Hej, og velkommmen til

Genstart i “Fejlsikret med Netværk” (Tryk F8 flere gange under opstart)

Hent så disse filer.

Klik på dem flere gange, til en af dem virker.

Rkill.com - http://download.bleepingcomputer.com/grinler/rkill.com
Rkill.scr - http://download.bleepingcomputer.com/grinler/rkill.scr
http://download.bleepingcomputer.com/grinler/iExplore.exe (Omdøbt rkill)
http://download.bleepingcomputer.com/grinler/eXplorer.exe (Omdøbt rkill)
http://download.bleepingcomputer.com/grinler/WiNlOgOn.exe (Omdøbt rkill)
http://download.bleepingcomputer.com/grinler/uSeRiNiT.exe (Omdøbt rkill)

———

Hent “Malwarebytes’ Anti-Malware” her

eller her

Installer og start programmet, klik på fanen opdater, klik Tjek for opdatering, lav “Fuld system skan” under fanebladet “skanner”
Bagefter klik på “vis resultater”, tryk på “Fjern det valgte” gem loggen og send den herind sammen med en log fra DDS.

Den laver to logs,(DDS.txt og Attach.txt) gem dem på skrivebordet og kopier indholdet af DDS.txt herind.

OBS - DDS skal gemmes på computeren og ikke køres fra nettet.

Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator.

NB Når du opdaterer Malwarebytes, så klik på Tjek for opdatering til den skriver at der ikke er flere opdateringer.

———

Jeg vil gerne se: (Lavet i den rækkefølge)

1. Log fra Malwarebytes. (Opdateret)

2. Logs fra DDS. (DDS.txt og Attach.txt)

Tak jeg prøver lige…

Fint

Slettet

Hej Igen så er jeg nået til et resultat.
Håber at det er ok..

.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.7601.17514
Run by Natasja at 16:53:45 on 2012-01-26
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.45.1033.18.2039.1323 [GMT 1:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: BullGuard Antivirus *Disabled/Outdated* {504FFF66-3028-EB7E-2E60-62B19ADD791C}
SP: BullGuard Antispyware *Disabled/Outdated* {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
FW: BullGuard Firewall *Disabled* {68747E43-7A47-EA26-053F-CB84640E3E67}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\SvcHost.exe -k BullGuard_Main
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Lavasoft\Ad-Aware\AWSC.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2653012
uURLSearchHooks: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - c:\program files\veoh_web_player\prxtbVeo0.dll
mURLSearchHooks: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - c:\program files\veoh_web_player\prxtbVeo0.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - c:\program files\veoh_web_player\prxtbVeo0.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: BullGuard Safe Browsing: {fc872b94-35e3-4b94-b028-184a2a1c7cce} - c:\program files\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIEBHO.dll
TB: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - c:\program files\veoh_web_player\prxtbVeo0.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [msnmsgr] “c:\program files\windows live\messenger\msnmsgr.exe” /background
uRun: [swg] “c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe”
uRun: [VeohPlugin] “c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe”
uRun: [FileHippo.com] “c:\program files\filehippo.com\UpdateChecker.exe” /background
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [BullGuard] “c:\program files\bullguard ltd\bullguard\BullGuard.exe” -boot
mRun: [SunJavaUpdateSched] “c:\program files\common files\java\java update\jusched.exe”
mRun: [Adobe ARM] “c:\program files\common files\adobe\arm\1.0\AdobeARM.exe”
mRunOnce: [GrpConv] grpconv -o
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes’ anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\users\natasja\appdata\roaming\micros~1\windows\startm~1\programs\startup\e31ef1~1.lnk - c:\windows\system32\rundll32.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\e31ef1~1.lnk - c:\windows\system32\rundll32.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIE.dll
LSP: c:\windows\system32\BGLsp.dll
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 212.242.40.3 212.242.40.51
TCP: Interfaces\{3C57F478-AAD3-4515-95AC-12A2A8F88FFC} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{3C57F478-AAD3-4515-95AC-12A2A8F88FFC}\369726562736964797 : DhcpNameServer = 192.168.1.2
TCP: Interfaces\{9C9BB342-B203-4DF4-B245-443F8685F1B5} : DhcpNameServer = 212.242.40.3 212.242.40.51
Handler: bglink - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - c:\program files\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIEBHO.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: BgGamingMonitor.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2012-1-24 64512]
R1 AFW;Agnitum Firewall Driver;c:\windows\system32\drivers\afw.sys [2010-10-12 34920]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
S1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [2011-3-12 61152]
S1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\drivers\NSKernel.sys [2011-3-22 215624]
S1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\drivers\NSNetmon.sys [2011-3-22 20040]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
S3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2010-10-12 328296]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-2-18 39272]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-12-23 15232]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-26 20464]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-3-20 15872]
S3 SynMini;USB2.0 1.3M Web Cam;c:\windows\system32\drivers\SynMini.sys [2006-4-19 899712]
S3 SynScan;USB2.0 1.3M Web Cam Still Image;c:\windows\system32\drivers\SynScan.sys [2006-4-19 9216]
SUnknown TsUsbFlt;TsUsbFlt; [x]
SUnknown tsusbhub;tsusbhub; [x]
.
=============== Created Last 30 ================
.
2012-01-26 14:55:37   ————  d——-w-  c:\users\natasja\appdata\roaming\Malwarebytes
2012-01-26 14:55:26   ————  d——-w-  c:\programdata\Malwarebytes
2012-01-26 14:55:25   20464   ——a-w-  c:\windows\system32\drivers\mbam.sys
2012-01-26 14:55:25   ————  d——-w-  c:\program files\Malwarebytes’ Anti-Malware
2012-01-25 20:39:20   ————  d——-w-  c:\program files\FileHippo.com
2012-01-25 16:53:22   101720   ——a-w-  c:\windows\system32\drivers\SBREDrv.sys
2012-01-25 16:46:07   ————  d——-w-  c:\users\natasja\flash
2012-01-25 16:42:26   ————  d——-w-  c:\users\natasja\appdata\local\Sunbelt Software
2012-01-25 15:44:10   ————  d——-w-  c:\users\natasja\appdata\local\{356100A5-B200-4B68-8F3A-C8A1CEE2B070}
2012-01-24 21:13:43   ————  d——-w-  c:\users\natasja\appdata\local\{3C7EE649-77E8-4616-92F0-4258B09B72A1}
2012-01-24 21:02:56   ————  d——-w-  c:\users\natasja\appdata\local\{1279FCBE-20EA-4636-AED2-BBF60ED462BF}
2012-01-24 19:53:23   4970   —-ha-w-  C:\aaw7boot.cmd
2012-01-24 12:02:50   64512   ——a-w-  c:\windows\system32\drivers\Lbd.sys
2012-01-24 12:02:34   ————  d——-w-  c:\program files\Lavasoft
2012-01-23 13:03:19   ————  d——-w-  c:\users\natasja\appdata\local\{A684BF34-DF39-4105-9EE2-5E345655542D}
2012-01-23 10:57:42   ————  d——-w-  c:\users\natasja\appdata\local\{1046E4B2-57F6-4719-9AA9-C87588C58B1E}
2012-01-23 10:53:29   ————  d——-w-  c:\users\natasja\appdata\local\{0533B511-291E-49CA-9978-4EBA643DDBC4}
2012-01-23 10:47:44   ————  d——-w-  c:\users\natasja\appdata\local\{E6387237-DCFC-4C7F-8BC0-F1D48385445A}
2012-01-22 13:54:59   ————  d——-w-  c:\users\natasja\appdata\local\{CE81C7B4-8804-4028-AD0B-72D33753AA1B}
2012-01-22 13:54:00   ————  d——-w-  c:\users\natasja\appdata\local\{09187F58-379E-438A-AB03-CA21C8593941}
2012-01-22 10:18:29   ————  d——-w-  c:\users\natasja\appdata\local\{D752F7B9-7B96-4187-B0D1-90A204EA4A54}
2012-01-21 12:51:39   ————  d——-w-  c:\users\natasja\appdata\local\{B24DB3FA-15F8-4133-9124-2DCC33909DB3}
2012-01-21 12:50:38   ————  d——-w-  c:\users\natasja\appdata\local\{9C136089-EBF9-4198-A1BB-18E4CF3DB361}
2012-01-20 14:18:27   224768   ——a-w-  c:\windows\system32\schannel.dll
2012-01-20 14:18:27   134000   ——a-w-  c:\windows\system32\drivers\ksecpkg.sys
2012-01-20 14:18:27   1038848   ——a-w-  c:\windows\system32\lsasrv.dll
2012-01-20 14:18:26   67440   ——a-w-  c:\windows\system32\drivers\ksecdd.sys
2012-01-20 14:18:26   369352   ——a-w-  c:\windows\system32\drivers\cng.sys
2012-01-20 14:18:26   314880   ——a-w-  c:\windows\system32\webio.dll
2012-01-20 14:18:26   22528   ——a-w-  c:\windows\system32\lsass.exe
2012-01-20 14:18:25   22016   ——a-w-  c:\windows\system32\secur32.dll
2012-01-20 14:18:25   15872   ——a-w-  c:\windows\system32\sspisrv.dll
2012-01-20 14:18:25   100352   ——a-w-  c:\windows\system32\sspicli.dll
2012-01-20 13:41:59   6823496   ——a-w-  c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2012-01-20 13:41:05   6557240   ——a-w-  c:\programdata\microsoft\windows defender\definition updates\{6106715a-1607-4f20-b0a4-303e342f0a8a}\mpengine.dll
2012-01-20 13:35:15   ————  d——-w-  c:\users\natasja\appdata\local\{6FB008E5-D9C3-4DAF-8BAC-5BB82E87E259}
2012-01-20 13:34:39   ————  d——-w-  c:\users\natasja\appdata\local\{D895E1EB-3831-4FD3-B350-BC753BF34A24}
2012-01-19 20:04:16   222080   ———w-  c:\windows\system32\MpSigStub.exe
2012-01-19 14:24:24   ————  d——-w-  c:\users\natasja\appdata\local\App
2012-01-19 14:12:46   ————  d——-w-  c:\users\natasja\appdata\local\{08238FF9-A2C2-4DAA-8C26-1CE839948B78}
2012-01-19 14:12:35   ————  d——-w-  c:\users\natasja\appdata\local\{7060CC57-5027-41DB-91DB-A21446E2C78A}
2012-01-18 14:00:29   ————  d——-w-  c:\users\natasja\appdata\local\{520F62EB-7826-4B7B-B93B-8788B7CB4BF1}
2012-01-18 14:00:12   ————  d——-w-  c:\users\natasja\appdata\local\{0D6C511E-8058-46CF-934B-215964AD6F59}
2012-01-17 12:37:34   ————  d——-w-  c:\users\natasja\appdata\local\{4C8FDF71-BABD-4CB7-A910-E51F31CA7F76}
2012-01-17 12:37:19   ————  d——-w-  c:\users\natasja\appdata\local\{F7FDD3AA-A0E2-4517-8445-863E6D4E30C8}
2012-01-16 14:20:31   ————  d——-w-  c:\users\natasja\appdata\local\{8FCA043C-8F64-48DA-B513-9E1B70EF9BA7}
2012-01-16 14:20:17   ————  d——-w-  c:\users\natasja\appdata\local\{F6294E55-893F-4188-A145-8320A61755E5}
2012-01-15 13:51:15   ————  d——-w-  c:\users\natasja\appdata\local\{9F04B7BB-6FC9-4729-B3D7-7936DD00B2F7}
2012-01-15 13:50:44   ————  d——-w-  c:\users\natasja\appdata\local\{985E9278-BA7D-4D60-87E7-ED0C64572B9D}
2012-01-14 13:05:38   ————  d——-w-  c:\users\natasja\appdata\local\{F6895E40-BEEE-4232-8CDD-04187FA9D1B9}
2012-01-14 13:05:09   ————  d——-w-  c:\users\natasja\appdata\local\{1A9B9455-6E57-4357-B1CA-AF542079EDF4}
2012-01-13 14:03:14   ————  d——-w-  c:\users\natasja\appdata\local\{D60FD06B-1655-43EC-AED7-E0B6C921C4CF}
2012-01-13 14:03:01   ————  d——-w-  c:\users\natasja\appdata\local\{0E6BAC05-C02F-497F-8081-A1C218856348}
2012-01-12 14:00:49   ————  d——-w-  c:\users\natasja\appdata\local\{8AB505C5-A11F-4A06-AD5C-239D92E7FDFA}
2012-01-12 14:00:31   ————  d——-w-  c:\users\natasja\appdata\local\{BA4CA302-A918-4BC2-8EF1-485CCD971B69}
2012-01-11 15:07:06   1288472   ——a-w-  c:\windows\system32\ntdll.dll
2012-01-11 15:06:58   67072   ——a-w-  c:\windows\system32\packager.dll
2012-01-11 15:06:53   1328128   ——a-w-  c:\windows\system32\quartz.dll
2012-01-11 15:06:52   514560   ——a-w-  c:\windows\system32\qdvd.dll
2012-01-11 14:53:28   ————  d——-w-  c:\users\natasja\appdata\local\{B3756137-00F5-4024-864B-BE2724D6023A}
2012-01-11 14:53:13   ————  d——-w-  c:\users\natasja\appdata\local\{BFCE6C2C-2C5C-4B6A-8A84-88B44687A679}
2012-01-10 14:33:48   ————  d——-w-  c:\users\natasja\appdata\local\{E74E0DB1-147D-4171-AED8-750707362C33}
2012-01-10 14:33:19   ————  d——-w-  c:\users\natasja\appdata\local\{613CF51A-1AAE-4D26-A56D-6AAE3AD98433}
2012-01-08 12:06:06   ————  d——-w-  c:\users\natasja\appdata\local\{D3324E5B-61EA-4C3B-AE67-BEEB2ACC8F2D}
2012-01-08 12:05:38   ————  d——-w-  c:\users\natasja\appdata\local\{995A6F5A-C641-436D-8AB3-03B10E4C9DB4}
2012-01-07 13:39:54   ————  d——-w-  c:\users\natasja\appdata\local\{48C1183F-E397-4387-AC06-691D66A9A5DA}
2012-01-07 13:39:10   ————  d——-w-  c:\users\natasja\appdata\local\{C9527D34-2F31-4568-9E52-2DE191B5E2B4}
2012-01-06 15:39:16   100184   ——a-w-  c:\windows\system32\BgGamingMonitor.dll
2012-01-06 15:36:23   ————  d——-w-  c:\users\natasja\appdata\local\{454486AD-95CF-4D64-AB8D-967DAEAEDC2D}
2012-01-06 15:35:58   ————  d——-w-  c:\users\natasja\appdata\local\{C3B2B2E3-AB2D-4C6E-99F4-32E3CDA92CAB}
2012-01-05 13:34:49   ————  d——-w-  c:\users\natasja\appdata\local\{E8A724D0-6BDF-4665-BD33-54713DEFCA45}
2012-01-05 13:34:21   ————  d——-w-  c:\users\natasja\appdata\local\{26C9EF69-D4C2-40E5-9B49-D6E332962FEA}
2012-01-03 14:51:42   ————  d——-w-  c:\users\natasja\appdata\local\{FC3FBFDB-AD9C-4723-A3F4-2166CB46F7AE}
2012-01-03 14:51:04   ————  d——-w-  c:\users\natasja\appdata\local\{71B677AA-C7CE-47E7-82BE-2C6BAB870292}
2012-01-02 14:58:06   ————  d——-w-  c:\users\natasja\appdata\local\{69CC0946-2E1B-4EFA-8BD0-0780D4B4FA65}
2012-01-02 14:57:53   ————  d——-w-  c:\users\natasja\appdata\local\{B0820E05-5390-4B3D-9405-CFA17ED5C4FB}
2012-01-01 13:08:45   ————  d——-w-  c:\users\natasja\appdata\local\{6367D4A7-DC89-4341-8203-8DBCD88ED26B}
2012-01-01 13:08:33   ————  d——-w-  c:\users\natasja\appdata\local\{DBC70766-1F18-4D20-BE84-57E6F2D32BC9}
2011-12-31 12:41:34   ————  d——-w-  c:\users\natasja\appdata\local\{41B7E474-1645-4CE9-86E4-99A97D5FEC53}
2011-12-31 12:41:23   ————  d——-w-  c:\users\natasja\appdata\local\{66DB2309-1754-4DA9-9517-FDDEBDB661A8}
2011-12-29 14:49:24   ————  d——-w-  c:\users\natasja\appdata\local\{18A03AE0-2FE7-4E5B-92C3-F01C48580D8D}
2011-12-29 14:49:12   ————  d——-w-  c:\users\natasja\appdata\local\{33888E2A-F765-46E4-B93A-245058AB5085}
2011-12-28 14:24:08   ————  d——-w-  c:\users\natasja\appdata\local\{4E668D79-A4F1-4A99-A628-83C38712642B}
2011-12-28 14:23:56   ————  d——-w-  c:\users\natasja\appdata\local\{7E99FDDE-A43E-4C63-A816-5729DAD0C11C}
.
==================== Find3M ====================
.
2012-01-25 16:47:55   414368   ——a-w-  c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-22 13:16:44   82776   ——a-w-  c:\windows\system32\BGLsp.dll
2011-11-24 04:25:27   2342912   ——a-w-  c:\windows\system32\win32k.sys
2011-11-05 04:35:00   981504   ——a-w-  c:\windows\system32\wininet.dll
2011-11-05 04:26:03   2048   ——a-w-  c:\windows\system32\tzres.dll
2011-11-05 02:48:51   1638912   ——a-w-  c:\windows\system32\mshtml.tlb
.
============= FINISH: 16:56:10,23 ===============

Edit: DDS log indsat.

tror den sidste manglede

kan ikke sende den sidte den melder fejl -
Fejlbesked Den fil du forsøgte at uploade har ukorrekt indhold i forhold til dens MIME type

regner med at det kan gøres sådan…
————————————————————————-
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 17-02-2011 21:30:44
System Uptime: 26-01-2012 16:52:05 (0 hours ago)
.
Motherboard: To Be Filled By O.E.M. |  | Z96FM
Processor: Intel(R) Celeron(R) M CPU     440 @ 1.86GHz | Socket 478M | 1862/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 67 GiB total, 47,3 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Basissystemenhed
Device ID: PCI\VEN_1180&DEV;_0592&SUBSYS;_13471043&REV;_0A\4&105FDB4B;&0&0BF0;
Manufacturer:
Name: Basissystemenhed
PNP Device ID: PCI\VEN_1180&DEV;_0592&SUBSYS;_13471043&REV;_0A\4&105FDB4B;&0&0BF0;
Service:
.
Class GUID:
Description: Basissystemenhed
Device ID: PCI\VEN_1180&DEV;_0843&SUBSYS;_13471043&REV;_01\4&105FDB4B;&0&0AF0;
Manufacturer:
Name: Basissystemenhed
PNP Device ID: PCI\VEN_1180&DEV;_0843&SUBSYS;_13471043&REV;_01\4&105FDB4B;&0&0AF0;
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: NovaShieldTDIDriver
Device ID: ROOT\LEGACY_NOVASHIELDTDIDRIVER\0000
Manufacturer:
Name: NovaShieldTDIDriver
PNP Device ID: ROOT\LEGACY_NOVASHIELDTDIDRIVER\0000
Service: NovaShieldTDIDriver
.
==== System Restore Points ===================
.
RP67: 23-01-2012 12:23:59 - Scheduled Checkpoint
RP68: 24-01-2012 13:00:13 - Installed Ad-Aware
RP69: 24-01-2012 13:01:49 - Installed Ad-Aware
.
==== Installed Programs ======================
.
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.0) - Dansk
Bing-værktøjslinje
BullGuard
Conduit Engine
D3DX10
FileHippo.com Update Checker
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Intel(R) Graphics Media Accelerator Driver
Java Auto Updater
Java(TM) 6 Update 24
Junk Mail filter update
Malwarebytes Anti-Malware version 1.60.0.1800
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVCRT
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
USB2.0 1.3M Web Cam
Veoh Web Player
Veoh Web Player Toolbar
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX-objekt til fjernforbindelser
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== End Of File ===========================

Vil du godt, for fremtiden, undlade at vedhæfte logs. Kopier dem ind.

Du bør afinstallere Ad-Aware, når du bruger Billguard.
Du bør også afinstallere Conduit Engine, da den har et dårligt ry.

———

Hent og gem ComboFix på dit skrivebord. <- Vigtigt

Kør så ComboFix og følg anvisningerne.

Da ComboFix kan konflikte med dine sikkerhedsprogrammer, er det vigtigt at du deaktiverer dem. <- Vigtigt

Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når ComboFix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: ComboFix.txt
Indholdet af denne fil må du gerne lægge herind.

Den kan findes her: C:\ComboFix.txt

—-

Hvordan kører PCen nu

Undskyld
Det skriver du også fattede det ikke helt - sorry

Det er noget siden sidst jeg har brugt jer ...
Det ser meget bedre ud prøver lige dine sidste forslag..

Kører comboFix nu
Har et vindue på skærmen der står administrator øverst.
i skærmen står genstarter windows ... vent venligst

Hvor længe skal man vente . det ser ikke ud til at skærm er frosset for curser blinker
og man kan da flytte på musen

Den skrv undervejs at det reparerede en system fil noget med user

Hvor lang tid har den kørt
Stop den efter ca. 90 min.

Hvis den lavede C:\ComboFix.txt, må du gerne kopiere den herind

Ja så kom den efter lidt over en time…
sådan her ser den ud ..

ComboFix 12-01-26.03 - Natasja 26-01-2012 21:17:08.1.1 - x86
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.45.1033.18.2039.1231 [GMT 1:00]
Kører fra: c:\users\Natasja\Desktop\combo\ComboFix.exe
AV: BullGuard Antivirus *Disabled/Updated* {504FFF66-3028-EB7E-2E60-62B19ADD791C}
FW: BullGuard Firewall *Disabled* {68747E43-7A47-EA26-053F-CB84640E3E67}
SP: BullGuard Antispyware *Disabled/Updated* {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\E31EF178-FE74-89C7-9714-DF220936CA82.ico
.
Inficeret kopi af c:\windows\system32\userinit.exe blev fundet og desinficeret
Genskabt kopi fra - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
.
(((((((((((((((((((((((((((((  Filer skabt fra 2011-12-26 til 2012-01-26 )))))))))))))))))))))))))))))))))))
.
.
2012-01-26 20:27 . 2012-01-26 20:42   ————  d——-w-  c:\users\Natasja\AppData\Local\temp
2012-01-26 20:27 . 2012-01-26 20:27   ————  d——-w-  c:\users\Default\AppData\Local\temp
2012-01-26 19:57 . 2012-01-26 19:57   ————  d——-w-  c:\windows\Sun
2012-01-26 19:56 . 2012-01-26 19:56   ————  d——-w-  c:\program files\Common Files\Java
2012-01-26 14:55 . 2012-01-26 14:55   ————  d——-w-  c:\users\Natasja\AppData\Roaming\Malwarebytes
2012-01-26 14:55 . 2012-01-26 14:55   ————  d——-w-  c:\programdata\Malwarebytes
2012-01-26 14:55 . 2012-01-26 14:55   ————  d——-w-  c:\program files\Malwarebytes’ Anti-Malware
2012-01-26 14:55 . 2011-12-10 14:24   20464   ——a-w-  c:\windows\system32\drivers\mbam.sys
2012-01-25 20:39 . 2012-01-25 20:39   ————  d——-w-  c:\program files\FileHippo.com
2012-01-25 16:53 . 2012-01-25 16:53   101720   ——a-w-  c:\windows\system32\drivers\SBREDrv.sys
2012-01-25 16:46 . 2012-01-25 16:46   ————  d——-w-  c:\users\Natasja\flash
2012-01-25 16:42 . 2012-01-25 16:42   ————  d——-w-  c:\users\Natasja\AppData\Local\Sunbelt Software
2012-01-24 19:53 . 2012-01-24 19:53   4970   —-ha-w-  C:\aaw7boot.cmd
2012-01-24 12:02 . 2012-01-24 12:02   ————  d——-w-  c:\program files\Lavasoft
2012-01-24 12:02 . 2012-01-26 18:35   ————  d——-w-  c:\programdata\Lavasoft
2012-01-20 14:18 . 2011-11-17 05:41   134000   ——a-w-  c:\windows\system32\drivers\ksecpkg.sys
2012-01-20 14:18 . 2011-11-17 05:34   224768   ——a-w-  c:\windows\system32\schannel.dll
2012-01-20 14:18 . 2011-11-17 05:32   1038848   ——a-w-  c:\windows\system32\lsasrv.dll
2012-01-20 14:18 . 2011-11-17 05:41   67440   ——a-w-  c:\windows\system32\drivers\ksecdd.sys
2012-01-20 14:18 . 2011-11-17 05:39   369352   ——a-w-  c:\windows\system32\drivers\cng.sys
2012-01-20 14:18 . 2011-11-17 05:35   314880   ——a-w-  c:\windows\system32\webio.dll
2012-01-20 14:18 . 2011-11-17 05:29   22528   ——a-w-  c:\windows\system32\lsass.exe
2012-01-20 14:18 . 2011-11-17 05:34   15872   ——a-w-  c:\windows\system32\sspisrv.dll
2012-01-20 14:18 . 2011-11-17 05:34   100352   ——a-w-  c:\windows\system32\sspicli.dll
2012-01-20 14:18 . 2011-11-17 05:34   22016   ——a-w-  c:\windows\system32\secur32.dll
2012-01-20 13:41 . 2012-01-06 04:19   6557240   ——a-w-  c:\programdata\Microsoft\Windows Defender\Definition Updates\{6106715A-1607-4F20-B0A4-303E342F0A8A}\mpengine.dll
2012-01-19 20:04 . 2011-11-15 13:29   222080   ———w-  c:\windows\system32\MpSigStub.exe
2012-01-19 14:24 . 2012-01-26 15:51   ————  d——-w-  c:\users\Natasja\AppData\Local\App
2012-01-11 15:07 . 2011-11-17 05:38   1288472   ——a-w-  c:\windows\system32\ntdll.dll
2012-01-11 15:06 . 2011-11-19 14:01   67072   ——a-w-  c:\windows\system32\packager.dll
2012-01-11 15:06 . 2011-10-26 04:32   1328128   ——a-w-  c:\windows\system32\quartz.dll
2012-01-11 15:06 . 2011-10-26 04:32   514560   ——a-w-  c:\windows\system32\qdvd.dll
2012-01-06 15:39 . 2012-01-06 15:38   100184   ——a-w-  c:\windows\system32\BgGamingMonitor.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-25 16:47 . 2011-06-04 16:03   414368   ——a-w-  c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-22 13:16 . 2011-12-22 13:17   82776   ——a-w-  c:\windows\system32\BGLsp.dll
2011-11-24 04:25 . 2011-12-15 13:18   2342912   ——a-w-  c:\windows\system32\win32k.sys
2011-11-10 04:54 . 2011-02-17 16:46   472808   ——a-w-  c:\windows\system32\deployJava1.dll
2011-11-05 04:35 . 2011-12-15 13:19   981504   ——a-w-  c:\windows\system32\wininet.dll
2011-11-05 04:26 . 2011-12-15 13:18   2048   ——a-w-  c:\windows\system32\tzres.dll
2011-11-05 02:48 . 2011-12-15 13:18   1638912   ——a-w-  c:\windows\system32\mshtml.tlb
.
.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
“{cd90bf73-20f6-44ef-993d-bb920303bd2e}”= “c:\program files\Veoh_Web_Player\prxtbVeo0.dll” [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{cd90bf73-20f6-44ef-993d-bb920303bd2e}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cd90bf73-20f6-44ef-993d-bb920303bd2e}]
2011-01-17 14:54   175912   ——a-w-  c:\program files\Veoh_Web_Player\prxtbVeo0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
“{cd90bf73-20f6-44ef-993d-bb920303bd2e}”= “c:\program files\Veoh_Web_Player\prxtbVeo0.dll” [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{cd90bf73-20f6-44ef-993d-bb920303bd2e}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
“{CD90BF73-20F6-44EF-993D-BB920303BD2E}”= “c:\program files\Veoh_Web_Player\prxtbVeo0.dll” [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{cd90bf73-20f6-44ef-993d-bb920303bd2e}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“swg”=“c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2011-06-04 39408]
“VeohPlugin”=“c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe” [2011-06-30 2648184]
“FileHippo.com”=“c:\program files\FileHippo.com\UpdateChecker.exe” [2010-08-09 248832]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“IgfxTray”=“c:\windows\system32\igfxtray.exe” [2009-09-24 141848]
“HotKeysCmds”=“c:\windows\system32\hkcmd.exe” [2009-09-24 173592]
“Persistence”=“c:\windows\system32\igfxpers.exe” [2009-09-24 150552]
“BullGuard”=“c:\program files\BullGuard Ltd\BullGuard\BullGuard.exe” [2011-07-08 1620824]
“Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [2012-01-03 843712]
“Malwarebytes’ Anti-Malware”=“c:\program files\Malwarebytes’ Anti-Malware\mbamgui.exe” [2011-12-24 460872]
“SunJavaUpdateSched”=“c:\program files\Common Files\Java\Java Update\jusched.exe” [2011-06-09 254696]
.
c:\users\Natasja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
E31EF178-FE74-89C7-9714-DF220936CA82.lnk - c:\windows\System32\rundll32.exe [2009-7-14 44544]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
E31EF178-FE74-89C7-9714-DF220936CA82.lnk - c:\windows\System32\rundll32.exe [2009-7-14 44544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
“AppInit_DLLs”=c:\windows\System32\BgGamingMonitor.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
“aux”=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages   REG_MULTI_SZ     kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]
@=“Service”
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]
@=“Service”
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Tjenesten Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-04 136176]
R3 BgRaSvc;BgRaSvc;c:\program files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe [2011-05-25 125784]
R3 gupdatem;Google Update Tjeneste (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-04 136176]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt; [x]
S1 AFW;Agnitum Firewall Driver;c:\windows\system32\DRIVERS\afw.sys [2010-10-12 34920]
S1 BdSpy;BdSpy;c:\windows\system32\DRIVERS\BdSpy.sys [2011-04-12 61152]
S1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\DRIVERS\NSKernel.sys [2011-05-03 215624]
S1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\DRIVERS\NSNetmon.sys [2011-05-03 20040]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 BsBhvScan;BullGuard behavioural detection service;c:\program files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [2011-12-22 338776]
S2 BsBrowser;BullGuard antiphishing service;c:\windows\System32\SvcHost.exe [2009-07-14 20992]
S2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe [2009-07-14 20992]
S2 BsFire;BullGuard firewall service;c:\windows\System32\SvcHost.exe [2009-07-14 20992]
S2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe [2009-07-14 20992]
S2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe [2009-07-14 20992]
S2 BsUpdate;BullGuard update service;c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2012-01-16 323416]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes’ Anti-Malware\mbamservice.exe [2011-12-24 652872]
S3 afwcore;afwcore;c:\windows\system32\DRIVERS\afwcore.sys [2010-10-12 328296]
S3 BsScanner;BullGuard scanning service;c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [2011-11-13 288600]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S3 SynMini;USB2.0 1.3M Web Cam;c:\windows\system32\Drivers\SynMini.sys [2006-04-19 899712]
S3 SynScan;USB2.0 1.3M Web Cam Still Image;c:\windows\system32\Drivers\SynScan.sys [2006-04-19 9216]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
BullGuard_Main   REG_MULTI_SZ     BsMain
BullGuard   REG_MULTI_SZ     BsFileScan BsMailProxy BsFire
BullGuard_LowPriv   REG_MULTI_SZ     BsBrowser
.
Indhold af mappen ‘Planlagte Opgaver’
.
2012-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-04 16:01]
.
2012-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-04 16:01]
.
.
———- Yderligere scanning———-
.
uStart Page = hxxp://www.google.dk/
LSP: c:\windows\system32\BGLsp.dll
TCP: DhcpNameServer = 212.242.40.3 212.242.40.51
.
.
——————————- LÅSTE REGISTRERINGS NØGLER——————————-
.
[HKEY_USERS\S-1-5-21-3902199236-153090283-313468241-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
“Progid”=“WindowsLiveMail.Email.1”
.
[HKEY_USERS\S-1-5-21-3902199236-153090283-313468241-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
“Progid”=“WindowsLiveMail.VCard.1”
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
“MSCurrentCountry”=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
——————————- DLLs startet under kørende Processer——————————-
.
- - - - - - - > ‘Explorer.exe’(2000)
c:\program files\BullGuard Ltd\BullGuard\spamfilter\LittleHook.dll
.
————————————Andre kørende processer————————————
.
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Gennemført tid: 2012-01-26 21:56:56 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2012-01-26 20:56
.
Pre-Kørsel: 52.033.269.760 byte ledig
Post-Kørsel: 51.946.971.136 byte ledig
.
- - End Of File - - 996BCC7E168031462D5097CC01A22C62