Kommer her. Jeg skal køre mine programmer som admin. er det normalt eller kommer løsningen senere :)
ComboFix 10-01-27.06 - Torben 28-01-2010 21:40:14.2.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.45.1030.18.3061.1622 [GMT 1:00]
Kører fra: c:\users\Torben\Desktop\ComboFix.exe
Kommandoer benyttet :: c:\users\Torben\Desktop\CFScript.txt
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-1689095640-780087886-3370951399-500
c:\$recycle.bin\S-1-5-21-1980901630-1387125616-1149383210-1176
c:\$recycle.bin\S-1-5-21-1980901630-1387125616-1149383210-500
c:\$recycle.bin\S-1-5-21-2352288461-954959840-994521942-500
c:\$recycle.bin\S-1-5-21-918056312-2952985149-2686913973-500
c:\program files\Downloaded Installers
c:\program files\Downloaded Installers\{371AB09E-E124-49F2-884E-F60E0DECEB7C}\setup.msi
c:\program files\QUAD Utilities
c:\program files\QUAD Utilities\QUAD Registry Cleaner\program.log
c:\program files\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner website.url
c:\program files\QUAD Utilities\QUAD Registry Cleaner\Styles\Vista.cjstyles
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
c:\users\Torben\AppData\Roaming\Desktopicon
c:\users\Torben\AppData\Roaming\Desktopicon\config.ini
c:\users\Torben\AppData\Roaming\Desktopicon\eBayShortcuts.exe
c:\users\Torben\AppData\Roaming\QUAD Backups
.
((((((((((((((((((((((((((((( Filer skabt fra 2009-12-28 til 2010-01-28 )))))))))))))))))))))))))))))))))))
.
2010-01-28 20:49 . 2010-01-28 20:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-28 17:38 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-28 17:38 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-28 10:11 . 2010-01-28 10:11 -------- d-----w- c:\users\Torben\AppData\Local\Threat Expert
2010-01-28 09:34 . 2010-01-28 09:34 -------- d-----w- c:\users\Torben\AppData\Roaming\AVG8
2010-01-13 12:15 . 2009-10-19 13:38 156672 ------w- c:\windows\system32\t2embed.dll
2010-01-13 12:15 . 2009-10-19 13:35 72704 ------w- c:\windows\system32\fontsub.dll
2010-01-07 17:55 . 2010-01-07 17:55 -------- d-----w- c:\users\Torben\AppData\Roaming\PC Suite
2010-01-07 17:55 . 2010-01-07 17:55 -------- d-----w- c:\users\Torben\AppData\Roaming\GARMIN
2010-01-06 12:10 . 2010-01-06 12:24 -------- d-----w- c:\users\Torben\{b9ec9257-c4b1-4fc9-8ad4-bbe60526b739}
2010-01-06 12:02 . 2010-01-06 12:02 -------- d-----w- C:\OkiDriver
2010-01-05 08:57 . 2010-01-05 09:36 -------- d-----w- c:\users\Torben\{8bd04b57-744f-4674-bc64-df6f55132445}
2010-01-05 08:52 . 2004-04-20 14:18 36992 ------w- c:\windows\system32\drivers\OkiPar.sys
2010-01-05 08:52 . 2001-01-15 14:17 808 ------w- c:\windows\system32\OKIPAR.DAT
2010-01-05 08:52 . 2010-01-05 08:52 -------- d-----w- c:\program files\Okidata
1601-01-01 00:00 . 1601-01-01 00:00 -------- d-----w- C:\F
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-28 20:50 . 2008-02-12 11:40 -------- d-----w- c:\programdata\Symantec
2010-01-28 20:49 . 2007-12-23 00:43 12 ----a-w- c:\windows\bthservsdp.dat
2010-01-28 20:23 . 2008-02-12 11:40 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-01-28 20:23 . 2008-02-12 11:41 -------- d-----w- c:\program files\Symantec
2010-01-28 17:38 . 2009-06-08 07:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-23 02:19 . 2008-07-01 12:04 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-14 10:12 . 2009-10-03 00:17 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-14 02:07 . 2007-12-23 02:03 -------- d-----w- c:\programdata\Microsoft Help
2010-01-14 02:06 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-10 11:27 . 2009-06-03 14:19 0 ------w- c:\users\Torben\temp.dat
2010-01-06 12:24 . 2008-02-22 13:05 -------- d-----w- c:\programdata\pdf995
2010-01-05 09:36 . 2007-12-23 01:29 -------- d-----w- c:\programdata\Lenovo
2010-01-05 08:52 . 2007-12-23 00:58 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-02 06:38 . 2010-01-22 03:27 916480 ------w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-22 03:27 109056 ------w- c:\windows\system32\iesysprep.dll
2010-01-02 06:32 . 2010-01-22 03:27 71680 ------w- c:\windows\system32\iesetup.dll
2010-01-02 04:57 . 2010-01-22 03:27 133632 ------w- c:\windows\system32\ieUnatt.exe
2009-12-17 12:48 . 2007-12-23 01:48 -------- d-----w- c:\program files\Google
2009-11-14 14:04 . 2009-06-09 14:40 71253 ------w- c:\windows\Huawei ModemsUninstall.exe
2009-11-09 12:31 . 2009-12-10 02:06 24064 ------w- c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-10 02:06 30720 ------w- c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-10 02:06 411648 ------w- c:\windows\system32\drivers\http.sys
2007-12-23 00:23 . 2007-12-23 00:15 8192 --sh--w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2009-06-23 434176]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe" [2009-07-21 468408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"TPFNF7"="c:\program files\Lenovo\NPDIRECT\TPFNF7SP.exe" [2007-04-09 58416]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2007-09-05 319488]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-22 820520]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2007-03-09 66176]
"TpShocks"="TpShocks.exe" [2007-09-28 181544]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2007-03-28 243248]
"LenovoOobeOffers"="c:\swtools\LenovoWelcome\LenovoOobeOffers.exe" [2007-09-25 28672]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424]
"DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-11-16 217176]
"AwaySch"="c:\program files\Lenovo\AwayTask\AwaySch.EXE" [2006-11-07 91688]
"LPManager"="c:\progra~1\THINKV~2\PrdCtr\LPMGR.exe" [2007-04-26 120368]
"AMSG"="c:\program files\ThinkVantage\AMSG\Amsg.exe" [2007-02-01 419376]
"ACTray"="c:\program files\ThinkPad\ConnectUtilities\ACTray.exe" [2007-07-05 419112]
"ACWLIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2007-07-05 124200]
"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2007-08-09 2630968]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-07-09 1282048]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"USB Storage Toolbox"="c:\windows\UMStor\Res.EXE" [2005-09-14 65536]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-12-23 50688]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LenovoRegistration.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\LenovoRegistration.lnk
backup=c:\windows\pss\LenovoRegistration.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BLOG]
2007-09-05 17:07 214576 ------w- c:\progra~1\ThinkPad\UTILIT~1\BTVLOGEX.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):40,d2,6b,50,6c,fe,c9,01
R0 TPDIGIMN;TPDIGIMN;c:\windows\System32\drivers\ApsHM86.sys [29-09-2007 01:28 19504]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\System32\drivers\smiif32.sys [19-02-2007 05:12 13744]
R2 EmmaDevMgmtSvc;Emma Device Management;c:\program files\Common Files\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe [26-08-2009 15:51 306296]
R2 EmmaUpdMgmtSvc;Emma Update Management;c:\program files\Common Files\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe [26-08-2009 15:51 162936]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [08-09-2009 19:41 90112]
R2 TPHKSVC;On Screen Display;c:\program files\Lenovo\HOTKEY\TPHKSVC.exe [09-07-2007 07:23 55936]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [09-01-2007 05:03 569344]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\System32\drivers\seehcri.sys [08-09-2009 19:41 27632]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\System32\drivers\tvti2c.sys [23-05-2007 00:59 30336]
S2 gupdate1c9c390a84e8960;Tjenesten Google Update (gupdate1c9c390a84e8960);c:\program files\Google\Update\GoogleUpdate.exe [22-04-2009 22:23 133104]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [02-11-2006 11:25 167936]
S3 FontCache;Tjenesten Windows-skrifttypecache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [23-06-2008 08:31 21504]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\System32\drivers\ggflt.sys [06-04-2009 08:13 13224]
S3 OKI OPHD DCS Loader;OKI OPHD DCS Loader;c:\windows\System32\spool\drivers\w32x86\3\OPHDLDCS.EXE [30-11-2006 10:05 24576]
S3 PCD5SRVC{DF187064-5DA14001-05040000};PCD5SRVC{DF187064-5DA14001-05040000} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\PCDR5\PCD5SRVC.pkms [22-08-2007 20:12 25760]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\System32\drivers\s0016bus.sys [08-09-2009 19:41 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\System32\drivers\s0016mdfl.sys [08-09-2009 19:41 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\System32\drivers\s0016mdm.sys [08-09-2009 19:41 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0016mgmt.sys [08-09-2009 19:41 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\System32\drivers\s0016nd5.sys [08-09-2009 19:41 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\System32\drivers\s0016obex.sys [08-09-2009 19:41 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\System32\drivers\s0016unic.sys [08-09-2009 19:41 115752]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\System32\drivers\s0017bus.sys [08-09-2009 19:41 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\System32\drivers\s0017mdfl.sys [08-09-2009 19:41 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\System32\drivers\s0017mdm.sys [08-09-2009 19:41 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0017mgmt.sys [08-09-2009 19:41 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\System32\drivers\s0017nd5.sys [08-09-2009 19:41 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\System32\drivers\s0017obex.sys [08-09-2009 19:41 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\System32\drivers\s0017unic.sys [08-09-2009 19:41 109736]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Indhold af mappen 'Planlagte Opgaver'
2010-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-22 21:23]
2010-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-22 21:23]
2010-01-28 c:\windows\Tasks\User_Feed_Synchronization-{7FB51E8E-F57E-4D8A-916A-1207E2509139}.job
- c:\windows\system32\msfeedssync.exe [2010-01-22 04:56]
.
.
------- Yderligere scanning -------
.
uStart Page =
hxxp://www.google.dk/IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send billede til &Bluetooth-enhed... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send siden til &Bluetooth-enhed... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
Trusted Zone: cpr.dk\web
Trusted Zone: csc.dk\login.service
Trusted Zone: danid.dk
Trusted Zone: hadstenbank.dk\portal4
DPF: Garmin Communicator Plug-In -
hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CABDPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} -
hxxps://www.portalbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cabDPF: {1D381386-B2F7-4A83-AE20-B9796A68397C} -
hxxps://www.borgerblanketter.dk/bb/proXSign1.cabDPF: {6274F636-00DB-42BE-8995-B92E46F853F7} -
hxxps://eservice.logiva.dk/signServerClient.cabDPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} -
hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-01-28 21:53
Windows 6.0.6002 Service Pack 2 NTFS
scanner skjulte processer ...
scanner skjulte autostarter ...
scanner skjulte filer ...
c:\windows\TEMP\TMP0000000891DE171BDA738230 524288 bytes
scanning gennemført med succes
skjulte filer: 1
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCD5SRVC{DF187064-5DA14001-05040000}]
"ImagePath"="\??\c:\progra~1\PCDR5\PCD5SRVC.pkms"
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs startet under kørende Processer ---------------------
- - - - - - - > 'Explorer.exe'(3932)
c:\windows\system32\btncopy.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\windows\system32\IPSSVC.EXE
c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
c:\windows\System32\TPHDEXLG.exe
c:\program files\Lenovo\Client Security Solution\tvttcsd.exe
c:\program files\Lenovo\Rescue and Recovery\rrservice.exe
c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe
c:\program files\Lenovo\Rescue and Recovery\ADM\IUService.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Lenovo\Logger\logmon.exe
c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\program files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
c:\windows\system32\conime.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\TpShocks.exe
c:\program files\ThinkPad\Utilities\EZEJMNAP.EXE
c:\program files\ThinkVantage\PrdCtr\LPMGR.EXE
c:\program files\Synaptics\SynTP\SynTPLpr.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Lenovo\HOTKEY\TPONSCR.exe
c:\program files\Lenovo\Zoom\TpScrex.exe
.
**************************************************************************
.
Gennemført tid: 2010-01-28 22:05:05 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2010-01-28 21:04
Pre-Kørsel: 79.458.914.304 byte ledig
Post-Kørsel: 79.190.265.856 byte ledig
- - End Of File - - 4D8C232DD8D08BFC68B062A7D77315EA
Ny bruger
Nybegynder
Opret
Preview
