Formentlig blevet ramt af en keylogger

Det eneste der lige springer i øjnene er denne:
C:\Users\Andy\AppData\Local\Temp\25408912.txt
Prøv at finde og dobbeltklikke på 25408912.txt
Kopier teksten herind.

Efterfølgende henter du Malwarebytes Anti-Malware herfra:
http://www.besttechie.net/tools/mbam-setup.exe
Eller herfra ->
http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html


Installer programmet - når det er gjort skal du lade programmet opdatere sig. Herefter åbner et vindue, hvor du skal flytte prikken til "Kør et fuldstændigt systemscan" - klik på Skan Knappen - lad programmet arbejde. Når det er færdig (det tager lidt tid afhængig af hvor meget du har på computeren).

Derefter - Tryk på "Vis resultater" knappen efter scanningen - og herefter tryk på "Fjern det valgte" - nu åbnes log'en og du skal gemme den et sted, hvor du kan finde den igen.

Kopier indholdet herind og fortæl hvordan computeren kører nu ?

jeg har nu kopieret teksten fra den fil (C:\Users\Andy\AppData\Local\Temp\25408912.txt)og ved ikke helt hvor meget du kan få ud af den som den ser ud med bogstaver og det.

MZ     ÿÿ  ¸      @                                  è  º ´    Í!¸
LÍ!This program cannot be run in DOS mode.$      ËjÔ͏ºžºžºžô¶ž‹ºž´žºžà°ž‹ºžà¾žºžºžŒºž»ž¼ºží©žˆºž¹-±ž‡ºžp+¾žŽºžRichºž        PE  L
 ƒ
OL        à !
  *        *8    @                       p                              E  ?  A  x                            `                                                    @  Р                         .text  Ð(    *                  `.rdata  ?  @    .              @  @.data  Œ  P    4              @  À.reloc  Ü  `    6              @  B                                                                                                                                                                                                                                                                                                                                                                                                U‹ìSVW‹u‹}‹]‹U…ÛtŠŠÒȈFGKJ…Òuì‹U‹}ëä_^[]ÃU‹ìì,
  ‹ESV3ÛW‰ÆEèGÆEéeÆEêtÆEëMÆEìoÆEídÆEîuÆEïlÆEðeÆEñFÆEòiÆEólÆEôeÆEõNÆEöaÆE÷mÆEøeÆEùAˆ]úèu%  è-$  ‹ðè'#  ;Ä;
  MèQPÿÖ;Ä,
  Ôþÿÿh
  QÿuÿÐSSjSj
…Ôþÿÿh  €PÿXU ‹øƒÿÿ„÷  ‹5@ jSjüWÿ֍EÜSPEØjPWÿ\U }ØüýþÿtWÿ@ é  jSjøWÿ֍EÜSPEüjPWÿ\U SWÿ @ ‹Mü;ÈwËjS÷ÙQWÿÖ‹EüƒÀøPÿp@ ;ÃY‰Eàt­MÜSQ‹MüƒÁøQPWÿ\U ‹Eü¾  ƒÀø3ҋΉ]ä÷ñ…À~9‹Eà‰EhP èx%  PhP VÿuèKþÿÿ‹Eü3ÒƒÀø‹Î÷ñ
uƒÄÿEä9Eä|ÍWÿ@ Vÿp@ ;ÃY‰Eu3ÀëY‹Eü3ÒƒÀø‹þ÷÷3É‹ø;û~0‹Eà‹ÐŠ]:t    AÖ;Ï|òëiɁ  Š
È‹EAQˆ@Pèí$  YYÿuàÿd@ ‹EY‹Mj
‰X_^[ÉÃU‹ìÿESV‹5x@ Wt#‹EÿuPÿÖ‹ØY…ÛYt:ÿuè­$  ÃÿMYuâë‹]ÿuè˜$  …ÀY‰Etÿu<WÿÖY…ÀYtƒ} 3Àë
‹M+E‰9+Ã_^[]ÃU‹ìƒì(SEìW3ÛPÆEØWÆEÙiÆEÚdÆEÛeÆEÜCÆEÝhÆEÞaÆEßrÆEàTÆEáoÆEâMÆEãuÆEälÆEåtÆEæiÆEçBÆEèyÆEétÆEêeˆ]ëÆEìkÆEíeÆEîrÆEïnÆEðeÆEñlÆEò3ÆEó2ÆEô.ÆEõdÆEölÆE÷lˆ]øÿ@ ‹ø;ûu3Àë?EØVPWÿ@ SSSSjÿ‰EüÿuSSÿЋðƒþ
~SSVÿujÿÿuSSÿUü‹ðWÿ@ ‹Æ^_[É U‹ìì  ‹ESVW‹p‹xƒþ‚¬  þ€  ‡   6PWÿ @ …À…  3Ûh
  …üýÿÿSPèJ#  V…üýÿÿWPÿŒ@ ƒÄ3À½ýþÿÿˆüþÿÿj@Yó«f«ª…üýÿÿP…üþÿÿPèþÿÿ…üþÿÿPèë"  ƒøYr,…üþÿÿjPh¤Q ÿ€@ ƒÄèU  SSShl SSÿ`U _^[É U‹ìì  ƒeì EìjEPÿ5$T è©ûÿÿƒÄƒ}ì uj
X造 €¥ìûÿÿ W¹ÿ  3À½íûÿÿ€eü ó«f«ªh$R Eðh¤Q P…ìûÿÿÆEð?PÆEñuÆEòsÆEó=ÆEô%ÆEõsÆEö&ÆE÷pÆEøsÆEù=ÆEú%ÆEûsÿ„@ …ìûÿÿP‹Eì@Pèç  ƒÄ3À_É U‹ìì
  ‹EVW‹p‹xþ€  wD6PWÿ @ …Àu5h
  P… ÿÿÿPèÚ!  V… ÿÿÿWPÿŒ@ ƒÄ… ÿÿÿPh$R è7ýÿÿ_^É `œRèþÿÿaÿ%˜Q `œVè‚ÿÿÿa>‹V>Lÿ% Q U‹ìjÿhÐ@ h07 d¡    Pd‰%    ƒìXSVW‰eè3Ûˆ]à3À}᫉]؉]Љ]üè  ‰E¤èÓ  ‰E ÆE¨KÆE©eÆEªrÆE«nÆE¬eÆE­lÆE®3ÆE¯2ÆE°.ÆE±dÆE²lÆE³lˆ]´ÆE¸VÆE¹iÆEºrÆE»tÆE¼uÆE½aÆE¾lÆE¿PÆEÀrÆEÁoÆEÂtÆEÃeÆEÄcÆEÅtˆ]ƍE¨PÿU¤‰EÈ;Ä
  M¸QPÿU ‹ø‰}Ìj^VhP ÿ5"Q 裠 ƒÄ…ÀuaÆEà踅 +"Q +ƉEÜjEÜPEáPèa  ƒÄEØPj@Vÿ5"Q ÿ׍EÔPVEàPÿ5"Q ÿ@ PÿhU EÐPÿuØVÿ5"Q ÿ×j[ShP ÿ5œQ è'  ƒÄ…ÀuiÆE˜é¸• +œQ +ƉEÜjEÜPE™Pèå  ƒÄÆEÆEžEØPj@Sÿ5œQ ÿ׍EÔPSE˜Pÿ5œQ ÿ@ PÿhU EÐPÿuØSÿ5œQ ÿ×ÿuÈÿ@ ëj
XËeèƒMüÿ‹Mðd‰
    _^[ÉÃU‹ìjÿhà@ h07 d¡    Pd‰%    ƒìDSVW‰eè3ö‰uä‰u܉uüè+  ‰E°èà  ‰E¬ÆE´KÆEµeÆE¶rÆE·nÆE¸eÆE¹lÆEº3ÆE»2ÆE¼.ÆE½dÆE¾lÆE¿l€eÀ ÆEÄVÆEÅiÆEÆrÆEÇtÆEÈuÆEÉaÆEÊlÆEËPÆEÌrÆEÍoÆEÎtÆEÏeÆEÐcÆEÑt€eÒ E´PÿU°‹Ø‰]Ô;Þ„™  EÄPSÿU¬‹ø‰}؍EäPj@jÿ5"Q ÿ׍EàPjhP ÿ5"Q ‹5@ ÿÖPÿhU EÜPÿuäjÿ5"Q ÿ׍EäPj@jÿ5œQ ÿ׍EàPjhP ÿ5œQ ÿÖPÿhU EÜPÿuäjÿ5œQ ÿ×Sÿ@ ëj
XËeèƒMüÿ‹Mðd‰
    _^[ÉÃ3ÀPPPh. PPÿ`U ÃU‹ìƒì€eü €eð VÆEôbÆEõlÆEöuÆE÷eÆEø.ÆEùdÆEúlÆEûlÆEäpÆEåyÆEætÆEçhÆEèoÆEénÆEê2ÆEë5ÆEì.ÆEídÆEîlÆEïlEôPÿlU ‹ðEäPÿlU …öt…Àu
hô
  ÿ@ ëՍŽ‘ Æ  ‰
"Q ˆ›þ ¢þ ‰5˜Q ‰
œQ £ Q èÃûÿÿ3À^É Vj j¾
  àj
Vÿ(@ Vÿ@ Pÿ$@ ^ÃU‹ììœ
  SV¾ˆ  W3ÛV…hÿÿÿSPè   j…hÿÿÿhÐR Pÿ€@ EèPÿœ@ ‹EƒÄ‰Eì3Àj@½eþÿÿYˆdþÿÿó«f«ª…dþÿÿÆEôtPh
  ÆEõtÆEöcÆE÷eÆEørÆEùgÆEú.ÆEûtÆEüxÆEýtˆ]þÿpU EôP…dþÿÿPè‚  Y…dþÿÿYSSjSj
h  ÀPÿXU ‹øƒÿÿt'EðSP…hÿÿÿVPWÿdU Wÿ,@ Wÿ@ èéþÿÿ_^[ÉÃU‹ììP  SVWEÐjDPÿ5$T 3Û‰]ÐèõÿÿƒÄ9]Є٠ ÆEìcÆEíoÆEînÆEïnÆEðeÆEñcÆEòtˆ]óÆEôsÆEõeÆEönÆE÷dˆ]øÆEÔcÆEÕlÆEÖoÆE×sÆEØeÆEÙsÆEÚoÆEÛcÆEÜkÆEÝeÆEÞtˆ]ßÆEàWÆEásÆEâ2ÆEã_ÆEä3ÆEå2ÆEæ.ÆEçdÆEèlÆEélˆ]êè>  ‹ðèô  ‹øEàPÿÖ‹ð;ót3EìPVÿ׉EȍEôPVÿ׉E̍EÔPVÿ×jj
j‰EÄè  ‹ðƒþÿ‰uüuj
XéŸ
  ‹EÐfÇE´ @Pèß  h6  ‰E¸èÌ  f‰E¶E´jPVÿUȃøÿu(hô
  Cÿ@ E´jPVÿUȃøÿuƒû|àj
[é?
  ¹ÿ  3À½±úÿÿ‹5€@ ó«f«ªh€  …²úÿÿhÐR PÆ…°úÿÿCÆ…±úÿÿUÿÖj@…2ûÿÿhPS PÿÖj…rûÿÿhT PÿÖj@…yûÿÿhÐS PÿÖj …¹ûÿÿh¤R PÿÖ T j ˆ…Ùûÿÿ…Úûÿÿh,T PÿÖƒÄH¾   …°úÿÿ3ÿSVPÿuüÿŨøÿu*hô
  Gÿ@ S…°úÿÿVPÿuüÿŨøÿu
ƒÿ|Ûéÿÿÿ8]t^j@3ÀY½±þÿÿˆ°þÿÿSó«f«ª…°þÿÿh
  Pÿuüè  ;Ã~/€½°þÿÿSuÈ€½±þÿÿUu¿…²þÿÿjPEPè{  ÿuèdüÿÿƒÄÿuüÿUÄ‹Ã_^[ÉÊD$þT 8T s¢T ¶T ;T u S3ÛˆT è(  SSj
h
 SSÿ`U [ U‹ìì,  SEÔjWPÿ5$T 3ÛÆEØ?ÆEÙaÆEÚ1ÆEÛ=ÆEÜ%ÆEÝsÆEÞ&ÆEßaÆEà2ÆEá=ÆEâ%ÆEãsÆEä&ÆEåaÆEæ3ÆEç=ÆEè%ÆEédÆEê&ÆEëaÆEì5ÆEí=ÆEî%ÆEïsÆEð&ÆEñaÆEò4ÆEó=ÆEô%ÆEõsÆEö&ÆE÷aÆEø6ÆEù=ÆEú%ÆEûsˆ]ü‰]ÔèvñÿÿƒÄ9]Ôuj
Xëè  8 T tj
ˆ T è*üÿÿYë`W¹ÿ  3À½ÕûÿÿˆÔûÿÿh,T ó«f«ª¶T h¤R hÐS PhPS EØhÐR P…ÔûÿÿPÿ„@ …ÔûÿÿP‹EÔ@Pè¹  ƒÄ(_3À[É U‹ìì
  €eþ h
  …ìþÿÿj PÆEðWÆEñTÆEòFÆEó\ÆEôCÆEõoÆEönÆE÷fÆEøiÆEùgÆEú.ÆEûwÆEütÆEýf萠 …ìþÿÿhLT Pèa  …ìþÿÿj\Pÿ @ €`
EðP…ìþÿÿPèh  …ìþÿÿPè  ƒÄ(ÉÃU‹ì¸<  èX  S3ÛWSh€  jSj
h  €ÆEôrÿuÆEõeÆEöaÆE÷lÆEømÆEùNÆEúaÆEûmÆEüeÆEý ÆEþ"ˆ]ÿÿXU ‹øƒÿÿu3Àéµ  VSWÿ @ ;þ   w;ƃ‘  V…ÄïÿÿSPè¼  ƒÄEìSP…ÄïÿÿVPWÿ\U …ÀthSEôhlP P…ÄïÿÿPEPè˜ñÿÿƒÄ;ÉEð~D9]t?j(EÄSPèl  j(¾¤R SVè^  ÿuðEÄÿuPè=  EÄPVè'  j'Vÿ¤@ ƒÄ4Wÿ@ 3À^_[ÉÃU‹ìƒì$€eæ €eð VWÆEÜMÆEÝSÆEÞVÆEßCÆEàRÆEáTÆEâ.ÆEãDÆEäLÆEåLÆEèdÆEéiÆEêfÆEëfÆEìtÆEíiÆEîmÆEïe裠 ‹ðèY  ‹øEÜPÿÖ…Àt8MèQPÿ׉EøEüPÿœ@ ÿuÿuüÿUø‹Eƒeø ‰EôƒÄßmôÞÙßàžv°
ë2À_^ÉÃU‹ììœ
  SVWj@3ÛY3À½eþÿÿˆdþÿÿÆEô\ó«f«ª…dþÿÿÆEõtPh
  ÆEötÆE÷cÆEøeÆEùrÆEúgÆEû.ÆEütÆEýxÆEþtˆ]ÿÿpU EôP…dþÿÿPè  Y…dþÿÿYSSjSSh  €PÿXU ‹ðƒþÿtuEðSP…hÿÿÿhˆ  PVÿ\U Vÿ@ ‹5T@ …hÿÿÿPÿÖ¿ÐR Wÿ֍…hÿÿÿWP蘠 ƒÄ…Àu+ÿuìÿuèègþÿÿY„ÀYt¡<P SSShÉ" SS£ÌR ÿ`U _^[ÉÃj è>øÿÿY3À jÆ T 
ÿt$hT ÿ€@ ¡8P ƒÄ£ÌR è¹þÿÿ ÿt$hÐR è  ÿt$hPS èù  ƒÄ j?ÿt$hÐS ÿ€@ ƒÄ œ`6EÀPèÝÿÿÿa>‹NƒÄ$ÿ%(P œ`‹
HP ‹    ‰
T ÿ°€
  èOúÿÿaV‹ð>Fÿ%DP œ`ÿuÿuèuÿÿÿa6 ûÿÿÿ%0P œ`Rè1ÿÿÿa‹€¨  ÿ%ÌR U‹ìjÿhð@ h07 d¡    Pd‰%    ƒì(SVW‰eè3Û‰]؉]Љ]üj^Vÿ5$P hTP èD  ƒÄ…ÀusVSEÈPè,  ÆEÈhÇEÜ<# jEÜPEÉPè   ƒÄÆEÍÍEØPj@Vÿ5$P ÿ(T EÔPVEÈPÿ5$P ‹=@ ÿ×PÿhU EÐPÿuØVÿ5$P ÿ(T ë‹=@ Vÿ5,P hLP è³  ƒÄ…ÀukVSEÈPè›  ÆEÈhÆEÍÃÇE܁# jEÜPEÉPèk  ƒÄEØPj@Vÿ5,P ÿ(T EÔPVEÈPÿ5,P ÿ×PÿhU EÐPÿuØVÿ5,P ÿ(T Vÿ5@P h\P è0  ƒÄ…ÀukVSEÈPè  ÆEÈhÆEÍÃÇEÜW# jEÜPEÉPèè  ƒÄEØPj@Vÿ5@P ÿ(T EÔPVEÈPÿ5@P ÿ×PÿhU EÐPÿuØVÿ5@P ÿ(T Vÿ54P hdP è­  ƒÄ…ÀutVSEÈPè•  ÆEÈhÆEÍÃÇEܝ# jEÜPEÉPèe  ƒÄEØPj@Vÿ54P ÿ(T EÔPVEÈPÿ54P ÿ×PÿhU EÐPÿuØVÿ54P ÿ(T ëj
XËeèƒMüÿ‹Mðd‰
    _^[ÉÃU‹ìjÿh A h07 d¡    Pd‰%    ƒìSVW‰eè3À‰Eä‰E܉EüEäPj@[Sj_Wÿ5$P ÿ(T EàPWhTP ÿ5$P ‹5@ ÿÖPÿhU EÜPÿuäWÿ5$P ÿ(T EäPSWÿ5,P ÿ(T EàPWhLP ÿ5,P ÿÖPÿhU EÜPÿuäWÿ5,P ÿ(T EäPSWÿ5@P ÿ(T EàPWh\P ÿ5@P ÿÖPÿhU EÜPÿuäWÿ5@P ÿ(T EäPSWÿ54P ÿ(T WhdP ÿ54P èê  ƒÄEÜPÿuäWÿ54P ÿ(T ëj
XËeèƒMüÿ‹Mðd‰
    _^[ÉÃU‹ìì¤  SV3ÛWÆE¤RÆE¥eÆE¦gÆE§CÆE¨rÆE©eÆEªaÆE«tÆE¬eÆE­KÆE®eÆE¯yÆE°EÆE±xÆE²Aˆ]³ÆE´RÆEµeÆE¶gÆE·SÆE¸eÆE¹tÆEºVÆE»aÆE¼lÆE½uÆE¾eÆE¿EÆEÀxÆEÁAˆ]ÂÆEäRÆEåeÆEægÆEçCÆEèlÆEéoÆEêsÆEëeÆEìKÆEíeÆEîyˆ]ïèâ
  ‹ðè˜  ‹øEÔPÆEÔAÆEÕdÆEÖvÆE×aÆEØpÆEÙiÆEÚ3ÆEÛ2ÆEÜ.ÆEÝdÆEÞlÆEßlˆ]àÿÖ‹ð;ó„Y  E¤PVÿ׉…hÿÿÿE´PVÿ׉…lÿÿÿEäPVÿ×9hÿÿÿ‰…pÿÿÿ„&  9lÿÿÿ„  ;Ä  j@3ÀY½aþÿÿˆ`þÿÿj@ó«f«ªY3À½]ýÿÿˆ\ýÿÿó«f«ª…\ýÿÿh
  PÆEðCÿ5$T ÆEñoÆEònÆEófÆEôiÆEõgÆEöuÆE÷rÆEøiÆEùnÆEúgˆ]ûÆEÄrÆEÅuÆEÆnÆEÇdÆEÈlÆEÉlÆEÊ3ÆEË2ÆEÌ.ÆEÍeÆEÎxÆEÏeˆ]Ðÿ0@ …\ýÿÿPEÄP…`þÿÿhpP Pÿ„@ ƒÄÆ…tÿÿÿSÆ…uÿÿÿOÆ…vÿÿÿFÆ…wÿÿÿTÆ…xÿÿÿWÆ…yÿÿÿAÆ…zÿÿÿRÆ…{ÿÿÿEÆ…|ÿÿÿ\Æ…}ÿÿÿMÆ…~ÿÿÿiÆ…ÿÿÿcÆE€rÆEoÆE‚sÆEƒoÆE„fÆE…tÆE†\ÆE‡WÆEˆiÆE‰nÆEŠdÆE‹oÆEŒwÆEs…dÿÿÿÆEŽ\PEüPSh  SS…tÿÿÿSPh
  €ÆECÆEuÆE‘rÆE'rÆE"eÆE"nÆE•tÆE-VÆE—eÆE˜rÆE™sÆEšiÆE›oÆEœnÆE\ÆEžRÆEŸuÆE nˆ]¡ÿ•hÿÿÿ…Àtÿuüë-…`þÿÿPè†  Y@P…`þÿÿPj
EðSPÿuüÿ•lÿÿÿÿuü…Àtÿ•pÿÿÿë
ÿ•pÿÿÿVÿ@ _^[ÉÃU‹ìƒìVWè+  ‹ðèá      €eþ ‹øEôÆEôuPÆEõsÆEöeÆE÷rÆEø3ÆEù2ÆEú.ÆEûdÆEülÆEýlÿÖ‹ð…ötI€eò EäPVÆEäCÆEåaÆEælÆEçlÆEèNÆEéeÆEêxÆEëtÆEìHÆEíoÆEîoÆEïkÆEðEÆEñxÿ׋ø…ÿuj
Xë!èùûÿÿÿuÿuÿuÿ5tU ÿ×V‹øÿ@ ‹Ç_^ÉÂ U‹ìƒìTSVWèg
  ‹ðè      ‹øEð3ÛPÆEðuÆEñsÆEòeÆEórÆEô3ÆEõ2ÆEö.ÆE÷dÆEølÆEùlˆ]úÿÖ‹ð;ó„9
  EÜÆEÜSPVÆEÝeÆEÞtÆEßWÆEàiÆEánÆEâdÆEãoÆEäwÆEåsÆEæHÆEçoÆEèoÆEékÆEêEÆEëxÆEìAˆ]íÆEÈUÆEÉnÆEÊhÆEËoÆEÌoÆEÍkÆEÎWÆEÏiÆEÐnÆEÑdÆEÒoÆEÓwÆEÔsÆEÕHÆEÖoÆE×oÆEØkÆEÙEÆEÚxˆ]Ûÿ׋ø;û„'  EÈPVÿ@ S‰Eüÿ5$T hÓ* jÿ×V£tU ÿ@ SSÿ@@ hxP SSSÿ<@ ‹ð;ótLÿ8@ =·  t?SSSE¬SPÿ¬@ …Àtƒ}°t hè  Vÿ4@ …Àtè\úÿÿëÑÿ5tU ÿUüVÿ@ _^[É U‹ììР SV3ÛWÆEèVÆEéiÆEêsÆEëtÆEìaˆ]íÆEðWÆEñiÆEònÆEóXÆEôPˆ]õÆEøWÆEùiÆEúnÆEû7ˆ]üÆEÈGÆEÉeÆEÊtÆEËVÆEÌeÆEÍrÆEÎsÆEÏiÆEÐoÆEÑnÆEÒEÆEÓxÆEÔAˆ]ÕÆEØkÆEÙeÆEÚrÆEÛnÆEÜeÆEÝlÆEÞ3ÆEß2ÆEà.ÆEádÆEâlÆEãlˆ]äè#  ‹ðèÙ  ‹øEØPÿÖ‹ð;ótsEÈPVÿ×;ÉEÄte¿"  …0ÿÿÿWSPè      ƒÄ…0ÿÿÿ‰½0ÿÿÿPÿUÄ…Àt;ƒ½4ÿÿÿu98ÿÿÿuEè냽8ÿÿÿ
uEøëEðPh,T è±  YYVÿ@ _^[ÉÃU‹ìì   2ÀVWÆEÌCÆEÍrÆEÎeÆEÏaÆEÐtÆEÑeÆEÒTÆEÓhÆEÔrÆEÕeÆEÖaÆE×dˆEØÆEôRÆEõeÆEöaÆE÷dÆEøFÆEùiÆEúlÆEûeˆEüÆEœVÆEiÆEžrÆEŸtÆE uÆE¡aÆE¢lÆE£PÆE¤rÆE¥oÆE¦tÆE§eÆE¨cÆE©tˆEªÆ…tÿÿÿWÆ…uÿÿÿrÆ…vÿÿÿiÆ…wÿÿÿtÆ…xÿÿÿeÆ…yÿÿÿPÆ…zÿÿÿrÆ…{ÿÿÿoÆ…|ÿÿÿcÆ…}ÿÿÿeÆ…~ÿÿÿsÆ…ÿÿÿsÆE€MÆEeÆE‚mÆEƒoÆE„rÆE…yˆE†ÆEèWÆEérÆEêiÆEëtÆEìeÆEíFÆEîiÆEïlÆEðeˆEñÆE¬GÆE­eÆE®tÆE¯TÆE°eÆE±mÆE²pÆE³PÆE´aÆEµtÆE¶hÆE·AˆE¸ÆE¼kÆE½eÆE¾rÆE¿nÆEÀeÆEÁlÆEÂ3ÆEÃ2ÆEÄ.ÆEÅdÆEÆlÆEÇlˆEÈÆ…`ÿÿÿGÆ…aÿÿÿeÆ…bÿÿÿtÆ…cÿÿÿSÆ…dÿÿÿyÆ…eÿÿÿsÆ…fÿÿÿtÆ…gÿÿÿeÆ…hÿÿÿmÆ…iÿÿÿDÆ…jÿÿÿiÆ…kÿÿÿrÆ…lÿÿÿeÆ…mÿÿÿcÆ…nÿÿÿtÆ…oÿÿÿoÆ…pÿÿÿrÆ…qÿÿÿyÆ…rÿÿÿAˆ…sÿÿÿÆEÜCÆEÝrÆEÞeÆEßaÆEàtÆEáeÆEâFÆEãiÆEälÆEåeÆEæAˆEçÆEˆGÆE‰eÆEŠtÆE‹MÆEŒoÆEdÆEŽuÆElÆEeÆE‘HÆE'aÆE"nÆE"dÆE•lÆE-eÆE—AˆE˜èú  ‹øè°  ‹ðE¼Pÿ׋ø…`ÿÿÿPWÿÖ£TU EÌPWÿÖ£`U EÜPWÿÖ£XU EôPWÿÖ£\U EèPWÿÖ£dU EœPWÿÖ£(T …tÿÿÿPWÿÖ£hU EˆPWÿÖ£lU E¬PWÿÖ_£pU ^ÉÃU‹ìì
  ‹Eƒè „Ç  H…Å  ‹EVW£$T ègûÿÿ…èþÿÿh
  Pj ÿ0@ …èþÿÿ¾LT PVè/  VÿP@ €eÿ ÆEøWÆEùOÆEúWÆEû.ÆEüEÆEýXÆEþEè`üÿÿ‹=x@ EøPVÿ׃Ä…Àtè…ñÿÿ€e÷ EìPVÆEìEÆEíXÆEîEÆEïFÆEðIÆEñLÆEòEÆEó.ÆEôEÆEõXÆEöEÿ×YY_…À^tè©æÿÿëèôôÿÿj
XÉÂ U‹ìjÿhA h07 d¡    Pd‰%    ƒìPSVWÿuÿD@ ÆE¸IÆE¹nÆEºtÆE»eÆE¼rÆE½nÆE¾eÆE¿tÆEÀOÆEÁpÆEÂeÆEÃnÆEÄUÆEÅrÆEÆlÆEÇA3Ûˆ]ÈÆE IÆE¡nÆE¢tÆE£eÆE¤rÆE¥nÆE¦eÆE§tÆE¨CÆE©lÆEªoÆE«sÆE¬eÆE­HÆE®aÆE¯nÆE°dÆE±lÆE²eˆ]³ÆEÜWÆEÝiÆEÞnÆEßiÆEànÆEáeÆEâtÆEã.ÆEädÆEålÆEælˆ]çEÜPÿ@ ‰EÐ;Ãt9M¸QP‹5@ ÿÖ‹ø;ût&E PÿuÐÿÖ‰EØ;ÃtSSSSh¤P ÿ´@ ‰EÌ;Ãu3Àë ‰]üSh  €SSÿuPÿ׉EÔƒMüÿè  j
X‹Mðd‰
    _^[ÉÃÿuÌÿUØÿuÐÿ@ ÃU‹ìì  ÿu…øýÿÿPè  ÿu…øýÿÿPè  …øýÿÿPèQþÿÿƒÄÉÃU‹ìƒì VW3ÿfÇEàk ‰}üfÇEâe fÇEär fÇEæn fÇEèe fÇEêl fÇEì3 fÇEî2 fÇEð. fÇEòd fÇEôl fÇEöl f‰}ød¡0  ‰Eü‹Eü‹p‹FƒÆ;ÆtxðEàPÿw0ÿL@ Y…ÀYt‹Gëá‹G_^ÉÃU‹ìƒì0S3ÉVW‰MüÆEìGÆEíeÆEîtÆEïPÆEðrÆEñoÆEòcÆEóAÆEôdÆEõdÆEörÆE÷eÆEøsÆEùsˆMúfÇEÐk fÇEÒe fÇEÔr fÇEÖn fÇEØe fÇEÚl fÇEÜ3 fÇEÞ2 fÇEà. fÇEâd fÇEäl fÇEæl f‰Mèd¡0  ‰Eü‹Eü‹p‹FƒÆ3ÿ;ÆtxðEÐPÿw0ÿL@ Y…ÀYt‹Gëá‹O]ìS‹A<‹DxÁ‹x‹P‹p ‹@$ÁñWÑPVRQè  _^[ÉÃU‹ìVW3ÿ9}v!‹u‹ÿuEPÿX@ Y…ÀYtGƒÆ;}râ3À_^] ‹E‹M·x‹EëèU‹ìƒì0S3ÉVW‰MüÆEìLÆEíoÆEîaÆEïdÆEðLÆEñiÆEòbÆEórÆEôaÆEõrÆEöyÆE÷AˆMøfÇEÐk fÇEÒe fÇEÔr fÇEÖn fÇEØe fÇEÚl fÇEÜ3 fÇEÞ2 fÇEà. fÇEâd fÇEäl fÇEæl f‰Mèd¡0  ‰Eü‹Eü‹p‹FƒÆ3ÿ;ÆtxðEÐPÿw0ÿL@ Y…ÀYt‹Gëá‹O]ìS‹A<‹DxÁ‹x‹P‹p ‹@$ÁñWÑPVRQèÊþÿÿ_^[ÉÃÌÿ%Ä@ ÿ%À@ ÿ%¼@ ÿ%È@ ÿ%h@ ÿ%l@ ÿ%t@ ÿ%|@ ÿ%ˆ@ ÿ%@ ÿ%"@ ÿ%˜@ ÌÌÌÌÌÌÌÌQ=   L$ré   -   …
=   sì+È‹Ä…
‹á‹‹@PËD$…Àu9xU ~.ÿ
xU ‹
\@ ƒø
‹    ‰
|U u?h€  ÿp@ …ÀY£„U u3Àëfƒ  ¡„U hP h P £€U èë  ÿxU YYë=…Àu9¡„U …Àt0‹
€U Vqü;ðr‹…ÉtÿÑ¡„U ƒîëêPÿd@ ƒ%„U  Y^j
XÂ U‹ìS‹]V‹uW‹}…öu    ƒ=xU  ë&ƒþ
tƒþu"¡ˆU …Àt    WVSÿÐ…ÀtWVSèÿÿÿ…Àu3ÀëNWVSèùÿÿƒþ
‰Eu…Àu7WPSèñþÿÿ…ötƒþu&WVSèàþÿÿ…Àu!Eƒ} t¡ˆU …ÀtWVSÿЉE‹E_^[]Â Ìÿ%`@ ÌÌ                                                                                                                                                                                                                                                                                                                dB  rB  €B  'B   B  ²B  ÂB  ÖB  ÞB  îB  C  C  (C  >C  TC  dC  tC  "C      èD  ÞD  ÔD  ôD  ÄD  ¸D  üC  D  D  D  "D  ,D  6D  @D  JD  TD  hD  rD  |D  †D  D  ˜D  ¢D      àC      ÄC        €      €  €  €    ÿÿÿÿ "     ÿÿÿÿ
      ÿÿÿÿ& &     ÿÿÿÿS' W'     ÿÿÿÿ    ì3 "A          ªC  @  PB          ¸C  ¼@  HB          ÔC  ´@  @B          ðC  ¬@  àA          ¬D  L@                      dB  rB  €B  'B   B  ²B  ÂB  ÖB  ÞB  îB  C  C  (C  >C  TC  dC  tC  "C      èD  ÞD  ÔD  ôD  ÄD  ¸D  üC  D  D  D  "D  ,D  6D  @D  JD  TD  hD  rD  |D  †D  D  ˜D  ¢D      àC      ÄC        €      €  €  €    
GetFileSize  CloseHandle jSetFilePointer  ´ FreeLibrary >
GetProcAddress  Â
LoadLibraryA  ÷ GetCurrentProcess -Sleep µ
IsBadReadPtr  žTerminateProcess  RaiseException  ª FlushFileBuffers  $
GetModuleFileNameA  ÎWaitForSingleObject 
GetLastError  1 CreateEventA  zSetProcessShutdownParameters  õ
OutputDebugStringA  KERNEL32.dll  WS2_32.dll  o InternetOpenA WININET.dll Ü
PeekMessageA  USER32.dll  ^free  ºstrcpy  ¾strlen  ‘malloc  —memcpy  Åstrstr  ¸strcmp  Ástrncpy ²sprintf Ê _except_handler3  éwcsncpy ™memset  -memcmp  ¶strcat  Ðtime  Ãstrrchr ·strchr  MSVCRT.dll  
_initterm  _adjust_fdiv  Ã
_strlwr Ë
_strupr ê
_wcsicmp  Á
_stricmp      ƒ
OL    2E 
 
 
  (E  ,E  0E  -+  =E    DllDog.dll W                                                                                                                                                                                                                  DSY èŠýÿÿ  ‹VL ÀmŒ ÆmŒ A,k G,k ²
k ¸
k »
k Í1N Ó1N <²¶  ûÿÿ  ‹NƒÄ$  V‹ðF  ‹€¨    "  %s %s,W Global\D91FD087-BAC2-4157-8327-37F1BDA361DB WinInet                                                                                                                                                                                                                                                                                                                                                        ô  ß0ð0
1191A1^1z11¨1Ò1Ù122Q2H3^3Ž3Ì3÷3C4I4Y4a44º4Â4 5B5g5v5‘5ª5´5¹5Š66¥6«6Ï6à6æ6í6û677!7'7S7d7j7q77Š7°7µ7†8"8™8Ÿ8¨8·8Ç8Ô8Ú8ã8ò8û8!9)9"9Ÿ9²9Æ9×9Ý9â9
:::?:F:P:¬:×:ò:ù: ;";U<„<™<·<Ç<×<ç<ï<=/=Ç=Í=Ô=Û=á=ì=ú=>>Ñ>Û>ü>?
??? ?.?­?Â?    
  @0W00š0Í0ö0 1‹12D2c2j2p2~2«2³2º2À2Ú2ä2ê2ï2÷233,323S3[3c3}3™3¯3¹3¾3ê3ï3444:4I4O4X4f4l4t4{4€4¦4Å4Ë4Ú4ã4ñ4÷4þ45)5H5N5]5f5t5z55†5¬5Ë5Ñ5à5é5÷5ý5#6(6\6b6l6r6x666•6¡6§6±6·6À6Î6Ô6à6æ6ð6ö6ÿ6
777%7+717G7M7ú8^9t9{9Ê:;Š;˜<¢<§<±<·<¿<Ä<Í<Ù<î<===^>l>  0  |  -191E1Q1]1i1x1„1‘1º1Ó1Þ1ì12†2‹2¨2u3‡3¨3®3÷3²4„5Þ5¿677777 7&7,72787>7D7‰7‘7—7¢7¯7·7Å7Ê7Ï7Ô7ß7ì7ö7888?8Q8­8Ê8 @    Ô0Ø0ä0è0ô0ø0111                                                                                                                                                                                                                                                                                                                                                                                  uCèGƒtòyd©\#râ‰h#qbyâ-ÜG«^w{îâæ                                                                                            CèGƒtòyd©\#râ‰h#qbyȶÒös^KÞæqÂ7ƒ                                                                                          TCèGƒtòyd©\#râ‰h#qbyôF#Êg+^w{îâæ                                                                                            D‘`SqdÉ\©fâ‰nS                                                                                                                  üýþÿ

Hvis jeg påstod at jeg blev meget klogere af det, så ville jeg lyve.

Har du kørt Malwarebytes?

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4368

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

31-07-2010 10:15:12
mbam-log-2010-07-31 (10-15-12).txt

Scan type: Full scan (C:\|D:\|F:\|)
Objects scanned: 268146
Time elapsed: 33 minute(s), 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


computeren kører som den hele tiden har kørt, den er lidt langsom men det plejer den at være efter en formatering. ved ikke om det kan have noget at gøre med den fil, men det jeg er bange for er om der er keylogger på.

mangler også at sige at den lige er blevet formateret efter jeg så alle de filer jeg ikke kendte men er blev hacked i mine spil efter formateringen derfor ville jeg være sikker på om der stadig kunne være en keylogger på. (formaterede ikke min ekstern harddisk)

Jeg kan ikke lide den .txt fil, nu har jeg bedt om lidt assistance, i mellemtiden:

Hent DDS og gem programmet på dit Skrivebord:

http://download.bleepingcomputer.com/sUBs/dds.scr (scr)
http://www.forospyware.com/sUBs/dds (pif)

Dobbeltklik på DDS.com/DDS.scr/DDS.pif og tillad programmet at køre. Når programmet er færdig vil det åbne to logs/tekst-filer. Gem begge filer på dit Skrivebord og kopier indholdet af DDS.txt herind i dit næste indlæg.
Vi er indledningsvist IKKE interesseret i at se nr. 2 log (Attach.txt).

Bliver programmet blokeret af et beskyttelsesprogram, så deaktiver dette.

DDS (Ver_10-03-17.01) - NTFSX64 
Run by Andy at 14:24:42,51 on 31-07-2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium  6.1.7600.0.1252.45.1033.18.4095.2797 [GMT 2:00]

SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Users\Andy\AppData\Local\Apps\2.0\00OLKTNO.C93\OHJ7W8L1.MQA\curs..tion_eee711038731a406_0004.0000_172b37d8269e5e48\CurseClient.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Users\Andy\Downloads\dds.scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

mLocal Page = c:\windows\syswow64\blank.htm
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files (x86)\common files\mcafee\systemcore\ScriptSn.20100727225318.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
uRun: [Skype] "c:\program files (x86)\skype\\phone\Skype.exe" /nosplash /minimized
uRun: [DAEMON Tools Lite] "c:\program files (x86)\daemon tools lite\DTLite.exe" -autorun
uRun: [Sidebar] c:\program files (x86)\windows sidebar\sidebar.exe /autoRun
uRun: [Configuring] rundll32.exe c:\users\andy\appdata\local\temp\25408912.txt,W
uRun: [Sony Ericsson PC Companion] "c:\program files (x86)\sony ericsson\sony ericsson pc companion\PCCompanion.exe" /systray /nologon
uRun: [SpybotSD TeaTimer] c:\program files (x86)\spybot - search & destroy\TeaTimer.exe
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
StartupFolder: c:\users\andy\appdata\roaming\microsoft\windows\start menu\programs\startup\CurseClientStartup.ccip
StartupFolder: c:\users\andy\appdata\roaming\micros~1\windows\startm~1\programs\startup\yahoo!~1.lnk - c:\program files (x86)\yahoo!\widgets\YahooWidgets.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
Trusted Zone: danskebank.dk
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files (x86)\yahoo!\common\Yinsthelper.dll
DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\MSKAPB~1.DLL
BHO-X64:    McAfee Phishing Filter - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20100727225318.dll
BHO-X64:    scriptproxy - No File
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\x64\mcieplg.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\x64\mcieplg.dll
mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
Hosts: 127.0.0.1    www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\users\andy\appdata\roaming\mozilla\firefox\profiles\b1q6pkc7.default\
FF - component: c:\program files (x86)\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\program files (x86)\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npyaxmpb.dll
FF - plugin: c:\windows\syswow64\macromed\flash\NPSWF32.dll

---- FIREFOX POLICIES ----
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",  1600);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.proxy.type",                  5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size",  4096);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight",      2);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize",      1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",  25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",    5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-7-27 528616]
R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-7-27 279752]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-7-27 75288]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-7-27 355440]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-7-27 355440]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-7-27 355440]
R2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-7-27 355440]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-7-27 199032]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-7-27 244840]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-7-27 148520]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\spybot - search & destroy\SDWinSec.exe [2010-7-29 1153368]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-7-27 62416]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-7-27 189880]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-7-27 440688]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x64.sys [2009-9-28 395264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-7-27 93840]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2010-7-29 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2010-7-29 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2010-7-29 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2010-7-29 133160]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2010-7-29 34856]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2010-7-29 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2010-7-29 146472]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-28 1255736]

=============== Created Last 30 ================

2010-07-30 17:08:53    0    d-----w-    c:\program files (x86)\Yahoo!
2010-07-29 22:18:19    0    d-----w-    c:\users\andy\appdata\roaming\Malwarebytes
2010-07-29 22:18:09    0    d-----w-    c:\program files (x86)\Trend Micro
2010-07-29 22:18:05    0    d-----w-    c:\programdata\Malwarebytes
2010-07-29 22:18:03    24664    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-07-29 22:18:03    0    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
2010-07-29 20:55:08    0    d-----w-    c:\programdata\Lavasoft
2010-07-29 20:55:08    0    d-----w-    c:\program files (x86)\Lavasoft
2010-07-29 20:54:56    0    d-----w-    c:\programdata\Spybot - Search & Destroy
2010-07-29 20:54:56    0    d-----w-    c:\program files (x86)\Spybot - Search & Destroy
2010-07-29 20:50:05    0    d-----w-    c:\program files (x86)\CCleaner
2010-07-29 09:45:35    0    ---ha-w-    c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2010-07-29 08:11:31    0    d-----w-    c:\programdata\Sony Ericsson
2010-07-29 08:11:31    0    d-----w-    c:\program files (x86)\Sony Ericsson
2010-07-28 11:22:24    0    ---ha-w-    c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2010-07-28 11:22:21    0    ---ha-w-    c:\windows\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
2010-07-28 11:21:42    190992    ----a-w-    c:\windows\system32\BtCoreIf.dll
2010-07-28 11:21:35    96272    ----a-w-    c:\windows\system32\KemXML.dll
2010-07-28 11:21:35    235536    ----a-w-    c:\windows\system32\KemUtil.dll
2010-07-28 11:21:35    235536    ----a-w-    c:\windows\system32\kemutb.dll
2010-07-28 11:21:35    159248    ----a-w-    c:\windows\system32\KemWnd.dll
2010-07-28 11:21:21    0    d-----w-    c:\programdata\Logitech
2010-07-28 11:21:17    0    d-----w-    c:\program files\common files\Logishrd
2010-07-28 11:21:13    0    d-----w-    c:\program files\Logitech
2010-07-28 11:20:49    0    d-----w-    c:\programdata\LogiShrd
2010-07-28 10:51:30    0    d-----w-    c:\program files (x86)\common files\Steam
2010-07-28 08:55:25    0    d-----w-    c:\programdata\e-Safekey
2010-07-28 07:03:36    3116    ----a-w-    C:\icon.tga
2010-07-28 07:03:36    14213    ----a-w-    C:\Fubar_HBskinFu.lua
2010-07-28 07:03:36    0    d-----w-    C:\TitanHealBot
2010-07-28 07:03:36    0    d-----w-    C:\SharedMediaAdditionalFonts
2010-07-28 07:03:36    0    d-----w-    C:\SharedMedia
2010-07-28 07:03:36    0    d-----w-    C:\FuBar_HBskinFu
2010-07-28 06:52:26    0    d-----w-    c:\programdata\Blizzard Entertainment
2010-07-28 06:33:49    0    d-----w-    c:\windows\Panther
2010-07-28 00:05:41    0    d-----w-    c:\program files (x86)\common files\Blizzard Entertainment
2010-07-27 22:52:24    0    d-----w-    c:\program files (x86)\common files\Blizzard Entertainment.temp
2010-07-27 22:45:11    311808    ----a-w-    c:\windows\system32\msv1_0.dll
2010-07-27 22:45:11    257024    ----a-w-    c:\windows\syswow64\msv1_0.dll
2010-07-27 22:44:01    0    d-----w-    c:\program files (x86)\DAEMON Tools Lite
2010-07-27 22:37:44    0    d-----w-    c:\windows\syswow64\Wat
2010-07-27 22:37:44    0    d-----w-    c:\windows\system32\Wat
2010-07-27 22:09:57    0    d-----w-    c:\programdata\Blizzard
2010-07-27 21:52:38    0    d-----w-    c:\windows\syswow64\Macromed
2010-07-27 21:16:32    14336    ----a-w-    c:\windows\system32\drivers\sffp_sd.sys
2010-07-27 21:14:55    99176    ----a-w-    c:\windows\syswow64\PresentationHostProxy.dll
2010-07-27 21:14:55    49472    ----a-w-    c:\windows\syswow64\netfxperf.dll
2010-07-27 21:14:55    48960    ----a-w-    c:\windows\system32\netfxperf.dll
2010-07-27 21:14:55    444752    ----a-w-    c:\windows\system32\mscoree.dll
2010-07-27 21:14:55    320352    ----a-w-    c:\windows\system32\PresentationHost.exe
2010-07-27 21:14:55    297808    ----a-w-    c:\windows\syswow64\mscoree.dll
2010-07-27 21:14:55    295264    ----a-w-    c:\windows\syswow64\PresentationHost.exe
2010-07-27 21:14:55    1942856    ----a-w-    c:\windows\system32\dfshim.dll
2010-07-27 21:14:55    1130824    ----a-w-    c:\windows\syswow64\dfshim.dll
2010-07-27 21:14:55    109912    ----a-w-    c:\windows\system32\PresentationHostProxy.dll
2010-07-27 21:14:31    294912    ----a-w-    c:\windows\system32\browserchoice.exe
2010-07-27 21:01:56    46592    ----a-w-    c:\windows\system32\msasn1.dll
2010-07-27 21:01:32    48    ---ha-w-    c:\programdata\ezsidmv.dat
2010-07-27 20:59:34    0    d-----w-    c:\programdata\NVIDIA
2010-07-27 20:59:10    0    d-----w-    c:\program files (x86)\NVIDIA Corporation
2010-07-27 20:59:02    0    d-----w-    c:\program files (x86)\common files\Wise Installation Wizard
2010-07-27 20:58:57    0    d-----w-    c:\program files\NVIDIA Corporation
2010-07-27 20:58:38    270208    ------w-    c:\windows\system32\MpSigStub.exe
2010-07-27 20:58:30    220672    ----a-w-    c:\windows\system32\wintrust.dll
2010-07-27 20:58:30    172032    ----a-w-    c:\windows\syswow64\wintrust.dll
2010-07-27 20:58:18    139264    ----a-w-    c:\windows\system32\cabview.dll
2010-07-27 20:58:18    132608    ----a-w-    c:\windows\syswow64\cabview.dll
2010-07-27 20:57:54    930272    ----a-w-    c:\windows\system32\dpinst.exe
2010-07-27 20:57:48    202344    ----a-w-    c:\windows\system32\nvcod189.dll
2010-07-27 20:57:48    1592936    ----a-w-    c:\windows\system32\nvapi64.dll
2010-07-27 20:57:46    0    d-----w-    C:\NVIDIA
2010-07-27 20:57:10    0    d-----r-    c:\program files (x86)\Skype
2010-07-27 20:57:07    0    d-sh--w-    c:\windows\Installer
2010-07-27 20:57:07    0    d-----w-    c:\programdata\Skype
2010-07-27 20:55:42    834544    ----a-w-    c:\windows\system32\drivers\sptd.sys
2010-07-27 20:54:57    0    d-----w-    c:\users\andy\appdata\roaming\DAEMON Tools Lite
2010-07-27 20:54:54    0    d-----w-    c:\programdata\DAEMON Tools Lite
2010-07-27 20:53:45    0    d-----w-    c:\program files (x86)\SiteAdvisor
2010-07-27 20:53:23    0    d-----w-    c:\program files (x86)\McAfee.com
2010-07-27 20:53:18    0    d-----w-    c:\program files (x86)\common files\McAfee
2010-07-27 20:53:17    9984    ----a-w-    c:\windows\system32\drivers\mfeclnk.sys
2010-07-27 20:52:56    93840    ----a-w-    c:\windows\system32\drivers\mferkdet.sys
2010-07-27 20:52:56    75288    ----a-w-    c:\windows\system32\drivers\mfenlfk.sys
2010-07-27 20:52:56    62416    ----a-w-    c:\windows\system32\drivers\cfwids.sys
2010-07-27 20:52:56    528616    ----a-w-    c:\windows\system32\drivers\mfehidk.sys
2010-07-27 20:52:56    440688    ----a-w-    c:\windows\system32\drivers\mfefirek.sys
2010-07-27 20:52:56    279752    ----a-w-    c:\windows\system32\drivers\mfewfpk.sys
2010-07-27 20:52:56    189880    ----a-w-    c:\windows\system32\drivers\mfeavfk.sys
2010-07-27 20:52:56    121504    ----a-w-    c:\windows\system32\drivers\mfeapfk.sys
2010-07-27 20:52:52    0    d-----w-    c:\program files\McAfee.com
2010-07-27 20:52:52    0    d-----w-    c:\program files\McAfee
2010-07-27 20:52:52    0    d-----w-    c:\program files\common files\McAfee
2010-07-27 20:52:51    0    d-----w-    c:\program files (x86)\McAfee
2010-07-27 20:47:39    0    d-----w-    c:\programdata\McAfee
2010-07-27 20:47:20    0    d-----w-    c:\program files\WinRAR

==================== Find3M  ====================

2010-07-29 08:11:59    0    ---ha-w-    c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2010-05-27 07:24:13    34304    ----a-w-    c:\windows\syswow64\atmlib.dll
2010-05-27 06:34:09    46080    ----a-w-    c:\windows\system32\atmlib.dll
2010-05-27 04:11:32    366080    ----a-w-    c:\windows\system32\atmfd.dll
2010-05-27 03:49:37    293888    ----a-w-    c:\windows\syswow64\atmfd.dll
2010-05-21 05:52:30    1192960    ----a-w-    c:\windows\system32\wininet.dll
2010-05-21 05:18:06    977920    ----a-w-    c:\windows\syswow64\wininet.dll
2010-05-21 05:14:50    48128    ----a-w-    c:\windows\syswow64\jsproxy.dll
2010-05-19 19:48:12    144384    ----a-w-    c:\windows\system32\cdd.dll
2010-05-09 09:46:00    961024    ----a-w-    c:\windows\system32\CPFilters.dll
2010-05-09 09:45:57    552960    ----a-w-    c:\windows\system32\msdri.dll
2010-05-09 09:14:55    641536    ----a-w-    c:\windows\syswow64\CPFilters.dll
2010-05-06 12:42:05    1225216    ----a-w-    c:\windows\syswow64\urlmon.dll
2010-05-06 12:41:55    606208    ----a-w-    c:\windows\syswow64\mstime.dll
2010-05-06 12:41:53    64512    ----a-w-    c:\windows\syswow64\msfeedsbs.dll
2010-05-06 12:41:53    5970944    ----a-w-    c:\windows\syswow64\mshtml.dll
2010-05-06 12:41:49    381440    ----a-w-    c:\windows\syswow64\iedkcs32.dll
2010-05-06 12:41:49    10984448    ----a-w-    c:\windows\syswow64\ieframe.dll
2009-07-14 05:37:38    31548    ----a-w-    c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 05:37:38    31548    ----a-w-    c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 05:37:38    291294    ----a-w-    c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 05:37:38    291294    ----a-w-    c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:54:24    174    --sha-w-    c:\program files\desktop.ini
2009-07-14 04:54:24    174    --sha-w-    c:\program files (x86)\desktop.ini
2009-07-14 01:00:34    291294    ----a-w-    c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34    291294    ----a-w-    c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32    31548    ----a-w-    c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32    31548    ----a-w-    c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 20:44:08    9633792    --sha-r-    c:\windows\fonts\StaticCache.dat
2009-07-14 01:39:53    398848    --sha-w-    c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45    396800    --sha-w-    c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 14:25:44,71 ===============

Der er ikke noget, men hvis du stadig har mistanke om en keylogger, så få spærret din netbank.

Jeg er ikke tryg ved den sk.de fil.

Find og upload denne fil hos Jotti eller Virustotal:
C:\Users\Andy\AppData\Local\Temp\25408912.txt
http://virusscan.jotti.org/ - http://www.virustotal.com/en/indexf.html

Fortæl resultatet.

Prøv lige at køre programmet Fix-it, som anvist på siden.
http://support.microsoft.com/kb/972034

inden jeg vil gøre det du lige har anbefalet vil jeg sige at der stadig er en keylogger et eller andet sted på computeren. er blevet hacked igen i mine spil så er 100% sikker nu.

Er det WoW der er problemet?

lige nu er det ja. min netbank har jeg spærret.

tak for kaffe!

denne fil du snakker så meget om blir skannet som virus i mange forskellige antivirus efter hvad virustotal siger.

47,62% virus

Antivirus      Version      Last Update      Result
AhnLab-V3    2010.08.01.00    2010.07.31    -
AntiVir    8.2.4.32    2010.07.30    TR/PSW.Wow.NHI
Antiy-AVL    2.0.3.7    2010.07.30    -
Authentium    5.2.0.5    2010.07.31    -
Avast    4.8.1351.0    2010.07.31    Win32:Malware-gen
Avast5    5.0.332.0    2010.07.31    Win32:Malware-gen
AVG    9.0.0.851    2010.08.01    PSW.OnlineGames3.ARGA
BitDefender    7.2    2010.08.01    Trojan.PWS.WOW.NHI
CAT-QuickHeal    11.00    2010.07.31    -
ClamAV    0.96.0.3-git    2010.08.01    -
Comodo    5606    2010.08.01    -
DrWeb    5.0.2.03300    2010.08.01    Trojan.PWS.Wow.1919
Emsisoft    5.0.0.34    2010.07.30    Trojan-GameThief.Win32.OnLineGames.wyij!A2
eSafe    7.0.17.0    2010.07.29    -
eTrust-Vet    36.1.7753    2010.07.31    Win32/Zuten!generic
F-Prot    4.6.1.107    2010.07.31    -
F-Secure    9.0.15370.0    2010.07.31    Trojan.PWS.WOW.NHI
Fortinet    4.1.143.0    2010.08.01    W32/Agent.OLG!tr
GData    21    2010.08.01    Trojan.PWS.WOW.NHI
Ikarus    T3.1.1.84.0    2010.08.01    -
Jiangmin    13.0.900    2010.08.01    -
Kaspersky    7.0.0.125    2010.08.01    Trojan-GameThief.Win32.OnLineGames.wyij
McAfee    5.400.0.1158    2010.08.01    -
McAfee-GW-Edition    2010.1    2010.07.30    -
Microsoft    1.6004    2010.08.01    -
NOD32    5329    2010.08.01    Win32/PSW.WOW.NRU
Norman    6.05.11    2010.08.01    -
nProtect    2010-08-01.01    2010.08.01    Trojan-PWS/W32.WebGame.15372.C
Panda    10.0.2.7    2010.07.31    Suspicious file
PCTools    7.0.3.5    2010.08.01    Trojan-PSW.Generic
Prevx    3.0    2010.08.01    -
Rising    22.58.05.04    2010.07.31    -
Sophos    4.56.0    2010.08.01    -
Sunbelt    6670    2010.08.01    Trojan.Win32.Generic!BT
SUPERAntiSpyware    4.40.0.1006    2010.08.01    Trojan.Agent/Gen-FakeAV
Symantec    20101.1.1.7    2010.08.01    Infostealer
TheHacker    6.5.2.1.328    2010.07.30    -
TrendMicro    9.120.0.1004    2010.08.01    -
TrendMicro-HouseCall    9.120.0.1004    2010.08.01    -
VBA32    3.12.12.7    2010.07.30    -
ViRobot    2010.7.31.3965    2010.07.31    -
VirusBuster    5.0.27.0    2010.07.31    Trojan.PWS.OnLineGames.CCUC
Additional information
File size: 15372 bytes
MD5...: 18bb3b677022dbc8190b09c32ec451ee
SHA1..: df05856027054612732b2fb227a4a53cb5e69044
SHA256: 4f8ecec7bfd9119a0b585be1daea1b896192f6bc499473d2893830ded7cfabe5
ssdeep: 384:wInhmcYlvFLDFQQn9S3RhmhgzDhxwcHljXg:wuhmcYltvFJn9qhmhUxwO+
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x382a
timedatestamp.....: 0x4c4f0183 (Tue Jul 27 15:55:47 2010)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x28d0 0x2a00 6.24 202a9c9f44c44c2cbe29970e57ba47d0
.rdata 0x4000 0x53f 0x600 4.39 1ee805807d8af7b78f51fded1eb799e6
.data 0x5000 0x58c 0x200 2.20 746cb6a24155d6ae2600951db5f1210c
.reloc 0x6000 0x3dc 0x400 4.94 150352f3c01a6aa4a69f898371062c4a

( 5 imports )
> KERNEL32.dll: GetFileSize, CloseHandle, SetFilePointer, FreeLibrary, GetProcAddress, LoadLibraryA, GetCurrentProcess, Sleep, IsBadReadPtr, TerminateProcess, RaiseException, FlushFileBuffers, GetModuleFileNameA, WaitForSingleObject, GetLastError, CreateEventA, SetProcessShutdownParameters, OutputDebugStringA
> WS2_32.dll: -, -, -, -
> WININET.dll: InternetOpenA
> USER32.dll: PeekMessageA
> MSVCRT.dll: _wcsicmp, _strupr, _strlwr, _stricmp, _adjust_fdiv, _initterm, free, strcpy, strlen, malloc, memcpy, strstr, strcmp, strncpy, sprintf, _except_handler3, wcsncpy, memset, memcmp, strcat, time, strrchr, strchr

( 1 exports )
W
RDS...: NSRL Reference Data Set
-
pdfid.: -
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
trid..: Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

jeg har nu kørt med nyt antivirus og den har slettet den virus, så jeg har lige lavet en ny HijackThis log, for at se om alt ser okay ud nu.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:28:00, on 31-07-2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files\Logitech\SetPoint\LU\LULnchr.exe
C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100727225318.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Configuring] rundll32.exe C:\Users\Andy\AppData\Local\Temp\25408912.txt,W
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O13 - Gopher Prefix:
O15 - Trusted Zone: *.danskebank.dk
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9086 bytes


Og forresten mange tak til dig fromsej, jeg havde aldrig fundet ud af det uden dig :)

Af en eller anden årsag, får jeg ikke mails herfra, nå fred være med det.

Linien er stadig i din HJT log, lad os se om ikke vi kan få den dræbt.

Højreklik på Hijackthis vælg "Kør som Administrator", scan, sæt flueben ved følgende, luk alle vinduer undtaget Hijackthis, klik på fix checked, når den er færdig, genstart.

O4 - HKCU\..\Run: [Configuring] rundll32.exe C:\Users\Andy\AppData\Local\Temp\25408912.txt,W

---------------------------------------
Slet så C:\Users\Andy\AppData\Local\Temp\25408912.txt

Genstart, kom med en frisk Hijackthislog.

jeg har formentlig ikke genstartet computeren efter at den fil blev slette, da jeg nu hvor jeg har kørt en frisk hijackthis log uden at kunne finde filen. måske bare mig der ikke kan se den men værsgo:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:58:38, on 03-08-2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - "C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEToolbar.dll" (file missing)
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O13 - Gopher Prefix:
O15 - Trusted Zone: *.danskebank.dk
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7112 bytes

Det ser fint ud.
Har du kørt Fix-it, som jeg bad om?
Prøv lige at køre programmet Fix-it, som anvist på siden.
http://support.microsoft.com/kb/972034[/b]

Hvis ja, så vil jeg gerne se en frisk DDS-log, hvis nej, så kør den, genstart og lav så en frisk DDS-log.