MSAvirus? I desperat behov av hjälp :p

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:23: VIRUS ALERT!, on 2008-09-05
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program\Grisoft\AVG7\avgamsvr.exe
E:\Program\DAEMON Tools\daemon.exe
E:\Program\SyncroSoft\Pos\H2O\cledx.exe
E:\Program\Grisoft\AVG7\avgupsvc.exe
E:\Program\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
E:\WINDOWS\CTHELPER.EXE
E:\WINDOWS\system32\CTXFIHLP.EXE
E:\Program\Google\Google Desktop Search\GoogleDesktop.exe
E:\Program\CyberLink\PowerDVD\PDVDServ.exe
E:\Program\Delade filer\Real\Update_OB\realsched.exe
E:\Program\Delade filer\LightScribe\LSSrvc.exe
E:\WINDOWS\RTHDCPL.EXE
E:\WINDOWS\SYSTEM32\CTXFISPI.EXE
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\system32\rundll32.exe
E:\Program\Grisoft\AVG7\avgcc.exe
E:\Program\SlySoft\CloneCD\CloneCDTray.exe
E:\Program\QuickTime\QTTask.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\Program\iTunes\iTunesHelper.exe
E:\Program\CyberLink\Shared files\RichVideo.exe
E:\Program\MSN Messenger\msnmsgr.exe
E:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
E:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe
E:\Program\Google\Google Desktop Search\GoogleDesktop.exe
E:\Program\iPod\bin\iPodService.exe
E:\Program\Mozilla Firefox\firefox.exe
E:\Program\Java\jre1.6.0_01\bin\jucheck.exe
C:\Program files\pandoramapper.Rev100\pandora.exe
C:\Program files\Jaba Mud Client\jmc.exe
E:\Program\Grisoft\AVG7\avgwb.dat
E:\Program\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php...MjI6Ojg5&lid=2
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O3 - Toolbar: gksraemq - {6134A39A-C1EA-4E6F-B6D2-9ED5D9CC03B5} - E:\WINDOWS\gksraemq.dll
O4 - HKLM\..\Run: [NVMixerTray] "E:\Program\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "E:\Program\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [H2O] E:\Program\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [C-Media Speaker Configuration] C:\PROGRA~1\C-Media\WIN_ME\Setup.exe /SPEAKER
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [UpdReg] E:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "E:\Program\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [RemoteControl] E:\Program\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [TkBellExe] "E:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] E:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] E:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [a8044330] rundll32.exe "E:\WINDOWS\system32\rrrlwpxa.dll",b
O4 - HKLM\..\Run: [BM7747c4c3] Rundll32.exe "E:\WINDOWS\system32\sapmaooo.dll",s
O4 - HKLM\..\Run: [AVG7_CC] E:\Program\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CloneCDTray] "E:\Program\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O4 - HKLM\..\Run: [ggggggggggggggggggggggggggggggggg
gggggggggggggggg gggggggggggggggggggggggggggggggggggggggexe] gggggggggggggggggggggggggggggggggggggggggggggggggg gg
ggggggggggggggggggggggggggggggggggggggggggggggg ggggggggexe
O4 - HKCU\..\Run: [msnmsgr] "E:\Program\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] E:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ggggggggggggggggggggggggggggggggg
gggggggggggggggg gggggggggggggggggggggggggggggggggggggggexe] gggggggggggggggggggggggggggggggggggggggggggggggggg gg
ggggggggggggggggggggggggggggggggggggggggggggggg ggggggggexe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] E:\Program\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://E:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Program\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Program\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program\Messenger\msmsgs.exe
O20 - AppInit_DLLs: E:\Program\Google\GOOGLE~1\GOEC62~1.DLL iwihem.dll
O21 - SSODL: dgksvbpn - {137833B6-6E01-4F33-8D10-954F9FF4EC4A} - E:\WINDOWS\dgksvbpn.dll
O21 - SSODL: xrdwbfgn - {7BA12B55-4272-450F-A329-FBB504F6385E} - E:\WINDOWS\xrdwbfgn.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - E:\Program\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - E:\Program\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O23 - Service: GoogleDesktopManager - Google - E:\Program\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - E:\Program\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - E:\Program\Delade filer\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - E:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - E:\Program\CyberLink\Shared files\RichVideo.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - E:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O24 - Desktop Component 0: Privacy Protection - file:///E:\WINDOWS\privacy_danger\index.htm

--
End of file - 8460 bytes

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:51:24, on 2008-09-05
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\Program\DAEMON Tools\daemon.exe
E:\Program\SyncroSoft\Pos\H2O\cledx.exe
E:\Program\Java\jre1.6.0_01\bin\jusched.exe
E:\WINDOWS\CTHELPER.EXE
E:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\WINDOWS\system32\CTXFIHLP.EXE
E:\Program\Grisoft\AVG7\avgamsvr.exe
E:\Program\Google\Google Desktop Search\GoogleDesktop.exe
E:\WINDOWS\SYSTEM32\CTXFISPI.EXE
E:\Program\CyberLink\PowerDVD\PDVDServ.exe
E:\Program\Delade filer\Real\Update_OB\realsched.exe
E:\WINDOWS\RTHDCPL.EXE
E:\Program\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe
E:\Program\Delade filer\LightScribe\LSSrvc.exe
E:\Program\Grisoft\AVG7\avgcc.exe
E:\Program\SlySoft\CloneCD\CloneCDTray.exe
E:\Program\QuickTime\QTTask.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\Program\iTunes\iTunesHelper.exe
E:\Program\CyberLink\Shared files\RichVideo.exe
E:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
E:\Program\MSN Messenger\msnmsgr.exe
E:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe
E:\Program\Google\Google Desktop Search\GoogleDesktop.exe
E:\Program\iPod\bin\iPodService.exe
E:\Program\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [NVMixerTray] "E:\Program\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "E:\Program\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [H2O] E:\Program\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [C-Media Speaker Configuration] C:\PROGRA~1\C-Media\WIN_ME\Setup.exe /SPEAKER
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [UpdReg] E:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "E:\Program\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [RemoteControl] E:\Program\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [TkBellExe] "E:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] E:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] E:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG7_CC] E:\Program\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CloneCDTray] "E:\Program\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O4 - HKCU\..\Run: [msnmsgr] "E:\Program\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] E:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] E:\Program\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://E:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Program\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Program\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program\Messenger\msmsgs.exe
O20 - AppInit_DLLs: E:\Program\Google\GOOGLE~1\GOEC62~1.DLL iwihem.dll
O20 - Winlogon Notify: !SASWinLogon - E:\Program\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: ssqpqpo - ssqpqpo.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - E:\Program\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - E:\Program\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O23 - Service: GoogleDesktopManager - Google - E:\Program\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - E:\Program\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - E:\Program\Delade filer\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - E:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - E:\Program\CyberLink\Shared files\RichVideo.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - E:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 7384 bytes