-----w-    c:\users\Volkan\Tracing
2009-11-11 08:36 . 2009-08-14 13:27    2036736    ----a-w-    c:\windows\system32\win32k.sys
2009-11-11 08:36 . 2009-08-10 12:35    355328    ----a-w-    c:\windows\system32\WSDApi.dll
2009-11-09 21:03 . 2009-11-09 21:03    --------    d-----w-    c:\program files\Common Files\Adobe
2009-11-06 06:12 . 2009-08-07 02:24    44768    ----a-w-    c:\windows\system32\wups2.dll
2009-11-06 06:12 . 2009-08-07 02:24    53472    ----a-w-    c:\windows\system32\wuauclt.exe
2009-11-06 06:12 . 2009-08-07 02:23    1929952    ----a-w-    c:\windows\system32\wuaueng.dll
2009-11-06 06:12 . 2009-08-07 01:45    2421760    ----a-w-    c:\windows\system32\wucltux.dll
2009-11-06 06:11 . 2009-08-07 02:24    35552    ----a-w-    c:\windows\system32\wups.dll
2009-11-06 06:11 . 2009-08-07 02:23    575704    ----a-w-    c:\windows\system32\wuapi.dll
2009-11-06 06:11 . 2009-08-07 01:44    87552    ----a-w-    c:\windows\system32\wudriver.dll
2009-11-06 06:11 . 2009-08-06 18:23    171608    ----a-w-    c:\windows\system32\wuwebv.dll
2009-11-06 06:11 . 2009-08-06 17:44    33792    ----a-w-    c:\windows\system32\wuapp.exe

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-02 16:24 . 2006-11-21 04:45    78210    ----a-w-    c:\windows\system32\perfc006.dat
2009-12-02 16:24 . 2006-11-21 04:45    466378    ----a-w-    c:\windows\system32\perfh006.dat
2009-11-13 17:54 . 2009-07-05 17:23    4096    d-----w-    c:\programdata\avg8
2009-11-13 17:40 . 2009-02-22 13:15    4096    d-----w-    c:\program files\DivX
2009-11-11 14:13 . 2006-11-02 11:18    4096    d-----w-    c:\program files\Windows Mail
2009-11-11 08:47 . 2009-05-08 09:24    12288    d-----w-    c:\programdata\Microsoft Help
2009-11-02 19:42 . 2009-10-08 00:07    195456    ------w-    c:\windows\system32\MpSigStub.exe
2009-11-01 18:44 . 2009-11-01 16:15    4096    d-----w-    c:\users\Volkan\AppData\Roaming\vlc
2009-11-01 16:14 . 2009-11-01 16:14    --------    d-----w-    c:\program files\VideoLAN
2009-10-31 16:17 . 2009-10-31 16:15    4096    d-----w-    c:\program files\iTunes
2009-10-31 16:16 . 2009-10-31 16:16    --------    d-----w-    c:\program files\iPod
2009-10-31 16:15 . 2009-09-15 15:41    --------    d-----w-    c:\program files\Common Files\Apple
2009-10-31 16:09 . 2009-10-31 16:09    79144    ----a-w-    c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-28 22:58 . 2009-10-28 22:58    --------    d-----w-    c:\program files\Windows Portable Devices
2009-10-28 22:57 . 2006-11-02 10:25    665600    ----a-w-    c:\windows\inf\drvindex.dat
2009-10-28 22:57 . 2009-10-28 22:57    0    ---ha-w-    c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-10-28 22:56 . 2009-10-28 22:56    0    ---ha-w-    c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-10-17 13:37 . 2009-01-20 13:35    4096    d-----w-    c:\programdata\CanonIJPLM
2009-10-16 11:42 . 2007-09-06 16:09    24576    d-----w-    c:\program files\Microsoft Works
2009-10-10 10:04 . 2007-09-12 18:38    4096    d-----w-    c:\users\Volkan\AppData\Roaming\Apple Computer
2009-10-10 10:04 . 2009-02-22 06:51    4096    d-----w-    c:\program files\QuickTime
2009-10-08 21:08 . 2009-10-28 12:55    555520    ----a-w-    c:\windows\system32\UIAutomationCore.dll
2009-10-08 21:08 . 2009-10-28 12:55    234496    ----a-w-    c:\windows\system32\oleacc.dll
2009-10-08 21:07 . 2009-10-28 12:55    4096    ----a-w-    c:\windows\system32\oleaccrc.dll
2009-10-01 01:02 . 2009-10-28 12:56    2537472    ----a-w-    c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-10-28 12:56    30208    ----a-w-    c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-10-28 12:56    334848    ----a-w-    c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-10-28 12:56    87552    ----a-w-    c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-10-28 12:56    31232    ----a-w-    c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-10-28 12:56    546816    ----a-w-    c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-10-28 12:56    160256    ----a-w-    c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-10-28 12:56    60928    ----a-w-    c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-10-28 12:56    350208    ----a-w-    c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-10-28 12:56    196608    ----a-w-    c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-10-28 12:56    100864    ----a-w-    c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-10-28 12:56    81920    ----a-w-    c:\windows\system32\wpdbusenum.dll
2009-10-01 01:01 . 2009-10-28 12:56    40448    ----a-w-    c:\windows\system32\drivers\WpdUsb.sys
2009-10-01 01:01 . 2009-10-28 12:56    226816    ----a-w-    c:\windows\system32\WpdMtp.dll
2009-10-01 01:01 . 2009-10-28 12:56    61952    ----a-w-    c:\windows\system32\WpdMtpUS.dll
2009-10-01 01:01 . 2009-10-28 12:56    33280    ----a-w-    c:\windows\system32\WpdConns.dll
2009-09-25 02:10 . 2009-10-28 12:57    974848    ----a-w-    c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07 . 2009-10-28 12:57    189440    ----a-w-    c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04 . 2009-10-28 12:57    321024    ----a-w-    c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49 . 2009-10-28 12:57    1554432    ----a-w-    c:\windows\system32\xpsservices.dll
2009-09-25 01:48 . 2009-10-28 12:57    351232    ----a-w-    c:\windows\system32\XpsPrint.dll
2009-09-25 01:38 . 2009-10-28 12:57    847360    ----a-w-    c:\windows\system32\OpcServices.dll
2009-09-25 01:36 . 2009-10-28 12:57    280064    ----a-w-    c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35 . 2009-10-28 12:57    135680    ----a-w-    c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33 . 2009-10-28 12:57    195584    ----a-w-    c:\windows\system32\dxdiagn.dll
2009-09-25 01:33 . 2009-10-28 12:57    829440    ----a-w-    c:\windows\system32\d3d10warp.dll
2009-09-25 01:33 . 2009-10-28 12:57    369664    ----a-w-    c:\windows\system32\WMPhoto.dll
2009-09-25 01:32 . 2009-10-28 12:57    252928    ----a-w-    c:\windows\system32\dxdiag.exe
2009-09-25 01:31 . 2009-10-28 12:57    519680    ----a-w-    c:\windows\system32\d3d11.dll
2009-09-25 01:31 . 2009-10-28 12:57    486912    ----a-w-    c:\windows\system32\d3d10level9.dll
2009-09-25 01:31 . 2009-10-28 12:57    161280    ----a-w-    c:\windows\system32\d3d10_1.dll
2009-09-25 01:31 . 2009-10-28 12:57    218112    ----a-w-    c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31 . 2009-10-28 12:57    1030144    ----a-w-    c:\windows\system32\d3d10.dll
2009-09-25 01:31 . 2009-10-28 12:57    828928    ----a-w-    c:\windows\system32\d2d1.dll
2009-09-25 01:30 . 2009-10-28 12:57    481792    ----a-w-    c:\windows\system32\dxgi.dll
2009-09-25 01:30 . 2009-10-28 12:57    190464    ----a-w-    c:\windows\system32\d3d10core.dll
2009-09-25 01:27 . 2009-10-28 12:57    634880    ----a-w-    c:\windows\system32\drivers\dxgkrnl.sys
2009-09-25 01:27 . 2009-10-28 12:57    37888    ----a-w-    c:\windows\system32\cdd.dll
2009-09-25 01:27 . 2009-10-28 12:57    793088    ----a-w-    c:\windows\system32\FntCache.dll
2009-09-25 01:27 . 2009-10-28 12:57    1064448    ----a-w-    c:\windows\system32\DWrite.dll
2009-09-24 22:54 . 2009-10-28 12:57    258048    ----a-w-    c:\windows\system32\winspool.drv
2009-09-24 22:54 . 2009-10-28 12:57    667648    ----a-w-    c:\windows\system32\printfilterpipelinesvc.exe
2009-09-24 22:54 . 2009-10-28 12:57    26112    ----a-w-    c:\windows\system32\printfilterpipelineprxy.dll
2009-09-18 14:35 . 2008-05-12 19:14    934    ----a-w-    c:\users\Volkan\AppData\Roaming\wklnhst.dat
2009-09-14 09:29 . 2009-10-16 11:33    144896    ----a-w-    c:\windows\system32\drivers\srv2.sys
2009-09-10 16:48 . 2009-10-16 11:33    218624    ----a-w-    c:\windows\system32\msv1_0.dll
2009-09-10 14:59 . 2009-10-28 12:51    8147456    ----a-w-    c:\windows\system32\wmploc.DLL
2009-09-10 14:58 . 2009-10-28 12:51    310784    ----a-w-    c:\windows\system32\unregmp2.exe
2009-09-10 02:01 . 2009-10-28 12:58    3023360    ----a-w-    c:\windows\system32\UIRibbon.dll
2009-09-10 02:00 . 2009-10-28 12:58    1164800    ----a-w-    c:\windows\system32\UIRibbonRes.dll
2009-09-10 02:00 . 2009-10-28 12:58    92672    ----a-w-    c:\windows\system32\UIAnimation.dll
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-14 14:07    1004800    ----a-w-    c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-18 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-18 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-18 133656]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-11-26 2029336]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-11-07 3772416]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Users^Volkan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Media Player.lnk]
backup=c:\windows\pss\Adobe Media Player.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Volkan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):28,8e,15,40,19,fa,c9,01

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [05-07-2009 18:23 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [05-07-2009 18:24 108552]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [04-12-2009 18:22 108289]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [05-07-2009 18:23 297752]
R3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys [21-12-2006 11:33 7168]
S3 FontCache;Tjenesten Windows-skrifttypecache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [05-10-2008 13:27 21504]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\System32\drivers\usbaapl.sys [28-08-2009 18:42 40448]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork    REG_MULTI_SZ      PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation    REG_MULTI_SZ      FontCache
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.dk/
uInternet Settings,ProxyOverride = *.local
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?DK
Trusted Zone: microsoft.com\update
TCP: {59E7E360-D930-4F4B-941C-4572E6E6AD37} = 208.67.222.222,208.67.220.220
.

**************************************************************************
scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer:

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\agrsmsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\AVG\AVG8\avgtray.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Gennemført tid: 2009-12-05 13:12 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2009-12-05 12:12
ComboFix2.txt  2009-12-05 11:03

Pre-Kørsel: 25.646.542.848 byte ledig
Post-Kørsel: 25.711.050.752 byte ledig

- - End Of File - - E0A68F407370DB09CF38BD4F98AEF20B

Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:32:35, on 05-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?DK (file missing)
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (Lotus Quickr Class) - http://kpssemsrv03.udd.sembsc.dk/qp2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldda-dk.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldda-dk.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59E7E360-D930-4F4B-941C-4572E6E6AD37}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 6564 bytes

Skrevet lør. d. 05. december 2009 kl. 13:56:26| #1

swordcat
swordcat (17.133 point)
Glemte at sige at jeg kører på Vista

Skrevet lør. d. 05. december 2009 kl. 14:59:50| #2

milter
milter (59.755 point)
Prøv det her:

Klik på Start > Kør > I vinduet skriver du "services.msc" (uden anførselstegn) > Rul ned, til du finder linien med "Sikkerhedscenter" > Dobbeltklik på linien > Sæt "Starttype" til "Automatisk" > Anvend > OK > Genstart.

Skrevet lør. d. 05. december 2009 kl. 15:01:29| #3

karise_larry
karise_larry (280.944 point)
www.ballade.dk

Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)


---

Under alle omstændigheder så kørere du både med
* AVG8 (Gammel version !!!)
* Avira

Afinstall den begge - Genstart - Opryd med CCleaner - Install
* AVG9 http://www.spywarefri.dk/software/avast-antivirus-home-edition/
eller
* Avast! http://www.spywarefri.dk/software/avg-anti-virus-free-edition/

---

Skrevet lør. d. 05. december 2009 kl. 19:34:56| #4

swordcat
swordcat (17.133 point)
Ja det har du ret i. Det skal dog siges at jeg først installerede Avast, efter at fejlmeldingen omkring sikkerhedscentret poppede op, samt de omtalte popups. Gjorde det for at se om Avast kunne finde nogle virusser, da AVG ikke fandt nogle. Eller det gjorde AVG rent faktisk efter et stykke tid. Virusset hed noget ala: richtx.exe ...kan ikke huske det helt :(

Men er det et problem at have 2 antivirusprogrammer kørende?

Du anbefaler altså kun 1, hvis jeg har forstået det rigtigt?

Jeg har nu ikke længere problemet, det viste sig at sikkerhedscentret efter en genstart af computeren blev sat iorden så at sige.

fromsej's guide gav med andre ord pote.

Vil dog stadig give dig point's for at have gennemgået logs'ne...

Skrevet lør. d. 05. december 2009 kl. 19:41:43| #5

karise_larry
karise_larry (280.944 point)
www.ballade.dk
Jeg vil nu gerne se en frisk Log fra HiJackThis - der er bla. lidt oprydning/optimering's detaljer...

Skrevet søn. d. 06. december 2009 kl. 07:21:04| #6

swordcat
swordcat (17.133 point)
HER HAR DU DEN:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:32:35, on 05-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?DK (file missing)
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (Lotus Quickr Class) - http://kpssemsrv03.udd.sembsc.dk/qp2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldda-dk.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldda-dk.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59E7E360-D930-4F4B-941C-4572E6E6AD37}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 6564 bytes

Skrevet søn. d. 06. december 2009 kl. 10:22:42| #7

karise_larry
karise_larry (280.944 point)
www.ballade.dk
Scan saved at 13:32:35, on 05-12-2009 - der er den gamle Log ! Opret en ny...

Skrevet tor. d. 10. december 2009 kl. 18:18:41| #8

swordcat
swordcat (17.133 point)
Lig et svar.....problemmet er løst ;)

Skrevet tor. d. 10. december 2009 kl. 19:01:37| #9

karise_larry
karise_larry (280.944 point)
www.ballade.dk
...Jeg vil nu gerne se en frisk Log fra HiJackThis - der er bla. lidt oprydning/optimering's detaljer...
...

Skrevet fre. d. 11. december 2009 kl. 06:44:31| #10

swordcat
swordcat (17.133 point)
Hver gang jeg bruger Hijackthis, så gemmer/kommer den gamle logfil frem. Det er den samme som vist foroven....hmmm. Hvad gør jeg karise?
Desuden kommer den med en meddelelse inden scanningen? http://img294.imageshack.us/img294/1641/desktopk.jpg

Skrevet fre. d. 11. december 2009 kl. 06:57:02| #11

karise_larry
karise_larry (280.944 point)
www.ballade.dk
SLET den gamle LOG fil helt - så ka' den tihvertifald ikke drille *S*

Mht. HiJackThis & Vista ->
HøjreMsseTast - "Kør som Administrator..."

Skrevet fre. d. 11. december 2009 kl. 17:17:34| #12

swordcat
swordcat (17.133 point)
Her er den så :) og tak for hjælpen




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:16:27, on 11-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?DK (file missing)
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (Lotus Quickr Class) - http://kpssemsrv03.udd.sembsc.dk/qp2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldda-dk.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldda-dk.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59E7E360-D930-4F4B-941C-4572E6E6AD37}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 6631 bytes

Skrevet lør. d. 12. december 2009 kl. 12:28:36| #13

karise_larry
karise_larry (280.944 point)
www.ballade.dk
Der er stadig (rester efter?)
* Avira AntiVir
* AVG Free8

Se #3 ... igen ...

Skrevet lør. d. 19. december 2009 kl. 09:21:48| #14

swordcat
swordcat (17.133 point)
Jamen gør det noget at have 2 anti-virus programer installeret?

Skrevet lør. d. 19. december 2009 kl. 10:21:16| #15

karise_larry
karise_larry (280.944 point)
www.ballade.dk
"Gør det noget at have to kærester samtidig" *G*
De vil modarbejde hinanden...

Mht nævnte AVG8 -> http://www.spywarefri.dk/artikel/computerblade-misinformerer/

Se #3 ... igen ... igen...

Skrevet tir. d. 22. december 2009 kl. 18:40:14| #16

swordcat
swordcat (17.133 point)
tak for hjælpen lig et svar ;)

Skrevet tir. d. 22. december 2009 kl. 19:34:55| #17

karise_larry
karise_larry (280.944 point)
www.ballade.dk
Ping...
(Det var et [svar]...)

Skriv et indlæg




Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] [img]link til billede[/img]
Web- og emailadresser omdannes automatisk til links

Log ind

   


Seneste spørgsmål

Virus med musik der pludselig begynder at spille.(måske...

Oprettet den 21. august 2014 kl. 17.41
crasser83 giver 200 point for svar | Giv et svar »

Bestdiscountadd <- hjælp med af afhvikle denne!

Oprettet den 20. august 2014 kl. 11.12
ronniras giver 200 point for svar | Giv et svar »

Inficeret computer

Oprettet den 18. august 2014 kl. 20.48
Chalfen giver 200 point for svar | Giv et svar »

Seneste guides

Opret BOOTBAR USB pen ...
Undgå reklamerne på iPad





Computerworld

Teaser billede

Guide: Sådan laver du din egen private "Dropbox"-server med Raspberry Pi på et kvarter

Selv uden de store Linux-evner kan en nybegynder relativt nemt lave en Sync-server, som fungerer på samme måde som de kendte sky-tjenester, så længe man er væbnet med tålmodighed og gåpåmod.

CIO

Teaser billede

Her er læren af Windows 8.1: Sådan kan du undgå kaos næste gang

ComputerViews: Opgraderingen Windows 8.1 har givet store problemer for mange brugere. Problemet skal findes i en grundlæggende mangel, som du også selv bærer et ansvar for.

Comon

Teaser billede

Stor guide: Her er den nødvendige software til din studie-pc

Software til din studiecomputer kan koste dig over 10.000 kroner gennem uddannelsen, men du kan også klare dig ganske gratis. Her er en guide til den nødvendige software på både Mac og pc - og til...

Channelworld

Teaser billede

Den ukendte dansker i spidsen for Microsofts milliard-forretning

Interview: Ikke mange herhjemme kender 44-årige Microsoft-dansker Thomas Neergaard Hansen, der står i spidsen for en global forretning med en årlig omsætning på mere end 40 milliarder...

White paper

Teaser billede

Bliv en bedre produktchef

Følg 10 trin, der kan hjælpe enhver produktchef til at løfte produktledelse fra en reagerende taktisk position til en strategisk position.



Udgiver · © 2014 Computerworld A/S · Hørkær 18 · 2730 Herlev · Tlf.: 77 300 300 · Fax: 77 300 301 · Brug af personoplysninger