CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede jelle_b_k Nybegynder
06. juli 2009 - 18:43 Der er 7 kommentarer og
1 løsning

hijackthis logfil

Er der en som vil se på disse logfiler? Har fulgt guiden "sådan fjerner du virus og malware"
På forhånd tak.

Malwarebytes' Anti-Malware 1.38
Database version: 2379
Windows 5.1.2600 Service Pack 3

06-07-2009 17:38:29
mbam-log-2009-07-06 (17-38-29).txt

Skan type: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 187488
Tid tilbagelagt: 57 minute(s), 19 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 20
Inficerede Registeringsdatabase Værdier: 1
Inficerede Registeringsdatabase Filer: 4
Inficerede Mapper: 1
Inficerede Filer: 6

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{79ae735f-9663-4b92-9602-39eb563fa30c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bd4f7a6d-0107-4bdf-b72b-021b717b06ce} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00899c4 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00983aa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00a3b10 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\aldd (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Værdier:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\some (Trojan.Zlob) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Filer:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System (Rootkit.DNSChanger.H) -> Data: kdkfw.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.172 85.255.112.142 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.172 85.255.112.142 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.172 85.255.112.142 -> Quarantined and deleted successfully.

Inficerede Mapper:
C:\Programmer\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully.

Inficerede Filer:
c:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\WINDOWS\BM2f674c88.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\WINDOWS\BM2f674c88.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gjkkj.ini (Malware.Trace) -> Quarantined and deleted successfully.


ComboFix 09-07-05.04 - Jesper 06-07-2009 17:52.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.45.1030.18.1279.870 [GMT 2:00]
Kører fra: c:\documents and settings\Henrik\Skrivebord\virus\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !!
.
Følgende filer blev deaktiveret under scanning:
c:\programmer\Fælles filer\Logitech\LVMVFM\LVPrcInj.dll


(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Installer\507dd.msp
c:\windows\system32\gjkkj.ini2
c:\windows\system32\llbevciw.ini
c:\windows\system32\ochchjqn.ini
c:\windows\system32\scnuvyei.ini
C:\xcrashdump.dat

.
(((((((((((((((((((((((((((((  Filer skabt fra 2009-06-06 til 2009-07-06  )))))))))))))))))))))))))))))))))))
.

2009-07-06 14:12 . 2009-07-06 14:12    --------    d-----w-    c:\documents and settings\Henrik\Application Data\Malwarebytes
2009-07-06 14:12 . 2009-06-17 09:27    38160    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-06 14:12 . 2009-07-06 14:12    --------    d-----w-    c:\programmer\Malwarebytes' Anti-Malware
2009-07-06 14:12 . 2009-07-06 14:12    --------    d-----w-    c:\documents and settings\All Users\Application Data\Malwarebytes
2009-07-06 14:12 . 2009-06-17 09:27    19096    ----a-w-    c:\windows\system32\drivers\mbam.sys
2009-07-06 14:06 . 2009-07-06 14:06    --------    d-----w-    c:\programmer\CCleaner
2009-07-04 12:45 . 2009-07-04 12:45    --------    d-sh--w-    c:\documents and settings\Henrik\IECompatCache
2009-07-04 12:44 . 2009-07-04 12:44    --------    d-sh--w-    c:\documents and settings\Henrik\PrivacIE
2009-07-04 12:40 . 2009-07-04 12:40    --------    d-sh--w-    c:\documents and settings\Henrik\IETldCache
2009-07-04 12:37 . 2009-07-04 12:37    --------    d-----w-    c:\windows\ie8updates
2009-07-04 12:35 . 2009-07-04 12:35    --------    dc-h--w-    c:\windows\ie8
2009-07-04 12:31 . 2009-06-02 10:12    102912    -c----w-    c:\windows\system32\dllcache\iecompat.dll
2009-07-04 12:31 . 2009-04-30 21:15    12800    -c----w-    c:\windows\system32\dllcache\xpshims.dll
2009-07-04 12:31 . 2009-04-30 21:15    246272    -c----w-    c:\windows\system32\dllcache\ieproxy.dll
2009-07-04 11:19 . 2009-07-04 11:19    --------    d-----w-    c:\programmer\iPod
2009-07-04 11:19 . 2009-07-04 11:19    --------    d-----w-    c:\programmer\iTunes
2009-07-04 11:17 . 2009-07-04 11:18    --------    d-----w-    c:\programmer\QuickTime
2009-07-04 11:11 . 2009-07-04 11:11    75048    ----a-w-    c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-26 13:18 . 2009-06-26 13:20    --------    d-----w-    c:\documents and settings\Henrik\logitech
2009-06-26 13:09 . 2009-06-26 13:10    --------    d-----w-    c:\programmer\Fælles filer\Remote Control Software Common
2009-06-26 13:09 . 2009-06-26 13:09    --------    d-----w-    c:\programmer\Logitech
2009-06-26 13:09 . 2009-06-26 13:09    --------    d-----w-    c:\programmer\Fælles filer\Remote Control USB Driver
2009-06-24 14:32 . 2009-06-24 14:32    0    ----a-w-    c:\windows\nsreg.dat
2009-06-24 14:32 . 2009-06-24 14:32    --------    d-----w-    c:\documents and settings\Henrik\Lokale indstillinger\Application Data\Mozilla
2009-06-19 20:14 . 2009-06-19 20:14    38208    ----a-w-    c:\documents and settings\Henrik\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-06-19 20:14 . 2009-06-19 20:14    --------    d-----w-    c:\programmer\Fælles filer\Adobe AIR
2009-06-19 20:10 . 2009-06-19 20:10    --------    d-----w-    c:\documents and settings\Henrik\Lokale indstillinger\Application Data\P5
2009-06-16 14:58 . 2009-06-16 14:58    --------    d-----w-    c:\documents and settings\Henrik\Application Data\Canneverbe_Limited
2009-06-16 14:58 . 2009-06-16 14:58    --------    d-----w-    c:\programmer\CDBurnerXP
2009-06-16 14:07 . 2009-06-16 14:07    --------    d-----w-    c:\documents and settings\Henrik\Lokale indstillinger\Application Data\Collectorz.com
2009-06-16 14:06 . 2009-06-16 14:06    --------    d-----w-    c:\programmer\COLLEC~1.COM
2009-06-15 19:50 . 2009-06-16 14:27    --------    d-----w-    c:\documents and settings\Henrik\Application Data\Movienizer

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-06 15:44 . 2008-07-03 18:29    --------    d-----w-    c:\documents and settings\Henrik\Application Data\Tunebite
2009-07-05 19:34 . 2009-03-25 20:33    --------    d-----w-    c:\programmer\PokerStars
2009-07-04 11:19 . 2009-04-07 15:11    --------    d-----w-    c:\programmer\Fælles filer\Apple
2009-06-26 13:09 . 2007-11-28 23:20    --------    d--h--w-    c:\programmer\InstallShield Installation Information
2009-06-25 14:08 . 2008-07-27 13:04    --------    d-----w-    c:\programmer\Bet24
2009-06-24 13:06 . 2008-12-22 14:17    11952    ----a-w-    c:\windows\system32\avgrsstx.dll
2009-06-24 13:06 . 2008-12-22 14:17    327688    ----a-w-    c:\windows\system32\drivers\avgldx86.sys
2009-06-24 13:06 . 2008-12-22 14:17    27784    ----a-w-    c:\windows\system32\drivers\avgmfx86.sys
2009-06-16 15:18 . 2007-11-29 20:19    --------    d-----w-    c:\programmer\Ashampoo
2009-06-16 14:34 . 2007-11-29 20:20    --------    d-----w-    c:\documents and settings\Henrik\Application Data\Ashampoo
2009-06-05 09:42 . 2009-04-07 15:11    39424    ----a-w-    c:\windows\system32\drivers\usbaapl.sys
2009-06-05 09:42 . 2009-04-07 15:11    2060288    ----a-w-    c:\windows\system32\usbaaplrc.dll
2009-05-26 20:33 . 2008-07-02 19:24    146099    ----a-w-    c:\windows\hpoins12.dat
2009-05-16 09:55 . 2008-07-16 09:45    --------    d-----w-    c:\documents and settings\Henrik\Application Data\Image Zone Express
2009-05-13 05:05 . 2004-08-26 15:53    915456    ----a-w-    c:\windows\system32\wininet.dll
2009-05-07 15:33 . 2004-08-26 15:53    346624    ----a-w-    c:\windows\system32\localspl.dll
2009-05-03 14:34 . 2008-12-22 14:17    108552    ----a-w-    c:\windows\system32\drivers\avgtdix.sys
2009-04-19 19:50 . 2004-08-26 15:49    1847168    ----a-w-    c:\windows\system32\win32k.sys
2009-04-19 12:56 . 2001-10-09 12:00    91402    ----a-w-    c:\windows\system32\perfc006.dat
2009-04-19 12:56 . 2001-10-09 12:00    475442    ----a-w-    c:\windows\system32\perfh006.dat
2009-04-15 14:53 . 2004-08-26 15:53    585216    ----a-w-    c:\windows\system32\rpcrt4.dll
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="c:\programmer\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"Tunebite"="c:\programmer\RapidSolution\Tunebite\Tunebite.exe" [2008-06-12 6366512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-28 7581696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-28 86016]
"AzMixerSel"="c:\programmer\Realtek\InstallShield\AzMixerSel.exe" [2007-11-28 53248]
"ACU"="c:\programmer\Atheros\ACU.exe" [2005-01-31 253952]
"LogitechCameraAssistant"="c:\programmer\Acer\OrbiCam\CameraAssistant.exe" [2006-06-26 331776]
"LogitechVideo[inspector]"="c:\programmer\Acer\OrbiCam\InstallHelper.exe" [2006-06-26 14:55 73728]
"LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-11-29 630784]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-07-18 438272]
"Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"ISUSPM"="c:\programmer\Fælles filer\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2006-06-23 225280]
"HP Software Update"="c:\programmer\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"NSLauncher"="c:\programmer\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-09-07 3100672]
"sclauncher"="c:\programmer\SimpleCenter\bin\win\sclauncher.exe" [2007-01-30 94208]
"TkBellExe"="c:\programmer\Fælles filer\Real\Update_OB\realsched.exe" [2008-11-20 185872]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-24 1948440]
"SunJavaUpdateSched"="c:\programmer\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"WinampAgent"="c:\programmer\Winamp\winampa.exe" [2009-03-09 37888]
"QuickTime Task"="c:\programmer\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\programmer\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2007-11-28 2879488]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-11-28 16261632]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menuen Start\Programmer\Start\
Acer Empowering Technology.lnk - c:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2008-2-23 45056]
BTTray.lnk - c:\programmer\WIDCOMM\Bluetooth Software\BTTray.exe [2006-1-17 618557]
HP Digital Imaging Monitor.lnk - c:\programmer\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
Service Manager.lnk - c:\programmer\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-06-24 13:06    11952    ----a-w-    c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages    REG_MULTI_SZ      msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
Trusted    1eeb

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmer\\InterVideo\\DVD8\\WinDVD.exe"=
"c:\\Programmer\\Messenger\\msmsgs.exe"=
"c:\\Programmer\\SimpleCenter\\Home Media Server.exe"=
"c:\\Programmer\\TmNationsForever\\TmForever.exe"=
"c:\\Programmer\\AVG\\AVG8\\avgemc.exe"=
"c:\\Programmer\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmer\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Programmer\\Fælles filer\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Programmer\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmer\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmer\\Logitech\\Logitech Harmony Remote Software 7\\HarmonyRemote.exe"=
"c:\\Programmer\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"554:TCP"= 554:TCP:TV 1000 play
"1755:TCP"= 1755:TCP:TV 1000 Play 1
"1755:UDP"= 1755:UDP:TV 1000 play 2
"5004:UDP"= 5004:UDP:TV 1000 play 3
"5005:TCP"= 5005:TCP:TV 1000 play 4

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [22-12-2008 16:17 327688]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [22-12-2008 16:17 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [22-12-2008 16:16 906520]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [22-12-2008 16:16 298776]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [18-03-2009 09:35 55152]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT;c:\programmer\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT --> c:\programmer\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT [?]
S3 fsssvc;Windows Live Family Safety;c:\programmer\Windows Live\Family Safety\fsssvc.exe [06-02-2009 19:08 533360]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [04-01-2009 18:31 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [04-01-2009 18:31 8320]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;c:\programmer\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> c:\programmer\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [07-04-2009 17:11 39424]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12    REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt    REG_MULTI_SZ      hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}]
c:\programmer\PixiePack Codec Pack\InstallerHelper.exe
.
Indhold af mappen 'Planlagte Opgaver'

2009-04-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmer\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-07-01 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

2009-07-06 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

2009-07-06 c:\windows\Tasks\User_Feed_Synchronization-{B055C63E-2C27-4848-B454-50AF8D70B19C}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
- - - - TOMME GENVEJE FJERNET - - - -

BHO-{97A1BA8F-93FC-47BC-8DE8-FCF0DA6C7862} - (no file)
Notify-iifcawv - iifcawv.dll


.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.morethanaclub.dk/
uInternet Settings,ProxyOverride = *.local
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
Trusted Zone: cdon.com\streamingserver
Trusted Zone: cdon.com\www
Trusted Zone: cdon.com\www.streamingserver
Trusted Zone: cdon.dk\www
Trusted Zone: viasat.dk\www
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.sparostjyl.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.20.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-06 18:02
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'explorer.exe'(7836)
c:\programmer\Fælles filer\Logitech\LVMVFM\LVPrcInj.dll
c:\acer\Empowering Technology\ePower\SysHook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\programmer\Fælles filer\Logitech\LVMVFM\LVPrcSrv.exe
c:\windows\system32\acs.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programmer\Bonjour\mDNSResponder.exe
c:\programmer\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\programmer\Fælles filer\InterVideo\RegMgr\iviRegMgr.exe
c:\programmer\Java\jre6\bin\jqs.exe
c:\programmer\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
c:\programmer\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\nvsvc32.exe
c:\programmer\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\windows\system32\WgaTray.exe
c:\programmer\AVG\AVG8\avgcsrvx.exe
c:\programmer\AVG\AVG8\avgtray.exe
c:\windows\system32\wbem\unsecapp.exe
c:\programmer\iPod\bin\iPodService.exe
c:\programmer\HP\Digital Imaging\bin\hpqste08.exe
c:\docume~1\Henrik\LOKALE~1\Temp\RtkBtMnt.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\programmer\Windows Live\Contacts\wlcomm.exe
.
**************************************************************************
.
Gennemført tid: 2009-07-06 18:07 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2009-07-06 16:07

Pre-Kørsel: 22.582.845.440 byte ledig
Post-Kørsel: 22.453.522.432 byte ledig

241    --- E O F ---    2009-06-11 11:24


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:10:34, on 06-07-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\programmer\fælles filer\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\acs.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\Programmer\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Fælles filer\InterVideo\RegMgr\iviRegMgr.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Programmer\AVG\AVG8\avgcsrvx.exe
C:\Programmer\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Programmer\Fælles filer\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\SimpleCenter\bin\win\sclauncher.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Programmer\Java\jre6\bin\jusched.exe
C:\Programmer\Winamp\winampa.exe
C:\Programmer\QuickTime\QTTask.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Windows Live\Messenger\msnmsgr.exe
C:\Programmer\RapidSolution\Tunebite\Tunebite.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Programmer\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\HP\Digital Imaging\bin\hpqSTE08.exe
C:\DOCUME~1\Henrik\LOKALE~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmer\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Programmer\internet explorer\iexplore.exe
C:\Programmer\internet explorer\iexplore.exe
C:\Programmer\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.morethanaclub.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmer\AVG\AVG8\avgssie.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {97A1BA8F-93FC-47BC-8DE8-FCF0DA6C7862} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Programmer\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [ACU] C:\Programmer\Atheros\ACU.exe -nogui
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programmer\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programmer\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [ISUSPM] "C:\Programmer\Fælles filer\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NSLauncher] C:\Programmer\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [sclauncher] C:\Programmer\SimpleCenter\bin\win\sclauncher.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Programmer\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Tunebite] C:\Programmer\RapidSolution\Tunebite\Tunebite.exe -tray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Service Manager.lnk = C:\Programmer\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programmer\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmer\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmer\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.sparostjyl.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.20.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1196290121984
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmer\Fælles filer\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmer\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Programmer\Fælles filer\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\programmer\fælles filer\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programmer\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmer\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 11812 bytes
Avatar billede Computer Hjælp (Gratis) Mester
06. juli 2009 - 19:27 #1
Malwarebytes fik noget at se til...

Efterfølgende oprydning ->

Afinstaller (Hvis de er der?)

* Google Software Updater
* Apple Mobile Device
* iPod-tjeneste (iPod Service)
* Bonjour-tjeneste (Bonjour Service)

via
[Start][Indstilninger][Kontrolpanel][Tilføj/fjern programmer]

Genstart for at fuldføre afinstalationen...

------------------------------------------------------------------------

Kør en scanning med Hijackthis,
Du får herunder nogle filer, som du skal/kan fixe. Det, du skal gøre, er at sætte et flueben ud for disse filer. Når du har gjort det, så lukker du alle andre vinduer ned. Det er meget vigtigt at det eneste vindue, som er åbent er HijackThis vinduet. Husk også at lukke dette vindue, når du har markeret filerne. Nu må du fixe. Klik på Fix checked.

Det er disse, som skal fixes:

O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [WinampAgent] C:\Programmer\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Tunebite] C:\Programmer\RapidSolution\Tunebite\Tunebite.exe -tray

O4 - Global Startup: Service Manager.lnk = C:\Programmer\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programmer\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe

Genstart normalt...

------------------------------------------------------------------------

Slet mapper:
* C:\Programmer\PokerStars\
* C:\Microgaming\Poker\

------------------------------------------------------------------------

Ta' en oprydning med CCleaner ->
http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/manual-for-installation-og-brug-af-ccleaner/ (Specielt punktet [Register]...)
http://www.ccleaner.com/download/builds/downloading-slim
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller *NEJ* til den.

http://vistaguide.dk/?Artikler/CCleaner-GuideTilOptimeringAfVista/763

------------------------------------------------------------------------

Hvordan kører PC'en så nu ?
Avatar billede jelle_b_k Nybegynder
06. juli 2009 - 20:28 #2
PC'en kører umidlbart fint. Jeg så osse i ccleaner at jeg havde temmelig mange programmer som skulle starte op ved opstart af PC, så disse har jeg fået ryddet lidt op i, og det har hjulpet en del.
Når nu du har bedt mig slette et par af mine poker klienter, vil det så være dumt at indstallere disse på ny?
Avatar billede Computer Hjælp (Gratis) Mester
06. juli 2009 - 20:35 #3
.... bruger du disse Poker halløj ?
Avatar billede jelle_b_k Nybegynder
06. juli 2009 - 20:41 #4
Ja, dem bruger jeg jævnligt.
Avatar billede Computer Hjælp (Gratis) Mester
06. juli 2009 - 21:03 #5
... så læg dem ind igen ... Kender dem ikke selv men hold øje med diverse uønskede tilbehørs elementer...
Avatar billede jelle_b_k Nybegynder
06. juli 2009 - 21:13 #6
Ok. Mange tak for hjælpen..
Avatar billede jelle_b_k Nybegynder
06. juli 2009 - 21:20 #7
Du kan lige oprette et svar, så du kan få dine point.
Avatar billede Computer Hjælp (Gratis) Mester
06. juli 2009 - 21:23 #8
Der er ikke mere 'snavs' ifølge din Log...

Du er velkommen en anden gang...

Efter sådan en tur er det altid en god ide og rydde op i systemgendannelsesfilerne.
Deaktiver systemgendannelse -> http://www.spywareinfo.dk/#/tip-og-tricks/deaktiver_systemgendannelse.htm
Genstart din computer - aktiver systemgendannelse. Dette gøres samme sted, hvor du deaktiverede, denne gang skal du blot aktivere.
Det vil også være en god idé manuelt at oprette et nyt punkt, som du kan navngive, og vende tilbage til, hvis du skulle få problemer af nogen art.

Et par artikler om sikker surfing finder du her:
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=14414

Safe Surfing...

--------------
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Findes der mon et Antivirus program, som ikke, konstant, reklamerer, for at købe ? Af Ikke-ekspert i Virus 21 22/06/202419:22 23/06/202412:54
Anbefaling af antivirusprogram med firewall Af OnePlusFan i Virus 23 07/05/202421:02 13/05/202419:48
trusler Af gerhardpet i Virus 4 26/01/202410:02 27/01/202408:32
Kan ikke fjerne virus Af mik28 i Virus 16 09/01/202416:37 10/01/202419:59
virusscanning Af JetteD i Virus 2 10/11/202312:55 10/11/202316:36
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
8 min siden Kan det gøres lettere Af densortehingst i Excel
I går 21:49 En app vækker mig om morgenen og giver en vejrudsigt - hvordan stoppe det? Af Philip Kuhlmann i Apps til Android
I går 21:28 visning af heltal som resultat efter beregning Af Brian_Skovgaard i Excel
I går 14:48 Microsoft Business - kan ikke logge ind Af Lasse i Office & Kontorpakker
I går 05:32 Kan VPN hjælpe mig med at se Disney - Amazon betalt i Colombia, men bruge i DK? Af klavil i Andet software
White papers
Flere white papers »


Premium
Teaser billede
Apple præsenter første regnskab siden AI-udmelding: Her er tre bemærkelsesværdige pointer derfra
Læs mere »
Sårbarhed kan let give administratorrettigheder til alle: Udnyttes allerede af ransomware-grupper
Datatilsynet fik hård kritik af Rigsrevisionen - men nu er der fremgang at spore, lyder det i nyt notat
Svimlende milliard-vækst i sigte: AI-platformes omsætning spås at vokse med 40 procent hvert af de næste fem år
Se alle »
Computerworld
Teaser billede
Med SearchGPT har verden fået en spritny søgemaskine: Kan den true Googles dominans?
Læs mere »
Første test: Denne helt nye wunder-CPU vil du have i din næste laptop
Test: Endelig kan man få en soundbar der lyder godt - og som ikke behøver nogen klodset subwoofer
Nørgaard: Jeg har jo sagt det gang på gang på gang! VMS er det bedste styresystem EVER! Men lytter folk?! Nej, nej og atter nej!
Se alle »
CIO
Teaser billede
Stor aftale gør Microsofts datacentre hurtigere - investerer i netværksudstyr
Læs mere »
Telenor skrotter ældre it-system: Nyt system er en hyldevare
Derfor står Danske Bank foran en kæmpe AWS-transformation: Ellers skulle vi bygge en ny infrastruktur for at følge med
NIS2 i Danmark udskydes med flere måneder: Her er den nye dato, hvor loven træder i kraft
Se alle »
Job & Karriere
Teaser billede
Efter 12 år er NNIT's hovedkvarter i Søborg nu ryddet og tomt - alle arbejder hjemme: "Det er med et vist vemod"
Læs mere »
KMD-direktør forlader selskabet: Det skal hun nu
Dansk top-profil trækker sig fra Microsoft: Skal være direktør i TDC Erhverv
IBM Danmark skifter ud i sin øverste ledelse - her er den nye direktion
Se alle »
White paper
Teaser billede
Opdag fordelene ved cloud-baseret backup og recovery
Læs mere »
Informationshåndtering på frontlinjen: Sådan optimerer du med automatisering
Få mere ud af din cloudinfrastruktur og gør op med de konstant stigende omkostninger
Guide: Sådan udvikler du en moderne netværksstrategi
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »