Så lykkedes det at få kopieret hestene:

Status: Slettet   (hændelser: 19) 
09-03-2010 18:43:17   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.beaf   C:\hp\recovery\wizard\fscommand\AppRecoveryLink_ret.exe   Høj  
09-03-2010 18:43:16   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.bdzz   C:\hp\recovery\wizard\fscommand\CDLogic_ret.exe   Høj  
09-03-2010 18:43:17   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.beaf   C:\hp\recovery\wizard\fscommand\CreatorLink_ret.exe   Høj  
09-03-2010 18:43:17   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.beaf   C:\hp\recovery\wizard\fscommand\RecordnowLink_ret.exe   Høj  
09-03-2010 18:43:18   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.beaf   C:\hp\recovery\wizard\fscommand\RestoreLink_ret.exe   Høj  
09-03-2010 18:43:19   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.beaf   C:\hp\recovery\wizard\fscommand\RTCDLink_ret.exe   Høj  
09-03-2010 18:43:19   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.beaf   C:\hp\recovery\wizard\fscommand\RunLink_ret.exe   Høj  
09-03-2010 18:43:20   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.beaf   C:\hp\recovery\wizard\fscommand\SysRecoveryLink_ret.exe   Høj  
09-03-2010 18:43:21   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.beaf   C:\hp\recovery\wizard\fscommand\WizardLink_ret.exe   Høj  
09-03-2010 19:00:52   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.beaf   C:\System Volume Information\_restore{1BE136E6-1AD8-4129-9795-03F31A6B88D5}\RP51\A0010811.exe   Høj  
09-03-2010 19:00:53   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.bdzz   C:\System Volume Information\_restore{1BE136E6-1AD8-4129-9795-03F31A6B88D5}\RP51\A0010810.exe   Høj  
09-03-2010 19:00:53   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.beaf   C:\System Volume Information\_restore{1BE136E6-1AD8-4129-9795-03F31A6B88D5}\RP51\A0010812.exe   Høj  
09-03-2010 19:00:54   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.beaf   C:\System Volume Information\_restore{1BE136E6-1AD8-4129-9795-03F31A6B88D5}\RP51\A0010813.exe   Høj  
09-03-2010 19:00:55   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.beaf   C:\System Volume Information\_restore{1BE136E6-1AD8-4129-9795-03F31A6B88D5}\RP51\A0010814.exe   Høj  
09-03-2010 19:00:56   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.beaf   C:\System Volume Information\_restore{1BE136E6-1AD8-4129-9795-03F31A6B88D5}\RP51\A0010815.exe   Høj  
09-03-2010 19:00:57   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.beaf   C:\System Volume Information\_restore{1BE136E6-1AD8-4129-9795-03F31A6B88D5}\RP51\A0010816.exe   Høj  
09-03-2010 19:00:58   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.beaf   C:\System Volume Information\_restore{1BE136E6-1AD8-4129-9795-03F31A6B88D5}\RP51\A0010817.exe   Høj  
09-03-2010 19:01:00   Slettet   Trojansk hest Trojan-Spy.Win32.Agent.beaf   C:\System Volume Information\_restore{1BE136E6-1AD8-4129-9795-03F31A6B88D5}\RP51\A0010818.exe   Høj  
09-03-2010 20:27:44   Slettet   adware not-a-virus:AdWare.Win32.WebHancer.x   C:\WINDOWS\Web\Wallpaper\welcome\AWhelper.dll   Mellem

Det er svært at svare på ud fra den log.
Enten ligger de i systemgendannelse, eller i en recorvery mappe.

Hent Malwarebytes Anti-Malware herfra:
http://www.besttechie.net/tools/mbam-setup.exe
Eller herfra ->
http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html

Installer programmet - når det er gjort skal du lade programmet opdatere sig. Herefter åbner et vindue, hvor du skal flytte prikken til “Kør et fuldstændigt systemscan” - klik på Skan Knappen - lad programmet arbejde. Når det er færdig (det tager lidt tid afhængig af hvor meget du har på computeren).

Derefter - Tryk på “Vis resultater” knappen efter scanningen - og herefter tryk på “Fjern det valgte” - nu åbnes log’en og du skal gemme den et sted, hvor du kan finde den igen.

Kopier indholdet herind og fortæl hvordan computeren kører nu ?

Malwarebytes’ Anti-Malware 1.44
Database version: 3842
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

09-03-2010 22:05:10
mbam-log-2010-03-09 (22-05-10).txt

Skan type: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 201301
Tid tilbagelagt: 53 minute(s), 18 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)

ComboFix 10-03-09.04 - Compaq_Ejer 09-03-2010 22:10:39.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.45.1030.18.1982.1305 [GMT 1:00]
Kører fra: c:\documents and settings\Compaq_Ejer\Skrivebord\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.

(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Compaq_Ejer\Dokumenter\ZbThumbnail.info
c:\documents and settings\Compaq_Ejer\Menuen Start\Programmer\Start\Logitech . Produktregistrering.lnk
c:\recycler\S-1-5-21-790525478-57989841-725345543-1003
c:\windows\system32\CHODDI.SYS
D:\Autorun.inf

.
(((((((((((((((((((((((((((((  Filer skabt fra 2010-02-09 til 2010-03-09 )))))))))))))))))))))))))))))))))))
.

2010-03-09 20:56 . 2010-03-09 20:56   388096   ——a-r-  c:\documents and settings\Compaq_Ejer\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-03-09 20:55 . 2010-03-09 20:55   ————  d——-w-  c:\programmer\TrendMicro
2010-03-09 18:28 . 2010-03-09 18:28   ————  d——-w-  c:\documents and settings\Compaq_Ejer\Application Data\Malwarebytes
2010-03-09 18:28 . 2010-01-07 15:07   38224   ——a-w-  c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-09 18:28 . 2010-03-09 18:28   ————  d——-w-  c:\documents and settings\All Users\Application Data\Malwarebytes
2010-03-09 18:28 . 2010-01-07 15:07   19160   ——a-w-  c:\windows\system32\drivers\mbam.sys
2010-03-09 18:28 . 2010-03-09 18:28   ————  d——-w-  c:\programmer\Malwarebytes’ Anti-Malware
2010-03-09 16:39 . 2010-03-09 16:39   95259   ——a-w-  c:\windows\system32\drivers\klick.dat
2010-03-09 16:39 . 2010-03-09 16:39   108059   ——a-w-  c:\windows\system32\drivers\klin.dat
2010-03-09 16:37 . 2010-03-09 16:37   ————  d——-w-  c:\programmer\Kaspersky Lab
2010-03-09 16:36 . 2010-03-09 16:36   ————  d——-w-  c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2010-03-09 15:08 . 2010-03-09 16:35   ————  d——-w-  c:\documents and settings\All Users\Application Data\Alwil Software
2010-03-09 15:08 . 2010-03-09 16:35   ————  d——-w-  c:\programmer\Alwil Software
2010-03-08 18:09 . 2010-03-08 18:12   ————  d——-w-  c:\programmer\Windows Live Safety Center
2010-03-04 18:56 . 2010-03-04 18:56   ————  d——-w-  c:\documents and settings\Compaq_Ejer\Application Data\SUPERAntiSpyware.com
2010-03-04 18:56 . 2010-03-04 18:56   ————  d——-w-  c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-03-04 17:09 . 2010-03-04 17:09   ————  d——-w-  c:\documents and settings\Compaq_Ejer\Lokale indstillinger\Application Data\Opera
2010-03-04 17:09 . 2010-03-04 17:12   ————  d——-w-  c:\programmer\Opera
2010-03-04 13:44 . 2010-03-04 13:44   ————  d——-w-  c:\documents and settings\Compaq_Ejer\Application Data\Leadertech
2010-03-04 13:44 . 2010-03-04 13:44   53248   ——a-r-  c:\documents and settings\Compaq_Ejer\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2010-03-04 13:44 . 2010-03-04 13:44   ————  d——-w-  c:\documents and settings\Compaq_Ejer\Lokale indstillinger\Application Data\Logishrd
2010-03-04 13:43 . 2010-03-04 13:43   16400   ——a-w-  c:\windows\system32\drivers\LNonPnP.sys
2010-03-04 13:43 . 2008-11-07 17:55   16928   ———w-  c:\windows\system32\spmsgXP_2k3.dll
2010-03-04 13:41 . 2010-03-04 13:42   ————  d——-w-  c:\programmer\Logitech
2010-03-04 13:29 . 2010-03-04 13:44   ————  d——-w-  c:\documents and settings\All Users\Application Data\Logishrd
2010-03-04 13:27 . 2010-03-04 13:44   ————  d——-w-  c:\programmer\Fælles filer\LogiShrd
2010-03-04 13:27 . 2010-03-04 13:44   ————  d——-w-  c:\documents and settings\Compaq_Ejer\Application Data\Logitech
2010-03-04 13:27 . 2010-03-04 13:27   ————  d——-w-  c:\documents and settings\Compaq_Ejer\Application Data\Logishrd
2010-03-04 13:22 . 2008-04-14 16:05   116224   ——a-w-  c:\windows\system32\dllcache\xrxwiadr.dll
2010-03-04 13:22 . 2001-10-04 16:07   23040   ——a-w-  c:\windows\system32\dllcache\xrxwbtmp.dll
2010-03-04 13:22 . 2008-04-14 16:05   18944   ——a-w-  c:\windows\system32\dllcache\xrxscnui.dll
2010-03-04 13:22 . 2001-10-04 16:07   27648   ——a-w-  c:\windows\system32\dllcache\xrxftplt.exe
2010-03-04 13:22 . 2001-10-04 16:07   4608   ——a-w-  c:\windows\system32\dllcache\xrxflnch.exe
2010-03-04 13:22 . 2001-08-18 05:37   99865   ——a-w-  c:\windows\system32\dllcache\xlog.exe
2010-03-04 13:20 . 2001-08-17 19:10   35871   ——a-w-  c:\windows\system32\dllcache\wbfirdma.sys
2010-03-04 13:19 . 2001-08-17 20:28   113762   ——a-w-  c:\windows\system32\dllcache\usrpda.sys
2010-03-04 13:18 . 2001-10-04 16:07   47616   ——a-w-  c:\windows\system32\dllcache\umaxcam.dll
2010-03-04 13:17 . 2001-10-04 16:07   31744   ——a-w-  c:\windows\system32\dllcache\tp4.dll
2010-03-04 13:16 . 2001-08-17 21:07   32640   ——a-w-  c:\windows\system32\dllcache\symc8xx.sys
2010-03-04 13:15 . 2001-10-04 16:07   99328   ——a-w-  c:\windows\system32\dllcache\srusd.dll
2010-03-04 13:14 . 2001-10-04 15:51   35913   ——a-w-  c:\windows\system32\dllcache\smcirda.sys
2010-03-04 13:13 . 2001-08-17 19:50   68608   ——a-w-  c:\windows\system32\dllcache\sis6306p.sys
2010-03-04 13:12 . 2001-10-04 15:49   23936   ——a-w-  c:\windows\system32\dllcache\sccmn50m.sys
2010-03-04 13:11 . 2001-08-17 19:12   19017   ——a-w-  c:\windows\system32\dllcache\rtl8029.sys
2010-03-04 13:11 . 2001-08-17 19:19   30720   ——a-w-  c:\windows\system32\dllcache\rthwcls.sys
2010-03-04 13:11 . 2001-10-04 16:07   9728   ——a-w-  c:\windows\system32\dllcache\rsmgrstr.dll
2010-03-04 13:11 . 2001-08-17 19:19   3840   ——a-w-  c:\windows\system32\dllcache\rpfun.sys
2010-03-04 13:11 . 2008-04-14 15:38   79104   ——a-w-  c:\windows\system32\dllcache\rocket.sys
2010-03-04 13:11 . 2001-08-17 19:12   37563   ——a-w-  c:\windows\system32\dllcache\rlnet5.sys
2010-03-04 13:11 . 2001-10-04 16:06   86097   ——a-w-  c:\windows\system32\dllcache\reslog32.dll
2010-03-04 13:11 . 2001-08-17 20:51   19584   ——a-w-  c:\windows\system32\dllcache\rasirda.sys
2010-03-04 13:11 . 2001-10-04 15:47   714858   ——a-w-  c:\windows\system32\dllcache\r2mdmkxx.sys
2010-03-04 13:11 . 2001-10-04 15:47   899274   ——a-w-  c:\windows\system32\dllcache\r2mdkxga.sys
2010-03-04 13:11 . 2001-10-04 16:07   41472   ——a-w-  c:\windows\system32\dllcache\qvusd.dll
2010-03-04 13:11 . 2001-08-17 20:53   3328   ——a-w-  c:\windows\system32\dllcache\qv2kux.sys
2010-03-04 13:09 . 2001-08-17 21:07   19840   ——a-w-  c:\windows\system32\dllcache\philtune.sys
2010-03-04 13:08 . 2001-08-17 21:05   25216   ——a-w-  c:\windows\system32\dllcache\ovsound2.sys
2010-03-04 13:07 . 2001-08-17 19:49   51552   ——a-w-  c:\windows\system32\dllcache\ntgrip.sys
2010-03-04 13:06 . 2001-08-17 19:50   13664   ——a-w-  c:\windows\system32\dllcache\n9i128.sys
2010-03-04 13:05 . 2001-08-17 21:02   35200   ——a-w-  c:\windows\system32\dllcache\msgame.sys
2010-03-04 13:04 . 2001-08-17 19:19   48768   ——a-w-  c:\windows\system32\dllcache\maestro.sys
2010-03-04 13:03 . 2001-10-04 16:07   37376   ——a-w-  c:\windows\system32\dllcache\kousd.dll
2010-03-04 13:02 . 2001-08-17 19:12   45632   ——a-w-  c:\windows\system32\dllcache\ip5515.sys
2010-03-04 13:01 . 2001-10-04 16:05   10240   ——a-w-  c:\windows\system32\dllcache\ibmsgnet.dll
2010-03-04 13:00 . 2001-10-04 16:07   324608   ——a-w-  c:\windows\system32\dllcache\hpojwia.dll
2010-03-04 12:59 . 2001-08-17 19:15   454912   ——a-w-  c:\windows\system32\dllcache\fxusbase.sys
2010-03-04 12:58 . 2001-10-04 15:45   594334   ——a-w-  c:\windows\system32\dllcache\es56hpi.sys
2010-03-04 12:57 . 2001-08-17 19:20   334208   ——a-w-  c:\windows\system32\dllcache\ds1wdm.sys
2010-03-04 12:56 . 2001-10-04 16:07   111104   ——a-w-  c:\windows\system32\dllcache\dc260usd.dll
2010-03-04 12:55 . 2004-08-26 20:00   1677824   ——a-w-  c:\windows\system32\dllcache\chsbrkr.dll
2010-03-04 12:54 . 2001-08-17 20:12   60416   ——a-w-  c:\windows\system32\dllcache\brserwdm.sys
2010-03-04 12:53 . 2001-08-17 21:07   101888   ——a-w-  c:\windows\system32\dllcache\adpu160m.sys
2010-03-02 21:32 . 2010-03-03 17:03   ————  d——-w-  C:\Backup
2010-03-02 15:26 . 2009-12-14 11:44   39352   ——a-w-  c:\windows\system32\drivers\CSVirtualDiskDrv.sys
2010-03-02 15:26 . 2010-03-03 19:42   ————  dc——w-  c:\windows\system32\DRVSTORE
2010-03-02 15:26 . 2009-12-14 11:44   88632   ——a-w-  c:\windows\system32\drivers\CSCrySec.sys
2010-02-21 15:32 . 2010-02-24 17:19   ————  d——-w-  c:\documents and settings\Compaq_Ejer\Application Data\CameraWindowDC
2010-02-21 15:32 . 2010-02-21 15:32   ————  d——-w-  c:\documents and settings\Compaq_Ejer\Application Data\CANON INC
2010-02-21 15:26 . 2008-04-13 18:45   15104   ——a-w-  c:\windows\system32\drivers\usbscan.sys
2010-02-21 15:26 . 2008-04-13 18:45   15104   ——a-w-  c:\windows\system32\dllcache\usbscan.sys
2010-02-21 15:26 . 2001-10-04 16:07   5632   ——a-w-  c:\windows\system32\ptpusb.dll
2010-02-21 15:26 . 2008-04-14 16:05   159232   ——a-w-  c:\windows\system32\ptpusd.dll
2010-02-20 16:49 . 2010-02-20 16:49   ————  d——-w-  c:\documents and settings\Compaq_Ejer\Application Data\Auslogics
2010-02-20 16:21 . 2010-02-20 16:21   ————  d——-w-  c:\programmer\Secunia
2010-02-20 16:11 . 2010-02-20 16:11   ————  d——-w-  c:\documents and settings\All Users\Application Data\UnH Solutions
2010-02-20 16:09 . 2004-08-26 20:00   61952   ——a-w-  c:\windows\system32\wbem\tmplprov.dll
2010-02-20 16:08 . 2008-04-14 16:06   107008   ——a-w-  c:\windows\system32\sysocmgr.exe
2010-02-20 16:07 . 2008-04-14 16:05   462848   ——a-w-  c:\windows\system32\dllcache\sqlqp20.dll
2010-02-20 16:06 . 2008-04-14 16:05   51712   ——a-w-  c:\windows\system32\dllcache\oobebaln.exe
2010-02-20 16:05 . 2009-03-08 03:22   156160   ——a-w-  c:\windows\system32\msls31.dll
2010-02-20 16:04 . 2004-08-26 20:00   9728   ——a-w-  c:\windows\system32\label.exe
2010-02-20 16:02 . 2008-04-14 16:05   83456   ——a-w-  c:\windows\system32\dpvsetup.exe
2010-02-20 16:01 . 2008-04-14 16:05   54272   ——a-w-  c:\windows\system32\dllcache\dataclen.dll
2010-02-20 16:00 . 2010-02-20 16:00   ————  d——-w-  c:\documents and settings\All Users\Application Data\ZoomBrowser
2010-02-20 15:59 . 2010-02-20 15:59   ————  d——-w-  c:\programmer\Fælles filer\Canon
2010-02-20 15:52 . 2010-03-08 21:30   0   ——a-w-  c:\documents and settings\Compaq_Ejer\temp.dat
2010-02-20 15:51 . 2010-02-20 15:52   ————  d——-w-  c:\documents and settings\Compaq_Ejer\.oces
2010-02-20 15:45 . 2010-02-20 15:45   ————  d-sh—w-  c:\documents and settings\Compaq_Ejer\IECompatCache
2010-02-20 15:45 . 2009-08-06 18:23   274288   ——a-w-  c:\windows\system32\mucltui.dll
2010-02-20 15:44 . 2010-02-20 15:44   ————  d-sh—w-  c:\documents and settings\Compaq_Ejer\PrivacIE
2010-02-20 15:43 . 2010-02-20 15:43   ————  d-sh—w-  c:\documents and settings\Compaq_Ejer\IETldCache
2010-02-20 15:40 . 2009-12-11 08:38   69120   ———w-  c:\windows\system32\dllcache\iecompat.dll
2010-02-20 15:40 . 2010-02-20 15:40   ————  d——-w-  c:\windows\ie8updates
2010-02-20 15:40 . 2009-12-21 19:08   12800   ———w-  c:\windows\system32\dllcache\xpshims.dll
2010-02-20 15:40 . 2009-12-21 19:07   246272   ———w-  c:\windows\system32\dllcache\ieproxy.dll
2010-02-20 15:38 . 2010-02-20 15:39   ————  dc-h—w-  c:\windows\ie8
2010-02-20 15:31 . 2006-06-29 12:07   14048   ———w-  c:\windows\system32\spmsg2.dll
2010-02-20 15:11 . 2010-02-20 15:11   ————  d——-w-  c:\programmer\Microsoft Silverlight
2010-02-20 15:06 . 2010-02-20 15:31   ————  d——-w-  c:\windows\system32\XPSViewer
2010-02-20 15:06 . 2010-02-20 15:06   ————  d——-w-  c:\programmer\MSBuild
2010-02-20 15:06 . 2010-02-20 15:06   ————  d——-w-  c:\programmer\Reference Assemblies
2010-02-20 15:06 . 2008-07-06 12:06   89088   ——a-w-  c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-02-20 15:05 . 2008-07-06 12:06   117760   ———w-  c:\windows\system32\prntvpt.dll
2010-02-20 15:05 . 2010-02-20 15:06   ————  d——-w-  C:\b5545a49a9a93004512f604f561f
2010-02-20 15:05 . 2008-07-06 12:06   89088   ———w-  c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-20 15:05 . 2008-07-06 12:06   575488   ———w-  c:\windows\system32\xpsshhdr.dll
2010-02-20 15:05 . 2008-07-06 12:06   575488   ———w-  c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-20 15:05 . 2008-07-06 12:06   1676288   ———w-  c:\windows\system32\xpssvcs.dll
2010-02-20 15:05 . 2008-07-06 12:06   1676288   ———w-  c:\windows\system32\dllcache\xpssvcs.dll
2010-02-20 15:05 . 2008-07-06 10:50   597504   ———w-  c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-02-20 15:05 . 2008-07-06 10:50   597504   ———w-  c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-20 14:40 . 2009-12-31 15:33   13824   ———w-  c:\windows\system32\dllcache\ieudinit.exe
2010-02-20 14:40 . 2009-12-21 19:07   594432   ———w-  c:\windows\system32\dllcache\msfeeds.dll
2010-02-20 14:40 . 2009-12-21 19:07   55296   ———w-  c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-20 14:40 . 2009-12-21 19:07   1985536   ———w-  c:\windows\system32\dllcache\iertutil.dll

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-04 13:43 . 2010-03-04 13:43   0   —-ha-w-  c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-03-01 20:14 . 2004-12-03 11:32   84224   ——a-w-  c:\windows\system32\perfc006.dat
2010-03-01 20:14 . 2004-12-03 11:32   460698   ——a-w-  c:\windows\system32\perfh006.dat
2010-02-24 17:19 . 2010-02-20 16:05   ————  d——-w-  c:\documents and settings\Compaq_Ejer\Application Data\ZoomBrowser EX
2010-02-20 17:12 . 2004-12-03 11:23   ————  d——-w-  c:\programmer\Onlinetjenester
2010-02-20 17:11 . 2004-12-03 11:25   ————  d——-w-  c:\programmer\microsoft frontpage
2010-02-20 17:10 . 2005-02-01 21:51   ————  d——-w-  c:\programmer\Fælles filer\Tjenester
2010-02-20 17:09 . 2010-02-20 08:29   ————  d——-w-  c:\programmer\Fælles filer\InstallShield
2010-02-20 17:08 . 2010-02-20 08:29   ————  d——-w-  c:\programmer\ATI Technologies
2010-02-20 16:38 . 2010-02-20 16:38   118784   ——a-w-  c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-02-20 16:38 . 2010-02-20 16:38   118784   ——a-w-  c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-02-20 16:38 . 2010-02-20 16:38   118784   ——a-w-  c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-02-20 16:38 . 2010-02-20 16:38   300616   ——a-w-  c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-02-20 16:38 . 2010-02-20 16:38   118784   ——a-w-  c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-02-20 16:38 . 2010-02-20 16:38   118784   ——a-w-  c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-02-20 16:38 . 2010-02-20 16:38   118784   ——a-w-  c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-02-20 16:38 . 2010-02-20 16:38   329312   ——a-w-  c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-02-20 16:38 . 2010-02-20 16:37   ————  d——-w-  c:\programmer\real
2010-02-20 16:37 . 2010-02-20 16:37   ————  d——-w-  c:\programmer\Fælles filer\xing shared
2010-02-20 16:37 . 2003-03-18 19:14   499712   ——a-w-  c:\windows\system32\msvcp71.dll
2010-02-20 16:37 . 2003-02-21 03:42   348160   ——a-w-  c:\windows\system32\msvcr71.dll
2010-02-20 16:01 . 2010-02-20 11:59   ————  d——-w-  c:\programmer\Canon
2010-02-20 14:18 . 2004-12-03 11:24   81759   ——a-w-  c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-20 14:06 . 2010-02-20 10:21   140   ——a-w-  c:\documents and settings\Compaq_Ejer\Lokale indstillinger\Application Data\fusioncache.dat
2010-02-20 11:59 . 2010-02-20 11:59   ————  d—h—w-  c:\documents and settings\All Users\Application Data\CanonBJ
2010-02-20 11:06 . 2010-02-20 08:29   ————  d—h—w-  c:\programmer\InstallShield Installation Information
2010-02-20 10:21 . 2010-02-20 10:21   1838   —sha-r-  c:\windows\system32\drivers\103C_HP_CPC_RF147AA-UUW SR1939SC EL630_YC_0Pres_QCZB625_E63DKheREA1_48_IAMETHYST-M_SMSI_V1.0_B3.48_T060324_WXH2_L406_M1983_J160_7AMD_8Athlon 64_92.19_#100220_N10EC8139_Z_G10025954_OTSSTcorp CD DVDW TS-H552D.MRK
2010-02-20 08:46 . 2010-02-20 08:46   45056   ——a-w-  c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\uninstallUI\eHelpSetup.exe
2010-02-20 08:46 . 2010-02-20 08:46   61440   ——a-w-  c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemutil.dll
2010-02-20 08:46 . 2010-02-20 08:46   44032   ——a-w-  c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Scripts\devcon.exe
2010-02-20 08:46 . 2010-02-20 08:46   40960   ——a-w-  c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\ScDmi.dll
2010-02-20 08:46 . 2010-02-20 08:46   341048   ——a-w-  c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\HPBasicDetection3.dll
2010-02-20 08:46 . 2010-02-20 08:46   32768   ——a-w-  c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\uploadHSC.dll
2010-02-20 08:46 . 2010-02-20 08:46   32768   ——a-w-  c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\Scom.dll
2010-02-20 08:46 . 2010-02-20 08:46   217088   ——a-w-  c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
2010-02-20 08:46 . 2010-02-20 08:46   163840   ——a-w-  c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemcheck.dll
2009-12-31 16:50 . 2010-02-20 16:08   353792   ——a-w-  c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2010-02-20 16:10   916480   ——a-w-  c:\windows\system32\wininet.dll
2009-12-17 07:41 . 2010-02-20 16:06   344576   ——a-w-  c:\windows\system32\mspaint.exe
2009-12-14 07:09 . 2010-02-20 16:01   33280   ——a-w-  c:\windows\system32\csrsrv.dll
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“DynAdvance Notifier”=“c:\programmer\DynAdvance\DynAdvance Notifier\MailNotifier.Exe” [2009-04-17 335872]
“swg”=“c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2010-02-20 39408]
“Google Update”=“c:\documents and settings\Compaq_Ejer\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe” [2010-03-05 135664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“Recguard”=“c:\windows\SMINST\RECGUARD.EXE” [2005-07-22 237568]
“HPBootOp”=“c:\programmer\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe” [2006-02-15 249856]
“HP Software Update”=“c:\programmer\HP\HP Software Update\HPwuSchd2.exe” [2005-02-16 49152]
“hcenter”=“c:\programmer\Support.com\bin\tgcmd.exe” [2005-04-08 1757184]
“Easy-PrintToolBox”=“c:\programmer\Canon\Easy-PrintToolBox\BJPSMAIN.EXE” [2004-01-14 409600]
“Google Quick Search Box”=“c:\programmer\Google\Quick Search Box\GoogleQuickSearchBox.exe” [2010-02-20 126976]
“IE Privacy Keeper”=“c:\programmer\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe” [2005-12-03 1015808]
“TkBellExe”=“c:\programmer\Fælles filer\Real\Update_OB\realsched.exe” [2010-02-20 202256]
“EvtMgr6”=“c:\programmer\Logitech\SetPointP\SetPoint.exe” [2010-01-27 1312848]
“AVP”=“c:\programmer\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe” [2009-10-20 340456]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2008-04-14 15360]

c:\documents and settings\Compaq_Ejer\Menuen Start\Programmer\Start\
PopTray.lnk - c:\programmer\PopTray\PopTray.exe [2006-5-6 1666048]
Secunia PSI.lnk - c:\programmer\Secunia\PSI\psi.exe [2009-8-21 900816]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-01-29 21:17   64592   ——a-w-  c:\programmer\Fælles filer\LogiShrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@=“Driver”

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
“DisableMonitoring”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
“DisableMonitoring”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
“DisableMonitoring”=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
“EnableFirewall”= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\\system32\\sessmgr.exe”=
“%windir%\\Network Diagnostic\\xpnetdiag.exe”=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [14-10-2009 20:18 36880]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [14-09-2009 13:42 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [02-10-2009 18:39 19472]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [17-06-2009 13:20 12648]
S1 SASDIFSV;SASDIFSV;\??\c:\docume~1\COMPAQ~1\LOKALE~1\Temp\SAS_SelfExtract\SASDIFSV.SYS—> c:\docume~1\COMPAQ~1\LOKALE~1\Temp\SAS_SelfExtract\SASDIFSV.SYS [?]
S1 SASKUTIL;SASKUTIL;\??\c:\docume~1\COMPAQ~1\LOKALE~1\Temp\SAS_SelfExtract\SASKUTIL.sys—> c:\docume~1\COMPAQ~1\LOKALE~1\Temp\SAS_SelfExtract\SASKUTIL.sys [?]
S2 gupdate;Tjenesten Google Update (gupdate);c:\programmer\Google\Update\GoogleUpdate.exe [20-02-2010 13:21 135664]
S3 SASENUM;SASENUM;\??\c:\docume~1\COMPAQ~1\LOKALE~1\Temp\SAS_SelfExtract\SASENUM.SYS—> c:\docume~1\COMPAQ~1\LOKALE~1\Temp\SAS_SelfExtract\SASENUM.SYS [?]
.
Indhold af mappen ‘Planlagte Opgaver’

2010-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-02-20 12:21]

2010-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-02-20 12:21]

2010-03-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2592033995-3271523575-1792289398-1008Core.job
- c:\documents and settings\Compaq_Ejer\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe [2010-03-05 11:21]

2010-03-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2592033995-3271523575-1792289398-1008UA.job
- c:\documents and settings\Compaq_Ejer\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe [2010-03-05 11:21]

2010-03-09 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2592033995-3271523575-1792289398-1008.job
- c:\programmer\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38]

2010-03-09 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2592033995-3271523575-1792289398-1008.job
- c:\programmer\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38]
.
.
———- Yderligere scanning———-
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DA_DK&c=63&bd=PRESARIO&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DA_DK&c=63&bd=PRESARIO&pf=desktop
IE: E&ksporter; til Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\programmer\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\programmer\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\programmer\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\programmer\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Føj til Anti-Banner - c:\programmer\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
IE: Google Sidewiki ... - c:\programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
DPF: {9DF01F00-08E7-4DBE-9070-94841463B3FE} - hxxps://danid.dk/csp/authenticode/csp.exe
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-09 22:18
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
——————————- DLLs startet under kørende Processer——————————-

- - - - - - - > ‘winlogon.exe’(1056)
c:\windows\system32\Ati2evxx.dll
c:\programmer\fælles filer\logishrd\bluetooth\LBTWlgn.dll

- - - - - - - > ‘explorer.exe’(2948)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
————————————Andre kørende processer————————————
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\programmer\Java\jre6\bin\jqs.exe
c:\programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\programmer\Canon\CAL\CALMAIN.exe
c:\programmer\Fælles filer\LogiShrd\KHAL3\KHALMNPR.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Gennemført tid: 2010-03-09 22:21:28 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2010-03-09 21:21

Pre-Kørsel: 133.425.516.544 byte ledig
Post-Kørsel: 133.410.799.616 byte ledig

- - End Of File - - 9805ECA7930E665BCB520AB62C8DB0C2

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 21:56:43, on 09-03-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Programmer\HP\HP Software Update\HPwuSchd2.exe
C:\Programmer\Support.com\bin\tgcmd.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Logitech\SetPointP\SetPoint.exe
C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\Canon\CAL\CALMAIN.exe
C:\Programmer\DynAdvance\DynAdvance Notifier\MailNotifier.Exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\PopTray\PopTray.exe
C:\Programmer\Secunia\PSI\psi.exe
C:\Programmer\Fælles filer\LogiShrd\KHAL3\KHALMNPR.EXE
C:\WINDOWS\System32\alg.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Programmer\Malwarebytes’ Anti-Malware\mbam.exe
C:\Programmer\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programmer\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DA_DK&c=63&bd=PRESARIO&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DA_DK&c=63&bd=PRESARIO&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DA_DK&c=63&bd=PRESARIO&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DA_DK&c=63&bd=PRESARIO&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DA_DK&c=63&bd=PRESARIO&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DA_DK&c=63&bd=PRESARIO&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmer\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] “C:\Programmer\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe” /run
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [hcenter] “C:\Programmer\Support.com\bin\tgcmd.exe” /server /startmonitor
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programmer\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Google Quick Search Box] “C:\Programmer\Google\Quick Search Box\GoogleQuickSearchBox.exe”  /autorun
O4 - HKLM\..\Run: [IE Privacy Keeper] “C:\Programmer\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe” -startup
O4 - HKLM\..\Run: [TkBellExe] “C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe”  -osboot
O4 - HKLM\..\Run: [EvtMgr6] C:\Programmer\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [AVP] “C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe”
O4 - HKLM\..\RunOnce: [Malwarebytes’ Anti-Malware] C:\Programmer\Malwarebytes’ Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [MSMSGS] “C:\Programmer\Messenger\msmsgs.exe” /background
O4 - HKCU\..\Run: [DynAdvance Notifier] C:\Programmer\DynAdvance\DynAdvance Notifier\MailNotifier.Exe
O4 - HKCU\..\Run: [swg] “C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] “C:\Documents and Settings\Compaq_Ejer\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe” /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘LOKAL TJENESTE’)
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘NETVÆRKSTJENESTE’)
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User ‘Default user’)
O4 - Startup: Logitech . Produktregistrering.lnk = ?
O4 - Startup: PopTray.lnk = C:\Programmer\PopTray\PopTray.exe
O4 - Startup: Secunia PSI.lnk = C:\Programmer\Secunia\PSI\psi.exe
O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Føj til Anti-Banner - C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre6\bin\jp2iexp.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: &Virtuelt; tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: URL-&kontrol; - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Tilslutningshjælp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra ‘Tools’ menuitem: Tilslutningshjælp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1266669853812
O16 - DPF: {9DF01F00-08E7-4DBE-9070-94841463B3FE} (Util Class) - https://danid.dk/csp/authenticode/csp.exe
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmer\Canon\CAL\CALMAIN.exe
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programmer\Fælles filer\LogiShrd\Bluetooth\lbtserv.exe

—
End of file - 11768 bytes

Så er der lidt at kigge på hvis nogen skulle kede sig.

K.I.S påstår jo at det hele er slettet.

Men at jeg skulle få 18 heste i tiden fra afinstallering af Avast(som ikke fandt noget)/installering af K.I.S igen lyder lidt utænkeligt ?

Men hvis der virkelig er spor får den s.. kniven. 

Ups. Computeren har hele tiden kørt fint uden problemer af nogen art. ” Trojanerne” blev først fundet ved en scan med K.I.S.

Der er ikke noget at komme efter.

Hvorfor den reagerer sådan, har jeg intet bud på.

Hvorfor den reagerer sådan, har jeg intet bud på.

Natpotten

Tak for gennemgangen, og hurtig service.
Vi lader nåde gå for ret og fortsætter ufortrødent.

Lukketid

Det gør vi.