Internet Explorer er "uvenentet afsluttet", www.google.dk

Hent "Malwarebytes' Anti-Malware" her: http://www.besttechie.net/tools/mbam-setup.exe
Installer og start programmet, klik på fanen opdater, klik Tjek for opdatering, lav "Hurtig skan" under fanebladet "skanner"
Bagefter klik på "vis resultater", tryk på "Fjern det valgte" og send loggen herind sammen med en ny hijackthis log

Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator.

NB Når du opdaterer Malwarebytes, så klik på opdater til den skriver at der ikke er flere opdateringer.

Husk det med at højre klikke på filen. Gælder både Malwarebytes og HijackThis!

Malware log:
Malwarebytes' Anti-Malware 1.44
Database version: 3800
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882

27-02-2010 15:53:25
mbam-log-2010-02-27 (15-53-25).txt

Skan type: Hurtig skanning
Objekter skannet: 168569
Tid tilbagelagt: 36 minute(s), 40 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 1
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 4

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
HKEY_CURRENT_USER\SOFTWARE\SlysBitch (Bifrose.Trace) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
C:\Users\Peter\AppData\Local\Temp\MSN.abc (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Peter\AppData\Roaming\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully.
C:\Users\Peter\AppData\Local\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Peter\AppData\Local\Temp\XxX.xXx (Malware.Trace) -> Quarantined and deleted successfully.


Hijackthis log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:03:05, on 27-02-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Roxio 2010\5.0\CPMonitor.exe
C:\Program Files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe
C:\Program Files\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\Taskmgr.exe
C:\Users\Peter\Desktop\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.dk/ig/dell?hl=da&client=dell-row&channel=dk&ibd=5080610
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/ig/dell?hl=da&client=dell-row&channel=dk&ibd=5080610
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.dk/ig/dell?hl=da&client=dell-row&channel=dk&ibd=5080610
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer leveret af Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [OEM02Cfg.exe] OEM02Cfg.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatchTray12.exe"
O4 - HKLM\..\Run: [CPMonitor] "C:\Program Files\Roxio 2010\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; GTB6; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; InfoPath.2; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://www.gratisspil.dk/onlineGame/games/play.php?id=1950"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETVÆRKSTJENESTE')
O4 - Startup: Screen Clipper and Launcher til OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Vis eller skjul HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O15 - Trusted Zone: *.danskebank.dk
O15 - Trusted Zone: www.himmerland.dk
O15 - Trusted Zone: www.portalbank.dk
O15 - Trusted Zone: www.sparhim.dk
O15 - Trusted Zone: http://www.sparhim.dk
O15 - Trusted Zone: www.testby.dk
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) - https://www.himmerland.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - https://homepc.novonordisk.com/citrix/ICAWEB/en/ica32/wficat.cab
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - http://support.euro.dell.com/systemprofiler/SysProExe.CAB
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Desktop-administrator 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Tjenesten Google Update (gupdate1c9946ae2471f01) (gupdate1c9946ae2471f01) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: RoxMediaDB12 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 16293 bytes

Håber at dette giver mere info.

Du skal ikke selv svare - det er forbeholdt løsningen!

Start hijackthis, klik på "do  a system scan only" og sæt flueben ved følgende.

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O4 - HKLM\..\Run: [OEM02Cfg.exe] OEM02Cfg.exe
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:

Luk så alle andre vinduer og klik "fix checked"

------

Hent og gem Combofix på dit skrivebord:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Højreklik på skrivebordet og vælg ny->tekstdokument og kopier det fremhævede ind og gem filen som CFScript.txt

Du skal sikre dig at den ikke kommer til at hedde CFScript.txt.txt

--------------

Killall::
Snapshot::

-------------

Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/billeder/cfscript.gif


Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt som ligger her C:\ Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

Combofix log:
ComboFix 10-02-27.04 - Peter 27-02-2010  19:45:02.1.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.45.1030.18.3581.2113 [GMT 1:00]
Kører fra: c:\users\Peter\Desktop\ComboFix.exe
Kommandoer benyttet :: c:\users\Peter\Desktop\CFScript.txt.txt
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1262429951-3862704640-1477892027-500
c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\$recycle.bin\S-1-5-21-3760575259-3998885095-2510980084-500
c:\programdata\hpeF23.dll
c:\users\Peter\AppData\Roaming\WinDefence
c:\windows\system32\NlsData0024.dll
c:\windows\system32\OLE2SYS2.DLL
c:\windows\system32\SOCKETX.DLL
c:\windows\system32\stacsv.exe

.
(((((((((((((((((((((((((((((((((((((((  Drivers/Tjenester  )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_STacSV


(((((((((((((((((((((((((((((  Filer skabt fra 2010-01-27 til 2010-02-27  )))))))))))))))))))))))))))))))))))
.

2010-02-27 19:00 . 2010-02-27 19:06    --------    d-----w-    c:\users\Peter\AppData\Local\temp
2010-02-27 19:00 . 2010-02-27 19:00    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-02-27 19:00 . 2010-02-27 19:00    --------    d-----w-    c:\users\Yasmin\AppData\Local\temp
2010-02-27 18:59 . 2010-02-27 18:59    --------    d-----w-    c:\users\Raghad\AppData\Local\temp
2010-02-27 18:59 . 2010-02-27 18:59    --------    d-----w-    c:\users\Oscar\AppData\Local\temp
2010-02-27 14:05 . 2010-02-27 14:05    --------    d-----w-    c:\users\Peter\AppData\Roaming\Malwarebytes
2010-02-27 14:04 . 2010-01-07 15:07    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-27 14:04 . 2010-02-27 14:04    --------    d-----w-    c:\programdata\Malwarebytes
2010-02-27 14:04 . 2010-01-07 15:07    19160    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-02-27 14:04 . 2010-02-27 14:57    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2010-02-26 10:33 . 2010-02-26 14:25    --------    d-----w-    c:\programdata\NOS
2010-02-24 19:18 . 2010-02-24 19:18    --------    d-----w-    c:\programdata\GlobalSCAPE
2010-02-23 18:18 . 2010-01-23 09:26    2048    ----a-w-    c:\windows\system32\tzres.dll
2010-02-23 18:17 . 2010-01-25 12:00    471552    ----a-w-    c:\windows\system32\secproc_isv.dll
2010-02-23 18:17 . 2010-01-25 12:00    471552    ----a-w-    c:\windows\system32\secproc.dll
2010-02-23 18:17 . 2010-01-25 12:00    152576    ----a-w-    c:\windows\system32\secproc_ssp_isv.dll
2010-02-23 18:17 . 2010-01-25 12:00    152064    ----a-w-    c:\windows\system32\secproc_ssp.dll
2010-02-23 18:17 . 2010-01-25 11:58    332288    ----a-w-    c:\windows\system32\msdrm.dll
2010-02-23 18:17 . 2010-01-25 08:21    526336    ----a-w-    c:\windows\system32\RMActivate_isv.exe
2010-02-23 18:17 . 2010-01-25 08:21    346624    ----a-w-    c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-23 18:17 . 2010-01-25 08:21    518144    ----a-w-    c:\windows\system32\RMActivate.exe
2010-02-23 18:17 . 2010-01-25 08:21    347136    ----a-w-    c:\windows\system32\RMActivate_ssp.exe
2010-02-23 18:17 . 2010-01-06 15:39    1696256    ----a-w-    c:\windows\system32\gameux.dll
2010-02-23 18:17 . 2010-01-06 15:38    28672    ----a-w-    c:\windows\system32\Apphlpdm.dll
2010-02-23 18:17 . 2010-01-06 13:30    4240384    ----a-w-    c:\windows\system32\GameUXLegacyGDFs.dll
2010-02-14 18:38 . 2010-02-14 18:38    --------    d-----w-    c:\users\Oscar\AppData\Local\Sony Ericsson
2010-02-13 12:47 . 2010-02-13 12:47    --------    d-----w-    c:\users\Peter\AppData\Local\Sony Ericsson
2010-02-13 12:47 . 2010-02-13 12:47    --------    d-----w-    c:\programdata\BVRP Software
2010-02-13 12:38 . 2008-10-21 08:22    26024    ----a-w-    c:\windows\system32\drivers\s0017nd5.sys
2010-02-13 12:38 . 2008-10-21 08:22    15016    ----a-w-    c:\windows\system32\drivers\s0017mdfl.sys
2010-02-13 12:38 . 2008-10-21 08:22    12200    ----a-w-    c:\windows\system32\drivers\s0017whnt.sys
2010-02-13 12:38 . 2008-10-21 08:22    12200    ----a-w-    c:\windows\system32\drivers\s0017wh.sys
2010-02-13 12:38 . 2008-10-21 08:22    114600    ----a-w-    c:\windows\system32\drivers\s0017mdm.sys
2010-02-13 12:38 . 2008-10-21 08:22    109736    ----a-w-    c:\windows\system32\drivers\s0017unic.sys
2010-02-13 12:38 . 2008-10-21 08:22    108328    ----a-w-    c:\windows\system32\drivers\s0017mgmt.sys
2010-02-13 12:38 . 2008-10-21 08:22    104616    ----a-w-    c:\windows\system32\drivers\s0017obex.sys
2010-02-13 12:38 . 2008-10-21 08:22    86824    ----a-w-    c:\windows\system32\drivers\s0017bus.sys
2010-02-13 12:38 . 2008-10-21 08:22    12200    ----a-w-    c:\windows\system32\drivers\s0017cmnt.sys
2010-02-13 12:38 . 2008-10-21 08:22    12200    ----a-w-    c:\windows\system32\drivers\s0017cm.sys
2010-02-13 12:38 . 2008-10-21 08:22    10792    ----a-w-    c:\windows\system32\drivers\s0017cr.sys
2010-02-13 12:37 . 2010-02-13 12:37    --------    d-----w-    c:\programdata\Sony Ericsson
2010-02-13 12:37 . 2010-02-13 12:37    --------    d-----w-    c:\program files\Sony Ericsson
2010-02-11 08:15 . 2010-02-25 11:42    --------    d-----w-    c:\users\Raghad\AppData\Local\CrashDumps
2010-02-10 17:22 . 2010-02-18 18:54    --------    d-----w-    c:\users\Oscar\AppData\Local\CrashDumps
2010-02-08 19:09 . 2010-02-08 19:09    --------    d-----w-    c:\program files\3D-FTP
2010-02-08 19:09 . 2010-02-08 21:04    --------    d-----w-    c:\programdata\3D-FTP
2010-02-08 19:00 . 2010-02-08 19:01    --------    d-----w-    c:\users\Peter\AppData\Local\Deployment
2010-02-08 19:00 . 2010-02-08 19:00    --------    d-----w-    c:\users\Peter\AppData\Local\Apps
2010-02-08 17:52 . 2010-02-08 17:52    --------    d-----w-    c:\program files\Common Files\Skype
2010-02-08 17:44 . 2009-04-07 12:50    23720    ----a-w-    c:\windows\system32\novamnv6.dll
2010-02-08 17:44 . 2009-04-07 12:50    18600    ----a-w-    c:\windows\system32\novamiv6.dll
2010-02-08 17:43 . 2010-02-08 17:44    --------    d-----w-    c:\program files\PamFax
2010-02-08 17:33 . 2010-02-27 17:46    --------    d-----w-    c:\users\Peter\AppData\Local\CrashDumps
2010-02-08 14:48 . 2010-02-08 14:47    124976    ----a-w-    c:\windows\system32\drivers\SYMEVENT.SYS
2010-02-08 14:47 . 2010-02-08 14:48    --------    d-----w-    c:\program files\Symantec
2010-02-08 14:45 . 2010-02-09 16:11    --------    d-----w-    c:\windows\system32\drivers\NIS
2010-02-08 14:45 . 2010-02-08 14:45    --------    d-----w-    c:\program files\Norton Internet Security

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-27 19:03 . 2009-10-29 14:54    150783    ----a-w-    c:\programdata\nvModes.dat
2010-02-27 19:01 . 2008-06-09 19:32    5332    ----a-w-    c:\windows\bthservsdp.dat
2010-02-27 16:14 . 2008-07-15 09:57    --------    d-----w-    c:\programdata\Roxio
2010-02-27 15:52 . 2008-07-15 09:44    182954    ----a-w-    c:\windows\hpoins21.dat
2010-02-27 15:14 . 2009-02-15 12:59    --------    d-----w-    c:\programdata\NVIDIA
2010-02-27 12:10 . 2009-08-01 21:07    --------    d-----w-    c:\users\Peter\AppData\Roaming\GoodSync
2010-02-27 00:50 . 2008-06-09 19:45    --------    d-----w-    c:\program files\Common Files\Java
2010-02-27 00:49 . 2008-06-09 19:45    --------    d-----w-    c:\program files\Java
2010-02-26 22:20 . 2009-02-21 21:24    --------    d-----w-    c:\programdata\Google Updater
2010-02-26 14:38 . 2006-11-21 04:49    78210    ----a-w-    c:\windows\system32\perfc006.dat
2010-02-26 14:38 . 2006-11-21 04:49    466378    ----a-w-    c:\windows\system32\perfh006.dat
2010-02-26 10:36 . 2010-02-26 10:36    509552    ----a-w-    c:\programdata\Google\Google Toolbar\Update\gtbF76F.tmp.exe
2010-02-26 10:34 . 2008-06-09 19:54    --------    d-----w-    c:\program files\Google
2010-02-26 10:34 . 2010-02-26 10:34    1955472    ----a-w-    c:\programdata\NOS\Adobe_Downloads\install_flash_player_ax.exe
2010-02-26 07:44 . 2008-06-23 17:37    147056    ----a-w-    c:\users\Oscar\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-25 19:07 . 2008-07-17 13:47    7592    ----a-w-    c:\users\Peter\AppData\Local\d3d9caps.dat
2010-02-24 20:47 . 2008-06-29 17:56    147056    ----a-w-    c:\users\Raghad\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 18:54 . 2008-06-23 16:38    147056    ----a-w-    c:\users\Peter\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-18 14:54 . 2010-01-21 18:12    --------    d-----w-    c:\users\Peter\AppData\Roaming\HPAppData
2010-02-13 12:51 . 2010-02-13 12:51    0    ---ha-w-    c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-02-13 12:37 . 2008-06-09 19:45    --------    d--h--w-    c:\program files\InstallShield Installation Information
2010-02-13 10:07 . 2009-06-27 16:36    --------    d-----w-    c:\users\Peter\AppData\Roaming\Skype
2010-02-13 10:00 . 2009-06-27 19:29    --------    d-----w-    c:\users\Peter\AppData\Roaming\skypePM
2010-02-11 18:44 . 2010-02-11 18:44    201616    ----a-w-    c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20100211.001\BHRules.dll
2010-02-11 18:44 . 2010-02-11 18:44    1406352    ----a-w-    c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20100211.001\BHEngine.dll
2010-02-11 18:44 . 2010-02-11 18:44    676912    ----a-w-    c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20100211.001\BHDrvx64.sys
2010-02-11 18:44 . 2010-02-11 18:44    536112    ----a-w-    c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20100211.001\BHDrvx86.sys
2010-02-11 18:44 . 2010-02-11 18:44    611216    ----a-w-    c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20100211.001\bbRGen.dll
2010-02-11 10:22 . 2010-02-27 18:01    84912    ----a-w-    c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100227.007\NAVENG.SYS
2010-02-11 10:22 . 2010-02-27 18:01    177520    ----a-w-    c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100227.007\NAVENG32.DLL
2010-02-11 10:22 . 2010-02-27 18:01    1647984    ----a-w-    c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100227.007\NAVEX32A.DLL
2010-02-11 10:22 . 2010-02-27 18:01    1324720    ----a-w-    c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100227.007\NAVEX15.SYS
2010-02-11 10:22 . 2010-02-27 18:01    371248    ----a-w-    c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100227.007\EECTRL.SYS
2010-02-11 10:22 . 2010-02-27 18:01    2747440    ----a-w-    c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100227.007\CCERASER.DLL
2010-02-11 10:22 . 2010-02-27 18:01    259440    ----a-w-    c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100227.007\ECMSVR32.DLL
2010-02-11 10:22 . 2010-02-27 18:01    102448    ----a-w-    c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100227.007\ERASER.SYS
2010-02-10 19:03 . 2006-11-02 11:18    --------    d-----w-    c:\program files\Windows Mail
2010-02-10 15:45 . 2008-07-15 10:17    --------    d-----w-    c:\programdata\Microsoft Help
2010-02-08 17:53 . 2009-06-27 16:36    --------    d-----r-    c:\program files\Skype
2010-02-08 17:52 . 2009-06-27 16:36    --------    d-----w-    c:\programdata\Skype
2010-02-08 17:41 . 2010-02-08 17:41    51577    ----a-w-    c:\programdata\Skype\Plugins\Plugins\76DD75F4114D4980AA886269FB262203\uninstall.exe
2010-02-08 17:41 . 2010-02-08 17:41    69632    ----a-w-    c:\programdata\Skype\Plugins\Plugins\76DD75F4114D4980AA886269FB262203\StartFaxExtra.exe
2010-02-08 17:41 . 2010-02-08 17:41    124224    ----a-w-    c:\programdata\Skype\Plugins\Plugins\76DD75F4114D4980AA886269FB262203\FaxExtraSetup.exe
2010-02-08 14:54 . 2008-06-09 19:59    --------    d-----w-    c:\program files\Common Files\Symantec Shared
2010-02-08 14:50 . 2009-02-28 16:28    --------    d-----w-    c:\programdata\Norton
2010-02-08 14:47 . 2010-02-08 14:48    805    ----a-w-    c:\windows\system32\drivers\SYMEVENT.INF
2010-02-08 14:47 . 2010-02-08 14:48    7443    ----a-w-    c:\windows\system32\drivers\SYMEVENT.CAT
2010-02-08 14:37 . 2009-02-28 16:28    --------    d-----w-    c:\programdata\NortonInstaller
2010-02-07 17:14 . 2010-01-24 20:49    --------    d-----w-    c:\users\Peter\AppData\Roaming\FileZilla
2010-02-06 20:02 . 2009-05-06 19:13    --------    d-----w-    c:\program files\NewsLeecher
2010-02-03 05:17 . 2010-02-03 05:17    509552    ----a-w-    c:\programdata\Google\Google Toolbar\Update\gtbBBA2.tmp.exe
2010-01-24 20:49 . 2010-01-24 20:49    --------    d-----w-    c:\program files\FileZilla FTP Client
2010-01-23 14:27 . 2009-04-06 18:44    --------    d-----w-    c:\program files\Microsoft Silverlight
2010-01-14 17:02 . 2010-01-14 16:59    23700    ----a-w-    c:\windows\hpqins15.dat
2010-01-02 06:38 . 2010-01-22 14:49    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-22 14:49    109056    ----a-w-    c:\windows\system32\iesysprep.dll
2010-01-02 06:32 . 2010-01-22 14:49    71680    ----a-w-    c:\windows\system32\iesetup.dll
2010-01-02 04:57 . 2010-01-22 14:49    133632    ----a-w-    c:\windows\system32\ieUnatt.exe
2009-12-23 14:33 . 2008-06-24 12:19    146488    ----a-w-    c:\users\Yasmin\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-21 13:48 . 2009-12-21 13:48    10134    ----a-r-    c:\users\Peter\AppData\Roaming\Microsoft\Installer\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}\ARPPRODUCTICON.exe
2009-12-17 16:14 . 2009-06-21 10:51    411368    ----a-w-    c:\windows\system32\deploytk.dll
2009-12-11 11:43 . 2010-02-10 13:50    302080    ----a-w-    c:\windows\system32\drivers\srv.sys
2009-12-11 11:43 . 2010-02-10 13:50    98816    ----a-w-    c:\windows\system32\drivers\srvnet.sys
2009-12-10 03:16 . 2010-02-08 14:50    784752    ----a-r-    c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\coFFPlgn\components\coFFPlgn.dll
2009-12-08 20:01 . 2010-02-10 13:50    904776    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2009-12-08 20:01 . 2010-02-10 13:50    3600456    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2009-12-08 20:01 . 2010-02-10 13:50    3548216    ----a-w-    c:\windows\system32\ntoskrnl.exe
2009-12-08 17:26 . 2010-02-10 13:50    30720    ----a-w-    c:\windows\system32\drivers\tcpipreg.sys
2009-12-05 11:30 . 2009-12-05 11:22    78106    ----a-w-    c:\windows\hpqins05.dat
2009-12-04 18:30 . 2010-02-10 13:50    12288    ----a-w-    c:\windows\system32\tsbyuv.dll
2009-12-04 18:29 . 2010-02-10 13:50    1314816    ----a-w-    c:\windows\system32\quartz.dll
2009-12-04 18:28 . 2010-02-10 13:50    22528    ----a-w-    c:\windows\system32\msyuv.dll
2009-12-04 18:28 . 2010-02-10 13:50    31744    ----a-w-    c:\windows\system32\msvidc32.dll
2009-12-04 18:28 . 2010-02-10 13:50    123904    ----a-w-    c:\windows\system32\msvfw32.dll
2009-12-04 18:28 . 2010-02-10 13:50    13312    ----a-w-    c:\windows\system32\msrle32.dll
2009-12-04 18:28 . 2010-02-10 13:50    82944    ----a-w-    c:\windows\system32\mciavi32.dll
2009-12-04 18:28 . 2010-02-10 13:50    50176    ----a-w-    c:\windows\system32\iyuv_32.dll
2009-12-04 18:27 . 2010-02-10 13:50    91136    ----a-w-    c:\windows\system32\avifil32.dll
2009-12-04 15:56 . 2010-02-10 13:50    212992    ----a-w-    c:\windows\system32\drivers\mrxsmb10.sys
2009-12-04 15:56 . 2010-02-10 13:50    105984    ----a-w-    c:\windows\system32\drivers\mrxsmb.sys
2009-12-04 15:29 . 2009-12-04 15:29    484976    ----a-w-    c:\programdata\Google\Google Toolbar\Update\gtbAEA.tmp.exe
2008-06-09 19:51 . 2008-06-09 19:51    76    --sh--r-    c:\windows\CT4CET.bin
2008-06-10 03:18 . 2008-06-10 03:03    8192    --sha-w-    c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-27 247144]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2009-11-20 434176]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-09 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-29 17920]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-09-24 159744]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-12-03 36864]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-10 30192]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"MBBalloon"="c:\program files\HOTALBUMMyBOX\MBBalloon.exe" [2007-11-30 789144]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2008-11-20 178688]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2008-01-02 405504]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatchTray12.exe" [2009-07-24 240112]
"CPMonitor"="c:\program files\Roxio 2010\5.0\CPMonitor.exe" [2009-07-21 84464]
"Desktop Disc Tool"="c:\program files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-23 494064]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-16 13793824]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2009-06-16 92704]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]

c:\users\Yasmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Screen Clipper and Launcher til OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Screen Clipper and Launcher til OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-6-9 50688]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
PHOTOfunSTUDIO -viewer-.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe [2008-12-25 40960]
QuickSet.lnk - c:\windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2008-6-9 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"VistaSp2"=hex(b):35,fd,fb,80,34,3e,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1262429951-3862704640-1477892027-1000]
"EnableNotifications"=dword:00000001
"EnableNotificationsRef"=dword:00000001

R0 PzWDM;PzWDM;c:\windows\System32\drivers\PzWDM.sys [20-12-2008 14:17 15172]
R0 SymDS;Symantec Data Store;c:\windows\System32\drivers\NIS\1105000.07F\symds.sys [08-02-2010 16:02 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\NIS\1105000.07F\symefa.sys [08-02-2010 16:02 172592]
R1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20100211.001\BHDrvx86.sys [11-02-2010 19:44 536112]
R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\NIS\1105000.07F\cchpx86.sys [08-02-2010 16:02 501888]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20100224.002\IDSvix86.sys [26-02-2010 08:55 343088]
R1 SymIRON;Symantec Iron Driver;c:\windows\System32\drivers\NIS\1105000.07F\ironx86.sys [08-02-2010 16:02 116272]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\drivers\NIS\1105000.07F\symtdiv.sys [08-02-2010 16:02 340016]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [09-06-2008 20:31 73728]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.5.0.127\ccsvchst.exe [08-02-2010 16:02 126392]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [13-02-2010 13:37 90112]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [27-08-2009 16:05 92008]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [08-02-2010 19:39 102448]
S2 gupdate1c9946ae2471f01;Tjenesten Google Update (gupdate1c9946ae2471f01);c:\program files\Google\Update\GoogleUpdate.exe [21-02-2009 22:25 133104]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe [24-07-2009 08:33 219632]
S3 GoogleDesktopManager-110309-193829;Google Desktop-administrator 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [09-06-2008 20:54 30192]
S3 RoxMediaDB12;RoxMediaDB12;c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe [24-07-2009 08:33 1116656]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\System32\drivers\s0017bus.sys [13-02-2010 13:38 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\System32\drivers\s0017mdfl.sys [13-02-2010 13:38 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\System32\drivers\s0017mdm.sys [13-02-2010 13:38 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0017mgmt.sys [13-02-2010 13:38 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\System32\drivers\s0017nd5.sys [13-02-2010 13:38 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\System32\drivers\s0017obex.sys [13-02-2010 13:38 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\System32\drivers\s0017unic.sys [13-02-2010 13:38 109736]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs    REG_MULTI_SZ      BthServ
HPZ12    REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
HPService    REG_MULTI_SZ      HPSLPSVC
hpdevmgmt    REG_MULTI_SZ      hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation    REG_MULTI_SZ      FontCache
.
Indhold af mappen 'Planlagte Opgaver'

2010-02-27 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-09 20:50]

2010-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-21 21:25]

2010-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-21 21:25]

2010-02-22 c:\windows\Tasks\Norton Internet Security - Kør Fuld systemskanning - Peter.job
- c:\program files\Norton Internet Security\Engine\17.5.0.127\navw32.exe [2010-02-08 06:08]

2010-02-27 c:\windows\Tasks\WebReg Photosmart C7200 series.job
- c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2007-10-14 18:40]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.dk/ig/dell?hl=da&client=dell-row&channel=dk&ibd=5080610
IE: Google Sidewiki ... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
LSP: c:\windows\system32\wpclsp.dll
Trusted Zone: danid.dk
Trusted Zone: danskebank.dk
Trusted Zone: himmerland.dk\www
Trusted Zone: portalbank.dk\www
Trusted Zone: sparhim.dk\www
Trusted Zone: testby.dk\www
DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.himmerland.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab
DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-27 20:06
Windows 6.0.6002 Service Pack 2 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x85CB0170]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x8bda1d24
\Driver\ACPI -> acpi.sys @ 0x80693d68
\Driver\atapi -> ataport.SYS @ 0x82d72a2c
\Driver\iaStor -> iastor.sys @ 0x82cb1c1a
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.5.0.127\diMaster.dll\" /prefetch:1"
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'Explorer.exe'(3208)
c:\windows\system32\btncopy.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\windows\system32\drivers\CDAC11BA.EXE
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\conime.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Gennemført tid: 2010-02-27  20:18:28 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2010-02-27 19:18

Pre-Kørsel: 54.255.255.552 byte ledig
Post-Kørsel: 56.304.033.792 byte ledig

- - End Of File - - 52FE416C89091657FA0472725FBB14CF

Nu har jeg kun lige skimmet din log, men jeg har 2 spørgsmål.
Er den pre-installeret og har du en installations DVD?
Bruger du nogen form for CD-emulerings software?

Den er pre-installeret.
Jeg har ingen installations DVD.
Der er på den et recovery drev, med et image af den oprindelige installation.

Jeg bruger ikke CD-emulering ( a'la "Alcohol 120").

I IE8 er det kun www.google.dk der konsekvent ikke vil åbne.
Det sker dog ind i mellem at IE8 generelt medler "uventet fejl, lukker og genstarter:

Den er nu begyndt at klage over at HP monitoríng SW ikke vil virke ( HP PSC C7280).

Der er også kommet fejl på Roxio brænder SW. Jeg har opdateret med nyeste patch fra Roxio.

Jeg ved ikke det er nødvendigt med en reinstallation, eller er er en vej gennem dette problem?

Jeg har taget backup af alle data.

Jeg kan godt prøve at rense den, men med den type infektion du har, ville jeg, hvis det var min pc, helt klart køre et image ind.
Det er sandsynligvis både hurtigere og sikrere.
Iøvrigt. Det der slår mig er dette:

OK, jeg kører image ind.

Jeg siger tak for hjælpen.
Så håber jeg, at jeg får en ren og frisk computer....