Oki-Doki.
Here goes..! ;-)
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 04/08/2008 at 06:09 PM
Application Version : 4.0.1154
Core Rules Database Version : 3433
Trace Rules Database Version: 1425
Scan type : Complete Scan
Total Scan Time : 00:26:25
Memory items scanned : 226
Memory threats detected : 0
Registry items scanned : 6948
Registry threats detected : 0
File items scanned : 18220
File threats detected : 63
Adware.Tracking Cookie
C:\Documents and Settings\Administrator\Cookies\administrator@e2.emediate[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad1.emediate[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@insightexpressai[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[3].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@telmore.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adopt.euroclick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@lenovo.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@burstnet[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@server.iad.liveperson[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@media.adrevolver[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@toplist[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@windowsmedia[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adopt.specificclick[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@statcounter[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@imrworldwide[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@singlesex[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@bankdata.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@autocom.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sonyeurope.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@zedo[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@pulz.banneradministration[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@coopdev.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.revsci[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adbrite[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@overture[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@revsci[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.findsvar[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@specificclick[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.zanox[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adserver.banneradministration[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@realmedia[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@fastclick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.guru3d[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@247realmedia[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@eas.apm.emediate[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@statse.webtrendslive[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@tradedoubler[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@apmebf[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@videoegg.adbureau[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@casalemedia[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@revenue[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@perf.overture[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.singlesex[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@politiken.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.burstbeacon[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.planetactive[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@track.adform[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@socialmedia[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@rocku.adbureau[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@tribalfusion[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@kontera[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adtech[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@bs.serving-sys[2].txt
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:45:31, on 08-04-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Intel\Wireless\Bin\EvtEng.exe
C:\Programmer\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Programmer\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmer\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Programmer\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Programmer\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Intel\Wireless\Bin\RegSrvc.exe
c:\Programmer\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Programmer\Fælles filer\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Programmer\Lenovo\Rescue and Recovery\rrservice.exe
C:\Programmer\Fælles filer\Lenovo\Scheduler\tvtsched.exe
C:\Programmer\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmer\ThinkPad\ConnectUtilities\AcSvc.exe
c:\programmer\lenovo\system update\suservice.exe
C:\Programmer\Fælles filer\Lenovo\Logger\logmon.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
C:\Programmer\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Programmer\Lenovo\Client Security Solution\cssauth.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Programmer\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programmer\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\Programmer\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Programmer\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\Programmer\ThinkVantage\AMSG\Amsg.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe
C:\Programmer\Lenovo\AwayTask\AwaySch.EXE
C:\Programmer\ThinkPad\ConnectUtilities\ACTray.exe
C:\Programmer\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Programmer\Lenovo\SafeGuard PrivateDisk\pdservice.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmer\Hewlett-Packard\Toolbox\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe
C:\Programmer\Microsoft ActiveSync\Wcescomm.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\Lenovo\Client Security Solution\tvtpwm_tray.exe
C:\Programmer\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Programmer\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Programmer\Windows Desktop Search\WindowsSearch.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Programmer\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.pr-film.dk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Programmer\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Programmer\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmer\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Programmer\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [AMSG] C:\Programmer\ThinkVantage\AMSG\Amsg.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FLLESF~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AwaySch] C:\Programmer\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Programmer\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [ACTray] C:\Programmer\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Programmer\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [PDService.exe] "C:\Programmer\Lenovo\SafeGuard PrivateDisk\pdservice.exe"
O4 - HKLM\..\Run: [cssauth] "C:\Programmer\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [StatusClient 2.5] C:\Programmer\Hewlett-Packard\Toolbox\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Programmer\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmer\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Windows-pc-søgning.lnk = C:\Programmer\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search -
res://C:\Programmer\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&ksporter til Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O8 - Extra context menu item: Send til &Bluetooth-enhed... - C:\Programmer\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Programmer\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Programmer\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) -
http://www-307.ibm.com/pc/support/acpir.cabO16 - DPF: {B6905E70-4B33-11D3-A498-0008C7DB06E6} (Navision Axapta Web Deployment Client) -
http://87.48.152.168/AxaptaWebDeploy/AxWebDeploy.cabO16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DLM Control) -
http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.3.4.cabO17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = holmstrup.local
O17 - HKLM\Software\..\Telephony: DomainName = holmstrup.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = holmstrup.local
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: AwayNotify - C:\Programmer\Lenovo\AwayTask\AwayNotify.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Programmer\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Programmer\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmer\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Programmer\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\programmer\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Programmer\Fælles filer\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Programmer\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Programmer\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Programmer\Fælles filer\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Programmer\Lenovo\Rescue and Recovery\ADM\IUService.exe
--
End of file - 14338 bytes
ComboFix 08-04-07.5 - Administrator 2008-04-08 22:09:57.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1030.18.248 [GMT 2:00]
Running from: C:\Documents and Settings\Administrator\Skrivebord\HiJack\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((( Files Created from 2008-03-08 to 2008-04-08 )))))))))))))))))))))))))))))))
.
2008-04-08 17:28 . 2008-04-08 21:58 <DIR> d-------- C:\Programmer\SUPERAntiSpyware
2008-04-08 17:28 . 2008-04-08 17:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-04-08 17:28 . 2008-04-08 17:28 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2008-04-08 17:17 . 2008-04-08 17:17 <DIR> d-------- C:\Programmer\CCleaner
2008-04-07 14:57 . 2008-04-07 14:57 <DIR> d-------- C:\Programmer\Trend Micro
2008-03-31 11:55 . 2008-03-31 11:55 <DIR> d-------- C:\Programmer\Fælles filer\xing shared
2008-03-31 10:37 . 2008-03-29 19:31 75,856 --------- C:\WINDOWS\system32\drivers\aswSP.sys
2008-03-31 10:37 . 2008-03-29 19:35 20,560 --------- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2008-03-30 20:35 . 2008-03-30 20:35 <DIR> d-------- C:\Programmer\Fælles filer\Macromedia
2008-03-30 20:34 . 2008-03-30 20:35 <DIR> d-------- C:\Programmer\Macromedia
2008-03-30 17:29 . 2008-03-30 17:29 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\DivX
2008-03-24 14:08 . 2008-03-24 14:08 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2008-03-18 00:31 . 2008-03-18 00:31 <DIR> d-------- C:\Programmer\Navision
2008-03-18 00:04 . 2008-03-18 00:04 <DIR> d-------- C:\Programmer\XP Codec Pack
2008-03-18 00:04 . 2008-03-18 00:04 <DIR> d-------- C:\Programmer\Codec
2008-03-17 15:45 . 2008-04-01 13:05 171 --------- C:\WINDOWS\hpbafd.ini
2008-03-17 13:23 . 2008-03-17 18:01 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Download Manager
2008-03-11 17:45 . 2008-03-11 17:45 <DIR> d-------- C:\Documents and Settings\Administrator\Bluetooth Software
2008-03-10 17:59 . 2008-03-10 17:59 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\InterVideo
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-08 15:28 --------- d-----w C:\Programmer\Fælles filer\Wise Installation Wizard
2008-04-06 20:47 5,427 ------w C:\WINDOWS\system32\EGATHDRV.SYS
2008-04-02 09:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-31 09:55 --------- d-----w C:\Programmer\Fælles filer\Real
2008-03-30 18:35 --------- d--h--w C:\Programmer\InstallShield Installation Information
2008-03-29 17:45 1,146,232 ----a-w C:\WINDOWS\system32\aswBoot.exe
2008-03-29 17:35 94,544 ------w C:\WINDOWS\system32\drivers\aswmon2.sys
2008-03-29 17:29 23,152 ------w C:\WINDOWS\system32\drivers\aswRdr.sys
2008-03-29 17:27 42,912 ------w C:\WINDOWS\system32\drivers\aswTdi.sys
2008-03-29 17:26 26,944 ------w C:\WINDOWS\system32\drivers\aavmker4.sys
2008-03-29 17:23 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2008-03-27 17:49 --------- d-----w C:\Programmer\Java
2008-03-26 11:20 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Apple Computer
2008-03-06 21:27 --------- d--h--w C:\Programmer\Zero G Registry
2008-03-06 21:27 --------- d-----w C:\Programmer\Hewlett-Packard
2008-03-06 21:22 --------- d-----w C:\Programmer\Fælles filer\SWF Studio
2008-03-06 15:29 962,560 ------w C:\WINDOWS\system32\VSFilter.dll
2008-03-03 13:02 --------- d-----w C:\Programmer\iTunes
2008-03-03 13:02 --------- d-----w C:\Programmer\iPod
2008-03-03 13:02 --------- d-----w C:\Programmer\Fælles filer\Apple
2008-03-03 12:57 --------- d-----w C:\Programmer\Windows Live
2008-03-03 12:42 --------- d-----w C:\Programmer\QuickTime
2008-03-03 12:41 --------- d-----w C:\Programmer\Apple Software Update
2008-03-03 12:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-03-03 12:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-03-03 11:40 --------- d-----w C:\Programmer\SkoleKom
2008-03-03 11:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\FirstClass
2008-03-03 11:40 --------- d-----w C:\Documents and Settings\Administrator\Application Data\FirstClass
2008-03-02 17:53 --------- d-----w C:\Programmer\Microsoft SQL Server Compact Edition
2008-03-02 17:49 --------- dcsh--w C:\Programmer\Fælles filer\WindowsLiveInstaller
2008-03-02 17:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-01 12:52 --------- d-----w C:\Programmer\Microsoft SQL Server
2008-03-01 12:48 --------- d-----w C:\Programmer\MSXML 6.0
2008-03-01 12:48 --------- d-----w C:\Programmer\Microsoft CAPICOM 2.1.0.2
2008-03-01 12:43 --------- d-----w C:\Programmer\MSXML 4.0
2008-02-29 23:53 --------- d-----w C:\Programmer\Fælles filer\Adobe
2008-02-29 22:05 --------- d-----w C:\Programmer\Windows Media Connect 2
2008-02-29 22:03 --------- d-----w C:\Programmer\Real
2008-02-29 21:36 --------- d-----w C:\Programmer\Microsoft ActiveSync
2008-02-29 21:30 --------- d-----w C:\Programmer\Microsoft Silverlight
2008-02-29 18:16 21,376 ------w C:\WINDOWS\system32\drivers\psadd.sys
2008-02-29 18:01 47 ------w C:\WINDOWS\system32\drivers\IBM_6372_63G.MRK
2008-02-29 18:01 --------- d-----w C:\Programmer\Lenovo
2008-02-29 18:01 --------- d-----w C:\Programmer\Fælles filer\Lenovo
2008-02-29 18:01 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Sonic
2008-02-29 18:01 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Leadertech
2008-02-29 17:02 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search
2008-02-29 17:01 --------- d-----w C:\Programmer\Windows Desktop Search
2008-02-29 16:55 --------- d-----w C:\Documents and Settings\Administrator\Application Data\OfficeUpdate12
2008-02-29 16:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-02-29 16:17 --------- d-----w C:\Programmer\MSBuild
2008-02-29 16:17 --------- d-----w C:\Programmer\Microsoft Works
2008-02-29 16:13 --------- d-----w C:\Programmer\Microsoft Visual Studio 8
2008-02-29 16:03 --------- d-----w C:\Documents and Settings\Rune\Application Data\Lenovo
2008-02-29 16:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lenovo
2008-02-29 16:03 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Lenovo
2008-02-29 15:49 --------- d-----w C:\Programmer\Alwil Software
2008-02-29 13:35 --------- d-----w C:\Programmer\Fælles filer\Symantec Shared
2008-02-29 13:31 --------- d-----w C:\Programmer\Symantec Client Security
2008-02-29 13:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-02-29 12:58 --------- d-----w C:\Programmer\Windows Live Toolbar
2008-02-29 12:57 50 ------w C:\WINDOWS\system32\drivers\LENOVO_6372_63G.MRK
2008-02-29 12:49 --------- d-----w C:\Programmer\Microsoft Small Business
2008-02-29 12:43 --------- d-----w C:\Programmer\Microsoft.NET
2008-02-29 12:40 --------- d-----w C:\WINDOWS\system32\config\systemprofile\Application Data\ThinkVantage
2008-02-29 12:40 --------- d-----w C:\WINDOWS\system32\config\systemprofile\Application Data\Lenovo
2008-02-29 12:40 --------- d-----w C:\Documents and Settings\Rune\Application Data\ThinkVantage
2008-02-29 12:40 --------- d-----w C:\Documents and Settings\Administrator\Application Data\ThinkVantage
2008-02-29 12:34 23,552 ------w C:\WINDOWS\system32\drivers\psasrv.exe
2008-02-29 12:33 7,012 ------w C:\WINDOWS\system32\drivers\pmemnt.sys
2008-02-29 12:33 --------- d-----w C:\Programmer\TVT SMBus
2008-02-29 12:33 --------- d-----w C:\Programmer\ThinkPad
2008-02-29 12:33 --------- d-----w C:\Programmer\SMI2
2008-02-29 12:33 --------- d-----w C:\Programmer\Picasa2
2008-02-29 12:32 --------- d-----w C:\Programmer\Diskeeper Corporation
2008-02-29 12:28 --------- d-----w C:\WINDOWS\system32\config\systemprofile\Application Data\Symantec
2008-02-29 12:28 --------- d-----w C:\Documents and Settings\Rune\Application Data\Symantec
2008-02-29 12:28 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Symantec
2008-02-29 12:27 --------- d-----w C:\Programmer\PCDR5
2008-02-29 12:25 --------- d-----w C:\Programmer\Sonic Icons for Lenovo
2008-02-29 12:25 --------- d-----w C:\Programmer\Sonic
2008-02-29 12:25 --------- d-----w C:\Programmer\Multimedia Center for Think Offerings
2008-02-29 12:25 --------- d-----w C:\Programmer\Fælles filer\SureThing Shared
2008-02-29 12:25 --------- d-----w C:\Programmer\Fælles filer\Sonic Shared
2008-02-29 12:25 --------- d-----w C:\Programmer\Fælles filer\Installshield
2008-02-29 12:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
2008-02-29 12:24 --------- d-----w C:\Programmer\InterVideo
2008-02-29 12:24 --------- d-----w C:\Programmer\Fælles filer\InterVideo
2008-02-29 12:23 --------- d-----w C:\Programmer\ThinkVantage
2008-02-29 12:22 --------- d-----w C:\Programmer\Fælles filer\Java
2008-02-29 12:20 --------- d-----w C:\Documents and Settings\NetworkService\Application Data\Intel
2008-02-29 12:18 --------- d-----w C:\Programmer\CONEXANT
2008-02-29 12:18 --------- d-----w C:\Programmer\Analog Devices
2008-02-29 12:18 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Intel
2008-02-29 12:17 0 ---h--r C:\WINDOWS\system32\drivers\IBM_6372_63G_TP.MRK
2008-02-29 12:16 21,419 ------w C:\WINDOWS\system32\drivers\AegisP.sys
2008-02-29 12:16 --------- d-----w C:\WINDOWS\system32\config\systemprofile\Application Data\Intel
2008-02-29 12:16 --------- d-----w C:\Programmer\ThinkVantage Fingerprint Software
2008-02-29 12:16 --------- d-----w C:\Programmer\Intel
2008-02-29 12:16 --------- d-----w C:\Programmer\Fælles filer\ThinkVantage Fingerprint Software
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-28 01:00 15360]
"MsnMsgr"="C:\Programmer\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
"H/PC Connection Agent"="C:\Programmer\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 14:39 1289000]
"SUPERAntiSpyware"="C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PWRMGRTR"="C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2006-05-25 18:13 151552]
"BLOG"="C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2006-05-25 18:13 208896]
"SynTPLpr"="C:\Programmer\Synaptics\SynTP\SynTPLpr.exe" [2006-02-14 07:17 110592]
"SynTPEnh"="C:\Programmer\Synaptics\SynTP\SynTPEnh.exe" [2006-02-14 07:16 512000]
"EZEJMNAP"="C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2006-02-23 19:22 237568]
"TPKMAPHELPER"="C:\Programmer\ThinkPad\Utilities\TpKmapAp.exe" [2006-06-02 23:00 856064]
"TpShocks"="TpShocks.exe" [2006-03-15 20:04 106496 C:\WINDOWS\system32\TpShocks.exe]
"TPHOTKEY"="C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe" [2006-07-25 03:19 94208]
"TP4EX"="tp4ex.exe" [2005-10-17 02:11 65536 C:\WINDOWS\system32\TP4EX.exe]
"SoundMAXPnP"="C:\Programmer\Analog Devices\Core\smax4pnp.exe" [2005-05-20 02:11 925696]
"SoundMAX"="C:\Programmer\Analog Devices\SoundMAX\Smax4.exe" [2005-05-06 16:06 716800]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-07-25 08:21 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-07-25 08:17 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-07-25 08:21 118784]
"LPManager"="C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe" [2006-07-04 18:11 110592]
"AMSG"="C:\Programmer\ThinkVantage\AMSG\Amsg.exe" [2005-11-14 08:23 487424]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2006-02-02 06:20 122940]
"ISUSPM Startup"="C:\PROGRA~1\FLLESF~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 17:50 221184]
"ISUSScheduler"="C:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe" [2004-07-27 17:50 81920]
"AwaySch"="C:\Programmer\Lenovo\AwayTask\AwaySch.EXE" [2006-08-16 19:07 69632]
"DiskeeperSystray"="C:\Programmer\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-05-18 17:24 196696]
"ACTray"="C:\Programmer\ThinkPad\ConnectUtilities\ACTray.exe" [2007-02-19 17:10 409600]
"ACWLIcon"="C:\Programmer\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2007-02-19 17:02 110592]
"PDService.exe"="C:\Programmer\Lenovo\SafeGuard PrivateDisk\pdservice.exe" [2006-03-13 17:38 41472]
"cssauth"="C:\Programmer\Lenovo\Client Security Solution\cssauth.exe" [2006-07-14 19:13 2341632]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]
"StatusClient 2.5"="C:\Programmer\Hewlett-Packard\Toolbox\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2003-10-01 00:39 61440]
"TomcatStartup 2.5"="C:\Programmer\Hewlett-Packard\Toolbox\hpbpsttp.exe" [2003-06-10 18:47 155648]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-28 01:00 15360]
C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\
BTTray.lnk - C:\Programmer\ThinkPad\Bluetooth Software\BTTray.exe [2006-05-31 15:51:02 622653]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2008-02-29 14:18:26 24576]
Windows-pc-s›gning.lnk - C:\Programmer\Windows Desktop Search\WindowsSearch.exe [2007-02-05 16:40:46 118784]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Programmer\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 16:39 294400]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programmer\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Programmer\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AwayNotify]
C:\Programmer\Lenovo\AwayTask\AwayNotify.dll 2006-08-16 19:07 49152 C:\Programmer\Lenovo\AwayTask\AwayNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
psqlpwd.dll 2006-04-25 20:20 40448 C:\WINDOWS\system32\psqlpwd.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
notifyf2.dll 2005-07-05 16:45 28672 C:\WINDOWS\system32\notifyf2.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
tphklock.dll 2005-11-30 13:16 24576 C:\WINDOWS\system32\tphklock.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= ffdshow.ax
"msacm.ac3filter"= ac3filter.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmer\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\Programmer\Microsoft ActiveSync\rapimgr.exe"= C:\Programmer\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Programmer\Microsoft ActiveSync\wcescomm.exe"= C:\Programmer\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Programmer\Microsoft ActiveSync\WCESMgr.exe"= C:\Programmer\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmer\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Programmer\\iTunes\\iTunes.exe"=
"C:\\Programmer\\Hewlett-Packard\\Toolbox\\jre\\bin\\javaw.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 Shockprf;Shockprf;C:\WINDOWS\system32\drivers\Shockprf.sys [2006-03-15 18:08]
R1 ANC;ANC;C:\WINDOWS\system32\drivers\ANC.SYS [2005-11-08 10:27]
R1 IBMTPCHK;IBMTPCHK;C:\WINDOWS\system32\Drivers\IBMBLDID.sys [2006-01-13 01:33]
R1 ShockMgr;ShockMgr;C:\WINDOWS\system32\drivers\ShockMgr.sys [2005-06-20 13:18]
R1 TPPWRIF;TPPWRIF;C:\WINDOWS\system32\drivers\Tppwrif.sys [2006-05-25 18:13]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Starttjeneste;"C:\Programmer\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe" [2008-01-16 12:01]
R2 PrivateDisk;PrivateDisk;C:\Programmer\Lenovo\SafeGuard PrivateDisk\PrivateDiskM.sys [2006-03-13 17:05]
R2 smi2;smi2;C:\Programmer\SMI2\smi2.sys [2006-07-14 16:55]
R2 smihlp;SMI helper driver;C:\Programmer\ThinkVantage Fingerprint Software\smihlp.sys [2006-04-25 20:00]
R2 SQLWriter;SQL Server VSS Writer;"c:\Programmer\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 06:29]
R3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);"c:\Programmer\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ []
R3 TcUsb;TC USB Kernel Driver;C:\WINDOWS\system32\Drivers\tcusb.sys [2006-04-25 20:13]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9E4C88F5-F8EB-45C5-A0B3-08BC50AB9B1E}]
C:\WINDOWS\system32\msiexec.exe /fup {9E4C88F5-F8EB-45C5-A0B3-08BC50AB9B1E} /q
.
Contents of the 'Scheduled Tasks' folder
"2008-03-03 12:41:43 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Programmer\Apple Software Update\SoftwareUpdate.exe
"2008-04-08 19:55:07 C:\WINDOWS\Tasks\PMTask.job"
- C:\PROGRA~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE
"2008-04-08 20:08:00 C:\WINDOWS\Tasks\Søg efter opdateringer til Windows Live Toolbar.job"
- C:\Programmer\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-04-08 22:13:38
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\tphklock.dll
.
Completion time: 2008-04-08 22:14:38
ComboFix-quarantined-files.txt 2008-04-08 20:14:18
Pre-Run: 28,186,656,768 byte ledig
Post-Run: 28,166,643,712 byte ledig
.
2008-03-13 01:57:47 --- E O F ---
Goffernøjerlse..! ;-)
