hjælp med hijackthis log

Velkommen til E. ...

YFFER PYFFER - der er nogle MEGET mistænkelige elementer ifølge ovenstående log!!!

Derfor gennemfør denne procedure ->

Hent og instalér CCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/manual-for-installation-og-brug-af-ccleaner/
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller *NEJ* til den.
http://vistaguide.dk/?Artikler/CCleaner-GuideTilOptimeringAfVista/763
Lad programmet foretage en oprydning...

--------

Hent Malwarebytes Anti-Malware herfra:
http://www.besttechie.net/tools/mbam-setup.exe

Installer programmet - når det er gjort skal du lade programmet opdatere sig. Herefter åbner et vindue, hvor du skal flytte prikken til "Kør et fuldstændigt systemscan" - klik på Skan Knappen - lad programmet arbejde. Når det er færdig (det tager lidt tid afhængig af hvor meget du har på computeren).
Derefter - Tryk på "Vis resultater" knappen efter scanningen - og herefter tryk på "Fjern det valgte" - nu åbnes log'en og du skal gemme den et sted, hvor du kan finde den igen.
Kopier indholdet herind sammen med en frisk log fra HiJackThis...

------------------

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:53:36, on 09-08-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\AVG\AVG9\avgchsvx.exe
C:\Programmer\AVG\AVG9\avgrsx.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programmer\Dell\Media Experience\PCMService.exe
C:\Programmer\Dell AIO Printer A920\dlbkbmgr.exe
C:\WINDOWS\essspk.exe
C:\Programmer\Dell AIO Printer A920\dlbkbmon.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\Fælles filer\Java\Java Update\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmer\Skype\Phone\Skype.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\AVG\AVG9\avgemc.exe
C:\Programmer\Skype\Plugin Manager\skypePM.exe
C:\Programmer\AVG\AVG9\avgnsx.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Malwarebytes' Anti-Malware\mbam.exe
C:\Programmer\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2405725
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmer\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Programmer\Radio_Bar_1\tbRad0.dll
O2 - BHO: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Programmer\Radio_Bar_1\tbRad0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmer\AVG\AVG9\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmer\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programmer\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Programmer\Radio_Bar_1\tbRad0.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programmer\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Programmer\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Micr Update] soundblaster.exe
O4 - HKLM\..\Run: [SDIN Adapter] sdin.exe
O4 - HKLM\..\Run: [Task Manager] taskman.exe
O4 - HKLM\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Programmer\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Fælles filer\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\RunServices: [Micr Update] soundblaster.exe
O4 - HKLM\..\RunServices: [SDIN Adapter] sdin.exe
O4 - HKLM\..\RunServices: [Task Manager] taskman.exe
O4 - HKLM\..\RunServices: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programmer\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Micr Update] soundblaster.exe
O4 - HKCU\..\Run: [SDIN Adapter] sdin.exe
O4 - HKCU\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKCU\..\Run: [swg] "C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [SDIN Adapter] sdin.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Microsoft Support Service] svcmgt.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SDIN Adapter] sdin.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SDIN Adapter] sdin.exe (User 'Default user')
O4 - Global Startup: CreataCard Gold 2 Forget Me Not Reminders.lnk = C:\Program Files\CreataCard\Gold\FMRMD32.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tdconline.dk/start
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Programmer\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FÆLLES~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Programmer\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\avgwdsvc.exe
O23 - Service: SDIN Adapter (gay) - Unknown owner - C:\WINDOWS\System32\sdin.exe (file missing)
O23 - Service: Tjenesten Google Update (gupdate1ca7012f00e107a) (gupdate1ca7012f00e107a) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Microsoft Support Service (MSS) - Unknown owner - C:\WINDOWS\System32\svcmgt.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Programmer\Intel\NCS\Sync\NetSvc.exe

--
End of file - 10694 bytes














Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4408

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

09-08-2010 00:52:38
mbam-log-2010-08-09 (00-52-38).txt

Skanningstype: Fuldstændig skanning (A:\|C:\|D:\|)
Objekter skannet: 184131
Tid gået: 1 time(e), 57 minut(ter), 33 sekund(er)

Hukommelses Processorer Inficeret: 0
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 1
Registreringsdatabaseværdier Inficeret: 2
Registreringsdatabasedata Objekter Inficeret: 0
Inficerede Mapper: 2
Inficerede Filer: 30

Hukommelses Processorer Inficeret:
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret:
HKEY_CURRENT_USER\Software\PriceGong (Adware.Agent) -> No action taken.

Registreringsdatabaseværdier Inficeret:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\micr update (Backdoor.Bot) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\micr update (Backdoor.Bot) -> No action taken.

Registreringsdatabasedata Objekter Inficeret:
(Ingen skadelige objekter blev fundet)

Inficerede Mapper:
C:\Documents and Settings\inga madsen\Application Data\PriceGong (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data (Adware.Agent) -> No action taken.

Inficerede Filer:
C:\WINDOWS\SYSTEM32\TFTP3108 (Trojan.Downloader) -> No action taken.
C:\WINDOWS\SYSTEM32\waucrlt.exe (Malware.Packer.Gen) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\1.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\a.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\b.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\c.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\d.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\e.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\f.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\g.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\h.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\i.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\J.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\k.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\l.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\m.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\mru.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\n.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\o.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\p.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\q.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\r.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\s.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\t.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\u.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\v.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\w.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\x.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\y.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\z.xml (Adware.Agent) -> No action taken.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:53:36, on 09-08-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\AVG\AVG9\avgchsvx.exe
C:\Programmer\AVG\AVG9\avgrsx.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programmer\Dell\Media Experience\PCMService.exe
C:\Programmer\Dell AIO Printer A920\dlbkbmgr.exe
C:\WINDOWS\essspk.exe
C:\Programmer\Dell AIO Printer A920\dlbkbmon.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\Fælles filer\Java\Java Update\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmer\Skype\Phone\Skype.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\AVG\AVG9\avgemc.exe
C:\Programmer\Skype\Plugin Manager\skypePM.exe
C:\Programmer\AVG\AVG9\avgnsx.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Malwarebytes' Anti-Malware\mbam.exe
C:\Programmer\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2405725
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmer\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Programmer\Radio_Bar_1\tbRad0.dll
O2 - BHO: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Programmer\Radio_Bar_1\tbRad0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmer\AVG\AVG9\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmer\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programmer\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Programmer\Radio_Bar_1\tbRad0.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programmer\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Programmer\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Micr Update] soundblaster.exe
O4 - HKLM\..\Run: [SDIN Adapter] sdin.exe
O4 - HKLM\..\Run: [Task Manager] taskman.exe
O4 - HKLM\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Programmer\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Fælles filer\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\RunServices: [Micr Update] soundblaster.exe
O4 - HKLM\..\RunServices: [SDIN Adapter] sdin.exe
O4 - HKLM\..\RunServices: [Task Manager] taskman.exe
O4 - HKLM\..\RunServices: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programmer\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Micr Update] soundblaster.exe
O4 - HKCU\..\Run: [SDIN Adapter] sdin.exe
O4 - HKCU\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKCU\..\Run: [swg] "C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [SDIN Adapter] sdin.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Microsoft Support Service] svcmgt.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SDIN Adapter] sdin.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SDIN Adapter] sdin.exe (User 'Default user')
O4 - Global Startup: CreataCard Gold 2 Forget Me Not Reminders.lnk = C:\Program Files\CreataCard\Gold\FMRMD32.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tdconline.dk/start
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Programmer\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FÆLLES~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Programmer\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\avgwdsvc.exe
O23 - Service: SDIN Adapter (gay) - Unknown owner - C:\WINDOWS\System32\sdin.exe (file missing)
O23 - Service: Tjenesten Google Update (gupdate1ca7012f00e107a) (gupdate1ca7012f00e107a) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Microsoft Support Service (MSS) - Unknown owner - C:\WINDOWS\System32\svcmgt.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Programmer\Intel\NCS\Sync\NetSvc.exe

--
End of file - 10694 bytes














Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4408

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

09-08-2010 00:52:38
mbam-log-2010-08-09 (00-52-38).txt

Skanningstype: Fuldstændig skanning (A:\|C:\|D:\|)
Objekter skannet: 184131
Tid gået: 1 time(e), 57 minut(ter), 33 sekund(er)

Hukommelses Processorer Inficeret: 0
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 1
Registreringsdatabaseværdier Inficeret: 2
Registreringsdatabasedata Objekter Inficeret: 0
Inficerede Mapper: 2
Inficerede Filer: 30

Hukommelses Processorer Inficeret:
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret:
HKEY_CURRENT_USER\Software\PriceGong (Adware.Agent) -> No action taken.

Registreringsdatabaseværdier Inficeret:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\micr update (Backdoor.Bot) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\micr update (Backdoor.Bot) -> No action taken.

Registreringsdatabasedata Objekter Inficeret:
(Ingen skadelige objekter blev fundet)

Inficerede Mapper:
C:\Documents and Settings\inga madsen\Application Data\PriceGong (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data (Adware.Agent) -> No action taken.

Inficerede Filer:
C:\WINDOWS\SYSTEM32\TFTP3108 (Trojan.Downloader) -> No action taken.
C:\WINDOWS\SYSTEM32\waucrlt.exe (Malware.Packer.Gen) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\1.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\a.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\b.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\c.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\d.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\e.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\f.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\g.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\h.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\i.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\J.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\k.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\l.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\m.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\mru.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\n.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\o.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\p.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\q.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\r.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\s.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\t.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\u.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\v.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\w.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\x.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\y.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\inga madsen\Application Data\PriceGong\Data\z.xml (Adware.Agent) -> No action taken.

Hvad tror du dette betyder -> No action taken ?

Om igen med MalwareBytes -> du 'glemte' denne detalje ->
Tryk på "Vis resultater" knappen efter scanningen - og herefter tryk på "Fjern det valgte" ...

Opdater venligst MalwareBytes først; vha fanen [Opdater] ...

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:03:17, on 09-08-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\AVG\AVG9\avgchsvx.exe
C:\Programmer\AVG\AVG9\avgrsx.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programmer\Dell\Media Experience\PCMService.exe
C:\Programmer\Dell AIO Printer A920\dlbkbmgr.exe
C:\WINDOWS\essspk.exe
C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe
C:\Programmer\Dell AIO Printer A920\dlbkbmon.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\Fælles filer\Java\Java Update\jusched.exe
C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmer\Skype\Phone\Skype.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\AVG\AVG9\avgemc.exe
C:\Programmer\AVG\AVG9\avgnsx.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Skype\Plugin Manager\skypePM.exe
C:\Programmer\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2405725
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmer\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Programmer\Radio_Bar_1\tbRad0.dll
O2 - BHO: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Programmer\Radio_Bar_1\tbRad0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmer\AVG\AVG9\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmer\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programmer\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Programmer\Radio_Bar_1\tbRad0.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programmer\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Programmer\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SDIN Adapter] sdin.exe
O4 - HKLM\..\Run: [Task Manager] taskman.exe
O4 - HKLM\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Programmer\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Fælles filer\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\RunServices: [Micr Update] soundblaster.exe
O4 - HKLM\..\RunServices: [SDIN Adapter] sdin.exe
O4 - HKLM\..\RunServices: [Task Manager] taskman.exe
O4 - HKLM\..\RunServices: [Microsoft Support Service] svcmgt.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SDIN Adapter] sdin.exe
O4 - HKCU\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKCU\..\Run: [swg] "C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [SDIN Adapter] sdin.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Microsoft Support Service] svcmgt.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SDIN Adapter] sdin.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SDIN Adapter] sdin.exe (User 'Default user')
O4 - Global Startup: CreataCard Gold 2 Forget Me Not Reminders.lnk = C:\Program Files\CreataCard\Gold\FMRMD32.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tdconline.dk/start
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Programmer\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FÆLLES~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Programmer\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\avgwdsvc.exe
O23 - Service: SDIN Adapter (gay) - Unknown owner - C:\WINDOWS\System32\sdin.exe (file missing)
O23 - Service: Tjenesten Google Update (gupdate1ca7012f00e107a) (gupdate1ca7012f00e107a) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Microsoft Support Service (MSS) - Unknown owner - C:\WINDOWS\System32\svcmgt.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Programmer\Intel\NCS\Sync\NetSvc.exe

--
End of file - 10376 bytes







Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4409

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

09-08-2010 12:59:06
mbam-log-2010-08-09 (12-59-06).txt

Skanningstype: Fuldstændig skanning (A:\|C:\|D:\|)
Objekter skannet: 184322
Tid gået: 2 time(e), 19 minut(ter), 38 sekund(er)

Hukommelses Processorer Inficeret: 0
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 0
Registreringsdatabaseværdier Inficeret: 0
Registreringsdatabasedata Objekter Inficeret: 0
Inficerede Mapper: 0
Inficerede Filer: 1

Hukommelses Processorer Inficeret:
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabaseværdier Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasedata Objekter Inficeret:
(Ingen skadelige objekter blev fundet)

Inficerede Mapper:
(Ingen skadelige objekter blev fundet)

Inficerede Filer:
C:\System Volume Information\_restore{8B8967CB-CFD7-4068-A2A2-720D4D4CCD9E}\RP349\A0073609.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

Hmmm... jeg havde håbet at MalwareBytes ville have 'nappet' nogle bestemte mistænkelige elementer...

-- Hent Combofix fra nedenstående, og gem den på dit skrivebord:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

NB: Du må ikke døbe den Combofix.exe, men eksempelvis BANAN.exe

-- Kør så combofix.exe (BANAN.exe), som du hentede tidligere, og følg anvisningerne.

Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når combofix er færdig, og efter det har genstartet, skulle der gerne åbnes en logfil: combofix.txt
Indholdet af denne fil må du gerne lægge herind.

ComboFix 10-08-08.02 - inga madsen 09-08-2010  14:20:51.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.45.1030.18.510.239 [GMT 2:00]
Kører fra: c:\documents and settings\inga madsen\Skrivebord\BANAN.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

(((((((((((((((((((((((((((((  Filer skabt fra 2010-07-09 til 2010-08-09  )))))))))))))))))))))))))))))))))))
.

2010-08-08 20:53 . 2010-08-08 20:53    --------    d-----w-    c:\documents and settings\inga madsen\Application Data\Malwarebytes
2010-08-08 20:52 . 2010-04-29 13:39    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-08 20:52 . 2010-08-09 07:41    --------    d-----w-    c:\programmer\Malwarebytes' Anti-Malware
2010-08-08 20:52 . 2010-08-08 20:52    --------    d-----w-    c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-08 20:52 . 2010-04-29 13:39    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-08-08 20:46 . 2010-08-08 20:46    --------    d-----w-    c:\programmer\CCleaner
2010-08-08 20:17 . 2010-08-08 20:17    388096    ----a-r-    c:\documents and settings\inga madsen\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-08-08 20:17 . 2010-08-08 20:17    --------    d-----w-    c:\programmer\Trend Micro
2010-08-03 07:52 . 2010-08-03 07:52    503808    ----a-w-    c:\documents and settings\inga madsen\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-5755af75-n\msvcp71.dll
2010-08-03 07:52 . 2010-08-03 07:52    499712    ----a-w-    c:\documents and settings\inga madsen\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-5755af75-n\jmc.dll
2010-08-03 07:52 . 2010-08-03 07:52    12800    ----a-w-    c:\documents and settings\inga madsen\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-76558fc3-n\decora-d3d.dll
2010-08-03 07:52 . 2010-08-03 07:52    61440    ----a-w-    c:\documents and settings\inga madsen\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-76558fc3-n\decora-sse.dll
2010-08-03 07:52 . 2010-08-03 07:52    348160    ----a-w-    c:\documents and settings\inga madsen\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-5755af75-n\msvcr71.dll
2010-07-22 15:10 . 2010-07-22 15:10    12536    ----a-w-    c:\windows\system32\avgrsstx.dll
2010-07-16 12:12 . 2010-07-16 12:12    --------    d-----w-    c:\programmer\Fælles filer\Skype
2010-07-16 07:54 . 2010-06-14 14:31    744448    ------w-    c:\windows\system32\dllcache\helpsvc.exe

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-09 12:27 . 2009-11-28 10:10    --------    d-----w-    c:\documents and settings\inga madsen\Application Data\Skype
2010-08-09 12:07 . 2010-05-04 14:53    --------    d-----w-    c:\documents and settings\All Users\Application Data\avg9
2010-08-09 07:35 . 2009-11-28 10:15    --------    d-----w-    c:\documents and settings\inga madsen\Application Data\skypePM
2010-07-22 15:10 . 2009-04-02 09:27    243024    ----a-w-    c:\windows\system32\drivers\avgtdix.sys
2010-07-22 15:10 . 2007-05-30 08:06    29584    ----a-w-    c:\windows\system32\drivers\avgmfx86.sys
2010-07-22 15:05 . 2009-04-02 09:27    216400    ----a-w-    c:\windows\system32\drivers\avgldx86.sys
2010-07-21 10:02 . 2010-04-04 08:48    --------    d-----w-    c:\programmer\Radio_Bar_1
2010-06-29 12:12 . 2004-02-19 11:54    46976    ----a-w-    c:\documents and settings\inga madsen\Lokale indstillinger\Application Data\GDIPFONTCACHEV1.DAT
2010-06-24 08:54 . 2010-06-24 08:54    501936    ----a-w-    c:\documents and settings\All Users\Application Data\Google\Google Toolbar\Update\gtb467.tmp.exe
2010-05-23 16:07 . 2010-05-23 16:07    61440    ----a-w-    c:\documents and settings\inga madsen\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-69d122a9-n\decora-sse.dll
2010-05-23 16:07 . 2010-05-23 16:07    503808    ----a-w-    c:\documents and settings\inga madsen\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7fa3e214-n\msvcp71.dll
2010-05-23 16:07 . 2010-05-23 16:07    499712    ----a-w-    c:\documents and settings\inga madsen\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7fa3e214-n\jmc.dll
2010-05-23 16:07 . 2010-05-23 16:07    348160    ----a-w-    c:\documents and settings\inga madsen\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7fa3e214-n\msvcr71.dll
2010-05-23 16:07 . 2010-05-23 16:07    12800    ----a-w-    c:\documents and settings\inga madsen\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-69d122a9-n\decora-d3d.dll
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\programmer\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256]
"{0fc85f5d-6207-4515-a490-45a549d285c0}"= "c:\programmer\Radio_Bar_1\tbRad0.dll" [2010-07-21 2734688]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_CLASSES_ROOT\clsid\{0fc85f5d-6207-4515-a490-45a549d285c0}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0fc85f5d-6207-4515-a490-45a549d285c0}]
2010-07-21 10:02    2734688    ----a-w-    c:\programmer\Radio_Bar_1\tbRad0.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2010-02-23 12:04    1664256    ----a-w-    c:\programmer\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programmer\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256]
"{0fc85f5d-6207-4515-a490-45a549d285c0}"= "c:\programmer\Radio_Bar_1\tbRad0.dll" [2010-07-21 2734688]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CLASSES_ROOT\clsid\{0fc85f5d-6207-4515-a490-45a549d285c0}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programmer\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256]
"{0FC85F5D-6207-4515-A490-45A549D285C0}"= "c:\programmer\Radio_Bar_1\tbRad0.dll" [2010-07-21 2734688]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CLASSES_ROOT\clsid\{0fc85f5d-6207-4515-a490-45a549d285c0}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-17 68856]
"Skype"="c:\programmer\Skype\\Phone\Skype.exe" [2010-05-13 26192168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2003-04-07 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2003-04-07 114688]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2003-08-06 114741]
"PCMService"="c:\programmer\Dell\Media Experience\PCMService.exe" [2003-08-26 204800]
"Dell AIO Printer A920"="c:\programmer\Dell AIO Printer A920\dlbkbmgr.exe" [2003-06-02 270336]
"EssSpkPhone"="essspk.exe" [2001-10-19 49152]
"UpdateManager"="c:\programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"HP Software Update"="c:\programmer\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"hpqSRMon"="c:\programmer\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"SunJavaUpdateSched"="c:\programmer\Fælles filer\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-22 2065760]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menuen Start\Programmer\Start\
CreataCard Gold 2 Forget Me Not Reminders.lnk - c:\program files\CreataCard\Gold\FMRMD32.EXE [2004-2-28 55296]
HP Digital Imaging Monitor.lnk - c:\programmer\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-22 15:10    12536    ----a-w-    c:\windows\SYSTEM32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Programmer\\Skype\\Plugin Manager\\skypePM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmer\\AVG\\AVG9\\avgemc.exe"=
"c:\\Programmer\\AVG\\AVG9\\avgupd.exe"=
"c:\\Programmer\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Programmer\\Skype\\Phone\\Skype.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\SYSTEM32\DRIVERS\avgldx86.sys [02-04-2009 11:27 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\SYSTEM32\DRIVERS\avgtdix.sys [02-04-2009 11:27 243024]
R2 avg9emc;AVG Free E-mail Scanner;c:\programmer\AVG\AVG9\avgemc.exe [22-07-2010 17:05 921952]
R2 avg9wd;AVG Free WatchDog;c:\programmer\AVG\AVG9\avgwdsvc.exe [22-07-2010 17:10 308136]
S2 gay;SDIN Adapter;"c:\windows\System32\sdin.exe" -netsvcs --> c:\windows\System32\sdin.exe [?]
S2 gupdate1ca7012f00e107a;Tjenesten Google Update (gupdate1ca7012f00e107a);c:\programmer\Google\Update\GoogleUpdate.exe [28-11-2009 12:09 133104]
S2 MSS;Microsoft Support Service;"c:\windows\System32\svcmgt.exe" -netsvcs --> c:\windows\System32\svcmgt.exe [?]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\programmer\AVG\AVG9\Toolbar\ToolbarBroker.exe [04-05-2010 17:00 369920]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt    REG_MULTI_SZ      hpqcxs08 hpqddsvc
.
Indhold af mappen 'Planlagte Opgaver'

2010-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2009-11-28 10:09]

2010-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2009-11-28 10:09]

2010-08-03 c:\windows\Tasks\WebReg .job
- c:\programmer\HP\Digital Imaging\bin\hpqwrg.exe [2007-03-11 21:27]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2405725
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Google Sidewiki... - c:\programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\programmer\AVG\AVG9\Toolbar\IEToolbar.dll
.
- - - - TOMME GENVEJE FJERNET - - - -

HKCU-Run-Sonic RecordNow! - (no file)
HKCU-Run-SDIN Adapter - sdin.exe
HKCU-Run-Microsoft Support Service - svcmgt.exe
HKLM-Run-SDIN Adapter - sdin.exe
HKLM-Run-Microsoft Support Service - svcmgt.exe
HKU-Default-Run-Microsoft Update - lsac.exe
HKU-Default-Run-Micr Update - soundblaster.exe
HKU-Default-Run-SDIN Adapter - sdin.exe
HKU-Default-Run-Microsoft Support Service - svcmgt.exe
HKU-Default-RunOnce-SDIN Adapter - sdin.exe
HKU-Default-RunOnce-Microsoft Support Service - svcmgt.exe
AddRemove-ESSMDM - c:\windows\remvess



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-09 14:27
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'explorer.exe'(1068)
c:\windows\system32\webcheck.dll
.
Gennemført tid: 2010-08-09  14:33:15
ComboFix-quarantined-files.txt  2010-08-09 12:33

Pre-Kørsel: 24.316.653.568 byte ledig
Post-Kørsel: 24.400.207.872 byte ledig

WindowsXP-KB310994-SP2-Home-BootDisk-DAN.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

- - End Of File - - 2571730C2D50AAB5A8CD131FC188331B

Kør en scanning med Hijackthis,
Du får herunder nogle filer, som du skal fixe. Det, du skal gøre, er at sætte et flueben ud for disse filer. Når du har gjort det, så lukker du alle andre vinduer ned. Det er meget vigtigt at det eneste vindue, som er åbent er HijackThis vinduet. Husk også at lukke dette vindue, når du har markeret filerne. Nu må du fixe. Klik på Fix checked.

Det er disse, som skal fixes:

O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [SDIN Adapter] sdin.exe
O4 - HKLM\..\Run: [Task Manager] taskman.exe
O4 - HKLM\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\RunServices: [Micr Update] soundblaster.exe
O4 - HKLM\..\RunServices: [SDIN Adapter] sdin.exe
O4 - HKLM\..\RunServices: [Task Manager] taskman.exe
O4 - HKLM\..\RunServices: [Microsoft Support Service] svcmgt.exe
O4 - HKCU\..\Run: [SDIN Adapter] sdin.exe
O4 - HKCU\..\Run: [Microsoft Support Service] svcmgt.exe
O4 - HKUS\S-1-5-18\..\Run: [SDIN Adapter] sdin.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Microsoft Support Service] svcmgt.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SDIN Adapter] sdin.exe (User 'SYSTEM')

O23 - Service: Microsoft Support Service (MSS) - Unknown owner - C:\WINDOWS\System32\svcmgt.exe (file missing)

Genstart normalt...

Og en frisk log fra HiJackThis derefter...

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:49:04, on 09-08-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\AVG\AVG9\avgchsvx.exe
C:\Programmer\AVG\AVG9\avgrsx.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programmer\Dell\Media Experience\PCMService.exe
C:\Programmer\Dell AIO Printer A920\dlbkbmgr.exe
C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\Fælles filer\Java\Java Update\jusched.exe
C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Programmer\Dell AIO Printer A920\dlbkbmon.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmer\Skype\Phone\Skype.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\AVG\AVG9\avgemc.exe
C:\Programmer\AVG\AVG9\avgnsx.exe
C:\Programmer\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\Programmer\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2405725
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmer\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Programmer\Radio_Bar_1\tbRad0.dll
O2 - BHO: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Programmer\Radio_Bar_1\tbRad0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmer\AVG\AVG9\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programmer\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programmer\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Programmer\Radio_Bar_1\tbRad0.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programmer\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Programmer\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Programmer\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Fælles filer\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [swg] "C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: CreataCard Gold 2 Forget Me Not Reminders.lnk = C:\Program Files\CreataCard\Gold\FMRMD32.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tdconline.dk/start
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Programmer\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FÆLLES~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Programmer\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\avgwdsvc.exe
O23 - Service: SDIN Adapter (gay) - Unknown owner - C:\WINDOWS\System32\sdin.exe (file missing)
O23 - Service: Tjenesten Google Update (gupdate1ca7012f00e107a) (gupdate1ca7012f00e107a) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Microsoft Support Service (MSS) - Unknown owner - C:\WINDOWS\System32\svcmgt.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Programmer\Intel\NCS\Sync\NetSvc.exe

--
End of file - 9067 bytes

Bingo! Inden vi går videre med efterfølgende oprydning; hvordan kører PC'en så nu ???

er min computer helt sikker nu? ...
fordi jeg skal snart bruge den ... :) det er meget stort af
dig at bruge så meget tide på mig jeg trode ikke det var så stort et problem som det var jeg ville ønske jeg kunne give dig nogle flere point for din stor hjælpsomhed for at kunne få vores computer op på rette køl igen :)
jeg ved ikke hvordan jeg skal takke dig nok for din hjælp :)

bare virusen er væk så takker jeg meget resten kan jeg klare en anden dag:) men igen mange 1000 gange tak for din kæmpe store hjælp :) jeg siger igen jeg ved virkelig ikke hvad jeg skulle havde gjort uden din hjælp :)

Klik på Start->Kør skriv Services.msc

Find Tjenesten (Hvis den er der)

* SDIN Adapter (gay)
* Microsoft Support Service (MSS)

* Tjenesten Google Update (gupdate1ca7012f00e107a)
* Google Software Updater (gusvc)

stop den hvis den kører, højreklik på den og vælg Starttype Deaktiveret.

Genstart normalt...

---

Kør en scanning med Hijackthis,
Du får herunder nogle filer, som du skal fixe. Det, du skal gøre, er at sætte et flueben ud for disse filer. Når du har gjort det, så lukker du alle andre vinduer ned. Det er meget vigtigt at det eneste vindue, som er åbent er HijackThis vinduet. Husk også at lukke dette vindue, når du har markeret filerne. Nu må du fixe. Klik på Fix checked.

Det er disse, som skal fixes:

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Programmer\Radio_Bar_1\tbRad0.dll
O2 - BHO: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Programmer\Radio_Bar_1\tbRad0.dll
O3 - Toolbar: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Programmer\Radio_Bar_1\tbRad0.dll

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"

O4 - Global Startup: CreataCard Gold 2 Forget Me Not Reminders.lnk = C:\Program Files\CreataCard\Gold\FMRMD32.EXE

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe

O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)

O23 - Service: SDIN Adapter (gay) - Unknown owner - C:\WINDOWS\System32\sdin.exe (file missing)
O23 - Service: Tjenesten Google Update (gupdate1ca7012f00e107a) (gupdate1ca7012f00e107a) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Microsoft Support Service (MSS) - Unknown owner - C:\WINDOWS\System32\svcmgt.exe (file missing)

Genstart normalt...

---

Ta' en oprydning med førnævnte CCleaner

---

Hvordan kører PC'en så nu ?

---

Jeg har hermed lagt [svar]...