PC fryser fast, og er generelt langsom

Hej

Har du husket at opdatere alle dine drivere? :)

Det kan være noget malware.

Download Malwarebytes' http://www.spywarefri.dk/software/malwarebytes-anti-malware/. Husk at opdatere versionen og så kør en hurtig scan. Jeg har fået at vide at der ikke er meget forskel på effektiviteten mellem hurtig og fuldstændig scan. Derefter skal du fjerne de inficerede objekter.

Malwarebytes er lige nu:
Malwarebytes' Anti-Malware 1.43
Database version: 3462

Hvis du stadig har problemet efter at have gjort det, så er jeg sikker på at f-arn kan hjælpe.

Jeg kan roligt sige nej til at jeg har opdateret mine drivere. For jeg ved ikke hvilke der er, og hvor man opdaterer dem.

Jeg vil prøve at lave den der malware test nu.

Tak

Nu har jeg scannet med det der malware, den fandt en fil, som så er blevet slettet.

Men den fryser stadig. DEr kom så et forslag om at opdatere drivere, hvor og hvordan gør jeg det?

(Vi skal se log teksten fra denne MalwareBytes ...)

... for en go' ordens skyld; stik os/mig en HiJackThis ->
http://www.spywareinfo.dk/index.htm#/manualer/hijackthis.htm

Bemærk at HiJackThis.exe programmet skal gemmes i en dertil oprettet mappe og IKKE køres direkte fra nettet...

PS: Brug denne version af HJT -> http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe

Ikke nødvendigvis pga virus ell. lign. men så ka' jeg se hvad der er i din opstart mm.

Mht.: Vista - HøjreMusseTast - "Kør som Administrator..."

------------------

Hvor finder jeg log teksten fra malware?

Her er den fil jeg fik fra HJT.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:42:42, on 02-01-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Marlene\Desktop\Ny mappe\HiJackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.online.no
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Vis Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETVÆRKSTJENESTE')
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O13 - Gopher Prefix:
O16 - DPF: {25C29129-E95F-4564-BFE3-000000006400} (KvikVideo 6.4) - http://www.123hjemmeside.dk/builder/pages/KvikVideo-6-4-0-0.CAB
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatisk LiveUpdate-planlægning - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS - Godkendelse af adgangskoder (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

--
End of file - 9601 bytes

Kan forresten lige tilføje at når jeg kigger på www. tvguide.dk, og åbner en oversigt over et program, så kan jeg ALDRIG lukke dette vindue igen. Jeg bliver nød til at gøre det vha. Joblisten.

Håber det hjælper

Mange TAK

Hov, jeg kunne selv finde log fra malware

Malwarebytes' Anti-Malware 1.43
Database version: 3458
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

01-01-2010 10:49:24
mbam-log-2010-01-01 (10-49-24).txt

Skan type: Hurtig skanning
Objekter skannet: 104338
Tid tilbagelagt: 21 minute(s), 28 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 1
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
HKEY_LOCAL_MACHINE\SOFTWARE\PTECH (Adware.21Nova) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)

Start med at afinstallere Norton. Jeg går ikke udfra den er "aktiv"
Hent og kør:
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2005033108162039

Tak, så er det gjort.

Hvad kan jeg mere gøre :)

For at være 'sikker' så en frisk log fra HiJackThis ?

Eftercheck via -> http://kundeservice.tdc.dk/testcenter/

Dine PC informationer
Afsnit 1     Klokkeslæt     Pc klokkeslæt:  3. januar 2010 11:18:50     Info

Afsnit 2     Browser     Mozilla/5.0 (Windows; U; Windows NT 6.0; da; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6 (.NET CLR 3.5.30729)     Info

Afsnit 3     Styresystem     Windows Vista     Info

Afsnit 4     IP adresse     88.88.124.11     Info

Afsnit 5     Java    
1.6.0_17 (14.3-b01) fra Sun Microsystems Inc.
Tryk her for at hente seneste version af Java     Info

Afsnit 6     Flash     Version:
WIN 10,0,22,87
Tryk her for at hente seneste version af Flash     Info

Afsnit 7     Andet     Javascript aktiveret:  Ja
Cookies accepteres:  Ja
Skærm opløsning:  1280x800 (32 bit farver)


Var dette nogen hjælp?

Jeg har installeret nyeste version af Flash, Java havde jeg i forvejen.

(Det var mest for at checke Java, Flash version, mm. ...)

Ahhh ok...

Er der andre ting jeg kan gøre?

Lad <f-arn> fortsætte...

Ikke forstået...

(Kollega her på E.)

Hent og installér CCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm
Under installationen får du tilbudt [Yahoo Toolbar]. Den bør du sige nej til.
Lad programmer foretage en oprydning. (Både renser og register)

http://vistaguide.dk/?Artikler/CCleaner-GuideTilOptimeringAfVista/763

------

Send lige en ny HJT log herind.

Tak, er ved at hente dem nu.
Lad programmet rydde op i aften. Og det er efter denne oprydning, at du gerne vil have en ny HJT, ik?

Så er CCleaner blevet kørt igennem et par gange, og her er den nye HJT log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:23:19, on 05-01-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Marlene\Desktop\Ny mappe\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.online.no
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETVÆRKSTJENESTE')
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O13 - Gopher Prefix:
O16 - DPF: {25C29129-E95F-4564-BFE3-000000006400} (KvikVideo 6.4) - http://www.123hjemmeside.dk/builder/pages/KvikVideo-6-4-0-0.CAB
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatisk LiveUpdate-planlægning - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 8083 bytes

Ser det skidt ud?

Den er stadig laaang tid om at starte op, hvad kan jeg gøre ved det?

(Har du gennemført #10 ?)

Desuden afinstall:
* Apple Mobile Device
* Bonjour-tjeneste (Bonjour Service)
* Google Updater Service (gusvc)
* iPod-tjeneste (iPod Service)

---

Men CCleaner - værktøjer - opstart - Der kan du disable/Fjern følgende:
*  [Adobe Reader Speed Launcher]
*  [QuickTime Task]
*  [iTunesHelper]
*  Microsoft Office.lnk

---

- Ja, Norton er afinstalleret.

Desuden afinstall:
* Apple Mobile Device
* Bonjour-tjeneste (Bonjour Service)
* Google Updater Service (gusvc)
* iPod-tjeneste (iPod Service)

- De skal bare afinstalleres almindeligt, ikke? Jeg mener jeg skal ikke bruge et program for at afinstallere dem, vel?

- Fint, jeg bruger CCcleaner til at afinstallere disse:

*  [Adobe Reader Speed Launcher]
*  [QuickTime Task]
*  [iTunesHelper]
*  Microsoft Office.lnk


Tak!!

... og hvordan er status så nu ???

Har ikke slettet dem endnu, det var et spørgsmål (undtagen det med norton)...

* Bonjour-tjeneste (Bonjour Service)
* Google Updater Service (gusvc)
* iPod-tjeneste (iPod Service)

Hvor finder jeg disse programmer?
Jeg kan ikke finde dem der hvor jeg normalt fjerne et program.

Jeg har nu fjernet disse:

*  [Adobe Reader Speed Launcher]
*  [QuickTime Task]
*  [iTunesHelper]
*  Microsoft Office.lnk

What next :)

Har I tid til at hjælpe mig lidt igen? Mangler stadig afklaring på #28.

Tak

... stik mig evt. en frisk log fra HiJackThis ...

Hvordan kører PC'en så nu ?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:58:06, on 24-01-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Marlene\Desktop\Ny mappe\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.online.no
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=dk&range=AD&phase=8&key=IESTART
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O13 - Gopher Prefix:
O16 - DPF: {25C29129-E95F-4564-BFE3-000000006400} (KvikVideo 6.4) - http://www.123hjemmeside.dk/builder/pages/KvikVideo-6-4-0-0.CAB
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatisk LiveUpdate-planlægning - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 7018 bytes


Den kører stadig langsomt og ustailt. F.eks da jeg lavede denne log, gik den i stå, og HJT programmet skrev, "svarer ikke".
Endvidere når jeg skriver, som feks nu, så hakker den. dvs der går lige et øjeblik inden det bogstav jeg har trykket på, vises på skærmen (periodisk)

Hmmm...

-- Hent Combofix fra et af disse links, og gem den på dit skrivebord:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

NB: Du må ikke døbe den Combofix.exe, men eksempelvis BANAN.exe

-- Kør så combofix.exe (BANAN.exe), som du hentede tidligere, og følg anvisningerne.

Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når combofix er færdig, og efter det har genstartet, skulle der gerne åbnes en logfil: combofix.txt
Indholdet af denne fil må du gerne lægge herind.

Tak.. troede lidt tråden var blevet glemt.
Skynder mig hjem og prøver dette i aften. Tak

Hmm effter jeg har kørt progrmmet kommer der rigtigt nok en log op. Jeg kopierer denne log og vil åbne internettet. Men det kan jeg ikke få lov til, den skriver der er en fejl. Kan heller ikke åbne notepad eller word. Så jeg genstarter. Men nu er loggen selvfølgelig væk.
Så det fik jeg jo ikke meget ud af. :)

C:\Combofix.log ...

Tak.

ComboFix 10-01-29.07 - Marlene 30-01-2010  9:25.1.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.45.1030.18.895.233 [GMT 1:00]
Kører fra: c:\users\Marlene\Downloads\Banan.exe
AV: avast! antivirus 4.7.1098 [VPS 090403-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\$recycle.bin\S-1-5-21-2798595349-4001939752-1694952834-500

.
(((((((((((((((((((((((((((((  Filer skabt fra 2009-12-28 til 2010-01-30  )))))))))))))))))))))))))))))))))))
.

2010-01-30 08:35 . 2010-01-30 08:35    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-01-27 11:00 . 2010-01-27 11:00    15880    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\lsdelete.exe
2010-01-27 11:00 . 2010-01-27 11:00    163728    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\ShellExt.dll
2010-01-27 11:00 . 2010-01-27 11:00    327000    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\RPAPI.dll
2010-01-27 11:00 . 2010-01-27 11:00    87496    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2010-01-23 23:00 . 2010-01-27 11:00    3803208    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
2010-01-23 23:00 . 2010-01-27 11:00    823928    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2010-01-23 23:00 . 2010-01-27 11:00    1643272    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2010-01-23 23:00 . 2010-01-27 11:00    788880    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\AAWTray.exe
2010-01-23 22:59 . 2010-01-27 11:00    1181328    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\AAWService.exe
2010-01-13 10:57 . 2009-10-19 13:38    156672    ----a-w-    c:\windows\system32\t2embed.dll
2010-01-13 10:57 . 2009-10-19 13:35    72704    ----a-w-    c:\windows\system32\fontsub.dll
2010-01-05 18:19 . 2010-01-05 18:19    --------    d-----w-    c:\program files\CCleaner
2010-01-02 23:15 . 2010-01-27 11:00    862040    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\threatwork.exe
2010-01-02 23:14 . 2010-01-27 11:00    206944    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\lavamessage.dll
2010-01-02 23:14 . 2010-01-27 11:00    390288    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\lavalicense.dll
2010-01-02 23:14 . 2010-01-27 11:00    537576    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\aawapi.dll
2010-01-02 23:14 . 2010-01-27 11:00    389272    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2010-01-02 23:14 . 2010-01-27 11:00    8    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\Savapibridge.dll
2010-01-02 23:07 . 2010-01-27 11:00    6296864    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\Resources.dll
2010-01-02 23:07 . 2010-01-27 11:00    933120    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\CEAPI.dll
2010-01-02 23:07 . 2010-01-27 11:00    816784    ----a-w-    c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2010-01-01 09:19 . 2010-01-01 09:19    5061519    ----a-w-    c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-01 09:17 . 2010-01-01 09:17    --------    d-----w-    c:\users\Marlene\AppData\Roaming\Malwarebytes
2010-01-01 09:16 . 2009-12-30 13:54    19160    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-01-01 09:16 . 2009-12-30 13:55    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-01 09:16 . 2010-01-01 09:16    --------    d-----w-    c:\programdata\Malwarebytes
2010-01-01 09:16 . 2010-01-01 09:22    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-29 12:47 . 2007-06-18 23:48    81790    ----a-w-    c:\windows\system32\perfc006.dat
2010-01-29 12:47 . 2007-06-18 23:48    471658    ----a-w-    c:\windows\system32\perfh006.dat
2010-01-23 08:32 . 2007-08-06 17:29    --------    d-----w-    c:\users\Marlene\AppData\Roaming\Apple Computer
2010-01-17 16:08 . 2007-08-11 14:47    --------    d-----w-    c:\users\Marlene\AppData\Roaming\XnView
2010-01-14 10:12 . 2009-12-31 07:49    181120    ------w-    c:\windows\system32\MpSigStub.exe
2010-01-14 09:43 . 2006-11-02 11:18    --------    d-----w-    c:\program files\Windows Mail
2010-01-08 16:30 . 2007-08-06 17:24    --------    d-----w-    c:\program files\Common Files\Apple
2010-01-03 00:53 . 2007-06-18 14:27    --------    d-----w-    c:\program files\Common Files\Symantec Shared
2010-01-03 00:49 . 2007-06-18 14:27    --------    d-----w-    c:\programdata\Symantec
2010-01-02 06:38 . 2010-01-22 11:01    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-22 11:01    109056    ----a-w-    c:\windows\system32\iesysprep.dll
2010-01-02 06:32 . 2010-01-22 11:01    71680    ----a-w-    c:\windows\system32\iesetup.dll
2010-01-02 04:57 . 2010-01-22 11:01    133632    ----a-w-    c:\windows\system32\ieUnatt.exe
2009-12-20 22:15 . 2009-12-20 22:13    --------    d-----w-    c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-12-20 22:15 . 2009-12-20 22:13    --------    d-----w-    c:\program files\iTunes
2009-12-20 22:14 . 2009-12-20 22:14    --------    d-----w-    c:\program files\iPod
2009-12-20 22:10 . 2009-12-20 22:09    --------    d-----w-    c:\program files\QuickTime
2009-12-20 22:00 . 2009-12-20 22:00    79144    ----a-w-    c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-12-20 21:57 . 2008-03-23 20:50    --------    d-----w-    c:\program files\Safari
2009-12-20 21:52 . 2009-12-20 21:52    79144    ----a-w-    c:\programdata\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe
2009-12-12 23:21 . 2007-08-06 17:09    --------    d-----w-    c:\program files\Java
2009-12-12 22:58 . 2009-12-12 22:53    --------    d-----w-    c:\programdata\Lavasoft
2009-12-12 22:56 . 2009-12-12 22:56    --------    dc-h--w-    c:\programdata\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2009-12-12 22:53 . 2009-12-12 22:53    --------    d-----w-    c:\program files\Lavasoft
2009-12-12 22:53 . 2009-11-07 13:22    --------    d-----w-    c:\programdata\Telenor
2009-12-12 22:34 . 2009-09-07 16:11    --------    d-----w-    c:\program files\NOVA INTERNET
2009-12-11 23:00 . 2009-12-10 18:59    --------    d-----w-    c:\program files\PokerStars
2009-12-11 20:28 . 2009-12-11 20:28    --------    d-----w-    c:\programdata\McAfee
2009-12-09 20:28 . 2009-12-09 20:28    --------    d-----w-    c:\programdata\McAfee Security Scan
2009-12-07 14:10 . 2009-12-12 22:56    2953352    -c--a-w-    c:\programdata\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}\Ad-AwareInstallation.exe
2009-12-02 13:19 . 2009-12-12 22:58    64288    ----a-w-    c:\windows\system32\drivers\Lbd.sys
2009-12-02 13:19 . 2009-12-13 02:02    15880    ----a-w-    c:\windows\system32\lsdelete.exe
2009-11-30 06:58 . 2009-11-23 11:37    439816    ----a-w-    c:\users\Marlene\AppData\Roaming\Real\Update\setup3.09\setup.exe
2009-11-23 19:39 . 2009-11-23 19:38    17241584    ----a-w-    c:\users\Marlene\AppData\Roaming\Real\Update\setup3.09\rp\RealPlayerSPGold.exe
2009-11-23 19:38 . 2009-11-23 19:38    8405312    ----a-w-    c:\users\Marlene\AppData\Roaming\Real\Update\setup3.09\gtb\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
2009-11-23 19:38 . 2009-11-23 19:38    149000    ----a-w-    c:\users\Marlene\AppData\Roaming\Real\Update\setup3.09\chr_helper\LaunchHelper.exe
2009-11-23 19:38 . 2009-11-23 19:38    10309448    ----a-w-    c:\users\Marlene\AppData\Roaming\Real\Update\setup3.09\chr\ChromeInstaller.exe
2009-11-23 19:37 . 2009-11-23 19:37    79368    ----a-w-    c:\users\Marlene\AppData\Roaming\Real\Update\setup3.09\RUP\vista.exe
2009-11-23 19:37 . 2009-11-23 19:37    52288    ----a-w-    c:\users\Marlene\AppData\Roaming\Real\Update\setup3.09\RUP\inst_config\gtapi.dll
2009-11-23 19:37 . 2009-11-23 19:37    64000    ----a-w-    c:\users\Marlene\AppData\Roaming\Real\Update\setup3.09\RUP\inst_config\gcapi_dll.dll
2009-11-23 19:37 . 2009-11-23 19:37    50688    ----a-w-    c:\users\Marlene\AppData\Roaming\Real\Update\setup3.09\RUP\inst_config\fftbapi.dll
2009-11-23 19:37 . 2009-11-23 19:37    118784    ----a-w-    c:\users\Marlene\AppData\Roaming\Real\Update\setup3.09\RUP\inst_config\compat.dll
2009-11-18 15:11 . 2006-11-02 10:25    665600    ----a-w-    c:\windows\inf\drvindex.dat
2009-11-09 12:31 . 2009-12-10 08:58    24064    ----a-w-    c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-10 08:58    30720    ----a-w-    c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-10 08:58    411648    ----a-w-    c:\windows\system32\drivers\http.sys
2007-06-18 23:53 . 2007-06-18 23:53    8192    --sha-w-    c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2006-10-23 1092152]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-22 815104]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-01 4186112]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 232184]
"toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-01-10 18944]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2006-11-22 842584]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-11-30 198160]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Device Detector 3.lnk - c:\program files\Olympus\DeviceDetector\DevDtct2.exe [2007-10-10 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 01:04    39792    ----a-w-    c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-11-12 15:33    141600    ----a-w-    c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 22:08    417792    ----a-w-    c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):79,ec,d2,8c,3d,59,ca,01

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [12-12-2009 23:58 64288]
R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [05-04-2009 20:38 28544]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [04-04-2009 00:46 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [04-04-2009 00:46 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [01-01-2008 19:15 51792]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [02-12-2009 14:19 1181328]
S3 FontCache;Tjenesten Windows-skrifttypecache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [06-06-2008 10:01 21504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation    REG_MULTI_SZ      FontCache
.
Indhold af mappen 'Planlagte Opgaver'

2010-01-30 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 11:00]

2010-01-30 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 11:00]

2010-01-30 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 11:00]

2010-01-30 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 11:00]

2010-01-30 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 11:00]

2007-08-13 c:\windows\Tasks\PBReg.job
- c:\program files\HDReg\HDRegApp.exe [2005-06-21 11:05]

2010-01-30 c:\windows\Tasks\Udvidet garanti.job
- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-06-18 16:38]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.online.no
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
DPF: {25C29129-E95F-4564-BFE3-000000006400} - hxxp://www.123hjemmeside.dk/builder/pages/KvikVideo-6-4-0-0.CAB
FF - ProfilePath - c:\users\Marlene\AppData\Roaming\Mozilla\Firefox\Profiles\7ez3fswj.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - www.db.dk
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLITIKKER ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");
.
- - - - TOMME GENVEJE FJERNET - - - -

ActiveSetup-ccc-core-static - msiexec



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-30 09:36
Windows 6.0.6002 Service Pack 2 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
Gennemført tid: 2010-01-30  09:41:47
ComboFix-quarantined-files.txt  2010-01-30 08:41

Pre-Kørsel: 92.561.473.536 byte ledig
Post-Kørsel: 92.646.871.040 byte ledig

- - End Of File - - D6AF0208067609879E8DD0EDF9A8FD78

Kan vist roligt sige at det ikke har hjulpet. Har nu haft den tændt i 1,5 time her til morgen, og har nui genstartet den to gange fordi den fryser. Og når den så samtidig er 10 min om at tænde op igen, så bliver det jo ikke bedre...

Er det nemmere bare at skrotte den, for er lidt tæt af den nu :)

Hej igen.

er der stadig nogen der vil hjælpe mig med denne udfordring jeg har.

Mange tak

<f-arn>: Har du noget til denne ?

Hvordan kan jeg ellers få fat i ham f-arn?

Nå, det kunne være man bare skulle se i øjenene at det ikke bliver bedre, og "bare" skulle se sig om efter en ny bærbar.
Packard Bell bliver det ihvertfald ikke :(

Ok, vi må hellere lukke den her. Det lader ikke til der er nogen der har nogle gode råd :(