nogen der gider chekke disse log-filer

Her kommer 3 logfiler men combofix bare i stå og står i flere timer uden nogen reaktion.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/09/2010 at 09:14 PM

Application Version : 4.46.1000

Core Rules Database Version : 5978
Trace Rules Database Version: 3790

Scan type      : Complete Scan
Total Scan Time : 01:05:00

Memory items scanned      : 435
Memory threats detected  : 0
Registry items scanned    : 6455
Registry threats detected : 0
File items scanned        : 22025
File threats detected    : 28

Adware.Tracking Cookie
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@adserver3.openadex[1].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@tribalfusion[2].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@content.yieldmanager[2].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@rotator.its.adjuggler[1].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@tradedoubler[1].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@serving-sys[1].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@collective-media[2].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@track.adform[2].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@media6degrees[2].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@atdmt[1].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@ad.yieldmanager[2].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@statse.webtrendslive[1].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@server.iad.liveperson[1].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@adtech[1].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@bs.serving-sys[1].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@liveperson[1].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@liveperson[3].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@ads.raasnet[2].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@content.yieldmanager[3].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@doubleclick[1].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@apmebf[1].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@ads.bleepingcomputer[1].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@mediaplex[1].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@adform[1].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@delivery-media.surftown[2].txt
    C:\Documents and Settings\Kennie Søgaard\Cookies\kennie_søgaard@revsci[1].txt

Trojan.Agent/Gen-Dropper
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{4A22B285-C0E5-4A30-8E4D-B97A460A7598}\RP332\A0333179.DLL
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{4A22B285-C0E5-4A30-8E4D-B97A460A7598}\RP338\A0337328.DLL

------------------------------------------------------

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5282

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10-12-2010 07:31:02
mbam-log-2010-12-10 (07-30-54).txt

Skanningstype: Fuldstændig skanning (C:\|E:\|)
Objekter skannet: 280929
Tid gået: 1 time(e), 23 minut(ter), 30 sekund(er)

Hukommelses Processorer Inficeret: 0
Hukommelses Moduler Inficeret: 1
Registreringsdatabasenøgler Inficeret: 5
Registreringsdatabaseværdier Inficeret: 1
Registreringsdatabasedata Objekter Inficeret: 0
Inficerede Mapper: 0
Inficerede Filer: 3

Hukommelses Processorer Inficeret:
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret:
c:\WINDOWS\system32\gpogfjjbselbenuiy.dll (Trojan.Agent) -> No action taken.

Registreringsdatabasenøgler Inficeret:
HKEY_CLASSES_ROOT\CLSID\{F707BEF3-6E64-AE9B-5E01-38FBF3BC0A4B} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F707BEF3-6E64-AE9B-5E01-38FBF3BC0A4B} (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F707BEF3-6E64-AE9B-5E01-38FBF3BC0A4B} (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F707BEF3-6E64-AE9B-5E01-38FBF3BC0A4B} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fgtfmxzbpljtgdue (Trojan.Agent) -> No action taken.

Registreringsdatabaseværdier Inficeret:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\icpclxnvfdivtgyos (Trojan.Agent) -> Value: icpclxnvfdivtgyos -> No action taken.

Registreringsdatabasedata Objekter Inficeret:
(Ingen skadelige objekter blev fundet)

Inficerede Mapper:
(Ingen skadelige objekter blev fundet)

Inficerede Filer:
c:\system volume information\_restore{4a22b285-c0e5-4a30-8e4d-b97a460a7598}\RP338\A0337329.exe (Trojan.Agent) -> No action taken.
c:\WINDOWS\system32\fgtfmxzbpljtgdue.exe (Trojan.Agent) -> No action taken.
c:\WINDOWS\system32\gpogfjjbselbenuiy.dll (Trojan.Agent) -> No action taken.

-------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 07:45:48, on 10-12-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Programmer\Fælles filer\Java\Java Update\jusched.exe
C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe
C:\Programmer\Browny02\Brother\BrStMonW.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Brother\ControlCenter3\brccMCtl.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Browny02\BrYNSvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmer\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Programmer\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Programmer\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] //~soundman.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Fælles filer\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FLLESF~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ControlCenter3] C:\Programmer\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Programmer\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYASwBQAEMAQgAtADYAQgBXAEYATQAtAFQAUgBMAFEAUgAtAEIAUgBVAEgAUAAtAEMAUAA4ADYARwA"&"inst=NwA3AC0ANAAwADIAMQA2ADgAMgAxADUALQBGAFAAOQArADYALQBUAEIAOQArADIALQBGAEwAKwA5AC0ARgA5AE0ANwBCACsANQA"&"prod=90"&"ver=9.0.872
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] //~c:\programmer\messenger\msmsgs.exe /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Kennie Søgaard\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe (file missing)
O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} (System Requirements Lab) - http://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Programmer\Fælles filer\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Programmer\Browny02\BrYNSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\PEV.cfxxe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 7016 bytes