CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede klangens Nybegynder
20. august 2013 - 10:23 Der er 32 kommentarer og
1 løsning

Hijack

Er der en der vil tjekke denne log for snavs? Jeg har kørt CCleaner.

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:20:21, on 20-08-2013
Platform: Windows 7 SP1 (WinNT 6.00.3504)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)


Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\Fighters\Tray\FightersTray.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\AirPort\APAgent.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Users\Søren\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Users\Søren\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Søren\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Hewlett-Packard\KBD\kbd.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Søren\Desktop\HijackThis.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcrobatInfo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DK&userid=f90384c8-3f03-4c43-9e13-49449037c063&searchtype=ds&q={searchTerms}&installDate=01/07/2013
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DK&userid=f90384c8-3f03-4c43-9e13-49449037c063&searchtype=ds&q={searchTerms}&installDate=01/07/2013
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/ig
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DK&userid=f90384c8-3f03-4c43-9e13-49449037c063&searchtype=ds&q={searchTerms}&installDate=01/07/2013
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DK&userid=f90384c8-3f03-4c43-9e13-49449037c063&searchtype=ds&q={searchTerms}&installDate=01/07/2013
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: BHO_PROJECT - {0931BD3F-547E-45C1-B133-D0E995645DBA} - (no file)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: IEWebHook - {AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - C:\Users\Søren\AppData\Roaming\Media Finder\Extensions\IEPlugin32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [CommonToolkitTray] C:\Program Files\Fighters\Tray\FightersTray.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [KBD] C:\Program Files\Hewlett-Packard\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe -s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files\AirPort\APAgent.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Søren\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [SanDiskSecureAccess_Manager.exe] C:\Users\Søren\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Startup: Dropbox.lnk = ?
O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: Skærmklipper og startprogram til OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html
O8 - Extra context menu item: Føj linkdestinationen til en eksisterende PDF-fil - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Føj til en eksisterende PDF-fil - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Konverter linkdestinationen til en Adobe PDF-fil - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Konverter til Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Sammenkædede OneNote-noter - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Sammenkædede OneNote-noter - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Vis eller skjul HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {19D6A3D5-EA50-4C3B-88F0-79627C325570} (IlosoftMultipleImageCtrl Class) - https://www.one.com/static/controls/IlosoftMultipleImageUpload.dll
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/DK/Core/Player/2020PlayerAX_IKEA_Win32.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - Unknown owner - C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe (file missing)
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Bonjour tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Tjeneste (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe
O23 - Service: Virtual CDAudio Service - RapidSolution Software AG - C:\Program Files\RapidSolution\Tunebite 7\VCDWriter\32\VCDAudioService.exe

--
End of file - 16047 bytes
Avatar billede sonalias Seniormester
20. august 2013 - 11:13 #1
Du eeeeelsker synkroniserings tjenester, har du virkelig brug for alle 3? Og skal vi kigge efter noget bestemt? Faldt ikke over noget gruopvækkende... :)
Avatar billede sonalias Seniormester
20. august 2013 - 11:14 #2
Egentligt sjovt hvor meget man kan fortælle om dig ud fra en sådan log, du spiller meget, tænker ikke så meget over hvad du installere og downloader en del ikke helt lovlige sager :b Og så er du for nyligt flyttet for dig selv og har en Iphone. ? :P
Avatar billede sonalias Seniormester
20. august 2013 - 11:17 #3
BHO: Groove GFS Browser Helper: Tjek lige op på at dette er hvad den udgiver sig for (Office14????) Jf. http://answers.microsoft.com/en-us/ie/forum/ie8-windows_xp/what-does-groove-gfs-browser-helper-do-in-ie8/6e8b8067-ea4e-464d-812e-004c4932fe8c
Avatar billede 220661 Ekspert
20. august 2013 - 12:25 #4
Har du en ide om hvad dette er?
O15 - Trusted Zone: http://XXXXX

I følge en søgning  http://XXXXXX  ser det ud til at det ikke er en side man kan tro på.
Avatar billede 220661 Ekspert
20. august 2013 - 12:26 #5
Hov den troede jeg ikke ville komme som link, så lad være med at åbne det øverste link i #4
Avatar billede 220661 Ekspert
20. august 2013 - 12:28 #6
Prøvede lige linket på opdateret pc, og det er en side der er kendt for at være et angrebssted, så jeg havde slettet denne entry
Avatar billede 220661 Ekspert
20. august 2013 - 12:30 #7
Så derfor kør også Malwarebytes og AdwCleaner.
Hent Malwarebytes Anti-Malware herfra:
http://downloads.malwarebytes.org/mbam-download.php

Installer programmet - når det er gjort skal du lade programmet opdatere sig. Herefter åbner et vindue, hvor du skal flytte prikken til "Kør et fuldstændigt systemscan" - klik på Skan Knappen - lad programmet arbejde.
Når programmet har scannet færdigt tryk på "Vis resultater"  - og herefter tryk på "Fjern det valgte" - nu åbnes log'en og du skal gemme den et sted, hvor du kan finde den igen. Kopier loggen herind.
Mht.: Vista/Win7/Win8 - HøjreMusseTast - "Kør som Administrator..."

AdwCleaner: http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
Når programmet startes, tryk på "slet". Pc scannes, og ved endt scanning, skal pc genstartes, for at fjerne det som programmet finder. Tilbage fra genstart fremkommer en log som du godt må poste ind i næste indlæg. Mht.: Vista/Win7/Win8
- HøjreMusseTast - "Kør som Administrator..."
Avatar billede klangens Nybegynder
20. august 2013 - 15:43 #8
#1 Ikke noget bestemt, men synes maskinen er langsom, og der er en eller ting den vil installere men ikke kan finde.
Jeg ved ikke hvilke synkroniseringstjenester du mener!

#2 Helt forkert! Jeg spiller overhovedet ikke, er måske nok lidt på kanten mht. download, er gift med den samme på 36. år, og har bare fået en iphone mere i huset!

Jeg skal nok køre Malwarebytes og AdwCleaner, men ikke sikkert det bliver før i morgen!
Avatar billede klangens Nybegynder
21. august 2013 - 06:08 #9
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.20.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16521
Søren :: STUEN [administrator]

20-08-2013 15:44:56
mbam-log-2013-08-20 (15-44-56).txt

Skanningstype: Fuldstændig skanning (C:\|D:\|)
Skanningsmuligheder valgt: Hukommelse | Opstart | Registreringsdatabasen | Filsystem | Heuristics/Ekstra | Heuristics/Shuriken | PUP | PUM
Skanningsmuligheder som er deaktiverede: P2P
Objekter skannet: 1018539
Tid gået: 4 time(e), 8 minut(ter), 26 sekund(er)

Hukommelses Processorer Inficeret: 1
C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe (PUP.Optional.OptimizerPro.A) -> 3468 -> Ingen handling valgt.

Hukommelses Moduler Inficeret: 0
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret: 7
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Ingen handling valgt.
HKCR\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899} (PUP.Optional.WebCake.A) -> Ingen handling valgt.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr) -> Ingen handling valgt.
HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> Ingen handling valgt.
HKCR\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E} (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.
HKCR\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00} (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.
HKCR\Interface\{19DF2320-6A8A-4942-AC4C-C449949DFC27} (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.

Registreringsdatabaseværdier Inficeret: 0
(Ingen skadelige objekter blev fundet)

Registreringsdatabasedata Objekter Inficeret: 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (PUP.Optional.Snapdo) -> Dårlig: (http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DK&userid=f90384c8-3f03-4c43-9e13-49449037c063&searchtype=ds&q={searchTerms}&installDate=01/07/2013) God: (http://www.google.com) -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (PUP.Optional.Snapdo) -> Dårlig: (http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DK&userid=f90384c8-3f03-4c43-9e13-49449037c063&searchtype=ds&q={searchTerms}&installDate=01/07/2013) God: (http://www.google.com) -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (PUP.Optional.Snapdo) -> Dårlig: (http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DK&userid=f90384c8-3f03-4c43-9e13-49449037c063&searchtype=ds&q={searchTerms}&installDate=01/07/2013) God: (http://www.google.com) -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant (PUP.Optional.Snapdo) -> Dårlig: (http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DK&userid=f90384c8-3f03-4c43-9e13-49449037c063&searchtype=ds&q={searchTerms}&installDate=01/07/2013) God: (http://www.google.com) -> Ingen handling valgt.

Inficerede Mapper: 2
C:\ProgramData\BetterSoft\OptimizerPro (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.
C:\ProgramData\BetterSoft\OptimizerPro\3036567561 (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.

Inficerede Filer: 19
C:\Users\Public\STUDIETING\MasterWriter.v2.0.MAC.OSX.UB - DYNAMiCS.exe (PUP.Optional.Installex) -> Ingen handling valgt.
C:\Users\Søren\AppData\Roaming\Allmyapps\install\193406.exe (PUP.Optional.OpenCandy) -> Ingen handling valgt.
C:\Users\Søren\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\stub_data\stubinst_pkg_en-eu.cab (PUP.Optional.OpenCandy) -> Ingen handling valgt.
C:\Windows.old\Program Files\RegClean Pro\RegCleanPro.exe (PUP.Hacktool.Patcher) -> Ingen handling valgt.
C:\Windows.old\Users\Administrator\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\productSetup_Setup_10_8_2011.exe (PUP.Optional.RegCleanerPro) -> Ingen handling valgt.
C:\Windows.old\Users\Søren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U04DP3T0\winzip155.exe (PUP.Optional.OpenCandy) -> Ingen handling valgt.
C:\downloads\winamp5621_full_emusic-7plus_en-us.exe (PUP.Optional.OpenCandy) -> Ingen handling valgt.
D:\Users\Søren\Documents\stl import for inventor setup.exe (PUP.AdBundle) -> Ingen handling valgt.
D:\Users\Søren\Documents\Div. programmer\Babylon9_setup.exe (PUP.Optional.Babylon.A) -> Ingen handling valgt.
D:\Users\Søren\Documents\Div. programmer\cdbxp_setup_4.5.2.4214.exe (PUP.Optional.OpenCandy) -> Ingen handling valgt.
D:\Users\Søren\Documents\Div. programmer\installer_paint_shop_pro.exe (PUP.BundleInstaller.DT) -> Ingen handling valgt.
D:\Users\Søren\Documents\Div. programmer\XILOG\xilog_plus_downloader_dk_99370.exe (PUP.Optional.YourFileDownloader) -> Ingen handling valgt.
D:\Users\Søren\Documents\Hentede filer\DTLite4413-0173.exe (PUP.Optional.OpenCandy) -> Ingen handling valgt.
D:\Users\Søren\Documents\Torrents\Band_In_A_Box_-_2005.exe (PUP.BundleInstaller.DW) -> Ingen handling valgt.
C:\Windows\Tasks\schedule!3036567561.job (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.
C:\ProgramData\BetterSoft\OptimizerPro\3036567561.dll (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.
C:\ProgramData\BetterSoft\OptimizerPro\3036567561.ini (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.
C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.
C:\Users\Søren\XLN.Audio.Addictive.Drums.DVDR.HYBRID-AiRISO\air-xlnaadkgn.rar (Malware.Packer.Gen) -> Sat i karantæne og slettet succesfuldt.

(færdig)
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.20.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16521
Søren :: STUEN [administrator]

20-08-2013 15:44:56
mbam-log-2013-08-20 (15-44-56).txt

Skanningstype: Fuldstændig skanning (C:\|D:\|)
Skanningsmuligheder valgt: Hukommelse | Opstart | Registreringsdatabasen | Filsystem | Heuristics/Ekstra | Heuristics/Shuriken | PUP | PUM
Skanningsmuligheder som er deaktiverede: P2P
Objekter skannet: 1018539
Tid gået: 4 time(e), 8 minut(ter), 26 sekund(er)

Hukommelses Processorer Inficeret: 1
C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe (PUP.Optional.OptimizerPro.A) -> 3468 -> Ingen handling valgt.

Hukommelses Moduler Inficeret: 0
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret: 7
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Ingen handling valgt.
HKCR\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899} (PUP.Optional.WebCake.A) -> Ingen handling valgt.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr) -> Ingen handling valgt.
HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> Ingen handling valgt.
HKCR\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E} (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.
HKCR\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00} (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.
HKCR\Interface\{19DF2320-6A8A-4942-AC4C-C449949DFC27} (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.

Registreringsdatabaseværdier Inficeret: 0
(Ingen skadelige objekter blev fundet)

Registreringsdatabasedata Objekter Inficeret: 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (PUP.Optional.Snapdo) -> Dårlig: (http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DK&userid=f90384c8-3f03-4c43-9e13-49449037c063&searchtype=ds&q={searchTerms}&installDate=01/07/2013) God: (http://www.google.com) -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (PUP.Optional.Snapdo) -> Dårlig: (http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DK&userid=f90384c8-3f03-4c43-9e13-49449037c063&searchtype=ds&q={searchTerms}&installDate=01/07/2013) God: (http://www.google.com) -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (PUP.Optional.Snapdo) -> Dårlig: (http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DK&userid=f90384c8-3f03-4c43-9e13-49449037c063&searchtype=ds&q={searchTerms}&installDate=01/07/2013) God: (http://www.google.com) -> Ingen handling valgt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant (PUP.Optional.Snapdo) -> Dårlig: (http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DK&userid=f90384c8-3f03-4c43-9e13-49449037c063&searchtype=ds&q={searchTerms}&installDate=01/07/2013) God: (http://www.google.com) -> Ingen handling valgt.

Inficerede Mapper: 2
C:\ProgramData\BetterSoft\OptimizerPro (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.
C:\ProgramData\BetterSoft\OptimizerPro\3036567561 (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.

Inficerede Filer: 19
C:\Users\Public\STUDIETING\MasterWriter.v2.0.MAC.OSX.UB - DYNAMiCS.exe (PUP.Optional.Installex) -> Ingen handling valgt.
C:\Users\Søren\AppData\Roaming\Allmyapps\install\193406.exe (PUP.Optional.OpenCandy) -> Ingen handling valgt.
C:\Users\Søren\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\stub_data\stubinst_pkg_en-eu.cab (PUP.Optional.OpenCandy) -> Ingen handling valgt.
C:\Windows.old\Program Files\RegClean Pro\RegCleanPro.exe (PUP.Hacktool.Patcher) -> Ingen handling valgt.
C:\Windows.old\Users\Administrator\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\productSetup_Setup_10_8_2011.exe (PUP.Optional.RegCleanerPro) -> Ingen handling valgt.
C:\Windows.old\Users\Søren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U04DP3T0\winzip155.exe (PUP.Optional.OpenCandy) -> Ingen handling valgt.
C:\downloads\winamp5621_full_emusic-7plus_en-us.exe (PUP.Optional.OpenCandy) -> Ingen handling valgt.
D:\Users\Søren\Documents\stl import for inventor setup.exe (PUP.AdBundle) -> Ingen handling valgt.
D:\Users\Søren\Documents\Div. programmer\Babylon9_setup.exe (PUP.Optional.Babylon.A) -> Ingen handling valgt.
D:\Users\Søren\Documents\Div. programmer\cdbxp_setup_4.5.2.4214.exe (PUP.Optional.OpenCandy) -> Ingen handling valgt.
D:\Users\Søren\Documents\Div. programmer\installer_paint_shop_pro.exe (PUP.BundleInstaller.DT) -> Ingen handling valgt.
D:\Users\Søren\Documents\Div. programmer\XILOG\xilog_plus_downloader_dk_99370.exe (PUP.Optional.YourFileDownloader) -> Ingen handling valgt.
D:\Users\Søren\Documents\Hentede filer\DTLite4413-0173.exe (PUP.Optional.OpenCandy) -> Ingen handling valgt.
D:\Users\Søren\Documents\Torrents\Band_In_A_Box_-_2005.exe (PUP.BundleInstaller.DW) -> Ingen handling valgt.
C:\Windows\Tasks\schedule!3036567561.job (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.
C:\ProgramData\BetterSoft\OptimizerPro\3036567561.dll (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.
C:\ProgramData\BetterSoft\OptimizerPro\3036567561.ini (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.
C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe (PUP.Optional.OptimizerPro.A) -> Ingen handling valgt.
C:\Users\Søren\XLN.Audio.Addictive.Drums.DVDR.HYBRID-AiRISO\air-xlnaadkgn.rar (Malware.Packer.Gen) -> Sat i karantæne og slettet succesfuldt.

(færdig)
Avatar billede 220661 Ekspert
21. august 2013 - 08:17 #10
"ingen handling valgt"??
Har du glemt at trykke at den skulle fjerne det valgte?
Har du er det desværre en ommer med scanning.
Kan kun se den sidste linje er sat i karantæne og slettet, så det forstår jeg ikke helt??
Avatar billede klangens Nybegynder
21. august 2013 - 09:36 #11
Hmm så må jeg køre den igen!
Avatar billede klangens Nybegynder
21. august 2013 - 14:18 #12
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.20.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16521
Søren :: STUEN [administrator]

21-08-2013 09:37:24
mbam-log-2013-08-21 (09-37-24).txt

Skanningstype: Fuldstændig skanning (C:\|D:\|)
Skanningsmuligheder valgt: Hukommelse | Opstart | Registreringsdatabasen | Filsystem | Heuristics/Ekstra | Heuristics/Shuriken | PUP | PUM
Skanningsmuligheder som er deaktiverede: P2P
Objekter skannet: 1018747
Tid gået: 4 time(e), 10 minut(ter), 18 sekund(er)

Hukommelses Processorer Inficeret: 1
C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe (PUP.Optional.OptimizerPro.A) -> 4060 -> Bliver slettet ved genstart.

Hukommelses Moduler Inficeret: 0
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret: 7
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Sat i karantæne og slettet succesfuldt.
HKCR\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899} (PUP.Optional.WebCake.A) -> Sat i karantæne og slettet succesfuldt.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr) -> Sat i karantæne og slettet succesfuldt.
HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> Sat i karantæne og slettet succesfuldt.
HKCR\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E} (PUP.Optional.OptimizerPro.A) -> Sat i karantæne og slettet succesfuldt.
HKCR\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00} (PUP.Optional.OptimizerPro.A) -> Sat i karantæne og slettet succesfuldt.
HKCR\Interface\{19DF2320-6A8A-4942-AC4C-C449949DFC27} (PUP.Optional.OptimizerPro.A) -> Sat i karantæne og slettet succesfuldt.

Registreringsdatabaseværdier Inficeret: 0
(Ingen skadelige objekter blev fundet)

Registreringsdatabasedata Objekter Inficeret: 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (PUP.Optional.Snapdo) -> Dårlig: (http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DK&userid=f90384c8-3f03-4c43-9e13-49449037c063&searchtype=ds&q={searchTerms}&installDate=01/07/2013) God: (http://www.google.com) -> Sat i karantæne og erstattet succesfuldt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (PUP.Optional.Snapdo) -> Dårlig: (http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DK&userid=f90384c8-3f03-4c43-9e13-49449037c063&searchtype=ds&q={searchTerms}&installDate=01/07/2013) God: (http://www.google.com) -> Sat i karantæne og erstattet succesfuldt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (PUP.Optional.Snapdo) -> Dårlig: (http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DK&userid=f90384c8-3f03-4c43-9e13-49449037c063&searchtype=ds&q={searchTerms}&installDate=01/07/2013) God: (http://www.google.com) -> Sat i karantæne og erstattet succesfuldt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant (PUP.Optional.Snapdo) -> Dårlig: (http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DK&userid=f90384c8-3f03-4c43-9e13-49449037c063&searchtype=ds&q={searchTerms}&installDate=01/07/2013) God: (http://www.google.com) -> Sat i karantæne og erstattet succesfuldt.

Inficerede Mapper: 2
C:\ProgramData\BetterSoft\OptimizerPro (PUP.Optional.OptimizerPro.A) -> Bliver slettet ved genstart.
C:\ProgramData\BetterSoft\OptimizerPro\3036567561 (PUP.Optional.OptimizerPro.A) -> Sat i karantæne og slettet succesfuldt.

Inficerede Filer: 18
C:\Users\Public\STUDIETING\MasterWriter.v2.0.MAC.OSX.UB - DYNAMiCS.exe (PUP.Optional.Installex) -> Sat i karantæne og slettet succesfuldt.
C:\Users\Søren\AppData\Roaming\Allmyapps\install\193406.exe (PUP.Optional.OpenCandy) -> Sat i karantæne og slettet succesfuldt.
C:\Users\Søren\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\stub_data\stubinst_pkg_en-eu.cab (PUP.Optional.OpenCandy) -> Sat i karantæne og slettet succesfuldt.
C:\Windows.old\Program Files\RegClean Pro\RegCleanPro.exe (PUP.Hacktool.Patcher) -> Sat i karantæne og slettet succesfuldt.
C:\Windows.old\Users\Administrator\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\productSetup_Setup_10_8_2011.exe (PUP.Optional.RegCleanerPro) -> Sat i karantæne og slettet succesfuldt.
C:\Windows.old\Users\Søren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U04DP3T0\winzip155.exe (PUP.Optional.OpenCandy) -> Sat i karantæne og slettet succesfuldt.
C:\downloads\winamp5621_full_emusic-7plus_en-us.exe (PUP.Optional.OpenCandy) -> Sat i karantæne og slettet succesfuldt.
D:\Users\Søren\Documents\stl import for inventor setup.exe (PUP.AdBundle) -> Sat i karantæne og slettet succesfuldt.
D:\Users\Søren\Documents\Div. programmer\Babylon9_setup.exe (PUP.Optional.Babylon.A) -> Sat i karantæne og slettet succesfuldt.
D:\Users\Søren\Documents\Div. programmer\cdbxp_setup_4.5.2.4214.exe (PUP.Optional.OpenCandy) -> Sat i karantæne og slettet succesfuldt.
D:\Users\Søren\Documents\Div. programmer\installer_paint_shop_pro.exe (PUP.BundleInstaller.DT) -> Sat i karantæne og slettet succesfuldt.
D:\Users\Søren\Documents\Div. programmer\XILOG\xilog_plus_downloader_dk_99370.exe (PUP.Optional.YourFileDownloader) -> Sat i karantæne og slettet succesfuldt.
D:\Users\Søren\Documents\Hentede filer\DTLite4413-0173.exe (PUP.Optional.OpenCandy) -> Sat i karantæne og slettet succesfuldt.
D:\Users\Søren\Documents\Torrents\Band_In_A_Box_-_2005.exe (PUP.BundleInstaller.DW) -> Sat i karantæne og slettet succesfuldt.
C:\Windows\Tasks\schedule!3036567561.job (PUP.Optional.OptimizerPro.A) -> Sat i karantæne og slettet succesfuldt.
C:\ProgramData\BetterSoft\OptimizerPro\3036567561.dll (PUP.Optional.OptimizerPro.A) -> Sat i karantæne og slettet succesfuldt.
C:\ProgramData\BetterSoft\OptimizerPro\3036567561.ini (PUP.Optional.OptimizerPro.A) -> Sat i karantæne og slettet succesfuldt.
C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe (PUP.Optional.OptimizerPro.A) -> Bliver slettet ved genstart.

(færdig)
Avatar billede 220661 Ekspert
21. august 2013 - 17:18 #13
Det var meget bedre :-)
Kommer du men en log fra AdwCleaner også?
Avatar billede klangens Nybegynder
22. august 2013 - 06:16 #14
# AdwCleaner v2.303 - Logfil lavet d. 22/08/2013 kl. 06:15:20
# Opdateret d. 08/06/2013 af Xplode
# Operativ system : Windows 7 Professional Service Pack 1 (32 bits)
# Bruger : Søren - STUEN
# Boot Mode : Normal
# Kører fra : C:\Users\Søren\Desktop\adwcleaner.exe
# Indstilling [Søg]


***** [Servicer] *****


***** [Filer / Mapper] *****

Mapper Fundet : C:\Program Files\SendSpace
Mapper Fundet : C:\ProgramData\Babylon
Mapper Fundet : C:\ProgramData\BetterSoft
Mapper Fundet : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Mapper Fundet : C:\Users\Søren\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon
Mapper Fundet : C:\Users\Søren\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Mapper Fundet : C:\Users\Søren\AppData\Local\SwvUpdater
Mapper Fundet : C:\Users\Søren\AppData\LocalLow\Delta
Mapper Fundet : C:\Users\Søren\AppData\Roaming\Media Finder
Mapper Fundet : C:\Users\Søren\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Mapper Fundet : C:\Users\Søren\AppData\Roaming\OpenCandy

***** [Registeret] *****

Nøgle Fundet : HKCU\Software\BabSolution
Nøgle Fundet : HKCU\Software\MediaFinder
Nøgle Fundet : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Nøgle Fundet : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Nøgle Fundet : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Nøgle Fundet : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Nøgle Fundet : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}
Nøgle Fundet : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Nøgle Fundet : HKLM\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Nøgle Fundet : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook
Nøgle Fundet : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook.1
Nøgle Fundet : HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Nøgle Fundet : HKLM\SOFTWARE\Classes\MF
Nøgle Fundet : HKLM\SOFTWARE\Classes\Prod.cap
Nøgle Fundet : HKLM\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}
Nøgle Fundet : HKLM\Software\DataMngr
Nøgle Fundet : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Nøgle Fundet : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Nøgle Fundet : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Nøgle Fundet : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Nøgle Fundet : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Funmoods
Nøgle Fundet : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Nøgle Fundet : HKLM\Software\Tarma Installer
Nøgle Fundet : HKU\S-1-5-21-671085781-624844027-2547134193-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Registeret er rent.

-\\ Google Chrome v29.0.1547.57

Filer : C:\Users\Søren\AppData\Local\Google\Chrome\User Data\Default\Preferences

Fundet [l.2197] : homepage = "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=F268F46D04E141BE&affID=119498&tsp=4950",
Fundet [l.2613] : urls_to_restore_on_startup = [ "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=F268F46D04E141BE&affID=119498&tsp=4950" ]

*************************

AdwCleaner[R1].txt - [29642 octets] - [01/07/2013 18:57:46]
AdwCleaner[R2].txt - [3685 octets] - [22/08/2013 06:15:20]
AdwCleaner[S1].txt - [28177 octets] - [01/07/2013 18:58:07]

########## EOF - C:\AdwCleaner[R2].txt - [3806 octets] ##########
Avatar billede klangens Nybegynder
22. august 2013 - 06:28 #15
Denne er vist bedre!

# AdwCleaner v3.000 - Report created22/08/2013at06:24:45
# Updated 13/08/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Søren - STUEN
# Running from : C:\Users\Søren\Downloads\adwcleaner.exe

***** [ Services ] *****

[#] Service Deleted : BackupStack
Service Deleted : DefaultTabSearch
Service Deleted : DefaultTabUpdate

***** [ Files / Folders ] *****

Folder Deleted : C:\Conduit
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BetterSoft
Folder Deleted : C:\ProgramData\DealPlyLive
Folder Deleted : C:\ProgramData\Bcool
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\Program Files\DealPly
Folder Deleted : C:\Program Files\DealPlyLive
Folder Deleted : C:\Program Files\DefaultTab
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\SendSpace
Folder Deleted : C:\Users\Søren\AppData\Local\DealPlyLive
Folder Deleted : C:\Users\Søren\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Søren\AppData\LocalLow\delta
Folder Deleted : C:\Users\Søren\AppData\LocalLow\Bcool
Folder Deleted : C:\Users\Søren\AppData\Roaming\DealPly
Folder Deleted : C:\Users\Søren\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Søren\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\Søren\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\Søren\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Søren\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Søren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Deleted : C:\Users\Søren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
Folder Deleted : C:\Users\Søren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
File Deleted : C:\Users\Søren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Deleted : C:\Users\Søren\Desktop\MyPC Backup.lnk
File Deleted : C:\Windows\Tasks\Dealply.job
File Deleted : C:\Windows\System32\Tasks\Dealply
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D44765D1-3F26-405F-A375-85B8D8B8BF7B}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D44765D1-3F26-405F-A375-85B8D8B8BF7B}

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Funmoods
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_b0285714
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_multitrackstudio_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_multitrackstudio_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_regcleaner_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_regcleaner_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_super_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_super_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_thoosje-windows-7-sidebar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_thoosje-windows-7-sidebar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4b0f-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4b0f-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}
Key Deleted : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook
Key Deleted : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66}
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\DealPly
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\DealPly
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16521

Setting Deleted : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://www.google.com
Setting Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] - hxxp://www.google.com
Setting Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://www.google.com

-\\ Mozilla Firefox v

File Deleted : C:\Users\Søren\AppData\Roaming\Mozilla\Firefox\Profiles\z51lpmra.default\searchplugins\WebSearch.xml
File Deleted : C:\Users\Søren\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
File Deleted : C:\Users\Søren\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
File Deleted : C:\Users\Søren\AppData\Roaming\Mozilla\Firefox\Profiles\z51lpmra.default\user.js
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9

[ File : C:\Users\Søren\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]

[OK] No bad entry found.
Can't open file !
Can't open file !

[ File : C:\Users\Søren\AppData\Roaming\Mozilla\Firefox\Profiles\z51lpmra.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.good-results.info/?pid=722&r=2013/02/15&hid=[...]
Line Deleted : user_pref("browser.search.order.1", "WebSearch");
Line Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.good-results.info/?pid=722&r=2013/02/15&hid[...]
Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
Line Deleted : user_pref("keyword.URL", "hxxp://websearch.good-results.info/?pid=722&r=2013/02/15&hid=3342399194&lg[...]

-\\ Google Chrome v29.0.1547.57

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn
Folder Deleted : C:\Users\Søren\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon
Folder Deleted : C:\Users\Søren\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Folder Deleted : C:\Users\Søren\AppData\Local\Google\Chrome\User Data\Default\Extensions\hphibigbodkkohoglgfkddblldpfohjl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hphibigbodkkohoglgfkddblldpfohjl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Folder Deleted : C:\Users\Søren\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf
Folder Deleted : C:\Users\Søren\AppData\Local\Google\Chrome\User Data\Default\Extensions\oloemjnjhhmglodmbibalpbnmmegmdag
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\oloemjnjhhmglodmbibalpbnmmegmdag

[ File : C:\Users\Søren\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Restored : homepage
Restored : urls_to_restore_on_startup

*************************

AdwCleaner[0].txt - [13394 octets] - [22/08/2013 06:24:45]

########## EOF - C:\AdwCleaner\AdwCleaner[0].txt - [13454 octets] ##########
Avatar billede 220661 Ekspert
22. august 2013 - 09:32 #16
Ja den sidste fik fjernet en masse skrammel.
Hvordan kører pc efter denne oprydning?
Avatar billede 220661 Ekspert
22. august 2013 - 09:35 #17
Prøv lige at lægge en hijackthis fil ind.
Avatar billede klangens Nybegynder
22. august 2013 - 10:16 #18
Den er ikke helt på toppen, der er stadig en meddelelse om en eller anden enhedsdriver der ikke er installeret, og jeg kan ikke finde noget. Der er også et eller andet der gør at den skal gennemtvinge lukning, og jeg kan ikke nå at se hvad!
Avatar billede 220661 Ekspert
22. august 2013 - 10:22 #19
Hvilken driver?
Prøv evt Slimdrivers, og se om den kan rette dit driverproblem:
http://www.driverupdate.net/  (den gule til venstre som er gratis)

+ fin guide fra Poko1:  http://gratisupload.dk/vis/676841/
Avatar billede 220661 Ekspert
01. september 2013 - 01:42 #20
Er du kommet videre?
Avatar billede klangens Nybegynder
03. september 2013 - 10:37 #21
Næh den opfører sig stadig træls, men her er en frisk hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:36:10, on 03-09-2013
Platform: Unknown Windows (WinNT 6.01.3504 SP1)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Users\Søren\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
D:\Users\Søren\Documents\Hentede filer\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/ig
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: BHO_PROJECT - {0931BD3F-547E-45C1-B133-D0E995645DBA} - (no file)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Søren\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe -s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - Startup: Dropbox.lnk = ?
O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: Føj linkdestinationen til en eksisterende PDF-fil - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Føj til en eksisterende PDF-fil - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Konverter linkdestinationen til en Adobe PDF-fil - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Konverter til Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Sammenkædede OneNote-noter - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Sammenkædede OneNote-noter - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Søren\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Vis eller skjul HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {19D6A3D5-EA50-4C3B-88F0-79627C325570} (IlosoftMultipleImageCtrl Class) - https://www.one.com/static/controls/IlosoftMultipleImageUpload.dll
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/DK/Core/Player/2020PlayerAX_IKEA_Win32.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - Unknown owner - C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe (file missing)
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Bonjour tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DealPly Live Tjeneste (dealplylive) (dealplylive) - Unknown owner - C:\Program Files\DealPlyLive\Update\DealPlyLive.exe (file missing)
O23 - Service: DealPly Live Tjeneste (dealplylivem) (dealplylivem) - Unknown owner - C:\Program Files\DealPlyLive\Update\DealPlyLive.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Tjeneste (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe
O23 - Service: Virtual CDAudio Service - RapidSolution Software AG - C:\Program Files\RapidSolution\Tunebite 7\VCDWriter\32\VCDAudioService.exe

--
End of file - 13030 bytes
Avatar billede 220661 Ekspert
03. september 2013 - 15:57 #22
Du har stadig den der 015 med link i loggen jeg ikke bryder mig om.
Log viseren fortæller også det samme.
Avatar billede klangens Nybegynder
03. september 2013 - 16:09 #23
skal jeg bare fjerne den linie i Hijack?
Avatar billede 220661 Ekspert
03. september 2013 - 16:53 #24
Ja det vil jeg mene du skal.
Avatar billede klangens Nybegynder
03. september 2013 - 17:04 #25
Ny log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:04:06, on 03-09-2013
Platform: Unknown Windows (WinNT 6.01.3504 SP1)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Users\Søren\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Windows\system32\SearchProtocolHost.exe
D:\Users\Søren\Documents\Hentede filer\HiJackThis.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/ig
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: BHO_PROJECT - {0931BD3F-547E-45C1-B133-D0E995645DBA} - (no file)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Søren\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe -s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - Startup: Dropbox.lnk = ?
O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: Føj linkdestinationen til en eksisterende PDF-fil - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Føj til en eksisterende PDF-fil - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Konverter linkdestinationen til en Adobe PDF-fil - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Konverter til Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Sammenkædede OneNote-noter - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Sammenkædede OneNote-noter - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Søren\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Vis eller skjul HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {19D6A3D5-EA50-4C3B-88F0-79627C325570} (IlosoftMultipleImageCtrl Class) - https://www.one.com/static/controls/IlosoftMultipleImageUpload.dll
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/DK/Core/Player/2020PlayerAX_IKEA_Win32.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - Unknown owner - C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe (file missing)
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Bonjour tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DealPly Live Tjeneste (dealplylive) (dealplylive) - Unknown owner - C:\Program Files\DealPlyLive\Update\DealPlyLive.exe (file missing)
O23 - Service: DealPly Live Tjeneste (dealplylivem) (dealplylivem) - Unknown owner - C:\Program Files\DealPlyLive\Update\DealPlyLive.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Tjeneste (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe
O23 - Service: Virtual CDAudio Service - RapidSolution Software AG - C:\Program Files\RapidSolution\Tunebite 7\VCDWriter\32\VCDAudioService.exe

--
End of file - 13326 bytes
Avatar billede 220661 Ekspert
03. september 2013 - 17:08 #26
Nogen ændring da du fjernede denne?
Har du stadig problemer med en enhedsdriver?
Avatar billede klangens Nybegynder
03. september 2013 - 17:19 #27
Ja, men er ved at indkredse, har fundet ud af at det er i forbindelse med programmet tunebite!
Avatar billede 220661 Ekspert
03. september 2013 - 17:22 #28
Hvad er problemet med Tunebite?
Jeg har det selv her på min Xp maskine.
Er det lyddriveren der brokker sig når du starter Tunebite?
Avatar billede klangens Nybegynder
19. oktober 2013 - 07:15 #29
Jeg lukker her
Avatar billede 220661 Ekspert
19. oktober 2013 - 08:53 #30
Fandt du løsningen på problemet med Tunebite?
Avatar billede 220661 Ekspert
01. februar 2014 - 07:13 #31
Inget svar tilbage??
Avatar billede klangens Nybegynder
01. februar 2014 - 07:52 #32
Sorry - du skal selvfølgelig ha' tak for hjælpen og også dine point. Hvordan gør jeg det nu? Mht. Tunebite er "gået i sig selv" ved ikke hvorfor!
Avatar billede 220661 Ekspert
01. februar 2014 - 10:48 #33
Velbekomme. Ville bare høre hvad løsningen var så andre evt kunne bruge hjælpen.
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Andre styresystemer kategorien

Titel Indlæg Oprettet Seneste aktivitet
klon din gamle disk ned på et virtuelt drev i w 10 Af edbjohn i Andre styresystemer 1 03/09/202417:14 03/09/202417:45
Hvilket styresystem på en gammel Pc ??? Af Jan Post i Andre styresystemer 17 18/05/202411:43 21/05/202414:11
Ps4 - Fortnite fejl Af Larsen123 i Andre styresystemer 2 08/01/202400:08 10/01/202409:22
onnote på chromebook ? Af rapsine i Andre styresystemer 3 06/12/202323:26 07/12/202310:49
2 forskellige styresystemer Af susej14 i Andre styresystemer 3 08/11/202316:14 08/11/202323:41
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I går 20:49 pop up black friday Af Malm i Virus
I går 18:31 Hvor finder jeg en netværksdriver? Af jcr18 i Wifi
I går 16:49 Identificér og hent del af tekststreng Af TheLibrarian i Excel
I går 16:30 Smart vægt til fitness tracking Af Henrik i Fitness & Smartwatches
I går 08:08 touchpad virker ikke Af Malm i PC
White papers
Flere white papers »


Premium
Teaser billede
Vil købe tele-løsninger til det offentlige for 370 millioner kroner
Læs mere »
Efterspørgslen på AI-regnekraft er enorm - og det smitter af på priserne: "Vi kan sælge næsten alt, hvad vi får ind"
Nyt værtøj fra Microsoft: Snart kan du reparere nedbrudte Windows-enheder på distancen
Politiet skriver kontrakt på 75 millioner kroner med dansk it-firma: Medarbejdere skal flytte ind hos politiet
Se alle »
Computerworld
Teaser billede
Microsofts nye pc er ekstrem billig – men kan blive ekstrem sikker og fleksibel
Læs mere »
Test: Prøv kun disse B&O-hovedtelefoner, hvis du har råd
Test: Audi Q6 er en super fed SUV - men gør dig selv en tjeneste og kast flere penge efter den
Kæmpe datalæk på hospital: 750.000 patienters fortrolige data lækket
Se alle »
CIO
Teaser billede
Konsulenthus vil rulle Microsoft 365 Copilot ud til 200.000 ansatte
Læs mere »
Kæmpe-opgave for Danske Bank har banet vej for fuldautomatiseret migrering til cloud: Nu udbredes metoden i hele AWS
Stor sag mod Microsoft kan være på vej: Beskyldes for at låse Azure-kunder fast med ulovlige metoder
Microsofts store årlige event: De tre vigtigste nøglebudskaber fra Satya Nadella om Microsofts fremtid
Se alle »
Job & Karriere
Teaser billede
Microsoft klar med ny direktion for den danske forretning: Her er de nye direktører
Læs mere »
Tre Norlys-topchefer fratræder med omgående virkning: Internet-forretningen er udfordret - vil have mere fart i integrationen af Telia Danmark
Efter skelsættende møde med sportscoach: Stor dansk it-arbejdsplads indfører fredags-fri og isbade i arbejdstiden
Linus Torvalds giver russiske Linux-udviklere sparket: Vil ikke have noget med dem at gøre
Se alle »
White paper
Teaser billede
Sikkerhed uden grænser: Cisco Hypershield
Læs mere »
Governance, Risk & Compliance: Knyt stærke bånd mellem forretning og sikkerhed
Er din cybersikkerhed klar til AI-revolutionen?
Vær proaktiv og prioritér IT-sikkerheden – før det er for sent
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »