Avatar billede swordcat Nybegynder
05. december 2009 - 13:51 Der er 16 kommentarer og
1 løsning

Tjenesten sikkerhedscenter kan ikke startes

Jeg tror sku jeg har fået virus på min fine bærbar. Problemet startede da jeg downloadede en fil, som jeg nok aldrig skulle have rørt. Irriterende pop-ups og unødvendige pornoikoner blev lagt på mit skrivebord. Det er nu ikke længere et problem, for de dukker ikke op mere.

Nu kan og vil sikkerhedscenteret ikke startes. Det røde skjold med det hvide kryds nederest til højre minder mig om problemet, hver gang jeg tænder for computeren.

Har læst og gjort præcis hvad der står: http://www.eksperten.dk/guide/1232

ccleaner, malwarebytes, combofixog hijackthis er taget i brug og har nu brug for Jer ekspertes bud på hvad der er galt. Her er logs'ne fra de ovennævnte programmer foruden ccleaner.

Malwarebytes:

Malwarebytes' Anti-Malware 1.42
Database version: 3299
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18828

05-12-2009 11:27:56
mbam-log-2009-12-05 (11-27-56).txt

Skan type: Fuldstændig skanning (C:\|)
Objekter skannet: 211202
Tid tilbagelagt: 2 hour(s), 31 minute(s), 56 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)

ComboFix:
ComboFix 09-12-04.02 - Volkan 05-12-2009 12:40.2.2 - x86
Microsoft® Windows Vista™ Home Basic  6.0.6002.2.1252.45.1030.18.1013.211 [GMT 1:00]
Kører fra: c:\users\Volkan\Desktop\Ny\ComboFix.exe
Kommandoer benyttet :: c:\users\Volkan\Desktop\Ny\CFScript.txt
.

(((((((((((((((((((((((((((((  Filer skabt fra 2009-11-05 til 2009-12-05  )))))))))))))))))))))))))))))))))))
.

2009-12-05 11:58 . 2009-12-05 11:58    --------    d-----w-    c:\users\Public\AppData\Local\temp
2009-12-05 11:58 . 2009-12-05 11:58    --------    d-----w-    c:\users\Default\AppData\Local\temp
2009-12-05 11:40 . 2009-12-05 11:40    --------    d-----w-    c:\program files\Trend Micro
2009-12-05 11:03 . 2009-12-05 12:01    4096    d-----w-    c:\users\Volkan\AppData\Local\temp
2009-12-05 07:54 . 2009-12-05 07:54    --------    d-----w-    c:\users\Volkan\AppData\Roaming\Malwarebytes
2009-12-05 07:54 . 2009-12-03 15:14    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-05 07:54 . 2009-12-05 07:54    --------    d-----w-    c:\programdata\Malwarebytes
2009-12-05 07:54 . 2009-12-05 07:54    4096    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2009-12-05 07:54 . 2009-12-03 15:13    19160    ----a-w-    c:\windows\system32\drivers\mbam.sys
2009-12-05 07:52 . 2009-12-05 07:52    --------    d-----w-    c:\program files\CCleaner
2009-12-05 07:30 . 2009-12-05 12:02    4096    d-----w-    c:\windows\system32\wbem\repository
2009-12-04 17:22 . 2009-07-28 14:33    55656    ----a-w-    c:\windows\system32\drivers\avgntflt.sys
2009-12-04 17:22 . 2009-03-30 08:33    96104    ----a-w-    c:\windows\system32\drivers\avipbb.sys
2009-12-04 17:22 . 2009-12-04 17:22    --------    d-----w-    c:\programdata\Avira
2009-12-04 17:22 . 2009-12-04 17:22    --------    d-----w-    c:\program files\Avira
2009-11-25 15:43 . 2009-10-29 09:17    2048    ----a-w-    c:\windows\system32\tzres.dll
2009-11-25 15:42 . 2009-11-25 15:42    --------    d-----w-    c:\program files\MSXML 4.0
2009-11-25 15:41 . 2009-08-11 16:44    1401856    ----a-w-    c:\windows\system32\msxml6.dll
2009-11-25 15:41 . 2009-08-11 16:44    1248768    ----a-w-    c:\windows\system32\msxml3.dll
2009-11-15 09:54 . 2009-11-15 09:54    --------    d-----w-    c:\users\Volkan\AppData\Local\Apple
2009-11-13 18:00 . 2009-12-05 07:30    --------    d-----w-    c:\users\Volkan\Tracing
2009-11-11 08:36 . 2009-08-14 13:27    2036736    ----a-w-    c:\windows\system32\win32k.sys
2009-11-11 08:36 . 2009-08-10 12:35    355328    ----a-w-    c:\windows\system32\WSDApi.dll
2009-11-09 21:03 . 2009-11-09 21:03    --------    d-----w-    c:\program files\Common Files\Adobe
2009-11-06 06:12 . 2009-08-07 02:24    44768    ----a-w-    c:\windows\system32\wups2.dll
2009-11-06 06:12 . 2009-08-07 02:24    53472    ----a-w-    c:\windows\system32\wuauclt.exe
2009-11-06 06:12 . 2009-08-07 02:23    1929952    ----a-w-    c:\windows\system32\wuaueng.dll
2009-11-06 06:12 . 2009-08-07 01:45    2421760    ----a-w-    c:\windows\system32\wucltux.dll
2009-11-06 06:11 . 2009-08-07 02:24    35552    ----a-w-    c:\windows\system32\wups.dll
2009-11-06 06:11 . 2009-08-07 02:23    575704    ----a-w-    c:\windows\system32\wuapi.dll
2009-11-06 06:11 . 2009-08-07 01:44    87552    ----a-w-    c:\windows\system32\wudriver.dll
2009-11-06 06:11 . 2009-08-06 18:23    171608    ----a-w-    c:\windows\system32\wuwebv.dll
2009-11-06 06:11 . 2009-08-06 17:44    33792    ----a-w-    c:\windows\system32\wuapp.exe

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-02 16:24 . 2006-11-21 04:45    78210    ----a-w-    c:\windows\system32\perfc006.dat
2009-12-02 16:24 . 2006-11-21 04:45    466378    ----a-w-    c:\windows\system32\perfh006.dat
2009-11-13 17:54 . 2009-07-05 17:23    4096    d-----w-    c:\programdata\avg8
2009-11-13 17:40 . 2009-02-22 13:15    4096    d-----w-    c:\program files\DivX
2009-11-11 14:13 . 2006-11-02 11:18    4096    d-----w-    c:\program files\Windows Mail
2009-11-11 08:47 . 2009-05-08 09:24    12288    d-----w-    c:\programdata\Microsoft Help
2009-11-02 19:42 . 2009-10-08 00:07    195456    ------w-    c:\windows\system32\MpSigStub.exe
2009-11-01 18:44 . 2009-11-01 16:15    4096    d-----w-    c:\users\Volkan\AppData\Roaming\vlc
2009-11-01 16:14 . 2009-11-01 16:14    --------    d-----w-    c:\program files\VideoLAN
2009-10-31 16:17 . 2009-10-31 16:15    4096    d-----w-    c:\program files\iTunes
2009-10-31 16:16 . 2009-10-31 16:16    --------    d-----w-    c:\program files\iPod
2009-10-31 16:15 . 2009-09-15 15:41    --------    d-----w-    c:\program files\Common Files\Apple
2009-10-31 16:09 . 2009-10-31 16:09    79144    ----a-w-    c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-28 22:58 . 2009-10-28 22:58    --------    d-----w-    c:\program files\Windows Portable Devices
2009-10-28 22:57 . 2006-11-02 10:25    665600    ----a-w-    c:\windows\inf\drvindex.dat
2009-10-28 22:57 . 2009-10-28 22:57    0    ---ha-w-    c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-10-28 22:56 . 2009-10-28 22:56    0    ---ha-w-    c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-10-17 13:37 . 2009-01-20 13:35    4096    d-----w-    c:\programdata\CanonIJPLM
2009-10-16 11:42 . 2007-09-06 16:09    24576    d-----w-    c:\program files\Microsoft Works
2009-10-10 10:04 . 2007-09-12 18:38    4096    d-----w-    c:\users\Volkan\AppData\Roaming\Apple Computer
2009-10-10 10:04 . 2009-02-22 06:51    4096    d-----w-    c:\program files\QuickTime
2009-10-08 21:08 . 2009-10-28 12:55    555520    ----a-w-    c:\windows\system32\UIAutomationCore.dll
2009-10-08 21:08 . 2009-10-28 12:55    234496    ----a-w-    c:\windows\system32\oleacc.dll
2009-10-08 21:07 . 2009-10-28 12:55    4096    ----a-w-    c:\windows\system32\oleaccrc.dll
2009-10-01 01:02 . 2009-10-28 12:56    2537472    ----a-w-    c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-10-28 12:56    30208    ----a-w-    c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-10-28 12:56    334848    ----a-w-    c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-10-28 12:56    87552    ----a-w-    c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-10-28 12:56    31232    ----a-w-    c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-10-28 12:56    546816    ----a-w-    c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-10-28 12:56    160256    ----a-w-    c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-10-28 12:56    60928    ----a-w-    c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-10-28 12:56    350208    ----a-w-    c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-10-28 12:56    196608    ----a-w-    c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-10-28 12:56    100864    ----a-w-    c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-10-28 12:56    81920    ----a-w-    c:\windows\system32\wpdbusenum.dll
2009-10-01 01:01 . 2009-10-28 12:56    40448    ----a-w-    c:\windows\system32\drivers\WpdUsb.sys
2009-10-01 01:01 . 2009-10-28 12:56    226816    ----a-w-    c:\windows\system32\WpdMtp.dll
2009-10-01 01:01 . 2009-10-28 12:56    61952    ----a-w-    c:\windows\system32\WpdMtpUS.dll
2009-10-01 01:01 . 2009-10-28 12:56    33280    ----a-w-    c:\windows\system32\WpdConns.dll
2009-09-25 02:10 . 2009-10-28 12:57    974848    ----a-w-    c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07 . 2009-10-28 12:57    189440    ----a-w-    c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04 . 2009-10-28 12:57    321024    ----a-w-    c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49 . 2009-10-28 12:57    1554432    ----a-w-    c:\windows\system32\xpsservices.dll
2009-09-25 01:48 . 2009-10-28 12:57    351232    ----a-w-    c:\windows\system32\XpsPrint.dll
2009-09-25 01:38 . 2009-10-28 12:57    847360    ----a-w-    c:\windows\system32\OpcServices.dll
2009-09-25 01:36 . 2009-10-28 12:57    280064    ----a-w-    c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35 . 2009-10-28 12:57    135680    ----a-w-    c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33 . 2009-10-28 12:57    195584    ----a-w-    c:\windows\system32\dxdiagn.dll
2009-09-25 01:33 . 2009-10-28 12:57    829440    ----a-w-    c:\windows\system32\d3d10warp.dll
2009-09-25 01:33 . 2009-10-28 12:57    369664    ----a-w-    c:\windows\system32\WMPhoto.dll
2009-09-25 01:32 . 2009-10-28 12:57    252928    ----a-w-    c:\windows\system32\dxdiag.exe
2009-09-25 01:31 . 2009-10-28 12:57    519680    ----a-w-    c:\windows\system32\d3d11.dll
2009-09-25 01:31 . 2009-10-28 12:57    486912    ----a-w-    c:\windows\system32\d3d10level9.dll
2009-09-25 01:31 . 2009-10-28 12:57    161280    ----a-w-    c:\windows\system32\d3d10_1.dll
2009-09-25 01:31 . 2009-10-28 12:57    218112    ----a-w-    c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31 . 2009-10-28 12:57    1030144    ----a-w-    c:\windows\system32\d3d10.dll
2009-09-25 01:31 . 2009-10-28 12:57    828928    ----a-w-    c:\windows\system32\d2d1.dll
2009-09-25 01:30 . 2009-10-28 12:57    481792    ----a-w-    c:\windows\system32\dxgi.dll
2009-09-25 01:30 . 2009-10-28 12:57    190464    ----a-w-    c:\windows\system32\d3d10core.dll
2009-09-25 01:27 . 2009-10-28 12:57    634880    ----a-w-    c:\windows\system32\drivers\dxgkrnl.sys
2009-09-25 01:27 . 2009-10-28 12:57    37888    ----a-w-    c:\windows\system32\cdd.dll
2009-09-25 01:27 . 2009-10-28 12:57    793088    ----a-w-    c:\windows\system32\FntCache.dll
2009-09-25 01:27 . 2009-10-28 12:57    1064448    ----a-w-    c:\windows\system32\DWrite.dll
2009-09-24 22:54 . 2009-10-28 12:57    258048    ----a-w-    c:\windows\system32\winspool.drv
2009-09-24 22:54 . 2009-10-28 12:57    667648    ----a-w-    c:\windows\system32\printfilterpipelinesvc.exe
2009-09-24 22:54 . 2009-10-28 12:57    26112    ----a-w-    c:\windows\system32\printfilterpipelineprxy.dll
2009-09-18 14:35 . 2008-05-12 19:14    934    ----a-w-    c:\users\Volkan\AppData\Roaming\wklnhst.dat
2009-09-14 09:29 . 2009-10-16 11:33    144896    ----a-w-    c:\windows\system32\drivers\srv2.sys
2009-09-10 16:48 . 2009-10-16 11:33    218624    ----a-w-    c:\windows\system32\msv1_0.dll
2009-09-10 14:59 . 2009-10-28 12:51    8147456    ----a-w-    c:\windows\system32\wmploc.DLL
2009-09-10 14:58 . 2009-10-28 12:51    310784    ----a-w-    c:\windows\system32\unregmp2.exe
2009-09-10 02:01 . 2009-10-28 12:58    3023360    ----a-w-    c:\windows\system32\UIRibbon.dll
2009-09-10 02:00 . 2009-10-28 12:58    1164800    ----a-w-    c:\windows\system32\UIRibbonRes.dll
2009-09-10 02:00 . 2009-10-28 12:58    92672    ----a-w-    c:\windows\system32\UIAnimation.dll
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-14 14:07    1004800    ----a-w-    c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-18 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-18 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-18 133656]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-11-26 2029336]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-11-07 3772416]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Users^Volkan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Media Player.lnk]
backup=c:\windows\pss\Adobe Media Player.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Volkan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):28,8e,15,40,19,fa,c9,01

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [05-07-2009 18:23 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [05-07-2009 18:24 108552]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [04-12-2009 18:22 108289]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [05-07-2009 18:23 297752]
R3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys [21-12-2006 11:33 7168]
S3 FontCache;Tjenesten Windows-skrifttypecache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [05-10-2008 13:27 21504]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\System32\drivers\usbaapl.sys [28-08-2009 18:42 40448]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork    REG_MULTI_SZ      PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation    REG_MULTI_SZ      FontCache
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.dk/
uInternet Settings,ProxyOverride = *.local
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?DK
Trusted Zone: microsoft.com\update
TCP: {59E7E360-D930-4F4B-941C-4572E6E6AD37} = 208.67.222.222,208.67.220.220
.

**************************************************************************
scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer:

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\agrsmsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\AVG\AVG8\avgtray.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Gennemført tid: 2009-12-05 13:12 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2009-12-05 12:12
ComboFix2.txt  2009-12-05 11:03

Pre-Kørsel: 25.646.542.848 byte ledig
Post-Kørsel: 25.711.050.752 byte ledig

- - End Of File - - E0A68F407370DB09CF38BD4F98AEF20B

Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:32:35, on 05-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?DK (file missing)
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (Lotus Quickr Class) - http://kpssemsrv03.udd.sembsc.dk/qp2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldda-dk.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldda-dk.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59E7E360-D930-4F4B-941C-4572E6E6AD37}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 6564 bytes
Avatar billede swordcat Nybegynder
05. december 2009 - 13:56 #1
Glemte at sige at jeg kører på Vista
Avatar billede milter Ekspert
05. december 2009 - 14:59 #2
Prøv det her:

Klik på Start > Kør > I vinduet skriver du "services.msc" (uden anførselstegn) > Rul ned, til du finder linien med "Sikkerhedscenter" > Dobbeltklik på linien > Sæt "Starttype" til "Automatisk" > Anvend > OK > Genstart.
05. december 2009 - 15:01 #3

Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)


---

Under alle omstændigheder så kørere du både med
* AVG8 (Gammel version !!!)
* Avira

Afinstall den begge - Genstart - Opryd med CCleaner - Install
* AVG9 http://www.spywarefri.dk/software/avast-antivirus-home-edition/
eller
* Avast! http://www.spywarefri.dk/software/avg-anti-virus-free-edition/

---
Avatar billede swordcat Nybegynder
05. december 2009 - 19:34 #4
Ja det har du ret i. Det skal dog siges at jeg først installerede Avast, efter at fejlmeldingen omkring sikkerhedscentret poppede op, samt de omtalte popups. Gjorde det for at se om Avast kunne finde nogle virusser, da AVG ikke fandt nogle. Eller det gjorde AVG rent faktisk efter et stykke tid. Virusset hed noget ala: richtx.exe ...kan ikke huske det helt :(

Men er det et problem at have 2 antivirusprogrammer kørende?

Du anbefaler altså kun 1, hvis jeg har forstået det rigtigt?

Jeg har nu ikke længere problemet, det viste sig at sikkerhedscentret efter en genstart af computeren blev sat iorden så at sige.

fromsej's guide gav med andre ord pote.

Vil dog stadig give dig point's for at have gennemgået logs'ne...
05. december 2009 - 19:41 #5
Jeg vil nu gerne se en frisk Log fra HiJackThis - der er bla. lidt oprydning/optimering's detaljer...
Avatar billede swordcat Nybegynder
06. december 2009 - 07:21 #6
HER HAR DU DEN:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:32:35, on 05-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (file missing)
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?DK (file missing)
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (Lotus Quickr Class) - http://kpssemsrv03.udd.sembsc.dk/qp2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldda-dk.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldda-dk.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59E7E360-D930-4F4B-941C-4572E6E6AD37}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 6564 bytes
06. december 2009 - 10:22 #7
Scan saved at 13:32:35, on 05-12-2009 - der er den gamle Log ! Opret en ny...
Avatar billede swordcat Nybegynder
10. december 2009 - 18:18 #8
Lig et svar.....problemmet er løst ;)
10. december 2009 - 19:01 #9
...Jeg vil nu gerne se en frisk Log fra HiJackThis - der er bla. lidt oprydning/optimering's detaljer...
...
Avatar billede swordcat Nybegynder
11. december 2009 - 06:44 #10
Hver gang jeg bruger Hijackthis, så gemmer/kommer den gamle logfil frem. Det er den samme som vist foroven....hmmm. Hvad gør jeg karise?
Desuden kommer den med en meddelelse inden scanningen? http://img294.imageshack.us/img294/1641/desktopk.jpg
11. december 2009 - 06:57 #11
SLET den gamle LOG fil helt - så ka' den tihvertifald ikke drille *S*

Mht. HiJackThis & Vista ->
HøjreMsseTast - "Kør som Administrator..."
Avatar billede swordcat Nybegynder
11. december 2009 - 17:17 #12
Her er den så :) og tak for hjælpen




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:16:27, on 11-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?DK (file missing)
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (Lotus Quickr Class) - http://kpssemsrv03.udd.sembsc.dk/qp2.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldda-dk.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldda-dk.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{59E7E360-D930-4F4B-941C-4572E6E6AD37}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 6631 bytes
12. december 2009 - 12:28 #13
Der er stadig (rester efter?)
* Avira AntiVir
* AVG Free8

Se #3 ... igen ...
Avatar billede swordcat Nybegynder
19. december 2009 - 09:21 #14
Jamen gør det noget at have 2 anti-virus programer installeret?
19. december 2009 - 10:21 #15
"Gør det noget at have to kærester samtidig" *G*
De vil modarbejde hinanden...

Mht nævnte AVG8 -> http://www.spywarefri.dk/artikel/computerblade-misinformerer/

Se #3 ... igen ... igen...
Avatar billede swordcat Nybegynder
22. december 2009 - 18:40 #16
tak for hjælpen lig et svar ;)
22. december 2009 - 19:34 #17
Ping...
(Det var et [svar]...)
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester