HURTIG hjælp tak :-/

den har beskadiget dit system, den var selv malware.
kør en repair install så windows filerne bliver opdateret.

Mener du at programmet jeg installerede fra http://www.besttechie.net/tools/mbam-setup.exe var malware?

Hvordan ser loggen ellers ud? (Jeg har ikke umiddelbart adgang til cd'en - er det nødvendigt for repair?)

(cd'en = jeg mener windows installations cd)

Denne [Advanced Registry Optimizer] tror jeg ikke rigtig på! Anbefaler afinstalation af den !!!

---

Elsker du denne [Ask Toolbar] + [BluePhone Toolbar] + [ Yahoo! Toolbar] + [Windows Live Toolbar] + [Google Toolbar] ??? (Er der i det hele taget noget aktivt IE billed tilbage *S* ?
Afinstall dem !!!

---

O4 - HKLM\..\Run: [sniffer] C:\WINDOWS\Temp\_ex-08.exe
Ref.: http://www.bleepingcomputer.com/startups/_ex_08.exe-26026.html

Så DEN bør/SKAL 'fixes' ...

Derefter ->

Hent og instalér CCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/manual-for-installation-og-brug-af-ccleaner/
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller *NEJ* til den.
http://vistaguide.dk/?Artikler/CCleaner-GuideTilOptimeringAfVista/763
Lad programmet foretage en oprydning...

--------

Hent Malwarebytes Anti-Malware herfra:
http://www.besttechie.net/tools/mbam-setup.exe

Installer programmet - når det er gjort skal du lade programmet opdatere sig. Herefter åbner et vindue, hvor du skal flytte prikken til "Kør et fuldstændigt systemscan" - klik på Skan Knappen - lad programmet arbejde. Når det er færdig (det tager lidt tid afhængig af hvor meget du har på computeren).
Derefter - Tryk på "Vis resultater" knappen efter scanningen - og herefter tryk på "Fjern det valgte" - nu åbnes log'en og du skal gemme den et sted, hvor du kan finde den igen.
Kopier indholdet herind sammen med en frisk log fra HiJackThis...

--- og/eller ---

Hent Combofix fra et af disse links, og gem den på dit skrivebord:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

NB: Du må ikke døbe den Combofix.exe, men eksempelvis BANAN.exe

-- Kør så combofix.exe (BANAN.exe), som du hentede tidligere, og følg anvisningerne.

Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når combofix er færdig, og efter det har genstartet, skulle der gerne åbnes en logfil: combofix.txt
Indholdet af denne fil må du gerne lægge herind.

---

Der er også en del anden optimering/oprydning; det senerer...

HUSK at du tager LAN kabel ud, afbryder trådløs net og får mbam
DOWNLOADET på en ren pc og på usb disk
http://www.besttechie.net/tools/mbam-setup.exe
Så START INFICERET PC OG LAD MBAM  køre scan et par timer og så genstarte
OG TJEK PC
2. Sæt internet til igen og updater mbam og kør scan igen og husk at sætte en sikkerheds pakke på, event købe en.
DEREFTER følger du LARRY RÅD
Sådan fik jeg den væk
Security Tool
INFORMATION:
Men følg mit og larrys råd. virker nemmest
http://www.2-spyware.com/remove-security-tool.html
kristian

altså sæt usb disk til inficeret pc og install mbam, derefter scan usb pen / og pc helt inden du bruger usb til andet
kristian

Skal vi lige have <steelman> på banen igen ?

Jeg er i fulg gang med at scanne ;-)

Hvem er steelman..

nå det er brugeren
der var en anden sidmand som jeg tog fejl af.
munk

Det er for meget det her ??
http://www.spywarefri.dk/forum/viewthread/78959/

Jeg var ikke klar over at det liiige ville tage knap 3 timer at skanne med Malwarebytes, men loggen er nedenfor.
sullep: Jeg beklager at jeg har forbrudt mig på noget. Jeg var bare enormt frustreret over at have disse problemer med computeren som jeg ikke kunne komme ud af selv. Jeg vil gerne skrive en undskyldning på spywarefri.dk men tråden er blevet lukket. Jeg beklager atter - jeg ville ikke genere nogen.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4590

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10-09-2010 19:48:23
mbam-log-2010-09-10 (19-48-23).txt

Skanningstype: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 267141
Tid gået: 2 time(e), 48 minut(ter), 41 sekund(er)

Hukommelses Processorer Inficeret: 0
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 1
Registreringsdatabaseværdier Inficeret: 0
Registreringsdatabasedata Objekter Inficeret: 0
Inficerede Mapper: 8
Inficerede Filer: 2

Hukommelses Processorer Inficeret:
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret:
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Quarantined and deleted successfully.

Registreringsdatabaseværdier Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasedata Objekter Inficeret:
(Ingen skadelige objekter blev fundet)

Inficerede Mapper:
C:\Programmer\Perfect Optimizer (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Programmer\Perfect Optimizer\Backup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Programmer\Perfect Optimizer\Backup\Application (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Programmer\Perfect Optimizer\Backup\Registry (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Programmer\Perfect Optimizer\Backup\Registry\FirstBackup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Programmer\Perfect Optimizer\Backup\Registry\FullBackup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Programmer\Perfect Optimizer\Backup\Service (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Programmer\Perfect Optimizer\Temp (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.

Inficerede Filer:
C:\WINDOWS\Temp\_ex-08.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Programmer\Perfect Optimizer\PerfectOptimizer.ini (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.

Log fra combofix:
ComboFix 10-09-09.04 - HP_Ejer 10-09-2010  20:29:03.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.45.1030.18.510.243 [GMT 2:00]
Kører fra: c:\documents and settings\HP_Ejer\Skrivebord\banan.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\Thumbs.db
c:\windows\system32\wpcap.dll
D:\Autorun.inf

----- BITS: Mulige inficerede internetsteder -----

hxxp://buy-download.norton.com
Inficeret kopi af c:\windows\system32\drivers\redbook.sys blev fundet og desinficeret
Genskabt kopi fra - Kitty had a snack :p
.
(((((((((((((((((((((((((((((((((((((((  Drivers/Tjenester  )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_NPF


(((((((((((((((((((((((((((((  Filer skabt fra 2010-08-10 til 2010-09-10  )))))))))))))))))))))))))))))))))))
.

2010-09-10 17:10 . 2010-05-06 04:01    361904    ----a-w-    c:\windows\system32\drivers\symtdi.sys
2010-09-10 17:10 . 2010-04-22 03:02    173104    ----a-w-    c:\windows\system32\drivers\symefa.sys
2010-09-10 17:10 . 2010-04-22 02:29    43696    ----a-w-    c:\windows\system32\drivers\srtspx.sys
2010-09-10 17:10 . 2010-02-04 01:40    328752    ----a-r-    c:\windows\system32\drivers\symds.sys
2010-09-10 17:10 . 2010-04-29 05:03    116784    ----a-w-    c:\windows\system32\drivers\ironx86.sys
2010-09-10 17:10 . 2010-02-26 00:22    501888    ----a-w-    c:\windows\system32\drivers\cchpx86.sys
2010-09-10 14:06 . 2010-09-10 14:06    60808    ----a-w-    c:\windows\system32\S32EVNT1.DLL
2010-09-10 14:06 . 2010-09-10 14:06    124976    ----a-w-    c:\windows\system32\drivers\SYMEVENT.SYS
2010-09-10 14:05 . 2010-09-10 17:54    --------    d-----w-    c:\windows\system32\drivers\NIS
2010-09-10 14:05 . 2010-09-10 14:05    --------    d-----w-    c:\programmer\Norton Internet Security
2010-09-10 14:05 . 2010-09-10 14:05    --------    d-----w-    c:\programmer\Windows Sidebar
2010-09-10 13:20 . 2010-09-10 13:21    --------    d-----w-    c:\programmer\CCleaner
2010-09-10 13:01 . 2010-09-10 13:01    --------    d-----w-    c:\documents and settings\HP_Ejer\Application Data\Malwarebytes
2010-09-10 13:01 . 2010-04-29 13:39    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-10 13:01 . 2010-09-10 13:01    --------    d-----w-    c:\documents and settings\All Users\Application Data\Malwarebytes
2010-09-10 13:01 . 2010-09-10 14:57    --------    d-----w-    c:\programmer\Malwarebytes' Anti-Malware
2010-09-10 13:01 . 2010-04-29 13:39    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-09-10 12:44 . 2010-09-10 14:55    --------    d-----w-    c:\temp\HJT
2010-09-07 15:36 . 2010-09-07 15:39    --------    d-----w-    c:\programmer\Windows Live Safety Center
2010-09-06 20:56 . 2010-09-06 20:56    --------    d-----w-    c:\programmer\NortonInstaller
2010-09-06 20:56 . 2010-09-06 20:56    --------    d-----w-    c:\documents and settings\All Users\Application Data\NortonInstaller
2010-09-06 20:31 . 2010-09-10 14:08    --------    d-----w-    c:\documents and settings\All Users\Application Data\Norton
2010-09-06 20:12 . 2010-09-06 20:12    --------    d-----w-    C:\230d84e8e1f8919312c4e034
2010-08-26 11:33 . 2010-08-26 11:33    --------    d-----r-    c:\documents and settings\NetworkService\Foretrukne
2010-08-22 09:55 . 2010-08-22 09:55    --------    d-----w-    c:\documents and settings\NetworkService\Lokale indstillinger\Application Data\Google

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-10 14:52 . 2005-01-01 21:35    --------    d-----w-    c:\programmer\Google
2010-09-10 14:09 . 2005-01-01 21:37    --------    d-----w-    c:\programmer\Fælles filer\Symantec Shared
2010-09-10 14:06 . 2005-01-01 21:37    --------    d-----w-    c:\programmer\Symantec
2010-09-10 14:06 . 2010-09-10 14:06    805    ----a-w-    c:\windows\system32\drivers\SYMEVENT.INF
2010-09-10 14:06 . 2010-09-10 14:06    7443    ----a-w-    c:\windows\system32\drivers\SYMEVENT.CAT
2010-09-07 13:02 . 2010-06-23 21:14    184904    ----a-w-    c:\documents and settings\LocalService\Lokale indstillinger\Application Data\FontCache3.0.0.0.dat
2010-08-28 09:28 . 2010-08-07 15:07    664    ----a-w-    c:\windows\system32\d3d9caps.dat
2010-08-10 03:44 . 2010-08-09 08:17    --------    d-----w-    c:\programmer\World of Warcraft
2010-08-10 03:40 . 2010-03-14 17:50    --------    d-----w-    c:\programmer\Fælles filer\Blizzard Entertainment
2010-08-05 17:22 . 2004-12-03 19:32    80090    ----a-w-    c:\windows\system32\perfc006.dat
2010-08-05 17:22 . 2004-12-03 19:32    452330    ----a-w-    c:\windows\system32\perfh006.dat
2010-07-14 23:05 . 2009-12-28 17:35    --------    d-----w-    c:\documents and settings\All Users\Application Data\Microsoft Help
2010-06-14 14:31 . 2004-08-27 12:00    744448    ----a-w-    c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2006-03-05 09:27 . 2006-03-05 09:26    848    --sha-w-    c:\windows\system32\KGyGaAvL.sys
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\programmer\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"Steam"="c:\programmer\valve\steam\steam.exe" [2010-09-10 1242448]
"TomTomHOME.exe"="c:\programmer\TomTom HOME 2\HOMERunner.exe" [2008-05-06 202088]
"CTZDetec.exe"="c:\programmer\Creative\Creative Media Lite\CTZDetec.exe" [2007-12-18 401408]
"PC Suite Tray"="c:\programmer\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-08-11 1124352]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HPHUPD08"="c:\programmer\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 57344]
"PS2"="c:\windows\system32\ps2.exe" [2004-10-25 90112]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2005-05-11 253952]
"HP Software Update"="c:\programmer\HP\HP Software Update\HPwuSchd2.exe" [2005-05-12 49152]
"BigDogPath"="c:\windows\VM_STI.EXE" [2004-12-15 40960]
"SunJavaUpdateSched"="c:\programmer\Java\jre6\bin\jusched.exe" [2009-05-30 148888]
"QuickTime Task"="c:\programmer\QuickTime\qttask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\programmer\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656]
"GrooveMonitor"="c:\programmer\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

c:\documents and settings\HP_Ejer\Menuen Start\Programmer\Start\
CurseClientStartup.ccip [2010-3-30 0]

c:\documents and settings\All Users\Menuen Start\Programmer\Start\
Adobe Reader Hurtigstart.lnk - c:\programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
HP Digital Imaging Monitor.lnk - c:\programmer\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]
Kodak EasyShare software.lnk - c:\programmer\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2007-9-19 282624]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Programmer\\Messenger\\msmsgs.exe"=
"c:\\Programmer\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Programmer\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmer\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmer\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmer\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programmer\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programmer\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmer\\Valve\\Steam\\SteamApps\\skotland\\counter-strike source\\hl2.exe"=
"c:\\Programmer\\Valve\\Steam\\SteamApps\\skotland\\condition zero\\hl.exe"=
"c:\\Programmer\\Valve\\Steam\\SteamApps\\skotland\\day of defeat\\hl.exe"=
"c:\\Programmer\\Valve\\Steam\\SteamApps\\skotland\\counter-strike\\hl.exe"=
"c:\\Programmer\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Documents and Settings\\HP_Ejer\\Lokale indstillinger\\Apps\\2.0\\RV58JC39.AKG\\0RLQY240.ZVC\\curs..tion_eee711038731a406_0004.0000_172b37d8269e5e48\\CurseClient.exe"=

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1107000.00C\symds.sys [10-09-2010 19:10 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1107000.00C\symefa.sys [10-09-2010 19:10 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20100810.004\BHDrvx86.sys [10-08-2010 01:16 692272]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1107000.00C\cchpx86.sys [10-09-2010 19:10 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1107000.00C\ironx86.sys [10-09-2010 19:10 116784]
R2 Automatisk LiveUpdate-planlægning;Automatisk LiveUpdate-planlægning;c:\programmer\Symantec\LiveUpdate\AluSchedulerSvc.exe [28-09-2006 19:17 99720]
R2 NIS;Norton Internet Security;c:\programmer\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe [10-09-2010 19:09 126392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programmer\Fælles filer\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [10-09-2010 19:10 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20100909.001\IDSXpx86.sys [10-09-2010 16:16 331640]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [03-05-2010 11:08 27632]
S2 gupdate;Google Update Service (gupdate);c:\programmer\Google\Update\GoogleUpdate.exe [07-12-2009 21:25 135664]
S3 CPWGU(Philips);Philips SNU5600 Wireless USB Adapter 11b/g(Philips);c:\windows\system32\DRIVERS\CPWGU.sys --> c:\windows\system32\DRIVERS\CPWGU.sys [?]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [03-05-2010 11:07 13224]
S3 QCEmerald;Logitech QuickCam Web;c:\windows\system32\drivers\OVCE.sys [21-12-2008 16:02 31872]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [19-09-2008 19:57 32000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper    REG_MULTI_SZ      getPlusHelper
.
Indhold af mappen 'Planlagte Opgaver'

2010-08-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmer\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-09-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cb0cc3bf0c2e96.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2009-12-07 19:24]

2010-09-10 c:\windows\Tasks\Norton Security Scan for HP_Ejer.job
- c:\programmer\Norton Security Scan\Nss.exe [2008-09-19 03:18]

2010-09-10 c:\windows\Tasks\User_Feed_Synchronization-{05D68FC2-62D8-4E66-B326-5B53712AF215}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.dk/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki ... - c:\programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Trusted Zone: danid.dk
Trusted Zone: sydbank.dk
.
- - - - TOMME GENVEJE FJERNET - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
MSConfigStartUp-1252450 - c:\documents and settings\HP_Ejer\Lokale indstillinger\Application Data\1252450.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-10 20:55
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
  CTZDetec.exe = c:\programmer\Creative\Creative Media Lite\CTZDetec.exe????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\programmer\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\programmer\Norton Internet Security\Engine\17.7.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'explorer.exe'(3132)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\programmer\Nokia\Nokia PC Suite 7\phonebrowser.dll
c:\programmer\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\programmer\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dan.nlr
c:\programmer\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programmer\Bonjour\mDNSResponder.exe
c:\windows\system32\CTsvcCDA.exe
c:\programmer\Creative\Shared Files\CTDevSrv.exe
c:\programmer\Java\jre6\bin\jqs.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
c:\programmer\Fælles filer\Symantec Shared\Security Center\SymSCUI.exe
c:\windows\ALCXMNTR.EXE
c:\programmer\iPod\bin\iPodService.exe
c:\programmer\HP\Digital Imaging\bin\hpqSTE08.exe
c:\programmer\PC Connectivity Solution\ServiceLayer.exe
c:\programmer\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\programmer\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Gennemført tid: 2010-09-10  21:09:38 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2010-09-10 19:09

Pre-Kørsel: 186.150.887.424 byte ledig
Post-Kørsel: 186.408.329.216 byte ledig

- - End Of File - - 3F36FB2CFA62E325A5C8F73CF36E15EB

Jamen der blev jo 'nappet' en del utøj...

Lidt oprydning:

Afinstall
* Norton Security Scan
* [Ask Toolbar]
* [BluePhone Toolbar]
* [ Yahoo! Toolbar]
* [Windows Live Toolbar]
* [Google Toolbar]
* Bonjour-tjeneste
* Advanced Registry Optimizer
* Acrobat 7.0

Brug evt. http://www.revouninstaller.com/revo_uninstaller_free_download.html

---

Install
* AcrobatReader -> http://get.adobe.com/dk/reader/  FRAklik GoogleToolbar!!!

---

Ta' en oprydning med nævnte CCleaner (Renser + Register)

---

Evt. en frisk log fra HiJackThis ? Der er vist lidt mere oprydning/optimering...

---

Hvordan kører PC'en så iøvrigt nu ?

Det går fint med computeren nu. Den er NOGET langsom om at starte op (fra skrivebordet vises til IE er startet op, foreksempel) Men derefter så fungerer den fint. Og ingen tegn af Security Tools mere ;-) Så jeg tror lader den være nu.

Tusind tak for hjælpen, karise-larry - du er sq en ven i nøden!!! ;-) Smider du et svar?

Har du 'nok' RAM i 'dyret' ?

Evt. en frisk log fra HiJackThis ? Der er vist lidt mere oprydning/optimering...

Hehe, nej det er nok også problemet. Det er en ældre maskine som så nu har fået installeret Norton Internet security efter ønske. Og det mistænker jeg for den langsomme opstart, da det er et tungt program. Her er HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:25:46, on 10-09-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Programmer\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\VM_STI.EXE
C:\Programmer\Java\jre6\bin\jusched.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe
C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Programmer\Creative\Shared Files\CTDevSrv.exe
C:\Programmer\TomTom HOME 2\HOMERunner.exe
C:\Programmer\Creative\Creative Media Lite\CTZDetec.exe
C:\Programmer\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\Google\Update\GoogleUpdate.exe
C:\Programmer\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Kodak\Kodak EasyShare software\bin\EasyShare.exe
c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Programmer\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
c:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
c:\Programmer\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\PC Connectivity Solution\ServiceLayer.exe
C:\Programmer\internet explorer\iexplore.exe
C:\Programmer\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
C:\Programmer\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmer\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\Programmer\Fælles filer\Symantec Shared\Security Center\SymSCUI.exe
C:\Programmer\internet explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\temp\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmer\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programmer\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programmer\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmer\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmer\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programmer\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmer\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programmer\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programmer\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Programmer\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\programmer\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Programmer\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [CTZDetec.exe] C:\Programmer\Creative\Creative Media Lite\CTZDetec.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmer\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: CurseClientStartup.ccip
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Programmer\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Tilslutningshjælp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Tilslutningshjælp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} (Uploader Control) - http://express.foto.com/ImageUploader6.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {9DF01F00-08E7-4DBE-9070-94841463B3FE} (Util Class) - https://danid.dk/csp/authenticode/csp.exe
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/10021/defaults/activex/ips/IPSUploader4.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp02.photoprintit.de/microsite/10021/defaults/activex/IPSUploader.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmer\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatisk LiveUpdate-planlægning - Symantec Corporation - C:\Programmer\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Programmer\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Programmer\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmer\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe

--
End of file - 12083 bytes

For at gi' lidt luft:

Skulle du af med disse

* Yahoo! Toolbar
* Windows Live Toolbar
* Norton Toolbar

---

Gentager ->
Afinstall den gamle
* AcrobatReader 7.0
Install
* AcrobatReader -> http://get.adobe.com/dk/reader/  FRAklik GoogleToolbar!!!

---

Bruger du alt dette hele tiden:

* Steam
* Nokia PC Suite 7
* TomTom HOME 2
* Kodak EasyShare software
* LSBWatcher
* Live Messenger

(De kan altid opstartes manuelt NÅR de skal bruges...)

Eller vil du lade PC'en bruge en del RAM til dette *S* ?

---

Ved du selv hvad dette er
* CurseClientStartup ?

---

Tak for det - så er det hele klaret :-)
Smider du et svar kariselarry?

Har det så givet lidt 'luft' ?

* Oprydning med CCleaner
* Opret et FRISK SYSTEMGENDANNELSESPUNKT -> http://spywareinfo.dk/index.htm#/tip-og-tricks/opret_et_systemgendannelsespunkt.htm
* CCleaner - værktøjer - Systemgendannelse - Slet de gamle punkter
* Defragmentering

Ja det synes jeg. Men har foreslået at sætte noget mere ram i end de 512mb der er  ;-)

(Takker for Point...)

Det var du fiks til larry... så venter jeg bare med at skrive til du er færdig med at hjælpe.
Jeg er lidt sløvere i det.

munk