Oprettet lør. d. 05. december 2009 kl. 13:51:35

swordcat
swordcat (17.013 point. Point ude: 415)


Tjenesten sikkerhedscenter kan ikke startes

Jeg tror sku jeg har fået virus på min fine bærbar. Problemet startede da jeg downloadede en fil, som jeg nok aldrig skulle have rørt. Irriterende pop-ups og unødvendige pornoikoner blev lagt på mit skrivebord. Det er nu ikke længere et problem, for de dukker ikke op mere.

Nu kan og vil sikkerhedscenteret ikke startes. Det røde skjold med det hvide kryds nederest til højre minder mig om problemet, hver gang jeg tænder for computeren.

Har læst og gjort præcis hvad der står: http://www.eksperten.dk/guide/1232

ccleaner, malwarebytes, combofixog hijackthis er taget i brug og har nu brug for Jer ekspertes bud på hvad der er galt. Her er logs'ne fra de ovennævnte programmer foruden ccleaner.

Malwarebytes:

Malwarebytes' Anti-Malware 1.42
Database version: 3299
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18828

05-12-2009 11:27:56
mbam-log-2009-12-05 (11-27-56).txt

Skan type: Fuldstændig skanning (C:\|)
Objekter skannet: 211202
Tid tilbagelagt: 2 hour(s), 31 minute(s), 56 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)

ComboFix:
ComboFix 09-12-04.02 - Volkan 05-12-2009 12:40.2.2 - x86
Microsoft® Windows Vista™ Home Basic  6.0.6002.2.1252.45.1030.18.1013.211 [GMT 1:00]
Kører fra: c:\users\Volkan\Desktop\Ny\ComboFix.exe
Kommandoer benyttet :: c:\users\Volkan\Desktop\Ny\CFScript.txt
.

(((((((((((((((((((((((((((((  Filer skabt fra 2009-11-05 til 2009-12-05  )))))))))))))))))))))))))))))))))))
.

2009-12-05 11:58 . 2009-12-05 11:58    --------    d-----w-    c:\users\Public\AppData\Local\temp
2009-12-05 11:58 . 2009-12-05 11:58    --------    d-----w-    c:\users\Default\AppData\Local\temp
2009-12-05 11:40 . 2009-12-05 11:40    --------    d-----w-    c:\program files\Trend Micro
2009-12-05 11:03 . 2009-12-05 12:01    4096    d-----w-    c:\users\Volkan\AppData\Local\temp
2009-12-05 07:54 . 2009-12-05 07:54    --------    d-----w-    c:\users\Volkan\AppData\Roaming\Malwarebytes
2009-12-05 07:54 . 2009-12-03 15:14    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-05 07:54 . 2009-12-05 07:54    --------    d-----w-    c:\programdata\Malwarebytes
2009-12-05 07:54 . 2009-12-05 07:54    4096    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2009-12-05 07:54 . 2009-12-03 15:13    19160    ----a-w-    c:\windows\system32\drivers\mbam.sys
2009-12-05 07:52 . 2009-12-05 07:52    --------    d-----w-    c:\program files\CCleaner
2009-12-05 07:30 . 2009-12-05 12:02    4096    d-----w-    c:\windows\system32\wbem\repository
2009-12-04 17:22 . 2009-07-28 14:33    55656    ----a-w-    c:\windows\system32\drivers\avgntflt.sys
2009-12-04 17:22 . 2009-03-30 08:33    96104    ----a-w-    c:\windows\system32\drivers\avipbb.sys
2009-12-04 17:22 . 2009-12-04 17:22    --------    d-----w-    c:\programdata\Avira
2009-12-04 17:22 . 2009-12-04 17:22    --------    d-----w-    c:\program files\Avira
2009-11-25 15:43 . 2009-10-29 09:17    2048    ----a-w-    c:\windows\system32\tzres.dll
2009-11-25 15:42 . 2009-11-25 15:42    --------    d-----w-    c:\program files\MSXML 4.0
2009-11-25 15:41 . 2009-08-11 16:44    1401856    ----a-w-    c:\windows\system32\msxml6.dll
2009-11-25 15:41 . 2009-08-11 16:44    1248768    ----a-w-    c:\windows\system32\msxml3.dll
2009-11-15 09:54 . 2009-11-15 09:54    --------    d-----w-    c:\users\Volkan\AppData\Local\Apple
2009-11-13 18:00 . 2009-12-05 07:30    --------    d-----w-    c:\users\Volkan\Tracing
2009-11-11 08:36 . 2009-08-14 13:27    2036736    ----a-w-    c:\windows\system32\win32k.sys
2009-11-11 08:36 . 2009-08-10 12:35    355328    ----a-w-    c:\windows\system32\WSDApi.dll
2009-11-09 21:03 . 2009-11-09 21:03    --------    d-----w-    c:\program files\Common Files\Adobe
2009-11-06 06:12 . 2009-08-07 02:24    44768    ----a-w-    c:\windows\system32\wups2.dll
2009-11-06 06:12 . 2009-08-07 02:24    53472    ----a-w-    c:\windows\system32\wuauclt.exe
2009-11-06 06:12 . 2009-08-07 02:23    1929952    ----a-w-    c:\windows\system32\wuaueng.dll
2009-11-06 06:12 . 2009-08-07 01:45    2421760    ----a-w-    c:\windows\system32\wucltux.dll
2009-11-06 06:11 . 2009-08-07 02:24    35552    ----a-w-    c:\windows\system32\wups.dll
2009-11-06 06:11 . 2009-08-07 02:23    575704    ----a-w-    c:\windows\system32\wuapi.dll
2009-11-06 06:11 . 2009-08-07 01:44    87552    ----a-w-    c:\windows\system32\wudriver.dll
2009-11-06 06:11 . 2009-08-06 18:23    171608    ----a-w-    c:\windows\system32\wuwebv.dll
2009-11-06 06:11 . 2009-08-06 17:44    33792    ----a-w-    c:\windows\system32\wuapp.exe

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-02 16:24 . 2006-11-21 04:45    78210    ----a-w-    c:\windows\system32\perfc006.dat
2009-12-02 16:24 . 2006-11-21 04:45    466378    ----a-w-    c:\windows\system32\perfh006.dat
2009-11-13 17:54 . 2009-07-05 17:23    4096    d-----w-    c:\programdata\avg8
2009-11-13 17:40 . 2009-02-22 13:15    4096    d-----w-    c:\program files\DivX
2009-11-11 14:13 . 2006-11-02 11:18    4096    d-----w-    c:\program files\Windows Mail
2009-11-11 08:47 . 2009-05-08 09:24    12288    d-----w-    c:\programdata\Microsoft Help
2009-11-02 19:42 . 2009-10-08 00:07    195456    ------w-    c:\windows\system32\MpSigStub.exe
2009-11-01 18:44 . 2009-11-01 16:15    4096    d-----w-    c:\users\Volkan\AppData\Roaming\vlc
2009-11-01 16:14 . 2009-11-01 16:14    --------    d-----w-    c:\program files\VideoLAN
2009-10-31 16:17 . 2009-10-31 16:15    4096    d-----w-    c:\program files\iTunes
2009-10-31 16:16 . 2009-10-31 16:16    --------    d-----w-    c:\program files\iPod
2009-10-31 16:15 . 2009-09-15 15:41    --------    d-----w-    c:\program files\Common Files\Apple
2009-10-31 16:09 . 2009-10-31 16:09    79144    ----a-w-    c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-28 22:58 . 2009-10-28 22:58    --------    d-----w-    c:\program files\Windows Portable Devices
2009-10-28 22:57 . 2006-11-02 10:25    665600    ----a-w-    c:\windows\inf\drvindex.dat
2009-10-28 22:57 . 2009-10-28 22:57    0    ---ha-w-    c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-10-28 22:56 . 2009-10-28 22:56    0    ---ha-w-    c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-10-17 13:37 . 2009-01-20 13:35    4096    d-----w-    c:\programdata\CanonIJPLM
2009-10-16 11:42 . 2007-09-06 16:09    24576    d-----w-    c:\program files\Microsoft Works
2009-10-10 10:04 . 2007-09-12 18:38    4096    d-----w-    c:\users\Volkan\AppData\Roaming\Apple Computer
2009-10-10 10:04 . 2009-02-22 06:51    4096    d-----w-    c:\program files\QuickTime
2009-10-08 21:08 . 2009-10-28 12:55    555520    ----a-w-    c:\windows\system32\UIAutomationCore.dll
2009-10-08 21:08 . 2009-10-28 12:55    234496    ----a-w-    c:\windows\system32\oleacc.dll
2009-10-08 21:07 . 2009-10-28 12:55    4096    ----a-w-    c:\windows\system32\oleaccrc.dll
2009-10-01 01:02 . 2009-10-28 12:56    2537472    ----a-w-    c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-10-28 12:56    30208    ----a-w-    c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-10-28 12:56    334848    ----a-w-    c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-10-28 12:56    87552    ----a-w-    c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-10-28 12:56    31232    ----a-w-    c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-10-28 12:56    546816    ----a-w-    c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-10-28 12:56    160256    ----a-w-    c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-10-28 12:56    60928    ----a-w-    c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-10-28 12:56    350208    ----a-w-    c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-10-28 12:56    196608    ----a-w-    c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-10-28 12:56    100864    ----a-w-    c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-10-28 12:56    81920    ----a-w-    c:\windows\system32\wpdbusenum.dll
2009-10-01 01:01 . 2009-10-28 12:56    40448    ----a-w-    c:\windows\system32\drivers\WpdUsb.sys
2009-10-01 01:01 . 2009-10-28 12:56    226816    ----a-w-    c:\windows\system32\WpdMtp.dll
2009-10-01 01:01 . 2009-10-28 12:56    61952    ----a-w-    c:\windows\system32\WpdMtpUS.dll
2009-10-01 01:01 . 2009-10-28 12:56    33280    ----a-w-    c:\windows\system32\WpdConns.dll
2009-09-25 02:10 . 2009-10-28 12:57    974848    ----a-w-    c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07 . 2009-10-28 12:57    189440    ----a-w-    c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04 . 2009-10-28 12:57    321024    ----a-w-    c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49 . 2009-10-28 12:57    1554432    ----a-w-    c:\windows\system32\xpsservices.dll
2009-09-25 01:48 . 2009-10-28 12:57    351232    ----a-w-    c:\windows\system32\XpsPrint.dll
2009-09-25 01:38 . 2009-10-28 12:57    847360    ----a-w-    c:\windows\system32\OpcServices.dll
2009-09-25 01:36 . 2009-10-28 12:57    280064    ----a-w-    c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35 . 2009-10-28 12:57    135680    ----a-w-    c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33 . 2009-10-28 12:57    195584    ----a-w-    c:\windows\system32\dxdiagn.dll
2009-09-25 01:33 . 2009-10-28 12:57    829440    ----a-w-    c:\windows\system32\d3d10warp.dll
2009-09-25 01:33 . 2009-10-28 12:57    369664    ----a-w-    c:\windows\system32\WMPhoto.dll
2009-09-25 01:32 . 2009-10-28 12:57    252928    ----a-w-    c:\windows\system32\dxdiag.exe
2009-09-25 01:31 . 2009-10-28 12:57    519680    ----a-w-    c:\windows\system32\d3d11.dll
2009-09-25 01:31 . 2009-10-28 12:57    486912    ----a-w-    c:\windows\system32\d3d10level9.dll
2009-09-25 01:31 . 2009-10-28 12:57    161280    ----a-w-    c:\windows\system32\d3d10_1.dll
2009-09-25 01:31 . 2009-10-28 12:57    218112    ----a-w-    c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31 . 2009-10-28 12:57    1030144    ----a-w-    c:\windows\system32\d3d10.dll
2009-09-25 01:31 . 2009-10-28 12:57    828928    ----a-w-    c:\windows\system32\d2d1.dll
2009-09-25 01:30 . 2009-10-28 12:57    481792    ----a-w-    c:\windows\system32\dxgi.dll
2009-09-25 01:30 . 2009-10-28 12:57    190464    ----a-w-    c:\windows\system32\d3d10core.dll
2009-09-25 01:27 . 2009-10-28 12:57    634880    ----a-w-    c:\windows\system32\drivers\dxgkrnl.sys
2009-09-25 01:27 . 2009-10-28 12:57    37888    ----a-w-    c:\windows\system32\cdd.dll
2009-09-25 01:27 . 2009-10-28 12:57    793088    ----a-w-    c:\windows\system32\FntCache.dll
2009-09-25 01:27 . 2009-10-28 12:57    1064448    ----a-w-    c:\windows\system32\DWrite.dll
2009-09-24 22:54 . 2009-10-28 12:57    258048    ----a-w-    c:\windows\system32\winspool.drv
2009-09-24 22:54 . 2009-10-28 12:57    667648    ----a-w-    c:\windows\system32\printfilterpipelinesvc.exe
2009-09-24 22:54 . 2009-10-28 12:57    26112    ----a-w-    c:\windows\system32\printfilterpipelineprxy.dll
2009-09-18 14:35 . 2008-05-12 19:14    934    ----a-w-    c:\users\Volkan\AppData\Roaming\wklnhst.dat
2009-09-14 09:29 . 2009-10-16 11:33    144896    ----a-w-    c:\windows\system32\drivers\srv2.sys
2009-09-10 16:48 . 2009-10-16 11:33    218624    ----a-w-    c:\windows\system32\msv1_0.dll
2009-09-10 14:59 . 2009-10-28 12:51    8147456    ----a-w-    c:\windows\system32\wmploc.DLL
2009-09-10 14:58 . 2009-10-28 12:51    310784    ----a-w-    c:\windows\system32\unregmp2.exe
2009-09-10 02:01 . 2009-10-28 12:58    3023360    ----a-w-    c:\windows\system32\UIRibbon.dll
2009-09-10 02:00 . 2009-10-28 12:58    1164800    ----a-w-    c:\windows\system32\UIRibbonRes.dll
2009-09-10 02:00 . 2009-10-28 12:58    92672    ----a-w-    c:\windows\system32\UIAnimation.dll
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-14 14:07    1004800    ----a-w-    c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-18 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-18 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-18 133656]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-11-26 2029336]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-11-07 3772416]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Users^Volkan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Media Player.lnk]
backup=c:\windows\pss\Adobe Media Player.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Volkan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):28,8e,15,40,19,fa,c9,01

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [05-07-2009 18:23 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [05-07-2009 18:24 108552]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [04-12-2009 18:22 108289]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [05-07-2009 18:23 297752]
R3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys [21-12-2006 11:33 7168]
S3 FontCache;Tjenesten Windows-skrifttypecache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [05-10-2008 13:27 21504]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\System32\drivers\usbaapl.sys [28-08-2009 18:42 40448]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork    REG_MULTI_SZ      PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation    REG_MULTI_SZ      FontCache
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.dk/
uInternet Settings,ProxyOverride = *.local
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?DK
Trusted Zone: microsoft.com\update
TCP: {59E7E360-D930-4F4B-941C-4572E6E6AD37} = 208.67.222.222,208.67.220.220
.

**************************************************************************
scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer:

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\agrsmsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\AVG\AVG8\avgtray.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Gennemført tid: 2009-12-05 13:12 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2009-12-05 12:12
ComboFix2.txt  2009-12-05 11:03

Pre-Kørsel: 25.646.542.848 byte ledig
Post-Kørsel: 25.711.050.752 byte ledig

- - End Of File - - E0A68F407370DB09CF38BD4F98AEF20B

Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:32:35, on 05-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?DK (file missing)
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (Lotus Quickr Class) - http://kpssemsrv03.udd.sembsc.dk/qp2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldda-dk.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldda-dk.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59E7E360-D930-4F4B-941C-4572E6E6AD37}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 6564 bytes

Skrevet lør. d. 05. december 2009 kl. 13:56:26| #1

swordcat
swordcat (17.013 point)
Glemte at sige at jeg kører på Vista

Skrevet lør. d. 05. december 2009 kl. 14:59:50| #2

milter
milter (59.435 point)
Prøv det her:

Klik på Start > Kør > I vinduet skriver du "services.msc" (uden anførselstegn) > Rul ned, til du finder linien med "Sikkerhedscenter" > Dobbeltklik på linien > Sæt "Starttype" til "Automatisk" > Anvend > OK > Genstart.

Skrevet lør. d. 05. december 2009 kl. 15:01:29| #3

karise_larry
karise_larry (280.824 point)
www.ballade.dk

Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)


---

Under alle omstændigheder så kørere du både med
* AVG8 (Gammel version !!!)
* Avira

Afinstall den begge - Genstart - Opryd med CCleaner - Install
* AVG9 http://www.spywarefri.dk/software/avast-antivirus-home-edition/
eller
* Avast! http://www.spywarefri.dk/software/avg-anti-virus-free-edition/

---

Skrevet lør. d. 05. december 2009 kl. 19:34:56| #4

swordcat
swordcat (17.013 point)
Ja det har du ret i. Det skal dog siges at jeg først installerede Avast, efter at fejlmeldingen omkring sikkerhedscentret poppede op, samt de omtalte popups. Gjorde det for at se om Avast kunne finde nogle virusser, da AVG ikke fandt nogle. Eller det gjorde AVG rent faktisk efter et stykke tid. Virusset hed noget ala: richtx.exe ...kan ikke huske det helt :(

Men er det et problem at have 2 antivirusprogrammer kørende?

Du anbefaler altså kun 1, hvis jeg har forstået det rigtigt?

Jeg har nu ikke længere problemet, det viste sig at sikkerhedscentret efter en genstart af computeren blev sat iorden så at sige.

fromsej's guide gav med andre ord pote.

Vil dog stadig give dig point's for at have gennemgået logs'ne...

Skrevet lør. d. 05. december 2009 kl. 19:41:43| #5

karise_larry
karise_larry (280.824 point)
www.ballade.dk
Jeg vil nu gerne se en frisk Log fra HiJackThis - der er bla. lidt oprydning/optimering's detaljer...

Skrevet søn. d. 06. december 2009 kl. 07:21:04| #6

swordcat
swordcat (17.013 point)
HER HAR DU DEN:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:32:35, on 05-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?DK (file missing)
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (Lotus Quickr Class) - http://kpssemsrv03.udd.sembsc.dk/qp2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldda-dk.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldda-dk.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59E7E360-D930-4F4B-941C-4572E6E6AD37}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 6564 bytes

Skrevet søn. d. 06. december 2009 kl. 10:22:42| #7

karise_larry
karise_larry (280.824 point)
www.ballade.dk
Scan saved at 13:32:35, on 05-12-2009 - der er den gamle Log ! Opret en ny...

Skrevet tor. d. 10. december 2009 kl. 18:18:41| #8

swordcat
swordcat (17.013 point)
Lig et svar.....problemmet er løst ;)

Skrevet tor. d. 10. december 2009 kl. 19:01:37| #9

karise_larry
karise_larry (280.824 point)
www.ballade.dk
...Jeg vil nu gerne se en frisk Log fra HiJackThis - der er bla. lidt oprydning/optimering's detaljer...
...

Skrevet fre. d. 11. december 2009 kl. 06:44:31| #10

swordcat
swordcat (17.013 point)
Hver gang jeg bruger Hijackthis, så gemmer/kommer den gamle logfil frem. Det er den samme som vist foroven....hmmm. Hvad gør jeg karise?
Desuden kommer den med en meddelelse inden scanningen? http://img294.imageshack.us/img294/1641/desktopk.jpg

Skrevet fre. d. 11. december 2009 kl. 06:57:02| #11

karise_larry
karise_larry (280.824 point)
www.ballade.dk
SLET den gamle LOG fil helt - så ka' den tihvertifald ikke drille *S*

Mht. HiJackThis & Vista ->
HøjreMsseTast - "Kør som Administrator..."

Skrevet fre. d. 11. december 2009 kl. 17:17:34| #12

swordcat
swordcat (17.013 point)
Her er den så :) og tak for hjælpen




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:16:27, on 11-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?DK (file missing)
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (Lotus Quickr Class) - http://kpssemsrv03.udd.sembsc.dk/qp2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldda-dk.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldda-dk.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59E7E360-D930-4F4B-941C-4572E6E6AD37}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 6631 bytes

Skrevet lør. d. 12. december 2009 kl. 12:28:36| #13

karise_larry
karise_larry (280.824 point)
www.ballade.dk
Der er stadig (rester efter?)
* Avira AntiVir
* AVG Free8

Se #3 ... igen ...

Skrevet lør. d. 19. december 2009 kl. 09:21:48| #14

swordcat
swordcat (17.013 point)
Jamen gør det noget at have 2 anti-virus programer installeret?

Skrevet lør. d. 19. december 2009 kl. 10:21:16| #15

karise_larry
karise_larry (280.824 point)
www.ballade.dk
"Gør det noget at have to kærester samtidig" *G*
De vil modarbejde hinanden...

Mht nævnte AVG8 -> http://www.spywarefri.dk/artikel/computerblade-misinformerer/

Se #3 ... igen ... igen...

Skrevet tir. d. 22. december 2009 kl. 18:40:14| #16

swordcat
swordcat (17.013 point)
tak for hjælpen lig et svar ;)

Skrevet tir. d. 22. december 2009 kl. 19:34:55| #17

karise_larry
karise_larry (280.824 point)
www.ballade.dk
Ping...
(Det var et [svar]...)

Skriv et indlæg




Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] [img]link til billede[/img]
Web- og emailadresser omdannes automatisk til links

Log ind

   


Seneste spørgsmål

check logg fil for skidt *S*

Oprettet den 21. juli 2014 kl. 14.20
magkat giver 50 point for svar | Giv et svar »

Langsom PC- Virus eller andet?

Oprettet den 19. juli 2014 kl. 21.12
jensen5 giver 200 point for svar | Giv et svar »

Min adressebog er hacket

Oprettet den 19. juli 2014 kl. 14.57
annelisebo giver 30 point for svar | Giv et svar »

Seneste guides

Undgå reklamerne på iPad
Malwarebytes version 2.0





Computerworld

Teaser billede

Apple skruer voldsomt op for forventningerne til iPhone 6

Apple regner med virkelig store salgstal, når de nye iPhone 6-modeller med betydeligt større skærme lander i butikkerne. Mulige problemer med skærmene kræver også større produktion.

CIO

Teaser billede

Sådan nedgraderer du nemt Windows 8 til Windows 7

Du kan nemt nedgradere fra Windows 8 til Windows 7. Men pas på: Vejen tilbage til Windows 8 kan være besværlig. Vi har forsøgt at ned- og opgradere begge veje. Se her, hvordan det er gået.

Comon

Teaser billede

Masser af plads: Ny harddisk fra WD på seks terabyte

Western digital kommer nu med en ny harddisk i WD Red-serien på hele seks terabyte beregnet til NAS og målrettet mellemstore- og større virksomheder.

Channelworld

Teaser billede

Erklæret tilhænger af fastansatte har købt ... et freelancekonsulenthus

Scott/Tiger, som er svoren tilhænger af fastansatte konsulenter, har netop købt freelancekonsulenthuset Dana Consult kontant. Men det giver god mening, siger direktøren.

White paper

Teaser billede

Den lette vej fra legacy til SOA

Få med dette webcast fra BluePhoenix et teknisk overblik over, hvad en legacy-modernisering kan indebære, og hvad der bedst kan betale sig.



Udgiver · © 2014 Computerworld A/S · Hørkær 18 · 2730 Herlev · Tlf.: 77 300 300 · Fax: 77 300 301 · Brug af personoplysninger