Virus 2010!!!

Hent Malwarebytes Anti-Malware herfra:
http://www.besttechie.net/tools/mbam-setup.exe
Eller herfra ->
http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html


Installer programmet - når det er gjort skal du lade programmet opdatere sig. Herefter åbner et vindue, hvor du skal flytte prikken til "Kør et fuldstændigt systemscan" - klik på Skan Knappen - lad programmet arbejde. Når det er færdig (det tager lidt tid afhængig af hvor meget du har på computeren).

Derefter - Tryk på "Vis resultater" knappen efter scanningen - og herefter tryk på "Fjern det valgte" - nu åbnes log'en og du skal gemme den et sted, hvor du kan finde den igen.

Kopier indholdet herind og fortæl hvordan computeren kører nu ?

Malwarebytes' Anti-Malware 1.44
Database version: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

15-03-2010 20:56:20
mbam-log-2010-03-15 (20-56-20).txt

Skan type: Hurtig skanning
Objekter skannet: 121346
Tid tilbagelagt: 7 minute(s), 13 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)

Der er ingen virus skriver den, men der er altså et eller andet helt galt! [/i]

Hent Combofix, og gem den i en mappe:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Åbn mappen med Combofix, højreklik et tomt sted i mappen, vælg Ny->tekstdokument, åbn tekstdokumentet, kopier følgende ind:

Killall::
Snapshot::

klik på Filer->Gem som, navngiv den CFScript, luk tekstdokumentet.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du “giver slip” med musen.
http://www.fromsej.saknet.dk/billeder/swfcombo.gif
Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Kopier den fremkomne log herind.

ComboFix 10-03-15.06 - Nicklas 16-03-2010  17:07:28.1.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.45.1030.18.2046.1171 [GMT 1:00]
Kører fra: c:\documents and settings\Nicklas\Dokumenter\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Nicklas\Application Data\inst.exe
c:\windows\msnmgr.exe
c:\windows\system32\xpysys.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll

.
(((((((((((((((((((((((((((((  Filer skabt fra 2010-02-16 til 2010-03-16  )))))))))))))))))))))))))))))))))))
.

2010-03-16 06:42 . 2010-03-16 06:42    --------    d-----w-    c:\documents and settings\Nicklas\.netbeans-derby
2010-03-16 06:39 . 2010-03-16 06:42    --------    d-----w-    c:\documents and settings\Nicklas\.netbeans
2010-03-16 06:39 . 2010-03-16 06:39    --------    d-----w-    c:\documents and settings\Nicklas\.netbeans-registration
2010-03-16 06:38 . 2010-03-16 06:39    --------    d-----w-    c:\programmer\Server NetBeans
2010-03-16 06:34 . 2010-03-16 06:38    --------    d-----w-    c:\programmer\NetBeans 6.8
2010-03-16 06:22 . 2010-03-16 06:22    --------    d-----w-    c:\programmer\Sun
2010-03-16 05:23 . 2010-03-16 06:40    --------    d-----w-    c:\documents and settings\Nicklas\.nbi
2010-03-15 20:32 . 2010-03-15 20:33    --------    d-----w-    c:\documents and settings\Nicklas\workspace
2010-03-15 19:48 . 2010-03-15 19:48    --------    d-----w-    c:\documents and settings\Nicklas\Application Data\Malwarebytes
2010-03-15 19:48 . 2010-01-07 15:07    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-15 19:48 . 2010-03-15 19:48    --------    d-----w-    c:\programmer\Malwarebytes' Anti-Malware
2010-03-15 19:48 . 2010-03-15 19:48    --------    d-----w-    c:\documents and settings\All Users\Application Data\Malwarebytes
2010-03-15 19:48 . 2010-01-07 15:07    19160    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-03-15 13:45 . 2010-03-15 13:45    34432    ----a-w-    c:\documents and settings\Nicklas\Lokale indstillinger\Application Data\GDIPFONTCACHEV1.DAT
2010-03-11 19:24 . 2010-02-12 10:03    293376    ------w-    c:\windows\system32\browserchoice.exe
2010-03-10 17:18 . 2006-10-20 15:29    4721320    ----a-w-    c:\documents and settings\Nicklas\Application Data\TomTom\HOME\Profiles\dpz0l1cl.default\extensions\Navcore.6.520.7690@tomtom.com\6-520-7690-2.dll
2010-03-10 16:58 . 2010-03-10 16:58    --------    d-----w-    c:\documents and settings\Nicklas\Lokale indstillinger\Application Data\TomTom
2010-03-10 16:58 . 2010-03-10 16:58    --------    d-----w-    c:\documents and settings\Nicklas\Application Data\TomTom
2010-03-10 16:56 . 2010-03-10 16:56    --------    d-----w-    c:\programmer\TomTom International B.V
2010-03-10 16:56 . 2010-03-10 16:56    --------    d-----w-    c:\programmer\TomTom HOME 2
2010-03-10 16:56 . 2010-03-10 16:57    --------    d-----w-    c:\documents and settings\Nicklas\Application Data\Software Informer
2010-03-10 16:56 . 2010-03-10 16:56    --------    d-----w-    c:\programmer\Software Informer
2010-03-09 19:55 . 2010-03-09 19:55    503808    ----a-w-    c:\documents and settings\Sabine\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3651a9c8-n\msvcp71.dll
2010-03-09 19:55 . 2010-03-09 19:55    499712    ----a-w-    c:\documents and settings\Sabine\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3651a9c8-n\jmc.dll
2010-03-09 19:55 . 2010-03-09 19:55    348160    ----a-w-    c:\documents and settings\Sabine\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3651a9c8-n\msvcr71.dll
2010-03-09 19:55 . 2010-03-09 19:55    61440    ----a-w-    c:\documents and settings\Sabine\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-4ba9d123-n\decora-sse.dll
2010-03-09 19:55 . 2010-03-09 19:55    12800    ----a-w-    c:\documents and settings\Sabine\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-4ba9d123-n\decora-d3d.dll
2010-03-09 19:55 . 2010-03-09 19:55    --------    d-----w-    c:\documents and settings\Sabine\Application Data\HpUpdate
2010-03-09 19:50 . 2010-03-09 19:50    --------    d-----w-    c:\documents and settings\Sabine\Lokale indstillinger\Application Data\fcvdc
2010-03-03 16:47 . 2010-03-03 16:47    --------    d-----w-    c:\documents and settings\All Users\Application Data\nView_Profiles
2010-03-03 16:47 . 2010-03-03 16:47    --------    d-----w-    c:\documents and settings\Sabine\Application Data\FirstClass
2010-02-27 20:39 . 2010-02-27 20:39    --------    d-----w-    c:\programmer\Audacity
2010-02-27 10:54 . 2010-02-27 10:54    --------    d-----w-    c:\programmer\Game_Maker8
2010-02-24 10:14 . 2010-02-24 10:14    79144    ----a-w-    c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe
2010-02-23 11:35 . 2010-02-23 11:36    --------    d-----w-    c:\documents and settings\Nicklas\Application Data\CoffeeCup Software
2010-02-23 11:35 . 2010-02-23 11:35    --------    d-----w-    c:\programmer\CoffeeCup Software
2010-02-23 11:23 . 2010-02-23 11:23    --------    d-----w-    c:\documents and settings\All Users\Application Data\ConeXware
2010-02-23 11:22 . 2010-02-23 11:23    --------    d-----w-    c:\programmer\PowerArchiver
2010-02-23 11:20 . 2010-02-23 11:20    --------    d-----w-    C:\php-gtk-dist
2010-02-23 11:17 . 2010-02-23 11:28    --------    d-----w-    c:\programmer\WinAce
2010-02-16 14:44 . 2010-02-16 14:44    --------    d-----w-    c:\programmer\Microsoft ASP.NET Web Matrix
2010-02-16 14:37 . 2010-02-16 14:37    --------    d-----w-    c:\documents and settings\Nicklas\Application Data\Microsoft Corporation
2010-02-16 14:32 . 2010-02-16 14:32    --------    d-----w-    c:\programmer\ASP.NET

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-16 16:16 . 2010-01-10 16:00    --------    d-----w-    c:\documents and settings\Nicklas\Application Data\Skype
2010-03-16 16:15 . 2010-02-07 20:19    --------    d-----w-    c:\documents and settings\Nicklas\Application Data\OpenOffice.org2
2010-03-16 16:12 . 2009-09-25 19:35    16608    ----a-w-    c:\windows\gdrv.sys
2010-03-16 15:07 . 2010-01-10 16:07    --------    d-----w-    c:\documents and settings\Nicklas\Application Data\skypePM
2010-03-16 06:22 . 2010-01-31 17:46    --------    d-----w-    c:\programmer\Java
2010-03-11 19:54 . 2009-09-26 12:14    196608    ----a-w-    c:\windows\system32\drivers\nAsmedia.bin
2010-03-09 20:17 . 2009-10-10 09:29    --------    d-----w-    c:\documents and settings\All Users\Application Data\Microsoft Help
2010-02-25 10:39 . 2009-10-31 16:43    --------    d-----w-    c:\programmer\Logitech
2010-02-25 10:31 . 2010-01-12 17:06    --------    d-----w-    c:\documents and settings\Nicklas\Application Data\Uniblue
2010-02-25 10:31 . 2010-01-12 17:06    --------    d-----w-    c:\documents and settings\All Users\Application Data\DriverScanner
2010-02-25 10:30 . 2010-01-12 15:08    --------    d-----w-    c:\documents and settings\Nicklas\Application Data\NCH Swift Sound
2010-02-24 10:16 . 2009-09-26 13:01    --------    d-----w-    c:\programmer\Safari
2010-02-23 13:06 . 2008-04-15 12:00    459200    ----a-w-    c:\windows\system32\perfh006.dat
2010-02-23 13:06 . 2008-04-15 12:00    83320    ----a-w-    c:\windows\system32\perfc006.dat
2010-02-16 14:11 . 2010-02-07 20:25    1    ----a-w-    c:\documents and settings\Nicklas\Application Data\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2010-02-14 00:08 . 2010-02-13 22:43    --------    d-----w-    c:\programmer\xampp
2010-02-11 19:05 . 2009-09-27 09:05    --------    d-----w-    c:\programmer\Electronic Arts
2010-02-11 19:04 . 2010-01-07 18:21    --------    d-----w-    c:\programmer\SweetIM
2010-02-11 19:04 . 2010-01-07 18:21    --------    d-----w-    c:\documents and settings\All Users\Application Data\SweetIM
2010-02-11 19:03 . 2010-01-10 19:10    --------    d-----w-    c:\programmer\NCH Software
2010-02-11 19:03 . 2010-01-28 15:59    --------    d-----w-    c:\programmer\PDF Editor 3
2010-02-11 19:02 . 2009-11-20 14:18    --------    d-----w-    c:\programmer\Microsoft Games
2010-02-11 18:59 . 2010-01-10 19:17    --------    d-----w-    c:\programmer\Free Crazy video downloader and converter
2010-02-11 16:21 . 2010-02-11 12:47    100144    ----a-w-    c:\documents and settings\LocalService\Lokale indstillinger\Application Data\FontCache3.0.0.0.dat
2010-02-11 12:26 . 2010-02-11 12:26    550344    ----a-w-    c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\60BCC9CDCEC84AE4A5BCD8193B5C945A\setup.exe
2010-02-09 10:24 . 2009-09-26 13:20    --------    d-----w-    c:\programmer\Google
2010-02-08 15:17 . 2010-01-20 20:05    --------    d-----w-    c:\programmer\Fælles filer\DVDVideoSoft
2010-02-08 15:16 . 2010-01-20 20:05    --------    d-----w-    c:\programmer\DVDVideoSoft
2010-02-07 20:17 . 2010-02-07 20:17    --------    d-----w-    c:\programmer\OpenOffice.org 2.3
2010-02-07 19:03 . 2010-02-07 19:02    --------    d-----w-    c:\programmer\Open ofice
2010-02-05 12:56 . 2010-02-05 12:27    --------    d-----w-    c:\documents and settings\Nicklas\Application Data\DataCast
2010-02-05 12:26 . 2010-02-05 12:26    --------    d-----w-    c:\programmer\MarkAny
2010-02-05 12:26 . 2009-09-25 19:36    --------    d--h--w-    c:\programmer\InstallShield Installation Information
2010-02-05 12:26 . 2010-02-05 12:26    --------    d-----w-    c:\programmer\Samsung
2010-02-04 19:48 . 2010-02-04 19:48    8    ----a-w-    c:\windows\system32\nvModes.dat
2010-02-01 20:14 . 2009-09-26 13:20    --------    d-----w-    c:\programmer\Metin2_DK
2010-01-31 17:47 . 2010-01-31 17:47    --------    d-----w-    c:\programmer\Fælles filer\Java
2010-01-31 17:46 . 2010-01-31 17:46    503808    ----a-w-    c:\documents and settings\Nicklas\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-53ec02e3-n\msvcp71.dll
2010-01-31 17:46 . 2010-01-31 17:46    499712    ----a-w-    c:\documents and settings\Nicklas\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-53ec02e3-n\jmc.dll
2010-01-31 17:46 . 2010-01-31 17:46    348160    ----a-w-    c:\documents and settings\Nicklas\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-53ec02e3-n\msvcr71.dll
2010-01-31 17:46 . 2010-01-31 17:46    61440    ----a-w-    c:\documents and settings\Nicklas\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-535907c5-n\decora-sse.dll
2010-01-31 17:46 . 2010-01-31 17:46    12800    ----a-w-    c:\documents and settings\Nicklas\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-535907c5-n\decora-d3d.dll
2010-01-31 17:46 . 2010-01-31 17:46    411368    ----a-w-    c:\windows\system32\deploytk.dll
2010-01-31 15:20 . 2010-01-22 21:53    --------    d-----w-    c:\documents and settings\Nicklas\Application Data\HpUpdate
2010-01-29 14:23 . 2010-01-29 14:23    --------    d-----w-    c:\programmer\Microsoft CAPICOM 2.1.0.2
2010-01-28 19:38 . 2010-01-28 19:38    --------    d-----w-    c:\documents and settings\Nicklas\Application Data\Leadertech
2010-01-28 19:37 . 2010-01-14 12:53    --------    d-----w-    c:\programmer\Fælles filer\Logishrd
2010-01-28 19:15 . 2009-10-31 16:43    --------    d-----w-    c:\programmer\Fælles filer\Logitech
2010-01-28 19:13 . 2010-01-28 19:13    --------    d-----w-    c:\programmer\Windows Media Components
2010-01-28 19:11 . 2009-09-25 19:36    --------    d-----w-    c:\programmer\Fælles filer\InstallShield
2010-01-28 18:19 . 2010-01-28 14:46    --------    d-----w-    c:\programmer\DRPU PC Data Manager(Basic)
2010-01-28 15:59 . 2010-01-28 15:59    75776    ----a-w-    c:\windows\cadkasdeinst01e.exe
2010-01-28 14:05 . 2010-01-28 14:04    --------    d-----w-    c:\programmer\QuickTime
2010-01-28 14:03 . 2010-01-28 14:03    --------    d-----w-    c:\programmer\Fælles filer\Apple
2010-01-28 14:03 . 2009-09-26 13:01    --------    d-----w-    c:\documents and settings\Nicklas\Application Data\Apple Computer
2010-01-26 20:07 . 2010-01-26 20:07    --------    d-----w-    c:\programmer\SkoleKom
2010-01-26 20:07 . 2010-01-26 20:06    --------    d-----w-    c:\documents and settings\Nicklas\Application Data\FirstClass
2010-01-22 21:53 . 2010-01-12 16:50    --------    d-----w-    c:\programmer\HP
2010-01-22 21:50 . 2009-09-27 09:26    --------    d-----w-    c:\documents and settings\All Users\Application Data\Electronic Arts
2010-01-22 21:49 . 2010-01-22 21:49    --------    d-----w-    c:\programmer\Fælles filer\Adobe AIR
2010-01-22 21:48 . 2010-01-22 21:49    38784    ----a-w-    c:\documents and settings\Nicklas\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-22 21:48 . 2010-01-22 21:49    38784    ----a-w-    c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-21 16:55 . 2009-09-26 11:38    --------    d-----w-    c:\programmer\Microsoft Silverlight
2010-01-14 12:54 . 2010-01-14 12:54    10134    ----a-r-    c:\documents and settings\Nicklas\Application Data\Microsoft\Installer\{3101CB58-3482-4D21-AF1A-7057FC935355}\ARPPRODUCTICON.exe
2010-01-14 06:04 . 2010-01-14 06:04    767328    ----a-w-    c:\windows\system32\kdfinj.dll
2010-01-13 16:42 . 2010-01-13 16:34    127876    ----a-w-    c:\windows\hpoins11.dat
2010-01-10 16:07 . 2010-01-10 16:07    56    ---ha-w-    c:\windows\system32\ezsidmv.dat
2010-01-08 14:52 . 2009-09-26 13:01    26036    ---ha-w-    c:\windows\system32\mlfcache.dat
2009-12-31 16:50 . 2008-04-15 12:00    353792    ----a-w-    c:\windows\system32\drivers\srv.sys
2009-12-24 15:16 . 2009-12-24 15:15    1613078    ----a-w-    c:\documents and settings\Nicklas\Application Data\ArduoCss\TempFolder\ArduoCss_1224.exe
2009-12-23 12:24 . 2009-12-23 12:24    18944    ----a-w-    c:\windows\eraser.exe
2009-12-21 19:08 . 2008-04-15 12:00    916480    ----a-w-    c:\windows\system32\wininet.dll
2009-12-17 07:41 . 2009-09-25 19:02    344576    ----a-w-    c:\windows\system32\mspaint.exe
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS SmartDoctor"="c:\program files\ASUS\SmartDoctor\SmartDoctor.exe" [2009-08-02 1187840]
"Google Update"="c:\documents and settings\Nicklas\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe" [2009-09-26 133104]
"swg"="c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-26 39408]
"Skype"="c:\programmer\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"LDM"="c:\programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2009-10-31 67128]
"TomTomHOME.exe"="c:\programmer\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-15 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="=" [X]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-01-12 2043160]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-10 13758464]
"nwiz"="nwiz.exe" [2009-06-10 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-10 86016]
"WheelMouse"="c:\advanc~1\wh_exec.exe" [2007-11-10 98304]
"Adobe Reader Speed Launcher"="c:\programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"RemoteControl9"="c:\programmer\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-04-27 87336]
"BDRegion"="c:\programmer\Cyberlink\Shared Files\brs.exe" [2009-05-07 75048]
"SweetIM"="c:\programmer\SweetIM\Messenger\SweetIM.exe" [2009-10-20 111928]
"FCVDC"="c:\programmer\Free Crazy video downloader and converter\free crazy video downloader.exe" [2008-03-01 1417216]
"HP Software Update"="c:\programmer\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"RTHDCPL"="RTHDCPL.EXE" [2009-11-17 18789408]
"QuickTime Task"="c:\programmer\QuickTime\QTTask.exe" [2009-11-10 417792]
"DRPU PC Data Manager(Basic)"="c:\programmer\DRPU PC Data Manager(Basic)\pcdm.exe" [2010-01-05 2801664]
"LVCOMS"="c:\programmer\Fælles filer\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 127022]
"LogitechGalleryRepair"="c:\programmer\Logitech\ImageStudio\ISStart.exe" [2002-12-10 155648]
"LogitechImageStudioTray"="c:\programmer\Logitech\ImageStudio\LogiTray.exe" [2002-12-10 61440]
"LogitechQuickCamRibbon"="c:\programmer\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"SunJavaUpdateSched"="c:\programmer\Fælles filer\Java\Java Update\jusched.exe" [2010-01-11 246504]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

c:\documents and settings\Nicklas\Menuen Start\Programmer\Start\
OpenOffice.org 2.3.lnk - c:\programmer\OpenOffice.org 2.3\program\quickstart.exe [2007-9-11 393216]
Screen Clipper and Launcher til OneNote 2007.lnk - c:\programmer\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
Startsk‘rm.htm [2009-12-24 340]

c:\documents and settings\All Users\Menuen Start\Programmer\Start\
HP Digital Imaging Monitor.lnk - c:\programmer\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Logitech Desktop Messenger Agent.lnk - c:\programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2009-10-31 67128]
Logitech SetPoint.lnk - c:\programmer\Logitech\SetPoint\SetPoint.exe [2010-1-14 805392]
PLANET WL-8310 Configuration Utility.lnk - c:\programmer\PLANET WL-8310\WLANPRO.exe [2009-9-26 2678784]
Reg.lnk - c:\programmer\PLANET WL-8310\Reg.exe [2009-9-26 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-09-26 11:49    11952    ----a-w-    c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 01:42    72208    ----a-w-    c:\programmer\Fælles filer\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD9LanguageShortcut]
2009-04-27 15:50    50472    ------w-    c:\programmer\CyberLink\PowerDVD9\Language\Language.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmer\\AVG\\AVG8\\avgemc.exe"=
"c:\\Programmer\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmer\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Programmer\\Metin2_DK\\metin2.bin"=
"c:\\Programmer\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmer\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Programmer\\ASUS\\GamerOSD\\SBS.exe"=
"c:\\Programmer\\Microsoft Games\\Halo Trial\\halo.exe"=
"c:\\Programmer\\Metin2_DK\\metin2client.bin"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmer\\Photo Story 3 for Windows\\PhotoStory3.exe"=
"c:\\Programmer\\LeechFTP\\Leechftp.exe"=
"c:\\Programmer\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programmer\\Free Crazy video downloader and converter\\free crazy video downloader.exe"=
"c:\\Programmer\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Documents and Settings\\Nicklas\\Dokumenter\\Downloads\\win32_binaries_03\\win32_binaries_0.3\\php_mysql\\mysql\\bin\\mysqld.exe"=
"c:\\Documents and Settings\\Nicklas\\Dokumenter\\Downloads\\win32_binaries_03\\win32_binaries_0.3\\viewer_for_php.exe"=
"c:\\xampp\\FileZillaFTP\\FileZilla Server.exe"=
"c:\\xampp\\MercuryMail\\mercury.exe"=
"c:\\xampp\\mysql\\bin\\mysqld.exe"=
"c:\\Programmer\\Microsoft ASP.NET Web Matrix\\v0.6.812\\WebServer.exe"=
"c:\\Programmer\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmer\\CoffeeCup Software\\Free FTP\\FreeFTP.exe"=
"c:\\Programmer\\Java\\jre6\\bin\\javaws.exe"=
"c:\\Programmer\\NetBeans 6.8\\bin\\netbeans.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Programmer\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"198:UDP"= 198:UDP:Free Ftp

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [26-09-2009 12:49 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [26-09-2009 12:49 108552]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/09/26 20:53];c:\programmer\CyberLink\PowerDVD9\000.fcl [07-05-2009 20:05 87536]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [14-02-2010 01:09 29416]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [26-09-2009 12:49 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [26-09-2009 12:49 297752]
R2 ES lite Service;ES lite Service for program management.;c:\programmer\Gigabyte\EasySaver\essvr.exe [25-09-2009 20:36 80392]
R2 TeamViewer5;TeamViewer 5;c:\programmer\TeamViewer\Version5\TeamViewer_Service.exe [12-01-2010 15:57 185640]
R2 TomTomHOMEService;TomTomHOMEService;c:\programmer\TomTom HOME 2\TomTomHOMEService.exe [13-11-2009 12:31 92008]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [09-11-2009 18:12 25088]
R3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\drivers\whfltr2k.sys [26-09-2009 13:51 6784]
S2 gupdate;Google Update Service (gupdate);c:\programmer\Google\Update\GoogleUpdate.exe [22-12-2009 21:17 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [14-01-2010 18:44 1684736]
S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [14-01-2010 07:04 131072]
S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [14-01-2010 07:04 79104]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{42C5E519-D47F-4105-9CEC-29CC51DD953F}]
2008-04-15 12:00    78848    ----a-w-    c:\windows\system32\msiexec.exe
.
Indhold af mappen 'Planlagte Opgaver'

2010-02-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmer\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-03-16 c:\windows\Tasks\AVG Free User Interface.job
- c:\progra~1\AVG\AVG8\avgui.exe [2009-09-26 13:14]

2010-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2009-12-22 20:17]

2010-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2009-12-22 20:17]

2010-02-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1343024091-682003330-1004Core.job
- c:\documents and settings\Nicklas\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe [2009-09-26 13:03]

2010-03-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1343024091-682003330-1004UA.job
- c:\documents and settings\Nicklas\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe [2009-09-26 13:03]

2010-03-16 c:\windows\Tasks\User_Feed_Synchronization-{D03FC5E3-4A4E-409A-92C4-FF0F0910A8F6}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]

2010-01-10 c:\windows\Tasks\videopadSevenDaysInit.job
- c:\programmer\NCH Software\VideoPad\videopad.exe [2010-01-10 19:10]

2010-02-25 c:\windows\Tasks\videopadShakeIcon.job
- c:\programmer\NCH Software\VideoPad\videopad.exe [2010-01-10 19:10]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.dk/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Google Sidewiki ... - c:\programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
Trusted Zone: microsoft.com\update
Trusted Zone: varde.dk\skoledata
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
.
- - - - TOMME GENVEJE FJERNET - - - -

URLSearchHooks-{EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKCU-Run-msnmsgr - ~c:\programmer\Windows Live\Messenger\msnmsgr.exe
HKCU-Run-WebCamRT.exe - (no file)
HKCU-Run-fsm - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-16 17:18
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
  msnmsgr = ~"c:\programmer\Windows Live\Messenger\msnmsgr.exe" /background?

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\programmer\CyberLink\PowerDVD9\000.fcl"
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'winlogon.exe'(932)
c:\programmer\fælles filer\logitech\bluetooth\LBTWlgn.dll
c:\programmer\fælles filer\logitech\bluetooth\LBTServ.dll

- - - - - - - > 'explorer.exe'(1256)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\programmer\SweetIM\Messenger\mgAdaptersProxy.dll
c:\advanc~1\wh_hook.dll
c:\programmer\Logitech\SetPoint\lgscroll.dll
c:\programmer\TeamViewer\Version5\tv.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\acs.exe
c:\windows\ATKKBService.exe
c:\programmer\Bonjour\mDNSResponder.exe
c:\xampp\FileZillaFTP\FileZilla server.exe
c:\programmer\Java\jre6\bin\jqs.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\xampp\mysql\bin\mysqld.exe
c:\programmer\CyberLink\Shared files\RichVideo.exe
c:\programmer\Fælles filer\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\programmer\TeamViewer\Version5\TeamViewer.exe
c:\programmer\AVG\AVG8\avgcsrvx.exe
c:\programmer\Fælles filer\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
c:\docume~1\Nicklas\LOKALE~1\Temp\bwgo0001c28f.exe
c:\programmer\OpenOffice.org 2.3\program\soffice.exe
c:\programmer\Logitech\ImageStudio\LowLight.exe
c:\programmer\OpenOffice.org 2.3\program\soffice.BIN
c:\programmer\Fælles filer\Logishrd\LQCVFX\COCIManager.exe
c:\programmer\Fælles filer\Logishrd\KHAL2\KHALMNPR.EXE
c:\programmer\HP\Digital Imaging\bin\hpqSTE08.exe
c:\programmer\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\programmer\Windows Live\Contacts\wlcomm.exe
.
**************************************************************************
.
Gennemført tid: 2010-03-16  17:19:49 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2010-03-16 16:19

Pre-Kørsel: 1.525.084.160 byte ledig
Post-Kørsel: 1.543.589.888 byte ledig

WindowsXP-KB310994-SP2-Home-BootDisk-DAN.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 74075DC4A4AF58AF6E4F12C73676B36E

Der er ikke mere at komme efter.

Jeg vil anbefale at droppe AVG, den er ikke et skud hagl værd mere, desværre.
Hent installationsfilen til Avast:
http://files.avast.com/iavs4pro/setupdan.exe
Hent dette værktøj:
http://www.avg.com/download-tools
Hent Ccleaner her:
http://www.ccleaner.com/download/builds/downloading-slim
Installer Ccleaner, det skal ikke køres endnu.

Afbryd netforbindelsen, kør værktøjet fra AVG, genstart.
Start Ccleaner, fjern fluebenet i cookies.
Klik på kør Cleaner og lad den fjerne hvad den finder.
Klik så på Register ovre i venstre side (den blå terning), klik på Skan efter problemer, når den er færdig, klik på Udbedre valgte problemer, lav evt. en backup af registreringsdatabasen, klik så på udbedre alle valgte problemer.
Klik på OK, klik på Luk når den er færdig.
Genstart.

Installer Avast, tilslut nettet, så programmet kan opdatere.

Jeg har CCleaner i forvejen

Så følg vejledningen, med den Ccleaner du har.

Den virker fint igen tusind tak for hjælpen, tror jeg?!

Og derfor tog du selv point !?!?