Oprettet tor. d. 11. februar 2010 kl. 17:42:33

Tjen 60 point | 34 kommentarer
hpf
hpf (17.235 point. Point ude: 150)

Windows Update-fejl 80070490

Jeg kan pludselig ikke hente opdateringer mere (Vista home prem), men får nævnte fejlmelding.
Har søgt løsninger og fundet rådet at køre reparation af vista, imidlertid er "Opgradering" grå på den medfølgende installatins-dvd, (Medion).
Nogen forslag?
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet tor. d. 11. februar 2010 kl. 18:35:56| #1

patrick14
patrick14 (4.615 point)
Fremgangs måden for vista er:

Windows Update virker ikke, og opdateringer kan ikke installeres
Der skal en lille rettelse til, og det gør du med et lille program som hedder Dial-a-fix.



Her til Vista


1. Download denne fil. http://www.kortelinks.dk/ (...)
2. Højreklik på WindowsUpdate-Reg.cmd og vælg Kør som administrator.
3. Tjek Windows Update.
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet tor. d. 11. februar 2010 kl. 21:41:33| #2

hpf
hpf (17.235 point)
Desværre , melder stadig samme fejl
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet fre. d. 12. februar 2010 kl. 15:07:33| #3

Skrevet fre. d. 12. februar 2010 kl. 18:55:04| #4

falster
falster (34.814 point)
Ved problemer med at opdatere til Vista Sp. 2, komponerede jeg følgende fremgangsmåde af det, jeg fandt på nettet. Prøv den, hvis de andre forslag ikke virker:

1. Kør CHKDSK. I mit tilfælde fandtes to korrupte filer.

2. CHKDSK's gerninger løser ikke problemet, men man skal notere sig de korrupte filer (én eller flere).

3. Derefter slettes de pågældende filer. Hvis de er i
system32-mappen, må man gennem klikkeøvelserne med at tage ejerskab, dernæst fuld kontrol og så slette.

(4. Kør CHKDSK igen og den genindlæser de to "Lost files".
Jeg er ikke sikker på, at dette punkt er nødvendigt, men det skader heller ikke.)

5. Så kunne Windows Update installere Sp2 uden problemer.
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet fre. d. 12. februar 2010 kl. 21:01:23| #5

hpf
hpf (17.235 point)
Selv om jeg lukker alt andet,kan den ikke få adgang "bruges af anden ...)
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet lør. d. 13. februar 2010 kl. 01:36:45| #6

Skrevet lør. d. 13. februar 2010 kl. 01:39:04| #7

Skrevet lør. d. 13. februar 2010 kl. 22:15:59| #8

hpf
hpf (17.235 point)
Desværre , samme resultat.
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet søn. d. 14. februar 2010 kl. 19:09:05| #9

patrick14
patrick14 (4.615 point)
Udfør venligst dette:


Hent og instalér CCleaner 1. http://www.ccleaner.com/ (...)
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller *NEJ* til den.
http://vistaguide.dk/ (...)
Lad programmet foretage en oprydning.





Hent Malwarebytes Anti-Malware herfra:
2. http://www.besttechie.net/ (...)
Eller herfra ->
http://www.majorgeeks.com/ (...)
Installer programmet - når det er gjort skal du lade programmet opdatere sig. Herefter åbner et vindue, hvor du skal flytte prikken til "Kør et fuldstændigt systemscan" - klik på Skan Knappen - lad programmet arbejde. Når det er færdig (det tager lidt tid afhængig af hvor meget du har på computeren).
Derefter - Tryk på "Vis resultater" knappen efter scanningen - og herefter tryk på "Fjern det valgte" - nu åbnes log'en og du skal gemme den et sted, hvor du kan finde den igen.
Kopier indholdet herind i denne tråd.
Vigtigt: Du skal, inden du klikker på "Skan" knappen i Malwarebytes Anti-Malware gå op i fanen "Opdater", klik på "Tjek for opdatering", bliv ved til den skriver du har nyeste database, (DET SKAL UDFØRES).

Hent og kør sas

Hent og installer 1. http://www.superantispyware.com/ (...)

Start superantispyware, klik på Check for updates.
Klik på Scan your Computer, sæt flueben i de drev der skal scannes. (Fixed disk betyder harddisk)
Flyt prikken til Perform complete scan og klik på Næste, så kører scanningen.


Når den er færdig kommer der et vindue med en opsummering, klik på OK, klik så på næste og så på Udfør.

Der kommer et vindue med Quarantine and removal Complete, klik på OK, klik på Udfør.
Luk programmet, genstart normalt.
---------------------------------------
Start SuperAntiSpyware igen, klik på Preferences, skift til fanebladet Statistics/Logs, i vinduet dobbeltklikker du på SUPERAntiSpyware Scan Log, og gemmer den på skrivebordet.





Hent HijackThis her, gem den I en mappe så du kan finde den.
http://www.trendsecure.com/ (...)
1. Dobbeltklik på det nye HijackThis ikon
Vista bruger skal klikke med højre-musetast på program filen > Vælg "Kør som administrator"
2. På menuen der kommer op, klikker du på: Do a systemscan and save a logfile.
3. Efter et kort øjeblik åbner en logfil i notesblok, kopier teksten herind
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet man. d. 15. februar 2010 kl. 16:36:34| #10

hpf
hpf (17.235 point)
Det var en større omgang.

Malwarebytes' Anti-Malware 1.44
Database version: 3739
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18828

14-02-2010 22:44:57
mbam-log-2010-02-14 (22-44-57).txt

Skan type: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 351748
Tid tilbagelagt: 1 hour(s), 47 minute(s), 7 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 1
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 1
Inficerede Mapper: 0
Inficerede Filer: 1

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\msqpdxserv.sys (Trojan.Agent) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
C:\temp\hcf.exe (Rogue.Installer) -> Quarantined and deleted successfully.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:53:03, on 15-02-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\far\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ (...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ (...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ (...)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ (...)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CacherBHO - {9B4DF450-DCC7-4B07-935D-0CD757A64583} - C:\Program Files\Moyea\YouTube FLV Downloader\MoyeaCatcher.dll
O2 - BHO: Tunebite_WebRipPlugin Class - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program Files\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: HP Smart markering - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.danid.dk
O15 - Trusted Zone: www.portalbank.dk
O15 - Trusted Zone: www.sparekassen-vendsyssel.dk
O15 - Trusted Zone: www.sparv.dk
O15 - Trusted Zone: www.testby.dk
O15 - Trusted Zone: http://*.danid.dk (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/ (...)
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.sparekassen-vendsyssel.dk/ (...)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/ (...)
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Unknown owner - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\OmniServ.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 9721 bytes
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet man. d. 15. februar 2010 kl. 21:59:17| #11

patrick14
patrick14 (4.615 point)
Afinstaller ask toolbar


Kør hijackthis scan og fix disse linier


O2 - BHO: (no name) - AutorunsDisabled - (no file)

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)




Kom med en ny hijackthis log og kør superantispyware
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet man. d. 15. februar 2010 kl. 22:20:59| #12

hpf
hpf (17.235 point)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:19:01, on 15-02-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Windows\ehome\ehmsas.exe
C:\Users\far\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ (...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ (...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ (...)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ (...)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CacherBHO - {9B4DF450-DCC7-4B07-935D-0CD757A64583} - C:\Program Files\Moyea\YouTube FLV Downloader\MoyeaCatcher.dll
O2 - BHO: Tunebite_WebRipPlugin Class - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program Files\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: HP Smart markering - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.danid.dk
O15 - Trusted Zone: www.portalbank.dk
O15 - Trusted Zone: www.sparekassen-vendsyssel.dk
O15 - Trusted Zone: www.sparv.dk
O15 - Trusted Zone: www.testby.dk
O15 - Trusted Zone: http://*.danid.dk (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/ (...)
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.sparekassen-vendsyssel.dk/ (...)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/ (...)
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Unknown owner - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\OmniServ.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 9068 bytes

Kører nu superantispyware
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet ons. d. 17. februar 2010 kl. 20:24:16| #13

hpf
hpf (17.235 point)
Desværre samme fejlnummer
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet ons. d. 17. februar 2010 kl. 20:49:31| #14

patrick14
patrick14 (4.615 point)
Kom med loggen og udfør dette



Hent Combofix, og gem den på dit skrivebord, som alg.exe:
http://download.bleepingcomputer.com/ (...)


Luk alle andre vinduer ned.

Kør så combofix.exe, og følg anvisningerne.

Du må ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.

Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt som ligger her C: Combofix txt

Indholdet af denne fil må du gerne lægge herind
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet ons. d. 17. februar 2010 kl. 21:59:33| #15

hpf
hpf (17.235 point)
Superantispyware loggen slettede jeg, kan selvfølgelig køre den igen?




ComboFix 10-02-16.03 - far 17-02-2010  21:35:43.2.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.45.1030.18.2038.904 [GMT 1:00]
Kører fra: c:\users\far\Desktop\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1674595945-2017179872-3778674227-500
c:\$recycle.bin\S-1-5-21-2304783522-1850635467-2630122807-500
c:\$recycle.bin\S-1-5-21-3852295878-3484362443-4022584128-500
c:\$recycle.bin\S-1-5-21-999333346-789248744-1644448349-500
C:\LOG.TXT
c:\users\far\Documents\regdata.reg

.
(((((((((((((((((((((((((((((  Filer skabt fra 2010-01-17 til 2010-02-17  )))))))))))))))))))))))))))))))))))
.

2010-02-17 20:49 . 2010-02-17 20:49    --------    d-----w-    c:\users\far\AppData\Local\temp
2010-02-17 20:49 . 2010-02-17 20:49    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-02-15 06:51 . 2010-02-15 06:51    52224    ----a-w-    c:\users\far\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-02-15 06:51 . 2010-02-16 14:48    117760    ----a-w-    c:\users\far\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-02-14 21:57 . 2010-02-14 21:57    --------    d-----w-    c:\programdata\SUPERAntiSpyware.com
2010-02-14 21:57 . 2010-02-15 06:51    --------    d-----w-    c:\program files\SUPERAntiSpyware
2010-02-14 21:57 . 2010-02-14 21:57    --------    d-----w-    c:\users\far\AppData\Roaming\SUPERAntiSpyware.com
2010-02-14 21:56 . 2010-02-14 21:56    --------    d-----w-    c:\program files\Common Files\Wise Installation Wizard
2010-02-14 19:50 . 2010-01-07 15:07    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-14 19:50 . 2010-02-14 19:50    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2010-02-14 19:50 . 2010-01-07 15:07    19160    ----a-w-    c:\windows\system32\drivers\mbam.sys

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-17 18:18 . 2009-11-20 08:42    --------    d-----w-    c:\program files\BitComet
2010-02-10 18:22 . 2007-09-13 04:44    --------    d-----w-    c:\program files\Google
2010-02-09 19:40 . 2009-02-17 21:00    --------    d-----w-    c:\program files\Teamspeak2_RC2
2010-02-09 17:52 . 2007-11-20 14:55    --------    d-----w-    c:\program files\Lavasoft
2010-02-09 17:52 . 2007-11-20 14:55    --------    d-----w-    c:\programdata\Lavasoft
2010-01-30 16:08 . 2006-11-21 04:49    81790    ----a-w-    c:\windows\system32\perfc006.dat
2010-01-30 16:08 . 2006-11-21 04:49    471658    ----a-w-    c:\windows\system32\perfh006.dat
2010-01-30 12:42 . 2008-12-09 15:26    0    ----a-w-    c:\users\far\temp.dat
2010-01-17 08:36 . 2007-08-25 12:16    --------    d-----w-    c:\program files\Common Files\Adobe
2010-01-16 14:02 . 2009-11-01 19:42    --------    d-----w-    c:\program files\QuadWeb
2010-01-16 13:50 . 2008-12-23 20:38    --------    d-----w-    c:\users\far\AppData\Roaming\Vso
2010-01-14 17:24 . 2007-10-22 17:53    --------    d-----w-    c:\users\far\AppData\Roaming\Skype
2010-01-14 17:05 . 2007-11-25 14:53    --------    d-----w-    c:\users\far\AppData\Roaming\skypePM
2010-01-10 20:45 . 2010-01-10 20:45    --------    d-----w-    c:\program files\VSO
2010-01-10 13:56 . 2010-01-10 13:53    --------    d-----w-    c:\program files\Aplus FLV to DIVX Converter
2010-01-10 13:42 . 2010-01-10 13:42    --------    d-----w-    c:\program files\Emicsoft Studio
2010-01-02 19:35 . 2007-10-22 18:30    --------    d-----w-    c:\users\far\AppData\Roaming\FileZilla
2009-12-30 20:43 . 2009-12-30 20:37    --------    d-----w-    c:\program files\Unlocker
2009-12-30 18:16 . 2009-09-28 14:19    --------    d-----w-    c:\users\far\AppData\Roaming\vlc
2009-12-30 18:09 . 2009-11-20 18:40    --------    d-----w-    c:\program files\MpcStar
2009-12-27 13:17 . 2007-11-23 13:35    --------    d-----w-    c:\users\far\AppData\Roaming\Apple Computer
2009-12-27 13:16 . 2009-12-27 13:15    --------    d-----w-    c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-12-27 13:16 . 2009-12-27 13:15    --------    d-----w-    c:\program files\iTunes
2009-12-27 13:15 . 2009-12-27 13:15    --------    d-----w-    c:\program files\iPod
2009-12-27 13:15 . 2009-12-27 13:07    --------    d-----w-    c:\program files\Common Files\Apple
2009-12-27 13:14 . 2009-12-27 13:14    --------    d-----w-    c:\program files\Bonjour
2009-12-27 13:14 . 2009-12-27 13:13    --------    d-----w-    c:\program files\QuickTime
2009-12-23 11:41 . 2007-10-22 17:07    --------    d-----w-    c:\users\far\AppData\Roaming\U3
2009-12-16 18:41 . 2007-08-25 09:17    319456    ----a-w-    c:\windows\DIFxAPI.dll
2009-11-24 23:54 . 2008-12-30 23:09    1280480    ----a-w-    c:\windows\system32\aswBoot.exe
2009-11-24 23:50 . 2008-12-30 23:09    114768    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2008-12-30 23:09    20560    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2008-12-30 23:09    53328    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2009-11-24 23:49 . 2008-12-30 23:09    48560    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2008-12-30 23:09    23120    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2008-12-30 23:09    97480    ----a-w-    c:\windows\system32\AvastSS.scr
2009-11-22 19:13 . 2009-05-28 18:45    16    ----a-w-    c:\windows\popcinfo.dat
2009-11-22 14:58 . 2009-01-02 19:19    292120    ----a-w-    c:\programdata\RapidSolution\Tunebite\WebRipDLLs\YouTube.dll
2009-11-20 20:48 . 2009-11-20 20:48    476512    ----a-w-    c:\programdata\RapidSolution\Tunebite_2009\RadioRip\RadioRip.dll
2009-11-20 20:48 . 2009-11-20 20:48    169312    ----a-w-    c:\programdata\RapidSolution\Tunebite_2009\RadioRip\PlgSoundclick.dll
2009-11-20 20:48 . 2009-11-20 20:48    128352    ----a-w-    c:\programdata\RapidSolution\Tunebite_2009\RadioRip\PlgMyspace.dll
2009-11-20 20:48 . 2009-11-20 20:48    111968    ----a-w-    c:\programdata\RapidSolution\Tunebite_2009\RadioRip\PlgPandora.dll
2009-11-20 20:48 . 2009-11-20 20:48    99680    ----a-w-    c:\programdata\RapidSolution\Tunebite_2009\RadioRip\PlgIJigg.dll
2009-11-20 20:48 . 2009-11-20 20:48    230752    ----a-w-    c:\programdata\RapidSolution\Tunebite_2009\RadioRip\PlgHypemachine.dll
2009-11-20 20:48 . 2009-11-20 20:48    132448    ----a-w-    c:\programdata\RapidSolution\Tunebite_2009\RadioRip\PlgImeem.dll
2009-11-20 20:48 . 2009-11-20 20:48    111968    ----a-w-    c:\programdata\RapidSolution\Tunebite_2009\RadioRip\PlgLastfm.dll
2009-11-20 20:48 . 2009-11-20 20:48    120160    ----a-w-    c:\programdata\RapidSolution\Tunebite_2009\RadioRip\PlgGeneral.dll
2009-11-20 20:48 . 2009-11-20 20:48    87392    ----a-w-    c:\programdata\RapidSolution\Tunebite_2009\RadioRip\PlgDefault.dll
2009-11-20 20:48 . 2009-11-20 20:48    140640    ----a-w-    c:\programdata\RapidSolution\Tunebite_2009\RadioRip\PlgDeezer.dll
2009-11-20 08:42 . 2009-11-20 08:42    1032192    ----a-w-    c:\users\far\AppData\Roaming\Mozilla\Firefox\Profiles\n5w7h1jq.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-02-15 2002160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-31 102400]
"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2007-09-01 32768]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2007-09-06 188416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"TaskbarNoThumbnail"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"TaskbarNoNotification"= 0 (0x0)
"HideSCABattery"= 0 (0x0)
"HideSCANetwork"= 0 (0x0)
"HideSCAVolume"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2010-02-15 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-02-15 06:51    548352    ----a-w-    c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-12-11 14:57    948672    ----a-r-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57    35760    ----a-w-    c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTZDetec.exe]
2007-12-18 13:20    401408    ------w-    c:\program files\Creative\Creative Media Lite\CTZDetec.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-12-10 19:52    49152    ----a-w-    c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-11-12 15:33    141600    ----a-w-    c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2007-04-11 13:32    56080    ----a-w-    c:\windows\KHALMNPR.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2007-01-08 20:17    52256    ----a-w-    c:\program files\Home Cinema\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LMgrOSD]
2006-12-26 09:23    180224    ----a-w-    c:\program files\Launch Manager\OSD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OmniPass]
2007-09-04 10:45    2560000    ----a-w-    c:\program files\Softex\OmniPass\scureapp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]
2007-07-05 10:35    94208    ----a-w-    c:\windows\PLFSetL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 22:08    417792    ----a-w-    c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]
2007-02-09 13:54    16896    ----a-w-    c:\program files\GoogleEULA\EULALauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tunebite]
2009-09-10 16:58    4678960    ----a-w-    c:\program files\RapidSolution\Tunebite\Tunebite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2009-10-26 07:33    15872    ----a-w-    c:\program files\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wbutton]
2007-09-07 07:26    86016    ----a-w-    c:\program files\Launch Manager\WButton.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33    202240    ----a-w-    c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):9e,49,53,03,76,06,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2461692144-2294394301-1871040877-1000]
"EnableNotificationsRef"=dword:00000001

R0 Si3531;SiI-3531 SATA Controller;c:\windows\System32\drivers\Si3531.sys [05-02-2009 19:38 212520]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [31-12-2008 00:09 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [29-02-2008 16:03 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [29-02-2008 16:03 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [31-12-2008 00:09 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [31-12-2008 00:09 53328]
R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [11-08-2009 15:01 185640]
R3 RRNetCapMP;RRNetCapMP;c:\windows\System32\drivers\rrnetcap.sys [03-11-2009 16:47 27168]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16-02-2006 16:51 4096]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\System32\drivers\teamviewervpn.sys [25-01-2008 10:12 25088]
R3 X10Hid;X10 Hid Device;c:\windows\System32\drivers\x10hid.sys [25-08-2007 11:18 13976]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [31-07-2009 14:53 133104]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor;c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe --> c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [?]
S3 DrmRDriverV32;DrmRDriverV32;c:\windows\System32\drivers\DrmRDriverV32.sys [10-08-2008 15:24 23096]
S3 DrmRVideo32;DrmRVideo32;c:\windows\System32\drivers\DrmRVideo32.sys [10-08-2008 15:24 3768]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\System32\drivers\ggflt.sys [16-06-2009 19:57 13224]
S3 MovRVDrv32;MovRVDrv32;c:\windows\System32\drivers\MovRVDrv32.sys [10-08-2008 13:13 3768]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\System32\drivers\nmwcdnsu.sys [01-02-2008 15:17 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\System32\drivers\nmwcdnsuc.sys [01-02-2008 15:17 8320]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\System32\drivers\npf.sys [29-06-2007 01:01 42512]
S3 PhilCap;NXP service;c:\windows\System32\drivers\PhilCap.sys [25-08-2007 09:42 908896]
S3 RRNetCap;RRNetCap Service;c:\windows\System32\drivers\rrnetcap.sys [03-11-2009 16:47 27168]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\System32\drivers\s3017bus.sys [04-08-2008 15:12 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\System32\drivers\s3017mdfl.sys [04-08-2008 15:12 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\System32\drivers\s3017mdm.sys [04-08-2008 15:12 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s3017mgmt.sys [04-08-2008 15:12 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\System32\drivers\s3017nd5.sys [04-08-2008 15:12 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\System32\drivers\s3017obex.sys [04-08-2008 15:12 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\System32\drivers\s3017unic.sys [04-08-2008 15:12 110120]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\System32\drivers\usbaapl.sys [28-08-2009 19:42 40448]
S3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [12-09-2007 12:14 118784]

--- Andre Services/Drivers i Hukommelsen ---

*NewlyCreated* - SASDIFSV

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12    REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt    REG_MULTI_SZ      hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9C450606-ED24-4958-92BA-B8940C99D441}]
2009-03-04 14:32    8192    ----a-w-    c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Indhold af mappen 'Planlagte Opgaver'

2010-02-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-31 13:53]

2010-02-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-31 13:53]
.
.
------- Yderligere scanning -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: bec.dk\web30.prod
Trusted Zone: danid.dk
Trusted Zone: nordjyskebank.dk
Trusted Zone: portalbank.dk\www
Trusted Zone: sparekassen-vendsyssel.dk\www
Trusted Zone: sparv.dk\www
Trusted Zone: tdc.dk\udstedelse.certifikat
Trusted Zone: testby.dk\www
Trusted Zone: danid.dk
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.sparekassen-vendsyssel.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
FF - ProfilePath - c:\users\far\AppData\Roaming\Mozilla\Firefox\Profiles\n5w7h1jq.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - component: c:\program files\RapidSolution\Tunebite\plugins\GeckoBased\tunebite-firefox-surf-and-catch-extension@audials.com\components\TB_WebRipFFPlugin.dll
FF - component: c:\users\far\AppData\Roaming\Mozilla\Firefox\Profiles\n5w7h1jq.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\MpcStar\Codecs\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\MpcStar\Codecs\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\RapidSolution\Tunebite\plugins\GeckoBased\tunebite-firefox-surf-and-catch-extension@audials.com\plugins\np_TB_OgloPlugin.dll
FF - plugin: c:\users\far\AppData\Roaming\Mozilla\Firefox\Profiles\n5w7h1jq.default\extensions\turntoolviewer@turntool.com\plugins\nptnt.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLITIKKER ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");
.
- - - - TOMME GENVEJE FJERNET - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
MSConfigStartUp-msnmsgr - c:\program files\MSN Messenger\msnmsgr.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\far\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-17 21:49
Windows 6.0.6002 Service Pack 2 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
"MSCurrentCountry"=dword:00000031

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Gennemført tid: 2010-02-17  21:54:44
ComboFix-quarantined-files.txt  2010-02-17 20:54
ComboFix2.txt  2009-01-01 16:15

Pre-Kørsel: 15.657.492.480 byte ledig
Post-Kørsel: 15.395.581.952 byte ledig

- - End Of File - - 9E5656A0FDD696736E1FC9CA27DA052F
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet ons. d. 17. februar 2010 kl. 22:04:12| #16

hpf
hpf (17.235 point)
Nej det passer ikke den er her:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 02/15/2010 at 00:37 AM

Application Version : 4.0.1154

Core Rules Database Version : 4584
Trace Rules Database Version: 2396

Scan type      : Complete Scan
Total Scan Time : 01:34:27

Memory items scanned      : 622
Memory threats detected  : 0
Registry items scanned    : 8913
Registry threats detected : 0
File items scanned        : 48950
File threats detected    : 165

Adware.Tracking Cookie
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@track.adform[6].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adtech[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adserver3.openadex[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@atdmt[6].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@doubleclick[4].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@bankdata.112.2o7[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@sexinyourcity[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@stats.zmags[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@click.cashengines[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ads.clickadserver[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ads.sumotorrent[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ads.whaleads[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ads.whaleads[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adserver.hardsextube[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ads.sumotorrent[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@mediaprovider.adservinginternational[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adserver.adreactor[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@serving-sys[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@specificclick[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@www.pornbay[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@www.cracksearchengine[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@tradedoubler[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@hitbox[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@www.googleadservices[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@www.googleadservices[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@www.googleadservices[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ad.yieldmanager[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@doubleclick[5].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@tradedoubler[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ad.yieldmanager[4].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@bluestreak[5].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@www.googleadservices[5].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@www.googleadservices[4].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@track.webgains[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adtech[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@tradedoubler[4].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@toplist[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adtech[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adultfriendfinder[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adviva[4].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adviva[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adultfriendfinder[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ads.start[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adtech[4].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@findpriser[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@atdmt[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@track.adform[4].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@track.adform[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@statcounter[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@tribalfusion[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@tribalfusion[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@statcounter[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@www.partypoker[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@www.partypoker[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adprotraffic[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ad1.emediate[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ads.ad4game[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adxpansion[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ads.ad4game[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@chitika[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adbrite[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@secure.partyaccount[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adbrite[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adbrite[4].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ads.crakmedia[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@advertising[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adserver.karamco[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@stats.webtrafficagents[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@eas4.emediate[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@semlerit.112.2o7[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@click.mediadome[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@content.yieldmanager[6].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@content.yieldmanager[4].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@content.yieldmanager[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adserver3.openadex[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@advertising[4].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ad2.doublepimp[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ads.fulldls[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ads.fulldls[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@statse.webtrendslive[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@statse.webtrendslive[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ad.proxad[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ad.yieldmanager[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@advertising[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@aller.112.2o7[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@adviva[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@atdmt[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@apmebf[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@apmebf[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@atdmt[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@atdmt[4].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@audiag.112.2o7[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@bluestreak[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@banner.skisport[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@bluestreak[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@bravenet[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@bluestreak[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@bs.serving-sys[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@burstnet[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@cdn5.specificclick[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@cdn5.specificclick[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@content.yieldmanager[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@chitika[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@click.mediadome[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@click.mediadome[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@collective-media[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@cracksearchengine[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@cracksearchengine[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@danskespil.112.2o7[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@dansksupermarked.112.2o7[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@doubleclick[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@divx.112.2o7[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@doubleclick[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@doubleclick[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ehg-nokiafin.hitbox[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@dsupermarked.112.2o7[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@dustinab.112.2o7[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@e2.emediate[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@eas.apm.emediate[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@eas8.emediate[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@eas8.emediate[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@eas8.emediate[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ehg-bbc.hitbox[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ehg-linksys.hitbox[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ero-advertising[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@ehg-skistar.hitbox[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@elkjop.112.2o7[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@elkjop.112.2o7[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@exaporn[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@fastclick[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@findpriser[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@hardsextube[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@hitbox[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@kontera[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@m1.webstats.motigo[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@mediaplex[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@mediaplex[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@msnportal.112.2o7[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@msnportal.112.2o7[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@netsundhedsplejerske.advertserve[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@nykredit.112.2o7[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@nykredit.112.2o7[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@openx.findpriser[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@openx.findpriser[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@overture[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@partyaccount[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@partypoker[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@partypoker[3].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@revsci[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@semlerit.112.2o7[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@semlerit.112.2o7[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@serving-sys[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@specificclick[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@specificclick[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@statcounter[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@stats.zmags[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@sundheddk.112.2o7[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@telmore.112.2o7[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@telmore.112.2o7[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@track.adform[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@toplist[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@track.adform[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@valueclick[2].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@xiti[1].txt
    C:\Users\far\AppData\Roaming\Microsoft\Windows\Cookies\far@xiti[2].txt
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet tor. d. 18. februar 2010 kl. 13:52:10| #17

patrick14
patrick14 (4.615 point)
Slet manuel denne fil og kom med en ny hijackthis log

C:\WINDOWS\popcinfo.dat
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet tor. d. 18. februar 2010 kl. 16:16:58| #18

hpf
hpf (17.235 point)
Har slettet filen.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:16:11, on 18-02-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\far\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ (...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ (...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ (...)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ (...)
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CacherBHO - {9B4DF450-DCC7-4B07-935D-0CD757A64583} - C:\Program Files\Moyea\YouTube FLV Downloader\MoyeaCatcher.dll
O2 - BHO: Tunebite_WebRipPlugin Class - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program Files\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: HP Smart markering - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O15 - Trusted Zone: http://*.danid.dk
O15 - Trusted Zone: www.portalbank.dk
O15 - Trusted Zone: www.sparekassen-vendsyssel.dk
O15 - Trusted Zone: www.sparv.dk
O15 - Trusted Zone: www.testby.dk
O15 - Trusted Zone: http://*.danid.dk (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/ (...)
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.sparekassen-vendsyssel.dk/ (...)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/ (...)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/ (...)
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Unknown owner - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\OmniServ.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 9181 bytes
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet tor. d. 18. februar 2010 kl. 16:31:30| #19

patrick14
patrick14 (4.615 point)
Fix denne linie

O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)


Hvordan kører maskinen nu?
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet tor. d. 18. februar 2010 kl. 16:56:24| #20

hpf
hpf (17.235 point)
Jeg er nærmest lidt flov over at måtte sige at den kommer med samme fejl: Windows Update-fejl 80070490.
Alt andet på maskinen er iorden men kan stadig ikke opdatere.
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet tor. d. 18. februar 2010 kl. 17:24:23| #21

patrick14
patrick14 (4.615 point)
Tag backup af dine data og prøv dette


Vi prøver metoden på en anden måde - nemlig ved hjælp af din Vista CD.

Sæt din computer til at boote fra CD/DVD'en - boote op på din installations cd - tryk på en tast når du bliver spurgt.

Ved "Velkommen til Installation", trykker du på F10 eller tryk på "R" for at reparere.

Nu kommer du til Genoprettelsekonsollen,
Af de tre muligheder skal du vælge den med Kommandoprompt.
Du skulle gerne ende med C:\WINDOWS>_
(Hvis den spørger efter admin. kode og du ikke bruger nogen, så tryk blot på <Enter>)

Hvilken Windows-installation vil du logge på: 1 <Enter>
Efter : <C:\WINDOWS > Skriver du: chkdsk c: /p /r <Enter>
Når den er færdig med at scanne, skriv: Exit <Enter>
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet søn. d. 28. februar 2010 kl. 21:37:10| #22

patrick14
patrick14 (4.615 point)
Hvad endte denne med??
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet man. d. 01. marts 2010 kl. 19:55:46| #23

hpf
hpf (17.235 point)
Undskyld jeg ikke har reageret.
Jeg tror dit sidste forslag ligger noget ud over mine evner, specielt fordi jeg ikke kunne få muligheden for at køre en reparation på den medfølgende cd.
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet man. d. 01. marts 2010 kl. 21:25:34| #24

patrick14
patrick14 (4.615 point)
Helt iorden.

Prøv dette igen istedet.


1. Download denne fil: http://www.kortelinks.dk/ (...)
2.Højreklik på WindowsUpdate-Reg.cmd og vælg Kør som administrator.
3. Tjek Windows Update.
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet man. d. 01. marts 2010 kl. 21:58:15| #25

hpf
hpf (17.235 point)
Samme resultat:
Windows Update-fejl 80070490
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet tir. d. 02. marts 2010 kl. 14:50:11| #26

patrick14
patrick14 (4.615 point)
Opdater malwarebytes og kør et nyt fuldstændigt scan, kom med loggen sammen med en ny hijackthis log.

Hvis at du bruger windows egen firewall så prøv at slå den fra. Kan du så opdatere?
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet tir. d. 02. marts 2010 kl. 19:27:40| #27

hpf
hpf (17.235 point)
Slog firewall fra: ingen forskel.

Malwarebytes' Anti-Malware 1.44
Database version: 3739
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18828

14-02-2010 22:44:57
mbam-log-2010-02-14 (22-44-57).txt

Skan type: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 351748
Tid tilbagelagt: 1 hour(s), 47 minute(s), 7 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 1
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 1
Inficerede Mapper: 0
Inficerede Filer: 1

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\msqpdxserv.sys (Trojan.Agent) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
C:\temp\hcf.exe (Rogue.Installer) -> Quarantined and deleted successfully.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:21:11, on 02-03-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Windows\system32\conime.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\far\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ (...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ (...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ (...)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ (...)
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CacherBHO - {9B4DF450-DCC7-4B07-935D-0CD757A64583} - C:\Program Files\Moyea\YouTube FLV Downloader\MoyeaCatcher.dll
O2 - BHO: Tunebite_WebRipPlugin Class - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program Files\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: HP Smart markering - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O15 - Trusted Zone: http://*.danid.dk
O15 - Trusted Zone: www.portalbank.dk
O15 - Trusted Zone: www.sparekassen-vendsyssel.dk
O15 - Trusted Zone: www.sparv.dk
O15 - Trusted Zone: www.testby.dk
O15 - Trusted Zone: http://*.danid.dk (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/ (...)
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.sparekassen-vendsyssel.dk/ (...)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/ (...)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/ (...)
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Unknown owner - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\OmniServ.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 9066 bytes
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet tir. d. 02. marts 2010 kl. 20:18:41| #28

patrick14
patrick14 (4.615 point)
Åbn mappen med Combofix, højreklik et tomt sted i mappen, vælg Ny->tekstdokument, åbn tekstdokumentet, kopier følgende ind:




Killall
Snapshot::
File::
C:\temp\hcf.exe
C:\windows\system32\drivers\msqpdxmqltoixh.sys
Hosts::
Registry::
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\msqpdxserv.sys
Driver::
msqpdxserv.sys


klik på Filer->Gem som, navngiv den CFScript, luk tekstdokumentet.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/ (...)
Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Kopier den fremkomne log herind.




Opdater malwarebytes og kør et nyt fuldstændigt scan igen
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet ons. d. 03. marts 2010 kl. 07:46:36| #29

hpf
hpf (17.235 point)
ComboFix 10-03-02.02 - far 02-03-2010  21:44:27.5.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.45.1030.18.2038.772 [GMT 1:00]
Kører fra: c:\users\far\Desktop\ComboFix.exe
Kommandoer benyttet :: c:\users\far\Desktop\CFScript.txt
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"c:\temp\hcf.exe"
"c:\windows\system32\drivers\msqpdxmqltoixh.sys"
.

(((((((((((((((((((((((((((((  Filer skabt fra 2010-02-02 til 2010-03-02  )))))))))))))))))))))))))))))))))))
.

2010-03-02 20:56 . 2010-03-02 20:58    --------    d-----w-    c:\users\far\AppData\Local\temp
2010-03-02 20:56 . 2010-03-02 20:56    --------    d-----w-    c:\users\Public\AppData\Local\temp
2010-03-02 20:56 . 2010-03-02 20:56    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-02-25 21:51 . 2010-02-25 21:51    --------    d-----w-    c:\windows\CheckSur
2010-02-25 21:22 . 2010-02-25 21:22    --------    d-----w-    c:\users\far\AppData\Roaming\IrfanView
2010-02-24 11:13 . 2010-02-24 11:13    --------    d-----w-    C:\SparVen
2010-02-20 19:22 . 2010-02-20 19:24    --------    d-----w-    C:\TDC+drm
2010-02-20 16:16 . 2008-01-09 11:28    27632    ----a-w-    c:\windows\system32\drivers\seehcri.sys
2010-02-14 21:57 . 2010-02-14 21:57    --------    d-----w-    c:\programdata\SUPERAntiSpyware.com
2010-02-14 21:57 . 2010-02-23 20:00    --------    d-----w-    c:\program files\SUPERAntiSpyware
2010-02-14 21:57 . 2010-02-14 21:57    --------    d-----w-    c:\users\far\AppData\Roaming\SUPERAntiSpyware.com
2010-02-14 21:56 . 2010-02-14 21:56    --------    d-----w-    c:\program files\Common Files\Wise Installation Wizard
2010-02-14 19:50 . 2010-01-07 15:07    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-14 19:50 . 2010-02-14 19:50    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2010-02-14 19:50 . 2010-01-07 15:07    19160    ----a-w-    c:\windows\system32\drivers\mbam.sys

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-28 14:26 . 2006-11-21 04:49    81790    ----a-w-    c:\windows\system32\perfc006.dat
2010-02-28 14:26 . 2006-11-21 04:49    471658    ----a-w-    c:\windows\system32\perfh006.dat
2010-02-28 14:23 . 2007-10-22 17:07    --------    d-----w-    c:\users\far\AppData\Roaming\U3
2010-02-26 21:53 . 2009-09-28 14:19    --------    d-----w-    c:\users\far\AppData\Roaming\vlc
2010-02-24 19:33 . 2010-02-15 06:51    117760    ----a-w-    c:\users\far\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-02-24 19:03 . 2009-11-20 18:40    --------    d-----w-    c:\program files\MpcStar
2010-02-20 16:16 . 2008-08-04 14:12    --------    d-----w-    c:\program files\Sony Ericsson
2010-02-20 16:16 . 2007-08-25 08:53    --------    d--h--w-    c:\program files\InstallShield Installation Information
2010-02-20 16:16 . 2008-08-04 14:38    --------    d-----w-    c:\program files\Avanquest update
2010-02-18 15:39 . 2009-11-20 08:42    --------    d-----w-    c:\program files\BitComet
2010-02-18 15:38 . 2009-12-27 13:07    --------    d-----w-    c:\program files\Common Files\Apple
2010-02-15 06:51 . 2010-02-15 06:51    52224    ----a-w-    c:\users\far\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-02-10 18:22 . 2007-09-13 04:44    --------    d-----w-    c:\program files\Google
2010-02-09 19:40 . 2009-02-17 21:00    --------    d-----w-    c:\program files\Teamspeak2_RC2
2010-02-09 17:52 . 2007-11-20 14:55    --------    d-----w-    c:\program files\Lavasoft
2010-02-09 17:52 . 2007-11-20 14:55    --------    d-----w-    c:\programdata\Lavasoft
2010-01-30 12:42 . 2008-12-09 15:26    0    ----a-w-    c:\users\far\temp.dat
2010-01-17 08:36 . 2007-08-25 12:16    --------    d-----w-    c:\program files\Common Files\Adobe
2010-01-16 14:02 . 2009-11-01 19:42    --------    d-----w-    c:\program files\QuadWeb
2010-01-16 13:50 . 2008-12-23 20:38    --------    d-----w-    c:\users\far\AppData\Roaming\Vso
2010-01-14 17:24 . 2007-10-22 17:53    --------    d-----w-    c:\users\far\AppData\Roaming\Skype
2010-01-14 17:05 . 2007-11-25 14:53    --------    d-----w-    c:\users\far\AppData\Roaming\skypePM
2010-01-10 20:45 . 2010-01-10 20:45    --------    d-----w-    c:\program files\VSO
2010-01-10 13:56 . 2010-01-10 13:53    --------    d-----w-    c:\program files\Aplus FLV to DIVX Converter
2010-01-10 13:42 . 2010-01-10 13:42    --------    d-----w-    c:\program files\Emicsoft Studio
2010-01-02 19:35 . 2007-10-22 18:30    --------    d-----w-    c:\users\far\AppData\Roaming\FileZilla
2009-12-16 18:41 . 2007-08-25 09:17    319456    ----a-w-    c:\windows\DIFxAPI.dll
.

------- Sigcheck -------

Cryptography Services Error !!
.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-02-23 2012912]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-31 102400]
"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2007-09-01 32768]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2007-09-06 188416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"TaskbarNoThumbnail"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"TaskbarNoNotification"= 0 (0x0)
"HideSCABattery"= 0 (0x0)
"HideSCANetwork"= 0 (0x0)
"HideSCAVolume"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2010-02-15 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-02-15 06:51    548352    ----a-w-    c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-12-11 14:57    948672    ----a-r-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57    35760    ----a-w-    c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTZDetec.exe]
2007-12-18 13:20    401408    ------w-    c:\program files\Creative\Creative Media Lite\CTZDetec.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-12-10 19:52    49152    ----a-w-    c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-11-12 15:33    141600    ----a-w-    c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2007-04-11 13:32    56080    ----a-w-    c:\windows\KHALMNPR.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2007-01-08 20:17    52256    ----a-w-    c:\program files\Home Cinema\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LMgrOSD]
2006-12-26 09:23    180224    ----a-w-    c:\program files\Launch Manager\OSD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OmniPass]
2007-09-04 10:45    2560000    ----a-w-    c:\program files\Softex\OmniPass\scureapp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]
2007-07-05 10:35    94208    ----a-w-    c:\windows\PLFSetL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 22:08    417792    ----a-w-    c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]
2007-02-09 13:54    16896    ----a-w-    c:\program files\GoogleEULA\EULALauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tunebite]
2009-09-10 16:58    4678960    ----a-w-    c:\program files\RapidSolution\Tunebite\Tunebite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2009-10-26 07:33    15872    ----a-w-    c:\program files\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wbutton]
2007-09-07 07:26    86016    ----a-w-    c:\program files\Launch Manager\WButton.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33    202240    ----a-w-    c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):9e,49,53,03,76,06,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2461692144-2294394301-1871040877-1000]
"EnableNotificationsRef"=dword:00000001

R0 ntcdrdrv;ntcdrdrv;c:\windows\system32\DRIVERS\ntcdrdrv.sys [x]
R0 tclondrv;tclondrv;c:\windows\system32\DRIVERS\tclondrv.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-07-31 133104]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor;c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [x]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [2009-08-11 185640]
R3 DrmRDriverV32;DrmRDriverV32;c:\windows\system32\drivers\DrmRDriverV32.sys [2008-06-04 23096]
R3 DrmRVideo32;DrmRVideo32;c:\windows\system32\DRIVERS\DrmRVideo32.sys [2008-06-04 3768]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2009-06-16 13224]
R3 MovRVDrv32;MovRVDrv32;c:\windows\system32\DRIVERS\MovRVDrv32.sys [2008-06-04 3768]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-06-29 42512]
R3 PhilCap;NXP service;c:\windows\system32\DRIVERS\PhilCap.sys [2007-07-31 908896]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys [2009-11-03 27168]
R3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\DRIVERS\s3017bus.sys [2007-12-10 83880]
R3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15016]
R3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s3017mdm.sys [2007-12-10 110632]
R3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s3017mgmt.sys [2007-12-10 104616]
R3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\DRIVERS\s3017nd5.sys [2007-12-10 25512]
R3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s3017obex.sys [2007-12-10 100648]
R3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\DRIVERS\s3017unic.sys [2007-12-10 110120]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-02-23 12872]
R3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl.sys [x]
R3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [2007-09-11 118784]
S0 Si3531;SiI-3531 SATA Controller;c:\windows\system32\DRIVERS\Si3531.sys [2009-02-05 212520]
S1 aswSP;avast! Self Protection; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-23 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-02-23 66632]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys [2009-11-03 27168]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2008-01-25 25088]
S3 X10Hid;X10 Hid Device;c:\windows\system32\Drivers\x10hid.sys [2006-11-17 13976]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12    REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt    REG_MULTI_SZ      hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9C450606-ED24-4958-92BA-B8940C99D441}]
2009-03-04 14:32    8192    ----a-w-    c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Indhold af mappen 'Planlagte Opgaver'

2010-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-31 13:53]

2010-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-31 13:53]
.
.
------- Yderligere scanning -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: bec.dk\web30.prod
Trusted Zone: danid.dk
Trusted Zone: nordjyskebank.dk
Trusted Zone: portalbank.dk\www
Trusted Zone: sparekassen-vendsyssel.dk\www
Trusted Zone: sparv.dk\www
Trusted Zone: tdc.dk\udstedelse.certifikat
Trusted Zone: testby.dk\www
Trusted Zone: danid.dk
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.sparekassen-vendsyssel.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
FF - ProfilePath - c:\users\far\AppData\Roaming\Mozilla\Firefox\Profiles\n5w7h1jq.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - component: c:\program files\RapidSolution\Tunebite\plugins\GeckoBased\tunebite-firefox-surf-and-catch-extension@audials.com\components\TB_WebRipFFPlugin.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\MpcStar\Codecs\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\MpcStar\Codecs\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\RapidSolution\Tunebite\plugins\GeckoBased\tunebite-firefox-surf-and-catch-extension@audials.com\plugins\np_TB_OgloPlugin.dll
FF - plugin: c:\users\far\AppData\Roaming\Mozilla\Firefox\Profiles\n5w7h1jq.default\extensions\turntoolviewer@turntool.com\plugins\nptnt.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLITIKKER ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-02 22:09
Windows 6.0.6002 Service Pack 2 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
"MSCurrentCountry"=dword:00000031

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Andre kørende processer ------------------------
.
c:\program files\Softex\OmniPass\OmniServ.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\conime.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\program files\Softex\OmniPass\opvapp.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\ehome\ehmsas.exe
.
**************************************************************************
.
Gennemført tid: 2010-03-02  22:10:24 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2010-03-02 21:10
ComboFix2.txt  2010-03-02 20:38
ComboFix3.txt  2010-02-17 20:54
ComboFix4.txt  2009-01-01 16:15

Pre-Kørsel: 38.755.934.208 byte ledig
Post-Kørsel: 38.438.031.360 byte ledig

- - End Of File - - 7D6718F9FE848C1D427FC7AC229DE531
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet lør. d. 06. marts 2010 kl. 19:19:10| #30

patrick14
patrick14 (4.615 point)
Kommer der en log fra malwarebytes OPDATERET??
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet lør. d. 06. marts 2010 kl. 21:45:22| #31

hpf
hpf (17.235 point)
Malwarebytes' Anti-Malware 1.44
Database version: 3815
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18828

03-03-2010 07:42:29
mbam-log-2010-03-03 (07-42-29).txt

Skan type: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 352136
Tid tilbagelagt: 1 hour(s), 45 minute(s), 9 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet søn. d. 07. marts 2010 kl. 20:37:20| #32

patrick14
patrick14 (4.615 point)
Jeg har pinget en expert indenfor combofix osv, da at jeg er kørt fast i dit problem.
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet søn. d. 07. marts 2010 kl. 20:59:24| #33

hpf
hpf (17.235 point)
Tak for anstrengelserne.
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skrevet tir. d. 09. marts 2010 kl. 21:29:20| #34

patrick14
patrick14 (4.615 point)
Så lidt :)

Men da at det ikke ser ud til at eksperten kommer, vil jeg anbefale dig at spørge her www.malwarecheck.dk/forum og linke til denne tråd
Anmeld misbrug
Skriv et svar | Skriv en kommentar

Skriv et indlæg




Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] [img]link til billede[/img]
Web- og emailadresser omdannes automatisk til links
Se preview
Opret

Log ind

   
Opret bruger | Glemt adgangskode
   

Seneste spørgsmål

Ingen batterimåler på min bærbare?

Oprettet den 20. januar 2012 kl. 23.49
KimRM giver 45 point for svar | Giv et svar »

Kan ikke starte bærbar eller formater den....

Oprettet den 20. januar 2012 kl. 10.02
sorenmnielsen giver 100 point for svar | Giv et svar »

Service pack 2 vil ikke installeres.

Oprettet den 17. januar 2012 kl. 10.08
jstenbak giver 60 point for svar | Giv et svar »

Seneste guides

Den gode bruger
30. januar 2012 kl. 04.45 | Læs »
Adgang til NAS-server via WAN
23. januar 2012 kl. 11.55 | Læs »
Photoshop CS5 tutorial: Glossy knap til dit website
22. januar 2012 kl. 18.23 | Læs »
Kollektion af Batch tutorials (FJERNET)
22. januar 2012 kl. 15.09 | Læs »
Tilpas din YouTube afspiller
15. januar 2012 kl. 11.54 | Læs »
   

Seneste nyheder

Apple retter hele 51 sikkerhedshuller i Mac OS X
3. februar 2012 kl. 13.45 | Læs »
Så mange millioner tjener TDC om dagen
3. februar 2012 kl. 09.31 | Læs »
Samsung Galaxy S III på vej
3. februar 2012 kl. 09.02 | Læs »
Universitet: Derfor kan WiFi ikke erstatte vores kabler
3. februar 2012 kl. 09.00 | Læs »
Ubuntu-firma advarer: Her skal du passe på i cloud'en
3. februar 2012 kl. 08.32 | Læs »

Tips & Tricks fra PC World

Teaser billede

Sådan fjerner du pladskrævende metadata fra dine fotos

Det er langt fra altid, at dine billeders metadata såsom kameramodel og geografisk placering er vigtige at bevare. JPG & PNG Stripper kan luge ud i billedfilerne, så de fylder meget mindre....

Læs mere »

Anmeldelser fra PC World

Teaser billede

Test: Superlet bærbar med mange muligheder

Toshiba har med Satellite Z830 skabt en af verdens letteste ultrabooks. Den vejer 1,1 kilo, og computeren på 13 tommer ser på papiret ud til at være en oplagt rejsekammerat. Men den lave vægt har...

Læs mere »

Seneste blogindlæg

Teaser billede

Tvangslukke spørgsmål: Hvad er den bedste løsning?

Hej Vi har mange åbne spørgsmål på Eksperten. Vi ville gerne tvangslukke dem - så et spørgsmål efter f.eks. 6 måneder lukkes. Men der er et par uklarheder som ville være gode at få lidt input til:...

Læs mere »

Nyheder fra PC World

Teaser billede

Samsung Galaxy S III på vej

Samsungs bedst sælgende smartphone nogensinde får en efterfølger om kort tid.

Læs mere »

Nyheder fra Computerworld

Teaser billede

Apple retter hele 51 sikkerhedshuller i Mac OS X

Apple lukker hele 51 sårbarheder i Mac OS X, hvoraf de fleste er kritiske. Se her, hvor hullerne er.

Læs mere »

Kurser
Windows Server 2008 Grundlæggende
Windows Server 2008 Udvidet
Excel til regnskab og bogholderi
Excel for laboranter
6433A Planning and Implementing Windows Server 2008
Prince2 Projektstyring - 6 ugers selvvalgt kursus for ledige (Århus)
Præsentation af Excel data med Dashboards
Updating your Applications Infrastructure Technology Skills to Windows Server 2008 Kursusnr.: 6417
10337A Updating Your Microsoft SQL Server 2008 BI Skills to SQL Server 2008 R2
Configuring and Troubleshooting Windows Server 2008 Terminal Services Kursusnr.: 6428
Alle kurser »
Samarbejdspartnere
Ferienhäuser in Dänemark.
Webhotel
Bærbar
Computer
Digital TV fra Viasat
VM fodbold
Udgiver · © 2012 IDG Danmark A/S · Hørkær 18 · 2730 Herlev · Tlf.: 77 300 300 · Fax: 77 300 301 · Brug af personoplysninger