pc er langsom

Og her kommer lidt mere fra samme pc

Hej igen
de kommer så begge her...


DDS (Ver_09-05-14.01) - NTFSx86 
Run by STIG PEDERSEN at 19:51:20,07 on 12-06-2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional  5.1.2600.3.1252.45.1030.18.2014.1411 [GMT 2:00]

AV: Norman Security Suite *On-access scanning enabled* (Updated)  {EB9EFB40-AE72-4C43-B204-0FCD0E92D5F1}
FW: Norman Security Suite *enabled*  {83B29CE9-9DE2-2CB5-9AB3-780D70FF12B0}

============== Running Processes ===============

C:\Programmer\Norman\Npm\Bin\Elogsvc.exe
C:\Programmer\Norman\Ngs\bin\NPROSEC.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Programmer\Norman\Npm\Bin\Zanda.exe
C:\Programmer\Norman\npm\bin\nvoy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Programmer\Norman\npf\bin\npfsvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\msdtc.exe
C:\Programmer\Intel\ASF Agent\ASFAgent.exe
C:\Programmer\Intel\AMT\atchksrv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programmer\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Programmer\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Programmer\Canon\IJPLM\IJPLMSVC.EXE
C:\Programmer\Intel\AMT\LMS.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Programmer\Intel\AMT\UNS.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Programmer\Norman\Npm\bin\NJEEVES.EXE
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\Norman\Npm\Bin\scheduler.exe
C:\Programmer\Norman\npc\bin\npcsvc32.exe
C:\Programmer\Norman\nse\bin\NSESVC.EXE
C:\Programmer\Norman\npc\bin\nuaa.exe
C:\WINDOWS\System32\alg.exe
C:\Programmer\Norman\Npm\Bin\ZLH.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\Norman\Nvc\bin\nvcoas.exe
C:\Programmer\Norman\Nvc\Bin\Nip.exe
C:\Programmer\Norman\Nvc\Bin\cclaw.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programmer\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\STIG PEDERSEN\Skrivebord\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Bar =
uSearchMigratedDefaultURL = hxxp://www.google.com/
mDefault_Search_URL = hxxp://www.google.com/
mSearch Page = hxxp://www.google.com/
mSearch Bar = hxxp://www.google.com/
mSearchMigratedDefaultURL = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchURL = hxxp://www.google.com/
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmer\fælles filer\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\programmer\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\programmer\spybot - search & destroy\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\programmer\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\programmer\java\jre1.6.0_07\bin\ssv.dll
BHO: Hjælp til tilmelding til Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programmer\fælles filer\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\programmer\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\programmer\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\programmer\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\programmer\dell\bae\BAE.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\programmer\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\programmer\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\programmer\google\google toolbar\GoogleToolbar.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
mRun: [Norman ZANDA] "c:\programmer\norman\npm\bin\ZLH.EXE" /LOAD /SPLASH
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menuen~1\progra~1\start\logite~1.lnk - c:\programmer\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programmer\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\programmer\java\jre1.6.0_07\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\programmer\windows live\writer\WriterBrowserExtension.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\programmer\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\programmer\spybot - search & destroy\SDHelper.dll
LSP: c:\programmer\norman\npc\bin\nlf.dll
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.sparnord.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\programmer\yahoo!\common\yinsthelper.dll
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1211119469312
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} - hxxp://plugin.fileopen.com/current/FileOpen.CAB
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\programmer\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programmer\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: {e3623691-f85d-48d8-8e4d-abe79077f841} - No File

============= SERVICES / DRIVERS ===============

R0 NDIS_RD;Norman Firewall NDIS driver;c:\windows\system32\drivers\ndis_rd.sys [2008-9-22 79752]
R1 NGS;Norman General Security Driver;c:\programmer\norman\ngs\bin\ngs.sys [2009-2-27 22712]
R1 NPROSEC;Norman Security driver;c:\programmer\norman\ngs\bin\nprosec.sys [2008-9-22 53816]
R1 TDI_RD;Norman Firewall TDI driver;c:\windows\system32\drivers\tdi_rd.sys [2008-9-22 74624]
R2 ASFAgent;ASF Agent;c:\programmer\intel\asf agent\ASFAgent.exe [2007-1-23 133968]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-5-9 55152]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor;c:\programmer\intel\intel matrix storage manager\IAANTmon.exe [2007-12-13 358936]
R2 Ndiskio;Ndiskio;c:\programmer\norman\nse\bin\Ndiskio.sys [2008-9-22 20448]
R2 Norman ZANDA;Norman ZANDA;c:\programmer\norman\npm\bin\Zanda.exe [2007-12-14 408696]
R2 NPFSvc32;Norman Personal Firewall Service;c:\programmer\norman\npf\bin\npfsvc32.exe [2008-9-22 597104]
R2 NPROSECSVC;Norman Security service;c:\programmer\norman\ngs\bin\nprosec.exe [2008-9-22 121912]
R2 NVOY;Norman Resource Provider;c:\programmer\norman\npm\bin\nvoy.exe [2008-9-22 126008]
R2 SeaPort;SeaPort;c:\programmer\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-1-14 226656]
R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\programmer\intel\amt\UNS.exe [2007-12-13 2521880]
R3 GKUPRO2D;GKUPRO2D;c:\windows\system32\drivers\GKUPRO2D.sys [2007-12-13 62048]
R3 NPC;Norman Parental Control;c:\programmer\norman\npc\bin\npcsvc32.exe [2008-9-22 416880]
R3 nsesvc;Norman Scanner Engine Service;c:\programmer\norman\nse\bin\Nsesvc.exe [2009-5-20 310328]
R3 NUAA;Norman User Activity Agent;c:\programmer\norman\npc\bin\nuaa.exe [2008-9-22 121912]
R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcw32mf.sys [2008-9-22 19512]
R3 nvcoas;Norman Virus Control on-access component;c:\programmer\norman\nvc\bin\Nvcoas.exe [2009-2-19 195640]
R3 pmxmouse;PMXMOUSE;c:\windows\system32\drivers\pmxmouse.sys [2008-1-14 18432]
R3 pmxusblf;PMXUSBLF;c:\windows\system32\drivers\pmxusblf.sys [2008-1-14 14336]
R3 Scheduler;Norman Scheduler Service;c:\programmer\norman\npm\bin\scheduler.exe [2009-5-13 130104]
S0 qvlkqz;qvlkqz;c:\windows\system32\drivers\vfzdhvg.sys --> c:\windows\system32\drivers\vfzdhvg.sys [?]
S2 gupdate1c9b5f96c95a380;Tjenesten Google Update (gupdate1c9b5f96c95a380);c:\programmer\google\update\GoogleUpdate.exe [2009-4-5 133104]
S3 fsssvc;Windows Live Family Safety;c:\programmer\windows live\family safety\fsssvc.exe [2009-2-6 533360]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\programmer\nos\bin\getplus_helpersvc.exe --> c:\programmer\nos\bin\getPlus_HelperSvc.exe [?]
S3 GoogleDesktopManager-061008-081103;GoogleDesktopManager-061008-081103; [x]
S3 NVCScheduler;Norman Virus Control Scheduler;"c:\programmer\norman\npm\bin\nvcsched.exe" --> c:\programmer\norman\npm\bin\NVCSCHED.EXE [?]

=============== Created Last 30 ================

2009-06-12 17:42    <DIR>    --d-----    c:\docume~1\stigpe~1\applic~1\Malwarebytes
2009-06-12 17:42    19,096    a-------    c:\windows\system32\drivers\mbam.sys
2009-06-12 17:42    40,160    a-------    c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-12 17:42    <DIR>    --d-----    c:\programmer\Malwarebytes' Anti-Malware
2009-06-12 17:42    <DIR>    --d-----    c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-06-12 17:11    <DIR>    --d-----    c:\programmer\Perfect Uninstaller
2009-06-12 16:55    <DIR>    --d-----    c:\windows\pss
2009-06-12 16:53    <DIR>    --d-----    c:\programmer\Spybot - Search & Destroy
2009-06-12 16:53    <DIR>    --d-----    c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy

==================== Find3M  ====================

2009-06-12 18:39    0    a-------    c:\windows\system32\drivers\lvuvc.hs
2009-06-12 18:38    0    a-------    c:\windows\system32\drivers\logiflt.iad
2009-05-27 14:25    0    a-------    c:\documents and settings\stig pedersen\temp.dat
2009-05-09 13:07    520,540    a-------    c:\windows\system32\perfh006.dat
2009-05-09 13:07    108,008    a-------    c:\windows\system32\perfc006.dat
2009-05-01 20:30    3,366,912    a-------    c:\windows\system32\GPhotos.scr
2009-03-21 16:08    1,006,080    --------    c:\windows\system32\dllcache\kernel32.dll
2008-02-25 21:22    32    --------    c:\docume~1\alluse~1\applic~1\ezsid.dat
2008-05-18 16:51    32,768    a--sh---    c:\windows\system32\config\systemprofile\lokale indstillinger\oversigt\history.ie5\mshist012008051820080519\index.dat

============= FINISH: 19:51:39,03 ===============


Malwarebytes' Anti-Malware 1.37
Database version: 2266
Windows 5.1.2600 Service Pack 3

12-06-2009 19:46:43
mbam-log-2009-06-12 (19-46-43).txt

Skan type: Fuldstændig skanning (C:\|)
Objekter skannet: 149524
Tid tilbagelagt: 24 minute(s), 37 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)

er der slet ingen der kan hjælpe mig  ???

Må vi lige vågne op først *S*

I første omgang ->

Hent Dial-a-fix på dette link, og gem det på skrivebordet.

Direkte link
http://djlizard.net/software/Dial-a-fix-v0.60.0.24.zip

Brug kun nr. to link, hvis det første ikke virker.

Du får da lige et andet link hvis det ikke lykkedes med det første:
http://djlizard.net/Dial-a-fix-2006-09-19.exe

1. Dobbeltklik det blå tandhjul.
2. Klik på knappen "Flush Softwaredistribution"
3. Sæt flueben i "Fix Windows update"
4. Klik på knappen GO i nederste venstre hjørne.
5. Lad den køre færdig.
6. Genstart maskinen.

Forklaring på fixet her:  http://wiki.djlizard.net/Dial-a-fix

-------

PS:

Afinstall
* Logitech Desktop Messenger
* Yahoo! Toolbar
via
[Start][Indstilninger][Kontrolpanel][Tilføj/fjern programmer]

Genstart for at fuldføre afinstalationen...

---------------------------------------

Ja selvfølgelig må i det :-) ved godt jeg var tidligt på den.

Alt ovenstående er udført og en ny hijack log er vedlagt.. pc er enorm længe om at starte op.. 


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:23:27, on 13-06-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Programmer\Norman\Npm\Bin\Elogsvc.exe
C:\Programmer\Norman\Ngs\bin\NPROSEC.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Norman\Npm\Bin\Zanda.exe
C:\Programmer\Norman\npm\bin\nvoy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Norman\npf\bin\npfsvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Programmer\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\msdtc.exe
C:\Programmer\Intel\ASF Agent\ASFAgent.exe
C:\Programmer\Intel\AMT\atchksrv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programmer\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Programmer\Canon\IJPLM\IJPLMSVC.EXE
C:\Programmer\Intel\AMT\LMS.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Intel\AMT\UNS.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Norman\Npm\Bin\scheduler.exe
C:\Programmer\Norman\Npm\bin\NJEEVES.EXE
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\Norman\npc\bin\npcsvc32.exe
C:\Programmer\Norman\nse\bin\NSESVC.EXE
C:\Programmer\Norman\npc\bin\nuaa.exe
C:\WINDOWS\System32\alg.exe
C:\Programmer\Norman\Npm\Bin\ZLH.EXE
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\Pmxmiced.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\Norman\Nvc\bin\nvcoas.exe
C:\Programmer\Norman\Nvc\Bin\Nip.exe
C:\Programmer\Norman\Nvc\Bin\cclaw.exe
F:\sikkerhed\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dk.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.dk/ig/dell?hl=da&client=dell-row-rel&channel=dk&ibd=2071213
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmer\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmer\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmer\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programmer\Dell\BAE\BAE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmer\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmer\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Norman ZANDA] "C:\Programmer\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH
O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmer\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\programmer\norman\npc\bin\nlf.dll
O10 - Unknown file in Winsock LSP: c:\programmer\norman\npc\bin\nlf.dll
O10 - Unknown file in Winsock LSP: c:\programmer\norman\npc\bin\nlf.dll
O10 - Unknown file in Winsock LSP: c:\programmer\norman\npc\bin\nlf.dll
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.sparnord.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmer\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1211119469312
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
O16 - DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} (FileOpenInstaller) - http://plugin.fileopen.com/current/FileOpen.CAB
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FÆLLES~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programmer\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O22 - SharedTaskScheduler: awash - {e3623691-f85d-48d8-8e4d-abe79077f841} - (no file)
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Programmer\Intel\ASF Agent\ASFAgent.exe
O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Programmer\Intel\AMT\atchksrv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Programmer\Norman\Npm\Bin\Elogsvc.exe
O23 - Service: getPlus(R) Helper - Unknown owner - C:\Programmer\NOS\bin\getPlus_HelperSvc.exe (file missing)
O23 - Service: GoogleDesktopManager-061008-081103 - Gemplus - (no file)
O23 - Service: Tjenesten Google Update (gupdate1c9b5f96c95a380) (gupdate1c9b5f96c95a380) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programmer\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Programmer\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel - C:\Programmer\Intel\AMT\LMS.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norman NJeeves - Norman ASA - C:\Programmer\Norman\Npm\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:\Programmer\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Parental Control (NPC) - Norman ASA - C:\Programmer\Norman\npc\bin\npcsvc32.exe
O23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman ASA - C:\Programmer\Norman\npf\bin\npfsvc32.exe
O23 - Service: Norman Security service (NPROSECSVC) - Norman ASA - C:\Programmer\Norman\Ngs\bin\NPROSEC.EXE
O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Programmer\Norman\nse\bin\NSESVC.EXE
O23 - Service: Norman User Activity Agent (NUAA) - Norman ASA - C:\Programmer\Norman\npc\bin\nuaa.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Programmer\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - C:\Programmer\Norman\Npm\bin\NVCSCHED.EXE (file missing)
O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Programmer\Norman\npm\bin\nvoy.exe
O23 - Service: Norman Scheduler Service (Scheduler) - Norman ASA - C:\Programmer\Norman\Npm\Bin\scheduler.exe
O23 - Service: stllssvr - Unknown owner - C:\Programmer\Fælles filer\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel - C:\Programmer\Intel\AMT\UNS.exe

--
End of file - 12334 bytes

KAN den så nu komme på WindowsUpdate ?

Hvad med ->
Afinstall
* Logitech Desktop Messenger
* Yahoo! Toolbar
via
[Start][Indstilninger][Kontrolpanel][Tilføj/fjern programmer]

Genstart for at fuldføre afinstalationen...

Ja den kan godt komme ind på siden men den står bare på siden og kan ikke opdatere.. har stået siden sidste indlæg og der sker intet ??

* Logitech Desktop Messenger
* Yahoo! Toolbar

er afinstalleret

... og du har gennemført nogle trix fra " Dial-a-fix " ?

Og det er kun på WindowsUpdate at der er problem ?
http://update.microsoft.com/windowsupdate/v6/default.aspx?ln=da

ja har gennemført dial-a-fix..  windows update er problem + at den er meget sløv. og langsom om at komme på nettet.
den kører xp og maskinen er kun 6 mdr gammel  ???

og den er ca. en 6-7 minutter om at starte op så den kan bruges

-- Hent Combofix fra et af disse links, og gem den på dit skrivebord:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://download.bleepingcomputer.com/sUBs/Beta/ComboFix.exe

-- Kør så combofix.exe, som du hentede tidligere, og følg anvisningerne.
Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når combofix er færdig, og efter det har genstartet, skulle der gerne åbnes en logfil: combofix.txt
Indholdet af denne fil må du gerne lægge herind.

har downloadet den og når jeg prøver at starte programmet combofix kommer den op med fejl i programmet og min virusscanner reg. en 32788R22FWJFW\n.com + en 32788R22FWJFW\nircmd.cfexe
sikkerhedsrisiko W32/Tool-norCmd.A  ??

Er du overrasket? Du er lige blevet tilføjet min liste over "not to"

Øhhh - What ?

hvad mener du larry ??

jeg er ikkelige klar over hvad du mener med det du skriver ??

Det var mht #12 ...

nå ok.. :-)
har du andre ideér til hvad jeg kan gøre ??

jeg kan ikke kører combofix uden den laver fejl

(Andre i denne tråd ?)

Ikke mig

Er der slet ikke flere gode ideer ???

hvordan lukker man så denne tråd på den rigtige måde så alt går rigtig til ??

karise_larry & f-arn vil i give et svar så jeg kan give jer point for jeres altid udemærket hjælp... takker ind til videre

(Men den er jo ikke rigtig klar ???)

nej du har ret men er kommet lidt længere så jeg syntes den starter hurtigere op.. den fandt mere snavs da jeg kørte superspywareprogrammet i fejlsikret tilstand. og kunne så også kører combofix efterfølgende og har lavet første windows update uden problemmer så nu kører den næsten :-)

Sidste problem er at fra den starter op går der ca. en 3-4 minutter inden den er klar og virusprogram og alt andet er kørt ind og pc kan bruges... jeg har fjernet det meste af det den starter op så jeg ved ikke om man kan se hvad det er der tager så lang tis at starte op ???

Ping... ? (Et [svar] ...)