Avatar billede Slettet bruger
29. september 2010 - 21:35 Der er 30 kommentarer og
1 løsning

Virus-rester?

Hej folkens på E
I søndags gik min pc helt amok og fik sig en ordentlig omgang virus (uden nogen egentlig grund). Det var af den type der ikke lader dig åbne .exe filer eller noget som helst og ved at søge på nettet fandt jeg mig frem til rkill samt Malwarebytes. Det fungerede helt fint og min pc kom op og køre igen - men der er stadig noget galt :(
Når jeg bruger internetter (uanset firefox eller explorer) så kan den ikke få forbindelse til rigtig mange sider (specielt hvis jeg søger fra Google) og hvis jeg vil logge ind på nogle siden (f.eks. Youtube) får jeg en:

Not Found
The requested URL /accounts/ServiceLogin was not found on this server.
Apache/2.2.3 (CentOS) Server at www.google.com Port 443

fejl som jeg ikke kan finde en løsning til på trods af, at jeg har søgt...

Ofte bliver jeg også redirected hen til diverse reklame-siden og nogle gange også, lad os kalde det lettere erotiske sider. Jeg har kørt Malwarebytes adskillige gange og hver gang finder den et par inficerede filer, så jeg tror at problemet ligger dybere end som så. Jeg har prøvet at installere AVG men det kan ikke få forbindelse til nettet (?)

Anyways, det jeg vil frem til er:
Er der en god sjæl derude som kan hjælpe mig med at fikse problemet? Det er specielt irriterende at mange internetsider ikke svarer!
Jeg har en hijackthis log fil her (den er sikkert meget ringe, jeg opdaterer aldrig samt rydder aldrig op på min pc :( )

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:19:37, on 29-09-2010
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.17037)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\Bruger\AppData\Local\Temp\avstc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\svchost.exe
C:\Windows\Evyxeb.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\system32\svchost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\svchost.exe
C:\Windows\system32\conime.exe
C:\Users\Bruger\AppData\Local\Temp\Esk.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O1 - Hosts: 89.149.249.196 www.google.com
O1 - Hosts: 89.149.249.196 www.google.de
O1 - Hosts: 89.149.249.196 www.google.fr
O1 - Hosts: 89.149.249.196 www.google.co.uk
O1 - Hosts: 89.149.249.196 www.google.com.br
O1 - Hosts: 89.149.249.196 www.google.it
O1 - Hosts: 89.149.249.196 www.google.es
O1 - Hosts: 89.149.249.196 www.google.co.jp
O1 - Hosts: 89.149.249.196 www.google.com.mx
O1 - Hosts: 89.149.249.196 www.google.ca
O1 - Hosts: 89.149.249.196 www.google.com.au
O1 - Hosts: 89.149.249.196 www.google.nl
O1 - Hosts: 89.149.249.196 www.google.co.za
O1 - Hosts: 89.149.249.196 www.google.be
O1 - Hosts: 89.149.249.196 www.google.gr
O1 - Hosts: 89.149.249.196 www.google.at
O1 - Hosts: 89.149.249.196 www.google.se
O1 - Hosts: 89.149.249.196 www.google.ch
O1 - Hosts: 89.149.249.196 www.google.pt
O1 - Hosts: 89.149.249.196 www.google.dk
O1 - Hosts: 89.149.249.196 www.google.fi
O1 - Hosts: 89.149.249.196 www.google.ie
O1 - Hosts: 89.149.249.196 www.google.no
O1 - Hosts: 89.149.249.196 search.yahoo.com
O1 - Hosts: 89.149.249.196 us.search.yahoo.com
O1 - Hosts: 89.149.249.196 uk.search.yahoo.com
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SetPoint] C:\Program Files\Logitech\SetPoint\SetPoint.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Microsoft iexplorer11] C:\Users\Bruger\AppData\Local\Temp\avstc.exe
O4 - HKLM\..\Run: [Mqvaindows\win.exe] C:\Windows\win.exe
O4 - HKLM\..\Run: [Mqsrcndows\login.exe] C:\Windows\login.exe
O4 - HKLM\..\Run: [MqpScndows\avp32.exe] C:\Windows\avp32.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AdobeBridge] "C:\Program Files\Adobe\Adobe Bridge CS4\Bridge.exe" -stealth
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Microsoft iexplorer11] C:\Users\Bruger\AppData\Local\Temp\avstc.exe
O4 - HKCU\..\Run: [3FWHZQA3LT] C:\Users\Bruger\AppData\Local\Temp\Esk.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETVÆRKSTJENESTE')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O15 - Trusted Zone: http://www.msi.com.tw
O15 - Trusted Zone: *.danskebank.dk
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.danskebank.dk/html/activex/DB/Menu.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldda-dk.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 93.188.162.127,93.188.161.217
O17 - HKLM\System\CS2\Services\Tcpip\..\{016FEA1D-1759-41D0-BD9B-ABF4B4FD9C53}: NameServer = 93.188.162.127,93.188.161.217
O18 - Protocol: bw+0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: offline-8876480 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 23520 bytes

Jeg har ikke den store forstand på computere andet end at spille/surfe (en del :)) så hvis jeg har gjort noget forkert så sig endelig til :)
29. september 2010 - 21:56 #1
Yffer Pyffer!!!

... jeg opdaterer aldrig samt rydder aldrig op på min pc ... - vil du lige gentage det OG tænke over hvorfor du har fået alt det 'snavs' ???

---

Du bruger også en GAMMEL Avast4 (og den er heller ikke opdateret i længerer tid!!!)

---

Der er MINDST 20 meget 'snavs' elementer på dit system ifølge ovenstående; og der er ifølge HiJackThis kun de synligt !!!
Hvad har du dog haft gang i ???

Sååååå - det er pænt naturligt (!) det du beskriver...

---

Jeg vil gerne se omtalte MalwareBytes log (i programmet under fanen - tja - logs kan den findes...).

---
Avatar billede Slettet bruger
29. september 2010 - 22:02 #2
Ugh, når du formulerer det sådan kan jeg godt se, at jeg ikke har tænkt mig særlig grundigt om. Der er nok mest fordi virus aldrig har været et problem så jeg har ikke tænkt over at det kunne blive det, men nu skal jeg ikke komme med dårlige undskyldninger :)
Her er den første scanning jeg lavede hvor den fandt liiiidt for meget:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4692

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

25-09-2010 19:56:59
mbam-log-2010-09-25 (19-56-59).txt

Skanningstype: Fuldstændig skanning (C:\|D:\|E:\|F:\|G:\|)
Objekter skannet: 307718
Tid gået: 1 time(e), 40 minut(ter), 36 sekund(er)

Hukommelses Processorer Inficeret: 14
Hukommelses Moduler Inficeret: 5
Registreringsdatabasenøgler Inficeret: 15
Registreringsdatabaseværdier Inficeret: 29
Registreringsdatabasedata Objekter Inficeret: 5
Inficerede Mapper: 2
Inficerede Filer: 102

Hukommelses Processorer Inficeret:
C:\Windows\userinit.exe (Worm.Autorun) -> Unloaded process successfully.
C:\Windows\Elytab.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Users\Bruger\AppData\Roaming\hotfix.exe (Rogue.MultipleAV) -> Unloaded process successfully.
C:\Users\Bruger\AppData\Local\Temp\ltl6fz.exe (Malware.Packer.Gen) -> Unloaded process successfully.
C:\Users\Bruger\AppData\Local\Temp\qxemzuib.exe (Malware.Packer.Gen) -> Unloaded process successfully.
C:\Windows\System32\szetyj67vx.exe (Trojan.LVBP) -> Unloaded process successfully.
C:\Windows\System32\system.exe (Worm.Autorun) -> Unloaded process successfully.
C:\Users\Bruger\AppData\Roaming\1724E49ADB4BEEB826BED100541C5D21\handlerfix70700en00.exe (Malware.Packer.Gen) -> Unloaded process successfully.
C:\Users\Bruger\AppData\Local\Temp\ltl6fz.exe (Malware.Packer.Gen) -> Unloaded process successfully.
C:\Users\Bruger\AppData\Local\Temp\qxemzuib.exe (Malware.Packer.Gen) -> Unloaded process successfully.
C:\Users\Bruger\AppData\Local\Temp\Esh.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Windows\System32\updata.exe (Trojan.Clicker) -> Unloaded process successfully.
C:\Users\Bruger\AppData\Local\Temp\win.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Windows\System32\szetyj67v.exe (Trojan.Dropper) -> Unloaded process successfully.

Hukommelses Moduler Inficeret:
C:\Users\Bruger\AppData\Local\Temp\msreaayl.dll (Trojan.Onlinegames) -> Delete on reboot.
C:\Windows\System32\ftgkyzjvjj.dll (Trojan.Agent) -> Delete on reboot.
C:\Windows\System32\gkqmz0.dll (Trojan.Downloader) -> Delete on reboot.
C:\Windows\System32\uejide.dll (Trojan.Downloader) -> Delete on reboot.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.

Registreringsdatabasenøgler Inficeret:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{67kln5j1-4opm-00we-aax5-71ef1d187311} (Generic.Bot.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b1ba40a1-75f2-51bd-f313-04b03a2c8953} (Trojan.Agent) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b1ba40a1-75f2-51bd-f313-04b03a2c8953} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b1ba40a1-75f2-51bd-f313-04b03a2c8953} (Trojan.Agent) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{67kln5k0-4opm-00we-aax5-77ef1d187463} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{343ce214-9998-4b21-a151-ffe970167297} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a3ed5288-f558-4f6e-8d5c-740cb6f89029} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDORSYS (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\20W6RLKX65 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\3FWHZQA3LT (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SMH2B46TDP (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registreringsdatabaseværdier Inficeret:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iwjpqr (Trojan.Onlinegames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{b1ba40a1-75f2-51bd-f313-04b03a2c8953} (Trojan.Agent) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\upc+kt0nnraxms (Trojan.Downloader) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\upc+kt0nnraxms (Trojan.Downloader) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\upc+kt0noyaxms (Trojan.Downloader) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\upc+kt0noyaxms (Trojan.Downloader) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhmzkfgpfh (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhmzkfgpfh (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhmzkfgqxb (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhmzkfgqxb (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\szetyj67vx (Trojan.LVBP) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\metropolis (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\handlerfix70700en00.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\3fwhzqa3lt (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhmzkfgsa (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhmzkfgsa (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ocemaxnswr.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\apps (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\szetyj67v (Trojan.Dropper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\init (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\win (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\idstrf (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\winid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\nofolderoptions (Hijack.FolderOptions) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hattric (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lsdefrag (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows update (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\59t4 (Trojan.Downloader) -> Quarantined and deleted successfully.

Registreringsdatabasedata Objekter Inficeret:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Worm.Autorun) -> Data: c:\windows\userinit.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Inficerede Mapper:
C:\PLAIN\G-2-3-45-111111BBBB-222222222222-6666666666-000 (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Windows\System32\hattric (Backdoor.Agent) -> Quarantined and deleted successfully.

Inficerede Filer:
c:\KEY\F-2-3-13-23878789098-7675432123-0000900091-777\x0rr0x.exe (Generic.Bot.H) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\msreaayl.dll (Trojan.Onlinegames) -> Delete on reboot.
C:\Windows\System32\ftgkyzjvjj.dll (Trojan.Agent) -> Delete on reboot.
C:\Windows\userinit.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Windows\Elytab.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Roaming\hotfix.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Windows\System32\gkqmz0.dll (Trojan.Downloader) -> Delete on reboot.
C:\Windows\System32\uejide.dll (Trojan.Downloader) -> Delete on reboot.
C:\Users\Bruger\AppData\Local\Temp\ltl6fz.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\qxemzuib.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Windows\System32\szetyj67vx.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Windows\System32\system.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
C:\Users\Bruger\AppData\Roaming\1724E49ADB4BEEB826BED100541C5D21\handlerfix70700en00.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\Esh.exe (Trojan.Downloader) -> Delete on reboot.
C:\Windows\System32\updata.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\win.exe (Trojan.Downloader) -> Delete on reboot.
C:\Users\Bruger\AppData\Local\Temp\ocemaxnswr.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Windows\Fonts\services.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCAZN5S8\mainfull70707[1].exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCAZN5S8\mainfull70707[2].exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SAMHNRFY\mainfull70707[1].exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\Installer.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\stp25c47.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\stp44c2b.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\stp4c372.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\stp6a751.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\9fwj3e05i.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\rnacmswxoe.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\wS1eIQGM9 (Trojan.Alureon) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\zyldslfo.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\o4s0419l.exe (Trojan.Sisproc.Gen) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\o7p9vnxxabjxgu8.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\jlfu1en.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\e21tj2hq0.exe (Trojan.Sisproc.Gen) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\ecsxanwrom.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\eg0t491i43prrjd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\Esj.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\Esk.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\Eso.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\Esp.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\Esq.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\Esr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\Est.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\Esu.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\C7B3.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\ppvijkl.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\97dbd836.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\i3kma.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\5555y (Trojan.Alureon) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Roaming\1724E49ADB4BEEB826BED100541C5D21\mainfull70707.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Windows\Elytaa.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\d89hbno0.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\spool\prtprocs\w32x86\17c3sK.dll (Trojan.Alureon) -> Quarantined and deleted successfully.
C:\Windows\System32\spool\prtprocs\w32x86\1o931i.dll (Trojan.Alureon) -> Quarantined and deleted successfully.
C:\Windows\Temp\IQ7wS17s.sys (Trojan.Alureon) -> Quarantined and deleted successfully.
C:\Windows\Temp\VRT226E.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Windows\Temp\M7g31a.sys (Trojan.Alureon) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP00000001A719E1E4A4BB4803 (Trojan.Agent) -> Quarantined and deleted successfully.
G:\forever.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\KEY\Music.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\.fseventsd\fantasy.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\.fseventsd\Music.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\DIT-DL7ZJQQCEX5\fantasy.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\DIT-DL7ZJQQCEX5\Music.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\DIT-DL7ZJQQCEX5\DIT-DL7ZJQQCEX5\DIT-DL7ZJQQCEX5swo2.exe (Trojan.Ircbrute) -> Quarantined and deleted successfully.
G:\DIT-DL7ZJQQCEX5\DIT-DL7ZJQQCEX5\DIT-DL7ZJQQCEX5px3.exe (Trojan.Agent) -> Quarantined and deleted successfully.
G:\BRUGER-PC\Music.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\xAVx\My music.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\xAVx\fantasy.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\xAVx\Music.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\xAVx\ReleAsE\xAVy.exe (Trojan.PWS) -> Quarantined and deleted successfully.
G:\Biceps tenodesis\My music.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\Biceps tenodesis\fantasy.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\Biceps tenodesis\Music.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\Hjorringgaard, Mogens; 070654-1659\My music.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\Hjorringgaard, Mogens; 070654-1659\fantasy.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\Hjorringgaard, Mogens; 070654-1659\Music.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\Gads Bogskab\My music.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\Gads Bogskab\fantasy.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\Gads Bogskab\Music.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\PLAIN\fantasy.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\PLAIN\Music.exe (Worm.Autorun) -> Quarantined and deleted successfully.
G:\PLAIN\G-2-3-45-111111BBBB-222222222222-6666666666-000\Mix.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\PLAIN\G-2-3-45-111111BBBB-222222222222-6666666666-000\Desktop.ini (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Public\Documents\Server\admin.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Public\Documents\Server\server.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
C:\Windows\System32\comsats.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\service.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\szetyj67v.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Windows\Temp\_ex-68.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\H8SRT4604.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\H8SRT4643.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\skaioejiesfjoee.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\awmnxecros.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\1biq.exe (Trojan.Downloader) -> Delete on reboot.
C:\Users\Bruger\AppData\Local\Temp\hgksfg.bat (Malware.Trace) -> Quarantined and deleted successfully.
Avatar billede johnstigers Seniormester
29. september 2010 - 22:02 #3
Der er jo en grund til der er opdateringer, og det har du så fundet ud af nu.

Jeg lytter med her, og lover ikke at komme med flere belærende ord :)
Avatar billede johnstigers Seniormester
29. september 2010 - 22:06 #4
Du har ikke opdateret malwarebytes før scanning.
Avatar billede Slettet bruger
29. september 2010 - 22:09 #5
Jeg var ellers sikker på at jeg opdaterede det efter jeg havde installeret det - men det kan godt være at den ikke har hentet den nyeste opdatering med det sammme?
29. september 2010 - 22:16 #6
Din Database version: 4692
Nuværende Database version: 4717

Men allerede på nuværende tidspunkt har Mawarebytes kommet godt på arbejde...

Så en omgang mere - gerne med
"HøjreMusseTast - Kør Som Administrator..."

---

Jeg vil også anbefale at slette alt det - sansynligvis - mere eller mindre ulovligt DOWNLOAD du har på G:\...
Det 'skriger' jo til himmels!!!

---

Og en frisk log fra HiJackThis derefter...

Men vi er sandelig ikke færdige endnu!!!

---
Avatar billede f-arn Guru
29. september 2010 - 22:19 #7
Malwarebytes 1.46 uden opdatering har database version 4052. Så det skal nok passe, at database version 25-09-2010 var  4692.
29. september 2010 - 22:18 #8
Du kan også varme op til

M$ ServicePack1 til Vista -> http://www.microsoft.com/downloads/details.aspx?displaylang=da&FamilyID=f559842a-9c9b-4579-b64a-09146a0ba746
M$ ServicePack2 til Vista -> (32bit) -> http://www.microsoft.com/downloads/details.aspx?displaylang=da&FamilyID=891ab806-2431-4d00-afa3-99ff6f22448d

+ efterfølgende MANGE opdateringer (alle) fra WindowsUpdate!!!

NB: Proceduren her i denne box vil nok ta' >4 timer PC tid når det går bedst!!!

---

Med en log fra HiJackThis først !!!
Avatar billede Slettet bruger
29. september 2010 - 22:19 #9
Jeg har kørt programmet 3 gange i dag med omkring 2-10 filer inficerede (dog ikke som administratior). Skal jeg stadig give den en gang til? Det skal lige siges at jeg kun har et C:\ samt E:\ drev, de andre var virtuelle dreve samt et usb-stik. HiJackThis-loggen er fra i dag (altså efter ca 4 grundige scans siden i søndags)
29. september 2010 - 22:20 #10
Som led i oprydning generelt ->

http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/manual-for-installation-og-brug-af-ccleaner/ (Specielt punktet [Register]...)
http://www.ccleaner.com/download/builds/downloading-slim
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller *NEJ* til den.

http://www.alt-til-windows.dk/?Artikler/CCleaner-GuideTilOptimeringAfVista/763
Avatar billede Slettet bruger
29. september 2010 - 22:25 #11
Forresten kan jeg ikke opdatere servicepakkerne da min browser ikke kan få forbindelse til microsoft.com >(

Allerede nu vil jeg gerne sige tak fordi I gider hjælpe, og at jeg på trods af at vi snakker over et forum nærmest føler mig pinlig berørt over den sørgelige tilstand min maskine er i. :)
Avatar billede Slettet bruger
29. september 2010 - 23:51 #12
Her er den seneste virus-scan efter jeg har ryttet 3.5 gb ud med Ccleaner:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4717

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

29-09-2010 23:46:18
mbam-log-2010-09-29 (23-46-18).txt

Skanningstype: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 282613
Tid gået: 1 time(e), 24 minut(ter), 8 sekund(er)

Hukommelses Processorer Inficeret: 1
Hukommelses Moduler Inficeret: 1
Registreringsdatabasenøgler Inficeret: 5
Registreringsdatabaseværdier Inficeret: 4
Registreringsdatabasedata Objekter Inficeret: 0
Inficerede Mapper: 1
Inficerede Filer: 8

Hukommelses Processorer Inficeret:
C:\Users\Bruger\AppData\Local\Temp\avstc.exe (Trojan.Downloader) -> Unloaded process successfully.

Hukommelses Moduler Inficeret:
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.

Registreringsdatabasenøgler Inficeret:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{67kln5j1-4opm-00we-aax5-71ef1d187311} (Generic.Bot.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\20W6RLKX65 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\3FWHZQA3LT (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registreringsdatabaseværdier Inficeret:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoft iexplorer11 (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoft iexplorer11 (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\nofolderoptions (Hijack.FolderOptions) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\3fwhzqa3lt (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registreringsdatabasedata Objekter Inficeret:
(Ingen skadelige objekter blev fundet)

Inficerede Mapper:
C:\KEY\F-2-3-13-23878789098-7675432123-0000900091-777 (Trojan.Agent) -> Delete on reboot.

Inficerede Filer:
c:\KEY\F-2-3-13-23878789098-7675432123-0000900091-777\x0rr0x.exe (Generic.Bot.H) -> Delete on reboot.
C:\Users\Bruger\AppData\Local\Temp\avstc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
C:\Users\Bruger\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SAMHNRFY\av2exe1[1].jpg (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\KEY\F-2-3-13-23878789098-7675432123-0000900091-777\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Bruger\AppData\Local\Temp\Esk.exe (Trojan.FakeAlert) -> Delete on reboot.


Og her er den seneste HiJackThis log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:51:21, on 29-09-2010
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.17037)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O1 - Hosts: 89.149.249.196 www.google.com
O1 - Hosts: 89.149.249.196 www.google.de
O1 - Hosts: 89.149.249.196 www.google.fr
O1 - Hosts: 89.149.249.196 www.google.co.uk
O1 - Hosts: 89.149.249.196 www.google.com.br
O1 - Hosts: 89.149.249.196 www.google.it
O1 - Hosts: 89.149.249.196 www.google.es
O1 - Hosts: 89.149.249.196 www.google.co.jp
O1 - Hosts: 89.149.249.196 www.google.com.mx
O1 - Hosts: 89.149.249.196 www.google.ca
O1 - Hosts: 89.149.249.196 www.google.com.au
O1 - Hosts: 89.149.249.196 www.google.nl
O1 - Hosts: 89.149.249.196 www.google.co.za
O1 - Hosts: 89.149.249.196 www.google.be
O1 - Hosts: 89.149.249.196 www.google.gr
O1 - Hosts: 89.149.249.196 www.google.at
O1 - Hosts: 89.149.249.196 www.google.se
O1 - Hosts: 89.149.249.196 www.google.ch
O1 - Hosts: 89.149.249.196 www.google.pt
O1 - Hosts: 89.149.249.196 www.google.dk
O1 - Hosts: 89.149.249.196 www.google.fi
O1 - Hosts: 89.149.249.196 www.google.ie
O1 - Hosts: 89.149.249.196 www.google.no
O1 - Hosts: 89.149.249.196 search.yahoo.com
O1 - Hosts: 89.149.249.196 us.search.yahoo.com
O1 - Hosts: 89.149.249.196 uk.search.yahoo.com
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SetPoint] C:\Program Files\Logitech\SetPoint\SetPoint.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETVÆRKSTJENESTE')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O15 - Trusted Zone: http://www.msi.com.tw
O15 - Trusted Zone: *.danskebank.dk
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.danskebank.dk/html/activex/DB/Menu.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldda-dk.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 93.188.162.127,93.188.161.217
O17 - HKLM\System\CS2\Services\Tcpip\..\{016FEA1D-1759-41D0-BD9B-ABF4B4FD9C53}: NameServer = 93.188.162.127,93.188.161.217
O18 - Protocol: bw+0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: offline-8876480 - {D9002EBC-51C7-4E3D-BA6F-5365E8815E96} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 22572 bytes
30. september 2010 - 06:34 #13
Og MalwareBytes var på banen igen *S* ...

1) Reset HOST fil -> http://support.microsoft.com/kb/972034 (Muligvis hentes via en anden PC?)
Genstart normalt.
Check at du nu kan 'se' www.microsoft.dk

2) Afinstall
* Avast4
(Brug evt. http://www.avast.com/uninstall-utility) samt oprydning med CCleaner...

3) Install
* Avast5 (Avast antivirus/antispyware: http://www.avast.com/free-antivirus-download)
ELLER
* M$ MSE ( http://www.microsoft.com/security_essentials/default.aspx?mkt=da-dk )
* Lad programmet blive opdateret - evt. scanne din PC... *

4) -- Hent Combofix fra et af disse links, og gem den på dit skrivebord:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

NB: Du må ikke døbe den Combofix.exe, men eksempelvis BANAN.exe

-- Kør så combofix.exe (BANAN.exe), som du hentede tidligere, og følg anvisningerne.

Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når combofix er færdig, og efter det har genstartet, skulle der gerne åbnes en logfil: combofix.txt
Indholdet af denne fil må du gerne lægge herind.
Avatar billede Slettet bruger
30. september 2010 - 22:03 #14
Okay nu er følgende status: Mit internet virker fint igen, jeg har fået afinstalleret og installeret Det nyeste avast igen samt scannet hvor den fandt omkring 2000 filer :S Men da jeg så fik den til at flytte dem til virus-boksen så crashede programmet og da jeg så genstartede får jeg fejlen:
initialiseringen af interaktiv logonprocess mislykkedes

Som jeg måske har fundet en løsning på (noget med Vista's CD hvor jeg skal kopiere den ødelagte fil fra kommandoprompt eller sådan noget i den stil..)

Hvis du nogen sinde har oplevet noget lignende så må du meget gerne hjælpe, ellers så skal jeg nok skrive tilbage når jeg engang ved noget mere

- Jonas
30. september 2010 - 22:07 #15
Lige en hurtig:
Kan du opstarte i "Fejlsikker tilstand" ?
Avatar billede Slettet bruger
30. september 2010 - 22:16 #16
Nej det kan jeg ikke engang. Jeg har læst mig til at det er en .manifest fil inde i windows-mapperne der ikke virker ordentligt. Nu har jeg prøvet at kopiere denne fil fra min installations-CD eller hvad den nu hedder (fra Vista) uden noget resutat. Jeg prøver lige et par ting inde i reperationssiden men hvis der ikke er noget af det, der virker ved jeg ikke hvad jeg skal gøre - ihvertfald ikke noget jeg selv kan finde ud af :/
Avatar billede Slettet bruger
30. september 2010 - 22:27 #17
På trods af, at jeg læste mig til, at en systemdgenoprettelse ikke ville virke så prøvede jeg det og nu er problemet tilsyneladende løst - nu tør jeg bare næste ikke genstarte min pc :) Jeg tror jeg scanner min PC engang i morgen når jeg får tid til det og så gennemfører jeg de sidste punkter du skriver, så kommer jeg tilbage så hurtigt som muligt - endnu engang tak :)
01. oktober 2010 - 06:27 #18
Dette kunne nok også være sundt:

Gå i Start - Skriv i søgefeltet > cmd > vælg det program som hedder > cmd.exe > og højreklik på den og sig "Kør som administrator"
2. Skriv: SFC.exe /Scannow > Enter
3. Indsæt din Windows CD/DVD, hvis du bliver bedt om det
4. Genstart computeren

---
Avatar billede Slettet bruger
01. oktober 2010 - 15:59 #19
Status:
Min pc virker fortsat ikke, kun når jeg laver en systemgenoprettelse. Det vil altså sige, at når jeg slukker min pc efter SGO så kan den ikke logge ind, og på den måde kan jeg ikke fixe det medmindre jeg kan erstatte den ødelagte fil(?) - og hvilken er det så? Kender du noget program der kan scanne windows for at se ødelagte filer og evt. reparere dem?
01. oktober 2010 - 22:23 #20
Men hvad fik du ud af #18 i praksis ?

(Andre i dene tråd ?)
Avatar billede Slettet bruger
02. oktober 2010 - 12:55 #21
Nu har jeg lavet systemscanningen og den skrev:
"Ressourcebeskyttelse fandt beskadigede filer, men det var ikke alle filer, der kunne repareres"
Og at der er oprettet en log - Hvis jeg genstarter min pc er jeg bange for jeg ikke kan logge ind og skal lave systemgenoprettelse igen hvilket annulerer reperationen af de filer, der blev fixet? Hvad ville det bedste pt. være at gøre?
02. oktober 2010 - 13:31 #22
(Andre i denne tråd ?)
02. oktober 2010 - 13:34 #23
Måske ->

Gå i Start - Skriv i søgefeltet > cmd > vælg det program som hedder > cmd.exe > og højreklik på den og sig "Kør som administrator"
2. Skriv: CHKDSK  C:  /F  /R  /X > Enter
Avatar billede Slettet bruger
02. oktober 2010 - 13:40 #24
Hmm, den siger, at diskenheden er i brug af en anden process?
Avatar billede Slettet bruger
02. oktober 2010 - 13:41 #25
Jeg prøver lige at genstarte sytemet - hvis det ikke virker skriver jeg nok først i morgen da der er gæster på trappen.
02. oktober 2010 - 13:55 #26
Ref #24: Det havde jeg også ventet; derfor starter processen først ved næste genstart... Lad den køre!!! Der kommer ikke yderligere besked ...
Avatar billede johnstigers Seniormester
02. oktober 2010 - 14:12 #27
Der er lige den lille finte at ind i mellem, skal man lige huske at læse det der står ;)

C:\Users\John> CHKDSK  C:  /F  /R  /x
Filsystemtypen er NTFS.
Det aktuelle drev kan ikke låses.

Chkdsk kan ikke køres, fordi diskenheden er i brug af en
anden proces. Skal denne diskenhed kontrolleres næste gang,
systemet genstartes? (J/N)


Altså er det rigtigt at du skal genstarte pc, for at starte chkdsk.
Avatar billede Slettet bruger
05. oktober 2010 - 18:43 #28
Hej igen. Min pc gav op efter jeg lavede den scanning der, og det er endt med at jeg har taget backup på de vigtigste filer samt installeret windows 7.

Jeg vil gerne sige tak til jer (karise_larry mest) og så vil jeg forfærdeligt gerne af med nogle point nu ;)
05. oktober 2010 - 18:48 #29
Ping...

Du vil nok blive glad for WIN7 - husk nu WindowsUpdate + Sikkerhedsprogram mm. ...
Avatar billede Slettet bruger
05. oktober 2010 - 19:06 #30
Yes, jeg har allerede hentet virusprogram og jeg skal snart i gang med at opdatere windows :) I det mindste har jeg lært noget af denne episode :) Tak
05. oktober 2010 - 19:43 #31
virusprogram ?
Du mener vel Antivirusprogram ? *S*
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester