virus.

Har du forsøgt at systemgendanne?

hvordan gør jeg det?

Programmer-tilbehør-systemværktøjer-systemgendannelse. (xp)
Så kan du vælge nogle dage tilbage, til før problemerne opstod.

Men du skal regne med en oprydning af din maskine bagefter.

jeg får at vide, at systemgendannelse er slået fra. hmmm

Prøv at aktiver det.Højreklik denne computer-egenskaber-systemgendannelse og førsøg at aktivere.

Herefter forsøger du at systemgendanne igen og ser om du har nogle restorepoints.

Nu ved jeg ikke noget om vuc århus, men er det ikke en IT ansvarlig du skal ha' fat på?

*Enig!*

Avira AntiVir Personal
Report file date: 27. november 2009  17:16

Scanning for 1397996 virus strains and unwanted programs.

Licensee        : Avira AntiVir Personal - FREE Antivirus
Serial number  : 0000149996-ADJIE-0000001
Platform        : Windows Vista
Windows version : (Service Pack 1)  [6.0.6001]
Boot mode      : Save mode with network
Username        : SLA
Computer name  : VUC-VL955R14J

Version information:
BUILD.DAT      : 9.0.0.415    21609 Bytes  08-11-2009 10:00:00
AVSCAN.EXE      : 9.0.3.10    466689 Bytes  20-11-2009 11:54:24
AVSCAN.DLL      : 9.0.3.0      40705 Bytes  27-02-2009 09:58:24
LUKE.DLL        : 9.0.3.2      209665 Bytes  20-02-2009 10:35:49
LUKERES.DLL    : 9.0.2.0      12033 Bytes  27-02-2009 09:58:52
VBASE000.VDF    : 7.10.0.0  19875328 Bytes  06-11-2009 11:54:24
VBASE001.VDF    : 7.10.1.0    1372672 Bytes  19-11-2009 11:54:24
VBASE002.VDF    : 7.10.1.1      2048 Bytes  19-11-2009 11:54:24
VBASE003.VDF    : 7.10.1.2      2048 Bytes  19-11-2009 11:54:24
VBASE004.VDF    : 7.10.1.3      2048 Bytes  19-11-2009 11:54:24
VBASE005.VDF    : 7.10.1.4      2048 Bytes  19-11-2009 11:54:24
VBASE006.VDF    : 7.10.1.5      2048 Bytes  19-11-2009 11:54:24
VBASE007.VDF    : 7.10.1.6      2048 Bytes  19-11-2009 11:54:24
VBASE008.VDF    : 7.10.1.7      2048 Bytes  19-11-2009 11:54:24
VBASE009.VDF    : 7.10.1.8      2048 Bytes  19-11-2009 11:54:24
VBASE010.VDF    : 7.10.1.9      2048 Bytes  19-11-2009 11:54:24
VBASE011.VDF    : 7.10.1.10      2048 Bytes  19-11-2009 11:54:24
VBASE012.VDF    : 7.10.1.11      2048 Bytes  19-11-2009 11:54:24
VBASE013.VDF    : 7.10.1.79    209920 Bytes  25-11-2009 20:19:25
VBASE014.VDF    : 7.10.1.80      2048 Bytes  25-11-2009 20:19:25
VBASE015.VDF    : 7.10.1.81      2048 Bytes  25-11-2009 20:19:25
VBASE016.VDF    : 7.10.1.82      2048 Bytes  25-11-2009 20:19:25
VBASE017.VDF    : 7.10.1.83      2048 Bytes  25-11-2009 20:19:25
VBASE018.VDF    : 7.10.1.84      2048 Bytes  25-11-2009 20:19:25
VBASE019.VDF    : 7.10.1.85      2048 Bytes  25-11-2009 20:19:25
VBASE020.VDF    : 7.10.1.86      2048 Bytes  25-11-2009 20:19:25
VBASE021.VDF    : 7.10.1.87      2048 Bytes  25-11-2009 20:19:25
VBASE022.VDF    : 7.10.1.88      2048 Bytes  25-11-2009 20:19:25
VBASE023.VDF    : 7.10.1.89      2048 Bytes  25-11-2009 20:19:25
VBASE024.VDF    : 7.10.1.90      2048 Bytes  25-11-2009 20:19:26
VBASE025.VDF    : 7.10.1.91      2048 Bytes  25-11-2009 20:19:26
VBASE026.VDF    : 7.10.1.92      2048 Bytes  25-11-2009 20:19:26
VBASE027.VDF    : 7.10.1.93      2048 Bytes  25-11-2009 20:19:26
VBASE028.VDF    : 7.10.1.94      2048 Bytes  25-11-2009 20:19:26
VBASE029.VDF    : 7.10.1.95      2048 Bytes  25-11-2009 20:19:26
VBASE030.VDF    : 7.10.1.96      2048 Bytes  25-11-2009 20:19:26
VBASE031.VDF    : 7.10.1.111    72192 Bytes  26-11-2009 20:19:27
Engineversion  : 8.2.1.78
AEVDF.DLL      : 8.1.1.2      106867 Bytes  15-09-2009 20:24:32
AESCRIPT.DLL    : 8.1.2.45    586108 Bytes  17-11-2009 20:36:02
AESCN.DLL      : 8.1.2.5      127346 Bytes  04-09-2009 22:05:07
AESBX.DLL      : 8.1.1.1      246132 Bytes  20-11-2009 11:54:24
AERDL.DLL      : 8.1.3.2      479604 Bytes  03-10-2009 09:06:24
AEPACK.DLL      : 8.2.0.3      422261 Bytes  08-11-2009 19:17:33
AEOFFICE.DLL    : 8.1.0.38    196987 Bytes  18-06-2009 11:26:59
AEHEUR.DLL      : 8.1.0.180  2093432 Bytes  08-11-2009 19:17:24
AEHELP.DLL      : 8.1.7.5      237942 Bytes  25-11-2009 20:19:26
AEGEN.DLL      : 8.1.1.78    364917 Bytes  25-11-2009 20:19:26
AEEMU.DLL      : 8.1.1.0      393587 Bytes  03-10-2009 09:04:58
AECORE.DLL      : 8.1.8.2      184694 Bytes  08-11-2009 19:16:15
AEBB.DLL        : 8.1.0.3      53618 Bytes  09-10-2008 13:32:40
AVWINLL.DLL    : 9.0.0.3      18177 Bytes  12-12-2008 07:47:59
AVPREF.DLL      : 9.0.3.0      44289 Bytes  09-09-2009 12:43:42
AVREP.DLL      : 8.0.0.3      155905 Bytes  20-01-2009 13:34:28
AVREG.DLL      : 9.0.0.0      36609 Bytes  05-12-2008 09:32:09
AVARKT.DLL      : 9.0.0.3      292609 Bytes  24-03-2009 14:05:41
AVEVTLOG.DLL    : 9.0.0.7      167169 Bytes  30-01-2009 09:37:08
SQLITE3.DLL    : 3.6.1.0      326401 Bytes  28-01-2009 14:03:49
SMTPLIB.DLL    : 9.2.0.25      28417 Bytes  02-02-2009 07:21:33
NETNT.DLL      : 9.0.0.0      11521 Bytes  05-12-2008 09:32:10
RCIMAGE.DLL    : 9.0.0.25    2438913 Bytes  09-06-2009 16:03:15
RCTEXT.DLL      : 9.0.73.0      86785 Bytes  20-11-2009 11:54:23

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: 27. november 2009  17:16

Starting search for hidden objects.
The driver could not be initialized.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'notepad.exe' - '1' Module(s) have been scanned
Scan process 'mbam.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'HelpPane.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
27 processes with 27 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
    [INFO]      No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
    [INFO]      No virus was found!
Boot sector 'D:\'
    [INFO]      No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '54' files ).


Starting the file scan:

Begin scan in 'C:\' <VUC-systemdisk>
C:\pagefile.sys
    [WARNING]  The file could not be opened!
    [NOTE]      This file is a Windows system file.
    [NOTE]      This file cannot be opened for scanning.
C:\Windows\System32\drivers\mxiba.sys
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
Begin scan in 'D:\' <Data>

Beginning disinfection:
C:\Windows\System32\drivers\mxiba.sys
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was moved to '4b792e86.qua'!


End of the scan: 27. november 2009  20:52
Used time:  1:08:35 Hour(s)

The scan has been done completely.

  27749 Scanned directories
789786 Files were scanned
      1 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 files were deleted
      0 Viruses and unwanted programs were repaired
      1 Files were moved to quarantine
      0 Files were renamed
      1 Files cannot be scanned
789784 Files not concerned
  14895 Archives were scanned
      1 Warnings
      2 Notes

#8 + #9 ???

Kære alle.
Jo, jeg tager fat i en it-ansvarlig på mandag. Men.... Måske var der nogle kærlige folk herinde, der kunne hjælpe mig her i weekenden?

Nogle der kender: TR/Crypt.ZPACK.Gen Trojan

kafka23

Ok-prøv hvor meget du kan af dette:

Hent "Malwarebytes' Anti-Malware" her: http://www.malwarebytes.org/mbam.php
Installer og start programmet, opdater, lav "Hurtig skan" under fanebladet "skanner".
Bagefter klik på "vis resultater", tryk på "Fjern det valgte" og send loggen herind sammen med en log fra DDS som du finder her: http://download.bleepingcomputer.com/sUBs/dds.scr

eller her: http://www.forospyware.com/sUBs/dds

Den laver to logs,(DDS.txt og Attach.txt) gem dem på skrivebordet og kopier indholdet af DDS.txt  herind.

OBS - DDS skal gemmes på computeren og ikke køres fra nettet

hejsa
Jeg kan nu starte masinen i normal tilstand.
Så det går da fremad
Jeg har i går kørt malwarwbytes.
Jeg kører den igen og lægger loggen herind. Derefter sender jeg en log fra dds. Jeg kører dem seperat, som jeg kan se, jeg skal.

Malwarebytes' Anti-Malware 1.41
Database version: 3250
Windows 6.0.6001 Service Pack 1

28-11-2009 14:23:16
mbam-log-2009-11-28 (14-23-16).txt

Skan type: Hurtig skanning
Objekter skannet: 133912
Tid tilbagelagt: 4 minute(s), 47 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)

DDS (Ver_09-11-24.02) - NTFSx86 
Run by SLA at 14:56:16,59 on 28-11-2009
Internet Explorer: 8.0.6001.18828 BrowserJavaVersion: 1.6.0_06
Microsoft® Windows Vista™ Business  6.0.6001.1.1252.45.1030.18.2046.843 [GMT 1:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\o2flash.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\FirstClass\fcc32.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\sla\Desktop\dds.scr
C:\Windows\system32\conime.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.vucaarhus.dk/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - c:\program files\windows live\family safety\fssbho.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_06\bin\ssv.dll
BHO: NXIECatcher Class: {83b80a9c-d91a-4f22-8dcf-ea7204039f79} - c:\program files\xi\netxfer\NXIEHelper.dll
BHO: Hjælp til tilmelding til Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {c08df07a-3e49-4e25-9ab0-d3882835f153} - QUICKfind BHO Object
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\progra~1\freedo~1\iefdm2.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: NetXfer: {c16cbaac-a75c-4db5-a0dd-cdf5cafcdd3a} - c:\program files\xi\netxfer\NXToolBar.dll
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
uRun: [ABBYY Screenshot Reader Bonus]
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
mRun: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe"  -osboot
mRun: [fssui] "c:\program files\windows live\family safety\fsui.exe" -autorun
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
uPolicies-explorer: DontSetAutoplayCheckbox = 1 (0x1)
uPolicies-explorer: NoAutorun = 1 (0x1)
uPolicies-explorer: ForceStartMenuLogOff = 1 (0x1)
uPolicies-explorer: NoSMBalloonTip = 1 (0x1)
uPolicies-explorer: TaskbarNoNotification = 1 (0x1)
uPolicies-explorer: DisablePersonalDirChange = 1 (0x1)
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
uPolicies-explorer: NoWelcomeScreen = 1 (0x1)
uPolicies-explorer: NoAutoUpdate = 0 (0x0)
uPolicies-explorer: NoTaskGrouping = 1 (0x1)
uPolicies-system: DisableLockWorkstation = 1 (0x1)
uPolicies-system: DisableChangePassword = 1 (0x1)
mPolicies-explorer: DontSetAutoplayCheckbox = 1 (0x1)
mPolicies-explorer: NoAutorun = 1 (0x1)
mPolicies-explorer: NoWelcomeScreen = 1 (0x1)
mPolicies-explorer: UseDefaultTile = 1 (0x1)
mPolicies-explorer: NoDisconnect = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: disablecad = 1 (0x1)
mPolicies-system: HideFastUserSwitching = 1 (0x1)
mPolicies-system: DisableStartupSound = 1 (0x1)
mPolicies-system: DefaultLogonDomain = vucaarhus
mPolicies-system: DisableStatusMessages = 1 (0x1)
mPolicies-system: ShutdownSessionTimeout = 5 (0x5)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm
IE: Download alle med NetXfer - c:\program files\xi\netxfer\NXAddList.html
IE: Download med NetXfer - c:\program files\xi\netxfer\NXAddLink.html
IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm
IE: E&ksporter til Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - c:\programs\partygaming\partycasino\RunApp.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_06\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {38E51477-DDB4-4aed-9D61-D0C193E10749} - {38E51477-DDB4-4aed-9D61-D0C193E10749}    {38E51477-DDB4-4aed-9D61-D0C193E10749} - {38e51477-ddb4-4aed-9d61-d0c193e10749}\inprocserver32 does not exist!
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: emu.dk
Trusted Zone: microsoft.com
Trusted Zone: supportcenter.dk
Trusted Zone: vucaarhus.dk
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {07E8D22D-C723-485C-BE6F-003241549305} - hxxp://extcom.esoft.dk/extern/3d/eplan.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} - hxxp://webmail.djh.dk/dwa8W.cab
DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} - hxxp://support.f-secure.com/ols/fscax.cab
DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} - hxxp://photoservice.fujicolor.eu/ips-opdata/layout/fuji01/activex/IPSUploader4.cab
DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://danid.dk/csp/authenticode/digitalsignatur-csp.exe
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\sla\appdata\roaming\mozilla\firefox\profiles\rz5xicbp.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.vucaarhus.dk/
FF - component: c:\program files\free download manager\firefox\extension\components\vmsfdmff.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\picasa2\npPicasa3.dll
FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");

============= SERVICES / DRIVERS ===============

R1 dwvkbd;DameWare Virtual Keyboard 32 bit Driver;c:\windows\system32\drivers\dwvkbd.sys [2007-2-15 26624]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;c:\program files\abbyy finereader 9.0\NetworkLicenseServer.exe [2007-9-24 566560]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-6-5 108289]
R2 BthFilterHelper;Bluetooth Feature Support;c:\program files\csr\vista profile pack\BthFilterHelper.exe [2006-11-7 127488]
R2 niarbk;niarbk;c:\windows\system32\drivers\niarbk.dll [2002-7-9 37376]
R2 nibffrk;nibffrk;c:\windows\system32\drivers\nibffrk.dll [2002-7-9 21504]
R2 Nidaq32k;Nidaq32k;c:\windows\system32\drivers\nidaq32k.sys [2002-7-9 670720]
R2 nidmmk;NI DMM and Data Logger Kernel Driver;c:\windows\system32\drivers\nidmmk.dll [2002-7-9 50688]
R2 nimdsk;nimdsk;c:\windows\system32\drivers\nimdsk.dll [2002-7-9 31232]
R2 nistck;nistck;c:\windows\system32\drivers\niSTCk.dll [2002-7-9 111616]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
R3 BthAvrcp;Bluetooth AVRCP-profil;c:\windows\system32\drivers\BthAvrcp.sys [2008-5-28 12800]
R3 BTHFILT;Bluetooth-kommandofilter;c:\windows\system32\drivers\BthFilt.sys [2008-5-28 13824]
R3 DwMirror;DwMirror;c:\windows\system32\drivers\DamewareMini.sys [2007-2-7 3712]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-6-4 38224]
R3 MovRVDrv32;MovRVDrv32;c:\windows\system32\drivers\MovRVDrv32.sys [2009-2-12 3768]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2006-11-20 38400]
R3 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2006-11-17 31360]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-9-3 133104]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-6-2 179712]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-11-4 54632]
S3 fsssvc;Windows Live-tjenesten Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-2-1 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2008-2-1 8320]
S3 SoundMovieServer;SoundMovieServer;c:\windows\system32\snmvtsvc.exe [2009-2-12 184320]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [2009-8-28 40448]
S4 SMARTMouseFilterx86;HID-compliant mouse;c:\windows\system32\drivers\SMARTMouseFilterx86.sys [2008-4-2 11048]
S4 SMARTVHidMini2000x86;SMART HID Device;c:\windows\system32\drivers\SMARTVHidMini2000x86.sys [2008-4-2 14120]
S4 SMARTVTabletPCx86;SMART Virtual TabletPC;c:\windows\system32\drivers\SMARTVTabletPCx86.sys [2008-4-2 16808]

=============== Created Last 30 ================

2009-11-27 14:24:30    0    d-----w-    c:\program files\Trend Micro
2009-11-17 14:01:11    1638912    ----a-w-    c:\windows\system32\mshtml.tlb
2009-11-17 13:54:42    2421760    ----a-w-    c:\windows\system32\wucltux.dll
2009-11-17 13:54:32    87552    ----a-w-    c:\windows\system32\wudriver.dll
2009-11-17 13:54:29    33792    ----a-w-    c:\windows\system32\wuapp.exe
2009-11-17 13:54:29    171608    ----a-w-    c:\windows\system32\wuwebv.dll
2009-11-11 17:00:44    2048    ----a-w-    c:\windows\system32\tzres.dll
2009-11-11 16:56:57    118    ----a-w-    c:\windows\system32\MRT.INI
2009-11-11 16:54:00    195456    ------w-    c:\windows\system32\MpSigStub.exe
2009-11-11 16:46:35    2066432    ----a-w-    c:\windows\system32\mstscax.dll
2009-11-11 16:44:43    61440    ----a-w-    c:\windows\system32\msasn1.dll
2009-11-11 16:42:46    144896    ----a-w-    c:\windows\system32\drivers\srv2.sys
2009-11-11 16:42:45    351232    ----a-w-    c:\windows\system32\WSDApi.dll
2009-11-11 16:42:03    604672    ----a-w-    c:\windows\system32\WMSPDMOD.DLL
2009-11-11 14:48:34    0    d-----w-    c:\users\sla\appdata\roaming\ABBYY
2009-11-11 14:28:35    0    d-----w-    c:\program files\ABBYY FineReader 9.0
2009-11-10 10:25:55    0    d-----w-    c:\program files\Camfrog
2009-11-08 20:07:50    0    d-----w-    c:\program files\iPod
2009-11-08 20:07:48    0    d-----w-    c:\program files\iTunes
2009-11-04 10:36:59    54632    ----a-w-    c:\windows\system32\drivers\fssfltr.sys
2009-11-01 09:19:58    0    d-----w-    c:\program files\DAEMON Tools Lite

==================== Find3M  ====================

2009-11-28 11:20:58    558554    ----a-w-    c:\windows\system32\perfh006.dat
2009-11-28 11:20:58    109896    ----a-w-    c:\windows\system32\perfc006.dat
2009-11-27 21:17:52    8929    ----a-w-    c:\windows\bthservsdp.dat
2009-11-27 20:30:47    51200    ----a-w-    c:\windows\inf\infpub.dat
2009-11-27 20:30:47    143360    ----a-w-    c:\windows\inf\infstrng.dat
2009-11-01 09:19:59    691696    ----a-w-    c:\windows\system32\drivers\sptd.sys
2009-10-28 17:15:24    86016    ----a-w-    c:\windows\inf\infstor.dat
2009-10-27 08:58:11    4096    ----a-w-    c:\windows\d3dx.dat
2009-10-21 12:53:00    0    ---ha-w-    c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-10-21 12:52:56    0    ---ha-w-    c:\windows\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
2009-10-08 07:26:45    0    ----a-w-    c:\users\sla\temp.dat
2009-09-10 17:30:12    213504    ----a-w-    c:\windows\system32\msv1_0.dll
2009-09-06 20:52:32    6394    ----a-w-    c:\windows\system32\krncode.dat
2009-09-06 20:52:32    20065    ----a-w-    c:\windows\system32\wincode.dat
2009-09-06 20:52:32    1575    ----a-w-    c:\windows\system32\pwrcode.dat
2008-06-17 01:07:35    665600    ----a-w-    c:\windows\inf\drvindex.dat
2008-06-02 16:07:39    174    --sha-w-    c:\program files\desktop.ini
2006-11-21 04:52:20    36364    ----a-w-    c:\windows\inf\perflib\0406\perfd.dat
2006-11-21 04:52:20    36364    ----a-w-    c:\windows\inf\perflib\0406\perfc.dat
2006-11-21 04:52:20    300302    ----a-w-    c:\windows\inf\perflib\0406\perfi.dat
2006-11-21 04:52:20    300302    ----a-w-    c:\windows\inf\perflib\0406\perfh.dat
2006-11-02 09:20:21    287440    ----a-w-    c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21    287440    ----a-w-    c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19    30674    ----a-w-    c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19    30674    ----a-w-    c:\windows\inf\perflib\0000\perfc.dat
2009-06-05 12:17:26    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009060520090606\index.dat

============= FINISH: 14:57:10,17 ===============

Hvad siger I?

Du skal køre en FULD scanning med Malwarebytes Antimalware for at få tjekket disken rigtigt. Husk opdater først. Den sidste log er der ikke noget på, men det er jo kun en hurtig scanning.
DDS loggen har jeg ikke kendskab til, så der håber jeg f-arn melder tilbage.
PS fik du computeren op at køre ved hjælp af systemgendannelse?

Min tavshed skyldes at jeg stadig mener der skal en IT ansvarlig på banen!

En vis grad enig med <f-arn> Ref #9...

Er der nogen grund til at du ikke har fået Vista SP2 (ServicePack2) instaleret ?
Samt de mange efterfølgende opdateringer fra WindowsUpdate ?

Ok så holder jeg også lav profil.

Kære alle.
Jeg har fået kontaktet min arbejdsplads. De siger, at de gerne vil reparere min com, men så vil de lægge et helt nyt spejl ind. De anbefalede Malwarebytes' anti-malware, som er det program, I også anbefaler.
Det ser UD til, at computeren er ren.
Se her

Malwarebytes' Anti-Malware 1.41
Database version: 3284
Windows 6.0.6002 Service Pack 2

03-12-2009 10:10:26
mbam-log-2009-12-03 (10-10-26).txt

Skan type: Fuldstændig skanning (C:\|)
Objekter skannet: 426004
Tid tilbagelagt: 1 hour(s), 31 minute(s), 53 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)

Som I ser, har jeg installeret Windows vista SP2. Min arbejdsplads har sat Windows Update fra, hvilket jeg har gjort dem opmærksom på. Det bliver ændret i den nye spejl-udgave.

Jeg har nu fået det problem, at

1. der ikke er nogen lyd på com

2. alle medie-filer spilles for hurtigt.

Kan I hjælpe med det? Eller skal jeg poste i en anden sektion?

Det må skyldes det spejl der er lagt på.

Du skal være opmærksom på at Malwarebytes' ikke kan stå alene. Der skal antivirus og måske også en bedre firewall på.

Jo, ok.
Jeg prøver lige at køre mit antivir igen. Så vender jeg tilbage med en ny rapport.
Der er ikke lagt det nye spejl ind endnu, så jeg tror ikke det kan have noget med det at gøre.
Vh
Søren

PS: Mht -> Er der nogen grund til at du ikke har fået Vista SP2 (ServicePack2) instaleret ?
Samt de mange efterfølgende opdateringer fra WindowsUpdate ? - forespørg lige hos din IT 'ansvarlig' mht dette ???

Avira AntiVir Personal
Report file date: 3. december 2009  13:29

Scanning for 1413258 virus strains and unwanted programs.

Licensee        : Avira AntiVir Personal - FREE Antivirus
Serial number  : 0000149996-ADJIE-0000001
Platform        : Windows Vista
Windows version : (Service Pack 2)  [6.0.6002]
Boot mode      : Normally booted
Username        : SYSTEM
Computer name  : VUC-VL955R14J

Version information:
BUILD.DAT      : 9.0.0.415    21609 Bytes  08-11-2009 10:00:00
AVSCAN.EXE      : 9.0.3.10    466689 Bytes  20-11-2009 11:54:24
AVSCAN.DLL      : 9.0.3.0      40705 Bytes  27-02-2009 09:58:24
LUKE.DLL        : 9.0.3.2      209665 Bytes  20-02-2009 10:35:49
LUKERES.DLL    : 9.0.2.0      12033 Bytes  27-02-2009 09:58:52
VBASE000.VDF    : 7.10.0.0  19875328 Bytes  06-11-2009 11:54:24
VBASE001.VDF    : 7.10.1.0    1372672 Bytes  19-11-2009 11:54:24
VBASE002.VDF    : 7.10.1.1      2048 Bytes  19-11-2009 11:54:24
VBASE003.VDF    : 7.10.1.2      2048 Bytes  19-11-2009 11:54:24
VBASE004.VDF    : 7.10.1.3      2048 Bytes  19-11-2009 11:54:24
VBASE005.VDF    : 7.10.1.4      2048 Bytes  19-11-2009 11:54:24
VBASE006.VDF    : 7.10.1.5      2048 Bytes  19-11-2009 11:54:24
VBASE007.VDF    : 7.10.1.6      2048 Bytes  19-11-2009 11:54:24
VBASE008.VDF    : 7.10.1.7      2048 Bytes  19-11-2009 11:54:24
VBASE009.VDF    : 7.10.1.8      2048 Bytes  19-11-2009 11:54:24
VBASE010.VDF    : 7.10.1.9      2048 Bytes  19-11-2009 11:54:24
VBASE011.VDF    : 7.10.1.10      2048 Bytes  19-11-2009 11:54:24
VBASE012.VDF    : 7.10.1.11      2048 Bytes  19-11-2009 11:54:24
VBASE013.VDF    : 7.10.1.79    209920 Bytes  25-11-2009 20:19:25
VBASE014.VDF    : 7.10.1.128    197632 Bytes  30-11-2009 21:28:55
VBASE015.VDF    : 7.10.1.129      2048 Bytes  30-11-2009 21:28:55
VBASE016.VDF    : 7.10.1.130      2048 Bytes  30-11-2009 21:28:55
VBASE017.VDF    : 7.10.1.131      2048 Bytes  30-11-2009 21:28:55
VBASE018.VDF    : 7.10.1.132      2048 Bytes  30-11-2009 21:28:55
VBASE019.VDF    : 7.10.1.133      2048 Bytes  30-11-2009 21:28:55
VBASE020.VDF    : 7.10.1.134      2048 Bytes  30-11-2009 21:28:55
VBASE021.VDF    : 7.10.1.135      2048 Bytes  30-11-2009 21:28:55
VBASE022.VDF    : 7.10.1.136      2048 Bytes  30-11-2009 21:28:55
VBASE023.VDF    : 7.10.1.137      2048 Bytes  30-11-2009 21:28:56
VBASE024.VDF    : 7.10.1.138      2048 Bytes  30-11-2009 21:28:56
VBASE025.VDF    : 7.10.1.139      2048 Bytes  30-11-2009 21:28:56
VBASE026.VDF    : 7.10.1.140      2048 Bytes  30-11-2009 21:28:56
VBASE027.VDF    : 7.10.1.141      2048 Bytes  30-11-2009 21:28:56
VBASE028.VDF    : 7.10.1.142      2048 Bytes  30-11-2009 21:28:56
VBASE029.VDF    : 7.10.1.143      2048 Bytes  30-11-2009 21:28:56
VBASE030.VDF    : 7.10.1.144      2048 Bytes  30-11-2009 21:28:56
VBASE031.VDF    : 7.10.1.162    91136 Bytes  03-12-2009 12:28:12
Engineversion  : 8.2.1.92
AEVDF.DLL      : 8.1.1.2      106867 Bytes  15-09-2009 20:24:32
AESCRIPT.DLL    : 8.1.2.45    586108 Bytes  17-11-2009 20:36:02
AESCN.DLL      : 8.1.2.5      127346 Bytes  04-09-2009 22:05:07
AESBX.DLL      : 8.1.1.1      246132 Bytes  20-11-2009 11:54:24
AERDL.DLL      : 8.1.3.4      479605 Bytes  30-11-2009 21:28:56
AEPACK.DLL      : 8.2.0.3      422261 Bytes  08-11-2009 19:17:33
AEOFFICE.DLL    : 8.1.0.38    196987 Bytes  18-06-2009 11:26:59
AEHEUR.DLL      : 8.1.0.184  2146681 Bytes  30-11-2009 21:28:55
AEHELP.DLL      : 8.1.7.5      237942 Bytes  25-11-2009 20:19:26
AEGEN.DLL      : 8.1.1.78    364917 Bytes  25-11-2009 20:19:26
AEEMU.DLL      : 8.1.1.0      393587 Bytes  03-10-2009 09:04:58
AECORE.DLL      : 8.1.8.5      180598 Bytes  01-12-2009 21:28:56
AEBB.DLL        : 8.1.0.3      53618 Bytes  09-10-2008 13:32:40
AVWINLL.DLL    : 9.0.0.3      18177 Bytes  12-12-2008 07:47:59
AVPREF.DLL      : 9.0.3.0      44289 Bytes  09-09-2009 12:43:42
AVREP.DLL      : 8.0.0.3      155905 Bytes  20-01-2009 13:34:28
AVREG.DLL      : 9.0.0.0      36609 Bytes  05-12-2008 09:32:09
AVARKT.DLL      : 9.0.0.3      292609 Bytes  24-03-2009 14:05:41
AVEVTLOG.DLL    : 9.0.0.7      167169 Bytes  30-01-2009 09:37:08
SQLITE3.DLL    : 3.6.1.0      326401 Bytes  28-01-2009 14:03:49
SMTPLIB.DLL    : 9.2.0.25      28417 Bytes  02-02-2009 07:21:33
NETNT.DLL      : 9.0.0.0      11521 Bytes  05-12-2008 09:32:10
RCIMAGE.DLL    : 9.0.0.25    2438913 Bytes  09-06-2009 16:03:15
RCTEXT.DLL      : 9.0.73.0      86785 Bytes  20-11-2009 11:54:23

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: 3. december 2009  13:29

Starting search for hidden objects.
'143752' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'SearchFilterHost.exe' - '1' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'OfficeLiveSignIn.exe' - '1' Module(s) have been scanned
Scan process 'WINWORD.EXE' - '1' Module(s) have been scanned
Scan process 'fcc32.exe' - '1' Module(s) have been scanned
Scan process 'wlcomm.exe' - '1' Module(s) have been scanned
Scan process 'wlmail.exe' - '1' Module(s) have been scanned
Scan process 'conime.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'InputPersonalization.exe' - '1' Module(s) have been scanned
Scan process 'NclMSBTSrv.exe' - '1' Module(s) have been scanned
Scan process 'NclRSSrv.exe' - '1' Module(s) have been scanned
Scan process 'NclUSBSrv.exe' - '1' Module(s) have been scanned
Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned
Scan process 'SynTPHelper.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'SynToshiba.exe' - '1' Module(s) have been scanned
Scan process 'DTLite.exe' - '1' Module(s) have been scanned
Scan process 'PCSuite.exe' - '1' Module(s) have been scanned
Scan process 'YahooMessenger.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'GrooveMonitor.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'WLIDSVCM.EXE' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SeaPort.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'o2flash.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'Iap.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'BthFilterHelper.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'wlanext.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'BCMWLTRY.EXE' - '1' Module(s) have been scanned
Scan process 'WLTRYSVC.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
84 processes with 84 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
    [INFO]      No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
    [INFO]      No virus was found!
Boot sector 'D:\'
    [INFO]      No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '54' files ).


Starting the file scan:

Begin scan in 'C:\' <VUC-systemdisk>
C:\hiberfil.sys
    [WARNING]  The file could not be opened!
    [NOTE]      This file is a Windows system file.
    [NOTE]      This file cannot be opened for scanning.
C:\pagefile.sys
    [WARNING]  The file could not be opened!
    [NOTE]      This file is a Windows system file.
    [NOTE]      This file cannot be opened for scanning.
C:\Users\sla\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\8df5f4f-3b23c753
  [0] Archive type: ZIP
    --> myf/y/PayloadX.class
      [DETECTION] Contains recognition pattern of the JAVA/OpenStream.AD Java virus
C:\Windows\System32\drivers\sptd.sys
    [WARNING]  The file could not be opened!
Begin scan in 'D:\' <Data>

Beginning disinfection:
C:\Users\sla\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\8df5f4f-3b23c753
    [NOTE]      The file was moved to '4b7dc81c.qua'!


End of the scan: 3. december 2009  15:14
Used time:  1:43:14 Hour(s)

The scan has been done completely.

  30561 Scanned directories
886540 Files were scanned
      1 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 files were deleted
      0 Viruses and unwanted programs were repaired
      1 Files were moved to quarantine
      0 Files were renamed
      3 Files cannot be scanned
886536 Files not concerned
  15198 Archives were scanned
      3 Warnings
      3 Notes
143752 Objects were scanned with rootkit scan
      0 Hidden objects were found

Ang.#26.
Ja, jeg har jo så informeret de it-ansvarlige om, at de skal sætte den automatiske update til i deres næste opdatering af spejlet.