virus hjælp please

Hejsa.

Jeg er ny bruger på eksperten, men har fulgt med i lang tid hvordan det fungerer osv.

Jeg har fået en virus. Sådan som jeg har læst mig frem til i andre tråde, skal man lave scanning med hijack og malware bytes.

Jeg har vedlagt mine logs. Håber der er en eller nogle der kan hjælpe mig:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:24:29, on 24-02-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\AVG\AVG9\avgwdsvc.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\AVG\AVG9\avgemc.exe
C:\Programmer\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\Programmer\AVG\AVG9\avgrsx.exe
C:\Programmer\AVG\AVG9\avgchsvx.exe
C:\Programmer\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Programmer\Fælles filer\Java\Java Update\jusched.exe
C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmer\Windows Live\Messenger\msnmsgr.exe
C:\Programmer\uTorrent\uTorrent.exe
C:\Programmer\Windows Live\Contacts\wlcomm.exe
C:\Programmer\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programmer\Ask.com\GenericAskToolbar.dll
O1 - Hosts: 66.232.102.249 www.google.com
O1 - Hosts: 66.232.102.249 google.com
O1 - Hosts: 66.232.102.249 google.com.au
O1 - Hosts: 66.232.102.249 www.google.com.au
O1 - Hosts: 66.232.102.249 google.be
O1 - Hosts: 66.232.102.249 www.google.be
O1 - Hosts: 66.232.102.249 google.com.br
O1 - Hosts: 66.232.102.249 www.google.com.br
O1 - Hosts: 66.232.102.249 google.ca
O1 - Hosts: 66.232.102.249 www.google.ca
O1 - Hosts: 66.232.102.249 google.ch
O1 - Hosts: 66.232.102.249 www.google.ch
O1 - Hosts: 66.232.102.249 google.de
O1 - Hosts: 66.232.102.249 www.google.de
O1 - Hosts: 66.232.102.249 google.dk
O1 - Hosts: 66.232.102.249 www.google.dk
O1 - Hosts: 66.232.102.249 google.fr
O1 - Hosts: 66.232.102.249 www.google.fr
O1 - Hosts: 66.232.102.249 google.ie
O1 - Hosts: 66.232.102.249 www.google.ie
O1 - Hosts: 66.232.102.249 google.it
O1 - Hosts: 66.232.102.249 www.google.it
O1 - Hosts: 66.232.102.249 google.co.jp
O1 - Hosts: 66.232.102.249 www.google.co.jp
O1 - Hosts: 66.232.102.249 google.nl
O1 - Hosts: 66.232.102.249 www.google.nl
O1 - Hosts: 66.232.102.249 google.no
O1 - Hosts: 66.232.102.249 www.google.no
O1 - Hosts: 66.232.102.249 google.co.nz
O1 - Hosts: 66.232.102.249 www.google.co.nz
O1 - Hosts: 66.232.102.249 google.pl
O1 - Hosts: 66.232.102.249 www.google.pl
O1 - Hosts: 66.232.102.249 google.se
O1 - Hosts: 66.232.102.249 www.google.se
O1 - Hosts: 66.232.102.249 google.co.uk
O1 - Hosts: 66.232.102.249 www.google.co.uk
O1 - Hosts: 66.232.102.249 google.co.za
O1 - Hosts: 66.232.102.249 www.google.co.za
O1 - Hosts: 66.232.102.249 www.google-analytics.com
O1 - Hosts: 66.232.102.249 www.bing.com
O1 - Hosts: 66.232.102.249 search.yahoo.com
O1 - Hosts: 66.232.102.249 www.search.yahoo.com
O1 - Hosts: 66.232.102.249 uk.search.yahoo.com
O1 - Hosts: 66.232.102.249 ca.search.yahoo.com
O1 - Hosts: 66.232.102.249 de.search.yahoo.com
O1 - Hosts: 66.232.102.249 fr.search.yahoo.com
O1 - Hosts: 66.232.102.249 au.search.yahoo.com
O1 - Hosts: 66.232.102.249 www.google.com
O1 - Hosts: 66.232.102.249 google.com
O1 - Hosts: 66.232.102.249 google.com.au
O1 - Hosts: 66.232.102.249 www.google.com.au
O1 - Hosts: 66.232.102.249 google.be
O1 - Hosts: 66.232.102.249 www.google.be
O1 - Hosts: 66.232.102.249 google.com.br
O1 - Hosts: 66.232.102.249 www.google.com.br
O1 - Hosts: 66.232.102.249 google.ca
O1 - Hosts: 66.232.102.249 www.google.ca
O1 - Hosts: 66.232.102.249 google.ch
O1 - Hosts: 66.232.102.249 www.google.ch
O1 - Hosts: 66.232.102.249 google.de
O1 - Hosts: 66.232.102.249 www.google.de
O1 - Hosts: 66.232.102.249 google.dk
O1 - Hosts: 66.232.102.249 www.google.dk
O1 - Hosts: 66.232.102.249 google.fr
O1 - Hosts: 66.232.102.249 www.google.fr
O1 - Hosts: 66.232.102.249 google.ie
O1 - Hosts: 66.232.102.249 www.google.ie
O1 - Hosts: 66.232.102.249 google.it
O1 - Hosts: 66.232.102.249 www.google.it
O1 - Hosts: 66.232.102.249 google.co.jp
O1 - Hosts: 66.232.102.249 www.google.co.jp
O1 - Hosts: 66.232.102.249 google.nl
O1 - Hosts: 66.232.102.249 www.google.nl
O1 - Hosts: 66.232.102.249 google.no
O1 - Hosts: 66.232.102.249 www.google.no
O1 - Hosts: 66.232.102.249 google.co.nz
O1 - Hosts: 66.232.102.249 www.google.co.nz
O1 - Hosts: 66.232.102.249 google.pl
O1 - Hosts: 66.232.102.249 www.google.pl
O1 - Hosts: 66.232.102.249 google.se
O1 - Hosts: 66.232.102.249 www.google.se
O1 - Hosts: 66.232.102.249 google.co.uk
O1 - Hosts: 66.232.102.249 www.google.co.uk
O1 - Hosts: 66.232.102.249 google.co.za
O1 - Hosts: 66.232.102.249 www.google.co.za
O1 - Hosts: 66.232.102.249 www.google-analytics.com
O1 - Hosts: 66.232.102.249 www.bing.com
O1 - Hosts: 66.232.102.249 search.yahoo.com
O1 - Hosts: 66.232.102.249 www.search.yahoo.com
O1 - Hosts: 66.232.102.249 uk.search.yahoo.com
O1 - Hosts: 66.232.102.249 ca.search.yahoo.com
O1 - Hosts: 66.232.102.249 de.search.yahoo.com
O1 - Hosts: 66.232.102.249 fr.search.yahoo.com
O1 - Hosts: 66.232.102.249 au.search.yahoo.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmer\AVG\AVG9\avgssie.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmer\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmer\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Fælles filer\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\uhd\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Programmer\uTorrent\uTorrent.exe"
O4 - Global Startup: D-Link AirPlus G Configuration Utility.lnk = ?
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1263299083234
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programmer\AVG\AVG9\avgwdsvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 10525 bytes

_________________________________________


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5870

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

24-02-2011 19:21:18
mbam-log-2011-02-24 (19-21-18).txt

Skanningstype: Fuldstændig skanning (C:\|)
Objekter skannet: 186227
Tid gået: 20 minut(ter), 27 sekund(er)

Hukommelses Processorer Inficeret: 0
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 0
Registreringsdatabaseværdier Inficeret: 0
Registreringsdatabasedata Objekter Inficeret: 1
Inficerede Mapper: 0
Inficerede Filer: 9

Hukommelses Processorer Inficeret:
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabaseværdier Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasedata Objekter Inficeret:
HKEY_CLASSES_ROOT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=289&q={searchTerms}) Good: (http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}) -> Quarantined and deleted successfully.

Inficerede Mapper:
(Ingen skadelige objekter blev fundet)

Inficerede Filer:
c:\documents and settings\uhd\lokale indstillinger\application data\php.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\documents and settings\uhd\lokale indstillinger\application data\vgq.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\documents and settings\uhd\lokale indstillinger\Temp\pcupdate107_289[1].exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\documents and settings\uhd\lokale indstillinger\temporary internet files\Content.IE5\GJA8TJKG\pcupdate107_289[1].exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\documents and settings\uhd\lokale indstillinger\temporary internet files\Content.IE5\Y41ANO9K\pcupdate107_289[1].exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b5b2d76b-3bcd-4ffa-9cb3-453eee3f26e0}\RP245\A0048946.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b5b2d76b-3bcd-4ffa-9cb3-453eee3f26e0}\RP245\A0048948.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b5b2d76b-3bcd-4ffa-9cb3-453eee3f26e0}\RP246\A0049171.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b5b2d76b-3bcd-4ffa-9cb3-453eee3f26e0}\RP246\A0049172.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.


Med Venlig Hilsen
Jacob