pop-ups

- SUK - der er jo en del mere end mistænkelige (U)ønskede elementer ...
Gennemfør proceduren herfra -> http://www.eksperten.dk/artikler/1123

er nået her til ;p hvor jeg skal poste logs .. fik cleaned ..superantispyware fandt ingenting ...

... og ComboFix ... ?

ComboFix 07-12-21.4 - Ejer 2007-12-21 22:46:57.1 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1030.18.781 [GMT 1:00]
Running from: C:\Documents and Settings\Ejer\Skrivebord\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((((((  Other Deletions  )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Ejer\Application Data\inst.exe
C:\temp\tn3
C:\WINDOWS\system32\_000001_.tmp.dll
C:\WINDOWS\system32\_000003_.tmp.dll
C:\WINDOWS\system32\_000004_.tmp.dll
C:\WINDOWS\system32\_000005_.tmp.dll
C:\WINDOWS\system32\_000006_.tmp.dll
C:\WINDOWS\system32\_000007_.tmp.dll
C:\WINDOWS\system32\_000008_.tmp.dll
C:\WINDOWS\system32\_000011_.tmp.dll
C:\WINDOWS\system32\drivers\core.cache.dsk

.
(((((((((((((((((((((((((  Files Created from 2007-11-21 to 2007-12-21  )))))))))))))))))))))))))))))))
.

2007-12-21 19:27 . 2007-12-21 19:27    <DIR>    d--------    C:\Documents and Settings\Ejer\.idlerc
2007-12-21 19:26 . 2007-12-21 19:31    <DIR>    d--------    C:\Python25
2007-12-21 19:00 . 2007-12-21 19:11    <DIR>    d--------    C:\Programmer\YAMGui Plus
2007-12-21 18:52 . 2007-12-21 19:45    <DIR>    d--------    C:\Documents and Settings\Ejer\Application Data\SuperBot
2007-12-21 17:13 . 2007-12-21 17:13    <DIR>    d--------    C:\Programmer\Symbian OS Tools
2007-12-21 17:13 . 2007-12-21 17:13    <DIR>    d--------    C:\Programmer\Fælles filer\Symbian
2007-12-21 17:12 . 2007-12-21 17:12    <DIR>    d--------    C:\Documents and Settings\Ejer\Application Data\InstallShield
2007-12-21 17:08 . 2007-12-21 17:08    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\InstallShield
2007-12-21 16:15 . 2007-12-21 16:15    <DIR>    d--------    C:\Programmer\Fælles filer\PCSuite
2007-12-21 16:13 . 2007-12-21 16:13    <DIR>    d--------    C:\Programmer\PC Connectivity Solution
2007-12-21 16:11 . 2007-02-22 10:15    137,216    --a------    C:\WINDOWS\system32\drivers\nmwcd.sys
2007-12-21 16:11 . 2007-02-22 10:15    65,536    --a------    C:\WINDOWS\system32\nmwcdcocls.dll
2007-12-21 16:11 . 2007-02-22 10:15    12,288    --a------    C:\WINDOWS\system32\drivers\nmwcdcm.sys
2007-12-21 16:11 . 2007-02-22 10:15    12,288    --a------    C:\WINDOWS\system32\drivers\nmwcdcj.sys
2007-12-21 16:11 . 2007-02-22 10:15    8,320    --a------    C:\WINDOWS\system32\drivers\nmwcdc.sys
2007-12-21 14:11 . 2007-12-21 22:45    <DIR>    d--------    C:\Programmer\SUPERAntiSpyware
2007-12-21 14:11 . 2007-12-21 14:11    <DIR>    d--------    C:\Documents and Settings\Ejer\Application Data\SUPERAntiSpyware.com
2007-12-21 14:11 . 2007-12-21 14:11    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-12-21 14:05 . 2007-12-21 14:05    <DIR>    d--------    C:\Programmer\CCleaner
2007-12-21 13:52 . 2007-12-21 13:52    <DIR>    d--------    C:\Programmer\Trend Micro
2007-12-20 22:58 . 2007-12-20 22:58    <DIR>    d--------    C:\Shrek.The.Third.2007.DK.NO.ENG.PROPER.PAL.DVDR-Geeks
2007-12-20 22:23 . 2007-12-20 22:25    <DIR>    d--------    C:\Programmer\StuffPlug3
2007-12-20 22:18 . 2007-12-20 22:18    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\Bind army eggs joy
2007-12-20 22:17 . 2007-12-20 22:17    <DIR>    d--------    C:\Programmer\Proc film bolt
2007-12-20 22:17 . 2007-12-20 22:17    <DIR>    d--------    C:\Programmer\Circle Developement
2007-12-20 22:17 . 2007-12-20 22:18    <DIR>    d--------    C:\Documents and Settings\Ejer\Application Data\Proc film bolt
2007-12-18 14:15 . 2007-12-18 14:24    <DIR>    d--------    C:\WINDOWS\system32\ActiveScan
2007-12-18 14:15 . 2007-12-18 14:15    30,590    --a------    C:\WINDOWS\system32\pavas.ico
2007-12-18 14:15 . 2007-12-18 14:15    2,550    --a------    C:\WINDOWS\system32\Uninstall.ico
2007-12-18 14:15 . 2007-12-18 14:15    1,406    --a------    C:\WINDOWS\system32\Help.ico
2007-12-16 17:37 . 2007-12-16 17:37    34,308    --a------    C:\WINDOWS\system32\Chip.dll
2007-12-16 17:37 . 2007-12-16 17:37    9,684    --a------    C:\WINDOWS\system32\Pvt.tmp
2007-12-16 17:36 . 2007-12-16 17:37    <DIR>    d--------    C:\Programmer\DVD-RB PRO
2007-12-16 17:29 . 2007-12-16 17:29    <DIR>    d--------    C:\Programmer\Custom Technology
2007-12-12 19:32 . 2007-12-12 19:32    <DIR>    d--------    C:\Documents and Settings\Ejer\Application Data\Xi
2007-12-10 00:13 . 2007-12-10 00:13    <DIR>    d--------    C:\Programmer\SmartFTP Client 2.5 Setup Files
2007-12-04 02:33 . 2007-12-04 02:33    823,296    --a------    C:\WINDOWS\system32\divx_xx0c.dll
2007-12-04 02:33 . 2007-12-04 02:33    823,296    --a------    C:\WINDOWS\system32\divx_xx07.dll
2007-12-04 02:33 . 2007-12-04 02:33    802,816    --a------    C:\WINDOWS\system32\divx_xx11.dll
2007-12-04 02:33 . 2007-12-04 02:33    682,496    --a------    C:\WINDOWS\system32\DivX.dll
2007-12-04 02:33 . 2007-12-04 02:33    630,784    --a------    C:\WINDOWS\system32\divxdec.ax
2007-12-02 17:37 . 2007-12-02 17:37    <DIR>    d--------    C:\Programmer\Native Instruments
2007-12-02 13:11 . 2007-12-02 13:11    411    --a------    C:\playlistgen(2).aspx
2007-12-02 13:09 . 2007-11-25 03:31    3,248,706    --a------    C:\NXSetup_multi.zip
2007-12-02 12:32 . 2007-12-02 12:32    412    --a------    C:\playlistgen(1).aspx
2007-12-02 12:31 . 2007-12-02 12:31    411    --a------    C:\playlistgen.aspx
2007-12-02 12:30 . 2007-12-02 12:30    <DIR>    d--------    C:\Programmer\Xi
2007-12-02 00:16 . 2007-12-07 16:04    <DIR>    d--------    C:\Programmer\AV MP3 Player-Morpher
2007-12-02 00:10 . 2007-12-02 00:10    <DIR>    d--------    C:\Programmer\Fælles filer\Skype
2007-12-02 00:10 . 2007-12-02 00:10    <DIR>    d--------    C:\Documents and Settings\Ejer\Application Data\skypePM
2007-12-02 00:10 . 2007-12-02 00:10    32    --a------    C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-12-01 13:20 . 2007-12-01 13:20    <DIR>    d--------    C:\Programmer\coverXP
2007-11-30 10:46 . 2007-11-30 10:46    <DIR>    d--------    C:\Programmer\VirtualDJ
2007-11-30 10:25 . 2007-11-30 10:25    98,304    --a------    C:\WINDOWS\system32\SoftAheadCert.dll
2007-11-30 10:07 . 2007-11-30 10:50    <DIR>    d--------    C:\Programmer\mp3towav
2007-11-30 10:07 . 1999-09-17 10:56    118,784    --a------    C:\WINDOWS\system32\mp3dec.dll
2007-11-30 10:07 . 2001-12-12 10:42    40,960    --a------    C:\WINDOWS\system32\MDec.ocx
2007-11-30 09:48 . 2007-11-30 10:21    <DIR>    d--------    C:\vcs5BGEffects
2007-11-30 09:39 . 2007-11-30 09:39    <DIR>    d--------    C:\Programmer\AV Vcs 5.5 DIAMOND
2007-11-30 08:43 . 2007-11-30 08:43    <DIR>    d--------    C:\Programmer\CD_DVD-ROM Generator 1.20
2007-11-30 08:42 . 2007-11-30 08:42    <DIR>    d--------    C:\Documents and Settings\Ejer\WINDOWS
2007-11-29 23:30 . 2007-11-29 23:30    3,596,288    --a------    C:\WINDOWS\system32\qt-dx331.dll
2007-11-29 23:30 . 2007-11-29 23:30    1,044,480    --a------    C:\WINDOWS\system32\libdivx.dll
2007-11-29 23:30 . 2007-11-29 23:30    524,288    --a------    C:\WINDOWS\system32\DivXsm.exe
2007-11-29 23:30 . 2007-11-29 23:30    200,704    --a------    C:\WINDOWS\system32\ssldivx.dll
2007-11-29 23:30 . 2007-11-29 23:30    4,816    --a------    C:\WINDOWS\system32\divxsm.tlb
2007-11-29 23:28 . 2007-11-29 23:28    196,608    --a------    C:\WINDOWS\system32\dtu100.dll
2007-11-29 23:28 . 2007-11-29 23:28    81,920    --a------    C:\WINDOWS\system32\dpl100.dll
2007-11-29 23:28 . 2007-11-29 23:28    416    --a------    C:\WINDOWS\system32\dtu100.dll.manifest
2007-11-29 23:28 . 2007-11-29 23:28    416    --a------    C:\WINDOWS\system32\dpl100.dll.manifest
2007-11-29 20:20 . 2007-11-29 20:20    <DIR>    d--------    C:\Documents and Settings\Ejer\download
2007-11-29 20:20 . 2007-11-29 20:20    <DIR>    d--------    C:\Documents and Settings\Ejer\.kvirc
2007-11-29 20:20 . 2007-11-29 20:20    74    --a------    C:\WINDOWS\kvirc-3.2.0.ini
2007-11-29 20:18 . 2007-11-29 20:19    <DIR>    d--------    C:\Programmer\KVIrc
2007-11-29 17:04 . 2007-12-01 20:46    <DIR>    d--------    C:\Fraps
2007-11-29 17:04 . 2007-12-01 20:47    <DIR>    d-a------    C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-29 15:16 . 2007-11-29 15:18    <DIR>    d--------    C:\Programmer\WinFlip
2007-11-29 15:16 . 2007-11-29 15:18    <DIR>    d--------    C:\Programmer\VisualTooltip
2007-11-29 15:16 . 2007-11-29 15:18    <DIR>    d--------    C:\Programmer\ViStart
2007-11-29 15:16 . 2007-11-29 15:18    <DIR>    d--------    C:\Programmer\Vista Sidebar
2007-11-29 15:16 . 2007-11-29 15:18    <DIR>    d--------    C:\Programmer\ViOrb
2007-11-29 15:16 . 2007-11-29 15:18    <DIR>    d--------    C:\Programmer\TrueTransparency
2007-11-29 15:16 . 2007-11-29 15:18    <DIR>    d--------    C:\Programmer\Styler
2007-11-29 15:16 . 2007-11-29 15:18    <DIR>    d--------    C:\Programmer\LClock
2007-11-29 15:16 . 2007-04-15 01:30    6,181,376    --a------    C:\WINDOWS\system32\vistaui(2).exe
2007-11-29 15:16 . 2006-12-11 01:15    498,176    --a------    C:\WINDOWS\system32\OLD1D3.tmp
2007-11-29 15:16 . 2007-11-25 22:11    49,208    --a------    C:\WINDOWS\system32\vistartup.bmp
2007-11-29 15:11 . 2007-11-29 15:18    <DIR>    d--------    C:\VTPFiles
2007-11-29 10:51 . 2007-12-21 12:28    54,156    --ah-----    C:\WINDOWS\QTFont.qfn
2007-11-29 10:51 . 2007-11-29 10:51    1,409    --a------    C:\WINDOWS\QTFont.for
2007-11-29 10:50 . 2007-11-29 10:50    <DIR>    d--------    C:\Programmer\iTunes
2007-11-29 10:50 . 2007-11-29 10:50    <DIR>    d--------    C:\Programmer\iPod
2007-11-28 22:55 . 2007-11-28 22:55    156,992    --a------    C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-11-28 22:53 . 2007-11-28 22:53    593,920    --a------    C:\WINDOWS\system32\dpuGUI11.dll
2007-11-28 22:53 . 2007-11-28 22:53    352,401    --a------    C:\WINDOWS\system32\DivXMedia.ax
2007-11-28 22:53 . 2007-11-28 22:53    344,064    --a------    C:\WINDOWS\system32\dpus11.dll
2007-11-28 22:53 . 2007-11-28 22:53    294,912    --a------    C:\WINDOWS\system32\dpu11.dll
2007-11-28 22:53 . 2007-11-28 22:53    294,912    --a------    C:\WINDOWS\system32\dpu10.dll
2007-11-28 22:53 . 2007-11-28 22:53    57,344    --a------    C:\WINDOWS\system32\dpv11.dll
2007-11-28 22:53 . 2007-11-28 22:53    53,248    --a------    C:\WINDOWS\system32\dpuGUI10.dll

.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-21 20:42    ---------    d-----w    C:\Documents and Settings\Ejer\Application Data\AVG7
2007-12-21 20:40    ---------    d-----w    C:\Programmer\Steam
2007-12-21 16:13    ---------    d--h--w    C:\Programmer\InstallShield Installation Information
2007-12-21 16:05    ---------    d-----w    C:\Programmer\Nokia
2007-12-21 16:05    ---------    d-----w    C:\Programmer\Fælles filer\InstallShield
2007-12-21 15:16    ---------    d-----w    C:\Documents and Settings\Ejer\Application Data\Nokia
2007-12-21 15:15    ---------    d-----w    C:\Programmer\Fælles filer\Nokia
2007-12-21 15:09    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\Installations
2007-12-21 13:33    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-12-21 13:10    ---------    d-----w    C:\Programmer\Fælles filer\Wise Installation Wizard
2007-12-21 12:58    9,344    ----a-w    C:\WINDOWS\system32\drivers\NSDriver.sys
2007-12-21 12:58    8,320    ----a-w    C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-12-20 21:23    ---------    d-----w    C:\Programmer\MSN Messenger
2007-12-20 21:17    ---------    d-----w    C:\Programmer\Messenger Plus! Live
2007-12-20 11:58    ---------    d-----w    C:\Documents and Settings\Ejer\Application Data\LimeWire
2007-12-19 15:32    ---------    d-----w    C:\Programmer\HLSW
2007-12-12 15:25    ---------    d-----w    C:\Programmer\WinPcap
2007-12-09 23:14    ---------    d-----w    C:\Programmer\SmartFTP Client
2007-12-07 23:12    ---------    d-----w    C:\Programmer\DivX
2007-12-06 13:55    685,816    ----a-w    C:\WINDOWS\system32\drivers\sptd.sys
2007-12-05 20:07    ---------    d-----w    C:\Programmer\Warcraft III
2007-12-02 01:03    ---------    d-----w    C:\Documents and Settings\Ejer\Application Data\Skype
2007-12-01 23:10    ---------    d-----w    C:\Programmer\Skype
2007-12-01 23:10    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\Skype
2007-11-29 09:47    ---------    d-----w    C:\Programmer\QuickTime
2007-11-19 21:29    ---------    d-----w    C:\Programmer\DVD Decrypter
2007-11-16 12:53    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-11-15 19:04    ---------    d-----w    C:\Programmer\Windows Live
2007-11-15 17:12    ---------    d-----w    C:\Programmer\BitComet
2007-11-13 10:25    20,480    ----a-w    C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-08 18:33    ---------    d-----w    C:\Programmer\Web Designers Toolkit with NavBar
2007-11-06 10:58    ---------    d-----w    C:\Programmer\The Privacy Guard
2007-11-06 08:20    831,048    ----a-w    C:\WINDOWS\system32\WudfUpdate_01005.dll
2007-11-05 12:45    ---------    d-----w    C:\Programmer\Joost
2007-11-05 12:45    ---------    d-----w    C:\Documents and Settings\Ejer\Application Data\Joost
2007-10-29 22:44    1,291,776    ----a-w    C:\WINDOWS\system32\quartz.dll
2007-10-28 20:22    ---------    d-----w    C:\Programmer\Fælles filer\AVSMedia
2007-10-28 20:22    ---------    d-----w    C:\Programmer\AVSMedia
2007-10-28 13:07    ---------    d-----w    C:\Programmer\Compaq
2007-10-27 11:00    ---------    d-----w    C:\Documents and Settings\Ejer\Application Data\ErrorKiller
2007-10-25 08:28    222,720    ----a-w    C:\WINDOWS\system32\wmasf.dll
2007-10-24 00:47    96,760    ----a-w    C:\WINDOWS\system32\dfshim.dll
2007-10-24 00:47    84,480    ----a-w    C:\WINDOWS\system32\mscories.dll
2007-10-24 00:47    282,112    ----a-w    C:\WINDOWS\system32\mscoree.dll
2007-10-24 00:47    158,720    ----a-w    C:\WINDOWS\system32\mscorier.dll
2007-10-11 08:55    88,576    ----a-w    C:\WINDOWS\system32\infocardapi.dll
2007-10-11 08:55    579,584    ----a-w    C:\WINDOWS\system32\icardagt.exe
2007-10-11 08:55    11,776    ----a-w    C:\WINDOWS\system32\icardres.dll
2007-10-09 12:03    779,800    ----a-w    C:\WINDOWS\system32\PresentationNative_v0300.dll
2007-10-09 12:03    73,752    ----a-w    C:\WINDOWS\system32\dxva2.dll
2007-10-09 12:03    493,080    ----a-w    C:\WINDOWS\system32\evr.dll
2007-10-09 12:03    350,744    ----a-w    C:\WINDOWS\system32\PresentationHost.exe
2007-10-09 12:03    33,304    ----a-w    C:\WINDOWS\system32\PresentationHostProxy.dll
2007-10-09 12:03    161,304    ----a-w    C:\WINDOWS\system32\UIAutomationCore.dll
2007-10-09 12:03    106,520    ----a-w    C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2007-10-09 12:03    1,986,072    ----a-w    C:\WINDOWS\system32\milcore.dll
2007-10-09 11:58    16,896    ----a-w    C:\WINDOWS\system32\tswpfwrp.exe
2007-10-04 16:14    81,920    ----a-w    C:\WINDOWS\system32\nvwddi.dll
2007-10-04 16:14    81,920    ----a-w    C:\WINDOWS\system32\nvmctray.dll
2007-10-04 16:14    8,491,008    ----a-w    C:\WINDOWS\system32\nvcpl.dll
2007-10-04 16:14    753,664    ----a-w    C:\WINDOWS\system32\nvcplui.exe
2007-10-04 16:14    6,750,208    ----a-w    C:\WINDOWS\system32\nvoglnt.dll
2007-10-04 16:14    6,344,704    ----a-w    C:\WINDOWS\system32\nvdisps.dll
2007-10-04 16:14    5,783,424    ----a-w    C:\WINDOWS\system32\nv4_disp.dll
2007-10-04 16:14    466,944    ----a-w    C:\WINDOWS\system32\nvshell.dll
2007-10-04 16:14    45,056    ----a-w    C:\WINDOWS\system32\nvmccsrs.dll
2007-10-04 16:14    442,368    ----a-w    C:\WINDOWS\system32\nvappbar.exe
2007-10-04 16:14    425,984    ----a-w    C:\WINDOWS\system32\keystone.exe
2007-10-04 16:14    364,544    ----a-w    C:\WINDOWS\system32\nvapi.dll
2007-10-04 16:14    36,864    ----a-w    C:\WINDOWS\system32\nvcodins.dll
2007-10-04 16:14    36,864    ----a-w    C:\WINDOWS\system32\nvcod.dll
2007-10-04 16:14    307,200    ----a-w    C:\WINDOWS\system32\nvexpbar.dll
2007-10-04 16:14    3,551,232    ----a-w    C:\WINDOWS\system32\nvvitvs.dll
2007-10-04 16:14    3,334,144    ----a-w    C:\WINDOWS\system32\nvgames.dll
2007-10-04 16:14    286,720    ----a-w    C:\WINDOWS\system32\nvnt4cpl.dll
2007-10-04 16:14    229,376    ----a-w    C:\WINDOWS\system32\nvmccs.dll
2007-10-04 16:14    2,371,584    ----a-w    C:\WINDOWS\system32\nvwss.dll
2007-10-04 16:14    188,416    ----a-w    C:\WINDOWS\system32\nvmccss.dll
2007-10-04 16:14    155,716    ----a-w    C:\WINDOWS\system32\nvsvc32.exe
2007-10-04 16:14    147,456    ----a-w    C:\WINDOWS\system32\nvcolor.exe
2007-10-04 16:14    1,703,936    ----a-w    C:\WINDOWS\system32\nvwdmcpl.dll
2007-10-04 16:14    1,626,112    ----a-w    C:\WINDOWS\system32\nwiz.exe
2007-10-04 16:14    1,478,656    ----a-w    C:\WINDOWS\system32\nview.dll
2007-10-04 16:14    1,339,392    ----a-w    C:\WINDOWS\system32\nvdspsch.exe
2007-10-04 16:14    1,150,976    ----a-w    C:\WINDOWS\system32\nvmobls.dll
2007-10-04 16:14    1,019,904    ----a-w    C:\WINDOWS\system32\nvwimg.dll
2007-09-29 20:35    107,888    ----a-w    C:\WINDOWS\system32\CmdLineExt.dll
2007-09-28 16:07    129,784    ------w    C:\WINDOWS\system32\pxafs.dll
2007-09-28 16:07    120,056    ------w    C:\WINDOWS\system32\pxcpyi64.exe
2007-09-28 16:07    118,520    ------w    C:\WINDOWS\system32\pxinsi64.exe
2007-05-10 13:51    47,360    ----a-w    C:\Documents and Settings\Ejer\Application Data\pcouffin.sys
2006-05-03 09:06    163,328    --sh--r    C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47    31,232    --sh--r    C:\WINDOWS\system32\msfDX.dll
.

(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SmartFTP Drop]
@={EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD}

[HKEY_CLASSES_ROOT\CLSID\{EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD}]
2007-12-05 00:41    472376    --a------    C:\Programmer\SmartFTP Client\sfShellTools.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-27 01:53]
"Steam"="c:\programmer\steam\steam.exe" [2007-11-30 08:16]
"ThePrivacyGuard"="C:\PROGRA~1\THEPRI~1\THEPRI~1.exe" []
"CloseCoal"="C:\DOCUME~1\Ejer\APPLIC~1\PROCFI~1\Blue skip.exe" [2007-12-20 22:17]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2007-10-04 17:14 C:\WINDOWS\system32\nwiz.exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-07-22 22:25 C:\WINDOWS\KHALMNPR.Exe]
"Launch LGDCore"="C:\Programmer\Logitech\G-series Software\LGDCore.exe" [2006-03-06 16:31]
"Launch LCDMon"="C:\Programmer\Logitech\G-series Software\LCDMon.exe" [2006-03-06 16:14]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-27 01:53 C:\WINDOWS\system32\rundll32.exe]
"RegistryMechanic"="" []
"Adobe Reader Speed Launcher"="C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-21 09:32]
"relakks"="C:\relakks.lnk" [2007-11-28 20:56]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-27 01:53 C:\WINDOWS\system32\rundll32.exe]
"GrooveMonitor"="C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00]
"eggs joy math type"="C:\Documents and Settings\All Users\Application Data\Bind army eggs joy\mode 64.exe" [2007-12-21 21:40]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-27 01:53]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-27 01:53]
"Nokia.PCSync"="C:\Programmer\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-24 16:25]

C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\
Logitech SetPoint.lnk - C:\Programmer\Logitech\SetPoint\SetPoint.exe [2007-05-01 11:11:17]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programmer\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Programmer\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Programmer\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^Monitor Apache Servers.lnk]
path=C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\Monitor Apache Servers.lnk
backup=C:\WINDOWS\pss\Monitor Apache Servers.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Ejer^Menuen Start^Programmer^Start^MagicDisc.lnk]
backup=C:\WINDOWS\pss\MagicDisc.lnkStartup
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anonymizer]
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CameraFixer]
2006-06-01 10:26    20480    --a------    C:\WINDOWS\CameraFixer.exe
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
            C:\Programmer\SlySoft\CloneCD\CloneCDTray.exe /s
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloseCoal]
2007-12-20 22:17    430080    --a------    C:\DOCUME~1\Ejer\APPLIC~1\PROCFI~1\Blue skip.exe
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
            C:\Programmer\DAEMON Tools\daemon.exe -lang 1033
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Echovoice Gamer Statistics]
2006-11-28 22:52    53248    --a------    C:\Programmer\Echovoice\Gamer Statistics\G15 Echovoice Gamer Statistics.exe
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2007-08-24 07:00    33648    --a------    C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2007-11-15 13:11    267048    --a------    C:\Programmer\iTunes\iTunesHelper.exe
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
            RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
            C:\Programmer\Nokia\Nokia PC Suite 6\PCSuite.exe -onlytray
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
            C:\Programmer\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
            C:\Programmer\QuickTime\qttask.exe -atboottime
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
2005-09-05 14:55    339968    --a------    C:\WINDOWS\vsnpstd3.exe
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2007-06-21 14:06    1318912    --a------    C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
           
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnpstd3]
2006-06-19 12:21    114688    --a------    C:\WINDOWS\tsnpstd3.exe

R3 SCREAMINGBDRIVER;Screaming Bee Audio;C:\WINDOWS\system32\drivers\ScreamingBAudio.sys [2006-09-26 22:21]
S3 PRODIGY;PRODIGY;C:\WINDOWS\system32\Drivers\PRODIGY.SYS [2006-08-29 15:56]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a96a950-a4cc-11dc-874f-000cf192e9f7}]
\Shell\AutoRun\command - H:\AutoRun.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
"2007-12-21 21:00:01 C:\WINDOWS\Tasks\A7490435918681B5.job"
- c:\docume~1\ejer\applic~1\procfi~1\INTERNETHTMIDLE.exe
"2007-11-29 09:33:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Programmer\Apple Software Update\SoftwareUpdate.exe
"2007-12-08 02:30:00 C:\WINDOWS\Tasks\ErrorKiller Scheduled Scan.job"
- C:\Programmer\ErrorKiller\ErrorKiller.ex
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-21 22:52:46
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-21 22:53:25
.
2007-12-11 22:50:36    --- E O F ---

- SUK -
... sådan går det let når man leger med Bitcomet / LimeWire / utorrent.exe
!!!

Afinstaler
* Bitcomet
* LimeWire
* Utorrent
* Bind army eggs joy (Hvis det er der?)
* Proc film bolt (Hvis det er der?)
* Messenger Plus!
* ErrorKiller
via -
Kontrolpanel/tilføj-fjern programmer...

Genstart normalt...

-- Hent Avenger her:
http://swandog46.geekstogo.com/avenger.zip

-- Pak Avenger-programmet ud og dobbeltklik på avenger.exe

-- Sæt en prik i "Input Script Manually" og klik på Luppen - nu dukker der et lille vindue op, hvor du skal kopiere indholdet mellem ~~~ skrift ind:

~~~~~~~~~~~~~~~~~~
Files to delete:
C:\WINDOWS\system32\vistaui(2).exe
C:\WINDOWS\Tasks\A7490435918681B5.job
C:\WINDOWS\Tasks\ErrorKiller Scheduled Scan.job

Folders to delete:
c:\docume~1\ejer\applic~1\procfi~1\
C:\Programmer\Messenger Plus! Live
C:\Documents and Settings\Ejer\Application Data\LimeWire
C:\Documents and Settings\All Users\Application Data\Bind army eggs joy
C:\Programmer\Proc film bolt
C:\Documents and Settings\Ejer\Application Data\Proc film bolt
C:\Documents and Settings\All Users\Application Data\Messenger Plus!
C:\Programmer\LimeWire
C:\Programmer\BitComet
C:\Programmer\utorrent
C:\Documents and Settings\Ejer\Application Data\utorrent
C:\Documents and Settings\Ejer\Application Data\BitComet
C:\Documents and Settings\Ejer\Application Data\ErrorKiller
C:\Programmer\Messenger Plus! Live
C:\Programmer\ErrorKiller\
~~~~~~~~~~~~~~~~~~

-- Klik på Trafiklyset i Avenger. Programmet vil opfordre dig til at genstarte computeren straks, hvilket du skal gøre. Programmet vil lukke din computer, slette filerne og starte computeren igen.

-- Efter genstarten vil der dukke et notepad-vindue op, med en log for Avengers handlinger. Den må du gerne lægge ind i dit næste svar.

-- Kør Hijackthis, vælg "Do a system scan only", sæt flueben ved linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked.
O4 - HKLM\..\Run: [relakks] "C:\relakks.lnk"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CloseCoal] C:\DOCUME~1\Ejer\APPLIC~1\PROCFI~1\Blue skip.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programmer\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programmer\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Programmer\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Programmer\Fælles filer\Ahead\Lib\NMIndexingService.exe (file missing)

Genstart computeren, og lav en ny log med Hijackthis, som du lægger herind sammen med loggen fra Avenger.

Registreringsdatabase oprydning kan anbefales ->
RegCleaner http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm (Specielt punktet [Register]...)
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller NEJ til den.

hva er der galt med messenger plus ?

ahh ... det var messenger plus som gav de der pop-ups -.- har afinstalleret det ;p

prøvet blev løst med det der messenger plus ..
den fik IE til at kører konstant 3-6 applicationer af iexplorer.exe på en gang ;p(bruger firefox) så kom med et svar!

her har du den nye hijacklog:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:06:28, on 22-12-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmer\Analog Devices\SoundMAX\spkrmon.exe
C:\Programmer\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Canon\CAL\CALMAIN.exe
C:\Programmer\Logitech\G-series Software\LGDCore.exe
C:\Programmer\Logitech\G-series Software\LCDMon.exe
C:\Programmer\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
C:\Programmer\Logitech\G-series Software\Applets\LCDClock.exe
C:\Programmer\weatherg15\WeatherG15.exe
C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\Fælles filer\Logitech\KHAL\KHALMNPR.EXE
C:\Programmer\Mozilla Firefox\firefox.exe
C:\Programmer\Trend Micro\HijackThis\crusty.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: (no name) - {02DCA195-602B-4B1F-83FF-381B7E804BDB} - C:\WINDOWS\system32\HDBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmer\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Programmer\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Programmer\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [relakks] "C:\relakks.lnk"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\programmer\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ThePrivacyGuard] "C:\PROGRA~1\THEPRI~1\THEPRI~1.EXE" /startup
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Programmer\Fælles filer\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL (file missing)
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Programmer\Fælles filer\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Programmer\Fælles filer\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1177965520703
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6F12E974-1330-478D-99A9-F7720307154D}: NameServer = 82.209.169.71 82.209.169.72
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmer\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FLLESF~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmer\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Programmer\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Programmer\SiSoftware\SiSoftware Sandra Lite XI.SP2\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Programmer\SiSoftware\SiSoftware Sandra Lite XI.SP2\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmer\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spkrmon - Unknown owner - C:\Programmer\Analog Devices\SoundMAX\spkrmon.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programmer\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Ejer/LOKALE~1/Temp/msohtmlclip1/01/clip_image002.jpg

--
End of file - 9763 bytes

... fik Avenger ædt de nævnte elementer ? Vil gerne se/læse loggen drefra ...

Mht Bitcomet / LimeWire / Utorrent - læs og forstå ->
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=40284

Samt ->
http://www.spywareinfo.dk/#/tests/messengerplus.htm

Du er velkommen en anden gang...

Du bør rense temp med denne fil, det tager kun få sek.
http://www.spywareinfo.dk/download/cleantempxp2k.bat

Efter sådan en tur er det altid en god ide og rydde op i systemgendannelsesfilerne.
Deaktiver systemgendannelse -> http://www.spywareinfo.dk/#/tip-og-tricks/deaktiver_systemgendannelse.htm
Genstart din computer - aktiver systemgendannelse. Dette gøres samme sted, hvor du deaktiverede, denne gang skal du blot aktivere.
Det vil også være en god idé manuelt at oprette et nyt punkt, som du kan navngive, og vende tilbage til, hvis du skulle få problemer af nogen art.

Et par artikler om sikker surfing finder du her:
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=14414

Safe Surfing...