Vores teenager har fået virus

det må da være computeren der har fået virus.!!!hehe
når der er 2 måder enten selv at oprette jer på www.spywarefri.dk
og få hjælp der eller at vente til de dygtige folk her kommer online og tilbyder deres hjælp til virus fjernelse og beskyttelse.
Det er samme måde og programmer der bliver benyttet.

Jeg er god til at igangsætte scanning men kan ikke læse logs og fjerne farlige bots.

Hent Ccleaner her > Klik ude til højre på "Download Latest Version".
http://www.filehippo.com/download_ccleaner/
Der er en manual her > http://www.spywarefri.dk/manualer/ccleaner-manual.htm
Der er en lille forskel "Problemer" er udskiftet med "Register".
Sæt de flueben som vist i manualen punkt 11 inden du kører "Renser".
PS.: Dette program vil  jeg anbefale dig at beholde, det er fremragende til at rydde op med.

Under installationen får du tilbudt [Yahoo Toolbar]. Sig "Nej"  til den.
Lad programmer foretage en oprydning i Renser og Register, og lad den slette det den finder.
Jeg skal ikke se log fra Ccleaner.



Hent Malwarebytes Anti-Malware herfra:
http://www.malwarebytes.org/mbam-download.php
Installer programmet - når det er gjort skal du lade programmet opdatere sig. Herefter åbner et vindue, hvor du skal flytte prikken til "Kør et fuldstændigt systemscan" - klik på Skan Knappen - lad programmet arbejde. Når det er færdig (det tager lidt tid afhængig af hvor meget du har på computeren).
Derefter - Tryk på "Vis resultater" knappen efter scanningen - og herefter tryk på "Fjern det valgte" - nu åbnes log'en og du skal gemme den et sted, hvor du kan finde den igen.
Kopier indholdet herind sammen med en frisk log fra HiJackThis...

Manual for HiJackThis ->
http://www.spywareinfo.dk/index.htm#/manualer/hijackthis.htm

Bemærk at HiJackThis.exe programmet skal gemmes i en dertil oprettet mappe og IKKE køres direkte fra nettet...

Hent Hijackthis her: http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe

PS: Vistabrugere skal klikke med højre-musetast på filen og vælge (Kør som administrator)
Når rensning er færdig, og maskinen er erklæret ren, så hent Heimdal og opdater dine programmer for at lukke evt. sikkerhedshuller i disse: https://www.csis.dk/da/private/heimdal. Her er en videoguide til Heimdal: http://www.youtube.com/watch?v=ON0v7cLG4QQ&feature=player_embedded
Læs evt. denne artikel: http://www.pcworld.dk/art/102165?fpindex&fppos=1&a=block&i=113

Istedet for at bruge dit halve liv på at hente,scanne og installere diverse programmer,så http://www.2-spyware.com/remove-thinkpoint.html der ligger et lille program og en forklaring,hent programmet og smid det på et usb stick,overfør det til dit barns computer og gør som det står på siden og problemet er løst.
Har du ikke et usb lager,så start computeren (den inficerede) op i fejlsikret tilstand med netværk og gå ind på siden og gør som der står,fejlsikret tilstand gør at vira og lignende ikke bliver indlæst ved start

Ps:programmet du skal hente ligger et stykke nede på siden i et grønt felt og hedder thinkpoint remover

#3 ideen er såmænd god nok, men da Luklara skriver de allerede har fjernet noget virus, så er chancen for at der er mere end "bare" Thinkpoint.

(Du har nu lagt et svar - derved er der ikke mange der nu vil deltage da det jo så er besvaret...)

#3 Jeg har prøvet at downloade Thinkpoint remover til en usb-stick og installere det på computeren. Det fungerer også fint nok, men der mangler så noget Malware som skal downloades - og computeren kan ikke komme på nettet....

Jeg har prøvet at tænde computeren i fejlsikret tilstand, og der kom også en ThinkPoint boks frem. Jeg lukkede så for en proces der hed noget med "Hotfix" (den eneste jeg ikke kunne finde på min egen bærbare) - så nu har jeg en computer som er åbnet i fejlsikret tilstand - sort skærm - og jeg aner ikke hvad jeg så skal gøre.

Hent de programmer der linkes til på en pc med netadgang.
Smid dem på en USB flash, eller andet medie og installer derfra.

Du skal downloade de programmer som John linker til på en usb stick fra en anden pc der er på nettet. Start den syge pc op i fejlsikret tilstand. Installer Malwarebytes og ccleaner, og lad dem fjerne det de kan i fejlsikret. Start herefeter pc op, og forsøg at opdatere Malwarebytes, hvis du har fået internettet tilbage.Kør en fuldstændig scanning af pc, og lad os se om den fjerner de rester af møg der ligger i regbasen.

Nå der fik du sent når jeg begyndte at skrive. Men vi er dog enige kan jeg se.

Så tror jeg at jeg er kommet igennem det hele.....:-)

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4904

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18702

21-10-2010 22:33:50
mbam-log-2010-10-21 (22-33-50).txt

Skanningstype: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 288717
Tid gået: 3 time(e), 13 minut(ter), 36 sekund(er)

Hukommelses Processorer Inficeret: 1
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 4
Registreringsdatabaseværdier Inficeret: 2
Registreringsdatabasedata Objekter Inficeret: 0
Inficerede Mapper: 1
Inficerede Filer: 5

Hukommelses Processorer Inficeret:
C:\Users\kenneth\AppData\Roaming\hotfix.exe (Trojan.FakeAlert) -> Unloaded process successfully.

Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret:
HKEY_CURRENT_USER\SOFTWARE\JRMX9X1GML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ZE18MW23GY (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registreringsdatabaseværdier Inficeret:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ze18mw23gy (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registreringsdatabasedata Objekter Inficeret:
(Ingen skadelige objekter blev fundet)

Inficerede Mapper:
C:\Googlemaps.exe (Trojan.SpyEyes) -> Quarantined and deleted successfully.

Inficerede Filer:
C:\Users\kenneth\AppData\Roaming\hotfix.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Googlemaps.exe\config.bin (Trojan.SpyEyes) -> Quarantined and deleted successfully.
C:\ProgramData\Adobe\sp.DLL (TrojanProxy.Agent) -> Quarantined and deleted successfully.
C:\Users\kenneth\AppData\Roaming\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

og den anden:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:05:49, on 21-10-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\consent.exe
C:\Windows\system32\wuauclt.exe
C:\Users\kenneth\Desktop\HiJackThis.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wermgr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=81&bd=Pavilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=81&bd=Pavilion&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; GTB6.4; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://ihimlen.dk/index.php?i=Spil-Action&u=whackanerd"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETVÆRKSTJENESTE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Automatisk LiveUpdate-planlægning (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 14496 bytes

Skal jeg så hente Heimdal nu???

Og en helt anden ting - hvor er i fantastiske!!! I må jo grine højt af novicer som mig, og alligevel tager i jer tid! Tusind tak!!! Og snart skal jeg så have hjælp igen til de der point...;-)

Tak for det.
Loggen er jeg ikke så skrap til, så der håber jeg John kigger efter. Og så giver han melding tilbage.
Kan se Malwarebytes har fjernet en del, også fra regbasen.
Får du popop boksen i opstarten nu?

Jeg kigger på loggen nu.
Kan se der er fjernet en del - er der hul igennem til nettet nu?

Nej, den kommer slet ikke mere. Jeg kan også fint gå på nettet osv.

Loggen viser ikke rigtigt noget, men det betyder ikke at maskinen nu er ren.

Hent DDS: http://download.bleepingcomputer.com/sUBs/dds.scr
Dobbeltklik på DDS.scr og tillad programmet at køre.
Når programmet er færdig vil det åbne to logs/tekst-filer.
Gem begge filer på dit Skrivebord og kopier indholdet af txt filerne herind i dit næste indlæg.
(Vejledning lånt fra spywarefri.dk)

Jeg får lige en ekspert i DDS (der er jeg ikke så erfaren endnu) til at kigge loggen igennem når du har sendt den ind.

Evt. vent på eksperten (Fromsej eller andre med nødvendig viden) kommer og siger om det er nødvendigt at køre det program.

Jeg er her nu.
Følg John´s vejledning med DDS, så tager vi den derfra.

Så kommer de:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-10-21.02)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10-03-2008 20:49:28
System Uptime: 21-10-2010 22:57:02 (17 hours ago)

Motherboard: Quanta |  | 30D2
Processor: Intel(R) Pentium(R) Dual  CPU  T2330  @ 1.60GHz | U2E1 | 800/533mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 223 GiB total, 151,95 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 2,982 GiB free.
E: is CDROM (UDF)

==== Disabled Device Manager Items =============

Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00001120-0000-1000-8000-00805F9B34FB}_LOCALMFG&000F\7&35562994&0&0025E5BE9F13_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00001120-0000-1000-8000-00805F9B34FB}_LOCALMFG&000F\7&35562994&0&0025E5BE9F13_C00000000
Service:

==== System Restore Points ===================

RP528: 18-10-2010 08:39:39 - Windows Update
RP529: 18-10-2010 14:36:27 - Windows Update
RP530: 19-10-2010 15:47:05 - Windows Update
RP531: 19-10-2010 17:29:11 - Windows Update
RP532: 20-10-2010 03:00:47 - Windows Update
RP533: 21-10-2010 03:01:11 - Windows Update
RP534: 21-10-2010 15:22:02 - Windows Update
RP535: 21-10-2010 23:26:02 - Installed Java(TM) 6 Update 22
RP536: 22-10-2010 00:28:02 - Windows Update
RP537: 22-10-2010 03:08:57 - Windows Update

==== Installed Programs ======================

Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.0 - Dansk
Adobe Shockwave Player
Adobe Shockwave Player 11.5
Browser Defender 2.0.6.15
ccCommon
CCleaner
CyberLink YouCam
DivX Setup
DVD Suite
ESU for Microsoft Vista
Football Manager 2010
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
Hewlett-Packard Active Check
Hewlett-Packard Asset Agent for Health Check
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Doc Viewer
HP Easy Setup - Frontend
HP Help and Support
HP Integrated Module with Bluetooth wireless technology 6.0.1.5500
HP Quick Launch Buttons 6.30 E1
HP QuickPlay 3.6
HP QuickTouch 1.00 C4
HP Update
HP User Guides 0087
HP Wireless Assistant
Intel® Matrix Storage Manager
Java Auto Updater
Java(TM) 6 Update 22
Junk Mail filter update
Kompatibilitetspakke til Office 2007-systemet
LabelPrint
LightScribe System Software  1.10.13.1
LiveUpdate (Symantec Corporation)
Malwarebytes' Anti-Malware
MessengerDiscovery 2.5.95
Microsoft .NET Framework 3.5 Language Pack SP1 - dan
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Antimalware Service DA-DK Language Pack
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office PowerPoint Viewer 2007 (Danish)
Microsoft Search Enhancement Pack
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works
Motorola SM56 Data Fax Modem
Mozilla Firefox (3.5.9)
MSCU for Microsoft Vista
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Norton Internet Security (Symantec Corporation)
NVIDIA Drivers
OGA Notifier 2.0.0048.0
Overførselsværktøj til Windows Live
Power2Go
PowerDirector
PVSonyDll
QuickPlay SlingPlayer 0.4.4
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Skype Toolbars
Skype™ 4.2
Smart Defrag
Sprogpakke til Microsoft .NET Framework 3.5 SP1 - dansk
Spyware Doctor 7.0
SymNet
Synaptics Pointing Device Driver
Tilmeldingsassistent til Windows Live
TrackMania Original 1.5.2
TVUPlayer 2.4.5.3
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VC80CRTRedist - 8.0.50727.4053
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
vixy converter uninstall
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Writer

==== End Of File ===========================


DDS (Ver_10-10-21.02) - NTFSx86 
Run by kenneth at 15:14:57,97 on 22-10-2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.45.1030.18.2046.852 [GMT 2:00]

AV: Norton Internet Security *On-access scanning enabled* (Outdated)  {E10A9785-9598-4754-B552-92431C1C35F8}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Norton Internet Security *enabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
FW: Norton Internet Security *enabled*  {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Spyware Doctor\Update.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Windows\system32\DllHost.exe
C:\Users\kenneth\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PVCFRCXB\dds[1].scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=81&bd=Pavilion&pf=laptop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=81&bd=Pavilion&pf=laptop
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Hjælp til tilmelding til Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; GTB6.4; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://ihimlen.dk/index.php?i=Spil-Action&u=whackanerd"
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [SMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [OnScreenDisplay] c:\program files\hewlett-packard\hp quicktouch\HPKBDAPP.exe
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" update "software\cyberlink\youcam\1.0"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [WAWifiMessage] c:\program files\hewlett-packard\hp wireless assistant\WiFiMsg.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki ... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

================= FIREFOX ===================

FF - ProfilePath - c:\users\kenneth\appdata\roaming\mozilla\firefox\profiles\k42k9rai.default\
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-2-5 64288]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-10-21 217032]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [2006-7-5 63352]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe [2010-10-21 112592]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor;c:\program files\intel\intel matrix storage manager\IAANTmon.exe [2008-3-10 354840]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2010-10-21 366840]
R2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2010-10-21 1142224]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-25 42368]
S2 gupdate;Tjenesten Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-3 135664]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-12-2 1181328]
S3 FontCache;Tjenesten Windows-skrifttypecache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-8-2 21504]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-9-15 54632]
S3 fsssvc;Windows Live-tjenesten Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]

=============== Created Last 30 ================

2010-10-22 01:20:45    469256    ----a-w-    c:\program files\common files\windows live\.cache\55fc17dc1cb71872a\InstallManager_WLE_WLE.exe
2010-10-22 01:19:06    15712    ----a-w-    c:\program files\common files\windows live\.cache\1e7639dc1cb71871e\MeshBetaRemover.exe
2010-10-22 01:17:45    525656    ----a-w-    c:\program files\common files\windows live\.cache\ed5ddddc1cb718616\DXSETUP.exe
2010-10-22 01:17:44    94040    ----a-w-    c:\program files\common files\windows live\.cache\ed5ddddc1cb718616\DSETUP.dll
2010-10-22 01:17:44    1691480    ----a-w-    c:\program files\common files\windows live\.cache\ed5ddddc1cb718616\dsetup32.dll
2010-10-22 01:17:40    525656    ----a-w-    c:\program files\common files\windows live\.cache\e7ea4c3c1cb718615\DXSETUP.exe
2010-10-22 01:17:39    94040    ----a-w-    c:\program files\common files\windows live\.cache\e7ea4c3c1cb718615\DSETUP.dll
2010-10-22 01:17:39    1691480    ----a-w-    c:\program files\common files\windows live\.cache\e7ea4c3c1cb718615\dsetup32.dll
2010-10-21 22:40:14    --------    d-----w-    c:\users\kenneth\appdata\local\Windows Live
2010-10-21 22:38:36    754688    ----a-w-    c:\windows\system32\webservices.dll
2010-10-21 21:32:29    472808    ----a-w-    c:\windows\system32\deployJava1.dll
2010-10-21 21:32:29    472808    ----a-w-    c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2010-10-21 16:49:39    --------    d-----w-    c:\users\kenneth\appdata\roaming\Malwarebytes
2010-10-21 16:48:53    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-21 16:48:47    --------    d-----w-    c:\progra~2\Malwarebytes
2010-10-21 16:48:46    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-10-21 16:48:45    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2010-10-21 11:40:51    767952    ----a-w-    c:\windows\BDTSupport.dll1034.old
2010-10-21 11:40:51    767952    ----a-w-    c:\windows\BDTSupport.dll
2010-10-21 11:40:47    149456    ----a-w-    c:\windows\SGDetectionTool.dll1034.old
2010-10-21 11:40:47    149456    ----a-w-    c:\windows\SGDetectionTool.dll
2010-10-21 11:40:43    165840    ----a-w-    c:\windows\PCTBDRes.dll
2010-10-21 11:40:43    1652688    ----a-w-    c:\windows\PCTBDCore.dll1034.old
2010-10-21 11:40:43    1652688    ----a-w-    c:\windows\PCTBDCore.dll
2010-10-21 11:40:03    233136    ----a-w-    c:\windows\system32\drivers\pctgntdi.sys
2010-10-21 11:40:03    100136    ----a-w-    c:\windows\system32\drivers\pctwfpfilter.sys
2010-10-21 11:39:50    217032    ----a-w-    c:\windows\system32\drivers\PCTCore.sys
2010-10-21 11:39:49    88040    ----a-w-    c:\windows\system32\drivers\PCTAppEvent.sys
2010-10-21 11:39:26    70408    ----a-w-    c:\windows\system32\drivers\pctplsg.sys
2010-10-21 11:37:45    --------    d-----w-    c:\users\kenneth\appdata\roaming\PC Tools
2010-10-21 11:37:45    --------    d-----w-    c:\program files\Spyware Doctor
2010-10-21 11:37:45    --------    d-----w-    c:\program files\common files\PC Tools
2010-10-21 11:37:45    --------    d-----w-    c:\progra~2\PC Tools
2010-10-20 14:12:39    182    ----a-w-    c:\users\kenneth\appdata\roaming\31561.bat
2010-10-20 14:12:21    182    ----a-w-    c:\users\kenneth\appdata\roaming\44535.bat
2010-10-19 15:32:40    6146896    ----a-w-    c:\progra~2\microsoft\microsoft antimalware\definition updates\{8f5273f4-6d25-45fc-b848-a0424cd7d374}\mpengine.dll
2010-10-12 19:55:26    954752    ----a-w-    c:\windows\system32\mfc40.dll
2010-10-12 19:55:23    954288    ----a-w-    c:\windows\system32\mfc40u.dll
2010-09-28 20:02:53    13312    ----a-w-    c:\program files\internet explorer\iecompat.dll
2010-09-22 16:10:52    103864    ----a-w-    c:\program files\mozilla firefox\plugins\nppdf32.dll

==================== Find3M  ====================


============= FINISH: 15:16:20,02 ===============

Der ligger lidt rester af Norton, de skal væk.
Download Norton Removal Tool (SymNRT) til dit skrivebord.
http://pctricks.dk/fjern-norton-antivirus-nu-55.html

Når du har hentet det, skal du lukke alle åbne browsere og vinduer, fordi det vil kræve en genstart.

Gå så til dit skrivebord og dobbeltklik på værktøjet og klik derefter på Setup.
Klik på Næste.
Accepter licensaftalen, og klik på Næste
skriv de bogstaver og tal, du ser i tekstfeltet og klik derefter på Næste.
Derefter klik på Næste og værktøjet vil begynde at køre.
Når det er færdigt genstart computeren og kør værktøjet igen for at sikre, at alt er blevet fjernet.
Slet Nortonremoval værktøj fra dit skrivebord.
Genstart.

Hent Combofix, og gem den i en mappe:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Åbn mappen med Combofix, højreklik et tomt sted i mappen, vælg Ny->tekstdokument, åbn tekstdokumentet, kopier følgende ind:

Killall::
Snapshot::

klik på Filer->Gem som, navngiv den CFScript, luk tekstdokumentet.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/billeder/swfcombo.gif
Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Kopier den fremkomne log herind.

Jeg er altså i fuld gang, det tager bare sin tid...:-) Nu skal jeg til combofix - det lyder lidt for langhåret, men nu er jeg kommet så langt, så mon ikke jeg finder ud af det...:-)

Det er nu ikke mere langhåret end jeg er. :-)

Nu har jeg så kørt Combofix, og den har genstartet og der er kommet en log. Når jeg så forsøger at logge på internettet, får jeg en boks hvor der står "Der blev forsøgt en ugyldig handling på en registreringsdatabasenøgle, som er blevet mærket til sletning" ???? Hvad er nu det????

Kom lige i tanke om at en venlig sjæl har opfundet usb nøgler...:-)
Her er loggen fra Combofix:

ComboFix 10-10-21.07 - kenneth 22-10-2010  16:35:19.1.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.45.1030.18.2046.815 [GMT 2:00]
Kører fra: c:\users\kenneth\Desktop\Combofix\ComboFix.exe
Kommandoer benyttet :: c:\users\kenneth\Desktop\Combofix\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\KBL.LOG

.
(((((((((((((((((((((((((((((  Filer skabt fra 2010-09-22 til 2010-10-22  )))))))))))))))))))))))))))))))))))
.

2010-a10-22 15:16 . 2010-10-22 15:22    --------    d-----w-    c:\users\kenneth\AppData\Local\temp
2010-10-22 15:16 . 2010-10-22 15:16    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-10-22 14:03 . 2010-10-22 14:03    --------    d-----w-    c:\users\kenneth\AppData\Local\Threat Expert
2010-10-22 01:20 . 2010-10-22 01:20    469256    ----a-w-    c:\program files\Common Files\Windows Live\.cache\55fc17dc1cb71872a\InstallManager_WLE_WLE.exe
2010-10-22 01:19 . 2010-10-22 01:19    15712    ----a-w-    c:\program files\Common Files\Windows Live\.cache\1e7639dc1cb71871e\MeshBetaRemover.exe
2010-10-22 01:17 . 2010-10-22 01:17    525656    ----a-w-    c:\program files\Common Files\Windows Live\.cache\ed5ddddc1cb718616\DXSETUP.exe
2010-10-22 01:17 . 2010-10-22 01:17    1691480    ----a-w-    c:\program files\Common Files\Windows Live\.cache\ed5ddddc1cb718616\dsetup32.dll
2010-10-22 01:17 . 2010-10-22 01:17    94040    ----a-w-    c:\program files\Common Files\Windows Live\.cache\ed5ddddc1cb718616\DSETUP.dll
2010-10-22 01:17 . 2010-10-22 01:17    525656    ----a-w-    c:\program files\Common Files\Windows Live\.cache\e7ea4c3c1cb718615\DXSETUP.exe
2010-10-22 01:17 . 2010-10-22 01:17    1691480    ----a-w-    c:\program files\Common Files\Windows Live\.cache\e7ea4c3c1cb718615\dsetup32.dll
2010-10-22 01:17 . 2010-10-22 01:17    94040    ----a-w-    c:\program files\Common Files\Windows Live\.cache\e7ea4c3c1cb718615\DSETUP.dll
2010-10-21 22:40 . 2010-10-21 22:40    --------    d-----w-    c:\users\kenneth\AppData\Local\Windows Live
2010-10-21 22:38 . 2009-08-04 08:02    754688    ----a-w-    c:\windows\system32\webservices.dll
2010-10-21 21:33 . 2010-10-21 21:33    --------    d-----w-    c:\program files\Common Files\Java
2010-10-21 21:32 . 2010-09-15 02:50    472808    ----a-w-    c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2010-10-21 21:32 . 2010-09-15 02:50    472808    ----a-w-    c:\windows\system32\deployJava1.dll
2010-10-21 16:49 . 2010-10-21 16:49    --------    d-----w-    c:\users\kenneth\AppData\Roaming\Malwarebytes
2010-10-21 16:48 . 2010-04-29 13:39    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-21 16:48 . 2010-10-21 16:48    --------    d-----w-    c:\programdata\Malwarebytes
2010-10-21 16:48 . 2010-04-29 13:39    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-10-21 16:48 . 2010-10-21 16:49    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2010-10-21 11:40 . 2010-01-22 07:55    767952    ----a-w-    c:\windows\BDTSupport.dll
2010-10-21 11:40 . 2010-01-22 07:56    149456    ----a-w-    c:\windows\SGDetectionTool.dll
2010-10-21 11:40 . 2010-01-22 07:56    165840    ----a-w-    c:\windows\PCTBDRes.dll
2010-10-21 11:40 . 2010-01-22 07:56    1652688    ----a-w-    c:\windows\PCTBDCore.dll
2010-10-21 11:40 . 2010-02-05 07:18    100136    ----a-w-    c:\windows\system32\drivers\pctwfpfilter.sys
2010-10-21 11:40 . 2010-02-05 07:17    233136    ----a-w-    c:\windows\system32\drivers\pctgntdi.sys
2010-10-21 11:39 . 2010-03-10 09:36    217032    ----a-w-    c:\windows\system32\drivers\PCTCore.sys
2010-10-21 11:39 . 2009-11-23 11:54    88040    ----a-w-    c:\windows\system32\drivers\PCTAppEvent.sys
2010-10-21 11:39 . 2010-02-05 07:25    70408    ----a-w-    c:\windows\system32\drivers\pctplsg.sys
2010-10-21 11:37 . 2010-10-22 15:20    --------    d-----w-    c:\program files\Spyware Doctor
2010-10-21 11:37 . 2010-10-21 11:41    --------    d-----w-    c:\program files\Common Files\PC Tools
2010-10-21 11:37 . 2010-10-21 11:37    --------    d-----w-    c:\users\kenneth\AppData\Roaming\PC Tools
2010-10-21 11:37 . 2010-10-21 11:37    --------    d-----w-    c:\programdata\PC Tools
2010-10-20 21:59 . 2010-10-20 22:00    --------    d-----w-    c:\program files\Common Files\Adobe
2010-10-20 14:12 . 2010-10-20 14:12    182    ----a-w-    c:\users\kenneth\AppData\Roaming\31561.bat
2010-10-20 14:12 . 2010-10-20 14:12    182    ----a-w-    c:\users\kenneth\AppData\Roaming\44535.bat
2010-10-19 15:32 . 2010-10-07 23:21    6146896    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8F5273F4-6D25-45FC-B848-A0424CD7D374}\mpengine.dll
2010-10-12 19:55 . 2010-08-31 15:46    954752    ----a-w-    c:\windows\system32\mfc40.dll
2010-10-12 19:55 . 2010-08-31 15:46    954288    ----a-w-    c:\windows\system32\mfc40u.dll
2010-09-28 20:02 . 2010-08-26 04:23    13312    ----a-w-    c:\program files\Internet Explorer\iecompat.dll
2010-09-22 16:10 . 2010-09-22 16:10    103864    ----a-w-    c:\program files\Mozilla Firefox\plugins\nppdf32.dll

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-09 22:52 . 2010-07-05 14:18    6084944    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-25 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe" [2009-07-31 468408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-17 634880]
"RtHDVCpl"="RtHDVCpl.exe" [2007-08-17 4702208]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-07-25 174616]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-10-01 181544]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-17 218408]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-04-12 1135912]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 13826664]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-03-09 1286608]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-9-5 727592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 gupdate;Tjenesten Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 135664]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-05 1181328]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-12-02 64288]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-03-10 217032]
S0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor;c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-07-25 354840]
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]


--- Andre Services/Drivers i Hukommelsen ---

*Deregistered* - PCTSDInjDriver32

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs    REG_MULTI_SZ      BthServ
LocalServiceAndNoImpersonation    REG_MULTI_SZ      FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 15:34    451872    ----a-w-    c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Indhold af mappen 'Planlagte Opgaver'

2010-10-19 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 17:02]

2010-10-22 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 17:02]

2010-10-22 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 17:02]

2010-10-22 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 17:02]

2010-10-18 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 17:02]

2010-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 14:59]

2010-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 14:59]

2010-10-10 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-07-04 10:57]
.
.
------- Yderligere scanning -------
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=81&bd=Pavilion&pf=laptop
IE: Google Sidewiki ... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
FF - ProfilePath - c:\users\kenneth\AppData\Roaming\Mozilla\Firefox\Profiles\k42k9rai.default\
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLITIKKER ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");
.
- - - - TOMME GENVEJE FJERNET - - - -

HKLM-Run-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe


.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'Explorer.exe'(2096)
c:\program files\Spyware Doctor\pctgmhk.dll
c:\windows\system32\WindowsCodecs.dll
c:\windows\system32\audioeng.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Spyware Doctor\pctsSvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\conime.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Microsoft Security Essentials\MpCmdRun.exe
c:\windows\system32\wermgr.exe
.
**************************************************************************
.
Gennemført tid: 2010-10-22  17:34:27 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2010-10-22 15:34

Pre-Kørsel: 167.392.825.344 byte ledig
Post-Kørsel: 167.967.674.368 byte ledig

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 519624F954DCE65D3D87D0397FA423DD

"Der blev forsøgt en ugyldig handling på en registreringsdatabasenøgle, som er blevet mærket til sletning"
Det burde løses med en genstart.
Måske skulle jeg skrive den ind i min standardvejledning.

En enkelt "baddie" røg der da - *Deregistered* - PCTSDInjDriver32

Hvordan kører maskinen nu? (Efter en genstart)

Ha ha, nu har jeg sendt et stk. tvær teenager til overnatning hos venner uden hans uundværlige computer - blot for at genstarte og se at den fungerer upåklageligt.....

Den virker som den skal. Jeg er meget taknemmelig for den hjælp jeg har fået.
Hvem skal have point og hvordan tildeler jeg dem??

Du giver dem bare til fromsej, når han smider et svar :)

Jamen det vil jeg da gøre når han engang svarer:-)

Kan jeg lige nå et enkelt spm. mere?? Jeg har selv købt en ny HP bærbar, med Norton. Kan jeg afinstallere det med det program som jeg brugte på den inficerede computer?? Og så bruge Windows antivirus istedet??? Ligenu virker det nemlig som om ingen af dem virker - og det er jo ikke sååå godt...

Svar kommer her. :-)

Ja, du kan godt fjerne Norton med det program, men om du vil nøjes med Windows antivirus, tjaee, skal den bruges til netbank m.m. ville jeg ikke løbe an på en gratis løsning.

Perhaps har lavet denne artikel omkring gratis og betalings beskyttelse, så kan man bedre selv vurdere hvad man vil:
http://www.spywarefri.dk/artikel/gratis-sikkerhedspakke-der-virker-170910/

Tak for hjælpen. Jeg kom i tanke om at vi jo har Fullrates Sikkerhedspakke - så den installerer jeg på den nye computer.

Endnu engang tak for jeres store tålmodighed med mig:o)

Var så lidt, og tak til fromsej herfra også :)