W32.IRCBot.Gen HJÆLP

Hent og installér CCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm
Under installationen får du tilbudt [Yahoo Toolbar]. Den bør du sige nej til.
Lad programmer foretage en oprydning.

http://vistaguide.dk/?Artikler/CCleaner-GuideTilOptimeringAfVista/763

-------

Hent "Malwarebytes' Anti-Malware" her: http://www.malwarebytes.org/mbam.php
Installer og start programmet, opdater, lav "Hurtig skan" under fanebladet "skanner".
Bagefter klik på "vis resultater", tryk på "Fjern det valgte" og send loggen herind sammen med en log fra DDS som du finder her: http://download.bleepingcomputer.com/sUBs/dds.scr

eller her: http://www.forospyware.com/sUBs/dds

Den laver to logs,(DDS.txt og Attach.txt) gem dem på skrivebordet og kopier indholdet af DDS.txt  herind.

OBS - DDS skal gemmes på computeren og ikke køres fra nettet

Mht.: Vista - Højreklik på filen - Kør som Administrator.

NB Når du opdaterer Malwarebytes, så klik på opdater til den skriver at der ikke er flere opdateringer.

Hej igen har haft kørt CCleaner glemte og skrive undskyld og har faktisk også haft kørt en scan med Malwarebytes Anti-Malware, Men havde den ikke updatet så er igang med den scan nu..

DDS.txt

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\WIDCOMM\Bluetooth-software\bin\btwdins.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lxbccoms.exe
C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe
C:\Program Files\Polar\Daemon\polard.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\MediaServer.exe
C:\Program Files\RapidSolution\Tunebite\vcdw\VCDAudioService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\conime.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Nicolai Olsen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H09I8IPT\dds[1].scr
C:\Windows\system32\wbem\wmiprvse.exe

Malware Anti-Malware fandt ingenting :(

ville gerne sætte point op til 150 hvis man kan det (:

Jeg vil gerne se loggen fra Malwarebytes og så skal du lave en ny DDS log og kopiere den herind. Pas på at du får hele loggen med denne gang. Den skal atså være lavet efter du kørte Malwarebytes!

Okay jeg har kørt Malwaresbytes først
og loggen der:

14-11-2009 10:27:49
mbam-log-2009-11-14 (10-27-49).txt

Skan type: Hurtig skanning
Objekter skannet: 95202
Tid tilbagelagt: 4 minute(s), 23 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)



DDS som jeg tog efter:


C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\WIDCOMM\Bluetooth-software\bin\btwdins.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lxbccoms.exe
C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe
C:\Program Files\Polar\Daemon\polard.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\MediaServer.exe
C:\Program Files\RapidSolution\Tunebite\vcdw\VCDAudioService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Nicolai Olsen\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://djz.dk/dancechart
uSEARCH PAGE = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://da.intl.acer.yahoo.com
mDefault_Page_URL = hxxp://da.intl.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Winamp Toolbar BHO: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll
BHO: WormRadar.com IESiteBlocker.NavFilter: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - AVG Safe Search
BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - c:\program files\windows live\family safety\fssbho.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\3.0.0.134\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\3.0.0.134\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\windows\system32\ActiveToolBand.dll
BHO: Hjælp til tilmelding til Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Tunebite_WebRipPlugin Class: {aa102584-3b97-47e7-b9bc-75d54c110a7d} - c:\program files\rapidsolution\tunebite\plugins\ie\TB_WebRipIePlugin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\3.0.0.134\coIEPlg.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
uRun: [Acer Tour Reminder]
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRunOnce: [gi516781134] "c:\users\nicola~1\appdata\local\temp\gih3987b.exe" /resume:"c:\users\nicola~1\appdata\local\temp\3gh393lu" /exename:"c:\users\nicola~1\appdata\local\temp\rar$ex01.982\spyhunter.3.9\spyhunterS.exe"
mRun: [Acer Tour]
mRun: [eRecoveryService]
mRun: [TrojanScanner] c:\program files\trojan remover\Trjscan.exe
dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Winamp Toolbar Search - c:\programdata\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&ksporter til Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Send til &Bluetooth - c:\program files\widcomm\bluetooth-software\btsendto_ie_ctx.htm
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\programs\partygaming\partypoker\RunApp.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: diba.dk
Trusted Zone: Tabs
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5801/mcfscan.cab
DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton 360\engine\3.0.0.134\CoIEPlg.dll
Handler: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - c:\windows\system32\BTXPPanel.dll
mASetup: {9C450606-ED24-4958-92BA-B8940C99D441} - c:\program files\pixiepack codec pack\InstallerHelper.exe

================= FIREFOX ===================

FF - ProfilePath - c:\users\nicola~1\appdata\roaming\mozilla\firefox\profiles\iyo0u1u6.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\google\google earth plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\users\nicolai olsen\program files\dna\plugins\npbtdna.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");

============= SERVICES / DRIVERS ===============

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-11-14 28552]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-11-13 206256]
R0 rsvcdwdr;rsvcdwdr;c:\windows\system32\drivers\rsvcdwdr.sys [2008-11-4 27680]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0300000.086\SymEFA.sys [2009-4-17 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\n360\0300000.086\BHDrvx86.sys [2009-4-17 258608]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0300000.086\cchpx86.sys [2009-4-17 482352]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20091111.001\IDSvix86.sys [2009-11-13 343088]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\acer arcade live\acer homemedia connect\kernel\dms\CLMSServer.exe [2007-5-6 266343]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2008-7-17 161064]
R2 lxbc_device;lxbc_device;c:\windows\system32\lxbccoms.exe -service --> c:\windows\system32\lxbccoms.exe -service [?]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-10-29 269648]
R2 N360;Norton 360;c:\program files\norton 360\engine\3.0.0.134\ccSvcHst.exe [2009-4-17 115560]
R2 Polar Daemon;Polar Daemon;c:\program files\polar\daemon\polard.exe [2009-6-15 163840]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
R2 Virtual CDAudio Service;Virtual CDAudio Service;c:\program files\rapidsolution\tunebite\vcdw\VCDAudioService.exe [2009-3-5 124208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-10-21 102448]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-10-29 19160]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\system32\drivers\n360\0300000.086\symndisv.sys [2009-4-17 39984]
S2 gupdate1c9b94cce6056bc;Google Update Service (gupdate1c9b94cce6056bc);c:\program files\google\update\GoogleUpdate.exe [2009-4-9 133104]
S3 BCD3000;Behringer BCD3000 V1.2.0.0;c:\windows\system32\drivers\BCD3000.SYS [2009-3-20 42784]
S3 BCD3000WDM;Behringer BCD3000WDM V1.2.0.0;c:\windows\system32\drivers\BCD3000WDM.SYS [2009-3-20 21856]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\common files\creative labs shared\service\AL6Licensing.exe [2009-7-18 79360]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-10-11 54632]
S3 fsssvc;Windows Live-tjenesten Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2009-2-6 90536]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2009-2-6 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2009-2-6 122152]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2009-2-6 115496]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2009-2-6 111912]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2009-2-6 117672]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-11-13 348824]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [2009-6-5 39424]

=============== Created Last 30 ================

2009-11-14 08:40:56    0    d-----w-    C:\HiJackThis
2009-11-14 08:10:35    0    d-----w-    c:\program files\Enigma Software Group
2009-11-13 23:55:30    28552    ----a-w-    c:\windows\system32\drivers\pavboot.sys
2009-11-13 23:54:22    0    d-----w-    c:\program files\Panda Security
2009-11-13 23:31:28    0    d-----w-    c:\windows\McAfee.com
2009-11-13 22:49:08    75264    ----a-w-    c:\windows\system32\unacev2.dll
2009-11-13 22:49:08    153088    ----a-w-    c:\windows\system32\UNRAR3.dll
2009-11-13 22:49:03    0    d-----w-    c:\users\nicola~1\appdata\roaming\Simply Super Software
2009-11-13 22:49:03    0    d-----w-    c:\programdata\Simply Super Software
2009-11-13 22:49:03    0    d-----w-    c:\program files\Trojan Remover
2009-11-13 22:11:52    159600    ----a-w-    c:\windows\system32\drivers\pctgntdi.sys
2009-11-13 22:11:37    86888    ----a-w-    c:\windows\system32\drivers\PCTAppEvent.sys
2009-11-13 22:11:37    7396    ----a-w-    c:\windows\system32\drivers\pctcore.cat
2009-11-13 22:11:37    206256    ----a-w-    c:\windows\system32\drivers\PCTCore.sys
2009-11-13 22:11:15    64392    ----a-w-    c:\windows\system32\drivers\pctplsg.sys
2009-11-13 22:11:15    0    d-----w-    c:\program files\common files\PC Tools
2009-11-13 22:11:03    0    d-----w-    c:\users\nicola~1\appdata\roaming\PC Tools
2009-11-13 22:11:03    0    d-----w-    c:\programdata\PC Tools
2009-11-13 22:11:03    0    d-----w-    c:\program files\Spyware Doctor
2009-11-13 17:27:30    2036736    ----a-w-    c:\windows\system32\win32k.sys
2009-11-13 17:27:25    355328    ----a-w-    c:\windows\system32\WSDApi.dll
2009-11-05 19:00:17    0    ----a-r-    C:\logwmemory.bin
2009-11-04 14:17:10    2421760    ----a-w-    c:\windows\system32\wucltux.dll
2009-11-04 14:16:39    87552    ----a-w-    c:\windows\system32\wudriver.dll
2009-11-04 14:16:12    33792    ----a-w-    c:\windows\system32\wuapp.exe
2009-11-04 14:16:12    171608    ----a-w-    c:\windows\system32\wuwebv.dll
2009-11-03 14:08:48    1638912    ----a-w-    c:\windows\system32\mshtml.tlb
2009-11-01 12:08:19    0    d-----w-    c:\program files\common files\DivX Shared
2009-10-30 11:57:33    0    d-----w-    c:\users\nicola~1\appdata\roaming\runic games
2009-10-30 11:54:02    0    d-----w-    c:\program files\Runic Games
2009-10-30 11:44:59    0    d-sh--w-    c:\users\nicola~1\appdata\roaming\lowsec
2009-10-30 11:42:25    363449992    ---ha-w-    c:\users\nicola~1\appdata\roaming\Torchlight.exe
2009-10-29 18:21:20    0    d-----w-    c:\program files\ARAR
2009-10-29 17:01:41    0    d-----w-    c:\users\nicolai olsen\James_Kayn_-_Discography.part
2009-10-29 13:25:53    0    d-----w-    c:\users\nicola~1\appdata\roaming\Malwarebytes
2009-10-29 13:25:21    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-29 13:25:14    0    d-----w-    c:\programdata\Malwarebytes
2009-10-29 13:25:13    19160    ----a-w-    c:\windows\system32\drivers\mbam.sys
2009-10-29 13:25:12    0    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2009-10-28 13:38:21    310784    ----a-w-    c:\windows\system32\unregmp2.exe
2009-10-28 13:38:18    8147456    ----a-w-    c:\windows\system32\wmploc.DLL
2009-10-25 19:39:23    0    d-----w-    c:\program files\Klovn-Fan
2009-10-25 09:30:00    0    d-----w-    c:\users\nicolai olsen\Mp3_Juni_2009.part
2009-10-24 17:26:00    0    d-----w-    C:\Tucan
2009-10-24 15:24:37    0    d-----w-    C:\Downloads
2009-10-24 15:23:02    0    d-----w-    c:\program files\vSoft
2009-10-24 12:44:04    0    d-----w-    c:\users\nicolai olsen\.tucan
2009-10-20 13:41:49    0    d-----w-    c:\program files\PixiePack Codec Pack
2009-10-20 13:40:21    172032    ----a-w-    c:\windows\system32\lame_enc.dll
2009-10-20 13:34:16    0    d-----w-    c:\programdata\RapidSolution
2009-10-20 13:34:16    0    d-----w-    c:\program files\RapidSolution
2009-10-16 09:42:28    218624    ----a-w-    c:\windows\system32\msv1_0.dll
2009-10-16 09:42:14    3600456    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2009-10-16 09:42:14    3548216    ----a-w-    c:\windows\system32\ntoskrnl.exe

==================== Find3M  ====================

2009-11-10 13:14:41    81704    ----a-w-    c:\windows\system32\perfc006.dat
2009-11-10 13:14:41    476358    ----a-w-    c:\windows\system32\perfh006.dat
2009-10-27 17:57:40    86016    ----a-w-    c:\windows\inf\infpub.dat
2009-10-27 17:57:40    143360    ----a-w-    c:\windows\inf\infstrng.dat
2009-10-27 17:57:38    143360    ----a-w-    c:\windows\inf\infstor.dat
2009-10-19 17:27:15    189784    ----a-w-    c:\windows\system32\PnkBstrB.exe
2009-10-13 12:08:27    75064    ----a-w-    c:\windows\system32\PnkBstrA.exe
2009-10-13 12:08:27    2373712    ----a-w-    c:\windows\system32\pbsvc.exe
2009-09-25 16:41:28    90112    ----a-w-    c:\windows\system32\dpl100.dll
2009-09-25 16:41:26    856064    ----a-w-    c:\windows\system32\divx_xx0c.dll
2009-09-25 16:41:26    856064    ----a-w-    c:\windows\system32\divx_xx07.dll
2009-09-25 16:41:26    847872    ----a-w-    c:\windows\system32\divx_xx0a.dll
2009-09-25 16:41:26    843776    ----a-w-    c:\windows\system32\divx_xx16.dll
2009-09-25 16:41:26    839680    ----a-w-    c:\windows\system32\divx_xx11.dll
2009-09-25 16:41:26    696320    ----a-w-    c:\windows\system32\DivX.dll
2009-09-08 14:34:08    37    ----a-w-    c:\users\nicolai olsen\jagex_runescape_preferences.dat
2009-09-08 14:33:57    45    ----a-w-    c:\users\nicolai olsen\jagex_runescape_preferences2.dat
2009-09-04 15:44:40    69464    ----a-w-    c:\windows\system32\XAPOFX1_3.dll
2009-09-04 15:44:40    515416    ----a-w-    c:\windows\system32\XAudio2_5.dll
2009-09-04 15:44:40    238936    ----a-w-    c:\windows\system32\xactengine3_5.dll
2009-09-04 15:29:34    453456    ----a-w-    c:\windows\system32\d3dx10_42.dll
2009-09-04 15:29:34    235344    ----a-w-    c:\windows\system32\d3dx11_42.dll
2009-09-04 15:29:32    5501792    ----a-w-    c:\windows\system32\d3dcsx_42.dll
2009-09-04 15:29:32    1974616    ----a-w-    c:\windows\system32\D3DCompiler_42.dll
2009-09-04 15:29:30    1892184    ----a-w-    c:\windows\system32\D3DX9_42.dll
2009-09-04 11:41:59    60928    ----a-w-    c:\windows\system32\msasn1.dll
2009-08-29 00:27:49    4240384    ----a-w-    c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14:38    28672    ----a-w-    c:\windows\system32\Apphlpdm.dll
2009-08-27 05:22:28    916480    ----a-w-    c:\windows\system32\wininet.dll
2009-08-27 05:17:43    71680    ----a-w-    c:\windows\system32\iesetup.dll
2009-08-27 05:17:43    109056    ----a-w-    c:\windows\system32\iesysprep.dll
2009-08-27 03:42:29    133632    ----a-w-    c:\windows\system32\ieUnatt.exe
2009-08-23 12:21:50    665600    ----a-w-    c:\windows\inf\drvindex.dat
2009-08-23 12:05:25    37665    ----a-w-    c:\windows\fonts\GlobalUserInterface.CompositeFont
2009-08-17 21:33:52    1193832    ----a-w-    c:\windows\system32\FM20.DLL
2008-08-24 14:22:04    174    --sha-w-    c:\program files\desktop.ini
2007-10-10 17:15:48    503    ----a-w-    c:\program files\90340697.key
2007-06-18 16:43:04    503    ----a-w-    c:\program files\common files\00010607.key
2006-11-21 04:46:30    36364    ----a-w-    c:\windows\inf\perflib\0406\perfd.dat
2006-11-21 04:46:30    36364    ----a-w-    c:\windows\inf\perflib\0406\perfc.dat
2006-11-21 04:46:30    300302    ----a-w-    c:\windows\inf\perflib\0406\perfi.dat
2006-11-21 04:46:30    300302    ----a-w-    c:\windows\inf\perflib\0406\perfh.dat
2006-11-02 09:20:21    287440    ----a-w-    c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21    287440    ----a-w-    c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19    30674    ----a-w-    c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19    30674    ----a-w-    c:\windows\inf\perflib\0000\perfc.dat
2009-02-15 09:40:13    16384    --sha-w-    c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-02-15 09:40:13    32768    --sha-w-    c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-02-15 09:40:13    16384    --sha-w-    c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat

============= FINISH: 10:31:02,89 ===============

Har du prøvet denne tool:
http://csis.dk/dk/nyheder/nyheder.asp?tekstID=679&side=16

Der er ikke nogen af de logs der er komplette. Du mangler begyndelsen!

Prøver Norman Malware Cleaner nu

Undskyld her kommer den fulde txt

Malwarebytes

Malwarebytes' Anti-Malware 1.41
Database version: 3168
Windows 6.0.6002 Service Pack 2

14-11-2009 10:57:54
mbam-log-2009-11-14 (10-57-54).txt

Skan type: Hurtig skanning
Objekter skannet: 95341
Tid tilbagelagt: 7 minute(s), 2 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)


DDS

DS (Ver_09-10-26.01) - NTFSx86 
Run by Nicolai Olsen at 10:58:13,22 on 14-11-2009
Internet Explorer: 8.0.6001.18828 BrowserJavaVersion: 1.6.0_15
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.45.1030.18.3071.1516 [GMT 1:00]

SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\WIDCOMM\Bluetooth-software\bin\btwdins.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lxbccoms.exe
C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe
C:\Program Files\Polar\Daemon\polard.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\MediaServer.exe
C:\Program Files\RapidSolution\Tunebite\vcdw\VCDAudioService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\DllHost.exe
C:\Users\Nicolai Olsen\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://djz.dk/dancechart
uSEARCH PAGE = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://da.intl.acer.yahoo.com
mDefault_Page_URL = hxxp://da.intl.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Winamp Toolbar BHO: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll
BHO: WormRadar.com IESiteBlocker.NavFilter: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - AVG Safe Search
BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - c:\program files\windows live\family safety\fssbho.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\3.0.0.134\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\3.0.0.134\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\windows\system32\ActiveToolBand.dll
BHO: Hjælp til tilmelding til Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Tunebite_WebRipPlugin Class: {aa102584-3b97-47e7-b9bc-75d54c110a7d} - c:\program files\rapidsolution\tunebite\plugins\ie\TB_WebRipIePlugin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\3.0.0.134\coIEPlg.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
uRun: [Acer Tour Reminder]
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRunOnce: [gi516781134] "c:\users\nicola~1\appdata\local\temp\gih3987b.exe" /resume:"c:\users\nicola~1\appdata\local\temp\3gh393lu" /exename:"c:\users\nicola~1\appdata\local\temp\rar$ex01.982\spyhunter.3.9\spyhunterS.exe"
mRun: [Acer Tour]
mRun: [eRecoveryService]
mRun: [TrojanScanner] c:\program files\trojan remover\Trjscan.exe
dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Winamp Toolbar Search - c:\programdata\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&ksporter til Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Send til &Bluetooth - c:\program files\widcomm\bluetooth-software\btsendto_ie_ctx.htm
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\programs\partygaming\partypoker\RunApp.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: diba.dk
Trusted Zone: Tabs
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5801/mcfscan.cab
DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton 360\engine\3.0.0.134\CoIEPlg.dll
Handler: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - c:\windows\system32\BTXPPanel.dll
mASetup: {9C450606-ED24-4958-92BA-B8940C99D441} - c:\program files\pixiepack codec pack\InstallerHelper.exe

================= FIREFOX ===================

FF - ProfilePath - c:\users\nicola~1\appdata\roaming\mozilla\firefox\profiles\iyo0u1u6.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\google\google earth plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\users\nicolai olsen\program files\dna\plugins\npbtdna.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");

============= SERVICES / DRIVERS ===============

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-11-14 28552]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-11-13 206256]
R0 rsvcdwdr;rsvcdwdr;c:\windows\system32\drivers\rsvcdwdr.sys [2008-11-4 27680]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0300000.086\SymEFA.sys [2009-4-17 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\n360\0300000.086\BHDrvx86.sys [2009-4-17 258608]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0300000.086\cchpx86.sys [2009-4-17 482352]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20091111.001\IDSvix86.sys [2009-11-13 343088]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\acer arcade live\acer homemedia connect\kernel\dms\CLMSServer.exe [2007-5-6 266343]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2008-7-17 161064]
R2 lxbc_device;lxbc_device;c:\windows\system32\lxbccoms.exe -service --> c:\windows\system32\lxbccoms.exe -service [?]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-10-29 269648]
R2 N360;Norton 360;c:\program files\norton 360\engine\3.0.0.134\ccSvcHst.exe [2009-4-17 115560]
R2 Polar Daemon;Polar Daemon;c:\program files\polar\daemon\polard.exe [2009-6-15 163840]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
R2 Virtual CDAudio Service;Virtual CDAudio Service;c:\program files\rapidsolution\tunebite\vcdw\VCDAudioService.exe [2009-3-5 124208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-10-21 102448]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-10-29 19160]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\system32\drivers\n360\0300000.086\symndisv.sys [2009-4-17 39984]
S2 gupdate1c9b94cce6056bc;Google Update Service (gupdate1c9b94cce6056bc);c:\program files\google\update\GoogleUpdate.exe [2009-4-9 133104]
S3 BCD3000;Behringer BCD3000 V1.2.0.0;c:\windows\system32\drivers\BCD3000.SYS [2009-3-20 42784]
S3 BCD3000WDM;Behringer BCD3000WDM V1.2.0.0;c:\windows\system32\drivers\BCD3000WDM.SYS [2009-3-20 21856]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\common files\creative labs shared\service\AL6Licensing.exe [2009-7-18 79360]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-10-11 54632]
S3 fsssvc;Windows Live-tjenesten Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2009-2-6 90536]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2009-2-6 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2009-2-6 122152]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2009-2-6 115496]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2009-2-6 111912]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2009-2-6 117672]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-11-13 348824]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [2009-6-5 39424]

=============== Created Last 30 ================

2009-11-14 08:40:56    0    d-----w-    C:\HiJackThis
2009-11-14 08:10:35    0    d-----w-    c:\program files\Enigma Software Group
2009-11-13 23:55:30    28552    ----a-w-    c:\windows\system32\drivers\pavboot.sys
2009-11-13 23:54:22    0    d-----w-    c:\program files\Panda Security
2009-11-13 23:31:28    0    d-----w-    c:\windows\McAfee.com
2009-11-13 22:49:08    75264    ----a-w-    c:\windows\system32\unacev2.dll
2009-11-13 22:49:08    153088    ----a-w-    c:\windows\system32\UNRAR3.dll
2009-11-13 22:49:03    0    d-----w-    c:\users\nicola~1\appdata\roaming\Simply Super Software
2009-11-13 22:49:03    0    d-----w-    c:\programdata\Simply Super Software
2009-11-13 22:49:03    0    d-----w-    c:\program files\Trojan Remover
2009-11-13 22:11:52    159600    ----a-w-    c:\windows\system32\drivers\pctgntdi.sys
2009-11-13 22:11:37    86888    ----a-w-    c:\windows\system32\drivers\PCTAppEvent.sys
2009-11-13 22:11:37    7396    ----a-w-    c:\windows\system32\drivers\pctcore.cat
2009-11-13 22:11:37    206256    ----a-w-    c:\windows\system32\drivers\PCTCore.sys
2009-11-13 22:11:15    64392    ----a-w-    c:\windows\system32\drivers\pctplsg.sys
2009-11-13 22:11:15    0    d-----w-    c:\program files\common files\PC Tools
2009-11-13 22:11:03    0    d-----w-    c:\users\nicola~1\appdata\roaming\PC Tools
2009-11-13 22:11:03    0    d-----w-    c:\programdata\PC Tools
2009-11-13 22:11:03    0    d-----w-    c:\program files\Spyware Doctor
2009-11-13 17:27:30    2036736    ----a-w-    c:\windows\system32\win32k.sys
2009-11-13 17:27:25    355328    ----a-w-    c:\windows\system32\WSDApi.dll
2009-11-05 19:00:17    0    ----a-r-    C:\logwmemory.bin
2009-11-04 14:17:10    2421760    ----a-w-    c:\windows\system32\wucltux.dll
2009-11-04 14:16:39    87552    ----a-w-    c:\windows\system32\wudriver.dll
2009-11-04 14:16:12    33792    ----a-w-    c:\windows\system32\wuapp.exe
2009-11-04 14:16:12    171608    ----a-w-    c:\windows\system32\wuwebv.dll
2009-11-03 14:08:48    1638912    ----a-w-    c:\windows\system32\mshtml.tlb
2009-11-01 12:08:19    0    d-----w-    c:\program files\common files\DivX Shared
2009-10-30 11:57:33    0    d-----w-    c:\users\nicola~1\appdata\roaming\runic games
2009-10-30 11:54:02    0    d-----w-    c:\program files\Runic Games
2009-10-30 11:44:59    0    d-sh--w-    c:\users\nicola~1\appdata\roaming\lowsec
2009-10-30 11:42:25    363449992    ---ha-w-    c:\users\nicola~1\appdata\roaming\Torchlight.exe
2009-10-29 18:21:20    0    d-----w-    c:\program files\ARAR
2009-10-29 17:01:41    0    d-----w-    c:\users\nicolai olsen\James_Kayn_-_Discography.part
2009-10-29 13:25:53    0    d-----w-    c:\users\nicola~1\appdata\roaming\Malwarebytes
2009-10-29 13:25:21    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-29 13:25:14    0    d-----w-    c:\programdata\Malwarebytes
2009-10-29 13:25:13    19160    ----a-w-    c:\windows\system32\drivers\mbam.sys
2009-10-29 13:25:12    0    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2009-10-28 13:38:21    310784    ----a-w-    c:\windows\system32\unregmp2.exe
2009-10-28 13:38:18    8147456    ----a-w-    c:\windows\system32\wmploc.DLL
2009-10-25 19:39:23    0    d-----w-    c:\program files\Klovn-Fan
2009-10-25 09:30:00    0    d-----w-    c:\users\nicolai olsen\Mp3_Juni_2009.part
2009-10-24 17:26:00    0    d-----w-    C:\Tucan
2009-10-24 15:24:37    0    d-----w-    C:\Downloads
2009-10-24 15:23:02    0    d-----w-    c:\program files\vSoft
2009-10-24 12:44:04    0    d-----w-    c:\users\nicolai olsen\.tucan
2009-10-20 13:41:49    0    d-----w-    c:\program files\PixiePack Codec Pack
2009-10-20 13:40:21    172032    ----a-w-    c:\windows\system32\lame_enc.dll
2009-10-20 13:34:16    0    d-----w-    c:\programdata\RapidSolution
2009-10-20 13:34:16    0    d-----w-    c:\program files\RapidSolution
2009-10-16 09:42:28    218624    ----a-w-    c:\windows\system32\msv1_0.dll
2009-10-16 09:42:14    3600456    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2009-10-16 09:42:14    3548216    ----a-w-    c:\windows\system32\ntoskrnl.exe

==================== Find3M  ====================

2009-11-10 13:14:41    81704    ----a-w-    c:\windows\system32\perfc006.dat
2009-11-10 13:14:41    476358    ----a-w-    c:\windows\system32\perfh006.dat
2009-10-27 17:57:40    86016    ----a-w-    c:\windows\inf\infpub.dat
2009-10-27 17:57:40    143360    ----a-w-    c:\windows\inf\infstrng.dat
2009-10-27 17:57:38    143360    ----a-w-    c:\windows\inf\infstor.dat
2009-10-19 17:27:15    189784    ----a-w-    c:\windows\system32\PnkBstrB.exe
2009-10-13 12:08:27    75064    ----a-w-    c:\windows\system32\PnkBstrA.exe
2009-10-13 12:08:27    2373712    ----a-w-    c:\windows\system32\pbsvc.exe
2009-09-25 16:41:28    90112    ----a-w-    c:\windows\system32\dpl100.dll
2009-09-25 16:41:26    856064    ----a-w-    c:\windows\system32\divx_xx0c.dll
2009-09-25 16:41:26    856064    ----a-w-    c:\windows\system32\divx_xx07.dll
2009-09-25 16:41:26    847872    ----a-w-    c:\windows\system32\divx_xx0a.dll
2009-09-25 16:41:26    843776    ----a-w-    c:\windows\system32\divx_xx16.dll
2009-09-25 16:41:26    839680    ----a-w-    c:\windows\system32\divx_xx11.dll
2009-09-25 16:41:26    696320    ----a-w-    c:\windows\system32\DivX.dll
2009-09-08 14:34:08    37    ----a-w-    c:\users\nicolai olsen\jagex_runescape_preferences.dat
2009-09-08 14:33:57    45    ----a-w-    c:\users\nicolai olsen\jagex_runescape_preferences2.dat
2009-09-04 15:44:40    69464    ----a-w-    c:\windows\system32\XAPOFX1_3.dll
2009-09-04 15:44:40    515416    ----a-w-    c:\windows\system32\XAudio2_5.dll
2009-09-04 15:44:40    238936    ----a-w-    c:\windows\system32\xactengine3_5.dll
2009-09-04 15:29:34    453456    ----a-w-    c:\windows\system32\d3dx10_42.dll
2009-09-04 15:29:34    235344    ----a-w-    c:\windows\system32\d3dx11_42.dll
2009-09-04 15:29:32    5501792    ----a-w-    c:\windows\system32\d3dcsx_42.dll
2009-09-04 15:29:32    1974616    ----a-w-    c:\windows\system32\D3DCompiler_42.dll
2009-09-04 15:29:30    1892184    ----a-w-    c:\windows\system32\D3DX9_42.dll
2009-09-04 11:41:59    60928    ----a-w-    c:\windows\system32\msasn1.dll
2009-08-29 00:27:49    4240384    ----a-w-    c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14:38    28672    ----a-w-    c:\windows\system32\Apphlpdm.dll
2009-08-27 05:22:28    916480    ----a-w-    c:\windows\system32\wininet.dll
2009-08-27 05:17:43    71680    ----a-w-    c:\windows\system32\iesetup.dll
2009-08-27 05:17:43    109056    ----a-w-    c:\windows\system32\iesysprep.dll
2009-08-27 03:42:29    133632    ----a-w-    c:\windows\system32\ieUnatt.exe
2009-08-23 12:21:50    665600    ----a-w-    c:\windows\inf\drvindex.dat
2009-08-23 12:05:25    37665    ----a-w-    c:\windows\fonts\GlobalUserInterface.CompositeFont
2009-08-17 21:33:52    1193832    ----a-w-    c:\windows\system32\FM20.DLL
2008-08-24 14:22:04    174    --sha-w-    c:\program files\desktop.ini
2007-10-10 17:15:48    503    ----a-w-    c:\program files\90340697.key
2007-06-18 16:43:04    503    ----a-w-    c:\program files\common files\00010607.key
2006-11-21 04:46:30    36364    ----a-w-    c:\windows\inf\perflib\0406\perfd.dat
2006-11-21 04:46:30    36364    ----a-w-    c:\windows\inf\perflib\0406\perfc.dat
2006-11-21 04:46:30    300302    ----a-w-    c:\windows\inf\perflib\0406\perfi.dat
2006-11-21 04:46:30    300302    ----a-w-    c:\windows\inf\perflib\0406\perfh.dat
2006-11-02 09:20:21    287440    ----a-w-    c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21    287440    ----a-w-    c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19    30674    ----a-w-    c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19    30674    ----a-w-    c:\windows\inf\perflib\0000\perfc.dat
2009-02-15 09:40:13    16384    --sha-w-    c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-02-15 09:40:13    32768    --sha-w-    c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-02-15 09:40:13    16384    --sha-w-    c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat

============= FINISH: 11:00:24,57 ===============

Hent og gem Combofix på dit skrivebord:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe


Højreklik på skrivebordet og vælg ny->tekstdokument og kopier  indholdet mellem  linierne ind og gem filen som CFScript.txt

Du skal sikre dig at den ikke kommer til at hedde CFScript.txt.txt


--------------

Killall::
Snapshot::
File::
c:\windows\system32\drivers\rsvcdwdr.sys
Driver::
rsvcdwdr
DDS::
uRunOnce: [gi516781134] "c:\users\nicola~1\appdata\local\temp\gih3987b.exe" /resume:"c:\users\nicola~1\appdata\local\temp\3gh393lu" /exename:"c:\users\nicola~1\appdata\local\temp\rar$ex01.982\spyhunter.3.9\spyhunterS.exe"

--------------

Da Combofix kan konflikte med din antivirus er det vigtigt at du deaktiverer den.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/billeder/cfscript.gif

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet

kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil combofix.txt som ligger her C:\Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

skal jeg kopier

--------------

Killall::
Snapshot::
File::
c:\windows\system32\drivers\rsvcdwdr.sys
Driver::
rsvcdwdr
DDS::
uRunOnce: [gi516781134] "c:\users\nicola~1\appdata\local\temp\gih3987b.exe" /resume:"c:\users\nicola~1\appdata\local\temp\3gh393lu" /exename:"c:\users\nicola~1\appdata\local\temp\rar$ex01.982\spyhunter.3.9\spyhunterS.exe"

--------------

ind i CFScript.txt?

Det mellem linierne, altså

Killall::
Snapshot::
File::
c:\windows\system32\drivers\rsvcdwdr.sys
Driver::
rsvcdwdr
DDS::
uRunOnce: [gi516781134] "c:\users\nicola~1\appdata\local\temp\gih3987b.exe" /resume:"c:\users\nicola~1\appdata\local\temp\3gh393lu" /exename:"c:\users\nicola~1\appdata\local\temp\rar$ex01.982\spyhunter.3.9\spyhunterS.exe"

den fandt en virus, kommer med txt 2sek

Tilbage efter genstartet, Da jeg genstartet gik den i blå skærm.. med error og crash, jeg trykket på start knappen for og få den til og genstarte..
Så da jeg startet op kom der ingen txt men der kom et program frem som jeg anulleret som jeg skulle tillade måske? det hed "giH3987B.exe"
også kom Norton frem med besked om virus advarsel/fundet den hed "Suspicious MH690.A

og den gamle kommer stadig frem :(

skal jeg prøve og trække CFScript.txt over i ComboFix igen? :s

Prøv lige og se om der ligger en fil her:  C:\Combofix.txt

den ligger der desværre ikke

Dobbeltklik på combofix og lad den køre.

NB Lad maskinen stå ifred imens combofix kører.

så har jeg kørt combofix, og den har stået og kørt og har haft genstartet.. den oprettet en fil som som går til mine dreve/computer

Det må du gerne lige forklare lidt mere om.

Hvis den har lavet en Combofix.txt fil vil jeg da gerne se den!

Den har ikke lavet nogen Combofix.txt men den har lavet en fil som hedder "ComboFix" hvis jeg klikker på den går jeg videre til min computer, den er ligesom bare en genvej den der ComboFix til computeren - med det normale Computer ikon

Hvor ligger den "ComboFix" fil henne?

på C:\

C:\ComboFix <-

Hvad type fil er det?

Type: Fil

Står det bare er en Fil

Prøv lige at køre combofix igen.

har haft combofix kørende igen og det gik galt igen igen den gik i blå skærm.. men så trykket jeg på knappen igen og tog en restore også gik den hen og slettet combofix og dbb og nogen andre små programmer..

men mit norton ville have jeg skal kører en AutoFix med noget fra Norton af som jeg er ved og prøve.. :/

Deaktiverer du norton når du kører combofix?

Der er også oprettet en nu som hedder ComboFix og der er en txt

ComboFix 09-11-14.03 - Nicolai Olsen 14-11-2009 15:23:48..2 - FAT32x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.45.1030.18.3071.1817 [GMT 1:00]
Kører fra: C:\Users\Nicolai Olsen\Desktop\ComboFix.exe
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.


det er hvad der står
og malware er begyndt og finde virus nu gjorde den ikke før :S mærkeligt

Nej har ikke sorry..
Fordi er bange for der sker noget så, men hvordan er det nu?

Finder malwabytes noget nu eller hvordan skal det du skrev forstås?
Prøv at højreklikke på ikonet nede i hjørnet for det kan godt være det der får den til at gå i "blåt"
Du skal ikke prøve combofix igen lige nu. Den skal køres på en anden måde.

Malwarebytes' Anti-Malware 1.41
Database version: 3052
Windows 6.0.6002 Service Pack 2

14-11-2009 16:45:01
mbam-log-2009-11-14 (16-45-01).txt

Skan type: Hurtig skanning
Objekter skannet: 93160
Tid tilbagelagt: 27 minute(s), 28 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 2
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 1
Inficerede Mapper: 0
Inficerede Filer: 1

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
HKEY_CURRENT_USER\SOFTWARE\Monopod (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
C:\RECYCLER\S-1-5-21-2124458929-7830956075-587466980-1763\rundll32.exe (Worm.Autorun.B) -> Delete on reboot.

Tror jeg har fået fixet det endelig!
Men tusinden tak for hjælpen ellers skriver jeg til dig igen f-arn

Hvordan gir jeg dig de point så? :)

jeg ville ikke være sikker. Hvis du har en combofix, så slet den.

Hent og gem Combofix på dit skrivebord som alg.exe:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Start alg.exe og følg anvisningerne.

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade.

Da Combofix kan konflikte med din antivirus er det vigtigt at du deaktiverer den.

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil combofix.txt som ligger her C:\Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

Husk så at deaktivere din antivirus.