hjælp mig af med virus?

Jeg ser på det, øjeblik.

Følg vejledningen her: http://www.eksperten.dk/artikler/1123

Dog skal du hente hijackthis herfra: http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis
Bagefter send loggen fra SuperAntiSpyware, Combofix og hijackthis herind.

Glemte at sige den har vista og den står ikke nævnt på vejledningen. men jeg henter programerne alligevel hvis det er ligemeget

Jeg mener de også virker i Vista :)

Virker også til Vista - jeg har også skrevet til "forfatteren" om at rette artiklen...

Mht.: Vista - HøjreMusseTast på *.EXE filen - Kør som Administrator...

tænkte nok det virkede til vista.

nå nu har jeg læst vejledningen, men er bange for det ikke helt er gået som det skal. læser jeg korrekt at superanti er det eneste der skal køres i fejlsikret tilstand?

Avast som jeg er meget træt af er meget langsomt siger stadig som det eneste program

C:\System Volume Information\_restore{71A87626-3C7F-4A67-ABE4-0002C0A8A69E}\RP505\A0084704.msi\Icon.Icon.exe

Win32:Adware-gen [Adw]

C:\System Volume Information\_restore{71A87626-3C7F-4A67-ABE4-0002C0A8A69E}\RP506\A0084712.msi\Icon.Icon.exe

Win32:Adware-gen [Adw]

kan ikke engang finde de her mapper i computeren.



cc fjernede en masse ting. efter 4 ture fandt den ikke mere den ku udbedre.

superanti fandt ingen ting denne gang, ikke engang nogle cookies.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/14/2008 at 08:36 PM

Application Version : 4.0.1152

Core Rules Database Version : 3503
Trace Rules Database Version: 1494

Scan type      : Complete Scan
Total Scan Time : 00:35:05

Memory items scanned      : 220
Memory threats detected  : 0
Registry items scanned    : 7625
Registry threats detected : 0
File items scanned        : 29711
File threats detected    : 0


hijackthis siger nu:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:40:15, on 14-07-2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~2\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETVÆRKSTJENESTE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldda-dk.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD42/JSCDL/jre/6u6-b90/jinstall-6u6-windows-i586-jc.cab?AuthParam=1212179716_b9dd2d887d91145a83f63dab1dca57f0&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD42/JSCDL/jre/6u6-b90/jinstall-6u6-windows-i586-jc.cab&File=jinstall-6u6-windows-i586-jc.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

--
End of file - 7209 bytes

combofix siger.

ComboFix 08-07-13.14 - xxx 2008-07-14 22:13:31.2 - NTFSx86
Running from: C:\Users\xxx\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((  Files Created from 2008-06-14 to 2008-07-14  )))))))))))))))))))))))))))))))
.

2008-07-14 22:03 . 2008-07-14 22:04    143,272,252    --a------    C:\Windows\MEMORY.DMP
2008-07-14 19:42 . 2008-07-14 19:42    <DIR>    d--------    C:\Program Files\CCleaner
2008-07-14 18:43 . 2008-07-14 18:43    <DIR>    d--------    C:\Program Files\Trend Micro
2008-07-14 09:56 . 2008-07-14 09:56    <DIR>    d--------    C:\Users\All Users\SUPERAntiSpyware.com
2008-07-14 09:56 . 2008-07-14 09:56    <DIR>    d--------    C:\ProgramData\SUPERAntiSpyware.com
2008-07-14 09:54 . 2008-07-14 09:54    <DIR>    d--------    C:\Users\xxx\AppData\Roaming\SUPERAntiSpyware.com
2008-07-14 09:54 . 2008-07-14 09:54    <DIR>    d--------    C:\Program Files\SUPERAntiSpyware
2008-07-13 21:21 . 2008-07-14 09:21    0    --ah-----    C:\Users\Default.LOG2
2008-07-13 21:21 . 2008-07-14 09:21    0    --ah-----    C:\Users\Default.LOG1
2008-07-13 21:21 . 2008-07-13 21:21    0    --ah-----    C:\ProgramData.LOG2
2008-07-13 21:21 . 2008-07-13 21:21    0    --ah-----    C:\ProgramData.LOG1
2008-07-13 20:53 . 2008-07-13 21:36    164    --a------    C:\install.dat
2008-07-12 23:37 . 2008-07-12 23:37    <DIR>    d--------    C:\Users\xxx\AppData\Roaming\TrojanHunter
2008-07-12 23:35 . 2008-07-13 21:20    <DIR>    d--------    C:\Program Files\TrojanHunter 5.0
2008-07-12 21:27 . 2008-06-26 03:45    12,240,896    --a------    C:\Windows\System32\NlsLexicons0007.dll
2008-07-12 21:27 . 2008-06-26 03:45    2,644,480    --a------    C:\Windows\System32\NlsLexicons0009.dll
2008-07-12 21:27 . 2008-06-26 05:29    801,280    --a------    C:\Windows\System32\NaturalLanguage6.dll
2008-07-11 00:57 . 2008-07-11 01:01    <DIR>    d--------    C:\Users\All Users\Lavasoft
2008-07-11 00:57 . 2008-07-11 01:01    <DIR>    d--------    C:\ProgramData\Lavasoft
2008-07-10 21:52 . 2008-07-10 21:52    <DIR>    d--------    C:\unisecur
2008-07-09 08:05 . 2008-04-26 10:25    3,600,952    --a------    C:\Windows\System32\ntkrnlpa.exe
2008-07-09 08:05 . 2008-04-26 10:25    3,549,240    --a------    C:\Windows\System32\ntoskrnl.exe
2008-07-09 08:05 . 2008-04-26 10:26    891,448    --a------    C:\Windows\System32\drivers\tcpip.sys
2008-07-09 08:05 . 2008-04-12 05:32    784,896    --a------    C:\Windows\System32\rpcrt4.dll
2008-07-09 08:05 . 2008-05-10 05:35    564,736    --a------    C:\Windows\System32\emdmgmt.dll
2008-07-09 08:05 . 2008-04-05 03:21    72,192    --a------    C:\Windows\System32\drivers\pacer.sys
2008-07-09 08:05 . 2008-04-05 05:34    15,360    --a------    C:\Windows\System32\pacerprf.dll
2008-07-09 08:04 . 2008-05-08 23:59    430,080    --a------    C:\Windows\System32\vbscript.dll
2008-07-09 08:04 . 2008-05-08 23:59    180,224    --a------    C:\Windows\System32\scrobj.dll
2008-07-09 08:04 . 2008-05-08 23:59    172,032    --a------    C:\Windows\System32\scrrun.dll
2008-07-09 08:04 . 2008-05-08 23:59    155,648    --a------    C:\Windows\System32\wscript.exe
2008-07-09 08:04 . 2008-05-08 23:58    135,168    --a------    C:\Windows\System32\wshom.ocx
2008-07-09 08:04 . 2008-05-08 23:58    135,168    --a------    C:\Windows\System32\cscript.exe
2008-07-09 08:04 . 2008-05-08 23:59    90,112    --a------    C:\Windows\System32\wshext.dll
2008-07-01 15:23 . 2008-07-01 15:23    <DIR>    d--------    C:\Program Files\MSXML 4.0
2008-07-01 10:53 . 2008-07-01 10:53    <DIR>    d--------    C:\Users\All Users\WindowsSearch
2008-07-01 10:53 . 2008-07-01 10:53    <DIR>    d--------    C:\ProgramData\WindowsSearch
2008-06-30 19:49 . 2008-07-10 19:25    <DIR>    d--------    C:\Users\xxx\AppData\Roaming\Ahead
2008-06-30 19:48 . 2008-06-30 19:48    <DIR>    d--------    C:\Users\All Users\Ahead
2008-06-30 19:48 . 2008-06-30 19:48    <DIR>    d--------    C:\ProgramData\Ahead
2008-06-30 19:41 . 2008-06-30 19:42    <DIR>    d--------    C:\Users\All Users\Nero
2008-06-30 19:41 . 2008-06-30 19:42    <DIR>    d--------    C:\ProgramData\Nero
2008-06-30 19:41 . 2008-06-30 19:41    <DIR>    d--------    C:\Program Files\Nero
2008-06-30 19:41 . 2008-06-30 19:46    <DIR>    d--------    C:\Program Files\Common Files\Ahead
2008-06-26 18:05 . 2008-06-26 18:05    0    --ah-----    C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-06-25 23:54 . 2008-06-25 23:54    0    --ah-----    C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2008-06-24 21:12 . 2008-06-24 21:12    <DIR>    d--------    C:\Users\All Users\Avg7
2008-06-24 21:12 . 2008-06-24 21:12    <DIR>    d--------    C:\ProgramData\Avg7
2008-06-24 21:06 . 2008-06-24 21:06    <DIR>    d--------    C:\Program Files\Alwil Software
2008-06-24 21:06 . 2008-05-16 01:18    50,768    --a------    C:\Windows\System32\drivers\aswMonFlt.sys
2008-06-23 18:33 . 2008-06-23 18:33    <DIR>    d--hs----    C:\Windows\ftpcache
2008-06-23 07:24 . 2008-06-23 07:24    <DIR>    d--------    C:\PerfLogs
2008-06-22 17:41 . 2008-06-22 17:41    <DIR>    d--------    C:\Users\All Users\GRAW2
2008-06-22 17:41 . 2008-06-22 17:41    <DIR>    d--------    C:\ProgramData\GRAW2
2008-06-22 17:31 . 2008-06-22 17:31    <DIR>    d--------    C:\Windows\System32\AGEIA
2008-06-22 17:31 . 2008-06-22 17:32    <DIR>    d--------    C:\Program Files\AGEIA Technologies
2008-06-22 17:28 . 2008-07-14 09:50    <DIR>    d--------    C:\Program Files\Common Files\Wise Installation Wizard
2008-06-22 17:27 . 2008-06-22 17:27    <DIR>    d--------    C:\Users\All Users\Media Center Programs
2008-06-22 17:27 . 2008-06-22 17:27    <DIR>    d--------    C:\ProgramData\Media Center Programs
2008-06-22 17:15 . 2008-06-22 17:15    <DIR>    d--------    C:\Program Files\UBISOFT
2008-06-22 17:12 . 2008-06-22 17:12    <DIR>    d--------    C:\Users\xxx\AppData\Roaming\InstallShield
2008-06-18 09:03 . 2008-01-19 09:33    2,623,488    --a------    C:\Windows\System32\SLsvc.exe
2008-06-18 09:03 . 2008-01-19 09:36    1,541,120    --a------    C:\Windows\System32\onex.dll
2008-06-18 09:01 . 2008-01-19 05:12    3,662,296    --a------    C:\Windows\System32\locale.nls
2008-06-18 08:59 . 2008-01-19 09:35    4,875,776    --a------    C:\Windows\System32\NlsData0009.dll
2008-06-18 08:58 . 2008-01-19 09:35    9,847,296    --a------    C:\Windows\System32\NlsData000a.dll
2008-06-18 08:57 . 2008-01-19 09:33    8,139,264    --a------    C:\Windows\System32\ssBranded.scr
2008-06-18 08:56 . 2008-01-19 09:33    2,515,968    --a------    C:\Windows\System32\accessibilitycpl.dll
2008-06-18 08:55 . 2008-01-19 09:35    3,072,000    --a------    C:\Windows\System32\networkmap.dll
2008-06-18 08:54 . 2008-01-19 09:32    1,370,624    --a------    C:\Windows\System32\Aurora.scr
2008-06-18 08:53 . 2008-01-19 09:34    6,103,040    --a------    C:\Windows\System32\chtbrkr.dll
2008-06-18 08:52 . 2008-01-19 08:53    130,048    --a------    C:\Windows\System32\drivers\drmk.sys
2008-06-18 08:51 . 2008-01-19 08:06    8,147,456    --a------    C:\Windows\System32\wmploc.DLL
2008-06-18 08:50 . 2008-01-19 09:33    599,552    --a------    C:\Windows\System32\vsp1cln.exe
2008-06-18 08:50 . 2008-01-05 13:31    145,455    --a------    C:\Windows\System32\perfmon.msc
2008-06-18 08:50 . 2008-01-05 13:32    120,458    --a------    C:\Windows\System32\secpol.msc
2008-06-18 08:50 . 2008-01-05 13:31    3    --a------    C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
2008-06-18 08:47 . 2008-01-19 09:36    357,888    --a------    C:\Windows\System32\wbemcomn.dll
2008-06-18 08:46 . 2008-01-19 09:36    704,512    --a------    C:\Windows\System32\SmiEngine.dll
2008-06-18 08:46 . 2008-01-19 09:36    139,264    --a------    C:\Windows\System32\SmiInstaller.dll
2008-06-18 08:45 . 2008-01-19 09:36    218,624    --a------    C:\Windows\System32\wdscore.dll
2008-06-18 08:45 . 2008-01-19 09:33    130,560    --a------    C:\Windows\System32\PkgMgr.exe
2008-06-18 08:42 . 2008-01-19 09:34    305,152    --a------    C:\Windows\System32\msdelta.dll
2008-06-18 08:42 . 2008-01-19 09:34    258,560    --a------    C:\Windows\System32\dpx.dll
2008-06-18 08:42 . 2008-01-19 09:34    246,784    --a------    C:\Windows\System32\drvstore.dll
2008-06-18 08:42 . 2008-01-19 09:35    35,328    --a------    C:\Windows\System32\mspatcha.dll
2008-06-16 12:50 . 2007-04-12 15:00    1,060,864    --a------    C:\Windows\System32\mfc71.dll
2008-06-16 12:50 . 2004-08-30 14:25    438,272    --a------    C:\Windows\System32\vp6vfw.dll
2008-06-16 12:50 . 2004-12-10 10:06    327,680    --a------    C:\Windows\System32\vp6dec.ax
2008-06-16 12:50 . 2007-04-12 15:01    118,832    --a------    C:\Windows\System32\SHW32.DLL
2008-06-16 12:36 . 2008-06-16 12:36    <DIR>    d--------    C:\Program Files\EA Sports
2008-06-16 12:34 . 2006-11-29 13:06    3,426,072    --a------    C:\Windows\System32\d3dx9_32.dll
2008-06-16 12:34 . 2006-11-29 13:06    440,080    --a------    C:\Windows\System32\d3dx10.dll
2008-06-16 12:34 . 2007-01-24 15:27    255,848    --a------    C:\Windows\System32\xactengine2_6.dll
2008-06-16 12:34 . 2006-12-08 12:02    251,672    --a------    C:\Windows\System32\xactengine2_5.dll
2008-06-16 12:34 . 2006-09-28 16:05    237,848    --a------    C:\Windows\System32\xactengine2_4.dll
2008-06-16 12:34 . 2006-09-28 16:04    68,888    --a------    C:\Windows\System32\xinput1_3.dll
2008-06-16 12:34 . 2007-01-08 15:30    15,128    --a------    C:\Windows\System32\x3daudio1_1.dll
2008-06-16 12:33 . 2006-09-28 16:05    2,414,360    --a------    C:\Windows\System32\d3dx9_31.dll
2008-06-16 12:33 . 2006-07-28 09:30    236,824    --a------    C:\Windows\System32\xactengine2_3.dll
2008-06-16 12:33 . 2006-07-28 09:30    62,744    --a------    C:\Windows\System32\xinput1_2.dll
2008-06-16 12:32 . 2005-05-26 15:34    2,297,552    --a------    C:\Windows\System32\d3dx9_26.dll

.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-12 23:15    ---------    d-----w    C:\Program Files\Common Files\Real
2008-07-12 23:14    ---------    d-----w    C:\Program Files\InterVideo
2008-07-12 19:34    ---------    d-----w    C:\ProgramData\Microsoft Help
2008-07-12 18:45    ---------    d---a-w    C:\ProgramData\TEMP
2008-07-09 16:22    ---------    d-----w    C:\Program Files\Windows Mail
2008-06-23 16:29    ---------    d--h--w    C:\Program Files\InstallShield Installation Information
2008-06-23 05:43    174    --sha-w    C:\Program Files\desktop.ini
2008-06-23 05:30    ---------    d-----w    C:\Program Files\Windows Sidebar
2008-06-23 05:30    ---------    d-----w    C:\Program Files\Windows Photo Gallery
2008-06-23 05:30    ---------    d-----w    C:\Program Files\Windows Journal
2008-06-23 05:30    ---------    d-----w    C:\Program Files\Windows Defender
2008-06-23 05:30    ---------    d-----w    C:\Program Files\Windows Collaboration
2008-06-23 05:30    ---------    d-----w    C:\Program Files\Windows Calendar
2008-06-15 17:43    ---------    d-----w    C:\Program Files\PokerStars
2008-06-15 17:40    ---------    d-----w    C:\Program Files\Nye programmer
2008-05-30 20:45    ---------    d-----w    C:\Program Files\Java
2008-05-30 20:37    ---------    d-----w    C:\Program Files\Common Files\Java
2008-05-30 10:16    ---------    d-----w    C:\Program Files\iTunes
2008-05-30 10:15    ---------    d-----w    C:\ProgramData\Apple Computer
2008-05-30 10:15    ---------    d-----w    C:\Program Files\iPod
2008-05-30 10:12    ---------    d-----w    C:\Program Files\Bonjour
2008-05-29 13:06    ---------    d-----w    C:\Program Files\Apex
2008-05-29 11:32    ---------    d-----w    C:\Program Files\QuickTime
2008-05-19 15:56    ---------    d-----w    C:\Program Files\Sports Interactive
2008-04-24 15:14    233,472    ----a-w    C:\Users\xxx\AppData\Roaming\REX Shared Library.dll
2008-04-24 15:14    225,280    ----a-w    C:\Users\xxx\AppData\Roaming\Rewire.dll
.
[code]<pre>
----a-w          471,040 2003-12-22 11:11:14  C:\Programmer\Sonic Foundry\Shared Plug-Ins\(Samples for Fruity Loops) YAMAHA SY-35 .exe
</pre>[/code]


(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-26 17:35 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"avast!"="C:\PROGRA~2\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"SoundMan"="SOUNDMAN.EXE" [2007-03-09 17:28 598016 C:\Windows\SOUNDMAN.EXE]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-04-07 18:17:26 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{603B5021-6BA9-495C-AD51-E8ACFBAD31FA}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{40BA00B2-7B2C-4ECE-8D86-29210E8B5444}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{7D5D8D38-549F-4751-83A7-31F38D1AAFB6}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{5DF30055-E53A-4E6B-9F48-86E3DB360E74}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{FF2685BD-BDBF-496D-B42D-5B34AD4819FB}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{ED2A61C6-7A2D-4BF1-99EA-AADAC3A1BFD4}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{369E8FA6-57C1-422B-8725-F1B98DD89610}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{84805841-524E-4E00-9B79-6F8086D36574}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{0D28EB4B-E57F-4D00-8D73-8110FEE9C15B}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{4AB389A6-F1C1-48F3-893D-E4B658F59C92}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{ADBFE10E-E4C4-4DBC-B22C-BF911C8578CE}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{21E4F27E-600F-459A-8229-9EF41FC50490}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{DFE9C877-237D-4475-9D48-8F726409D7BC}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{E338F3D0-4C34-4E46-87AF-4146E96CEFF2}"= UDP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"{A62AAC9E-055C-441D-96EA-0EE9249A7DAF}"= TCP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"{7B5D65B8-B239-4EEB-B6DD-1C2DC4FDB39C}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{BE6ABE0D-8940-4B48-9464-8E03F28DA74B}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{9DAAD777-039B-410D-8F05-D4C83ADA4D87}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{BD836499-4647-4B00-BB56-39B65E8AE411}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-05-16 01:18]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork    REG_MULTI_SZ      PLA DPS BFE mpssvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
\shell\AutoRun\command - I:\wd_windows_tools\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5e9059f3-04b4-11dd-98cb-0015f22b56ab}]
\shell\AutoRun\command - J:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eaefe30d-fe2e-11dc-afb9-0015f22b56ab}]
\shell\AutoRun\command - I:\wd_windows_tools\setup.exe

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-14 22:22:28
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-07-14 22:25:48
ComboFix-quarantined-files.txt  2008-07-14 20:25:28

Pre-Run: 139,960,258,560 byte ledig
Post-Run: 141,126,995,968 byte ledig

218    --- E O F ---    2008-07-12 19:36:15

har fundet nogle programmer jeg ikke kan afinstalere.

og den larmer stadig som en støvsuger når den bare står og viser skrivebord

shit nu kom jeg til at gi mig selv point. lamt. hvad gør jeg så?

Opret spørgsmålet igen, og husk at sende egne indlæg som "Kommentar"
"Svar" er tiltænkt løsningen.  :-)
Link til dette spørgsmål i det nye du opretter.

ha ha tak for det;)

Fortsætter her: http://www.eksperten.dk/spm/838323