Hjææælp - noget æder mine ressourcer

Kør lige denne guide igennem "Sådan fjerner du virus og malware"
og så en ny htj log herind efterfølgende
http://www.eksperten.dk/guide/1232

Og så kunne du evt. lade være med at dobbelt poste!

http://www.eksperten.dk/spm/889967 <-- Luk den..

Læg mærke til , at der står i guide at denne skal fjernes
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

Ja dobbeltpost er ikke smart :-)

Luk venligst her pga. dobbeltpost og da dette er nyeste spørgsmål.

Hmm... der var ingen kommentarer da jeg skrev...???

Hm..hvorfor udråbstegn? Hvorfor i bydeform?

Hvor ser du udråbstegn?

Du kunne starte med at køre msconfig, vælge fanebladet Start, og fjerne vingen ved det der absolut ikke skal starte hver gang pc starter.

F.eks.
HP software update
Itunes
Windows Desktop Search
TomTom software
Apple Mobile Device Service
Bonjour
Office
Zip programmer

Det tog lidt tid..men her er så resultaterne (Combofix i seperat indlæg)



Malwarebytes' Anti-Malware 1.41
Database version: 2988
Windows 5.1.2600 Service Pack 3

20-10-2009 08:57:28
mbam-log-2009-10-20 (08-57-28).txt

Skan type: Fuldstændig skanning (C:\|G:\|)
Objekter skannet: 317157
Tid tilbagelagt: 1 hour(s), 24 minute(s), 21 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 1
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 6
Inficerede Filer: 3

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
HKEY_CURRENT_USER\SOFTWARE\ErrorSmart (Rogue.ErrorSmart) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
C:\Documents and Settings\POP\Application Data\ErrorSmart (Rogue.ErrorSmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\POP\Application Data\ErrorSmart\Log (Rogue.ErrorSmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\POP\Application Data\ErrorSmart\Registry Backups (Rogue.ErrorSmart) -> Quarantined and deleted successfully.
C:\Program Files\ErrorSmart (Rogue.ErrorSmart) -> Quarantined and deleted successfully.
C:\Program Files\ErrorSmart\Microsoft.VC80.CRT (Rogue.ErrorSmart) -> Quarantined and deleted successfully.
C:\Program Files\ErrorSmart\Microsoft.VC80.MFC (Rogue.ErrorSmart) -> Quarantined and deleted successfully.

Inficerede Filer:
C:\Documents and Settings\POP\Application Data\ErrorSmart\Log\2007 Dec 10 - 06_31_05 PM_843.log (Rogue.ErrorSmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\POP\Application Data\ErrorSmart\Log\2007 Dec 10 - 06_31_10 PM_078.log (Rogue.ErrorSmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\POP\Application Data\ErrorSmart\Registry Backups\2007-12-10_18-33-17.reg (Rogue.ErrorSmart) -> Quarantined and deleted successfully.

..og her en meget lang Combofix log



ComboFix 09-10-18.06 - POP 19-10-2009 20:56.2.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.511.155 [GMT 2:00]
Running from: c:\docume~1\POP\LOCALS~1\Temp\fumui1gv.tmp\ComboFix.exe
FW: Online Armor Firewall *enabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
.
    /wow section - STAGE 3


(((((((((((((((((((((((((((((((((((((((  Other Deletions  )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\progra~1\AMAZIN~1\AMAZin~1.exe
c:\recycler\S-1-5-21-1935655697-1383384898-1060284298-1003
c:\recycler\S-1-5-21-1935655697-1383384898-1060284298-1007
c:\windows\a3kebook.ini
c:\windows\akebook.ini
c:\windows\ANS2000.INI
c:\windows\Installer\101a21.msp
c:\windows\Installer\10620db.msp
c:\windows\Installer\10620e2.msp
c:\windows\Installer\10620e3.msp
c:\windows\Installer\1087bd3.msp
c:\windows\Installer\109fad2.msp
c:\windows\Installer\109fad9.msp
c:\windows\Installer\109fada.msp
c:\windows\Installer\10a625.msp
c:\windows\Installer\10da396.msp
c:\windows\Installer\10f7019.msp
c:\windows\Installer\10f7020.msp
c:\windows\Installer\10f7021.msp
c:\windows\Installer\11319c.msp
c:\windows\Installer\1136e9e.msp
c:\windows\Installer\1136ea5.msp
c:\windows\Installer\1136ea6.msp
c:\windows\Installer\11704b.msp
c:\windows\Installer\117053.msp
c:\windows\Installer\1179acb.msp
c:\windows\Installer\11854a.msp
c:\windows\Installer\1188819.msp
c:\windows\Installer\1188820.msp
c:\windows\Installer\1188821.msp
c:\windows\Installer\11b15b.msp
c:\windows\Installer\11e0262.msp
c:\windows\Installer\124b69.msp
c:\windows\Installer\12d2003.msp
c:\windows\Installer\12d200a.msp
c:\windows\Installer\12d200b.msp
c:\windows\Installer\12f96c.msp
c:\windows\Installer\12f973.msp
c:\windows\Installer\12f974.msp
c:\windows\Installer\132830a.msp
c:\windows\Installer\133e45.msp
c:\windows\Installer\1364a72.msp
c:\windows\Installer\139cdf.msp
c:\windows\Installer\13b5538.msp
c:\windows\Installer\13b553f.msp
c:\windows\Installer\13b5540.msp
c:\windows\Installer\13e4684.msp
c:\windows\Installer\13e468b.msp
c:\windows\Installer\13e468c.msp
c:\windows\Installer\13f001.msp
c:\windows\Installer\13f008.msp
c:\windows\Installer\13f009.msp
c:\windows\Installer\141e9ab.msp
c:\windows\Installer\141ee1.msp
c:\windows\Installer\141ee8.msp
c:\windows\Installer\141ee9.msp
c:\windows\Installer\142d19.msp
c:\windows\Installer\1445a2.msp
c:\windows\Installer\1445a9.msp
c:\windows\Installer\1445aa.msp
c:\windows\Installer\1543d9.msp
c:\windows\Installer\1543e1.msp
c:\windows\Installer\154fe11.msp
c:\windows\Installer\154fe18.msp
c:\windows\Installer\154fe19.msp
c:\windows\Installer\1550554.msp
c:\windows\Installer\155055c.msp
c:\windows\Installer\1551a53.msp
c:\windows\Installer\1551a5a.msp
c:\windows\Installer\1551a5b.msp
c:\windows\Installer\16538ca.msp
c:\windows\Installer\16bafdf.msp
c:\windows\Installer\16bafe6.msp
c:\windows\Installer\16bafe7.msp
c:\windows\Installer\16c316.msp
c:\windows\Installer\16e285.msp
c:\windows\Installer\16e28d.msp
c:\windows\Installer\17395f.msp
c:\windows\Installer\17d4bb.msp
c:\windows\Installer\1816938.msp
c:\windows\Installer\1816940.msp
c:\windows\Installer\1930de2.msp
c:\windows\Installer\193b79.msp
c:\windows\Installer\193b81.msp
c:\windows\Installer\19b8cc0.msp
c:\windows\Installer\19b8cc8.msp
c:\windows\Installer\1a00e50.msp
c:\windows\Installer\1a69a8.msp
c:\windows\Installer\1a758f.msp
c:\windows\Installer\1a7596.msp
c:\windows\Installer\1a7597.msp
c:\windows\Installer\1ab1bd.msp
c:\windows\Installer\1adb0da.msp
c:\windows\Installer\1adb0e2.msp
c:\windows\Installer\1b0aba.msp
c:\windows\Installer\1b71a2.msp
c:\windows\Installer\1b71a9.msp
c:\windows\Installer\1b71aa.msp
c:\windows\Installer\1bb7871.msp
c:\windows\Installer\1bb7878.msp
c:\windows\Installer\1bb7879.msp
c:\windows\Installer\1c04da.msp
c:\windows\Installer\1ce259.msp
c:\windows\Installer\1cf19f4.msp
c:\windows\Installer\1cf19fc.msp
c:\windows\Installer\1d52011.msp
c:\windows\Installer\1d818c0.msp
c:\windows\Installer\1d818c8.msp
c:\windows\Installer\1da839.msp
c:\windows\Installer\1db76c.msp
c:\windows\Installer\1db774.msp
c:\windows\Installer\1dc0b10.msp
c:\windows\Installer\1dc0b18.msp
c:\windows\Installer\1e2aaae.msp
c:\windows\Installer\1e3b97e.msp
c:\windows\Installer\1e3b999.msp
c:\windows\Installer\1e3b9b7.msp
c:\windows\Installer\1ec457.msp
c:\windows\Installer\1ec45e.msp
c:\windows\Installer\1ec45f.msp
c:\windows\Installer\1ee0e8.msp
c:\windows\Installer\1ee0f0.msp
c:\windows\Installer\1eefbd.msp
c:\windows\Installer\1ef4005.msp
c:\windows\Installer\1ef400c.msp
c:\windows\Installer\1ef400d.msp
c:\windows\Installer\1f9e4c.msp
c:\windows\Installer\1fe50a.msp
c:\windows\Installer\1fe512.msp
c:\windows\Installer\20706a.msp
c:\windows\Installer\2070d7.msp
c:\windows\Installer\20d61ec.msp
c:\windows\Installer\2122652.msp
c:\windows\Installer\212265a.msp
c:\windows\Installer\2158ae.msp
c:\windows\Installer\2158b5.msp
c:\windows\Installer\2158b6.msp
c:\windows\Installer\218f20.msp
c:\windows\Installer\2227a7.msp
c:\windows\Installer\2227ae.msp
c:\windows\Installer\2227af.msp
c:\windows\Installer\2244db9.msp
c:\windows\Installer\228826.msp
c:\windows\Installer\22e6e0.msp
c:\windows\Installer\22e6e8.msp
c:\windows\Installer\2406e6.msp
c:\windows\Installer\2406ee.msp
c:\windows\Installer\25560b.msp
c:\windows\Installer\255613.msp
c:\windows\Installer\25db58.msp
c:\windows\Installer\25f267b.msp
c:\windows\Installer\25f2682.msp
c:\windows\Installer\25f2683.msp
c:\windows\Installer\262031.msp
c:\windows\Installer\262038.msp
c:\windows\Installer\262039.msp
c:\windows\Installer\2639b4.msp
c:\windows\Installer\2639bb.msp
c:\windows\Installer\2639bc.msp
c:\windows\Installer\278e57.msp
c:\windows\Installer\27c1121.msp
c:\windows\Installer\27d284.msp
c:\windows\Installer\281e188.msp
c:\windows\Installer\28221b.msp
c:\windows\Installer\282224.msp
c:\windows\Installer\284db50.msp
c:\windows\Installer\284db58.msp
c:\windows\Installer\287694.msp
c:\windows\Installer\288a8d2.msp
c:\windows\Installer\290519.msp
c:\windows\Installer\290521.msp
c:\windows\Installer\2a6c5a.msp
c:\windows\Installer\2a6c62.msp
c:\windows\Installer\2a9e76.msp
c:\windows\Installer\2a9e7e.msp
c:\windows\Installer\2b4f67.msp
c:\windows\Installer\2b52c2.msp
c:\windows\Installer\2b877e.msp
c:\windows\Installer\2b8786.msp
c:\windows\Installer\2c9aa6c.msp
c:\windows\Installer\2cdd1b.msp
c:\windows\Installer\2cdd23.msp
c:\windows\Installer\2d2cd1.msp
c:\windows\Installer\2dc931.msp
c:\windows\Installer\2de5532.msp
c:\windows\Installer\2e8126.msp
c:\windows\Installer\2e812e.msp
c:\windows\Installer\2eb9ca.msp
c:\windows\Installer\2efd9a.msp
c:\windows\Installer\2f2b03.msp
c:\windows\Installer\2fa7600.msp
c:\windows\Installer\2fa7607.msp
c:\windows\Installer\2fa7608.msp
c:\windows\Installer\300e93.msp
c:\windows\Installer\300e9b.msp
c:\windows\Installer\3010fd2.msp
c:\windows\Installer\3010fd9.msp
c:\windows\Installer\3010fda.msp
c:\windows\Installer\30a195.msp
c:\windows\Installer\30f320.msp
c:\windows\Installer\30f328.msp
c:\windows\Installer\3345bd7.msp
c:\windows\Installer\3345bde.msp
c:\windows\Installer\3345bdf.msp
c:\windows\Installer\336643.msp
c:\windows\Installer\336c9c.msp
c:\windows\Installer\33f312.msp
c:\windows\Installer\33f31a.msp
c:\windows\Installer\34183e.msp
c:\windows\Installer\351ccd.msp
c:\windows\Installer\35296f.msp
c:\windows\Installer\35ba07.msp
c:\windows\Installer\35ba0f.msp
c:\windows\Installer\35d30d.msp
c:\windows\Installer\35d315.msp
c:\windows\Installer\35e731.msp
c:\windows\Installer\391046.msp
c:\windows\Installer\39104e.msp
c:\windows\Installer\3b3e61.msp
c:\windows\Installer\3b7e87.msp
c:\windows\Installer\3b7e8f.msp
c:\windows\Installer\3c0c21.msp
c:\windows\Installer\3c87c9.msp
c:\windows\Installer\3ce432.msp
c:\windows\Installer\3ce43a.msp
c:\windows\Installer\3d86ab.msp
c:\windows\Installer\3d86b3.msp
c:\windows\Installer\3e2194.msp
c:\windows\Installer\3e219c.msp
c:\windows\Installer\3e63bd.msp
c:\windows\Installer\3e63c4.msp
c:\windows\Installer\3e63c5.msp
c:\windows\Installer\3f5b7b.msp
c:\windows\Installer\40265d.msp
c:\windows\Installer\40bc4.msp
c:\windows\Installer\411967.msp
c:\windows\Installer\41196f.msp
c:\windows\Installer\435899.msp
c:\windows\Installer\43f844.msp
c:\windows\Installer\440b7e.msp
c:\windows\Installer\4923ff.msp
c:\windows\Installer\492407.msp
c:\windows\Installer\4cdb4b.msp
c:\windows\Installer\4d993c.msp
c:\windows\Installer\4d9944.msp
c:\windows\Installer\4edd74.msp
c:\windows\Installer\5455b8.msp
c:\windows\Installer\5455c1.msp
c:\windows\Installer\54a223.msp
c:\windows\Installer\54a22b.msp
c:\windows\Installer\56e28d.msp
c:\windows\Installer\598b47.msp
c:\windows\Installer\598b4e.msp
c:\windows\Installer\598b4f.msp
c:\windows\Installer\5a61a2.msp
c:\windows\Installer\5b29f3.msp
c:\windows\Installer\5b5d57.msp
c:\windows\Installer\5b5d5f.msp
c:\windows\Installer\5ef0fe.msp
c:\windows\Installer\5ef105.msp
c:\windows\Installer\5ef106.msp
c:\windows\Installer\607452.msp
c:\windows\Installer\6240c5.msp
c:\windows\Installer\62f1e5.msp
c:\windows\Installer\62f1ed.msp
c:\windows\Installer\63b17c.msp
c:\windows\Installer\63b184.msp
c:\windows\Installer\6614a1.msp
c:\windows\Installer\6614a9.msp
c:\windows\Installer\68211a.msp
c:\windows\Installer\688a25.msp
c:\windows\Installer\688a33.msp
c:\windows\Installer\6ad81c.msp
c:\windows\Installer\6c13e8.msp
c:\windows\Installer\6c13ef.msp
c:\windows\Installer\6c13f0.msp
c:\windows\Installer\6e2b4e.msp
c:\windows\Installer\6e330f.msp
c:\windows\Installer\6e3317.msp
c:\windows\Installer\6efd73.msp
c:\windows\Installer\6efd7b.msp
c:\windows\Installer\72a87a.msp
c:\windows\Installer\78d1b.msp
c:\windows\Installer\7a86d2.msp
c:\windows\Installer\7a86da.msp
c:\windows\Installer\805b40.msp
c:\windows\Installer\805b45.msp
c:\windows\Installer\805b4b.msp
c:\windows\Installer\8406b4.msp
c:\windows\Installer\84d0da.msp
c:\windows\Installer\84d0e1.msp
c:\windows\Installer\84d0e2.msp
c:\windows\Installer\870c34.msp
c:\windows\Installer\883756.msp
c:\windows\Installer\88375e.msp
c:\windows\Installer\8c1f37.msp
c:\windows\Installer\8c1f3f.msp
c:\windows\Installer\8d4066.msp
c:\windows\Installer\8d406d.msp
c:\windows\Installer\8d406e.msp
c:\windows\Installer\8d6294.msp
c:\windows\Installer\8d629b.msp
c:\windows\Installer\8d629c.msp
c:\windows\Installer\90929e.msp
c:\windows\Installer\9092a5.msp
c:\windows\Installer\9092a6.msp
c:\windows\Installer\9389db.msp
c:\windows\Installer\9389e3.msp
c:\windows\Installer\9533fb.msp
c:\windows\Installer\953402.msp
c:\windows\Installer\953403.msp
c:\windows\Installer\96248.msp
c:\windows\Installer\995c41.msp
c:\windows\Installer\995c48.msp
c:\windows\Installer\995c49.msp
c:\windows\Installer\9bcb7b.msp
c:\windows\Installer\9bf9cf.msp
c:\windows\Installer\9bf9d6.msp
c:\windows\Installer\9bf9d7.msp
c:\windows\Installer\9d92ce.msp
c:\windows\Installer\9d92d6.msp
c:\windows\Installer\9d9474.msp
c:\windows\Installer\9d947b.msp
c:\windows\Installer\9d947c.msp
c:\windows\Installer\9fb97c.msp
c:\windows\Installer\9fb99c.msp
c:\windows\Installer\a41dfa.msp
c:\windows\Installer\a4ea62.msp
c:\windows\Installer\a54a7.msp
c:\windows\Installer\a9cba6.msp
c:\windows\Installer\a9cbae.msp
c:\windows\Installer\ab929b.msp
c:\windows\Installer\af9f1b.msp
c:\windows\Installer\b2a0f1.msp
c:\windows\Installer\bbddc.msp
c:\windows\Installer\bbde4.msp
c:\windows\Installer\bd480.msp
c:\windows\Installer\bd487.msp
c:\windows\Installer\bd488.msp
c:\windows\Installer\bdca28.msp
c:\windows\Installer\bdca2f.msp
c:\windows\Installer\bdca30.msp
c:\windows\Installer\bffc21.msp
c:\windows\Installer\c1302d.msp
c:\windows\Installer\c1717.msp
c:\windows\Installer\c171e.msp
c:\windows\Installer\c171f.msp
c:\windows\Installer\c745a.msp
c:\windows\Installer\cbdfb6.msp
c:\windows\Installer\cdf690.msp
c:\windows\Installer\cdf697.msp
c:\windows\Installer\cdf698.msp
c:\windows\Installer\d0c64.msp
c:\windows\Installer\d0c6b.msp
c:\windows\Installer\d0c6c.msp
c:\windows\Installer\d29c23.msp
c:\windows\Installer\d3c783.msp
c:\windows\Installer\d3c78a.msp
c:\windows\Installer\d3c78b.msp
c:\windows\Installer\d3e80.msp
c:\windows\Installer\d74651.msp
c:\windows\Installer\dc75ce.msp
c:\windows\Installer\e51bcb.msp
c:\windows\Installer\e51bd3.msp
c:\windows\Installer\e90e2b.msp
c:\windows\Installer\ea38b1.msp
c:\windows\Installer\ea38b9.msp
c:\windows\Installer\f16136.msp
c:\windows\Installer\f1d4c0.msp
c:\windows\Installer\f1d4c7.msp
c:\windows\Installer\f1d4c8.msp
c:\windows\Installer\f28880.msp
c:\windows\Installer\f28887.msp
c:\windows\Installer\f28888.msp
c:\windows\Installer\f32de.msp
c:\windows\Installer\f6112.msp
c:\windows\Installer\f611a.msp
c:\windows\Installer\f6f511.msp
c:\windows\Installer\f6f89.msp
c:\windows\Installer\f798e3.msp
c:\windows\Installer\f85b68.msp
c:\windows\Installer\f85b6f.msp
c:\windows\Installer\f85b70.msp
c:\windows\Installer\f8ca8d.msp
c:\windows\Installer\ffe3d0.msp
c:\windows\Installer\ffe3d8.msp
c:\windows\Installer\aa3964.msp
c:\windows\Installer\aa396c.msp
c:\windows\Installer\aa526a.msp

.
(((((((((((((((((((((((((  Files Created from 2009-09-19 to 2009-10-19  )))))))))))))))))))))))))))))))
.

2009-10-19 18:08 . 2009-09-10 12:54    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-19 18:08 . 2009-09-10 12:53    19160    ----a-w-    c:\windows\system32\drivers\mbam.sys
2009-10-19 18:08 . 2009-10-19 18:08    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2009-10-18 16:26 . 2009-10-18 16:26    59420    ---ha-w-    c:\windows\system32\mlfcache.dat
2009-10-18 15:55 . 2009-10-18 15:56    --------    d-----w-    c:\program files\Safari
2009-10-16 15:35 . 2009-09-03 09:17    15688    ----a-w-    c:\windows\system32\lsdelete.exe
2009-10-16 13:17 . 2009-09-23 12:55    64288    ----a-w-    c:\windows\system32\drivers\Lbd.sys
2009-10-16 13:15 . 2009-10-16 13:15    --------    dc-h--w-    c:\documents and settings\All Users.WINDOWS\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-10-15 11:47 . 2009-05-18 12:17    26600    ----a-w-    c:\windows\system32\drivers\GEARAspiWDM.sys
2009-10-15 11:47 . 2008-04-17 11:12    107368    ----a-w-    c:\windows\system32\GEARAspi.dll
2009-10-15 11:43 . 2009-10-15 11:47    --------    d-----w-    c:\program files\iTunes
2009-10-15 11:43 . 2009-10-15 11:47    --------    d-----w-    c:\documents and settings\All Users.WINDOWS\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-10-15 11:42 . 2009-10-15 11:42    --------    d-----w-    c:\program files\Bonjour
2009-10-15 11:25 . 2009-10-15 11:26    --------    d-----w-    c:\program files\Apple Software Update
2009-10-15 11:24 . 2009-08-28 17:42    40448    ----a-w-    c:\windows\system32\drivers\usbaapl.sys
2009-10-15 11:24 . 2009-08-28 17:42    2065696    ----a-w-    c:\windows\system32\usbaaplrc.dll
2009-10-15 11:24 . 2009-10-16 13:17    --------    dc----w-    c:\windows\system32\DRVSTORE
2009-10-15 11:23 . 2009-10-15 11:45    --------    d-----w-    c:\program files\Common Files\Apple
2009-10-15 11:23 . 2009-10-19 09:59    --------    d-----w-    c:\documents and settings\All Users.WINDOWS\Application Data\Apple
2009-10-03 17:49 . 2009-10-03 17:49    --------    d-----w-    c:\program files\TomTom International B.V
2009-10-03 17:49 . 2009-10-03 17:49    --------    d-----w-    c:\program files\TomTom HOME 2_1

.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-19 19:14 . 2007-12-23 13:48    --------    d-----w-    c:\program files\Amazing Resume Creator
2009-10-19 18:02 . 2007-07-28 09:42    664    ----a-w-    c:\windows\system32\d3d9caps.dat
2009-10-19 18:01 . 2005-10-26 16:41    --------    d-----w-    c:\program files\Mozilla Thunderbird
2009-10-19 17:52 . 2009-01-06 22:56    --------    d-----w-    c:\documents and settings\POP\Application Data\OnlineArmor
2009-10-19 16:25 . 2007-09-10 15:24    --------    d-----w-    c:\documents and settings\POP\Application Data\Apple Computer
2009-10-18 12:54 . 2008-06-06 09:47    --------    d-----w-    c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2009-10-16 13:14 . 2006-10-16 18:23    --------    d-----w-    c:\program files\Lavasoft
2009-10-16 10:44 . 2007-05-08 21:31    --------    d-----w-    c:\program files\CCleaner
2009-10-15 12:01 . 2005-05-21 08:48    --------    d-----w-    c:\program files\QuickTime
2009-10-15 11:53 . 2008-02-01 22:32    768    ----a-w-    c:\windows\system32\d3d8caps.dat
2009-10-15 11:45 . 2007-02-20 09:31    --------    d-----w-    c:\program files\iPod
2009-10-15 11:38 . 2007-12-10 19:04    --------    d-----w-    c:\documents and settings\All Users.WINDOWS\Application Data\Apple Computer
2009-10-03 17:44 . 2008-03-31 19:06    --------    d-----w-    c:\program files\TomTom HOME 2
2009-09-11 14:18 . 2001-08-23 12:00    136192    ----a-w-    c:\windows\system32\msv1_0.dll
2009-09-11 06:11 . 2009-04-02 17:54    --------    d-----w-    c:\program files\Microsoft Silverlight
2009-09-04 21:03 . 2001-08-23 12:00    58880    ----a-w-    c:\windows\system32\msasn1.dll
2009-08-29 08:08 . 2001-08-23 12:00    916480    ----a-w-    c:\windows\system32\wininet.dll
2009-08-28 17:42 . 2009-10-15 11:24    40448    ----a-w-    c:\windows\system32\drivers\usbaapl.sys
2009-08-26 08:00 . 2001-08-23 12:00    247326    ----a-w-    c:\windows\system32\strmdll.dll
2009-08-17 21:33 . 2009-08-17 21:33    1193832    ----a-w-    c:\windows\system32\FM20.DLL
2009-08-12 16:39 . 2007-05-19 19:12    71480    ----a-w-    c:\documents and settings\POP\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-05 11:38 . 2009-01-02 08:39    0    ----a-w-    c:\documents and settings\POP\temp.dat
2009-08-05 09:01 . 2001-08-23 12:00    204800    ----a-w-    c:\windows\system32\mswebdvd.dll
2009-08-04 18:44 . 2001-08-23 12:00    2189184    ----a-w-    c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 2001-08-17 13:48    2066048    ----a-w-    c:\windows\system32\ntkrnlpa.exe
.

(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vptray"="c:\progra~1\SYMANT~1\SYMANT~1\vptray.exe" [2003-12-17 90112]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-01 136600]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"@OnlineArmor GUI"="c:\program files\Tall Emu\Online Armor\oaui.exe" [2008-12-13 6223048]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 131072]
"Matrox PowerDesk SE"="c:\program files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe" [2007-09-11 1910016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-04 417792]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\TALLEM~1\ONLINE~1\oaevent.dll" [2008-12-13 886984]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\FRONTPG.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [16-10-2009 15:17 64288]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [07-01-2009 00:56 178376]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [07-01-2009 00:56 30920]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [07-01-2009 00:56 28872]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24-09-2009 13:17 1170768]
R2 Matrox Centering Service;Matrox Centering Service;c:\program files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe [11-09-2007 15:17 500992]
R2 Matrox.Pdesk.ServicesHost;Matrox.Pdesk.ServicesHost;c:\program files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe [11-09-2007 15:16 177408]
R2 OAcat;Online Armor Helper Service;c:\program files\Tall Emu\Online Armor\oacat.exe [07-01-2009 00:56 1402568]
R2 SvcOnlineArmor;Online Armor;c:\program files\Tall Emu\Online Armor\oasrv.exe [07-01-2009 00:56 3321032]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2_1\TomTomHOMEService.exe [27-08-2009 17:05 92008]
S3 AC2003;AC2003;c:\windows\system32\drivers\AC2003.sys [19-05-2007 18:56 4224]
S3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC);c:\windows\system32\DRIVERS\SMCWGU.sys --> c:\windows\system32\DRIVERS\SMCWGU.sys [?]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [15-10-2009 13:24 40448]
.
Contents of the 'Scheduled Tasks' folder

2009-10-19 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:16]

2009-10-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-10-19 c:\windows\Tasks\User_Feed_Synchronization-{5CCD9645-D74A-4041-88DF-C1FE15EC01E9}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]

2009-10-19 c:\windows\Tasks\WebReg officejet 6300 series.job
- c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2006-02-19 14:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.kaninunivers.dk/
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: danid.dk
Trusted Zone: hr-manager.net\www3
Trusted Zone: skat.dk\tastselv
Trusted Zone: unomedical.com
Trusted Zone: danid.dk
DPF: {1469FF24-47F6-11D2-8805-006008C537E3} - hxxp://www.kps.dk/codebase/ffmail.cab
DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} - hxxps://netbank.danskebank.dk/html/activex/DB/Menu.cab
DPF: {4F2A3649-7A9F-4950-9C31-409FAC6FC7C8} - hxxps://danid.dk/csp/authenticode/csp.exe
DPF: {6274F636-00DB-42BE-8995-B92E46F853F7} - hxxps://signflow.statsamt.dk/signServerClient.cab
DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-19 21:37
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-10-19 21:45
ComboFix-quarantined-files.txt  2009-10-19 19:44
ComboFix2.txt  2008-01-01 14:26

Pre-Run: 71.433.437.184 bytes free
Post-Run: 71.605.907.456 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

- - End Of File - - 03C6571B319B5188D5ED7A6CC7165083

..og til sidst en HJT log


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:59:00, on 23-10-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe
C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\mgabg.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Tall Emu\Online Armor\oacat.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TomTom HOME 2_1\TomTomHOMEService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Tall Emu\Online Armor\oahlp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\office12\offlb.exe
C:\Documents and Settings\POP\My Documents\HIJACKTHIS\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [Matrox PowerDesk SE] "C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://*.danid.dk
O15 - Trusted Zone: http://*.danid.dk (HKLM)
O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} - https://netsupport2.tdconline.dk/sdccommon/download/tgctlar.cab
O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED} - https://netsupport2.tdconline.dk/sdccommon/download/tgctlsi.cab
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {11818680-FCF6-11D0-9808-0800092A4865} (Adobe Form Control) - http://www.kps.dk/Codebase/FormCtl.cab
O16 - DPF: {1469FF24-47F6-11D2-8805-006008C537E3} (Adobe Mail Control) - http://www.kps.dk/codebase/ffmail.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.danskebank.dk/html/activex/DB/Menu.cab
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_5.cab
O16 - DPF: {4F2A3649-7A9F-4950-9C31-409FAC6FC7C8} (IssueUtilCtrl Class) - https://danid.dk/csp/authenticode/csp.exe
O16 - DPF: {6274F636-00DB-42BE-8995-B92E46F853F7} (sigSrvClnt Class) - https://signflow.statsamt.dk/signServerClient.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1179594019155
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1179605607203
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {CDDCFBB3-4D93-11D2-B1A9-00A0C9B742BE} (Adobe Script Object) - http://www.kps.dk/codebase/scriptobject.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EF2FB80F-0975-408E-A871-B00CC863478A} (Adobe Soft Font Installer) - http://www.kps.dk/codebase/fontinstaller.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Matrox Centering Service - Matrox Graphics Inc. - C:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe
O23 - Service: Matrox.Pdesk.ServicesHost - Unknown owner - C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\system32\mgabg.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oacat.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2_1\TomTomHOMEService.exe

--
End of file - 11179 bytes

Hmmm... Hvilket sikkerhedsprogram bruger du ?
Der er en Service der kører noget Symantec, men der mangler vist noget ?

---

Afinstall:
* Apple Mobile Device
* Bonjour-tjeneste (Bonjour Service)
* Google Software Updater (gusvc)
* iPod-tjeneste (iPod Service)
* TomTomHOMEService - TomTom ?

---

Ta' en oprydning med nævnte CCleaner
CCleaner - værktøjer - opstart - Disable/Fjern følgende elementer:
[Adobe Reader Speed Launcher]
[QuickTime Task]
 
---