Rensning af computer
  MHR
Antal indlæg: 6

Jeg har haft store problemer med spyware, toolbars og det sædvanlige. Jeg har gjort alt, hvad der står i jeres guide, hvilket også hjalp en del, men jeg har stadig problemer med én ting med sikkerhed. Det drejer sig om Tango-toolbar som ikke kan fjernes.

Jeg vil blive utrolig glad, hvis I kunne hjælpe mig med dette, og jeg har derfor indsat logfilerne fra DDS (DDS + Attach). Sig endelig til, hvis I skal bruge andet fra mig.

/Mikkel

DDS:

.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by Mikkel Rønsbo at 15:39:44 on 2011-07-26
Microsoft Windows 7 Professional   6.1.7601.1.1252.45.1030.18.3892.1648 [GMT 2:00]
.
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personlig firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\AhsayACB\aua\bin\Aua.exe
C:\Program Files\AhsayACB\aua\jvm\bin\auaJW.exe
C:\Program Files\AhsayACB\bin\CDPService64.exe
C:\Program Files\AhsayACB\bin\CDPService64.exe
C:\Windows\system32\conhost.exe
C:\Program Files\AhsayACB\bin\Scheduler.exe
C:\Program Files\AhsayACB\jvm\bin\bschJW.exe
C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files (x86)\Xobni\XobniService.exe
C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\AhsayACB\bin\SystemTray64.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Mikkel Rønsbo\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe
C:\Program Files (x86)\Microsoft Online Services\Sign In\SignIn.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\ThinkPad\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
C:\Users\Mikkel Rønsbo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mikkel Rønsbo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Mikkel Rønsbo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mikkel Rønsbo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mikkel Rønsbo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\Program Files (x86)\Lenovo\System Update\SUService.exe
C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Users\Mikkel Rønsbo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mikkel Rønsbo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Secunia\PSI\PSI_TRAY.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\360Share Pro\Gui\360SharePro.exe
C:\Program Files (x86)\360Share Pro\jre\bin\javaw.exe
C:\Users\Mikkel Rønsbo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mikkel Rønsbo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Mikkel Rønsbo\Desktop\SWF\dds.scr
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = politiken.dk
uDefault_Page_URL = hxxp://lenovo.msn.com
uSearch Bar = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
BHO: Hjælp til tilmelding til Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: IePasswordManagerHelper Class: {bf468356-bb7e-42d7-9f15-4f3b9bcfced2} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - Yontoo Layers
TB: &Windows; Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB: {9565115D-C7D6-46D3-BD63-B67B481A4368} - No File
uRun: [swg] “C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
uRun: [Google Update] “C:\Users\Mikkel Rønsbo\AppData\Local\Google\Update\GoogleUpdate.exe” /c
uRun: [Facebook Update] “C:\Users\Mikkel Rønsbo\AppData\Local\Facebook\Update\FacebookUpdate.exe” /c /nocrashserver
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
mRun: [IMSS] “C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe”
mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
mRun: [Message Center Plus] C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe /start
mRun: [Adobe Reader Speed Launcher] “C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe”
mRun: [Adobe ARM] “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [QuickTime Task] “C:\Program Files (x86)\QuickTime\QTTask.exe” -atboottime
mRun: [Communicator] “C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe” /fromrunkey
mRun: [SignIn] “C:\Program Files (x86)\Microsoft Online Services\Sign In\SignIn.exe” /autorun
mRun: [OBASystemTray] “C:\Program Files\AhsayACB\bin\SystemTray64.exe”
mRun: [iTunesHelper] “C:\Program Files (x86)\iTunes\iTunesHelper.exe”
dRun: [OBASystemTray] “C:\Program Files\AhsayACB\bin\SystemTray64.exe”
StartupFolder: C:\Users\MIKKEL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SKRMKL~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\ThinkPad\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&ksporter; til Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki ... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: S&end; til OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send billede til &Bluetooth;-enhed… - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send siden til &Bluetooth;-enhed… - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
Trusted Zone: portalbank.dk\www
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.50.1 194.239.134.83 193.162.153.164
TCP: Interfaces\{5D9109B2-9A5D-4F1F-8C20-2A9052A98EA9} : DhcpNameServer = 192.168.50.1 194.239.134.83 193.162.153.164
TCP: Interfaces\{5D9109B2-9A5D-4F1F-8C20-2A9052A98EA9}\24F4B43554E4 : DhcpNameServer = 193.104.135.2 193.104.135.6
TCP: Interfaces\{5D9109B2-9A5D-4F1F-8C20-2A9052A98EA9}\35D434 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{5D9109B2-9A5D-4F1F-8C20-2A9052A98EA9}\449647475602C497377616162746026596E6463702960586F6E656 : DhcpNameServer = 80.251.201.177 80.251.201.178
TCP: Interfaces\{5D9109B2-9A5D-4F1F-8C20-2A9052A98EA9}\D696B6B656C6273702960586F6E656 : DhcpNameServer = 80.251.201.177 80.251.201.178
TCP: Interfaces\{6EDE2A9E-7A6E-4EEE-BDA0-B1BC1E418937} : DhcpNameServer = 80.251.201.177 80.251.201.178
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
LSA: Notification Packages = scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}
{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
{21FA44EF-376D-4D53-9B0F-8A89D3229068}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
TB-X64: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB-X64: {9565115D-C7D6-46D3-BD63-B67B481A4368} - No File
mRun-x64: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
mRun-x64: [IMSS] “C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe”
mRun-x64: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
mRun-x64: [Message Center Plus] C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe /start
mRun-x64: [Adobe Reader Speed Launcher] “C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe”
mRun-x64: [Adobe ARM] “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [QuickTime Task] “C:\Program Files (x86)\QuickTime\QTTask.exe” -atboottime
mRun-x64: [Communicator] “C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe” /fromrunkey
mRun-x64: [SignIn] “C:\Program Files (x86)\Microsoft Online Services\Sign In\SignIn.exe” /autorun
mRun-x64: [OBASystemTray] “C:\Program Files\AhsayACB\bin\SystemTray64.exe”
mRun-x64: [iTunesHelper] “C:\Program Files (x86)\iTunes\iTunesHelper.exe”
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
Hosts: 192.168.60.5 rpserver.rpdomain.local
Hosts: 192.168.60.5 rpserver
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mikkel Rønsbo\AppData\Roaming\Mozilla\Firefox\Profiles\2izdd2m9.default\
.
============= SERVICES / DRIVERS ===============
.
R0 DzHDD64;DzHDD64;C:\Windows\system32\DRIVERS\DzHDD64.sys—> C:\Windows\system32\DRIVERS\DzHDD64.sys [?]
R0 TPDIGIMN;TPDIGIMN;C:\Windows\system32\DRIVERS\ApsHM64.sys—> C:\Windows\system32\DRIVERS\ApsHM64.sys [?]
R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\system32\DRIVERS\smiifx64.sys—> C:\Windows\system32\DRIVERS\smiifx64.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-12 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys—> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-5-4 128384]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys—> C:\Windows\system32\DRIVERS\eamonm.sys [?]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-1-12 810144]
R2 epfwwfp;epfwwfp;C:\Windows\system32\DRIVERS\epfwwfp.sys—> C:\Windows\system32\DRIVERS\epfwwfp.sys [?]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2010-9-9 50536]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2010-4-23 45496]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2010-9-9 74088]
R2 OBACDPService;Continuous Data Protection (Wahlgreen A-Click Backup);C:\Program Files\AhsayACB\bin\CDPService64.exe [2011-4-5 361984]
R2 OBAScheduler;Online Backup Scheduler (Wahlgreen A-Click Backup);C:\Program Files\AhsayACB\bin\Scheduler.exe [2011-4-5 77824]
R2 OBAAutoUpdate;AutoUpdateAgent (Ahsay A-Click Backup);C:\Program Files\AhsayACB\aua\bin\Aua.exe [2011-4-5 79856]
R2 QDLService2kLenovo;Qualcomm Gobi 2000 Download Service (Lenovo);C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [2010-4-26 331512]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-4-19 993848]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-4-19 399416]
R2 smihlp;SMI Helper Driver (smihlp);C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2009-3-13 13840]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-7 2234152]
R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2010-4-23 63928]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys—> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-9-9 2320920]
R2 XobniService;XobniService;C:\Program Files (x86)\Xobni\XobniService.exe [2010-10-21 62184]
R3 5U877;USB Video Device;C:\Windows\system32\DRIVERS\5U877.sys—> C:\Windows\system32\DRIVERS\5U877.sys [?]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys—> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;C:\Windows\system32\DRIVERS\e1k62x64.sys—> C:\Windows\system32\DRIVERS\e1k62x64.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys—> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys—> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys—> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys—> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys—> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
R3 qcfilterlno2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9205);C:\Windows\system32\DRIVERS\qcfilterlno2k.sys—> C:\Windows\system32\DRIVERS\qcfilterlno2k.sys [?]
R3 qcusbnetlno2k;Gobi 2000 USB-NDIS miniport(05C6-9205);C:\Windows\system32\DRIVERS\qcusbnetlno2k.sys—> C:\Windows\system32\DRIVERS\qcusbnetlno2k.sys [?]
R3 qcusbserlno2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9205);C:\Windows\system32\DRIVERS\qcusbserlno2k.sys—> C:\Windows\system32\DRIVERS\qcusbserlno2k.sys [?]
R3 TVTI2C;Lenovo SM bus driver;C:\Windows\system32\DRIVERS\Tvti2c.sys—> C:\Windows\system32\DRIVERS\Tvti2c.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys—> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 gupdate;Tjenesten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys—> C:\Windows\system32\drivers\btusbflt.sys [?]
S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2010-9-9 164200]
S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\system32\DRIVERS\ewusbnet.sys—> C:\Windows\system32\DRIVERS\ewusbnet.sys [?]
S3 gupdatem;Google Update Tjeneste (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
S3 hwusbdev;Huawei DataCard USB PNP Device;C:\Windows\system32\DRIVERS\ewusbdev.sys—> C:\Windows\system32\DRIVERS\ewusbdev.sys [?]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys—> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys—> C:\Windows\system32\DRIVERS\netaapl64.sys [?]
S3 PCDSRVC{127174DC-C366ED8B-06020000}_0;PCDSRVC{127174DC-C366ED8B-06020000}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\PC-Doctor\pcdsrvc_x64.pkms [2010-5-7 24560]
S3 pmxdrv;pmxdrv;\??\C:\Windows\system32\drivers\pmxdrv.sys—> C:\Windows\system32\drivers\pmxdrv.sys [?]
S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2010-9-9 75112]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS—> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS—> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS—> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 StorSvc;Lagertjeneste;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys—> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-9-30 126392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys—> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Tjenesten Windows Aktivering;C:\Windows\system32\Wat\WatAdminSvc.exe—> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-07-26 13:39:44   ————  d——-w-  C:\Users\Mikkel R°nsbo\AppData\Local\Microsoft
2011-07-26 13:27:28   404640   ——a-w-  C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-26 13:21:02   ————  d——-w-  C:\Program Files (x86)\Secunia
2011-07-26 12:33:43   98344   ——a-w-  C:\Windows\System32\drivers\btwaudio.sys
2011-07-26 12:33:43   35104   ——a-w-  C:\Windows\System32\drivers\btwl2cap.sys
2011-07-26 12:33:43   21160   ——a-w-  C:\Windows\System32\drivers\btwrchid.sys
2011-07-26 12:33:43   132648   ——a-w-  C:\Windows\System32\drivers\btwavdt.sys
2011-07-26 11:09:08   ————  d——-w-  C:\Users\Mikkel Rønsbo\AppData\Roaming\SUPERAntiSpyware.com
2011-07-26 11:09:08   ————  d——-w-  C:\ProgramData\SUPERAntiSpyware.com
2011-07-26 11:09:04   ————  d——-w-  C:\ProgramData\!SASCORE
2011-07-26 11:09:02   ————  d——-w-  C:\Program Files\SUPERAntiSpyware
2011-07-26 09:31:20   ————  d——-w-  C:\Users\Mikkel Rønsbo\AppData\Roaming\Malwarebytes
2011-07-26 09:30:52   38224   ——a-w-  C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-26 09:30:52   24664   ——a-w-  C:\Windows\System32\drivers\mbam.sys
2011-07-26 09:30:52   ————  d——-w-  C:\ProgramData\Malwarebytes
2011-07-26 09:30:51   ————  d——-w-  C:\Program Files (x86)\Malwarebytes’ Anti-Malware
2011-07-26 08:48:53   ————  d——-w-  C:\Program Files (x86)\ESET
2011-07-26 08:05:21   ————  d——-w-  C:\Program Files\CCleaner
2011-07-26 06:46:26   8578896   ——a-w-  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F719123B-5EF3-4564-9641-D844BA8DE156}\mpengine.dll
2011-07-23 15:24:46   ————  d——-w-  C:\Windows\rescache
2011-07-21 16:00:22   ————  d——-w-  C:\Windows\System32\SPReview
2011-07-21 15:35:44   ————  d——-w-  C:\Windows\System32\EventProviders
2011-07-21 15:20:12   78376   ——a-w-  C:\Windows\System32\drivers\CDAVFS.sys
2011-07-21 11:44:40   ————  d——-w-  C:\Program Files\iTunes
2011-07-21 11:44:40   ————  d——-w-  C:\Program Files\iPod
2011-07-21 11:44:40   ————  d——-w-  C:\Program Files (x86)\iTunes
2011-07-21 11:43:10   ————  d——-w-  C:\Program Files\Bonjour
2011-07-21 11:43:10   ————  d——-w-  C:\Program Files (x86)\Bonjour
2011-07-12 09:34:00   96104   ——a-w-  C:\Windows\System32\dns-sd.exe
2011-07-12 09:34:00   85864   ——a-w-  C:\Windows\System32\dnssd.dll
2011-07-12 09:34:00   61288   ——a-w-  C:\Windows\System32\jdns_sd.dll
2011-07-12 09:34:00   212840   ——a-w-  C:\Windows\System32\dnssdX.dll
2011-07-12 09:20:54   83816   ——a-w-  C:\Windows\SysWow64\dns-sd.exe
2011-07-12 09:20:54   73064   ——a-w-  C:\Windows\SysWow64\dnssd.dll
2011-07-12 09:20:54   50536   ——a-w-  C:\Windows\SysWow64\jdns_sd.dll
2011-07-12 09:20:54   178536   ——a-w-  C:\Windows\SysWow64\dnssdX.dll
2011-07-05 07:12:08   3584   ——a-w-  C:\Windows\System32\drivers\da-DK\tsusbflt.sys.mui
2011-07-05 07:12:08   2560   ——a-w-  C:\Windows\System32\drivers\da-DK\rdpwd.sys.mui
2011-07-05 07:12:04   48976   ——a-w-  C:\Windows\System32\netfxperf.dll
2011-07-05 07:12:04   1942856   ——a-w-  C:\Windows\System32\dfshim.dll
2011-07-05 07:10:59   82944   ——a-w-  C:\Windows\SysWow64\thumbcache.dll
2011-07-05 07:09:27   529408   ——a-w-  C:\Windows\System32\wbemcomn.dll
2011-07-05 07:09:27   524288   ——a-w-  C:\Windows\System32\wmicmiplugin.dll
2011-07-05 07:09:27   1225216   ——a-w-  C:\Windows\System32\wbem\wbemcore.dll
2011-07-05 07:09:24   933376   ——a-w-  C:\Windows\System32\SmiEngine.dll
2011-07-05 07:09:22   199168   ——a-w-  C:\Windows\System32\PkgMgr.exe
2011-07-05 07:09:11   422912   ——a-w-  C:\Windows\System32\drvstore.dll
2011-07-05 07:09:11   399872   ——a-w-  C:\Windows\System32\dpx.dll
.
==================== Find3M ====================
.
2011-07-26 13:22:38   525544   ——a-w-  C:\Windows\System32\deployJava1.dll
2011-07-21 16:04:22   152576   ——a-w-  C:\Windows\SysWow64\msclmd.dll
2011-07-21 16:04:21   175616   ——a-w-  C:\Windows\System32\msclmd.dll
2011-06-14 20:22:41   71262   ——a-w-  C:\Windows\Huawei ModemsUninstall.exe
2011-06-11 03:07:25   3137536   ——a-w-  C:\Windows\System32\win32k.sys
2011-06-03 06:57:45   362496   ——a-w-  C:\Windows\System32\wow64win.dll
2011-06-03 06:57:45   243200   ——a-w-  C:\Windows\System32\wow64.dll
2011-06-03 06:57:45   13312   ——a-w-  C:\Windows\System32\wow64cpu.dll
2011-06-03 06:57:44   214528   ——a-w-  C:\Windows\System32\winsrv.dll
2011-06-03 06:57:38   16384   ——a-w-  C:\Windows\System32\ntvdm64.dll
2011-06-03 06:56:38   421888   ——a-w-  C:\Windows\System32\KernelBase.dll
2011-06-03 06:53:33   338944   ——a-w-  C:\Windows\System32\conhost.exe
2011-06-03 06:00:53   14336   ——a-w-  C:\Windows\SysWow64\ntvdm64.dll
2011-06-03 05:57:52   44032   ——a-w-  C:\Windows\apppatch\acwow64.dll
2011-06-03 05:57:33   25600   ——a-w-  C:\Windows\SysWow64\setup16.exe
2011-06-03 05:56:12   5120   ——a-w-  C:\Windows\SysWow64\wow32.dll
2011-06-03 05:56:11   272384   ——a-w-  C:\Windows\SysWow64\KernelBase.dll
2011-06-03 03:53:31   7680   ——a-w-  C:\Windows\SysWow64\instnm.exe
2011-06-03 03:53:31   2048   ——a-w-  C:\Windows\SysWow64\user.exe
2011-06-03 03:48:32   3584   —-ha-w-  C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-06-03 03:48:31   6144   —-ha-w-  C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-06-03 03:48:31   4608   —-ha-w-  C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-06-03 03:48:31   3072   —-ha-w-  C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-05-24 17:14:10   270720   ———w-  C:\Windows\System32\MpSigStub.exe
2011-05-24 11:42:55   404480   ——a-w-  C:\Windows\System32\umpnpmgr.dll
2011-05-24 10:40:05   64512   ——a-w-  C:\Windows\SysWow64\devobj.dll
2011-05-24 10:40:05   44544   ——a-w-  C:\Windows\SysWow64\devrtl.dll
2011-05-24 10:39:38   145920   ——a-w-  C:\Windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37:54   252928   ——a-w-  C:\Windows\SysWow64\drvinst.exe
2011-05-10 06:06:08   51712   ——a-w-  C:\Windows\System32\drivers\usbaapl64.sys
2011-05-10 06:06:08   4517664   ——a-w-  C:\Windows\System32\usbaaplrc.dll
2011-05-04 05:25:03   2315776   ——a-w-  C:\Windows\System32\tquery.dll
2011-05-04 05:22:25   778752   ——a-w-  C:\Windows\System32\mssvp.dll
2011-05-04 05:22:25   2223616   ——a-w-  C:\Windows\System32\mssrch.dll
2011-05-04 05:22:24   75264   ——a-w-  C:\Windows\System32\msscntrs.dll
2011-05-04 05:22:24   491520   ——a-w-  C:\Windows\System32\mssph.dll
2011-05-04 05:22:24   288256   ——a-w-  C:\Windows\System32\mssphtb.dll
2011-05-04 05:19:28   591872   ——a-w-  C:\Windows\System32\SearchIndexer.exe
2011-05-04 05:19:28   249856   ——a-w-  C:\Windows\System32\SearchProtocolHost.exe
2011-05-04 05:19:28   113664   ——a-w-  C:\Windows\System32\SearchFilterHost.exe
2011-05-04 04:34:43   1549312   ——a-w-  C:\Windows\SysWow64\tquery.dll
2011-05-04 04:32:02   666624   ——a-w-  C:\Windows\SysWow64\mssvp.dll
2011-05-04 04:32:01   337408   ——a-w-  C:\Windows\SysWow64\mssph.dll
2011-05-04 04:32:01   197120   ——a-w-  C:\Windows\SysWow64\mssphtb.dll
2011-05-04 04:32:01   1401344   ——a-w-  C:\Windows\SysWow64\mssrch.dll
2011-05-04 04:32:00   59392   ——a-w-  C:\Windows\SysWow64\msscntrs.dll
2011-05-04 04:28:31   86528   ——a-w-  C:\Windows\SysWow64\SearchFilterHost.exe
2011-05-04 04:28:31   427520   ——a-w-  C:\Windows\SysWow64\SearchIndexer.exe
2011-05-04 04:28:31   164352   ——a-w-  C:\Windows\SysWow64\SearchProtocolHost.exe
2011-05-04 02:52:22   472808   ——a-w-  C:\Windows\SysWow64\deployJava1.dll
2011-05-03 05:29:29   976896   ——a-w-  C:\Windows\System32\inetcomm.dll
2011-05-03 04:30:02   741376   ——a-w-  C:\Windows\SysWow64\inetcomm.dll
2011-04-29 03:06:10   467456   ——a-w-  C:\Windows\System32\drivers\srv.sys
2011-04-29 03:05:49   410112   ——a-w-  C:\Windows\System32\drivers\srv2.sys
2011-04-29 03:05:37   168448   ——a-w-  C:\Windows\System32\drivers\srvnet.sys
2011-04-28 03:55:08   552960   ——a-w-  C:\Windows\System32\drivers\bthport.sys
2011-04-28 03:54:56   80384   ——a-w-  C:\Windows\System32\drivers\BTHUSB.SYS
.
============= FINISH: 15:40:07,68 ===============

Attach:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 19-10-2010 16:20:21
System Uptime: 26-07-2011 14:44:20 (1 hours ago)
.
Motherboard: LENOVO |  | 2924WJG
Processor: Intel(R) Core(TM) i5 CPU     M 520 @ 2.40GHz | None | 2400/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 108 GiB total, 8,673 GiB free.
Q: is FIXED (NTFS) - 10 GiB total, 1,578 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Ekstern Bluetooth-enhed
Device ID: BTHENUM\{00005557-0000-1000-8000-0002EE000001}_VID&00010001;_PID&0114;\8&306892DF;&0&782EEF3DD9E3;_C00000000
Manufacturer:
Name: Ekstern Bluetooth-enhed
PNP Device ID: BTHENUM\{00005557-0000-1000-8000-0002EE000001}_VID&00010001;_PID&0114;\8&306892DF;&0&782EEF3DD9E3;_C00000000
Service:
.
Class GUID:
Description: Ekstern Bluetooth-enhed
Device ID: BTHENUM\{00005601-0000-1000-8000-0002EE000001}_VID&00010001;_PID&0114;\8&306892DF;&0&782EEF3DD9E3;_C00000000
Manufacturer:
Name: Ekstern Bluetooth-enhed
PNP Device ID: BTHENUM\{00005601-0000-1000-8000-0002EE000001}_VID&00010001;_PID&0114;\8&306892DF;&0&782EEF3DD9E3;_C00000000
Service:
.
Class GUID:
Description: Ekstern Bluetooth-enhed
Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_VID&00010001;_PID&0114;\8&306892DF;&0&782EEF3DD9E3;_C00000000
Manufacturer:
Name: Ekstern Bluetooth-enhed
PNP Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_VID&00010001;_PID&0114;\8&306892DF;&0&782EEF3DD9E3;_C00000000
Service:
.
==== System Restore Points ===================
.
RP226: 26-07-2011 14:46:09 - Windows Update
.
==== Installed Programs ======================
.
3Connect
ActiveX sikkerhedssoftware
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.5 - Dansk
Apple-programunderstøttelse
Apple Software Update
AVIcodec (remove only)
Create Recovery Media
Definition update for Microsoft Office 2010 (KB982726)
ESET Online Scanner v3
Facebook Photo Uploader
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Huawei modem
Integrated Camera Driver Installer Package Ver.1.1.0.19
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Components
InterVideo WinDVD 8
Java Auto Updater
Java(TM) 6 Update 26
Lenovo Warranty Information
Lenovo Welcome
Malwarebytes’ Anti-Malware
Message Center Plus
Microsoft Choice Guard
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (Danish) 2010
Microsoft Office Communicator 2007 R2
Microsoft Office Excel MUI (Danish) 2010
Microsoft Office OneNote MUI (Danish) 2010
Microsoft Office Outlook MUI (Danish) 2010
Microsoft Office PowerPoint MUI (Danish) 2010
Microsoft Office Proof (Danish) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Swedish) 2010
Microsoft Office Proofing (Danish) 2010
Microsoft Office Publisher MUI (Danish) 2010
Microsoft Office Shared MUI (Danish) 2010
Microsoft Office Single Image 2010
Microsoft Office til Hjemmet og Firmaet 2010
Microsoft Office Word MUI (Danish) 2010
Microsoft Online Services - Log på
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft_VC90_CRT_x86
Mobile Broadband
Mozilla Firefox (3.6.18)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Overførselsværktøj til Windows Live
Qualcomm Gobi 2000 Package for Lenovo
QuickTime
Rescue and Recovery
Safari
Secunia PSI (2.0.0.3003)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Skype™ 4.2
System Update
Tango
TeamViewer 6 Host
ThinkPad Power Manager
ThinkPad UltraNav Utility
ThinkVantage Access Connections
ThinkVantage GPS
Tilmeldingsassistent til Windows Live
Update for Microsoft Office 2010 (KB2494150)
Verizon Wireless Mobile Broadband Self Activation
VLC media player 1.1.11
Windows Live Essentials
Windows Live Toolbar
Windows Media Player Firefox Plugin
Xobni
Xobni Core
Xvid 1.2.1 final uninstall
.
==== End Of File ===========================

Administrator
Avatar
Antal indlæg: 37450

Hej og velkommen           grin

Hent Combofix, og gem den på dit skrivebord:
ComboFix


Luk alle andre vinduer ned.

Kør så combofix.exe, og følg anvisningerne.

Når du får denne besked:
Svarer du enten Ja eller Nej. Det er tilrådeligt at du siger Ja. Uanset hvad du svarer, har det ingen indflydelse på combofix scanningen.
Du må ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.

Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt som ligger her C: Combofix txt

Indholdet af denne fil må du gerne lægge herind

Da de er forholdsvis lange, kan du blive nødt til at sende dem i flere indlæg.

Signatur

Download IKKE Programmer fra Disse  suspekte sider

  MHR
Antal indlæg: 6

Tusind tak, ikke mindst for hurtigt svar!!

Jeg har gjort som du anbefalede, og her er loggen. Er al vira fjernet nu tror du?

/Mikkel

ComboFix 11-07-28.01 - Mikkel Rønsbo 28-07-2011 13:03:43.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.45.1030.18.3892.1622 [GMT 2:00]
Kører fra: c:\users\Mikkel R°nsbo\Downloads\ComboFix.exe
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personlig firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
.
(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\QuestBrowser
c:\programdata\Tarma Installer
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
c:\windows\system32\Thumbs.db
Q:\Autorun.inf
.
.
(((((((((((((((((((((((((((((  Filer skabt fra 2011-06-28 til 2011-07-28 )))))))))))))))))))))))))))))))))))
.
.
2011-07-28 11:08 . 2011-07-28 11:08   ————  d——-w-  c:\users\Default\AppData\Local\temp
2011-07-26 13:39 . 2011-07-26 13:39   ————  d——-w-  c:\users\Mikkel R°nsbo
2011-07-26 13:27 . 2011-07-26 13:27   404640   ——a-w-  c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-26 13:21 . 2011-07-26 13:21   ————  d——-w-  c:\users\Mikkel Rønsbo\AppData\Local\Secunia PSI
2011-07-26 13:21 . 2011-07-26 13:21   ————  d——-w-  c:\program files (x86)\Secunia
2011-07-26 12:33 . 2011-07-26 12:30   98344   ——a-w-  c:\windows\system32\drivers\btwaudio.sys
2011-07-26 12:33 . 2011-07-26 12:30   35104   ——a-w-  c:\windows\system32\drivers\btwl2cap.sys
2011-07-26 12:33 . 2011-07-26 12:30   132648   ——a-w-  c:\windows\system32\drivers\btwavdt.sys
2011-07-26 12:33 . 2011-07-26 12:30   21160   ——a-w-  c:\windows\system32\drivers\btwrchid.sys
2011-07-26 11:09 . 2011-07-26 11:09   ————  d——-w-  c:\users\Mikkel Rønsbo\AppData\Roaming\SUPERAntiSpyware.com
2011-07-26 11:09 . 2011-07-26 11:09   ————  d——-w-  c:\programdata\SUPERAntiSpyware.com
2011-07-26 11:09 . 2011-07-26 11:09   ————  d——-w-  c:\programdata\!SASCORE
2011-07-26 11:09 . 2011-07-26 11:09   ————  d——-w-  c:\program files\SUPERAntiSpyware
2011-07-26 09:31 . 2011-07-26 09:31   ————  d——-w-  c:\users\Mikkel Rønsbo\AppData\Roaming\Malwarebytes
2011-07-26 09:30 . 2011-07-26 09:30   ————  d——-w-  c:\programdata\Malwarebytes
2011-07-26 09:30 . 2010-04-29 13:39   38224   ——a-w-  c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-26 09:30 . 2010-04-29 13:39   24664   ——a-w-  c:\windows\system32\drivers\mbam.sys
2011-07-26 09:30 . 2011-07-26 09:30   ————  d——-w-  c:\program files (x86)\Malwarebytes’ Anti-Malware
2011-07-26 08:48 . 2011-07-26 08:48   ————  d——-w-  c:\program files (x86)\ESET
2011-07-26 08:05 . 2011-07-26 13:33   ————  d——-w-  c:\program files\CCleaner
2011-07-26 06:46 . 2011-07-13 04:53   8578896   ——a-w-  c:\programdata\Microsoft\Windows Defender\Definition Updates\{F719123B-5EF3-4564-9641-D844BA8DE156}\mpengine.dll
2011-07-23 15:24 . 2011-07-26 20:27   ————  d——-w-  c:\windows\rescache
2011-07-21 16:00 . 2011-07-21 16:00   ————  d——-w-  c:\windows\system32\SPReview
2011-07-21 15:35 . 2011-07-21 15:35   ————  d——-w-  c:\windows\system32\EventProviders
2011-07-21 15:20 . 2011-07-21 15:01   78376   ——a-w-  c:\windows\system32\drivers\CDAVFS.sys
2011-07-21 15:20 . 2011-07-26 08:34   ————  d——-w-  c:\users\Mikkel Rønsbo\AppData\Local\CyberDefender Internet Security
2011-07-21 11:44 . 2011-07-21 11:44   ————  d——-w-  c:\program files\iTunes
2011-07-21 11:44 . 2011-07-21 11:44   ————  d——-w-  c:\program files (x86)\iTunes
2011-07-21 11:44 . 2011-07-21 11:44   ————  d——-w-  c:\program files\iPod
2011-07-21 11:43 . 2011-07-21 11:43   ————  d——-w-  c:\program files\Bonjour
2011-07-21 11:43 . 2011-07-21 11:43   ————  d——-w-  c:\program files (x86)\Bonjour
2011-07-12 09:34 . 2011-07-12 09:34   96104   ——a-w-  c:\windows\system32\dns-sd.exe
2011-07-12 09:34 . 2011-07-12 09:34   85864   ——a-w-  c:\windows\system32\dnssd.dll
2011-07-12 09:34 . 2011-07-12 09:34   61288   ——a-w-  c:\windows\system32\jdns_sd.dll
2011-07-12 09:34 . 2011-07-12 09:34   212840   ——a-w-  c:\windows\system32\dnssdX.dll
2011-07-12 09:20 . 2011-07-12 09:20   83816   ——a-w-  c:\windows\SysWow64\dns-sd.exe
2011-07-12 09:20 . 2011-07-12 09:20   73064   ——a-w-  c:\windows\SysWow64\dnssd.dll
2011-07-12 09:20 . 2011-07-12 09:20   50536   ——a-w-  c:\windows\SysWow64\jdns_sd.dll
2011-07-12 09:20 . 2011-07-12 09:20   178536   ——a-w-  c:\windows\SysWow64\dnssdX.dll
2011-07-05 07:12 . 2010-11-20 13:34   2560   ——a-w-  c:\windows\system32\drivers\da-DK\rdpwd.sys.mui
2011-07-05 07:12 . 2010-11-20 13:32   3584   ——a-w-  c:\windows\system32\drivers\da-DK\tsusbflt.sys.mui
2011-07-05 07:12 . 2010-11-05 01:57   48976   ——a-w-  c:\windows\system32\netfxperf.dll
2011-07-05 07:12 . 2010-11-05 01:57   1942856   ——a-w-  c:\windows\system32\dfshim.dll
2011-07-05 07:10 . 2010-11-20 13:44   1077248   ——a-w-  c:\windows\system32\Narrator.exe
2011-07-05 07:09 . 2010-11-20 13:27   524288   ——a-w-  c:\windows\system32\wmicmiplugin.dll
2011-07-05 07:09 . 2010-11-20 13:27   529408   ——a-w-  c:\windows\system32\wbemcomn.dll
2011-07-05 07:09 . 2010-11-20 13:27   1225216   ——a-w-  c:\windows\system32\wbem\wbemcore.dll
2011-07-05 07:09 . 2010-11-20 13:27   933376   ——a-w-  c:\windows\system32\SmiEngine.dll
2011-07-05 07:09 . 2010-11-20 13:25   199168   ——a-w-  c:\windows\system32\PkgMgr.exe
2011-07-05 07:09 . 2010-11-20 13:26   422912   ——a-w-  c:\windows\system32\drvstore.dll
2011-07-05 07:09 . 2010-11-20 13:26   399872   ——a-w-  c:\windows\system32\dpx.dll
2011-06-30 12:05 . 2011-06-30 12:05   ————  d——-w-  c:\program files (x86)\Common Files\Java
.
.
.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-26 13:22 . 2010-11-04 14:55   525544   ——a-w-  c:\windows\system32\deployJava1.dll
2011-07-21 16:04 . 2009-07-14 02:36   152576   ——a-w-  c:\windows\SysWow64\msclmd.dll
2011-07-21 16:04 . 2009-07-14 02:36   175616   ——a-w-  c:\windows\system32\msclmd.dll
2011-06-14 20:22 . 2010-10-19 16:02   71262   ——a-w-  c:\windows\Huawei ModemsUninstall.exe
2011-06-14 20:18 . 2011-06-14 20:18   0   —-ha-w-  c:\users\Mikkel Rønsbo\AppData\Local\BIT2BC7.tmp
2011-06-14 20:18 . 2011-06-14 20:18   0   —-ha-w-  c:\users\Mikkel Rønsbo\AppData\Local\BIT2BC7.tmp
2011-06-03 05:57 . 2011-07-13 06:34   44032   ——a-w-  c:\windows\apppatch\acwow64.dll
2011-05-24 17:14 . 2010-10-19 07:44   270720   ———w-  c:\windows\system32\MpSigStub.exe
2011-05-10 06:06 . 2011-05-10 06:06   51712   ——a-w-  c:\windows\system32\drivers\usbaapl64.sys
2011-05-10 06:06 . 2011-05-10 06:06   4517664   ——a-w-  c:\windows\system32\usbaaplrc.dll
2011-05-04 02:52 . 2010-11-03 16:41   472808   ——a-w-  c:\windows\SysWow64\deployJava1.dll
2011-05-03 05:29 . 2011-06-19 21:39   976896   ——a-w-  c:\windows\system32\inetcomm.dll
2011-05-03 04:30 . 2011-06-19 21:39   741376   ——a-w-  c:\windows\SysWow64\inetcomm.dll
.
.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“swg”=“c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2010-10-19 39408]
“Facebook Update”=“c:\users\Mikkel Rønsbo\AppData\Local\Facebook\Update\FacebookUpdate.exe” [2011-07-14 137536]
“SUPERAntiSpyware”=“c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe” [2011-06-30 2988928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
“RotateImage”=“c:\program files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe” [2008-10-30 55808]
“IMSS”=“c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe” [2010-03-25 111640]
“PWMTRV”=“c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL” [2010-05-06 1124712]
“Message Center Plus”=“c:\program files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe” [2009-05-28 49976]
“Adobe Reader Speed Launcher”=“c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2011-06-08 37296]
“Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [2011-03-30 937920]
“AppleSyncNotifier”=“c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe” [2011-04-20 58656]
“QuickTime Task”=“c:\program files (x86)\QuickTime\QTTask.exe” [2010-11-29 421888]
“Communicator”=“c:\program files (x86)\Microsoft Office Communicator\communicator.exe” [2011-06-03 5150560]
“SignIn”=“c:\program files (x86)\Microsoft Online Services\Sign In\SignIn.exe” [2010-03-09 1734512]
“OBASystemTray”=“c:\program files\AhsayACB\bin\SystemTray64.exe” [2011-07-11 525312]
“iTunesHelper”=“c:\program files (x86)\iTunes\iTunesHelper.exe” [2011-07-19 421736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“OBASystemTray”=“c:\program files\AhsayACB\bin\SystemTray64.exe” [2011-07-11 525312]
.
c:\users\Mikkel R›nsbo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Sk‘rmklipper og startprogram til OneNote 2010.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2009-10-2 1082144]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages   REG_MULTI_SZ     scecli c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=”“
.
R1 ctgdyxmc;ctgdyxmc;c:\windows\system32\drivers\ctgdyxmc.sys [x]
R1 edqmegwm;edqmegwm;c:\windows\system32\drivers\edqmegwm.sys [x]
R1 edumjrku;edumjrku;c:\windows\system32\drivers\edumjrku.sys [x]
R1 hchodepq;hchodepq;c:\windows\system32\drivers\hchodepq.sys [x]
R1 kgwpcrgn;kgwpcrgn;c:\windows\system32\drivers\kgwpcrgn.sys [x]
R1 oaxtzcge;oaxtzcge;c:\windows\system32\drivers\oaxtzcge.sys [x]
R1 ozhpfgsi;ozhpfgsi;c:\windows\system32\drivers\ozhpfgsi.sys [x]
R1 xucrcbls;xucrcbls;c:\windows\system32\drivers\xucrcbls.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Tjenesten Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2010-05-06 164200]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Google Update Tjeneste (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PCDSRVC{127174DC-C366ED8B-06020000}_0;PCDSRVC{127174DC-C366ED8B-06020000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc_x64.pkms [2010-05-07 24560]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [x]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2010-05-06 75112]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-09-30 126392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Tjenesten Windows Aktivering;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-12 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-05-04 128384]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2011-01-12 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2010-04-20 50536]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2010-04-07 45496]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2010-04-20 74088]
S2 OBACDPService;Continuous Data Protection (Wahlgreen A-Click Backup);c:\program files\AhsayACB\bin\CDPService64.exe [2011-07-11 361984]
S2 OBAScheduler;Online Backup Scheduler (Wahlgreen A-Click Backup);c:\program files\AhsayACB\bin\Scheduler.exe [2011-07-11 77824]
S2 QDLService2kLenovo;Qualcomm Gobi 2000 Download Service (Lenovo);c:\program files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [2010-04-26 331512]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
S2 smihlp;SMI Helper Driver (smihlp);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [2009-03-13 13840]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2234152]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2010-04-07 63928]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-25 2320920]
S2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe [2010-10-21 62184]
S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 qcfilterlno2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9205);c:\windows\system32\DRIVERS\qcfilterlno2k.sys [x]
S3 qcusbnetlno2k;Gobi 2000 USB-NDIS miniport(05C6-9205);c:\windows\system32\DRIVERS\qcusbnetlno2k.sys [x]
S3 qcusbserlno2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9205);c:\windows\system32\DRIVERS\qcusbserlno2k.sys [x]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Indhold af mappen ‘Planlagte Opgaver’
.
2011-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 08:08]
.
2011-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 08:08]
.
2011-06-09 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2010-05-07 19:52]
.
2011-07-26 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdrcui.exe [2010-05-08 00:50]
.
.
————- x86-64—————-
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“combofix”=“c:\combofix\CF28559.cfxxe” [X]
“TPHOTKEY”=“c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe” [2009-12-21 69568]
“TpShocks”=“TpShocks.exe” [2009-12-11 380776]
“SmartAudio”=“c:\program files\CONEXANT\SAII\SAIICpl.exe” [2009-11-17 307768]
“LENOVO.TPKNRRES”=“c:\program files\Lenovo\Communications Utility\TPKNRRES.exe” [2010-04-20 62312]
“AcWin7Hlpr”=“c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe” [2009-10-14 36864]
“egui”=“c:\program files\ESET\ESET Smart Security\egui.exe” [2011-01-12 2918656]
“OBASystemTray”=“c:\program files\AhsayACB\bin\SystemTray64.exe” [2011-07-11 525312]
“IgfxTray”=“c:\windows\system32\igfxtray.exe” [2010-11-29 167960]
“HotKeysCmds”=“c:\windows\system32\hkcmd.exe” [2010-11-29 391704]
“Persistence”=“c:\windows\system32\igfxpers.exe” [2010-11-29 417304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
“LoadAppInit_DLLs”=0x0
.
———- Yderligere scanning———-
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = politiken.dk
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&ksporter; til Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki ... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: S&end; til OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send billede til &Bluetooth;-enhed… - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send siden til &Bluetooth;-enhed… - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
Trusted Zone: portalbank.dk\www
TCP: DhcpNameServer = 193.104.135.2 193.104.135.6
FF - ProfilePath - c:\users\Mikkel Rønsbo\AppData\Roaming\Mozilla\Firefox\Profiles\2izdd2m9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2953735&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo-Mp3Tube
FF - prefs.js: browser.startup.homepage - hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_homepage&prt=pinballtb04ff&clid=4f51df9264ac4d2eb7372ef8ba868ab2&subid;=
FF - prefs.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords;=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: CyberDefender-TB Community Toolbar: {ffb11c0c-da90-4969-a995-8dca2e0fc10a} - %profile%\extensions\{ffb11c0c-da90-4969-a995-8dca2e0fc10a}
FF - user.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords;=
FF - user.js: keyword.enabled - 1
.
- - - - TOMME GENVEJE FJERNET - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
URLSearchHooks-{9565115d-c7d6-46d3-bd63-b67b481a4368} - (no file)
URLSearchHooks-{ffb11c0c-da90-4969-a995-8dca2e0fc10a} - (no file)
BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file)
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{9565115D-C7D6-46D3-BD63-B67B481A4368} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{127174DC-C366ED8B-06020000}_0]
“ImagePath”=”\??\c:\program files\pc-doctor\pcdsrvc_x64.pkms”
.
——————————- LÅSTE REGISTRERINGS NØGLER——————————-
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=”@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
“Enabled”=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@=“Shockwave Flash Object”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx”
“ThreadingModel”=“Apartment”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@=“0”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@=“ShockwaveFlash.ShockwaveFlash.10”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@=”{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@=“1.0”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@=“ShockwaveFlash.ShockwaveFlash”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@=“Macromedia Flash Factory Object”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx”
“ThreadingModel”=“Apartment”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@=“FlashFactory.FlashFactory.1”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@=”{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@=“1.0”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@=“FlashFactory.FlashFactory”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@=“IFlashBroker4”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@=”{00020424-0000-0000-C000-000000000046}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
“Solution”=”{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
“Key”=“ActionsPane3”
“Location”=“c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd”
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
————————————Andre kørende processer————————————
.
c:\program files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\progra~1\Lenovo\HOTKEY\tpnumlk.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\AhsayACB\aua\bin\Aua.exe
c:\program files (x86)\Lenovo\Access Connections\AcSvc.exe
c:\program files (x86)\TeamViewer\Version6\TeamViewer.exe
c:\progra~1\Lenovo\HOTKEY\tpnumlkd.exe
c:\program files\Lenovo\HOTKEY\TPONSCR.exe
c:\program files\Lenovo\Zoom\TpScrex.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files\ThinkPad\Bluetooth Software\BluetoothHeadsetProxy.exe
c:\program files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Lenovo\System Update\SUService.exe
c:\program files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
.
**************************************************************************
.
Gennemført tid: 2011-07-28 13:11:50 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2011-07-28 11:11
.
Pre-Kørsel: 8.691.822.592 byte ledig
Post-Kørsel: 8.318.603.264 byte ledig
.
- - End Of File - - E9C25C8348A8385E64E74DE0A16F7F5B

Administrator
Avatar
Antal indlæg: 37450

Åben Notesblok og kopier følgende (tekst med fed skrift) ind - og gem tekst-filen som CFScript samme sted som du har ComboFix:


…………………………………………………………………….
Snapshot::
File::
c:\users\Mikkel Rønsbo\AppData\Local\BIT2BC7.tmp
c:\users\Mikkel Rønsbo\AppData\Local\BIT2BC7.tmp
Folder::
c:\program files\AVG
Driver::
ctgdyxmc
edqmegwm
edumjrku
hchodepq
kgwpcrgn
oaxtzcge
ozhpfgsi
xucrcbls
SecCenter::
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

………………………………………………………………………..


Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du “giver slip” med musen. Som vist her ->

http://www.fromsej.saknet.dk/billeder/swfcombo.gif


Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.


Læg den nye ComboFix log herind. Den kan findes her - C:\combofix Txt

Signatur

Download IKKE Programmer fra Disse  suspekte sider

  MHR
Antal indlæg: 6

Her er den nye log grin
Igen, tak for din hjælp!!


ComboFix 11-07-31.04 - Mikkel Rønsbo 01-08-2011   9:47.2.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.45.1030.18.3892.1489 [GMT 2:00]
Kører fra: c:\combofix\ComboFix.exe
AV: ESET Smart Security 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personlig firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Dannede nyt systemgendannelsespunkt
.
.
(((((((((((((((((((((((((((((  Filer skabt fra 2011-07-01 til 2011-08-01 )))))))))))))))))))))))))))))))))))
.
.
2011-08-01 08:03 . 2011-08-01 08:03   ————  d——-w-  c:\users\Default\AppData\Local\temp
2011-07-29 06:45 . 2011-07-13 04:53   8578896   ——a-w-  c:\programdata\Microsoft\Windows Defender\Definition Updates\{65876E0B-143B-491A-BB68-14645655561B}\mpengine.dll
2011-07-26 13:39 . 2011-07-26 13:39   ————  d——-w-  c:\users\Mikkel R°nsbo
2011-07-26 13:27 . 2011-07-26 13:27   404640   ——a-w-  c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-26 13:21 . 2011-07-26 13:21   ————  d——-w-  c:\users\Mikkel Rønsbo\AppData\Local\Secunia PSI
2011-07-26 13:21 . 2011-07-26 13:21   ————  d——-w-  c:\program files (x86)\Secunia
2011-07-26 12:33 . 2011-07-26 12:30   98344   ——a-w-  c:\windows\system32\drivers\btwaudio.sys
2011-07-26 12:33 . 2011-07-26 12:30   35104   ——a-w-  c:\windows\system32\drivers\btwl2cap.sys
2011-07-26 12:33 . 2011-07-26 12:30   132648   ——a-w-  c:\windows\system32\drivers\btwavdt.sys
2011-07-26 12:33 . 2011-07-26 12:30   21160   ——a-w-  c:\windows\system32\drivers\btwrchid.sys
2011-07-26 11:09 . 2011-07-26 11:09   ————  d——-w-  c:\users\Mikkel Rønsbo\AppData\Roaming\SUPERAntiSpyware.com
2011-07-26 11:09 . 2011-07-26 11:09   ————  d——-w-  c:\programdata\SUPERAntiSpyware.com
2011-07-26 11:09 . 2011-07-26 11:09   ————  d——-w-  c:\programdata\!SASCORE
2011-07-26 11:09 . 2011-07-26 11:09   ————  d——-w-  c:\program files\SUPERAntiSpyware
2011-07-26 09:31 . 2011-07-26 09:31   ————  d——-w-  c:\users\Mikkel Rønsbo\AppData\Roaming\Malwarebytes
2011-07-26 09:30 . 2011-07-26 09:30   ————  d——-w-  c:\programdata\Malwarebytes
2011-07-26 09:30 . 2010-04-29 13:39   38224   ——a-w-  c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-26 09:30 . 2010-04-29 13:39   24664   ——a-w-  c:\windows\system32\drivers\mbam.sys
2011-07-26 09:30 . 2011-07-26 09:30   ————  d——-w-  c:\program files (x86)\Malwarebytes’ Anti-Malware
2011-07-26 08:48 . 2011-07-26 08:48   ————  d——-w-  c:\program files (x86)\ESET
2011-07-26 08:05 . 2011-07-26 13:33   ————  d——-w-  c:\program files\CCleaner
2011-07-23 15:24 . 2011-07-26 20:27   ————  d——-w-  c:\windows\rescache
2011-07-21 16:00 . 2011-07-21 16:00   ————  d——-w-  c:\windows\system32\SPReview
2011-07-21 15:35 . 2011-07-21 15:35   ————  d——-w-  c:\windows\system32\EventProviders
2011-07-21 15:20 . 2011-07-21 15:01   78376   ——a-w-  c:\windows\system32\drivers\CDAVFS.sys
2011-07-21 15:20 . 2011-07-26 08:34   ————  d——-w-  c:\users\Mikkel Rønsbo\AppData\Local\CyberDefender Internet Security
2011-07-21 11:44 . 2011-07-21 11:44   ————  d——-w-  c:\program files\iTunes
2011-07-21 11:44 . 2011-07-21 11:44   ————  d——-w-  c:\program files (x86)\iTunes
2011-07-21 11:44 . 2011-07-21 11:44   ————  d——-w-  c:\program files\iPod
2011-07-21 11:43 . 2011-07-21 11:43   ————  d——-w-  c:\program files\Bonjour
2011-07-21 11:43 . 2011-07-21 11:43   ————  d——-w-  c:\program files (x86)\Bonjour
2011-07-12 09:34 . 2011-07-12 09:34   96104   ——a-w-  c:\windows\system32\dns-sd.exe
2011-07-12 09:34 . 2011-07-12 09:34   85864   ——a-w-  c:\windows\system32\dnssd.dll
2011-07-12 09:34 . 2011-07-12 09:34   61288   ——a-w-  c:\windows\system32\jdns_sd.dll
2011-07-12 09:34 . 2011-07-12 09:34   212840   ——a-w-  c:\windows\system32\dnssdX.dll
2011-07-12 09:20 . 2011-07-12 09:20   83816   ——a-w-  c:\windows\SysWow64\dns-sd.exe
2011-07-12 09:20 . 2011-07-12 09:20   73064   ——a-w-  c:\windows\SysWow64\dnssd.dll
2011-07-12 09:20 . 2011-07-12 09:20   50536   ——a-w-  c:\windows\SysWow64\jdns_sd.dll
2011-07-12 09:20 . 2011-07-12 09:20   178536   ——a-w-  c:\windows\SysWow64\dnssdX.dll
2011-07-05 07:12 . 2010-11-20 13:34   2560   ——a-w-  c:\windows\system32\drivers\da-DK\rdpwd.sys.mui
2011-07-05 07:12 . 2010-11-20 13:32   3584   ——a-w-  c:\windows\system32\drivers\da-DK\tsusbflt.sys.mui
2011-07-05 07:12 . 2010-11-05 01:57   48976   ——a-w-  c:\windows\system32\netfxperf.dll
2011-07-05 07:12 . 2010-11-05 01:57   1942856   ——a-w-  c:\windows\system32\dfshim.dll
2011-07-05 07:10 . 2010-11-20 13:44   1077248   ——a-w-  c:\windows\system32\Narrator.exe
2011-07-05 07:09 . 2010-11-20 13:27   524288   ——a-w-  c:\windows\system32\wmicmiplugin.dll
2011-07-05 07:09 . 2010-11-20 13:27   529408   ——a-w-  c:\windows\system32\wbemcomn.dll
2011-07-05 07:09 . 2010-11-20 13:27   1225216   ——a-w-  c:\windows\system32\wbem\wbemcore.dll
2011-07-05 07:09 . 2010-11-20 13:27   933376   ——a-w-  c:\windows\system32\SmiEngine.dll
2011-07-05 07:09 . 2010-11-20 13:25   199168   ——a-w-  c:\windows\system32\PkgMgr.exe
2011-07-05 07:09 . 2010-11-20 13:26   422912   ——a-w-  c:\windows\system32\drvstore.dll
2011-07-05 07:09 . 2010-11-20 13:26   399872   ——a-w-  c:\windows\system32\dpx.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-26 13:22 . 2010-11-04 14:55   525544   ——a-w-  c:\windows\system32\deployJava1.dll
2011-07-21 16:04 . 2009-07-14 02:36   152576   ——a-w-  c:\windows\SysWow64\msclmd.dll
2011-07-21 16:04 . 2009-07-14 02:36   175616   ——a-w-  c:\windows\system32\msclmd.dll
2011-06-14 20:22 . 2010-10-19 16:02   71262   ——a-w-  c:\windows\Huawei ModemsUninstall.exe
2011-06-14 20:18 . 2011-06-14 20:18   0   —-ha-w-  c:\users\Mikkel Rønsbo\AppData\Local\BIT2BC7.tmp
2011-06-14 20:18 . 2011-06-14 20:18   0   —-ha-w-  c:\users\Mikkel Rønsbo\AppData\Local\BIT2BC7.tmp
2011-06-03 05:57 . 2011-07-13 06:34   44032   ——a-w-  c:\windows\apppatch\acwow64.dll
2011-05-24 17:14 . 2010-10-19 07:44   270720   ———w-  c:\windows\system32\MpSigStub.exe
2011-05-24 11:42 . 2011-06-29 06:45   404480   ——a-w-  c:\windows\system32\umpnpmgr.dll
2011-05-24 10:40 . 2011-06-29 06:45   64512   ——a-w-  c:\windows\SysWow64\devobj.dll
2011-05-24 10:40 . 2011-06-29 06:45   44544   ——a-w-  c:\windows\SysWow64\devrtl.dll
2011-05-24 10:39 . 2011-06-29 06:45   145920   ——a-w-  c:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37 . 2011-06-29 06:45   252928   ——a-w-  c:\windows\SysWow64\drvinst.exe
2011-05-10 06:06 . 2011-05-10 06:06   51712   ——a-w-  c:\windows\system32\drivers\usbaapl64.sys
2011-05-10 06:06 . 2011-05-10 06:06   4517664   ——a-w-  c:\windows\system32\usbaaplrc.dll
2011-05-04 05:25 . 2011-06-29 06:45   2315776   ——a-w-  c:\windows\system32\tquery.dll
2011-05-04 05:22 . 2011-06-29 06:45   2223616   ——a-w-  c:\windows\system32\mssrch.dll
2011-05-04 05:22 . 2011-06-29 06:45   778752   ——a-w-  c:\windows\system32\mssvp.dll
2011-05-04 05:22 . 2011-06-29 06:45   491520   ——a-w-  c:\windows\system32\mssph.dll
2011-05-04 05:22 . 2011-06-29 06:45   75264   ——a-w-  c:\windows\system32\msscntrs.dll
2011-05-04 05:22 . 2011-06-29 06:45   288256   ——a-w-  c:\windows\system32\mssphtb.dll
2011-05-04 05:19 . 2011-06-29 06:45   591872   ——a-w-  c:\windows\system32\SearchIndexer.exe
2011-05-04 05:19 . 2011-06-29 06:45   249856   ——a-w-  c:\windows\system32\SearchProtocolHost.exe
2011-05-04 05:19 . 2011-06-29 06:45   113664   ——a-w-  c:\windows\system32\SearchFilterHost.exe
2011-05-04 04:34 . 2011-06-29 06:45   1549312   ——a-w-  c:\windows\SysWow64\tquery.dll
2011-05-04 04:32 . 2011-06-29 06:45   666624   ——a-w-  c:\windows\SysWow64\mssvp.dll
2011-05-04 04:32 . 2011-06-29 06:45   1401344   ——a-w-  c:\windows\SysWow64\mssrch.dll
2011-05-04 04:32 . 2011-06-29 06:45   337408   ——a-w-  c:\windows\SysWow64\mssph.dll
2011-05-04 04:32 . 2011-06-29 06:45   197120   ——a-w-  c:\windows\SysWow64\mssphtb.dll
2011-05-04 04:32 . 2011-06-29 06:45   59392   ——a-w-  c:\windows\SysWow64\msscntrs.dll
2011-05-04 04:28 . 2011-06-29 06:45   427520   ——a-w-  c:\windows\SysWow64\SearchIndexer.exe
2011-05-04 04:28 . 2011-06-29 06:45   164352   ——a-w-  c:\windows\SysWow64\SearchProtocolHost.exe
2011-05-04 04:28 . 2011-06-29 06:45   86528   ——a-w-  c:\windows\SysWow64\SearchFilterHost.exe
2011-05-04 02:52 . 2010-11-03 16:41   472808   ——a-w-  c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((((  SnapShot@2011-07-28_11.09.53   )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-07-29 12:46   32768         c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-07-28 11:09   32768         c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-07-28 11:09   32768         c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-29 12:46   32768         c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-29 12:46   16384         c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-28 11:09   16384         c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 05:10 . 2011-07-29 12:45   43830         c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-10-19 14:21 . 2011-07-29 12:45   10942         c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-605478102-1514458849-56303984-1000_UserData.bin
+ 2010-09-09 18:09 . 2011-07-29 12:48   80934         c:\windows\system32\perfc006.dat
- 2010-09-09 18:09 . 2011-07-28 10:44   80934         c:\windows\system32\perfc006.dat
- 2010-10-19 23:19 . 2011-07-28 10:38   16384         c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-10-19 23:19 . 2011-07-29 12:44   16384         c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-10-19 23:19 . 2011-07-28 10:38   32768         c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-10-19 23:19 . 2011-07-29 12:44   32768         c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-28 10:38   16384         c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-29 12:44   16384         c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-04-05 09:17 . 2011-08-01 07:18   9990         c:\windows\SysWOW64\config\systemprofile\AppData\Local\ESET\ESET Smart Security\Antispam\sc2.bin
- 2011-04-05 09:17 . 2011-07-28 10:49   9990         c:\windows\SysWOW64\config\systemprofile\AppData\Local\ESET\ESET Smart Security\Antispam\sc2.bin
- 2009-07-24 16:33 . 2011-07-28 11:08   5572         c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2009-07-24 16:33 . 2011-07-29 08:38   5572         c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-07-28 11:09 . 2011-07-28 11:09   2048         c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-29 12:44 . 2011-07-29 12:44   2048         c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-07-28 11:09 . 2011-07-28 11:09   2048         c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-29 12:44 . 2011-07-29 12:44   2048         c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-04-05 09:17 . 2011-07-28 10:49   642560         c:\windows\SysWOW64\config\systemprofile\AppData\Local\ESET\ESET Smart Security\Antispam\sc1.bin
+ 2011-04-05 09:17 . 2011-08-01 07:18   642560         c:\windows\SysWOW64\config\systemprofile\AppData\Local\ESET\ESET Smart Security\Antispam\sc1.bin
+ 2010-10-27 11:53 . 2011-08-01 07:16   333986         c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2010-10-19 07:58 . 2011-08-01 07:14   222546         c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 02:36 . 2011-07-29 12:48   618912         c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-07-28 10:44   618912         c:\windows\system32\perfh009.dat
+ 2010-09-09 18:09 . 2011-07-29 12:48   473358         c:\windows\system32\perfh006.dat
- 2010-09-09 18:09 . 2011-07-28 10:44   473358         c:\windows\system32\perfh006.dat
- 2009-07-14 02:36 . 2011-07-28 10:44   107232         c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-07-29 12:48   107232         c:\windows\system32\perfc009.dat
+ 2009-07-14 04:46 . 2011-07-29 06:17   112032         c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-07-14 05:01 . 2011-07-29 08:38   385004         c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-07-28 11:08   385004         c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2010-09-09 17:37 . 2011-07-28 11:08   6113344         c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-09-09 17:37 . 2011-07-29 08:38   6113344         c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-07-24 01:15 . 2011-07-29 08:38   1037604         c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-605478102-1514458849-56303984-1000-8192.dat
- 2011-07-24 01:15 . 2011-07-28 11:08   1037604         c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-605478102-1514458849-56303984-1000-8192.dat
.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“swg”=“c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2010-10-19 39408]
“Facebook Update”=“c:\users\Mikkel Rønsbo\AppData\Local\Facebook\Update\FacebookUpdate.exe” [2011-07-14 137536]
“SUPERAntiSpyware”=“c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe” [2011-06-30 2988928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
“RotateImage”=“c:\program files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe” [2008-10-30 55808]
“IMSS”=“c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe” [2010-03-25 111640]
“PWMTRV”=“c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL” [2010-05-06 1124712]
“Message Center Plus”=“c:\program files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe” [2009-05-28 49976]
“Adobe Reader Speed Launcher”=“c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2011-06-08 37296]
“Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [2011-03-30 937920]
“AppleSyncNotifier”=“c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe” [2011-04-20 58656]
“QuickTime Task”=“c:\program files (x86)\QuickTime\QTTask.exe” [2010-11-29 421888]
“Communicator”=“c:\program files (x86)\Microsoft Office Communicator\communicator.exe” [2011-06-03 5150560]
“SignIn”=“c:\program files (x86)\Microsoft Online Services\Sign In\SignIn.exe” [2010-03-09 1734512]
“OBASystemTray”=“c:\program files\AhsayACB\bin\SystemTray64.exe” [2011-07-11 525312]
“iTunesHelper”=“c:\program files (x86)\iTunes\iTunesHelper.exe” [2011-07-19 421736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“OBASystemTray”=“c:\program files\AhsayACB\bin\SystemTray64.exe” [2011-07-11 525312]
.
c:\users\Mikkel R›nsbo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Sk‘rmklipper og startprogram til OneNote 2010.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2009-10-2 1082144]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages   REG_MULTI_SZ     scecli c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=”“
.
R1 ctgdyxmc;ctgdyxmc;c:\windows\system32\drivers\ctgdyxmc.sys [x]
R1 edqmegwm;edqmegwm;c:\windows\system32\drivers\edqmegwm.sys [x]
R1 edumjrku;edumjrku;c:\windows\system32\drivers\edumjrku.sys [x]
R1 hchodepq;hchodepq;c:\windows\system32\drivers\hchodepq.sys [x]
R1 kgwpcrgn;kgwpcrgn;c:\windows\system32\drivers\kgwpcrgn.sys [x]
R1 oaxtzcge;oaxtzcge;c:\windows\system32\drivers\oaxtzcge.sys [x]
R1 ozhpfgsi;ozhpfgsi;c:\windows\system32\drivers\ozhpfgsi.sys [x]
R1 xucrcbls;xucrcbls;c:\windows\system32\drivers\xucrcbls.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Tjenesten Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
R2 OBAScheduler;Online Backup Scheduler (Wahlgreen A-Click Backup);c:\program files\AhsayACB\bin\Scheduler.exe [2011-07-11 77824]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2010-05-06 164200]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Google Update Tjeneste (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 PCDSRVC{127174DC-C366ED8B-06020000}_0;PCDSRVC{127174DC-C366ED8B-06020000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc_x64.pkms [2010-05-07 24560]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [x]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2010-05-06 75112]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-09-30 126392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Tjenesten Windows Aktivering;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-12 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-05-04 128384]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2011-01-12 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2010-04-20 50536]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2010-04-07 45496]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2010-04-20 74088]
S2 OBACDPService;Continuous Data Protection (Wahlgreen A-Click Backup);c:\program files\AhsayACB\bin\CDPService64.exe [2011-07-11 361984]
S2 QDLService2kLenovo;Qualcomm Gobi 2000 Download Service (Lenovo);c:\program files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [2010-04-26 331512]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
S2 smihlp;SMI Helper Driver (smihlp);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [2009-03-13 13840]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2234152]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2010-04-07 63928]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-25 2320920]
S2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe [2010-10-21 62184]
S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
S3 qcfilterlno2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9205);c:\windows\system32\DRIVERS\qcfilterlno2k.sys [x]
S3 qcusbnetlno2k;Gobi 2000 USB-NDIS miniport(05C6-9205);c:\windows\system32\DRIVERS\qcusbnetlno2k.sys [x]
S3 qcusbserlno2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9205);c:\windows\system32\DRIVERS\qcusbserlno2k.sys [x]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Indhold af mappen ‘Planlagte Opgaver’
.
2011-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 08:08]
.
2011-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 08:08]
.
2011-06-09 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2010-05-07 19:52]
.
2011-07-29 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdrcui.exe [2010-05-08 00:50]
.
.
————- x86-64—————-
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“SynTPEnh”=“c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe” [BU]
“TPHOTKEY”=“c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe” [2009-12-21 69568]
“TpShocks”=“TpShocks.exe” [2009-12-11 380776]
“SmartAudio”=“c:\program files\CONEXANT\SAII\SAIICpl.exe” [2009-11-17 307768]
“LENOVO.TPKNRRES”=“c:\program files\Lenovo\Communications Utility\TPKNRRES.exe” [2010-04-20 62312]
“AcWin7Hlpr”=“c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe” [2009-10-14 36864]
“egui”=“c:\program files\ESET\ESET Smart Security\egui.exe” [2011-01-12 2918656]
“OBASystemTray”=“c:\program files\AhsayACB\bin\SystemTray64.exe” [2011-07-11 525312]
“IgfxTray”=“c:\windows\system32\igfxtray.exe” [2010-11-29 167960]
“HotKeysCmds”=“c:\windows\system32\hkcmd.exe” [2010-11-29 391704]
“Persistence”=“c:\windows\system32\igfxpers.exe” [2010-11-29 417304]
.
———- Yderligere scanning———-
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = politiken.dk
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&ksporter; til Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki ... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: S&end; til OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send billede til &Bluetooth;-enhed… - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send siden til &Bluetooth;-enhed… - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
Trusted Zone: portalbank.dk\www
TCP: DhcpNameServer = 80.251.192.244 80.251.192.245
FF - ProfilePath - c:\users\Mikkel Rønsbo\AppData\Roaming\Mozilla\Firefox\Profiles\2izdd2m9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2953735&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo-Mp3Tube
FF - prefs.js: browser.startup.homepage - hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_homepage&prt=pinballtb04ff&clid=4f51df9264ac4d2eb7372ef8ba868ab2&subid;=
FF - prefs.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords;=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: CyberDefender-TB Community Toolbar: {ffb11c0c-da90-4969-a995-8dca2e0fc10a} - %profile%\extensions\{ffb11c0c-da90-4969-a995-8dca2e0fc10a}
FF - user.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords;=
FF - user.js: keyword.enabled - 1
.
- - - - TOMME GENVEJE FJERNET - - - -
.
BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{127174DC-C366ED8B-06020000}_0]
“ImagePath”=”\??\c:\program files\pc-doctor\pcdsrvc_x64.pkms”
.
——————————- LÅSTE REGISTRERINGS NØGLER——————————-
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=”@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
“Enabled”=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@=“Shockwave Flash Object”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx”
“ThreadingModel”=“Apartment”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@=“0”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@=“ShockwaveFlash.ShockwaveFlash.10”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@=”{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@=“1.0”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@=“ShockwaveFlash.ShockwaveFlash”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@=“Macromedia Flash Factory Object”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx”
“ThreadingModel”=“Apartment”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@=“FlashFactory.FlashFactory.1”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@=”{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@=“1.0”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@=“FlashFactory.FlashFactory”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@=“IFlashBroker4”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@=”{00020424-0000-0000-C000-000000000046}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
“Solution”=”{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
“Key”=“ActionsPane3”
“Location”=“c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd”
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Gennemført tid: 2011-08-01 10:53:36
ComboFix-quarantined-files.txt 2011-08-01 08:53
ComboFix2.txt 2011-07-28 11:11
.
Pre-Kørsel: 9.413.865.472 byte ledig
Post-Kørsel: 9.901.666.304 byte ledig
.
- - End Of File - - 75DB85B6BE096F301FF196725E96D269

Administrator
Avatar
Antal indlæg: 37450

Nogen problemer med at køre CFScript´et ?


For det har du ikke brugt til den sidste combofix kørsel.

Signatur

Download IKKE Programmer fra Disse  suspekte sider

  MHR
Antal indlæg: 6

Ja, jeg måtte deaktivere mit ESET Smart Security antivirusprogram. Skal jeg prøve igen?

Administrator
Avatar
Antal indlæg: 37450

Ja prøv igen, det er muligt at det går bedre fra fejlsikret tilstand.

Signatur

Download IKKE Programmer fra Disse  suspekte sider

  MHR
Antal indlæg: 6

Hej igen

Jeg tager på ferie nu i 3½ uge. Tusind tak for hjælpen - håber, at vi kan fortsætte når jeg kommer hjem til min pc igen!!?

de bedste hilsner Mikkel

Administrator
Avatar
Antal indlæg: 55750

Vi holder tråden åben.

God ferie. smile

Signatur

qui potest, obligatur

Nierne bomaye - You’ll never walk alone

Kaffen er drukket
Kassen er lukket
Støtten gør mere nytte
Hos de små og forknytte
Børns vilkår
Hospitalsklovne

  MHR
Antal indlæg: 6

Mange tak:-)