Viruspogram skyld i at internet går ud?

Generelt - skal vi gætte:

Win98, W2000, XP, Vista, ... , ... ?
Bærbar ? Stationær ?

???

Smid Norton ud og installer AVG

Det er xp og en bærbar

Er norton da ikke et godt virus program?

Nej - det et et godt antivirusprogram! I modsætning til AVG free.

Det er formentlig dine blokeringer der popper op.

Jamen hvordan gør jeg så de ikke kommer op?
Og hvorfor går internettet ud flere gange dagligt efter jeg har installeret Norton?

Det skal lige siges, at pop up vinduerne kommer frem når jeg surfer på nettet, og det er f.eks. reklamer der kommer op og ting som det

Er det Norton Internet Security? Hvilken version? Hvad havde du før?

Det er Norton Internet Security.
Jeg mener at det var mcafee

Norton har ikke popup blocker. Det har mcafee.

Prøv lige at hente denne: http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe
Kør HijackThis, klik på "Do a systemscan scan and save a logfile"  kopier loggens tekst og send den herind.

Bemærk Hijackthis skal gemmes på computeren og ikke køres fra nettet

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:57:02, on 12-03-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Programmer\Java\jre1.6.0_02\bin\jusched.exe
C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe
C:\Programmer\QuickTime\QTTask.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\Fælles filer\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\Programmer\Fælles filer\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\IBM\Bluetooth Software\BTTray.exe
C:\Programmer\Windows Desktop Search\WindowsSearch.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\Programmer\IBM\Bluetooth Software\bin\btwdins.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmer\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Programmer\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
C:\Programmer\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\Fælles filer\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\MSN Messenger\usnsvc.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Maja\Lokale indstillinger\Temporary Internet Files\Content.IE5\TX9BEY90\HiJackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programmer\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programmer\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programmer\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmer\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programmer\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programmer\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmer\Fælles filer\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [eggs joy math type] C:\Documents and Settings\All Users\Application Data\Bind army eggs joy\FLAW SEEK.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programmer\Fælles filer\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [4About] C:\DOCUME~1\Maja\APPLIC~1\intravga\Wmatick.exe
O4 - HKCU\..\Run: [GMVegasSetup.exe] C:\DOCUME~1\Maja\SKRIVE~1\GMVEGA~1.EXE /r
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Programmer\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmer\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmer\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmer\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.facebook.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1232830072268
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1232830059510
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FLLESF~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programmer\IBM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programmer\Fælles filer\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Programmer\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmer\Fælles filer\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Programmer\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmer\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WUSB54Gv4SVC - GEMTEKS - C:\Programmer\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe

--
End of file - 11433 bytes

Download Lop S&D by Eric_71 og gem det på dit Skrivebord.
http://eric.71.mespages.googlepages.com/lop.sd.en
Klik på - Download knappen til venstre

-- Kør LopSD. Tast e - for Engelsk. Tryk Enter.
Tast så 2 = (Fix + Hosts)
Tryk Enter. Så kører scanningen.
Lad programmet gennemføre en rensning.

Når scanningen er færdig, ligger der en log fil her C:lopR txt, som du godt må kopiere ind i dit næste svar sammen med en ny HJT log

Jeg vil anbefale at du afinstallerer ask toolbaren via tilføj/fjern programmer i kontrol panelet inden du laver en ny HJT log. Beklager - den glemte jeg lige.

Bemærk Hijackthis skal gemmes på computeren og ikke køres fra nettet ...

--------------------\\  Lop S&D 4.2.5-0  XP/Vista

  Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
  X86-based PC ( Uniprocessor Free :        Intel(R) Pentium(R) M processor 1600MHz )
  BIOS : Phoenix FirstBIOS(tm) Notebook Pro Version 2.0 for IBM ThinkPad
  USER : Maja ( Administrator )
  BOOT : Normal boot
  Antivirus : Norton Internet Security 16.0.0.125 (Activated)
  Firewall  : Norton Internet Security 16.0.0.125 (Activated)
  C:\ (Local Disk) - NTFS - Total:33 Go (Free:11 Go)
  D:\ (CD or DVD)

  "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
  Option : [2] ( 14-03-2009|15:07 )


  \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX

  Deleted! - C:\WINDOWS\Tasks\A33F8EED9188063D.job
  Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bind army eggs joy\FLAW SEEK.dat
  Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bind army eggs joy\FLAW SEEK.exe
  Deleted! - C:\DOCUME~1\Maja\APPLIC~1\intravga\grey name cool.exe
  Deleted! - C:\DOCUME~1\Maja\APPLIC~1\intravga\kqxmgyid.exe
  Deleted! - C:\DOCUME~1\Maja\APPLIC~1\intravga\Seek rdr 2 audio.exe
  Deleted! - C:\DOCUME~1\Maja\APPLIC~1\intravga\Wmatick.exe
  Deleted! - C:\Programmer\Circle Developement\Uninstall.exe
  Deleted! - C:\DOCUME~1\Maja\Cookies\maja@www.adserver5[1].txt
  Deleted! - C:\DOCUME~1\Maja\LOKALE~1\Temp\bis1.exe
  Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bind army eggs joy
  Deleted! - C:\DOCUME~1\Maja\APPLIC~1\intravga
  Deleted! - C:\Programmer\intravga
  Deleted! - C:\Programmer\Adverts
  Deleted! - C:\Programmer\Circle Developement
  -
  [ Hosts file ] .. Restored!

  \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


  --------------------\\  Listing folders in APPLIC~1

  [30-03-2007|07:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
  [29-03-2007|15:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ahead
  [30-03-2007|09:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
  [27-03-2007|11:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
  [30-03-2007|07:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
  [30-03-2007|09:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
  [29-03-2007|15:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
  [0|fil(er)] C:\DOCUME~1\ADMINI~1\APPLIC~1\byte
  [9|mappe(r)] C:\DOCUME~1\ADMINI~1\APPLIC~1\byte ledig

  [09-03-2009|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
  [29-09-2008|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
  [30-08-2007|19:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
  [12-04-2007|13:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
  [03-12-2008|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
  [17-11-2008|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
  [17-01-2008|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
  [08-08-2007|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
  [16-01-2009|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
  [27-08-2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
  [07-09-2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
  [09-06-2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
  [01-04-2007|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
  [02-09-2007|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
  [09-03-2009|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
  [29-03-2007|15:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
  [27-08-2008|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia
  [08-03-2009|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Norton
  [08-03-2009|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
  [29-09-2008|16:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
  [09-03-2009|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
  [05-09-2007|06:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
  [04-04-2007|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
  [17-11-2008|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
  [17-11-2008|15:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
  [13-01-2008|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
  [30-08-2007|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\web army upload remote
  [28-03-2007|12:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
  [30-03-2007|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
  [08-12-2007|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
  [0|fil(er)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\byte
  [32|mappe(r)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\byte ledig

  [27-03-2007|10:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
  [0|fil(er)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\byte
  [3|mappe(r)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\byte ledig

  [03-10-2008|16:05] C:\DOCUME~1\GST~1\APPLIC~1\Adobe
  [16-06-2007|14:29] C:\DOCUME~1\GST~1\APPLIC~1\Google
  [09-04-2007|08:33] C:\DOCUME~1\GST~1\APPLIC~1\Identities
  [06-09-2008|23:29] C:\DOCUME~1\GST~1\APPLIC~1\Launchy
  [16-06-2007|14:45] C:\DOCUME~1\GST~1\APPLIC~1\Macromedia
  [01-02-2008|22:32] C:\DOCUME~1\GST~1\APPLIC~1\Microsoft
  [06-09-2008|23:30] C:\DOCUME~1\GST~1\APPLIC~1\Mozilla
  [29-07-2007|11:32] C:\DOCUME~1\GST~1\APPLIC~1\PC Suite
  [23-05-2008|17:04] C:\DOCUME~1\GST~1\APPLIC~1\Politiken
  [24-05-2008|21:58] C:\DOCUME~1\GST~1\APPLIC~1\Skype
  [18-07-2007|10:41] C:\DOCUME~1\GST~1\APPLIC~1\Sun
  [01-07-2008|19:05] C:\DOCUME~1\GST~1\APPLIC~1\Ulead Systems
  [10-03-2009|18:57] C:\DOCUME~1\GST~1\APPLIC~1\Windows Desktop Search
  [0|fil(er)] C:\DOCUME~1\GST~1\APPLIC~1\byte
  [15|mappe(r)] C:\DOCUME~1\GST~1\APPLIC~1\byte ledig

  [09-03-2009|19:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
  [0|fil(er)] C:\DOCUME~1\LOCALS~1\APPLIC~1\byte
  [3|mappe(r)] C:\DOCUME~1\LOCALS~1\APPLIC~1\byte ledig

  [10-03-2009|19:33] C:\DOCUME~1\Maja\APPLIC~1\Adobe
  [10-03-2009|19:33] C:\DOCUME~1\Maja\APPLIC~1\AdobeAUM
  [10-03-2009|19:33] C:\DOCUME~1\Maja\APPLIC~1\AdobeUM
  [18-04-2007|14:45] C:\DOCUME~1\Maja\APPLIC~1\Apple Computer
  [31-05-2007|14:43] C:\DOCUME~1\Maja\APPLIC~1\Arto
  [03-12-2008|20:49] C:\DOCUME~1\Maja\APPLIC~1\AVS4YOU
  [27-07-2007|16:39] C:\DOCUME~1\Maja\APPLIC~1\Datalayer
  [29-05-2007|20:23] C:\DOCUME~1\Maja\APPLIC~1\DivX
  [31-03-2007|13:21] C:\DOCUME~1\Maja\APPLIC~1\Google
  [13-01-2008|18:40] C:\DOCUME~1\Maja\APPLIC~1\Help
  [30-03-2007|19:40] C:\DOCUME~1\Maja\APPLIC~1\Identities
  [17-11-2008|15:51] C:\DOCUME~1\Maja\APPLIC~1\InstallShield
  [06-04-2007|17:11] C:\DOCUME~1\Maja\APPLIC~1\KeySafe
  [06-09-2008|23:30] C:\DOCUME~1\Maja\APPLIC~1\Launchy
  [17-11-2008|17:10] C:\DOCUME~1\Maja\APPLIC~1\LimeWire
  [30-03-2007|19:57] C:\DOCUME~1\Maja\APPLIC~1\Macromedia
  [25-01-2009|22:58] C:\DOCUME~1\Maja\APPLIC~1\Microsoft
  [06-09-2008|23:31] C:\DOCUME~1\Maja\APPLIC~1\Mozilla
  [01-07-2008|19:20] C:\DOCUME~1\Maja\APPLIC~1\Nokia
  [12-05-2008|19:19] C:\DOCUME~1\Maja\APPLIC~1\Ny mappe
  [12-05-2008|19:19] C:\DOCUME~1\Maja\APPLIC~1\Ny mappe (2)
  [30-09-2007|09:22] C:\DOCUME~1\Maja\APPLIC~1\PC Suite
  [05-03-2008|18:34] C:\DOCUME~1\Maja\APPLIC~1\Politiken
  [09-05-2007|19:31] C:\DOCUME~1\Maja\APPLIC~1\Screenshot Sender
  [07-09-2008|16:31] C:\DOCUME~1\Maja\APPLIC~1\Skype
  [17-11-2008|16:46] C:\DOCUME~1\Maja\APPLIC~1\Sony
  [31-03-2007|13:27] C:\DOCUME~1\Maja\APPLIC~1\Sun
  [24-03-2008|16:34] C:\DOCUME~1\Maja\APPLIC~1\Ulead Systems
  [09-03-2009|16:32] C:\DOCUME~1\Maja\APPLIC~1\Windows Desktop Search
  [10-03-2009|19:01] C:\DOCUME~1\Maja\APPLIC~1\Windows Search
  [0|fil(er)] C:\DOCUME~1\Maja\APPLIC~1\byte
  [32|mappe(r)] C:\DOCUME~1\Maja\APPLIC~1\byte ledig

  [27-03-2007|10:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
  [0|fil(er)] C:\DOCUME~1\NETWOR~1\APPLIC~1\byte
  [3|mappe(r)] C:\DOCUME~1\NETWOR~1\APPLIC~1\byte ledig

  --------------------\\  Scheduled Tasks located in C:\WINDOWS\Tasks

  [09-03-2009 15:28][--a------] C:\WINDOWS\tasks\OGADaily.job
  [14-03-2009 14:59][--a------] C:\WINDOWS\tasks\OGALogon.job
  [08-03-2009 21:00][--a------] C:\WINDOWS\tasks\Diskoprydning.job
  [25-08-2008 15:04][--a------] C:\WINDOWS\tasks\defrag.job
  [09-03-2009 12:24][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
  [12-03-2009 22:00][--a------] C:\WINDOWS\tasks\S›g efter opdateringer til Windows Live Toolbar.job
  [14-03-2009 14:58][--ah-----] C:\WINDOWS\tasks\SA.DAT
  [09-10-2001 13:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

  --------------------\\  Listing Folders in C:\Programmer

  [29-09-2008|16:18] C:\Programmer\Adobe
  [29-03-2007|08:15] C:\Programmer\Analog Devices
  [22-02-2009|20:50] C:\Programmer\Apple Software Update
  [06-04-2007|16:59] C:\Programmer\ArcSoft
  [31-05-2007|14:43] C:\Programmer\Arto
  [27-03-2007|10:14] C:\Programmer\ATI Technologies
  [09-03-2009|11:14] C:\Programmer\Avanquest update
  [03-12-2008|20:53] C:\Programmer\AVS4YOU
  [09-03-2009|21:05] C:\Programmer\Bonjour
  [17-01-2008|19:40] C:\Programmer\Canon
  [27-03-2007|10:49] C:\Programmer\ComPlus Applications
  [27-07-2007|16:22] C:\Programmer\DIFX
  [29-05-2007|20:31] C:\Programmer\DivX
  [13-08-2007|12:11] C:\Programmer\EA GAMES
  [27-07-2007|17:52] C:\Programmer\Firefly Studios
  [09-03-2009|18:49] C:\Programmer\F‘lles filer
  [02-03-2009|18:51] C:\Programmer\Gold Miner Vegas
  [16-01-2009|16:39] C:\Programmer\Google
  [29-03-2007|14:37] C:\Programmer\IBM
  [17-11-2008|15:54] C:\Programmer\InstallShield Installation Information
  [29-03-2007|14:48] C:\Programmer\Intel
  [09-03-2009|12:48] C:\Programmer\Internet Explorer
  [09-03-2009|21:09] C:\Programmer\iPod
  [09-03-2009|21:10] C:\Programmer\iTunes
  [11-08-2007|23:29] C:\Programmer\Java
  [06-09-2008|23:30] C:\Programmer\Launchy
  [17-11-2008|17:20] C:\Programmer\LimeWire
  [30-03-2007|19:48] C:\Programmer\Linksys Wireless-G USB Wireless Network Monitor
  [11-01-2009|16:57] C:\Programmer\Lion King
  [09-06-2007|20:12] C:\Programmer\Logitech
  [09-03-2009|13:04] C:\Programmer\Messenger
  [12-03-2009|17:57] C:\Programmer\Messenger Plus! Live
  [09-03-2009|16:34] C:\Programmer\Microsoft
  [10-05-2007|14:48] C:\Programmer\Microsoft CAPICOM 2.1.0.2
  [27-03-2007|10:53] C:\Programmer\microsoft frontpage
  [05-02-2008|21:15] C:\Programmer\Microsoft Office
  [09-03-2009|16:35] C:\Programmer\Microsoft Silverlight
  [29-03-2007|08:32] C:\Programmer\Microsoft.NET
  [09-03-2009|12:15] C:\Programmer\Movie Maker
  [03-12-2008|20:56] C:\Programmer\Mozilla Firefox
  [15-04-2008|18:43] C:\Programmer\MP3 Player Utilities 4.15
  [09-03-2009|15:11] C:\Programmer\MSBuild
  [05-02-2008|21:14] C:\Programmer\MSECache
  [27-03-2007|10:49] C:\Programmer\MSN Gaming Zone
  [12-03-2009|17:57] C:\Programmer\MSN Messenger
  [29-03-2007|13:57] C:\Programmer\MSXML 4.0
  [13-08-2007|21:08] C:\Programmer\MSXML 6.0
  [29-03-2007|15:40] C:\Programmer\Nero
  [09-03-2009|12:07] C:\Programmer\NetMeeting
  [09-03-2009|18:50] C:\Programmer\Nokia
  [08-03-2009|14:35] C:\Programmer\Norton Internet Security
  [08-03-2009|14:33] C:\Programmer\NortonInstaller
  [29-09-2008|16:20] C:\Programmer\NOS
  [27-03-2007|10:51] C:\Programmer\Onlinetjenester
  [09-03-2009|12:27] C:\Programmer\Outlook Express
  [08-08-2007|10:12] C:\Programmer\PC Connectivity Solution
  [29-09-2007|22:33] C:\Programmer\Picasa2
  [05-03-2008|18:33] C:\Programmer\Polob32
  [22-02-2009|20:54] C:\Programmer\QuickTime
  [08-12-2007|23:50] C:\Programmer\RealArcade
  [09-03-2009|15:11] C:\Programmer\Reference Assemblies
  [01-03-2009|20:59] C:\Programmer\ReflexiveArcade
  [06-04-2007|16:58] C:\Programmer\Samsung
  [27-01-2009|20:15] C:\Programmer\SIW
  [04-04-2007|21:12] C:\Programmer\Skype
  [17-11-2008|16:24] C:\Programmer\Sony
  [17-11-2008|16:24] C:\Programmer\Sony Ericsson
  [08-03-2009|14:35] C:\Programmer\Symantec
  [13-01-2008|18:38] C:\Programmer\Ulead Systems
  [27-03-2007|11:08] C:\Programmer\Uninstall Information
  [09-03-2009|16:32] C:\Programmer\Windows Desktop Search
  [08-12-2007|19:55] C:\Programmer\Windows Live
  [13-09-2007|18:33] C:\Programmer\Windows Live Safety Center
  [30-03-2007|20:28] C:\Programmer\Windows Live Toolbar
  [13-01-2008|18:41] C:\Programmer\Windows Media Components
  [09-03-2009|16:29] C:\Programmer\Windows Media Connect 2
  [09-03-2009|16:29] C:\Programmer\Windows Media Player
  [09-03-2009|12:07] C:\Programmer\Windows NT
  [08-03-2009|14:34] C:\Programmer\Windows Sidebar
  [27-03-2007|10:51] C:\Programmer\WindowsUpdate
  [26-02-2008|18:47] C:\Programmer\WinRAR
  [27-03-2007|10:53] C:\Programmer\xerox
  [13-01-2008|18:54] C:\Programmer\XviD
  [0|fil(er)] C:\Programmer\byte
  [85|mappe(r)] C:\Programmer\byte ledig

  --------------------\\  Listing Folders in C:\Programmer\F‘lles filer

  [19-08-2007|17:44] C:\Programmer\F‘lles filer\Adobe
  [29-09-2008|16:18] C:\Programmer\F‘lles filer\Adobe AIR
  [29-03-2007|15:42] C:\Programmer\F‘lles filer\Ahead
  [09-03-2009|21:09] C:\Programmer\F‘lles filer\Apple
  [03-12-2008|20:53] C:\Programmer\F‘lles filer\AVSMedia
  [29-03-2007|12:52] C:\Programmer\F‘lles filer\Cisco Systems
  [29-03-2007|08:30] C:\Programmer\F‘lles filer\DESIGNER
  [04-12-2008|18:06] C:\Programmer\F‘lles filer\DVDVideoSoft
  [29-03-2007|08:15] C:\Programmer\F‘lles filer\InstallShield
  [29-03-2007|15:51] C:\Programmer\F‘lles filer\Java
  [10-06-2007|17:00] C:\Programmer\F‘lles filer\logishrd
  [09-03-2009|22:12] C:\Programmer\F‘lles filer\Microsoft Shared
  [27-03-2007|10:50] C:\Programmer\F‘lles filer\MSSoap
  [09-03-2009|18:49] C:\Programmer\F‘lles filer\Nokia
  [27-03-2007|12:41] C:\Programmer\F‘lles filer\ODBC
  [04-04-2007|21:12] C:\Programmer\F‘lles filer\Skype
  [17-11-2008|16:25] C:\Programmer\F‘lles filer\Sony Shared
  [27-03-2007|12:41] C:\Programmer\F‘lles filer\SpeechEngines
  [08-03-2009|14:43] C:\Programmer\F‘lles filer\Symantec Shared
  [09-03-2009|12:27] C:\Programmer\F‘lles filer\System
  [27-03-2007|10:50] C:\Programmer\F‘lles filer\Tjenester
  [13-01-2008|18:38] C:\Programmer\F‘lles filer\Ulead Systems
  [08-12-2007|19:56] C:\Programmer\F‘lles filer\WindowsLiveInstaller
  [0|fil(er)] C:\Programmer\F‘lles filer\byte
  [25|mappe(r)] C:\Programmer\F‘lles filer\byte ledig

  --------------------\\  Process

  ( 52 Processes )

  ... OK !

  --------------------\\  Searching with S_Lop

  No Lop folder found !

  --------------------\\  Searching for Lop Files - Folders

  No Lop folder found !

  --------------------\\  Searching within the Registry

  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

  ..... OK !

  --------------------\\  Checking the Hosts file

  Hosts file CLEAN


  --------------------\\  Searching for hidden files with Catchme

  catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
  Rootkit scan 2009-03-14 15:10:55
  Windows 5.1.2600 Service Pack 3 NTFS
  scanning hidden processes ...
  scanning hidden files ...
  scan completed successfully
  hidden processes: 0
  hidden files: 133

  --------------------\\  Searching for other infections

  --------------------\\  Cracks & Keygens ..

  C:\DOCUME~1\Maja\Pakkeprogram\Crack


  [F:491][D:20]-> C:\DOCUME~1\Maja\LOKALE~1\Temp
  [F:64][D:0]-> C:\DOCUME~1\Maja\Cookies
  [F:909][D:7]-> C:\DOCUME~1\Maja\LOKALE~1\TEMPOR~1\content.IE5

  1 - "C:\Lop SD\LopR_1.txt" - 14-03-2009|15:17 - Option : [2]

  --------------------\\  Scan completed at 15:17:27

Jeg har fjernet Ask toolbar

C:\Programmer\LimeWire -> *SUK*
C:\Programmer\Messenger Plus! Live -> *Hmmm...*
C:\Programmer\Gold Miner Vegas -> *Er det noget du kender?*

<f-arn>: Du fortsætter bare *S* ...

Limewire er noget jeg har slettet for lang tid siden, men der er åbenbart stadig rester .. Hvordan kommer jeg af med det sidste?

Hmmm - det gav ikke det resultat jeg forventede. Så prøv dette.

Hent "Malwarebytes' Anti-Malware" her: http://www.besttechie.net/tools/mbam-setup.exe
Installer og start programmet, opdater, lav "fuld systemskanning" under fanebladet "skanner".
Bagefter klik på "vis resultater", tryk på "Fjern det valgte" og send loggen herind sammen med en log fra DDS som du finder her: http://www.techsupportforum.com/sectools/sUBs/dds

eller her: http://download.bleepingcomputer.com/sUBs/dds.scr

eller her: http://www.forospyware.com/sUBs/dds


Den laver to logs,(DDS.txt og Attach.txt) gem dem på skrivebordet og kopier indholdet af DDS.txt  herind.

OBS - DDS skal gemmes på på computeren og ikke køres fra nettet

Malwarebytes' Anti-Malware 1.34
Database version: 1851
Windows 5.1.2600 Service Pack 3

15-03-2009 20:10:40
mbam-log-2009-03-15 (20-10-40).txt

Skan type: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 162312
Tid tilbagelagt: 2 hour(s), 22 minute(s), 55 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 2
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)












DDS (Ver_09-02-01.01) - NTFSx86 
Run by Maja at 20:19:07,95 on 15-03-2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional  5.1.2600.3.1252.45.1030.18.511.44 [GMT 1:00]

AV: Norton Internet Security *On-access scanning enabled* (Updated)
FW: Norton Internet Security *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\S24EvMon.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Programmer\Java\jre1.6.0_02\bin\jusched.exe
C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe
C:\Programmer\QuickTime\QTTask.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\Fælles filer\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\Programmer\Fælles filer\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\IBM\Bluetooth Software\BTTray.exe
C:\Programmer\Windows Desktop Search\WindowsSearch.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\Programmer\IBM\Bluetooth Software\bin\btwdins.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programmer\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmer\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Programmer\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
C:\Programmer\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Fælles filer\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Maja\Skrivebord\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmer\fælles filer\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\progra~1\skype\phone\ieplugin\SKYPEI~1.DLL
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\programmer\norton internet security\engine\16.0.0.125\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\programmer\norton internet security\engine\16.0.0.125\IPSBHO.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\programmer\java\jre1.6.0_02\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Hjælp til tilmelding til Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programmer\fælles filer\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\programmer\google\googletoolbar1.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\programmer\google\googletoolbarnotifier\2.0.301.7164\swg.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\programmer\windows live toolbar\msntb.dll
BHO: NoExplorer - No File
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\programmer\google\googletoolbar1.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\programmer\windows live toolbar\msntb.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\programmer\canon\easy-webprint\Toolband.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\programmer\norton internet security\engine\16.0.0.125\coIEPlg.dll
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\programmer\fælles filer\ahead\lib\NMBgMonitor.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MsnMsgr] "c:\programmer\msn messenger\MsnMsgr.Exe" /background
uRun: [MSMSGS] "c:\programmer\messenger\msmsgs.exe" /background
uRun: [GMVegasSetup.exe] c:\docume~1\maja\skrive~1\GMVEGA~1.EXE /r
mRun: [ATIPTA] c:\programmer\ati technologies\ati control panel\atiptaxx.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [SunJavaUpdateSched] "c:\programmer\java\jre1.6.0_02\bin\jusched.exe"
mRun: [LogitechCommunicationsManager] "c:\programmer\fælles filer\logishrd\lcommgr\Communications_Helper.exe"
mRun: [NeroFilterCheck] c:\programmer\fælles filer\ahead\lib\NeroCheck.exe
mRun: [QuickTime Task] "c:\programmer\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\programmer\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\alluse~1\menuen~1\progra~1\start\bttray.lnk - c:\programmer\ibm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\menuen~1\progra~1\start\window~1.lnk - c:\programmer\windows desktop search\WindowsSearch.exe
IE: &Windows Live Search - c:\programmer\windows live toolbar\msntb.dll/search.htm
IE: E&ksporter til Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\programmer\canon\easy-webprint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\programmer\canon\easy-webprint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\programmer\canon\easy-webprint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\programmer\canon\easy-webprint\Resource.dll/RC_Print.html
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\programmer\ibm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programmer\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\programmer\java\jre1.6.0_02\bin\ssv.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\progra~1\skype\phone\ieplugin\SKYPEI~1.DLL
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: facebook.com\www
Trusted Zone: microsoft.com\update
Trusted Zone: microsoft.com\windowsupdate
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1232830072268
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1232830059510
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\fllesf~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\programmer\windows desktop search\MSNLNamespaceMgr.dll
LSA: Notification Packages =  scecli scecli scecli scecli scecli scecli scecli

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1000000.07d\SymEFA.sys [2009-3-8 309296]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1000000.07d\BHDrvx86.sys [2009-3-8 254512]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1000000.07d\ccHPx86.sys [2009-3-8 362544]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20090310.003\IDSXpx86.sys [2009-3-12 276344]
R2 Norton Internet Security;Norton Internet Security;c:\programmer\norton internet security\engine\16.0.0.125\ccSvcHst.exe [2009-3-8 115560]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programmer\fælles filer\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-3-11 101936]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090314.020\NAVENG.SYS [2009-3-15 89104]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090314.020\NAVEX15.SYS [2009-3-15 876144]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2008-11-17 90408]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2008-11-17 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2008-11-17 122024]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2008-11-17 115368]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2008-11-17 25768]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2008-11-17 111784]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2008-11-17 117544]

=============== Created Last 30 ================

2009-03-15 15:16    <DIR>    --d-----    c:\docume~1\maja\applic~1\Malwarebytes
2009-03-15 15:15    15,504    a-------    c:\windows\system32\drivers\mbam.sys
2009-03-15 15:15    38,496    a-------    c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-15 15:15    <DIR>    --d-----    c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-03-14 15:06    <DIR>    -cd-----    C:\Lop SD
2009-03-10 19:33    <DIR>    --d-----    c:\docume~1\maja\applic~1\AdobeAUM
2009-03-10 19:01    <DIR>    --d-----    c:\docume~1\maja\applic~1\Windows Search
2009-03-09 21:09    <DIR>    --d-----    c:\programmer\iPod
2009-03-09 21:08    <DIR>    --d-----    c:\programmer\iTunes
2009-03-09 21:08    <DIR>    --d-----    c:\docume~1\alluse~1\applic~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-03-09 21:05    <DIR>    --d-----    c:\programmer\Bonjour
2009-03-09 16:34    <DIR>    --d-----    c:\programmer\Microsoft
2009-03-09 16:32    <DIR>    --d-----    c:\docume~1\maja\applic~1\Windows Desktop Search
2009-03-09 16:31    <DIR>    --d-----    c:\windows\system32\GroupPolicy
2009-03-09 16:31    <DIR>    --d-----    c:\programmer\Windows Desktop Search
2009-03-09 16:30    29,696    -c------    c:\windows\system32\dllcache\mimefilt.dll
2009-03-09 16:30    192,000    -c------    c:\windows\system32\dllcache\offfilt.dll
2009-03-09 16:30    98,304    -c------    c:\windows\system32\dllcache\nlhtml.dll
2009-03-09 16:11    1,089,883    -c------    c:\windows\system32\dllcache\ntprint.cat
2009-03-09 15:27    14,048    --------    c:\windows\system32\spmsg2.dll
2009-03-09 15:11    <DIR>    --d-----    c:\windows\system32\XPSViewer
2009-03-09 15:09    597,504    -c------    c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-03-09 15:09    89,088    -c------    c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-03-09 15:09    117,760    --------    c:\windows\system32\prntvpt.dll
2009-03-09 15:09    575,488    -c------    c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-09 15:09    575,488    --------    c:\windows\system32\xpsshhdr.dll
2009-03-09 15:09    1,676,288    -c------    c:\windows\system32\dllcache\xpssvcs.dll
2009-03-09 15:09    1,676,288    --------    c:\windows\system32\xpssvcs.dll
2009-03-09 15:09    <DIR>    -cd-----    C:\ec40bb0dc8a32bfc8bdc146ecb
2009-03-09 12:15    <DIR>    --d-----    c:\windows\l2schemas
2009-03-09 12:15    <DIR>    --d-----    c:\windows\system32\da
2009-03-09 12:15    <DIR>    --d-----    c:\windows\system32\bits
2009-03-09 12:07    <DIR>    --d-----    c:\windows\ServicePackFiles
2009-03-09 12:00    <DIR>    --d-----    c:\windows\system32\ReinstallBackups
2009-03-08 20:46    129,045    --------    c:\windows\system32\drivers\cxthsfs2.cty
2009-03-08 20:46    9,585    -c------    c:\windows\system32\dllcache\controls.css
2009-03-08 20:46    184,101    -c------    c:\windows\system32\dllcache\compact.wmz
2009-03-08 20:46    773    -c------    c:\windows\system32\dllcache\cnth.gif
2009-03-08 20:46    773    -c------    c:\windows\system32\dllcache\cnt.gif
2009-03-08 20:46    772    -c------    c:\windows\system32\dllcache\cntd.gif
2009-03-08 20:46    760    -c------    c:\windows\system32\dllcache\cloapph.gif
2009-03-08 20:46    717    -c------    c:\windows\system32\dllcache\cloapp.gif
2009-03-08 20:46    999    -c------    c:\windows\system32\dllcache\bktrh.gif
2009-03-08 19:49    272,256    -c------    c:\windows\system32\dllcache\bthport.sys
2009-03-08 19:46    1,846,784    -c------    c:\windows\system32\dllcache\win32k.sys
2009-03-08 19:45    2,147,840    -c------    c:\windows\system32\dllcache\ntkrnlmp.exe
2009-03-08 19:45    2,068,608    -c------    c:\windows\system32\dllcache\ntkrnlpa.exe
2009-03-08 19:45    2,026,496    -c------    c:\windows\system32\dllcache\ntkrpamp.exe
2009-03-08 19:45    2,191,744    -c------    c:\windows\system32\dllcache\ntoskrnl.exe
2009-03-08 19:36    203,136    -c------    c:\windows\system32\dllcache\rmcast.sys
2009-03-08 19:36    455,296    -c------    c:\windows\system32\dllcache\mrxsmb.sys
2009-03-08 19:35    333,952    -c------    c:\windows\system32\dllcache\srv.sys
2009-03-08 19:35    331,776    -c------    c:\windows\system32\dllcache\msadce.dll
2009-03-08 19:35    691,712    -c------    c:\windows\system32\dllcache\inetcomm.dll
2009-03-08 19:33    63,488    -c------    c:\windows\system32\dllcache\icardie.dll
2009-03-08 19:32    337,408    -c------    c:\windows\system32\dllcache\netapi32.dll
2009-03-08 19:32    1,106,944    -c------    c:\windows\system32\dllcache\msxml3.dll
2009-03-08 14:35    35,888    a----r--    c:\windows\system32\drivers\SymIM.sys
2009-03-08 14:35    124,464    a-------    c:\windows\system32\drivers\SYMEVENT.SYS
2009-03-08 14:35    60,808    a-------    c:\windows\system32\S32EVNT1.DLL
2009-03-08 14:35    10,635    a-------    c:\windows\system32\drivers\SYMEVENT.CAT
2009-03-08 14:35    806    a-------    c:\windows\system32\drivers\SYMEVENT.INF
2009-03-08 14:35    <DIR>    --d-----    c:\programmer\Symantec
2009-03-08 14:35    <DIR>    --d-----    c:\programmer\fælles filer\Symantec Shared
2009-03-08 14:34    <DIR>    --d-----    c:\windows\system32\drivers\NIS
2009-03-08 14:34    <DIR>    --d-----    c:\programmer\Norton Internet Security
2009-03-08 14:34    <DIR>    --d-----    c:\docume~1\alluse~1\applic~1\Norton
2009-03-08 14:26    <DIR>    --d-----    c:\programmer\NortonInstaller
2009-03-08 14:26    <DIR>    --d-----    c:\docume~1\alluse~1\applic~1\NortonInstaller
2009-03-05 21:33    <DIR>    --d-----    c:\windows\system32\CatRoot2
2009-03-01 20:59    <DIR>    --d-----    c:\programmer\ReflexiveArcade
2009-03-01 20:51    <DIR>    --d-----    C:\Downloads
2009-02-14 15:46    16,452    ac------    C:\mediamp3.dat

==================== Find3M  ====================

2009-03-09 16:32    482,312    a-------    c:\windows\system32\perfh006.dat
2009-03-09 16:32    92,046    a-------    c:\windows\system32\perfc006.dat
2009-03-09 12:20    86,327    a-------    c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-02-09 15:07    1,846,784    a-------    c:\windows\system32\win32k.sys
2008-12-31 17:04    691,560    a-------    c:\windows\system32\OGACheckControl.dll
2008-12-31 17:04    528,744    a-------    c:\windows\system32\OGAVerify.exe
2008-12-31 17:04    502,120    a-------    c:\windows\system32\OGAAddin.dll
2008-12-21 00:03    826,368    a-------    c:\windows\system32\wininet.dll

============= FINISH: 20:20:21,15 ===============

Hmmm... ->

O4 - HKLM\..\Run: [eggs joy math type] C:\Documents and Settings\All Users\Application Data\Bind army eggs joy\FLAW SEEK.exe
O4 - HKCU\..\Run: [4About] C:\DOCUME~1\Maja\APPLIC~1\intravga\Wmatick.exe
Run: [GMVegasSetup.exe] c:\docume~1\maja\skrive~1\GMVEGA~1.EXE /r

<f-arn>: Du fortsætte bare ...

karise_larry

De ting du skriver, er det noget jeg skal gøre?

(For en go' ordens skyld - afvent <f-arn> ...)
Men det er bla. de elementer som giver balladen...

okay (:

Jeg går ud fra at du ikke ved hvad "GMVegasSetup.exe" er? Hvis du ved hvad det er skal du ikke gøre det efterfølgende!


Hent og GEM Combofix på dit skrivebord:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
eller her:

http://download.bleepingcomputer.com/sUBs/Beta/ComboFix.exe


Højreklik på skrivebordet og vælg ny->tekstdokument og kopier  indholdet mellem de stiplede linier ind og gem filen som CFScript.txt

Du skal sikre dig at den ikke kommer til at hedde CFScript.txt.txt


--------------

Killall::

Snapshot::

File::
c:\docume~1\maja\skrive~1\GMVEGA~1.EXE

DDS::
BHO: NoExplorer - No File
uRun: [GMVegasSetup.exe] c:\docume~1\maja\skrive~1\GMVEGA~1.EXE /r

-------------

Da Combofix kan konflikte med din antivirus er det vigtigt at du deaktiverer den.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.malwarecheck.dk/billeder/CFScriptB-4_da.gif


Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du

bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt

som ligger her C:\ Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

Jeg har ingen idé om hvad GMVegasSetup.exe er, men skal jeg stadig gøre det sidste med Combofix ?

Ja!

okay, sorry er ikke den skarpeste kniv i skuffen når det kommer til computerer (:





ComboFix 09-03-15.01 - Maja 2009-03-16 22:25:01.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1030.18.511.199 [GMT 1:00]
Kører fra: c:\documents and settings\Maja\Skrivebord\ComboFix.exe
Kommandoer benyttet :: c:\documents and settings\Maja\Skrivebord\CFScript.txt
AV: Norton Internet Security *On-access scanning disabled* (Updated)
FW: Norton Internet Security *enabled*
* Dannede nyt systemgendannelsespunkt

advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !!

FILE ::
c:\docume~1\maja\skrive~1\GMVEGA~1.EXE
.

(((((((((((((((((((((((((((((  Filer skabt fra 2009-02-16 til 2009-03-16  )))))))))))))))))))))))))))))))))))
.

2009-03-15 15:16 . 2009-03-15 15:16    <DIR>    d--------    c:\documents and settings\Maja\Application Data\Malwarebytes
2009-03-15 15:15 . 2009-03-15 15:15    <DIR>    d--------    c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-15 15:15 . 2009-02-11 10:19    38,496    --a------    c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-15 15:15 . 2009-02-11 10:19    15,504    --a------    c:\windows\system32\drivers\mbam.sys
2009-03-14 15:06 . 2009-03-14 16:45    <DIR>    d----c---    C:\Lop SD
2009-03-10 19:33 . 2009-03-10 19:33    <DIR>    d--------    c:\documents and settings\Maja\Application Data\AdobeUM
2009-03-10 19:33 . 2009-03-10 19:33    <DIR>    d--------    c:\documents and settings\Maja\Application Data\AdobeAUM
2009-03-10 19:01 . 2009-03-10 19:01    <DIR>    d--------    c:\documents and settings\Maja\Application Data\Windows Search
2009-03-10 18:57 . 2009-03-10 18:57    <DIR>    d--------    c:\documents and settings\Gæst\Application Data\Windows Desktop Search
2009-03-09 21:09 . 2009-03-09 21:09    <DIR>    d--------    c:\programmer\iPod
2009-03-09 21:08 . 2009-03-09 21:10    <DIR>    d--------    c:\programmer\iTunes
2009-03-09 21:08 . 2009-03-09 21:10    <DIR>    d--------    c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-03-09 21:05 . 2009-03-09 21:05    <DIR>    d--------    c:\programmer\Bonjour
2009-03-09 16:35 . 2009-03-09 16:35    <DIR>    d--------    c:\programmer\Microsoft Silverlight
2009-03-09 16:34 . 2009-03-09 16:34    <DIR>    d--------    c:\programmer\Microsoft
2009-03-09 16:32 . 2009-03-09 16:32    <DIR>    d--------    c:\documents and settings\Maja\Application Data\Windows Desktop Search
2009-03-09 16:31 . 2009-03-09 16:31    <DIR>    d--------    c:\windows\system32\GroupPolicy
2009-03-09 16:31 . 2009-03-09 16:32    <DIR>    d--------    c:\programmer\Windows Desktop Search
2009-03-09 16:30 . 2008-03-07 18:02    192,000    -----c---    c:\windows\system32\dllcache\offfilt.dll
2009-03-09 16:30 . 2008-03-07 18:02    98,304    -----c---    c:\windows\system32\dllcache\nlhtml.dll
2009-03-09 16:30 . 2008-03-07 18:02    29,696    -----c---    c:\windows\system32\dllcache\mimefilt.dll
2009-03-09 16:11 . 2009-01-09 20:19    1,089,883    -----c---    c:\windows\system32\dllcache\ntprint.cat
2009-03-09 15:47 . 2009-03-09 15:47    <DIR>    d--------    c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-03-09 15:27 . 2006-06-29 13:07    14,048    ---------    c:\windows\system32\spmsg2.dll
2009-03-09 15:11 . 2009-03-09 15:27    <DIR>    d--------    c:\windows\system32\XPSViewer
2009-03-09 15:11 . 2009-03-09 15:11    <DIR>    d--------    c:\programmer\Reference Assemblies
2009-03-09 15:11 . 2009-03-09 15:11    <DIR>    d--------    c:\programmer\MSBuild
2009-03-09 15:09 . 2009-03-09 15:10    <DIR>    d----c---    C:\ec40bb0dc8a32bfc8bdc146ecb
2009-03-09 15:09 . 2008-07-06 13:06    1,676,288    ---------    c:\windows\system32\xpssvcs.dll
2009-03-09 15:09 . 2008-07-06 13:06    1,676,288    -----c---    c:\windows\system32\dllcache\xpssvcs.dll
2009-03-09 15:09 . 2008-07-06 11:50    597,504    -----c---    c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-03-09 15:09 . 2008-07-06 13:06    575,488    ---------    c:\windows\system32\xpsshhdr.dll
2009-03-09 15:09 . 2008-07-06 13:06    575,488    -----c---    c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-09 15:09 . 2008-07-06 13:06    117,760    ---------    c:\windows\system32\prntvpt.dll
2009-03-09 15:09 . 2008-07-06 13:06    89,088    -----c---    c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-03-09 12:15 . 2009-03-09 12:15    <DIR>    d--------    c:\windows\system32\da
2009-03-09 12:15 . 2009-03-09 12:15    <DIR>    d--------    c:\windows\system32\bits
2009-03-09 12:15 . 2009-03-09 12:15    <DIR>    d--------    c:\windows\l2schemas
2009-03-09 12:07 . 2009-03-09 12:16    <DIR>    d--------    c:\windows\ServicePackFiles
2009-03-08 20:46 . 2004-07-17 11:36    184,101    -----c---    c:\windows\system32\dllcache\compact.wmz
2009-03-08 20:46 . 2004-07-17 22:55    129,045    ---------    c:\windows\system32\drivers\cxthsfs2.cty
2009-03-08 20:46 . 2001-10-09 13:00    9,585    -----c---    c:\windows\system32\dllcache\controls.css
2009-03-08 20:46 . 2001-10-09 13:00    999    -----c---    c:\windows\system32\dllcache\bktrh.gif
2009-03-08 20:46 . 2001-10-09 13:00    773    -----c---    c:\windows\system32\dllcache\cnth.gif
2009-03-08 20:46 . 2001-10-09 13:00    773    -----c---    c:\windows\system32\dllcache\cnt.gif
2009-03-08 20:46 . 2001-10-09 13:00    772    -----c---    c:\windows\system32\dllcache\cntd.gif
2009-03-08 20:46 . 2001-10-09 13:00    760    -----c---    c:\windows\system32\dllcache\cloapph.gif
2009-03-08 20:46 . 2001-10-09 13:00    717    -----c---    c:\windows\system32\dllcache\cloapp.gif
2009-03-08 19:49 . 2008-06-14 18:35    272,256    -----c---    c:\windows\system32\dllcache\bthport.sys
2009-03-08 19:46 . 2009-02-09 15:07    1,846,784    -----c---    c:\windows\system32\dllcache\win32k.sys
2009-03-08 19:45 . 2008-08-14 14:25    2,191,744    -----c---    c:\windows\system32\dllcache\ntoskrnl.exe
2009-03-08 19:45 . 2008-08-14 14:25    2,147,840    -----c---    c:\windows\system32\dllcache\ntkrnlmp.exe
2009-03-08 19:45 . 2008-08-14 14:25    2,068,608    -----c---    c:\windows\system32\dllcache\ntkrnlpa.exe
2009-03-08 19:45 . 2008-08-14 14:25    2,026,496    -----c---    c:\windows\system32\dllcache\ntkrpamp.exe
2009-03-08 19:36 . 2008-10-24 12:21    455,296    -----c---    c:\windows\system32\dllcache\mrxsmb.sys
2009-03-08 19:36 . 2008-05-08 15:02    203,136    -----c---    c:\windows\system32\dllcache\rmcast.sys
2009-03-08 19:35 . 2008-04-11 20:05    691,712    -----c---    c:\windows\system32\dllcache\inetcomm.dll
2009-03-08 19:35 . 2008-12-11 11:57    333,952    -----c---    c:\windows\system32\dllcache\srv.sys
2009-03-08 19:35 . 2008-05-01 15:36    331,776    -----c---    c:\windows\system32\dllcache\msadce.dll
2009-03-08 19:33 . 2008-12-21 00:03    63,488    -----c---    c:\windows\system32\dllcache\icardie.dll
2009-03-08 19:32 . 2008-09-04 18:17    1,106,944    -----c---    c:\windows\system32\dllcache\msxml3.dll
2009-03-08 19:32 . 2008-10-15 17:37    337,408    -----c---    c:\windows\system32\dllcache\netapi32.dll
2009-03-08 14:35 . 2009-03-08 14:35    <DIR>    d--------    c:\programmer\Symantec
2009-03-08 14:35 . 2009-03-08 14:43    <DIR>    d--------    c:\programmer\Fælles filer\Symantec Shared
2009-03-08 14:35 . 2009-03-08 14:35    124,464    --a------    c:\windows\system32\drivers\SYMEVENT.SYS
2009-03-08 14:35 . 2009-03-08 14:35    60,808    --a------    c:\windows\system32\S32EVNT1.DLL
2009-03-08 14:35 . 2009-03-08 14:35    35,888    -ra------    c:\windows\system32\drivers\SymIM.sys
2009-03-08 14:35 . 2009-03-08 14:35    10,635    --a------    c:\windows\system32\drivers\SYMEVENT.CAT
2009-03-08 14:35 . 2009-03-08 14:35    806    --a------    c:\windows\system32\drivers\SYMEVENT.INF
2009-03-08 14:34 . 2009-03-08 14:34    <DIR>    d--------    c:\windows\system32\drivers\NIS
2009-03-08 14:34 . 2009-03-08 14:34    <DIR>    d--------    c:\programmer\Windows Sidebar
2009-03-08 14:34 . 2009-03-08 14:35    <DIR>    d--------    c:\programmer\Norton Internet Security
2009-03-08 14:34 . 2009-03-08 14:34    <DIR>    d--------    c:\documents and settings\All Users\Application Data\Norton
2009-03-08 14:26 . 2009-03-08 14:33    <DIR>    d--------    c:\programmer\NortonInstaller
2009-03-08 14:26 . 2009-03-08 14:34    <DIR>    d--------    c:\documents and settings\All Users\Application Data\NortonInstaller
2009-03-05 21:33 . 2009-03-16 22:22    <DIR>    d--------    c:\windows\system32\CatRoot2
2009-03-01 20:59 . 2009-03-01 20:59    <DIR>    d--------    c:\programmer\ReflexiveArcade
2009-03-01 20:51 . 2009-03-08 15:12    <DIR>    d--------    C:\Downloads

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-14 15:27    ---------    d-----w    c:\programmer\Nokia
2009-03-12 16:57    ---------    d-----w    c:\programmer\MSN Messenger
2009-03-12 16:57    ---------    d-----w    c:\programmer\Messenger Plus! Live
2009-03-09 20:09    ---------    d-----w    c:\programmer\Fælles filer\Apple
2009-03-09 17:49    ---------    d-----w    c:\programmer\Fælles filer\Nokia
2009-03-09 15:29    ---------    d-----w    c:\programmer\Windows Media Connect 2
2009-03-09 10:14    ---------    d-----w    c:\programmer\Avanquest update
2009-02-22 19:54    ---------    d-----w    c:\programmer\QuickTime
2009-02-22 19:50    ---------    d-----w    c:\programmer\Apple Software Update
2009-01-27 19:15    ---------    d-----w    c:\programmer\SIW
2009-01-16 15:39    ---------    d-----w    c:\programmer\Google
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmer\Fælles filer\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\programmer\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"MSMSGS"="c:\programmer\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-11-16 344064]
"SunJavaUpdateSched"="c:\programmer\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"LogitechCommunicationsManager"="c:\programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe" [2007-05-17 505368]
"NeroFilterCheck"="c:\programmer\Fælles filer\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"QuickTime Task"="c:\programmer\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\programmer\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"AGRSMMSG"="AGRSMMSG.exe" [2003-06-27 c:\windows\AGRSMMSG.exe]

c:\documents and settings\All Users\Menuen Start\Programmer\Start\
BTTray.lnk - c:\programmer\IBM\Bluetooth Software\BTTray.exe [2004-01-20 507965]
Windows Search.lnk - c:\programmer\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.JPEG"= JPEGCODE.DLL
"VIDC.MPEG"= JPEGCODE.DLL
"msacm.dvacm"= c:\progra~1\FLLESF~1\ULEADS~1\Vio\Dvacm.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^Digimax Viewer 2.1.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\Digimax Viewer 2.1.lnk
backup=c:\windows\pss\Digimax Viewer 2.1.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a--c--- 2005-06-06 22:46 57344 c:\programmer\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-06-12 01:38 34672 c:\programmer\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
--a------ 2004-01-14 02:10 409600 c:\programmer\Canon\Easy-PrintToolBox\BJPSMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2009-01-06 13:06 290088 c:\programmer\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
--a------ 2007-05-17 09:53 780312 c:\programmer\Logitech\QuickCam10\QuickCam10.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
--a--c--- 2007-06-16 00:15 366400 c:\programmer\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2009-01-05 16:18 413696 c:\programmer\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
--------- 2008-07-02 16:16 393216 c:\programmer\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
--a------ 2004-09-23 11:41 860160 c:\programmer\Analog Devices\SoundMAX\SMax4.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
--a------ 2004-10-14 08:11 1388544 c:\programmer\Analog Devices\SoundMAX\SMax4PNP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector]
-----c--- 2003-11-18 17:20 45056 c:\programmer\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\monitor.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmer\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Programmer\\Skype\\Phone\\Skype.exe"=
"c:\\Programmer\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Programmer\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Programmer\\MSN Messenger\\msnmsgr.exe"=
"c:\\Programmer\\MSN Messenger\\livecall.exe"=
"c:\\Programmer\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmer\\iTunes\\iTunes.exe"=

R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2008-06-04 90408]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2008-06-04 15016]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2008-06-04 122024]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2008-06-04 115368]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2008-06-04 25768]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2008-06-04 111784]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2008-06-04 117544]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1000000.07D\SYMEFA.SYS [2009-03-08 309296]
S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1000000.07D\BHDrvx86.sys [2009-03-08 254512]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1000000.07D\ccHPx86.sys [2009-03-08 362544]
S1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090310.003\IDSxpx86.sys [2009-02-06 276344]
S2 Norton Internet Security;Norton Internet Security;c:\programmer\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [2009-03-08 115560]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programmer\Fælles filer\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-03-07 101936]


--- Andre Services/Drivers i Hukommelsen ---

*Deregistered* - AegisP
*Deregistered* - AFD
*Deregistered* - ALG
*Deregistered* - Apple Mobile Device
*Deregistered* - Ati HotKey Poller
*Deregistered* - AudioSrv
*Deregistered* - Beep
*Deregistered* - BHDrvx86
*Deregistered* - Bonjour Service
*Deregistered* - Browser
*Deregistered* - BTKRNL
*Deregistered* - btwdins
*Deregistered* - ccHP
*Deregistered* - Cdfs
*Deregistered* - cnmpar21
*Deregistered* - Compbatt
*Deregistered* - CryptSvc
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - Dnscache
*Deregistered* - eeCtrl
*Deregistered* - EraserUtilRebootDrv
*Deregistered* - ERSvc
*Deregistered* - EventSystem
*Deregistered* - FastUserSwitchingCompatibility
*Deregistered* - Fips
*Deregistered* - FltMgr
*Deregistered* - Ftdisk
*Deregistered* - Gpc
*Deregistered* - helpsvc
*Deregistered* - HTTP
*Deregistered* - HTTPFilter
*Deregistered* - IBMPMSVC
*Deregistered* - IDSxpx86
*Deregistered* - ImapiService
*Deregistered* - IpNat
*Deregistered* - iPod Service
*Deregistered* - IPSec
*Deregistered* - irda
*Deregistered* - Irmon
*Deregistered* - KSecDD
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - LmHosts
*Deregistered* - LVCOMSer
*Deregistered* - LVPr2Mon
*Deregistered* - LVPrcSrv
*Deregistered* - LVSrvLauncher
*Deregistered* - LVUSBSta
*Deregistered* - mnmdd
*Deregistered* - MountMgr
*Deregistered* - MRxDAV
*Deregistered* - MRxSmb
*Deregistered* - Msfs
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NAVENG
*Deregistered* - NAVEX15
*Deregistered* - NDIS
*Deregistered* - NdisTapi
*Deregistered* - Ndisuio
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - NetBT
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - NMIndexingService
*Deregistered* - Norton Internet Security
*Deregistered* - Npfs
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - PartMgr
*Deregistered* - ParVdm
*Deregistered* - PCIIde
*Deregistered* - PolicyAgent
*Deregistered* - PptpMiniport
*Deregistered* - ProtectedStorage
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasirda
*Deregistered* - Rasl2tp
*Deregistered* - RasMan
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - rdpdr
*Deregistered* - RegSrvc
*Deregistered* - RemoteRegistry
*Deregistered* - RpcSs
*Deregistered* - S24EventMonitor
*Deregistered* - s24trans
*Deregistered* - SamSs
*Deregistered* - Schedule
*Deregistered* - Secdrv
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - SoundMAX Agent Service (default)
*Deregistered* - Spooler
*Deregistered* - sr
*Deregistered* - srservice
*Deregistered* - SRTSP
*Deregistered* - SRTSPX
*Deregistered* - Srv
*Deregistered* - SSDPSRV
*Deregistered* - stisvc
*Deregistered* - swenum
*Deregistered* - SYMDNS
*Deregistered* - SymEFA
*Deregistered* - SymEvent
*Deregistered* - SYMFW
*Deregistered* - SYMIDS
*Deregistered* - SymIMMP
*Deregistered* - SYMNDIS
*Deregistered* - SYMREDRV
*Deregistered* - SYMTDI
*Deregistered* - TapiSrv
*Deregistered* - Tcpip
*Deregistered* - TermDD
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - Update
*Deregistered* - VgaSave
*Deregistered* - VolSnap
*Deregistered* - W32Time
*Deregistered* - Wanarp
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - WmiApSrv
*Deregistered* - wscsvc
*Deregistered* - WSearch
*Deregistered* - wuauserv
*Deregistered* - WudfPf
*Deregistered* - WudfSvc
*Deregistered* - WUSB54Gv4SVC
*Deregistered* - WZCSVC
.
Indhold af mappen 'Planlagte Opgaver'

2009-03-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmer\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2008-08-25 c:\windows\Tasks\defrag.job
- c:\windows\system32\defrag.exe [2008-04-14 17:05]

2009-03-15 c:\windows\Tasks\Diskoprydning.job
- c:\windows\system32\cleanmgr.exe [2008-04-14 17:05]

2009-03-15 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 17:04]

2009-03-16 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 17:04]

2009-03-16 c:\windows\Tasks\Søg efter opdateringer til Windows Live Toolbar.job
- c:\programmer\Windows Live Toolbar\MSNTBUP.EXE [2006-09-27 16:39]
.
- - - - TOMME GENVEJE FJERNET - - - -

MSConfigStartUp-PCSuiteTrayApplication - c:\programmer\Nokia\Nokia PC Suite 6\LaunchApplication.exe


.
------- Yderligere scanning -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\programmer\Windows Live Toolbar\msntb.dll/search.htm
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\programmer\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\programmer\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\programmer\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\programmer\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
Trusted Zone: facebook.com\www
Trusted Zone: microsoft.com\update
Trusted Zone: microsoft.com\windowsupdate
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-16 22:33:28
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 


**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\programmer\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\programmer\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'winlogon.exe'(1280)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(7840)
c:\programmer\Fælles filer\Logishrd\LVMVFM\LVPrcInj.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\S24EvMon.exe
c:\programmer\Fælles filer\logishrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\ati2evxx.exe
c:\programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programmer\Bonjour\mDNSResponder.exe
c:\programmer\IBM\Bluetooth Software\bin\btwdins.exe
c:\programmer\Fælles filer\logishrd\LVCOMSER\LVComSer.exe
c:\programmer\Fælles filer\logishrd\LVCOMSER\LVComSer.exe
c:\windows\system32\RegSrvc.exe
c:\programmer\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\searchindexer.exe
c:\programmer\Fælles filer\Ahead\Lib\NMIndexStoreSvr.exe
c:\programmer\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
c:\programmer\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
c:\programmer\iPod\bin\iPodService.exe
c:\programmer\Fælles filer\Ahead\Lib\NMIndexingService.exe
.
**************************************************************************
.
Gennemført tid: 2009-03-16 22:41:29 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2009-03-16 21:39:44

Pre-Kørsel: 13.238.255.616 byte ledig
Post-Kørsel: 14,332,768,256 byte ledig

402    --- E O F ---    2009-03-14 14:30:25

Hent og installér CCleaner http://www.ccleaner.com/ +

http://www.spywarefri.dk/manualer/ccleaner-manual.htm
Under installationen får du tilbudt [Yahoo Toolbar]. Den bør du sige nej til.
Lad programmer foretage en oprydning. (særligt af register)

  http://vistaguide.dk/?Artikler/CCleaner-GuideTilOptimeringAfVista/763

----------------------------------------------------------------------

Slet indholdet af din nuværende cfscript.txt og kopier følgende ind i stedet.

--------------

Killall::

Snapshot::

Folder::
C:\Programmer\Gold Miner Vegas
C:\Programmer\LimeWire

-------------

Da Combofix kan konflikte med din antivirus er det vigtigt at du deaktiverer den.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.malwarecheck.dk/billeder/CFScriptB-4_da.gif


Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du

bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt

som ligger her C:\ Combofix txt

Indholdet af denne fil må du gerne lægge herind.


Hvordan kører maskinen så nu?


PS. Jeg vil anbefale at du holder dig fra fildeling og afinstallerer dine cracks. Det er det der er skyld i
problemerne.

Hvordan afinstaller jeg mine cracks?

- Internettet går desværre stadig ud :s

ComboFix 09-03-15.01 - Maja 2009-03-17 22:03:05.2 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1030.18.511.154 [GMT 1:00]
Kører fra: c:\documents and settings\Maja\Skrivebord\ComboFix.exe
Kommandoer benyttet :: c:\documents and settings\Maja\Skrivebord\cfscript.txt
AV: Norton Internet Security *On-access scanning disabled* (Updated)
FW: Norton Internet Security *enabled*
* Dannede nyt systemgendannelsespunkt

advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !!
.

(((((((((((((((((((((((((((((  Filer skabt fra 2009-02-17 til 2009-03-17  )))))))))))))))))))))))))))))))))))
.

2009-03-17 21:37 . 2009-03-17 21:37    <DIR>    d--------    c:\programmer\CCleaner
2009-03-15 15:16 . 2009-03-15 15:16    <DIR>    d--------    c:\documents and settings\Maja\Application Data\Malwarebytes
2009-03-15 15:15 . 2009-03-15 15:15    <DIR>    d--------    c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-15 15:15 . 2009-02-11 10:19    38,496    --a------    c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-15 15:15 . 2009-02-11 10:19    15,504    --a------    c:\windows\system32\drivers\mbam.sys
2009-03-14 15:06 . 2009-03-14 16:45    <DIR>    d----c---    C:\Lop SD
2009-03-10 19:33 . 2009-03-10 19:33    <DIR>    d--------    c:\documents and settings\Maja\Application Data\AdobeUM
2009-03-10 19:33 . 2009-03-10 19:33    <DIR>    d--------    c:\documents and settings\Maja\Application Data\AdobeAUM
2009-03-10 19:01 . 2009-03-10 19:01    <DIR>    d--------    c:\documents and settings\Maja\Application Data\Windows Search
2009-03-10 18:57 . 2009-03-10 18:57    <DIR>    d--------    c:\documents and settings\Gæst\Application Data\Windows Desktop Search
2009-03-09 21:09 . 2009-03-09 21:09    <DIR>    d--------    c:\programmer\iPod
2009-03-09 21:08 . 2009-03-09 21:10    <DIR>    d--------    c:\programmer\iTunes
2009-03-09 21:08 . 2009-03-09 21:10    <DIR>    d--------    c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-03-09 21:05 . 2009-03-09 21:05    <DIR>    d--------    c:\programmer\Bonjour
2009-03-09 16:35 . 2009-03-09 16:35    <DIR>    d--------    c:\programmer\Microsoft Silverlight
2009-03-09 16:34 . 2009-03-09 16:34    <DIR>    d--------    c:\programmer\Microsoft
2009-03-09 16:32 . 2009-03-09 16:32    <DIR>    d--------    c:\documents and settings\Maja\Application Data\Windows Desktop Search
2009-03-09 16:31 . 2009-03-09 16:31    <DIR>    d--------    c:\windows\system32\GroupPolicy
2009-03-09 16:31 . 2009-03-09 16:32    <DIR>    d--------    c:\programmer\Windows Desktop Search
2009-03-09 16:30 . 2008-03-07 18:02    192,000    -----c---    c:\windows\system32\dllcache\offfilt.dll
2009-03-09 16:30 . 2008-03-07 18:02    98,304    -----c---    c:\windows\system32\dllcache\nlhtml.dll
2009-03-09 16:30 . 2008-03-07 18:02    29,696    -----c---    c:\windows\system32\dllcache\mimefilt.dll
2009-03-09 16:11 . 2009-01-09 20:19    1,089,883    -----c---    c:\windows\system32\dllcache\ntprint.cat
2009-03-09 15:47 . 2009-03-09 15:47    <DIR>    d--------    c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-03-09 15:27 . 2006-06-29 13:07    14,048    ---------    c:\windows\system32\spmsg2.dll
2009-03-09 15:11 . 2009-03-09 15:27    <DIR>    d--------    c:\windows\system32\XPSViewer
2009-03-09 15:11 . 2009-03-09 15:11    <DIR>    d--------    c:\programmer\Reference Assemblies
2009-03-09 15:11 . 2009-03-09 15:11    <DIR>    d--------    c:\programmer\MSBuild
2009-03-09 15:09 . 2009-03-09 15:10    <DIR>    d----c---    C:\ec40bb0dc8a32bfc8bdc146ecb
2009-03-09 15:09 . 2008-07-06 13:06    1,676,288    ---------    c:\windows\system32\xpssvcs.dll
2009-03-09 15:09 . 2008-07-06 13:06    1,676,288    -----c---    c:\windows\system32\dllcache\xpssvcs.dll
2009-03-09 15:09 . 2008-07-06 11:50    597,504    -----c---    c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-03-09 15:09 . 2008-07-06 13:06    575,488    ---------    c:\windows\system32\xpsshhdr.dll
2009-03-09 15:09 . 2008-07-06 13:06    575,488    -----c---    c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-09 15:09 . 2008-07-06 13:06    117,760    ---------    c:\windows\system32\prntvpt.dll
2009-03-09 15:09 . 2008-07-06 13:06    89,088    -----c---    c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-03-09 12:15 . 2009-03-09 12:15    <DIR>    d--------    c:\windows\system32\da
2009-03-09 12:15 . 2009-03-09 12:15    <DIR>    d--------    c:\windows\system32\bits
2009-03-09 12:15 . 2009-03-09 12:15    <DIR>    d--------    c:\windows\l2schemas
2009-03-09 12:07 . 2009-03-09 12:16    <DIR>    d--------    c:\windows\ServicePackFiles
2009-03-08 20:46 . 2004-07-17 11:36    184,101    -----c---    c:\windows\system32\dllcache\compact.wmz
2009-03-08 20:46 . 2004-07-17 22:55    129,045    ---------    c:\windows\system32\drivers\cxthsfs2.cty
2009-03-08 20:46 . 2001-10-09 13:00    9,585    -----c---    c:\windows\system32\dllcache\controls.css
2009-03-08 20:46 . 2001-10-09 13:00    999    -----c---    c:\windows\system32\dllcache\bktrh.gif
2009-03-08 20:46 . 2001-10-09 13:00    773    -----c---    c:\windows\system32\dllcache\cnth.gif
2009-03-08 20:46 . 2001-10-09 13:00    773    -----c---    c:\windows\system32\dllcache\cnt.gif
2009-03-08 20:46 . 2001-10-09 13:00    772    -----c---    c:\windows\system32\dllcache\cntd.gif
2009-03-08 20:46 . 2001-10-09 13:00    760    -----c---    c:\windows\system32\dllcache\cloapph.gif
2009-03-08 20:46 . 2001-10-09 13:00    717    -----c---    c:\windows\system32\dllcache\cloapp.gif
2009-03-08 19:49 . 2008-06-14 18:35    272,256    -----c---    c:\windows\system32\dllcache\bthport.sys
2009-03-08 19:46 . 2009-02-09 15:07    1,846,784    -----c---    c:\windows\system32\dllcache\win32k.sys
2009-03-08 19:45 . 2008-08-14 14:25    2,191,744    -----c---    c:\windows\system32\dllcache\ntoskrnl.exe
2009-03-08 19:45 . 2008-08-14 14:25    2,147,840    -----c---    c:\windows\system32\dllcache\ntkrnlmp.exe
2009-03-08 19:45 . 2008-08-14 14:25    2,068,608    -----c---    c:\windows\system32\dllcache\ntkrnlpa.exe
2009-03-08 19:45 . 2008-08-14 14:25    2,026,496    -----c---    c:\windows\system32\dllcache\ntkrpamp.exe
2009-03-08 19:36 . 2008-10-24 12:21    455,296    -----c---    c:\windows\system32\dllcache\mrxsmb.sys
2009-03-08 19:36 . 2008-05-08 15:02    203,136    -----c---    c:\windows\system32\dllcache\rmcast.sys
2009-03-08 19:35 . 2008-04-11 20:05    691,712    -----c---    c:\windows\system32\dllcache\inetcomm.dll
2009-03-08 19:35 . 2008-12-11 11:57    333,952    -----c---    c:\windows\system32\dllcache\srv.sys
2009-03-08 19:35 . 2008-05-01 15:36    331,776    -----c---    c:\windows\system32\dllcache\msadce.dll
2009-03-08 19:33 . 2008-12-21 00:03    63,488    -----c---    c:\windows\system32\dllcache\icardie.dll
2009-03-08 19:32 . 2008-09-04 18:17    1,106,944    -----c---    c:\windows\system32\dllcache\msxml3.dll
2009-03-08 19:32 . 2008-10-15 17:37    337,408    -----c---    c:\windows\system32\dllcache\netapi32.dll
2009-03-08 14:35 . 2009-03-08 14:35    <DIR>    d--------    c:\programmer\Symantec
2009-03-08 14:35 . 2009-03-08 14:43    <DIR>    d--------    c:\programmer\Fælles filer\Symantec Shared
2009-03-08 14:35 . 2009-03-08 14:35    124,464    --a------    c:\windows\system32\drivers\SYMEVENT.SYS
2009-03-08 14:35 . 2009-03-08 14:35    60,808    --a------    c:\windows\system32\S32EVNT1.DLL
2009-03-08 14:35 . 2009-03-08 14:35    35,888    -ra------    c:\windows\system32\drivers\SymIM.sys
2009-03-08 14:35 . 2009-03-08 14:35    10,635    --a------    c:\windows\system32\drivers\SYMEVENT.CAT
2009-03-08 14:35 . 2009-03-08 14:35    806    --a------    c:\windows\system32\drivers\SYMEVENT.INF
2009-03-08 14:34 . 2009-03-08 14:34    <DIR>    d--------    c:\windows\system32\drivers\NIS
2009-03-08 14:34 . 2009-03-08 14:34    <DIR>    d--------    c:\programmer\Windows Sidebar
2009-03-08 14:34 . 2009-03-08 14:35    <DIR>    d--------    c:\programmer\Norton Internet Security
2009-03-08 14:34 . 2009-03-08 14:34    <DIR>    d--------    c:\documents and settings\All Users\Application Data\Norton
2009-03-08 14:26 . 2009-03-08 14:33    <DIR>    d--------    c:\programmer\NortonInstaller
2009-03-08 14:26 . 2009-03-08 14:34    <DIR>    d--------    c:\documents and settings\All Users\Application Data\NortonInstaller
2009-03-05 21:33 . 2009-03-17 21:59    <DIR>    d--------    c:\windows\system32\CatRoot2
2009-03-01 20:59 . 2009-03-01 20:59    <DIR>    d--------    c:\programmer\ReflexiveArcade
2009-03-01 20:51 . 2009-03-08 15:12    <DIR>    d--------    C:\Downloads

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-14 15:27    ---------    d-----w    c:\programmer\Nokia
2009-03-12 16:57    ---------    d-----w    c:\programmer\MSN Messenger
2009-03-12 16:57    ---------    d-----w    c:\programmer\Messenger Plus! Live
2009-03-09 20:09    ---------    d-----w    c:\programmer\Fælles filer\Apple
2009-03-09 17:49    ---------    d-----w    c:\programmer\Fælles filer\Nokia
2009-03-09 15:29    ---------    d-----w    c:\programmer\Windows Media Connect 2
2009-03-09 10:14    ---------    d-----w    c:\programmer\Avanquest update
2009-02-22 19:54    ---------    d-----w    c:\programmer\QuickTime
2009-02-22 19:50    ---------    d-----w    c:\programmer\Apple Software Update
2009-01-27 19:15    ---------    d-----w    c:\programmer\SIW
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programmer\Fælles filer\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\programmer\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"MSMSGS"="c:\programmer\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-11-16 344064]
"SunJavaUpdateSched"="c:\programmer\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"LogitechCommunicationsManager"="c:\programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe" [2007-05-17 505368]
"NeroFilterCheck"="c:\programmer\Fælles filer\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"AGRSMMSG"="AGRSMMSG.exe" [2003-06-27 c:\windows\AGRSMMSG.exe]

c:\documents and settings\All Users\Menuen Start\Programmer\Start\
BTTray.lnk - c:\programmer\IBM\Bluetooth Software\BTTray.exe [2004-01-20 507965]
Windows Search.lnk - c:\programmer\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmer\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.JPEG"= JPEGCODE.DLL
"VIDC.MPEG"= JPEGCODE.DLL
"msacm.dvacm"= c:\progra~1\FLLESF~1\ULEADS~1\Vio\Dvacm.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^Digimax Viewer 2.1.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\Digimax Viewer 2.1.lnk
backup=c:\windows\pss\Digimax Viewer 2.1.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a--c--- 2005-06-06 22:46 57344 c:\programmer\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-06-12 01:38 34672 c:\programmer\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
--a------ 2004-01-14 02:10 409600 c:\programmer\Canon\Easy-PrintToolBox\BJPSMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2009-01-06 13:06 290088 c:\programmer\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
c:\programmer\Nokia\Nokia PC Suite 6\LaunchApplication.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
--a--c--- 2007-06-16 00:15 366400 c:\programmer\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2009-01-05 16:18 413696 c:\programmer\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
--------- 2008-07-02 16:16 393216 c:\programmer\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
--a------ 2004-09-23 11:41 860160 c:\programmer\Analog Devices\SoundMAX\SMax4.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
--a------ 2004-10-14 08:11 1388544 c:\programmer\Analog Devices\SoundMAX\SMax4PNP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector]
-----c--- 2003-11-18 17:20 45056 c:\programmer\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\monitor.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmer\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Programmer\\Skype\\Phone\\Skype.exe"=
"c:\\Programmer\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Programmer\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Programmer\\MSN Messenger\\msnmsgr.exe"=
"c:\\Programmer\\MSN Messenger\\livecall.exe"=
"c:\\Programmer\\Bonjour\\mDNSResponder.exe"=
"c:\\Programmer\\iTunes\\iTunes.exe"=

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1000000.07D\SymEFA.sys [2009-03-08 309296]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1000000.07D\BHDrvx86.sys [2009-03-08 254512]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1000000.07D\ccHPx86.sys [2009-03-08 362544]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090310.003\IDSXpx86.sys [2009-03-12 276344]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programmer\Fælles filer\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-03-11 101936]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2008-11-17 90408]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2008-11-17 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2008-11-17 122024]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2008-11-17 115368]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2008-11-17 25768]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2008-11-17 111784]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2008-11-17 117544]

--- Andre Services/Drivers i Hukommelsen ---

*Deregistered* - ALG
*Deregistered* - Apple Mobile Device
*Deregistered* - Ati HotKey Poller
*Deregistered* - AudioSrv
*Deregistered* - Bonjour Service
*Deregistered* - Browser
*Deregistered* - btwdins
*Deregistered* - CryptSvc
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - Dnscache
*Deregistered* - ERSvc
*Deregistered* - EventSystem
*Deregistered* - FastUserSwitchingCompatibility
*Deregistered* - helpsvc
*Deregistered* - HTTPFilter
*Deregistered* - IBMPMSVC
*Deregistered* - ImapiService
*Deregistered* - Irmon
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - LmHosts
*Deregistered* - LVCOMSer
*Deregistered* - LVPrcSrv
*Deregistered* - LVSrvLauncher
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - NMIndexingService
*Deregistered* - Norton Internet Security
*Deregistered* - PolicyAgent
*Deregistered* - ProtectedStorage
*Deregistered* - RasMan
*Deregistered* - RegSrvc
*Deregistered* - RemoteRegistry
*Deregistered* - RpcSs
*Deregistered* - S24EventMonitor
*Deregistered* - SamSs
*Deregistered* - Schedule
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - SoundMAX Agent Service (default)
*Deregistered* - Spooler
*Deregistered* - srservice
*Deregistered* - SSDPSRV
*Deregistered* - stisvc
*Deregistered* - TapiSrv
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - W32Time
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - WmiApSrv
*Deregistered* - wscsvc
*Deregistered* - WSearch
*Deregistered* - wuauserv
*Deregistered* - WudfSvc
*Deregistered* - WUSB54Gv4SVC
*Deregistered* - WZCSVC
.
Indhold af mappen 'Planlagte Opgaver'

2009-03-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmer\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2008-08-25 c:\windows\Tasks\defrag.job
- c:\windows\system32\defrag.exe [2008-04-14 17:05]

2009-03-15 c:\windows\Tasks\Diskoprydning.job
- c:\windows\system32\cleanmgr.exe [2008-04-14 17:05]

2009-03-15 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 17:04]

2009-03-17 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 17:04]

2009-03-17 c:\windows\Tasks\Søg efter opdateringer til Windows Live Toolbar.job
- c:\programmer\Windows Live Toolbar\MSNTBUP.EXE [2006-09-27 16:39]
.
.
------- Yderligere scanning -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\programmer\Windows Live Toolbar\msntb.dll/search.htm
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\programmer\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\programmer\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\programmer\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\programmer\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
Trusted Zone: facebook.com\www
Trusted Zone: microsoft.com\update
Trusted Zone: microsoft.com\windowsupdate
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-17 22:10:36
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\programmer\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\programmer\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'winlogon.exe'(1280)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(6196)
c:\programmer\Fælles filer\Logishrd\LVMVFM\LVPrcInj.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\S24EvMon.exe
c:\programmer\Fælles filer\logishrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\ati2evxx.exe
c:\programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programmer\Bonjour\mDNSResponder.exe
c:\programmer\IBM\Bluetooth Software\bin\btwdins.exe
c:\programmer\Fælles filer\logishrd\LVCOMSER\LVComSer.exe
c:\programmer\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
c:\programmer\Fælles filer\logishrd\LVCOMSER\LVComSer.exe
c:\windows\system32\RegSrvc.exe
c:\programmer\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\searchindexer.exe
c:\programmer\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
c:\programmer\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
c:\programmer\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
c:\programmer\Fælles filer\Ahead\Lib\NMIndexStoreSvr.exe
c:\programmer\Fælles filer\Ahead\Lib\NMIndexingService.exe
.
**************************************************************************
.
Gennemført tid: 2009-03-17 22:20:27 - maskinen blev genstartet [Maja]
ComboFix-quarantined-files.txt  2009-03-17 21:20:07
ComboFix2.txt  2009-03-16 21:41:38

Pre-Kørsel: 14,389,792,768 byte ledig
Post-Kørsel: 14,469,300,224 byte ledig

322    --- E O F ---    2009-03-14 14:30:25

f-arn

Kunne du hjælpe mig ? (: