Langsom computer...?

Kopier loggen fra "Malwarebytes' Anti-Malware" herind, sammen med en log fra DDS som du finder her

eller her

Den laver to logs,(DDS.txt og Attach.txt) gem dem på skrivebordet og kopier indholdet af DDS.txt  herind.

Malwaresbytes:
--------------------------------------------------------
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5611

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

26-01-2011 23:28:07
mbam-log-2011-01-26 (23-28-07).txt

Skanningstype: Hurtig skanning
Objekter skannet: 140727
Tid gået: 4 minut(ter), 25 sekund(er)

Hukommelses Processorer Inficeret: 1
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 5
Registreringsdatabaseværdier Inficeret: 3
Registreringsdatabasedata Objekter Inficeret: 0
Inficerede Mapper: 0
Inficerede Filer: 2

Hukommelses Processorer Inficeret:
c:\programmer\application updater\applicationupdater.exe (PUP.Dealio) -> 2064 -> Not selected for removal.

Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret:
HKEY_CLASSES_ROOT\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Not selected for removal.

Registreringsdatabaseværdier Inficeret:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAMMER\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Value: {B922D405-6D13-4A2B-AE89-08A030DA4402} -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Value: {B922D405-6D13-4A2B-AE89-08A030DA4402} -> Not selected for removal.

Registreringsdatabasedata Objekter Inficeret:
(Ingen skadelige objekter blev fundet)

Inficerede Mapper:
(Ingen skadelige objekter blev fundet)

Inficerede Filer:
c:\programmer\application updater\applicationupdater.exe (PUP.Dealio) -> Not selected for removal.
c:\programmer\pdfforge toolbar\IE\4.1\pdfforgetoolbarie.dll (PUP.Dealio) -> Not selected for removal.


xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
DDS
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

DDS (Ver_10-12-12.02) - NTFSx86 
Run by Jacob at  0:58:00,85 on 27-01-2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Microsoft Windows XP Home Edition  5.1.2600.3.1252.45.1030.18.2006.436 [GMT 1:00]

AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Programmer\Intel\WiFi\bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\Programmer\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Programmer\LENOVO\HOTKEY\TPHKSVC.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Programmer\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\WINDOWS\system32\acs.exe
C:\Programmer\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmer\Application Updater\ApplicationUpdater.exe
C:\Programmer\ThinkPad\Utilities\DOZESVC.EXE
C:\Programmer\Intel\WiFi\bin\EvtEng.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\Fælles filer\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Programmer\Lenovo\System Update\SUService.exe
C:\Programmer\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Programmer\Fælles filer\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Programmer\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Programmer\Lenovo\Rescue and Recovery\rrservice.exe
C:\Programmer\Fælles filer\Lenovo\Scheduler\tvtsched.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Lenovo\Rescue and Recovery\UpdateMonitor.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmer\ThinkPad\Utilities\PWMDBSVC.exe
C:\Programmer\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Programmer\Lenovo\HOTKEY\TPOSDSVC.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\igfxext.exe
C:\Programmer\Fælles filer\Lenovo\Scheduler\scheduler_proxy.exe
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmer\ThinkPad\ConnectUtilities\ACTray.exe
C:\Programmer\Lenovo\HOTKEY\TPONSCR.exe
C:\Programmer\Lenovo\Zoom\TpScrex.exe
C:\Programmer\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Programmer\Lenovo\Client Security Solution\cssauth.exe
C:\Programmer\Lenovo\AwayTask\AwaySch.EXE
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programmer\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\Programmer\ThinkVantage\AMSG\Amsg.exe
C:\Programmer\Fælles filer\Java\Java Update\jusched.exe
C:\Programmer\Windows Desktop Search\WindowsSearch.exe
C:\Programmer\Microsoft Office\Office14\EXCEL.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Programmer\Fælles filer\Microsoft Shared\office14\offlb.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\Programmer\Mozilla Firefox\plugin-container.exe
C:\Programmer\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Jacob\Dokumenter\Hentede filer\dds.scr

============== Pseudo HJT Report ===============

uURLSearchHooks: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\programmer\pdfforge toolbar\ie\4.1\pdfforgeToolbarIE.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programmer\fælles filer\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\programmer\canon\easy-webprint ex\ewpexbho.dll
BHO: Hjælp til tilmelding til Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programmer\fælles filer\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\programmer\pdfforge toolbar\ie\4.1\pdfforgeToolbarIE.dll
BHO: IePasswordManagerHelper Class: {bf468356-bb7e-42d7-9f15-4f3b9bcfced2} - c:\programmer\lenovo\client security solution\tvtpwm_ie_com.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programmer\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programmer\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\programmer\pdfforge toolbar\ie\4.1\pdfforgeToolbarIE.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\programmer\canon\easy-webprint ex\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\programmer\canon\easy-webprint ex\ewpexhlp.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
mRun: [SoundMAXPnP] c:\programmer\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] c:\programmer\analog devices\soundmax\Smax4.exe /tray
mRun: [TpShocks] TpShocks.exe
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe
mRun: [TPHOTKEY] c:\programmer\lenovo\hotkey\TPOSDSVC.exe
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [TVT Scheduler Proxy] c:\programmer\fælles filer\lenovo\scheduler\scheduler_proxy.exe
mRun: [ACTray] c:\programmer\thinkpad\connectutilities\ACTray.exe
mRun: [ACWLIcon] c:\programmer\thinkpad\connectutilities\ACWLIcon.exe
mRun: [cssauth] "c:\programmer\lenovo\client security solution\cssauth.exe" silent
mRun: [PSQLLauncher] "c:\programmer\thinkvantage fingerprint software\launcher.exe" /startup
mRun: [AwaySch] c:\programmer\lenovo\awaytask\AwaySch.EXE
mRun: [LPManager] c:\progra~1\thinkv~2\prdctr\LPMGR.exe
mRun: [LPMailChecker] c:\progra~1\thinkv~2\prdctr\LPMLCHK.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [TPFNF7] c:\programmer\lenovo\npdirect\TPFNF7SP.exe /r
mRun: [TPKMAPHELPER] c:\programmer\thinkpad\utilities\TpKmapAp.exe -helper
mRun: [AMSG] c:\programmer\thinkvantage\amsg\Amsg.exe /startup
mRun: [SunJavaUpdateSched] "c:\programmer\fælles filer\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\programmer\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\programmer\fælles filer\adobe\arm\1.0\AdobeARM.exe"
mRun: [<NO NAME>]
mRunOnce: [Malwarebytes' Anti-Malware] c:\programmer\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
IE: E&ksporter til Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: S&end til OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: Send til &Bluetooth-enhed... - c:\programmer\thinkpad\bluetooth software\btsendto_ie_ctx.htm
IE: Send til Bluetooth - c:\programmer\thinkpad\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\programmer\thinkpad\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\programmer\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\programmer\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - c:\programmer\lenovo\client security solution\tvtpwm_ie_com.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} -
Notify: !SASWinLogon - c:\programmer\superantispyware\SASWINLO.DLL
Notify: ACNotify - ACNotify.dll
Notify: igfxcui - igfxdev.dll
Notify: psfus - c:\programmer\thinkvantage fingerprint software\psqlpwd.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\programmer\superantispyware\SASSEH.DLL
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\programmer\windows desktop search\MSNLNamespaceMgr.dll
LSA: Notification Packages = scecli ACGina c:\programmer\thinkvantage fingerprint software\psqlpwd.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\jacob\applic~1\mozilla\firefox\profiles\8kmcmly1.default\
FF - plugin: c:\documents and settings\jacob\application data\mozilla\firefox\profiles\8kmcmly1.default\extensions\reader_plugin@ebrary.com\plugins\NPinfotl.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\programmer\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\programmer\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\programmer\mozilla firefox\plugins\npdjvu.dll
FF - plugin: c:\programmer\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
FF - plugin: c:\programmer\tracker software\pdf viewer\npPDFXCviewNPPlugin.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programmer\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\programmer\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\programmer\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\programmer\java\jre6\lib\deploy\jqs\ff
FF - Ext: British English Dictionary: en-GB@dictionaries.addons.mozilla.org - %profile%\extensions\en-GB@dictionaries.addons.mozilla.org
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: EBrary Reader Plugin: reader_plugin@ebrary.com - %profile%\extensions\reader_plugin@ebrary.com
FF - Ext: German Dictionary: de-DE@dictionaries.addons.mozilla.org - %profile%\extensions\de-DE@dictionaries.addons.mozilla.org

============= SERVICES / DRIVERS ===============

R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [2010-9-7 24304]
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2009-10-9 20520]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-9-7 294608]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2010-9-7 13480]
R1 SASDIFSV;SASDIFSV;c:\programmer\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\programmer\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [2008-5-9 46144]
R2 Application Updater;Application Updater;c:\programmer\application updater\ApplicationUpdater.exe [2010-10-22 386560]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-9-7 17744]
R2 avast! Antivirus;avast! Antivirus;c:\programmer\alwil software\avast5\AvastSvc.exe [2010-9-7 40384]
R2 DozeSvc;Lenovo Doze Mode Service;c:\programmer\thinkpad\utilities\DOZESVC.EXE [2010-9-7 132456]
R2 Power Manager DBC Service;Power Manager DBC Service;c:\programmer\thinkpad\utilities\PWMDBSVC.exe [2010-9-7 53248]
R2 smihlp;SMI Helper Driver (smihlp);c:\programmer\thinkvantage fingerprint software\smihlp.sys [2009-3-13 12560]
R2 TPHKSVC;Vis på skærm;c:\programmer\lenovo\hotkey\TPHKSVC.exe [2010-9-7 63928]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\programmer\lenovo\rescue and recovery\rrpservice.exe [2008-5-14 520192]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\programmer\lenovo\rescue and recovery\UpdateMonitor.exe [2008-5-9 360448]
R3 osppsvc;Office Software Protection Platform;c:\programmer\fælles filer\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2008-2-22 37312]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\programmer\lenovo\hotkey\micmute.exe [2010-9-7 45496]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;"c:\programmer\tuneup utilities 2011\tuneuputilitiesservice32.exe" --> c:\programmer\tuneup utilities 2011\TuneUpUtilitiesService32.exe [?]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2010-12-3 112640]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [2010-12-3 102656]
S3 RMWPService;RMWPService;c:\programmer\reference manager 12\webpublisher\thirdparty\apache2\bin\RMWP_Apache_Admin.exe [2004-1-28 20537]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;\??\c:\programmer\tuneup utilities 2011\tuneuputilitiesdriver32.sys --> c:\programmer\tuneup utilities 2011\TuneUpUtilitiesDriver32.sys [?]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [2010-11-4 41984]

=============== Created Last 30 ================

2011-01-26 22:21:51    --------    d-----w-    c:\docume~1\jacob\applic~1\Malwarebytes
2011-01-26 22:21:40    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-26 22:21:39    --------    d-----w-    c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-01-26 22:21:36    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2011-01-26 22:21:36    --------    d-----w-    c:\programmer\Malwarebytes' Anti-Malware
2011-01-20 22:54:29    31552    ----a-w-    c:\windows\system32\TURegOpt.exe
2011-01-20 22:54:26    29504    ----a-w-    c:\windows\system32\uxtuneup.dll
2011-01-20 22:54:07    --------    d-----w-    c:\docume~1\jacob\applic~1\TuneUp Software
2011-01-20 22:53:29    --------    d-----w-    c:\docume~1\alluse~1\applic~1\TuneUp Software
2011-01-20 22:53:14    --------    d-sh--w-    c:\docume~1\alluse~1\applic~1\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-01-19 10:04:08    --------    d-----w-    c:\programmer\fælles filer\DESIGNER
2011-01-19 10:03:32    --------    d-----w-    c:\documents and settings\all users\Microsoft
2011-01-19 09:58:50    --------    d-----w-    c:\programmer\Microsoft Analysis Services
2011-01-19 09:58:17    --------    d-----w-    c:\windows\SHELLNEW
2011-01-19 08:54:03    --------    d-----w-    c:\docume~1\jacob\lokale~1\applic~1\VS Revo Group
2011-01-17 19:57:55    304128    ----a-w-    c:\windows\unin040c.exe
2011-01-17 19:57:50    --------    d-----w-    c:\documents and settings\jacob\WINDOWS
2011-01-15 20:57:09    1499136    ------w-    c:\programmer\mozilla firefox\plugins\npdjvu.dll
2011-01-15 20:57:08    --------    d-----w-    c:\programmer\LizardTech
2011-01-15 20:51:25    --------    d-----w-    c:\docume~1\jacob\applic~1\UDC Profiles
2011-01-15 20:45:58    --------    d-----w-    c:\docume~1\jacob\applic~1\MathWorks
2011-01-13 13:41:20    --------    d-----w-    c:\programmer\iPod
2011-01-13 13:41:16    --------    d-----w-    c:\programmer\iTunes
2011-01-12 11:53:00    --------    d-----w-    c:\windows\Microsoft Shared
2011-01-12 11:26:50    --------    d--h--w-    c:\docume~1\alluse~1\applic~1\CanonIJScan
2011-01-12 10:36:31    --------    d-----w-    c:\docume~1\jacob\applic~1\Addinsoft
2011-01-12 10:36:31    --------    d-----w-    C:\Addinsoft
2011-01-12 10:27:52    --------    d-----w-    c:\programmer\Addinsoft
2010-12-30 13:00:29    --------    d-----w-    c:\programmer\MATLAB

==================== Find3M  ====================

2011-01-13 08:47:35    38848    ----a-w-    c:\windows\avastSS.scr
2010-12-16 15:45:17    71253    ----a-w-    c:\windows\Huawei ModemsUninstall.exe
2010-12-06 11:09:52    1024    ----a-w-    c:\windows\system32\grcauth2.dll
2010-12-06 11:09:52    1024    ----a-w-    c:\windows\system32\grcauth1.dll
2010-12-06 11:09:52    100    ----a-w-    c:\windows\system32\prsgrc.dll
2010-12-06 11:09:39    1024    ----a-w-    c:\windows\system32\clauth2.dll
2010-12-06 11:09:39    1024    ----a-w-    c:\windows\system32\clauth1.dll
2010-12-06 11:09:39    0    ----a-w-    c:\windows\system32\ssprs.dll
2010-12-06 11:09:39    0    ----a-w-    c:\windows\system32\serauth2.dll
2010-12-06 11:09:39    0    ----a-w-    c:\windows\system32\serauth1.dll
2010-12-06 11:09:39    0    ----a-w-    c:\windows\system32\nsprs.dll
2010-12-06 11:08:36    205    ----a-w-    c:\windows\system32\lsprst7.dll
2010-11-29 16:38:30    94208    ----a-w-    c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38:30    69632    ----a-w-    c:\windows\system32\QuickTime.qts
2010-11-18 18:15:45    81920    ------w-    c:\windows\system32\isign32.dll
2010-11-12 17:53:06    472808    ----a-w-    c:\windows\system32\deployJava1.dll
2010-11-12 15:34:10    73728    ----a-w-    c:\windows\system32\javacpl.cpl
2010-11-09 14:52:35    249856    ----a-w-    c:\windows\system32\odbc32.dll
2010-11-06 00:23:38    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-11-06 00:23:36    43520    ------w-    c:\windows\system32\licmgr10.dll
2010-11-06 00:23:36    1469440    ------w-    c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54    385024    ------w-    c:\windows\system32\html.iec

============= FINISH:  0:58:50,04 ===============

Køe Malwarebytes igen - lad den fjerne hvad den finder.

------

Find og upload nedenstående hos Jotti eller Virustotal:

c:\windows\unin040c.exe

Jotti - Virustotal


Kopier resultatet herind som link eller MD5 Checksum.

------

Hent og gem ComboFix på dit skrivebord.

Højreklik på skrivebordet og vælg ny->tekstdokument og kopier det fremhævede ind og gem filen som CFScript

Killall::
Snapshot::

Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/billeder/cfscript.gif

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt som ligger her C:\Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

Jotti-link: http://virusscan.jotti.org/en/scanresult/ef3ba8feecee71c10766587a7b098ea110e254b3

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Combofix.txt
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

ComboFix 11-01-26.01 - Jacob 27-01-2011  10:25:19.1.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.45.1030.18.2006.1315 [GMT 1:00]
Kører fra: c:\documents and settings\Jacob\Skrivebord\ComboFix.exe
Kommandoer benyttet :: c:\documents and settings\Jacob\Skrivebord\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents
C:\Install.exe
c:\windows\system32\lsprst7.dll
c:\windows\system32\nsprs.dll
c:\windows\system32\prsgrc.dll
c:\windows\system32\serauth1.dll
c:\windows\system32\serauth2.dll
c:\windows\system32\ssprs.dll

.
(((((((((((((((((((((((((((((  Filer skabt fra 2010-12-27 til 2011-01-27  )))))))))))))))))))))))))))))))))))
.

2011-01-26 22:21 . 2011-01-26 22:21    --------    d-----w-    c:\documents and settings\Jacob\Application Data\Malwarebytes
2011-01-26 22:21 . 2010-12-20 17:09    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-26 22:21 . 2011-01-26 22:21    --------    d-----w-    c:\documents and settings\All Users\Application Data\Malwarebytes
2011-01-26 22:21 . 2011-01-26 22:21    --------    d-----w-    c:\programmer\Malwarebytes' Anti-Malware
2011-01-26 22:21 . 2010-12-20 17:08    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2011-01-21 23:04 . 2011-01-21 23:04    --------    d-----w-    c:\documents and settings\NetworkService\Application Data\TuneUp Software
2011-01-20 22:54 . 2010-12-14 13:43    31552    ----a-w-    c:\windows\system32\TURegOpt.exe
2011-01-20 22:54 . 2010-12-14 13:39    29504    ----a-w-    c:\windows\system32\uxtuneup.dll
2011-01-20 22:54 . 2011-01-20 22:54    --------    d-----w-    c:\documents and settings\Jacob\Application Data\TuneUp Software
2011-01-20 22:53 . 2011-01-20 22:54    --------    d-----w-    c:\documents and settings\All Users\Application Data\TuneUp Software
2011-01-20 22:53 . 2011-01-20 22:53    --------    d-sh--w-    c:\documents and settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-01-19 10:03 . 2011-01-19 10:03    --------    d-----w-    c:\programmer\Microsoft.NET
2011-01-19 10:03 . 2011-01-19 10:03    --------    d-----w-    c:\documents and settings\All Users\Microsoft
2011-01-19 09:58 . 2011-01-19 09:58    --------    d-----w-    c:\programmer\Microsoft Analysis Services
2011-01-19 09:58 . 2011-01-19 10:05    --------    d-----w-    c:\windows\SHELLNEW
2011-01-19 09:56 . 2011-01-19 09:56    --------    d-----r-    C:\MSOCache
2011-01-19 08:54 . 2011-01-19 08:54    --------    d-----w-    c:\documents and settings\Jacob\Lokale indstillinger\Application Data\VS Revo Group
2011-01-17 19:57 . 1999-03-23 07:12    304128    ----a-w-    c:\windows\unin040c.exe
2011-01-17 19:57 . 2011-01-17 19:57    --------    d-----w-    c:\documents and settings\Jacob\WINDOWS
2011-01-15 20:57 . 2005-11-10 18:21    1499136    ------w-    c:\programmer\Mozilla Firefox\plugins\npdjvu.dll
2011-01-15 20:57 . 2011-01-15 20:57    --------    d-----w-    c:\programmer\LizardTech
2011-01-15 20:51 . 2011-01-15 20:51    --------    d-----w-    c:\documents and settings\Jacob\Application Data\UDC Profiles
2011-01-15 20:45 . 2011-01-15 20:45    --------    d-----w-    c:\documents and settings\Jacob\Application Data\MathWorks
2011-01-13 13:41 . 2011-01-13 13:41    --------    d-----w-    c:\programmer\iPod
2011-01-13 13:41 . 2011-01-13 13:42    --------    d-----w-    c:\programmer\iTunes
2011-01-12 11:53 . 2011-01-12 11:53    --------    d-----w-    c:\windows\Microsoft Shared
2011-01-12 11:26 . 2011-01-12 11:26    --------    d--h--w-    c:\documents and settings\All Users\Application Data\CanonIJScan
2011-01-12 11:26 . 2011-01-12 11:26    --------    d-----w-    c:\documents and settings\Jacob\Application Data\Canon
2011-01-12 10:36 . 2011-01-12 10:36    --------    d-----w-    c:\documents and settings\Jacob\Application Data\Addinsoft
2011-01-12 10:36 . 2011-01-12 10:36    --------    d-----w-    C:\Addinsoft
2011-01-12 10:27 . 2011-01-19 10:15    --------    d-----w-    c:\programmer\Addinsoft
2010-12-30 13:00 . 2010-12-30 13:00    --------    d-----w-    c:\programmer\MATLAB

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-13 08:47 . 2010-09-07 22:34    38848    ----a-w-    c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-09-07 22:34    188216    ----a-w-    c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-09-07 22:34    294608    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-09-07 22:34    47440    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2010-09-07 22:34    100176    ----a-w-    c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2010-09-07 22:34    94544    ----a-w-    c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2010-09-07 22:34    23632    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-09-07 22:34    29392    ----a-w-    c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2010-09-07 22:34    17744    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2010-12-16 15:45 . 2010-12-03 08:58    71253    ----a-w-    c:\windows\Huawei ModemsUninstall.exe
2010-11-29 16:38 . 2010-11-29 16:38    94208    ----a-w-    c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38    69632    ----a-w-    c:\windows\system32\QuickTime.qts
2010-11-18 18:15 . 2010-09-07 18:02    81920    ------w-    c:\windows\system32\isign32.dll
2010-11-12 17:53 . 2010-10-13 13:06    472808    ----a-w-    c:\windows\system32\deployJava1.dll
2010-11-12 15:34 . 2010-09-08 11:52    73728    ----a-w-    c:\windows\system32\javacpl.cpl
2010-11-09 14:52 . 2008-04-14 07:05    249856    ----a-w-    c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2008-04-14 07:05    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2008-04-14 07:06    1469440    ------w-    c:\windows\system32\inetcpl.cpl
2010-11-06 00:23 . 2008-04-14 07:05    43520    ------w-    c:\windows\system32\licmgr10.dll
2010-11-03 12:25 . 2008-04-14 06:39    385024    ------w-    c:\windows\system32\html.iec
2010-11-02 15:17 . 2008-04-13 09:57    40960    ------w-    c:\windows\system32\drivers\ndproxy.sys
.

------- Sigcheck -------

• 2010-09-07 . 451EECBE879612ACC4AA953B1501FA66 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
  

.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19    94208    ------w-    c:\documents and settings\Jacob\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19    94208    ------w-    c:\documents and settings\Jacob\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19    94208    ------w-    c:\documents and settings\Jacob\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\programmer\Analog Devices\Core\smax4pnp.exe" [2008-04-24 1036288]
"TpShocks"="TpShocks.exe" [2009-12-11 337256]
"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2010-08-24 517480]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2009-12-01 256576]
"TPHOTKEY"="c:\programmer\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-12-21 69568]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2011-01-13 3396624]
"TVT Scheduler Proxy"="c:\programmer\Fælles filer\Lenovo\Scheduler\scheduler_proxy.exe" [2008-05-14 487424]
"ACTray"="c:\programmer\ThinkPad\ConnectUtilities\ACTray.exe" [2010-04-22 431464]
"ACWLIcon"="c:\programmer\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2010-04-22 181608]
"cssauth"="c:\programmer\Lenovo\Client Security Solution\cssauth.exe" [2008-06-13 3073336]
"PSQLLauncher"="c:\programmer\ThinkVantage Fingerprint Software\launcher.exe" [2009-12-01 55048]
"AwaySch"="c:\programmer\Lenovo\AwayTask\AwaySch.EXE" [2006-11-07 91688]
"LPManager"="c:\progra~1\THINKV~2\PrdCtr\LPMGR.exe" [2009-07-23 185688]
"LPMailChecker"="c:\progra~1\THINKV~2\PrdCtr\LPMLCHK.exe" [2009-07-23 124248]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-05 141336]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-05 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-05 142360]
"TPFNF7"="c:\programmer\Lenovo\NPDIRECT\TPFNF7SP.exe" [2010-03-26 62312]
"TPKMAPHELPER"="c:\programmer\ThinkPad\Utilities\TpKmapAp.exe" [2007-01-09 868352]
"AMSG"="c:\programmer\ThinkVantage\AMSG\Amsg.exe" [2009-09-03 436800]
"SunJavaUpdateSched"="c:\programmer\Fælles filer\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-03-08 128512]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmer\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmer\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21    548352    ------w-    c:\programmer\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2009-12-01 11:41    100104    ------w-    c:\programmer\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages    REG_MULTI_SZ      scecli c:\programmer\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^BTTray.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\BTTray.lnk
backup=c:\windows\pss\BTTray.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^Windows Search.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Jacob^Menuen Start^Programmer^Start^Dropbox.lnk]
path=c:\documents and settings\Jacob\Menuen Start\Programmer\Start\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-07-27 02:10    1983816    ----a-w-    c:\programmer\Canon\MyPrinter\BJMYPRT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2009-03-18 01:40    767312    ----a-w-    c:\programmer\Canon\SolutionMenu\CNSLMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-12-13 16:16    421160    ----a-w-    c:\programmer\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38    421888    ----a-w-    c:\programmer\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
2010-10-22 15:47    524288    ----a-w-    c:\programmer\Fælles filer\Spigot\Search Settings\SearchSettings.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmer\\SPSSInc\\PASWStatistics18\\paswstat.com"=
"c:\\Programmer\\SPSSInc\\PASWStatistics18\\WinWrapIDE.exe"=
"c:\\Programmer\\SPSSInc\\PASWStatistics18\\paswstat.exe"=
"c:\\Programmer\\Raptr\\raptr.exe"=
"c:\\Programmer\\Raptr\\raptr_im.exe"=
"c:\\Documents and Settings\\Jacob\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Programmer\\Reference Manager 12\\WebPublisher\\thirdparty\\Apache2\\bin\\RMWP_Apache_Admin.exe"=
"c:\\Programmer\\Reference Manager 12\\WebPublisher\\thirdparty\\Apache2\\bin\\RMWP_Apache.exe"=
"c:\\Programmer\\iTunes\\iTunes.exe"=
"c:\\Programmer\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Programmer\\Microsoft Office\\Office14\\OUTLOOK.EXE"=

R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [07-09-2010 21:11 24304]
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [09-10-2009 11:10 20520]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [07-09-2010 23:34 294608]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [07-09-2010 23:25 13480]
R1 SASDIFSV;SASDIFSV;c:\programmer\SUPERAntiSpyware\sasdifsv.sys [17-02-2010 19:25 12872]
R1 SASKUTIL;SASKUTIL;c:\programmer\SUPERAntiSpyware\SASKUTIL.SYS [10-05-2010 19:41 67656]
R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [09-05-2008 04:50 46144]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [07-09-2010 23:34 17744]
R2 DozeSvc;Lenovo Doze Mode Service;c:\programmer\ThinkPad\Utilities\DOZESVC.EXE [07-09-2010 21:11 132456]
R2 Power Manager DBC Service;Power Manager DBC Service;c:\programmer\ThinkPad\Utilities\PWMDBSVC.exe [07-09-2010 21:11 53248]
R2 smihlp;SMI Helper Driver (smihlp);c:\programmer\ThinkVantage Fingerprint Software\smihlp.sys [13-03-2009 12:47 12560]
R2 TPHKSVC;Vis på skærm;c:\programmer\Lenovo\HOTKEY\TPHKSVC.exe [07-09-2010 23:25 63928]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\programmer\Lenovo\Rescue and Recovery\rrpservice.exe [14-05-2008 15:25 520192]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\programmer\Lenovo\Rescue and Recovery\UpdateMonitor.exe [09-05-2008 04:50 360448]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22-02-2008 15:54 37312]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\programmer\Lenovo\HOTKEY\micmute.exe [07-09-2010 23:25 45496]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;"c:\programmer\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe" --> c:\programmer\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [?]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [03-12-2010 09:58 112640]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [03-12-2010 09:58 102656]
S3 osppsvc;Office Software Protection Platform;c:\programmer\Fælles filer\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [09-01-2010 21:37 4640000]
S3 RMWPService;RMWPService;c:\programmer\Reference Manager 12\WebPublisher\thirdparty\Apache2\bin\RMWP_Apache_Admin.exe [28-01-2004 18:25 20537]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;\??\c:\programmer\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys --> c:\programmer\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [?]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [04-11-2010 03:33 41984]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Indhold af mappen 'Planlagte Opgaver'

2011-01-27 c:\windows\Tasks\GlaryInitialize.job
- c:\programmer\Glary Utilities\initialize.exe [2010-09-19 08:32]

2011-01-02 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\programmer\PC-Doctor\uaclauncher.exe [2010-12-13 21:55]

2011-01-27 c:\windows\Tasks\PMTask.job
- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2010-09-07 23:28]

2011-01-27 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\programmer\PC-Doctor\pcdrcui.exe [2010-12-13 21:55]
.
.
------- Yderligere scanning -------
.
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: S&end til OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send til &Bluetooth-enhed... - c:\programmer\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send til Bluetooth - c:\programmer\ThinkPad\Bluetooth Software\btsendto_ie.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\programmer\Fælles filer\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\documents and settings\Jacob\Application Data\Mozilla\Firefox\Profiles\8kmcmly1.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programmer\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\programmer\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\programmer\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\programmer\Java\jre6\lib\deploy\jqs\ff
FF - Ext: British English Dictionary: en-GB@dictionaries.addons.mozilla.org - %profile%\extensions\en-GB@dictionaries.addons.mozilla.org
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: EBrary Reader Plugin: reader_plugin@ebrary.com - %profile%\extensions\reader_plugin@ebrary.com
FF - Ext: German Dictionary: de-DE@dictionaries.addons.mozilla.org - %profile%\extensions\de-DE@dictionaries.addons.mozilla.org
.
- - - - TOMME GENVEJE FJERNET - - - -

HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
Notify-ACNotify - ACNotify.dll



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-27 10:33
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{21651cc0-9e82-45f8-91c9-370706a3216c}]
@Denied: (Full) (Everyone)
"Model"=dword:0000014f
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
  38,95,44,d1,12,be,bf,7e,b1,e4,71,e8,6c,f3,47,17,bd,3c,08,83,e0,8b,c5,07,bb,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):36,4a,4f,05,43,7d,15,95,bf,36,52,f5,06,c4,1c,27,98,ce,be,cf,5c,
  df,f6,a9,4e,69,20,c7,64,ef,ff,66,d6,83,fe,c4,cf,f2,8b,9a,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'winlogon.exe'(1156)
c:\windows\system32\tvt_gina.dll
c:\programmer\ThinkPad\ConnectUtilities\ACGina.dll
c:\programmer\ThinkPad\ConnectUtilities\ACHelper.dll
c:\programmer\ThinkPad\ConnectUtilities\AcSvcStub.dll
c:\programmer\ThinkPad\ConnectUtilities\AcLocSettings.dll
c:\programmer\ThinkPad\ConnectUtilities\AcCryptHlpr.dll
c:\programmer\ThinkPad\ConnectUtilities\ACON.dll
c:\programmer\ThinkPad\ConnectUtilities\AcPrfMgr.dll
c:\programmer\ThinkPad\ConnectUtilities\ACTurinSupport.dll
c:\programmer\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll
c:\programmer\ThinkPad\ConnectUtilities\ACNewBiosHelper.dll
c:\programmer\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll
c:\programmer\Lenovo\HOTKEY\tpwrpc.dll
c:\programmer\ThinkPad\ConnectUtilities\Res\DK\ACGinaRes.dll
c:\programmer\SUPERAntiSpyware\SASWINLO.DLL
c:\programmer\ThinkPad\ConnectUtilities\ACNotify.dll
c:\programmer\ThinkVantage Fingerprint Software\psqlpwd.dll
c:\programmer\ThinkVantage Fingerprint Software\homefus2.dll
c:\programmer\ThinkVantage Fingerprint Software\infql2.dll
c:\programmer\ThinkVantage Fingerprint Software\homepass.dll
c:\programmer\ThinkVantage Fingerprint Software\bio.dll
c:\programmer\ThinkVantage Fingerprint Software\qlbase.dll

- - - - - - - > 'lsass.exe'(1212)
c:\programmer\ThinkVantage Fingerprint Software\psqlpwd.dll
c:\programmer\ThinkVantage Fingerprint Software\homefus2.dll
c:\programmer\ThinkVantage Fingerprint Software\infql2.dll

- - - - - - - > 'explorer.exe'(1452)
c:\documents and settings\Jacob\Application Data\Dropbox\bin\DropboxExt.13.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\msls31.dll
c:\windows\system32\ImgUtil.dll
c:\windows\system32\pngfilt.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\programmer\Intel\WiFi\bin\S24EvMon.exe
c:\programmer\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\IPSSVC.EXE
c:\programmer\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\windows\system32\acs.exe
c:\programmer\ThinkPad\ConnectUtilities\AcSvc.exe
c:\programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programmer\Intel\WiFi\bin\EvtEng.exe
c:\programmer\Java\jre6\bin\jqs.exe
c:\programmer\Fælles filer\Intel\WirelessCommon\RegSrvc.exe
c:\programmer\Lenovo\System Update\SUService.exe
c:\windows\system32\wbem\unsecapp.exe
c:\programmer\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
c:\programmer\Fælles filer\Lenovo\tvt_reg_monitor_svc.exe
c:\windows\system32\TpKmpSVC.exe
c:\programmer\Lenovo\Client Security Solution\tvttcsd.exe
c:\programmer\Lenovo\Rescue and Recovery\rrservice.exe
c:\programmer\Fælles filer\Lenovo\Scheduler\tvtsched.exe
c:\windows\system32\SearchIndexer.exe
c:\programmer\ThinkPad\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\TpShocks.exe
c:\programmer\Synaptics\SynTP\SynTPEnh.exe
c:\windows\system32\rundll32.exe
c:\programmer\Synaptics\SynTP\SynTPLpr.exe
c:\windows\system32\igfxext.exe
c:\programmer\Lenovo\HOTKEY\TPONSCR.exe
c:\windows\system32\igfxsrvc.exe
c:\programmer\Lenovo\Zoom\TpScrex.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Gennemført tid: 2011-01-27  10:38:34 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2011-01-27 09:38

Pre-Kørsel: 29.147.529.216 byte ledig
Post-Kørsel: 29.064.085.504 byte ledig

WindowsXP-KB310994-SP2-Home-BootDisk-DAN.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 260AB3E6C20BC478F91142267F0506A9

Har du en Windows installations CD ?

Ja, men en gammel en fra en tidligere computer. Dvs. uden driver til min harddisk. Men jeg da jeg installerede windows igen på denne maskine(efter et ubuntu-eventyr) lavede jeg en cd med driveren på. Via Nlite, den cd sku jeg nok ku' finde igen.
Ser det skidt ud da?

Det ser såmænd ikke så galt ud, men vi ska' måske bruge den til at erstatte en Systemfil.

------

Højreklik på skrivebordet og vælg ny->tekstdokument og kopier det fremhævede ind og gem filen som CFScript

Killall::
Snapshot::
Filelook::
c:\programmer\Fælles filer\Spigot\Search Settings\SearchSettings.exe
Mia::
c:\windows\system32\sfcfiles.dll
SRPeek::
c:\windows\system32\sfcfiles.dll

Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/billeder/cfscript.gif

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil combofix.txt som ligger her C:\Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

Det prøver jeg lige... Det med Combofix
Skal lige høre, om jeg kommer til at skulle geninstallere? Eller systemgendanne? Jeg sidder midt i at skrive et stort projekt, som snart har deadline, så jeg tør ikke kaste mig ud i ting, som kommer til at tage alt for lang tid, eller er for risikable :)

Jacob

Det er ikke sandsynligt, men der er aldrig nogen garantier ved den slags.

Så kom den igennem :)

ComboFix 11-01-27.01 - Jacob 27-01-2011  22:41:07.2.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.45.1030.18.2006.1515 [GMT 1:00]
Kører fra: c:\documents and settings\Jacob\Skrivebord\ComboFix.exe
Kommandoer benyttet :: c:\documents and settings\Jacob\Skrivebord\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((  Filer skabt fra 2010-12-27 til 2011-01-27  )))))))))))))))))))))))))))))))))))
.

2011-01-26 22:21 . 2011-01-26 22:21    --------    d-----w-    c:\documents and settings\Jacob\Application Data\Malwarebytes
2011-01-26 22:21 . 2010-12-20 17:09    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-26 22:21 . 2011-01-26 22:21    --------    d-----w-    c:\documents and settings\All Users\Application Data\Malwarebytes
2011-01-26 22:21 . 2011-01-26 22:21    --------    d-----w-    c:\programmer\Malwarebytes' Anti-Malware
2011-01-26 22:21 . 2010-12-20 17:08    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2011-01-21 23:04 . 2011-01-21 23:04    --------    d-----w-    c:\documents and settings\NetworkService\Application Data\TuneUp Software
2011-01-20 22:54 . 2010-12-14 13:43    31552    ----a-w-    c:\windows\system32\TURegOpt.exe
2011-01-20 22:54 . 2010-12-14 13:39    29504    ----a-w-    c:\windows\system32\uxtuneup.dll
2011-01-20 22:54 . 2011-01-20 22:54    --------    d-----w-    c:\documents and settings\Jacob\Application Data\TuneUp Software
2011-01-20 22:53 . 2011-01-20 22:54    --------    d-----w-    c:\documents and settings\All Users\Application Data\TuneUp Software
2011-01-20 22:53 . 2011-01-20 22:53    --------    d-sh--w-    c:\documents and settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-01-19 10:03 . 2011-01-19 10:03    --------    d-----w-    c:\programmer\Microsoft.NET
2011-01-19 10:03 . 2011-01-19 10:03    --------    d-----w-    c:\documents and settings\All Users\Microsoft
2011-01-19 09:58 . 2011-01-19 09:58    --------    d-----w-    c:\programmer\Microsoft Analysis Services
2011-01-19 09:58 . 2011-01-19 10:05    --------    d-----w-    c:\windows\SHELLNEW
2011-01-19 09:56 . 2011-01-19 09:56    --------    d-----r-    C:\MSOCache
2011-01-19 08:54 . 2011-01-19 08:54    --------    d-----w-    c:\documents and settings\Jacob\Lokale indstillinger\Application Data\VS Revo Group
2011-01-17 19:57 . 1999-03-23 07:12    304128    ----a-w-    c:\windows\unin040c.exe
2011-01-17 19:57 . 2011-01-17 19:57    --------    d-----w-    c:\documents and settings\Jacob\WINDOWS
2011-01-15 20:57 . 2005-11-10 18:21    1499136    ------w-    c:\programmer\Mozilla Firefox\plugins\npdjvu.dll
2011-01-15 20:57 . 2011-01-15 20:57    --------    d-----w-    c:\programmer\LizardTech
2011-01-15 20:51 . 2011-01-15 20:51    --------    d-----w-    c:\documents and settings\Jacob\Application Data\UDC Profiles
2011-01-15 20:45 . 2011-01-15 20:45    --------    d-----w-    c:\documents and settings\Jacob\Application Data\MathWorks
2011-01-13 13:41 . 2011-01-13 13:41    --------    d-----w-    c:\programmer\iPod
2011-01-13 13:41 . 2011-01-13 13:42    --------    d-----w-    c:\programmer\iTunes
2011-01-12 11:53 . 2011-01-12 11:53    --------    d-----w-    c:\windows\Microsoft Shared
2011-01-12 11:26 . 2011-01-12 11:26    --------    d--h--w-    c:\documents and settings\All Users\Application Data\CanonIJScan
2011-01-12 11:26 . 2011-01-12 11:26    --------    d-----w-    c:\documents and settings\Jacob\Application Data\Canon
2011-01-12 10:36 . 2011-01-12 10:36    --------    d-----w-    c:\documents and settings\Jacob\Application Data\Addinsoft
2011-01-12 10:36 . 2011-01-12 10:36    --------    d-----w-    C:\Addinsoft
2011-01-12 10:27 . 2011-01-19 10:15    --------    d-----w-    c:\programmer\Addinsoft
2010-12-30 13:00 . 2010-12-30 13:00    --------    d-----w-    c:\programmer\MATLAB

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-13 08:47 . 2010-09-07 22:34    38848    ----a-w-    c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-09-07 22:34    188216    ----a-w-    c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-09-07 22:34    294608    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-09-07 22:34    47440    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2010-09-07 22:34    100176    ----a-w-    c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2010-09-07 22:34    94544    ----a-w-    c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2010-09-07 22:34    23632    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-09-07 22:34    29392    ----a-w-    c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2010-09-07 22:34    17744    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2010-12-16 15:45 . 2010-12-03 08:58    71253    ----a-w-    c:\windows\Huawei ModemsUninstall.exe
2010-11-29 16:38 . 2010-11-29 16:38    94208    ----a-w-    c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38    69632    ----a-w-    c:\windows\system32\QuickTime.qts
2010-11-18 18:15 . 2010-09-07 18:02    81920    ------w-    c:\windows\system32\isign32.dll
2010-11-12 17:53 . 2010-10-13 13:06    472808    ----a-w-    c:\windows\system32\deployJava1.dll
2010-11-12 15:34 . 2010-09-08 11:52    73728    ----a-w-    c:\windows\system32\javacpl.cpl
2010-11-09 14:52 . 2008-04-14 07:05    249856    ----a-w-    c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2008-04-14 07:05    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2008-04-14 07:06    1469440    ------w-    c:\windows\system32\inetcpl.cpl
2010-11-06 00:23 . 2008-04-14 07:05    43520    ------w-    c:\windows\system32\licmgr10.dll
2010-11-03 12:25 . 2008-04-14 06:39    385024    ------w-    c:\windows\system32\html.iec
2010-11-02 15:17 . 2008-04-13 09:57    40960    ------w-    c:\windows\system32\drivers\ndproxy.sys
.

((((((((((((((((((((((((((((((((((((((((((((  Look  )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

--- c:\programmer\Fælles filer\Spigot\Search Settings\SearchSettings.exe ---
Company: Spigot, Inc.
File Description: Search Settings
File Version: 4, 1, 7
Product Name: Widgi Toolbar
Copyright: Copyright © 2005-2010 Spigot, Inc.
Original Filename: SearchSettings.exe
File size: 524288
Created time: 2010-10-22 15:47
Modified time: 2010-10-22 15:47
MD5: 2D5966E168AD595193F4A1C4DD76B20E
SHA1: 107F463AE7A8A0ECE6F5E6AE516C957400C665E5


((((((((((((((((((((((((((((((((((((((((((  SR_Search  ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
------- Sigcheck -------

• 2010-09-07 . 451EECBE879612ACC4AA953B1501FA66 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
  

.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19    94208    ------w-    c:\documents and settings\Jacob\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19    94208    ------w-    c:\documents and settings\Jacob\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19    94208    ------w-    c:\documents and settings\Jacob\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\programmer\Analog Devices\Core\smax4pnp.exe" [2008-04-24 1036288]
"TpShocks"="TpShocks.exe" [2009-12-11 337256]
"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2010-08-24 517480]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2009-12-01 256576]
"TPHOTKEY"="c:\programmer\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-12-21 69568]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2011-01-13 3396624]
"TVT Scheduler Proxy"="c:\programmer\Fælles filer\Lenovo\Scheduler\scheduler_proxy.exe" [2008-05-14 487424]
"ACTray"="c:\programmer\ThinkPad\ConnectUtilities\ACTray.exe" [2010-04-22 431464]
"ACWLIcon"="c:\programmer\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2010-04-22 181608]
"cssauth"="c:\programmer\Lenovo\Client Security Solution\cssauth.exe" [2008-06-13 3073336]
"PSQLLauncher"="c:\programmer\ThinkVantage Fingerprint Software\launcher.exe" [2009-12-01 55048]
"AwaySch"="c:\programmer\Lenovo\AwayTask\AwaySch.EXE" [2006-11-07 91688]
"LPManager"="c:\progra~1\THINKV~2\PrdCtr\LPMGR.exe" [2009-07-23 185688]
"LPMailChecker"="c:\progra~1\THINKV~2\PrdCtr\LPMLCHK.exe" [2009-07-23 124248]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-05 141336]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-05 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-05 142360]
"TPFNF7"="c:\programmer\Lenovo\NPDIRECT\TPFNF7SP.exe" [2010-03-26 62312]
"TPKMAPHELPER"="c:\programmer\ThinkPad\Utilities\TpKmapAp.exe" [2007-01-09 868352]
"AMSG"="c:\programmer\ThinkVantage\AMSG\Amsg.exe" [2009-09-03 436800]
"SunJavaUpdateSched"="c:\programmer\Fælles filer\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-03-08 128512]

c:\documents and settings\Jacob\Menuen Start\Programmer\Start\
Dropbox.lnk - c:\documents and settings\Jacob\Application Data\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmer\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmer\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21    548352    ------w-    c:\programmer\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2009-12-01 11:41    100104    ------w-    c:\programmer\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages    REG_MULTI_SZ      scecli c:\programmer\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^BTTray.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\BTTray.lnk
backup=c:\windows\pss\BTTray.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^Windows Search.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Jacob^Menuen Start^Programmer^Start^Dropbox.lnk]
path=c:\documents and settings\Jacob\Menuen Start\Programmer\Start\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-07-27 02:10    1983816    ----a-w-    c:\programmer\Canon\MyPrinter\BJMYPRT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2009-03-18 01:40    767312    ----a-w-    c:\programmer\Canon\SolutionMenu\CNSLMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-12-13 16:16    421160    ----a-w-    c:\programmer\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38    421888    ----a-w-    c:\programmer\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
2010-10-22 15:47    524288    ----a-w-    c:\programmer\Fælles filer\Spigot\Search Settings\SearchSettings.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmer\\SPSSInc\\PASWStatistics18\\paswstat.com"=
"c:\\Programmer\\SPSSInc\\PASWStatistics18\\WinWrapIDE.exe"=
"c:\\Programmer\\SPSSInc\\PASWStatistics18\\paswstat.exe"=
"c:\\Programmer\\Raptr\\raptr.exe"=
"c:\\Programmer\\Raptr\\raptr_im.exe"=
"c:\\Documents and Settings\\Jacob\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Programmer\\Reference Manager 12\\WebPublisher\\thirdparty\\Apache2\\bin\\RMWP_Apache_Admin.exe"=
"c:\\Programmer\\Reference Manager 12\\WebPublisher\\thirdparty\\Apache2\\bin\\RMWP_Apache.exe"=
"c:\\Programmer\\iTunes\\iTunes.exe"=
"c:\\Programmer\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Programmer\\Microsoft Office\\Office14\\OUTLOOK.EXE"=

R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [07-09-2010 21:11 24304]
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [09-10-2009 11:10 20520]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [07-09-2010 23:34 294608]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [07-09-2010 23:25 13480]
R1 SASDIFSV;SASDIFSV;c:\programmer\SUPERAntiSpyware\sasdifsv.sys [17-02-2010 19:25 12872]
R1 SASKUTIL;SASKUTIL;c:\programmer\SUPERAntiSpyware\SASKUTIL.SYS [10-05-2010 19:41 67656]
R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [09-05-2008 04:50 46144]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [07-09-2010 23:34 17744]
R2 DozeSvc;Lenovo Doze Mode Service;c:\programmer\ThinkPad\Utilities\DOZESVC.EXE [07-09-2010 21:11 132456]
R2 Power Manager DBC Service;Power Manager DBC Service;c:\programmer\ThinkPad\Utilities\PWMDBSVC.exe [07-09-2010 21:11 53248]
R2 smihlp;SMI Helper Driver (smihlp);c:\programmer\ThinkVantage Fingerprint Software\smihlp.sys [13-03-2009 12:47 12560]
R2 TPHKSVC;Vis på skærm;c:\programmer\Lenovo\HOTKEY\TPHKSVC.exe [07-09-2010 23:25 63928]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\programmer\Lenovo\Rescue and Recovery\rrpservice.exe [14-05-2008 15:25 520192]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\programmer\Lenovo\Rescue and Recovery\UpdateMonitor.exe [09-05-2008 04:50 360448]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22-02-2008 15:54 37312]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\programmer\Lenovo\HOTKEY\micmute.exe [07-09-2010 23:25 45496]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;"c:\programmer\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe" --> c:\programmer\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [?]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [03-12-2010 09:58 112640]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [03-12-2010 09:58 102656]
S3 osppsvc;Office Software Protection Platform;c:\programmer\Fælles filer\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [09-01-2010 21:37 4640000]
S3 RMWPService;RMWPService;c:\programmer\Reference Manager 12\WebPublisher\thirdparty\Apache2\bin\RMWP_Apache_Admin.exe [28-01-2004 18:25 20537]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;\??\c:\programmer\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys --> c:\programmer\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [?]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [04-11-2010 03:33 41984]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Indhold af mappen 'Planlagte Opgaver'

2011-01-27 c:\windows\Tasks\GlaryInitialize.job
- c:\programmer\Glary Utilities\initialize.exe [2010-09-19 08:32]

2011-01-02 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\programmer\PC-Doctor\uaclauncher.exe [2010-12-13 21:55]

2011-01-27 c:\windows\Tasks\PMTask.job
- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2010-09-07 23:28]

2011-01-27 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\programmer\PC-Doctor\pcdrcui.exe [2010-12-13 21:55]
.
.
------- Yderligere scanning -------
.
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: S&end til OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send til &Bluetooth-enhed... - c:\programmer\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send til Bluetooth - c:\programmer\ThinkPad\Bluetooth Software\btsendto_ie.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\programmer\Fælles filer\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\documents and settings\Jacob\Application Data\Mozilla\Firefox\Profiles\8kmcmly1.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programmer\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\programmer\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\programmer\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\programmer\Java\jre6\lib\deploy\jqs\ff
FF - Ext: British English Dictionary: en-GB@dictionaries.addons.mozilla.org - %profile%\extensions\en-GB@dictionaries.addons.mozilla.org
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: EBrary Reader Plugin: reader_plugin@ebrary.com - %profile%\extensions\reader_plugin@ebrary.com
FF - Ext: German Dictionary: de-DE@dictionaries.addons.mozilla.org - %profile%\extensions\de-DE@dictionaries.addons.mozilla.org
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-27 22:51
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{21651cc0-9e82-45f8-91c9-370706a3216c}]
@Denied: (Full) (Everyone)
"Model"=dword:0000014f
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
  38,95,44,d1,12,be,bf,7e,b1,e4,71,e8,6c,f3,47,17,bd,3c,08,83,e0,8b,c5,07,bb,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):36,4a,4f,05,43,7d,15,95,bf,36,52,f5,06,c4,1c,27,98,ce,be,cf,5c,
  df,f6,a9,4e,69,20,c7,64,ef,ff,66,d6,83,fe,c4,cf,f2,8b,9a,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'winlogon.exe'(1148)
c:\windows\system32\tvt_gina.dll
c:\programmer\ThinkPad\ConnectUtilities\ACGina.dll
c:\programmer\ThinkPad\ConnectUtilities\ACHelper.dll
c:\programmer\ThinkPad\ConnectUtilities\AcSvcStub.dll
c:\programmer\ThinkPad\ConnectUtilities\AcLocSettings.dll
c:\programmer\ThinkPad\ConnectUtilities\AcCryptHlpr.dll
c:\programmer\ThinkPad\ConnectUtilities\ACON.dll
c:\programmer\ThinkPad\ConnectUtilities\AcPrfMgr.dll
c:\programmer\ThinkPad\ConnectUtilities\ACTurinSupport.dll
c:\programmer\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll
c:\programmer\ThinkPad\ConnectUtilities\ACNewBiosHelper.dll
c:\programmer\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll
c:\programmer\Lenovo\HOTKEY\tpwrpc.dll
c:\programmer\ThinkPad\ConnectUtilities\Res\DK\ACGinaRes.dll
c:\programmer\SUPERAntiSpyware\SASWINLO.DLL
c:\programmer\ThinkVantage Fingerprint Software\psqlpwd.dll
c:\programmer\ThinkVantage Fingerprint Software\homefus2.dll
c:\programmer\ThinkVantage Fingerprint Software\infql2.dll
c:\programmer\ThinkVantage Fingerprint Software\homepass.dll
c:\programmer\ThinkVantage Fingerprint Software\bio.dll
c:\programmer\ThinkVantage Fingerprint Software\qlbase.dll

- - - - - - - > 'lsass.exe'(1204)
c:\programmer\ThinkVantage Fingerprint Software\psqlpwd.dll
c:\programmer\ThinkVantage Fingerprint Software\homefus2.dll
c:\programmer\ThinkVantage Fingerprint Software\infql2.dll

- - - - - - - > 'explorer.exe'(5360)
c:\documents and settings\Jacob\Application Data\Dropbox\bin\DropboxExt.13.dll
c:\windows\system32\msls31.dll
c:\windows\system32\ImgUtil.dll
c:\windows\system32\pngfilt.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\programmer\Intel\WiFi\bin\S24EvMon.exe
c:\programmer\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\IPSSVC.EXE
c:\programmer\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\windows\system32\acs.exe
c:\programmer\ThinkPad\ConnectUtilities\AcSvc.exe
c:\programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programmer\Intel\WiFi\bin\EvtEng.exe
c:\programmer\Java\jre6\bin\jqs.exe
c:\programmer\Fælles filer\Intel\WirelessCommon\RegSrvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\programmer\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
c:\programmer\Lenovo\System Update\SUService.exe
c:\programmer\Fælles filer\Lenovo\tvt_reg_monitor_svc.exe
c:\windows\system32\TpKmpSVC.exe
c:\programmer\Lenovo\Client Security Solution\tvttcsd.exe
c:\programmer\Lenovo\Rescue and Recovery\rrservice.exe
c:\programmer\Fælles filer\Lenovo\Scheduler\tvtsched.exe
c:\windows\system32\SearchIndexer.exe
c:\programmer\ThinkPad\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\TpShocks.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\igfxext.exe
c:\programmer\Lenovo\HOTKEY\TPONSCR.exe
c:\windows\system32\igfxsrvc.exe
c:\programmer\Lenovo\Zoom\TpScrex.exe
.
**************************************************************************
.
Gennemført tid: 2011-01-27  22:56:53 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2011-01-27 21:56
ComboFix2.txt  2011-01-27 09:38

Pre-Kørsel: 28.683.501.568 byte ledig
Post-Kørsel: 28.717.830.144 byte ledig

- - End Of File - - CDBD079A1CED50985C88CDB02EE374DF

Uden at vide noget som helst om det, kan jeg se, at der står TuneUp et sted i log'en.
Det har jeg forsøgt at afinstallere.. Er det stadig på computeren?

Sæt din Windows CD i.

Start notesblok og kopier nedenstående ind.

expand X:\i386\sfcfiles.dl_ C:\WINDOWS\system32\dllcache\
del %0

Erstat X med CD drevets betegnelse. (sandsynligvis D)

Gem den som Erstat.bat Når du gemmer den skal du sikre dig at der under "Filer" står "Alle Filer"

Dobbeltklik på Erstat.bat.

------

1. Hent dette lille værktøj:

http://jpshortstuff.247fixes.com/SystemLook.exe
http://images.malwareremoval.com/jpshortstuff/SystemLook.exe (alternativ adresse)

2. Dobbeltklik på systemlook.exe - nu dukker der et lille vindue op, hvor du skal kopiere HELE indholdet med fed skrift ind:

:filefind
sfcfiles.dll

3. Klik på knappen Look. Programmet vil nu lede på din computer.

4. Når programmet er færdig med at lede, vil der dukke et notepad-vindue op, med en log fra SystemLook. Den skal du kopiere herind i forum i dit næste svar. Log'en kan også findes på dit Skrivebord med navnet: SystemLook.txt.

SystemLook 04.09.10 by jpshortstuff
Log created at 09:26 on 28/01/2011 by Jacob
Administrator - Elevation successful

========== filefind ==========

Searching for "sfcfiles.dll"
C:\WINDOWS\system32\sfcfiles.dll    ------- 1571840 bytes    [18:25 07/09/2010]    [18:25 07/09/2010] 451EECBE879612ACC4AA953B1501FA66

-= EOF =-

Hov.... forrige indlæg var en fejl.
Kom til at bruge systemlook, inden jeg havde klikket på *.bat filen.

Her er den rigtige log:
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

SystemLook 04.09.10 by jpshortstuff
Log created at 09:36 on 28/01/2011 by Jacob
Administrator - Elevation successful

========== filefind ==========

Searching for "sfcfiles.dll"
C:\WINDOWS\system32\sfcfiles.dll    ------- 1571840 bytes    [18:25 07/09/2010]    [18:25 07/09/2010] 451EECBE879612ACC4AA953B1501FA66

-= EOF =-

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Det virkede ikke :(

Vil du godt gentage #13, men erstat X med D

Det er nok dit CD drev.

Så har jeg prøvet igen. Mener nu også jeg erstattede X med D før (D er mit cd-drev). Det er i hvert fald det, der står Winlite ud for, når jeg sætter skiven i :)
Jeg kan også prøve med den originale WinCD? Eller betyder det noget, at det er den samme (altså den samme tweak'ede) cd, som jeg brugte, da jeg installerede. --Den originale manglede Hdd driver.

Nå alt andet lige, ser det meget ud som før?

xxxxxxxxxxxxxxxxxxxxxxxxxxx

SystemLook 04.09.10 by jpshortstuff
Log created at 11:41 on 28/01/2011 by Jacob
Administrator - Elevation successful

========== filefind ==========

Searching for "sfcfiles.dll"
C:\WINDOWS\system32\sfcfiles.dll    ------- 1571840 bytes    [18:25 07/09/2010]    [18:25 07/09/2010] 451EECBE879612ACC4AA953B1501FA66

-= EOF =-
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Klik Start -> Kør og kopier dette ind: expand D:\i386\sfcfiles.dl_ C:\WINDOWS\system32\dllcache\sfcfiles.dll

Klik OK.

Hvis den komme med en fejlmeddelelse, vil jeg germe vide hvilken.

Ellers kør SystemLook igen.

Der kommer et prompt vindue op, men jeg kan ikke nå at se, hvad der står.

systemlook

SystemLook 04.09.10 by jpshortstuff
Log created at 12:20 on 28/01/2011 by Jacob
Administrator - Elevation successful

========== filefind ==========

Searching for "sfcfiles.dll"
C:\WINDOWS\system32\sfcfiles.dll    ------- 1571840 bytes    [18:25 07/09/2010]    [18:25 07/09/2010] 451EECBE879612ACC4AA953B1501FA66
C:\WINDOWS\system32\dllcache\sfcfiles.dll    --a--c- 1571840 bytes    [11:19 28/01/2011]    [19:35 11/10/2010] 8ADD18C6AB9CF788DF7EBF08FDDC1EA7

-= EOF =-

Det er sådan set lige meget hvad der stod. Det virkede  :)

------

Højreklik på skrivebordet og vælg ny->tekstdokument og kopier det fremhævede ind og gem filen som CFScript

Killall::
Snapshot::
FCopy::
C:\WINDOWS\system32\dllcache\sfcfiles.dll | c:\windows\system32\sfcfiles.dll

Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/billeder/cfscript.gif

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil combofix.txt som ligger her C:\Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

ComboFix 11-01-27.05 - Jacob 28-01-2011  13:03:33.3.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.45.1030.18.2006.1220 [GMT 1:00]
Kører fra: c:\documents and settings\Jacob\Skrivebord\ComboFix.exe
Kommandoer benyttet :: c:\documents and settings\Jacob\Skrivebord\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
--------------- FCopy ---------------

c:\windows\system32\dllcache\sfcfiles.dll --> c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((  Filer skabt fra 2010-12-28 til 2011-01-28  )))))))))))))))))))))))))))))))))))
.

2011-01-28 11:19 . 2010-10-11 19:35    1571840    -c----w-    c:\windows\system32\dllcache\sfcfiles.dll
2011-01-26 22:21 . 2011-01-26 22:21    --------    d-----w-    c:\documents and settings\Jacob\Application Data\Malwarebytes
2011-01-26 22:21 . 2010-12-20 17:09    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-26 22:21 . 2011-01-26 22:21    --------    d-----w-    c:\documents and settings\All Users\Application Data\Malwarebytes
2011-01-26 22:21 . 2011-01-26 22:21    --------    d-----w-    c:\programmer\Malwarebytes' Anti-Malware
2011-01-26 22:21 . 2010-12-20 17:08    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2011-01-21 23:04 . 2011-01-21 23:04    --------    d-----w-    c:\documents and settings\NetworkService\Application Data\TuneUp Software
2011-01-20 22:54 . 2010-12-14 13:43    31552    ----a-w-    c:\windows\system32\TURegOpt.exe
2011-01-20 22:54 . 2010-12-14 13:39    29504    ----a-w-    c:\windows\system32\uxtuneup.dll
2011-01-20 22:54 . 2011-01-20 22:54    --------    d-----w-    c:\documents and settings\Jacob\Application Data\TuneUp Software
2011-01-20 22:53 . 2011-01-20 22:54    --------    d-----w-    c:\documents and settings\All Users\Application Data\TuneUp Software
2011-01-20 22:53 . 2011-01-20 22:53    --------    d-sh--w-    c:\documents and settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-01-19 10:03 . 2011-01-19 10:03    --------    d-----w-    c:\programmer\Microsoft.NET
2011-01-19 10:03 . 2011-01-19 10:03    --------    d-----w-    c:\documents and settings\All Users\Microsoft
2011-01-19 09:58 . 2011-01-19 09:58    --------    d-----w-    c:\programmer\Microsoft Analysis Services
2011-01-19 09:58 . 2011-01-19 10:05    --------    d-----w-    c:\windows\SHELLNEW
2011-01-19 09:56 . 2011-01-19 09:56    --------    d-----r-    C:\MSOCache
2011-01-19 08:54 . 2011-01-19 08:54    --------    d-----w-    c:\documents and settings\Jacob\Lokale indstillinger\Application Data\VS Revo Group
2011-01-17 19:57 . 1999-03-23 07:12    304128    ----a-w-    c:\windows\unin040c.exe
2011-01-17 19:57 . 2011-01-17 19:57    --------    d-----w-    c:\documents and settings\Jacob\WINDOWS
2011-01-15 20:57 . 2005-11-10 18:21    1499136    ------w-    c:\programmer\Mozilla Firefox\plugins\npdjvu.dll
2011-01-15 20:57 . 2011-01-15 20:57    --------    d-----w-    c:\programmer\LizardTech
2011-01-15 20:51 . 2011-01-15 20:51    --------    d-----w-    c:\documents and settings\Jacob\Application Data\UDC Profiles
2011-01-15 20:45 . 2011-01-15 20:45    --------    d-----w-    c:\documents and settings\Jacob\Application Data\MathWorks
2011-01-13 13:41 . 2011-01-13 13:41    --------    d-----w-    c:\programmer\iPod
2011-01-13 13:41 . 2011-01-13 13:42    --------    d-----w-    c:\programmer\iTunes
2011-01-12 11:53 . 2011-01-12 11:53    --------    d-----w-    c:\windows\Microsoft Shared
2011-01-12 11:26 . 2011-01-12 11:26    --------    d--h--w-    c:\documents and settings\All Users\Application Data\CanonIJScan
2011-01-12 11:26 . 2011-01-12 11:26    --------    d-----w-    c:\documents and settings\Jacob\Application Data\Canon
2011-01-12 10:36 . 2011-01-12 10:36    --------    d-----w-    c:\documents and settings\Jacob\Application Data\Addinsoft
2011-01-12 10:36 . 2011-01-12 10:36    --------    d-----w-    C:\Addinsoft
2011-01-12 10:27 . 2011-01-19 10:15    --------    d-----w-    c:\programmer\Addinsoft
2010-12-30 13:00 . 2010-12-30 13:00    --------    d-----w-    c:\programmer\MATLAB

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-13 08:47 . 2010-09-07 22:34    38848    ----a-w-    c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-09-07 22:34    188216    ----a-w-    c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-09-07 22:34    294608    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-09-07 22:34    47440    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2010-09-07 22:34    100176    ----a-w-    c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2010-09-07 22:34    94544    ----a-w-    c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2010-09-07 22:34    23632    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-09-07 22:34    29392    ----a-w-    c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2010-09-07 22:34    17744    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2010-12-16 15:45 . 2010-12-03 08:58    71253    ----a-w-    c:\windows\Huawei ModemsUninstall.exe
2010-11-29 16:38 . 2010-11-29 16:38    94208    ----a-w-    c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38    69632    ----a-w-    c:\windows\system32\QuickTime.qts
2010-11-18 18:15 . 2010-09-07 18:02    81920    ------w-    c:\windows\system32\isign32.dll
2010-11-12 17:53 . 2010-10-13 13:06    472808    ----a-w-    c:\windows\system32\deployJava1.dll
2010-11-12 15:34 . 2010-09-08 11:52    73728    ----a-w-    c:\windows\system32\javacpl.cpl
2010-11-09 14:52 . 2008-04-14 07:05    249856    ----a-w-    c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2008-04-14 07:05    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2008-04-14 07:06    1469440    ------w-    c:\windows\system32\inetcpl.cpl
2010-11-06 00:23 . 2008-04-14 07:05    43520    ------w-    c:\windows\system32\licmgr10.dll
2010-11-03 12:25 . 2008-04-14 06:39    385024    ------w-    c:\windows\system32\html.iec
2010-11-02 15:17 . 2008-04-13 09:57    40960    ------w-    c:\windows\system32\drivers\ndproxy.sys
.

------- Sigcheck -------

• 2010-10-11 . 8ADD18C6AB9CF788DF7EBF08FDDC1EA7 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
  

• 2010-10-11 . 8ADD18C6AB9CF788DF7EBF08FDDC1EA7 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfcfiles.dll
  

.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19    94208    ------w-    c:\documents and settings\Jacob\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19    94208    ------w-    c:\documents and settings\Jacob\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19    94208    ------w-    c:\documents and settings\Jacob\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\programmer\Analog Devices\Core\smax4pnp.exe" [2008-04-24 1036288]
"TpShocks"="TpShocks.exe" [2009-12-11 337256]
"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2010-08-24 517480]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2009-12-01 256576]
"TPHOTKEY"="c:\programmer\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-12-21 69568]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2011-01-13 3396624]
"TVT Scheduler Proxy"="c:\programmer\Fælles filer\Lenovo\Scheduler\scheduler_proxy.exe" [2008-05-14 487424]
"ACTray"="c:\programmer\ThinkPad\ConnectUtilities\ACTray.exe" [2010-04-22 431464]
"ACWLIcon"="c:\programmer\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2010-04-22 181608]
"cssauth"="c:\programmer\Lenovo\Client Security Solution\cssauth.exe" [2008-06-13 3073336]
"PSQLLauncher"="c:\programmer\ThinkVantage Fingerprint Software\launcher.exe" [2009-12-01 55048]
"AwaySch"="c:\programmer\Lenovo\AwayTask\AwaySch.EXE" [2006-11-07 91688]
"LPManager"="c:\progra~1\THINKV~2\PrdCtr\LPMGR.exe" [2009-07-23 185688]
"LPMailChecker"="c:\progra~1\THINKV~2\PrdCtr\LPMLCHK.exe" [2009-07-23 124248]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-05 141336]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-05 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-05 142360]
"TPFNF7"="c:\programmer\Lenovo\NPDIRECT\TPFNF7SP.exe" [2010-03-26 62312]
"TPKMAPHELPER"="c:\programmer\ThinkPad\Utilities\TpKmapAp.exe" [2007-01-09 868352]
"AMSG"="c:\programmer\ThinkVantage\AMSG\Amsg.exe" [2009-09-03 436800]
"SunJavaUpdateSched"="c:\programmer\Fælles filer\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-03-08 128512]

c:\documents and settings\Jacob\Menuen Start\Programmer\Start\
Dropbox.lnk - c:\documents and settings\Jacob\Application Data\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmer\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmer\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21    548352    ------w-    c:\programmer\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2009-12-01 11:41    100104    ------w-    c:\programmer\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages    REG_MULTI_SZ      scecli c:\programmer\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^BTTray.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\BTTray.lnk
backup=c:\windows\pss\BTTray.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^Windows Search.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Jacob^Menuen Start^Programmer^Start^Dropbox.lnk]
path=c:\documents and settings\Jacob\Menuen Start\Programmer\Start\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-07-27 02:10    1983816    ----a-w-    c:\programmer\Canon\MyPrinter\BJMYPRT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2009-03-18 01:40    767312    ----a-w-    c:\programmer\Canon\SolutionMenu\CNSLMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-12-13 16:16    421160    ----a-w-    c:\programmer\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38    421888    ----a-w-    c:\programmer\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
2010-10-22 15:47    524288    ----a-w-    c:\programmer\Fælles filer\Spigot\Search Settings\SearchSettings.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmer\\SPSSInc\\PASWStatistics18\\paswstat.com"=
"c:\\Programmer\\SPSSInc\\PASWStatistics18\\WinWrapIDE.exe"=
"c:\\Programmer\\SPSSInc\\PASWStatistics18\\paswstat.exe"=
"c:\\Programmer\\Raptr\\raptr.exe"=
"c:\\Programmer\\Raptr\\raptr_im.exe"=
"c:\\Documents and Settings\\Jacob\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Programmer\\Reference Manager 12\\WebPublisher\\thirdparty\\Apache2\\bin\\RMWP_Apache_Admin.exe"=
"c:\\Programmer\\Reference Manager 12\\WebPublisher\\thirdparty\\Apache2\\bin\\RMWP_Apache.exe"=
"c:\\Programmer\\iTunes\\iTunes.exe"=
"c:\\Programmer\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Programmer\\Microsoft Office\\Office14\\OUTLOOK.EXE"=

R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [07-09-2010 21:11 24304]
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [09-10-2009 11:10 20520]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [07-09-2010 23:34 294608]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [07-09-2010 23:25 13480]
R1 SASDIFSV;SASDIFSV;c:\programmer\SUPERAntiSpyware\sasdifsv.sys [17-02-2010 19:25 12872]
R1 SASKUTIL;SASKUTIL;c:\programmer\SUPERAntiSpyware\SASKUTIL.SYS [10-05-2010 19:41 67656]
R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [09-05-2008 04:50 46144]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [07-09-2010 23:34 17744]
R2 DozeSvc;Lenovo Doze Mode Service;c:\programmer\ThinkPad\Utilities\DOZESVC.EXE [07-09-2010 21:11 132456]
R2 Power Manager DBC Service;Power Manager DBC Service;c:\programmer\ThinkPad\Utilities\PWMDBSVC.exe [07-09-2010 21:11 53248]
R2 smihlp;SMI Helper Driver (smihlp);c:\programmer\ThinkVantage Fingerprint Software\smihlp.sys [13-03-2009 12:47 12560]
R2 TPHKSVC;Vis på skærm;c:\programmer\Lenovo\HOTKEY\TPHKSVC.exe [07-09-2010 23:25 63928]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\programmer\Lenovo\Rescue and Recovery\rrpservice.exe [14-05-2008 15:25 520192]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\programmer\Lenovo\Rescue and Recovery\UpdateMonitor.exe [09-05-2008 04:50 360448]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22-02-2008 15:54 37312]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\programmer\Lenovo\HOTKEY\micmute.exe [07-09-2010 23:25 45496]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;"c:\programmer\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe" --> c:\programmer\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [?]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [03-12-2010 09:58 112640]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [03-12-2010 09:58 102656]
S3 osppsvc;Office Software Protection Platform;c:\programmer\Fælles filer\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [09-01-2010 21:37 4640000]
S3 RMWPService;RMWPService;c:\programmer\Reference Manager 12\WebPublisher\thirdparty\Apache2\bin\RMWP_Apache_Admin.exe [28-01-2004 18:25 20537]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;\??\c:\programmer\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys --> c:\programmer\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [?]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [04-11-2010 03:33 41984]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Indhold af mappen 'Planlagte Opgaver'

2011-01-28 c:\windows\Tasks\GlaryInitialize.job
- c:\programmer\Glary Utilities\initialize.exe [2010-09-19 08:32]

2011-01-02 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\programmer\PC-Doctor\uaclauncher.exe [2010-12-13 21:55]

2011-01-28 c:\windows\Tasks\PMTask.job
- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2010-09-07 23:28]

2011-01-28 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\programmer\PC-Doctor\pcdrcui.exe [2010-12-13 21:55]
.
.
------- Yderligere scanning -------
.
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: S&end til OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send til &Bluetooth-enhed... - c:\programmer\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send til Bluetooth - c:\programmer\ThinkPad\Bluetooth Software\btsendto_ie.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\programmer\Fælles filer\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\documents and settings\Jacob\Application Data\Mozilla\Firefox\Profiles\8kmcmly1.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programmer\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\programmer\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\programmer\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\programmer\Java\jre6\lib\deploy\jqs\ff
FF - Ext: British English Dictionary: en-GB@dictionaries.addons.mozilla.org - %profile%\extensions\en-GB@dictionaries.addons.mozilla.org
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: EBrary Reader Plugin: reader_plugin@ebrary.com - %profile%\extensions\reader_plugin@ebrary.com
FF - Ext: German Dictionary: de-DE@dictionaries.addons.mozilla.org - %profile%\extensions\de-DE@dictionaries.addons.mozilla.org
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-28 13:16
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{21651cc0-9e82-45f8-91c9-370706a3216c}]
@Denied: (Full) (Everyone)
"Model"=dword:0000014f
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
  38,95,44,d1,12,be,bf,7e,b1,e4,71,e8,6c,f3,47,17,bd,3c,08,83,e0,8b,c5,07,bb,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):36,4a,4f,05,43,7d,15,95,bf,36,52,f5,06,c4,1c,27,98,ce,be,cf,5c,
  df,f6,a9,4e,69,20,c7,64,ef,ff,66,d6,83,fe,c4,cf,f2,8b,9a,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'winlogon.exe'(1156)
c:\windows\system32\tvt_gina.dll
c:\programmer\ThinkPad\ConnectUtilities\ACGina.dll
c:\programmer\ThinkPad\ConnectUtilities\ACHelper.dll
c:\programmer\ThinkPad\ConnectUtilities\AcSvcStub.dll
c:\programmer\ThinkPad\ConnectUtilities\AcLocSettings.dll
c:\programmer\ThinkPad\ConnectUtilities\AcCryptHlpr.dll
c:\programmer\ThinkPad\ConnectUtilities\ACON.dll
c:\programmer\ThinkPad\ConnectUtilities\AcPrfMgr.dll
c:\programmer\ThinkPad\ConnectUtilities\ACTurinSupport.dll
c:\programmer\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll
c:\programmer\ThinkPad\ConnectUtilities\ACNewBiosHelper.dll
c:\programmer\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll
c:\programmer\Lenovo\HOTKEY\tpwrpc.dll
c:\programmer\ThinkPad\ConnectUtilities\Res\DK\ACGinaRes.dll
c:\programmer\SUPERAntiSpyware\SASWINLO.DLL
c:\programmer\ThinkVantage Fingerprint Software\psqlpwd.dll
c:\programmer\ThinkVantage Fingerprint Software\homefus2.dll
c:\programmer\ThinkVantage Fingerprint Software\infql2.dll
c:\programmer\ThinkVantage Fingerprint Software\homepass.dll
c:\programmer\ThinkVantage Fingerprint Software\bio.dll
c:\programmer\ThinkVantage Fingerprint Software\qlbase.dll

- - - - - - - > 'lsass.exe'(1212)
c:\programmer\ThinkVantage Fingerprint Software\psqlpwd.dll
c:\programmer\ThinkVantage Fingerprint Software\homefus2.dll
c:\programmer\ThinkVantage Fingerprint Software\infql2.dll

- - - - - - - > 'explorer.exe'(5748)
c:\documents and settings\Jacob\Application Data\Dropbox\bin\DropboxExt.13.dll
c:\windows\system32\msls31.dll
c:\windows\system32\ImgUtil.dll
c:\windows\system32\pngfilt.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\programmer\Intel\WiFi\bin\S24EvMon.exe
c:\programmer\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\IPSSVC.EXE
c:\programmer\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\windows\system32\acs.exe
c:\programmer\ThinkPad\ConnectUtilities\AcSvc.exe
c:\programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programmer\Intel\WiFi\bin\EvtEng.exe
c:\programmer\Java\jre6\bin\jqs.exe
c:\programmer\Fælles filer\Intel\WirelessCommon\RegSrvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\programmer\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
c:\programmer\Lenovo\System Update\SUService.exe
c:\programmer\Fælles filer\Lenovo\tvt_reg_monitor_svc.exe
c:\programmer\Lenovo\Client Security Solution\tvttcsd.exe
c:\programmer\Lenovo\Rescue and Recovery\rrservice.exe
c:\programmer\Fælles filer\Lenovo\Scheduler\tvtsched.exe
c:\windows\system32\SearchIndexer.exe
c:\programmer\ThinkPad\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\TpShocks.exe
c:\windows\system32\rundll32.exe
c:\programmer\Lenovo\HOTKEY\TPONSCR.exe
c:\windows\system32\igfxext.exe
c:\programmer\Lenovo\Zoom\TpScrex.exe
c:\windows\system32\igfxsrvc.exe
.
**************************************************************************
.
Gennemført tid: 2011-01-28  13:27:13 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2011-01-28 12:27
ComboFix2.txt  2011-01-27 21:56
ComboFix3.txt  2011-01-27 09:38

Pre-Kørsel: 28.631.412.736 byte ledig
Post-Kørsel: 28.525.256.704 byte ledig

- - End Of File - - 182261745EDC020201D360B0439BE254

Vil du godt prøve #18 igen, med den originale CD.

Systemlook efter #18 med original CD

SystemLook 04.09.10 by jpshortstuff
Log created at 14:46 on 28/01/2011 by Jacob
Administrator - Elevation successful

========== filefind ==========

Searching for "sfcfiles.dll"
C:\WINDOWS\system32\sfcfiles.dll    --a---- 1571840 bytes    [18:25 07/09/2010]    [19:35 11/10/2010] 8ADD18C6AB9CF788DF7EBF08FDDC1EA7
C:\WINDOWS\system32\dllcache\sfcfiles.dll    --a--c- 1548288 bytes    [11:19 28/01/2011]    [16:53 26/08/2004] F8D3A7033A6D6684C3B97CB785DBC57C

-= EOF =-

Højreklik på skrivebordet og vælg ny->tekstdokument og kopier det fremhævede ind og gem filen som CFScript

Killall::
Snapshot::

Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/billeder/cfscript.gif

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt som ligger her C:\Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

Jeg skal ikke køre #20 igen først?

En anden ting, jeg lige skal være sikker på. Det betyder ikke noget for systemet, at jeg erstatter en systemfil, med en fra original-cden? Jeg tænker på min harddisk driver, som jeg var nødt til at integrere i Win-cd'en ved installation (noget med IDE og SATA osv.)

Nej. Jeg tror nemlig at det Combofix reagerer på, skyldes at CDen er steamet. Hvis jeg har ret, skal #18 køres igen, med den streamede CD.

Ok, jeg er ikke helt med længere.
Skal jeg køre først #18, med den originale cd, og så #18 igen med den tweak'ede cd?

Status: Jeg har kørt #18 med den originale, se #23:

Hvad er næste trin :)

Kør ComboFix efter #24

ComboFix 11-01-28.01 - Jacob 28-01-2011  17:38:58.4.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.45.1030.18.2006.1330 [GMT 1:00]
Kører fra: c:\documents and settings\Jacob\Skrivebord\ComboFix.exe
Kommandoer benyttet :: c:\documents and settings\Jacob\Skrivebord\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((  Filer skabt fra 2010-12-28 til 2011-01-28  )))))))))))))))))))))))))))))))))))
.

2011-01-28 11:19 . 2004-08-26 16:53    1548288    -c--a-w-    c:\windows\system32\dllcache\sfcfiles.dll
2011-01-26 22:21 . 2011-01-26 22:21    --------    d-----w-    c:\documents and settings\Jacob\Application Data\Malwarebytes
2011-01-26 22:21 . 2010-12-20 17:09    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-26 22:21 . 2011-01-26 22:21    --------    d-----w-    c:\documents and settings\All Users\Application Data\Malwarebytes
2011-01-26 22:21 . 2011-01-26 22:21    --------    d-----w-    c:\programmer\Malwarebytes' Anti-Malware
2011-01-26 22:21 . 2010-12-20 17:08    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2011-01-21 23:04 . 2011-01-21 23:04    --------    d-----w-    c:\documents and settings\NetworkService\Application Data\TuneUp Software
2011-01-20 22:54 . 2010-12-14 13:43    31552    ----a-w-    c:\windows\system32\TURegOpt.exe
2011-01-20 22:54 . 2010-12-14 13:39    29504    ----a-w-    c:\windows\system32\uxtuneup.dll
2011-01-20 22:54 . 2011-01-20 22:54    --------    d-----w-    c:\documents and settings\Jacob\Application Data\TuneUp Software
2011-01-20 22:53 . 2011-01-20 22:54    --------    d-----w-    c:\documents and settings\All Users\Application Data\TuneUp Software
2011-01-20 22:53 . 2011-01-20 22:53    --------    d-sh--w-    c:\documents and settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-01-19 10:03 . 2011-01-19 10:03    --------    d-----w-    c:\programmer\Microsoft.NET
2011-01-19 10:03 . 2011-01-19 10:03    --------    d-----w-    c:\documents and settings\All Users\Microsoft
2011-01-19 09:58 . 2011-01-19 09:58    --------    d-----w-    c:\programmer\Microsoft Analysis Services
2011-01-19 09:58 . 2011-01-19 10:05    --------    d-----w-    c:\windows\SHELLNEW
2011-01-19 09:56 . 2011-01-19 09:56    --------    d-----r-    C:\MSOCache
2011-01-19 08:54 . 2011-01-19 08:54    --------    d-----w-    c:\documents and settings\Jacob\Lokale indstillinger\Application Data\VS Revo Group
2011-01-17 19:57 . 1999-03-23 07:12    304128    ----a-w-    c:\windows\unin040c.exe
2011-01-17 19:57 . 2011-01-17 19:57    --------    d-----w-    c:\documents and settings\Jacob\WINDOWS
2011-01-15 20:57 . 2005-11-10 18:21    1499136    ------w-    c:\programmer\Mozilla Firefox\plugins\npdjvu.dll
2011-01-15 20:57 . 2011-01-15 20:57    --------    d-----w-    c:\programmer\LizardTech
2011-01-15 20:51 . 2011-01-15 20:51    --------    d-----w-    c:\documents and settings\Jacob\Application Data\UDC Profiles
2011-01-15 20:45 . 2011-01-15 20:45    --------    d-----w-    c:\documents and settings\Jacob\Application Data\MathWorks
2011-01-13 13:41 . 2011-01-13 13:41    --------    d-----w-    c:\programmer\iPod
2011-01-13 13:41 . 2011-01-13 13:42    --------    d-----w-    c:\programmer\iTunes
2011-01-12 11:53 . 2011-01-12 11:53    --------    d-----w-    c:\windows\Microsoft Shared
2011-01-12 11:26 . 2011-01-12 11:26    --------    d--h--w-    c:\documents and settings\All Users\Application Data\CanonIJScan
2011-01-12 11:26 . 2011-01-12 11:26    --------    d-----w-    c:\documents and settings\Jacob\Application Data\Canon
2011-01-12 10:36 . 2011-01-12 10:36    --------    d-----w-    c:\documents and settings\Jacob\Application Data\Addinsoft
2011-01-12 10:36 . 2011-01-12 10:36    --------    d-----w-    C:\Addinsoft
2011-01-12 10:27 . 2011-01-19 10:15    --------    d-----w-    c:\programmer\Addinsoft
2010-12-30 13:00 . 2010-12-30 13:00    --------    d-----w-    c:\programmer\MATLAB

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-13 08:47 . 2010-09-07 22:34    38848    ----a-w-    c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-09-07 22:34    188216    ----a-w-    c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-09-07 22:34    294608    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-09-07 22:34    47440    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2010-09-07 22:34    100176    ----a-w-    c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2010-09-07 22:34    94544    ----a-w-    c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2010-09-07 22:34    23632    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-09-07 22:34    29392    ----a-w-    c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2010-09-07 22:34    17744    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2010-12-16 15:45 . 2010-12-03 08:58    71253    ----a-w-    c:\windows\Huawei ModemsUninstall.exe
2010-11-29 16:38 . 2010-11-29 16:38    94208    ----a-w-    c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38    69632    ----a-w-    c:\windows\system32\QuickTime.qts
2010-11-18 18:15 . 2010-09-07 18:02    81920    ------w-    c:\windows\system32\isign32.dll
2010-11-12 17:53 . 2010-10-13 13:06    472808    ----a-w-    c:\windows\system32\deployJava1.dll
2010-11-12 15:34 . 2010-09-08 11:52    73728    ----a-w-    c:\windows\system32\javacpl.cpl
2010-11-09 14:52 . 2008-04-14 07:05    249856    ----a-w-    c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2008-04-14 07:05    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2008-04-14 07:06    1469440    ------w-    c:\windows\system32\inetcpl.cpl
2010-11-06 00:23 . 2008-04-14 07:05    43520    ------w-    c:\windows\system32\licmgr10.dll
2010-11-03 12:25 . 2008-04-14 06:39    385024    ------w-    c:\windows\system32\html.iec
2010-11-02 15:17 . 2008-04-13 09:57    40960    ------w-    c:\windows\system32\drivers\ndproxy.sys
.

------- Sigcheck -------

• 2010-10-11 . 8ADD18C6AB9CF788DF7EBF08FDDC1EA7 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
  

• 2004-08-26 . F8D3A7033A6D6684C3B97CB785DBC57C . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfcfiles.dll
  

.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19    94208    ------w-    c:\documents and settings\Jacob\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19    94208    ------w-    c:\documents and settings\Jacob\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19    94208    ------w-    c:\documents and settings\Jacob\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\programmer\Analog Devices\Core\smax4pnp.exe" [2008-04-24 1036288]
"TpShocks"="TpShocks.exe" [2009-12-11 337256]
"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2010-08-24 517480]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2009-12-01 256576]
"TPHOTKEY"="c:\programmer\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-12-21 69568]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2011-01-13 3396624]
"TVT Scheduler Proxy"="c:\programmer\Fælles filer\Lenovo\Scheduler\scheduler_proxy.exe" [2008-05-14 487424]
"ACTray"="c:\programmer\ThinkPad\ConnectUtilities\ACTray.exe" [2010-04-22 431464]
"ACWLIcon"="c:\programmer\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2010-04-22 181608]
"cssauth"="c:\programmer\Lenovo\Client Security Solution\cssauth.exe" [2008-06-13 3073336]
"PSQLLauncher"="c:\programmer\ThinkVantage Fingerprint Software\launcher.exe" [2009-12-01 55048]
"AwaySch"="c:\programmer\Lenovo\AwayTask\AwaySch.EXE" [2006-11-07 91688]
"LPManager"="c:\progra~1\THINKV~2\PrdCtr\LPMGR.exe" [2009-07-23 185688]
"LPMailChecker"="c:\progra~1\THINKV~2\PrdCtr\LPMLCHK.exe" [2009-07-23 124248]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-05 141336]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-05 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-05 142360]
"TPFNF7"="c:\programmer\Lenovo\NPDIRECT\TPFNF7SP.exe" [2010-03-26 62312]
"TPKMAPHELPER"="c:\programmer\ThinkPad\Utilities\TpKmapAp.exe" [2007-01-09 868352]
"AMSG"="c:\programmer\ThinkVantage\AMSG\Amsg.exe" [2009-09-03 436800]
"SunJavaUpdateSched"="c:\programmer\Fælles filer\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-03-08 128512]

c:\documents and settings\Jacob\Menuen Start\Programmer\Start\
Dropbox.lnk - c:\documents and settings\Jacob\Application Data\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmer\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmer\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21    548352    ------w-    c:\programmer\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2009-12-01 11:41    100104    ------w-    c:\programmer\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages    REG_MULTI_SZ      scecli c:\programmer\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^BTTray.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\BTTray.lnk
backup=c:\windows\pss\BTTray.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menuen Start^Programmer^Start^Windows Search.lnk]
path=c:\documents and settings\All Users\Menuen Start\Programmer\Start\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Jacob^Menuen Start^Programmer^Start^Dropbox.lnk]
path=c:\documents and settings\Jacob\Menuen Start\Programmer\Start\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-07-27 02:10    1983816    ----a-w-    c:\programmer\Canon\MyPrinter\BJMYPRT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2009-03-18 01:40    767312    ----a-w-    c:\programmer\Canon\SolutionMenu\CNSLMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-12-13 16:16    421160    ----a-w-    c:\programmer\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38    421888    ----a-w-    c:\programmer\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
2010-10-22 15:47    524288    ----a-w-    c:\programmer\Fælles filer\Spigot\Search Settings\SearchSettings.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmer\\SPSSInc\\PASWStatistics18\\paswstat.com"=
"c:\\Programmer\\SPSSInc\\PASWStatistics18\\WinWrapIDE.exe"=
"c:\\Programmer\\SPSSInc\\PASWStatistics18\\paswstat.exe"=
"c:\\Programmer\\Raptr\\raptr.exe"=
"c:\\Programmer\\Raptr\\raptr_im.exe"=
"c:\\Documents and Settings\\Jacob\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Programmer\\Reference Manager 12\\WebPublisher\\thirdparty\\Apache2\\bin\\RMWP_Apache_Admin.exe"=
"c:\\Programmer\\Reference Manager 12\\WebPublisher\\thirdparty\\Apache2\\bin\\RMWP_Apache.exe"=
"c:\\Programmer\\iTunes\\iTunes.exe"=
"c:\\Programmer\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Programmer\\Microsoft Office\\Office14\\OUTLOOK.EXE"=

R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [07-09-2010 21:11 24304]
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [09-10-2009 11:10 20520]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [07-09-2010 23:34 294608]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [07-09-2010 23:25 13480]
R1 SASDIFSV;SASDIFSV;c:\programmer\SUPERAntiSpyware\sasdifsv.sys [17-02-2010 19:25 12872]
R1 SASKUTIL;SASKUTIL;c:\programmer\SUPERAntiSpyware\SASKUTIL.SYS [10-05-2010 19:41 67656]
R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [09-05-2008 04:50 46144]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [07-09-2010 23:34 17744]
R2 DozeSvc;Lenovo Doze Mode Service;c:\programmer\ThinkPad\Utilities\DOZESVC.EXE [07-09-2010 21:11 132456]
R2 Power Manager DBC Service;Power Manager DBC Service;c:\programmer\ThinkPad\Utilities\PWMDBSVC.exe [07-09-2010 21:11 53248]
R2 smihlp;SMI Helper Driver (smihlp);c:\programmer\ThinkVantage Fingerprint Software\smihlp.sys [13-03-2009 12:47 12560]
R2 TPHKSVC;Vis på skærm;c:\programmer\Lenovo\HOTKEY\TPHKSVC.exe [07-09-2010 23:25 63928]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\programmer\Lenovo\Rescue and Recovery\rrpservice.exe [14-05-2008 15:25 520192]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\programmer\Lenovo\Rescue and Recovery\UpdateMonitor.exe [09-05-2008 04:50 360448]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22-02-2008 15:54 37312]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\programmer\Lenovo\HOTKEY\micmute.exe [07-09-2010 23:25 45496]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;"c:\programmer\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe" --> c:\programmer\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [?]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [03-12-2010 09:58 112640]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [03-12-2010 09:58 102656]
S3 osppsvc;Office Software Protection Platform;c:\programmer\Fælles filer\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [09-01-2010 21:37 4640000]
S3 RMWPService;RMWPService;c:\programmer\Reference Manager 12\WebPublisher\thirdparty\Apache2\bin\RMWP_Apache_Admin.exe [28-01-2004 18:25 20537]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;\??\c:\programmer\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys --> c:\programmer\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [?]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [04-11-2010 03:33 41984]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Indhold af mappen 'Planlagte Opgaver'

2011-01-28 c:\windows\Tasks\GlaryInitialize.job
- c:\programmer\Glary Utilities\initialize.exe [2010-09-19 08:32]

2011-01-02 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\programmer\PC-Doctor\uaclauncher.exe [2010-12-13 21:55]

2011-01-28 c:\windows\Tasks\PMTask.job
- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2010-09-07 23:28]

2011-01-28 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\programmer\PC-Doctor\pcdrcui.exe [2010-12-13 21:55]
.
.
------- Yderligere scanning -------
.
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: S&end til OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send til &Bluetooth-enhed... - c:\programmer\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send til Bluetooth - c:\programmer\ThinkPad\Bluetooth Software\btsendto_ie.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\programmer\Fælles filer\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\documents and settings\Jacob\Application Data\Mozilla\Firefox\Profiles\8kmcmly1.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programmer\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\programmer\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\programmer\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\programmer\Java\jre6\lib\deploy\jqs\ff
FF - Ext: British English Dictionary: en-GB@dictionaries.addons.mozilla.org - %profile%\extensions\en-GB@dictionaries.addons.mozilla.org
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: EBrary Reader Plugin: reader_plugin@ebrary.com - %profile%\extensions\reader_plugin@ebrary.com
FF - Ext: German Dictionary: de-DE@dictionaries.addons.mozilla.org - %profile%\extensions\de-DE@dictionaries.addons.mozilla.org
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-28 17:48
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{21651cc0-9e82-45f8-91c9-370706a3216c}]
@Denied: (Full) (Everyone)
"Model"=dword:0000014f
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
  38,95,44,d1,12,be,bf,7e,b1,e4,71,e8,6c,f3,47,17,bd,3c,08,83,e0,8b,c5,07,bb,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):36,4a,4f,05,43,7d,15,95,bf,36,52,f5,06,c4,1c,27,98,ce,be,cf,5c,
  df,f6,a9,4e,69,20,c7,64,ef,ff,66,d6,83,fe,c4,cf,f2,8b,9a,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'winlogon.exe'(1148)
c:\windows\system32\tvt_gina.dll
c:\programmer\ThinkPad\ConnectUtilities\ACGina.dll
c:\programmer\ThinkPad\ConnectUtilities\ACHelper.dll
c:\programmer\ThinkPad\ConnectUtilities\AcSvcStub.dll
c:\programmer\ThinkPad\ConnectUtilities\AcLocSettings.dll
c:\programmer\ThinkPad\ConnectUtilities\AcCryptHlpr.dll
c:\programmer\ThinkPad\ConnectUtilities\ACON.dll
c:\programmer\ThinkPad\ConnectUtilities\AcPrfMgr.dll
c:\programmer\ThinkPad\ConnectUtilities\ACTurinSupport.dll
c:\programmer\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll
c:\programmer\ThinkPad\ConnectUtilities\ACNewBiosHelper.dll
c:\programmer\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll
c:\programmer\Lenovo\HOTKEY\tpwrpc.dll
c:\programmer\ThinkPad\ConnectUtilities\Res\DK\ACGinaRes.dll
c:\programmer\SUPERAntiSpyware\SASWINLO.DLL
c:\programmer\ThinkVantage Fingerprint Software\psqlpwd.dll
c:\programmer\ThinkVantage Fingerprint Software\homefus2.dll
c:\programmer\ThinkVantage Fingerprint Software\infql2.dll
c:\programmer\ThinkVantage Fingerprint Software\homepass.dll
c:\programmer\ThinkVantage Fingerprint Software\bio.dll
c:\programmer\ThinkVantage Fingerprint Software\qlbase.dll

- - - - - - - > 'lsass.exe'(1208)
c:\programmer\ThinkVantage Fingerprint Software\psqlpwd.dll
c:\programmer\ThinkVantage Fingerprint Software\homefus2.dll
c:\programmer\ThinkVantage Fingerprint Software\infql2.dll

- - - - - - - > 'explorer.exe'(4064)
c:\documents and settings\Jacob\Application Data\Dropbox\bin\DropboxExt.13.dll
c:\windows\system32\msls31.dll
c:\windows\system32\ImgUtil.dll
c:\windows\system32\pngfilt.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\programmer\Intel\WiFi\bin\S24EvMon.exe
c:\programmer\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\IPSSVC.EXE
c:\programmer\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\windows\system32\acs.exe
c:\programmer\ThinkPad\ConnectUtilities\AcSvc.exe
c:\programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programmer\Intel\WiFi\bin\EvtEng.exe
c:\programmer\Java\jre6\bin\jqs.exe
c:\programmer\Fælles filer\Intel\WirelessCommon\RegSrvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\programmer\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
c:\programmer\Lenovo\System Update\SUService.exe
c:\programmer\Fælles filer\Lenovo\tvt_reg_monitor_svc.exe
c:\windows\system32\TpKmpSVC.exe
c:\programmer\Lenovo\Client Security Solution\tvttcsd.exe
c:\programmer\Lenovo\Rescue and Recovery\rrservice.exe
c:\programmer\Fælles filer\Lenovo\Scheduler\tvtsched.exe
c:\windows\system32\SearchIndexer.exe
c:\programmer\ThinkPad\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\TpShocks.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
c:\programmer\Lenovo\HOTKEY\TPONSCR.exe
c:\programmer\Lenovo\Zoom\TpScrex.exe
.
**************************************************************************
.
Gennemført tid: 2011-01-28  17:54:27 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2011-01-28 16:54
ComboFix2.txt  2011-01-28 12:27
ComboFix3.txt  2011-01-27 21:56
ComboFix4.txt  2011-01-27 09:38

Pre-Kørsel: 28.554.973.184 byte ledig
Post-Kørsel: 28.597.313.536 byte ledig

- - End Of File - - 4E959AFD9DD7BA31647A4095B3AA6BEE

Kør #18 igen, med den streamede CD.

------

Bagefter Henter du Rootkit Unhooker og gemmer den på skrivebordet.

http://www.kernelmode.info/ARKs/RKUnhookerLE.EXE

Start den. Klik på report, klik så på scan.
Lad fluebenet stå i Drivers og Stealth. Fjern de andre.
Klik OK
( Hvis den kommer med denne advarsel "Rootkit Unhooker has detected a parasite inside itself!" ignorer den)
Når den er færdig, klik File -> Save Report
Gem den på Skrivebordet og kopier den herind.

Husk at deaktivere dine sikkerheds programmer.

Således........


RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #2
==============================================
>Drivers
==============================================
0xB9352000 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys 6602752 bytes (Intel Corporation, Intel® Wireless WiFi Link Driver)
0xBF2E9000 C:\WINDOWS\System32\igxpdx32.DLL 3837952 bytes (Intel Corporation, DirectDraw(R) Driver for Intel(R) Graphics Technology)
0xBF059000 C:\WINDOWS\System32\igxpdv32.DLL 2686976 bytes (Intel Corporation, Component GHAL Driver)
0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2154496 bytes (Microsoft Corporation, NT-kerne og -system)
0x804D7000 PnpManager 2154496 bytes
0x804D7000 RAW 2154496 bytes
0x804D7000 WMIxWDM 2154496 bytes
0xBF800000 Win32k 1855488 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1855488 bytes (Microsoft Corporation, Win32-flerbrugerdriver)
0xB9A3B000 C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 1732608 bytes (Intel Corporation, Intel Graphics Miniport Driver)
0xB918A000 C:\WINDOWS\system32\DRIVERS\SynTP.sys 1298432 bytes (Synaptics Incorporated, Synaptics Touchpad Driver)
0xB8FDD000 C:\WINDOWS\system32\DRIVERS\btkrnl.sys 987136 bytes (Broadcom Corporation., Bluetooth Bus Enumerator)
0xA8791000 C:\WINDOWS\System32\Drivers\dump_iaStor.sys 892928 bytes
0xB9E39000 iaStor.sys 892928 bytes (Intel Corporation, Intel Matrix Storage Manager driver - ia32)
0xB9D63000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xA886B000 C:\WINDOWS\system32\drivers\btaudio.sys 528384 bytes (Broadcom Corporation., Bluetooth Audio Device)
0xB9119000 C:\WINDOWS\System32\Drivers\wdf01000.sys 462848 bytes (Microsoft Corporation, Kernel Mode Driver Framework Runtime)
0xA89C1000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xB8E87000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xA8BFE000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xA7CC9000 C:\WINDOWS\system32\DRIVERS\srv.sys 360448 bytes (Microsoft Corporation, Server driver)
0xB92C7000 C:\WINDOWS\system32\DRIVERS\rixdptsk.sys 335872 bytes (REDC, RICOH XD SM Driver)
0xA8CC8000 C:\WINDOWS\system32\drivers\ADIHdAud.sys 323584 bytes (Analog Devices, Inc., High Definition Audio Function Driver)
0xA895A000 C:\WINDOWS\System32\Drivers\aswSP.SYS 290816 bytes (AVAST Software, avast! self protection module)
0xBFFA0000 C:\WINDOWS\System32\ATMFD.DLL 290816 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xA736B000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xB99EA000 C:\WINDOWS\system32\DRIVERS\e1e5132.sys 249856 bytes (Intel Corporation, Intel(R) PRO/1000 Adapter NDIS 5.2 deserialized driver)
0xBF024000 C:\WINDOWS\System32\igxpgd32.dll 217088 bytes (Intel Corporation, Intel Graphics 2D Driver)
0xB9F79000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI-driver til NT)
0xA8019000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xB9D36000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xA5294000 C:\WINDOWS\system32\drivers\kmixer.sys 176128 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
0xA8A31000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xB999E000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 163840 bytes (Windows (R) Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
0xA8AC0000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xA8B88000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xA8CA4000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xB99C6000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xB90CE000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xA8A9E000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0xA8A5C000 C:\Programmer\SUPERAntiSpyware\SASKUTIL.SYS 139264 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASKUTIL.SYS)
0x806E5000 ACPI_HAL 134400 bytes
0x806E5000 C:\WINDOWS\system32\hal.dll 134400 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xB9D16000 Apsx86.sys 131072 bytes (Lenovo., Shockproof Disk Driver)
0xB9E19000 fltMgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xB9F2B000 ftdisk.sys 126976 bytes (Microsoft Corporation, Diskdriver til FT)
0xA88EC000 C:\WINDOWS\system32\DRIVERS\btwdndis.sys 122880 bytes (Broadcom Corporation., Bluetooth LAN Access Server Driver)
0xB9F4A000 pcmcia.sys 122880 bytes (Microsoft Corporation, Driver til PCMCIA-bus)
0xA8C8A000 C:\WINDOWS\system32\drivers\AEAudio.sys 106496 bytes (Andrea Electronics Corporation, Audio Noise Filtering Driver (32-bit))
0xB9CFC000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xB9F13000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xB8EFD000 C:\WINDOWS\system32\DRIVERS\mcdbus.sys 98304 bytes (MagicISO, Inc., MagicISO SCSI Host Controller)
0xB8EE5000 C:\WINDOWS\system32\DRIVERS\SCSIPORT.SYS 98304 bytes (Microsoft Corporation, SCSI Port Driver)
0xA838E000 C:\WINDOWS\System32\Drivers\aswMon2.SYS 94208 bytes (AVAST Software, avast! File System Filter Driver for Windows XP)
0xB9DF0000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xB8FC6000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xA7A0C000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xA84E5000 C:\WINDOWS\system32\drivers\mdvrmng.sys 81920 bytes (-, SmartRoaming Client)
0xB9319000 C:\WINDOWS\system32\DRIVERS\rimsptsk.sys 81920 bytes (REDC, RICOH MS Driver)
0xB933E000 C:\WINDOWS\system32\DRIVERS\sdbus.sys 81920 bytes (Microsoft Corporation, SecureDigital Bus Driver)
0xB9A27000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xA8C57000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xBF012000 C:\WINDOWS\System32\igxprd32.dll 73728 bytes (Intel Corporation, Intel Graphics 2D Rotation Driver)
0xB9E07000 sr.sys 73728 bytes (Microsoft Corporation, Filsystemfilterdriver til Systemgendannelse)
0xB9F68000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI-optælling)
0xB8FB5000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xB932D000 C:\WINDOWS\system32\DRIVERS\rimmptsk.sys 69632 bytes (REDC, RICOH SD Driver)
0xB8F65000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xBA2D8000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xBA298000 C:\WINDOWS\system32\DRIVERS\nic1394.sys 65536 bytes (Microsoft Corporation, IEEE1394 Ndis Miniport and Call Manager)
0xBA0B8000 ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xBA238000 C:\WINDOWS\system32\DRIVERS\arp1394.sys 61440 bytes (Microsoft Corporation, IP/1394 Arp Client)
0xBA1D8000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xBA2E8000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Filterdriver til Redbook-lyd)
0xA7C41000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xBA208000 C:\WINDOWS\system32\DRIVERS\tvtumon.sys 61440 bytes (Lenovo, Windows Update Monitor Driver)
0xBA1C8000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xBA188000 C:\WINDOWS\system32\DRIVERS\wsimd.sys 61440 bytes (Atheros Communications, Inc., Wireless Intermediate Miniport Driver)
0xBA0C8000 C:\WINDOWS\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xBA0E8000 VolSnap.sys 57344 bytes (Microsoft Corporation, Driver til tjenesten Volume Snapshot)
0xBA2B8000 C:\WINDOWS\system32\DRIVERS\WDFLDR.SYS 57344 bytes (Microsoft Corporation, Kernel Mode Driver Framework Loader)
0xBA108000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xBA2A8000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, Driver til i8042-port)
0xBA2F8000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xBA318000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xBA258000 C:\WINDOWS\System32\Drivers\btwusb.sys 45056 bytes (Broadcom Corporation., Driver for Bluetooth USB Devices)
0xBA268000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, Driver til FIPS Crypto)
0xBA2C8000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xBA0D8000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xBA308000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xB8FA5000 C:\WINDOWS\System32\Drivers\tcusb.sys 45056 bytes (UPEK Inc., TouchChip USB Kernel Driver)
0xBA218000 C:\WINDOWS\System32\Drivers\aswTdi.SYS 40960 bytes (AVAST Software, avast! TDI Filter Driver)
0xBA288000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 40960 bytes (Microsoft Corporation, Processorenhedsdriver)
0xBA0A8000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA-busdriver)
0xBA1A8000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xBA158000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xBA128000 ApsHM86.sys 36864 bytes (Lenovo., ThinkVantage Active Protection System HID Digitizer Activity Monitor Driver)
0xBA0F8000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xB8F75000 C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xBA148000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xBA248000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xA548F000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xBA118000 PxHelp20.sys 36864 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xBA178000 C:\WINDOWS\system32\DRIVERS\tvtfilter.sys 36864 bytes (Lenovo, Rescue and Recovery filter driver)
0xBA228000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xBA4A0000 C:\WINDOWS\system32\DRIVERS\atmeltpm.sys 32768 bytes (Atmel, Inc., Atmel TPM Driver)
0xBA358000 C:\WINDOWS\system32\DRIVERS\btport.sys 32768 bytes (Broadcom Corporation., Bluetooth BTPORT Driver for Windows 2000)
0xA893A000 C:\ComboFix\catchme.sys 32768 bytes
0xBA400000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xBA420000 C:\WINDOWS\system32\DRIVERS\Tvti2c.sys 32768 bytes (Lenovo (United States) Inc., SMBUS Driver)
0xBA438000 C:\WINDOWS\system32\DRIVERS\usbccgp.sys 32768 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0xBA3A0000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xBA3C8000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xBA3D8000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 28672 bytes (Microsoft Corporation, Klassedriver til tastatur)
0xBA328000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xBA448000 C:\WINDOWS\system32\DRIVERS\PROCDD.SYS 28672 bytes (Lenovo Group Limited, IPS Helper Driver)
0xBA360000 C:\WINDOWS\System32\Drivers\Aavmker4.SYS 24576 bytes (AVAST Software, avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP)
0xBA3B0000 C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0xBA498000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Klassedriver til mus)
0xBA408000 C:\WINDOWS\system32\DRIVERS\psadd.sys 24576 bytes (Lenovo (United States) Inc., SMBIOS Driver)
0xBA490000 C:\Programmer\SUPERAntiSpyware\SASDIFSV.SYS 24576 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASDIFSV.SYS)
0xBA370000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xBA3E0000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xBA418000 C:\WINDOWS\System32\Drivers\aswRdr.SYS 20480 bytes (AVAST Software, avast! TDI RDR Driver)
0xBA338000 DozeHDD.sys 20480 bytes (Lenovo., Doze Mode Kernel Driver for HDD control)
0xBA4B0000 C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys 20480 bytes (Lenovo., ThinkPad Power Management Driver)
0xBA3F0000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xBA330000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xBA398000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xBA3B8000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel(R) mini-port/call-manager driver)
0xBA368000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xBA468000 C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys 20480 bytes (Lenovo Group Limited, ThinkPad Hotkey Driver)
0xBA458000 C:\WINDOWS\System32\drivers\Tppwrif.sys 20480 bytes
0xBA450000 C:\WINDOWS\System32\drivers\TSMAPIP.SYS 20480 bytes
0xBA3C0000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xBA4C0000 C:\WINDOWS\system32\DRIVERS\BATTC.SYS 16384 bytes (Microsoft Corporation, Battery Class Driver)
0xB9C72000 C:\WINDOWS\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0xB8E7F000 C:\WINDOWS\system32\DRIVERS\kbdhid.sys 16384 bytes (Microsoft Corporation, Filterdriver til HID-mus)
0xBA5A4000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xA8621000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xA8685000 C:\WINDOWS\system32\DRIVERS\s24trans.sys 16384 bytes (Intel Corporation, Intel WLAN Packet Driver)
0xBA4C4000 ACPIEC.sys 12288 bytes (Microsoft Corporation, Driver til ACPI-integreret-controller)
0xB910D000 C:\WINDOWS\System32\drivers\ANC.SYS 12288 bytes (IBM Corp., IBM Access Connections - ANC)
0xA864D000 C:\WINDOWS\System32\Drivers\aswFsBlk.SYS 12288 bytes (AVAST Software, avast! File System Access Blocking Driver)
0xBA4B8000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xBA4BC000 compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0xA8BEA000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xA8D23000 C:\WINDOWS\system32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xB9BF2000 C:\WINDOWS\system32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, Filterdriver til HID-mus)
0xB9BEA000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xBA5A0000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xB9BF6000 C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 12288 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0xBA5EA000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xBA5E6000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xBA600000 C:\WINDOWS\system32\Drivers\IBMBLDID.sys 8192 bytes
0xBA5A8000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xBA5EE000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xBA5B4000 C:\WINDOWS\System32\drivers\pmemnt.sys 8192 bytes (Microsoft Corporation, Physical Memory Driver)
0xBA5FC000 C:\WINDOWS\system32\Drivers\PROCEXP113.SYS 8192 bytes
0xBA5F2000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xBA604000 C:\Programmer\ThinkVantage Fingerprint Software\smihlp.sys 8192 bytes (UPEK Inc., SMI helper driver)
0xBA5FA000 C:\WINDOWS\system32\DRIVERS\smiif32.sys 8192 bytes (Lenovo Group Limited, SMI Driver for Lenovo system)
0xBA5D2000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xBA5BE000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xBA5AA000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xBA7E2000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xBA70B000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xBA6FB000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xBA671000 C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS 4096 bytes (Microsoft Corporation, ACPI Operation Registration Driver)
0xBA670000 pciide.sys 4096 bytes (Microsoft Corporation, PCI IDE-standarddriver)
==============================================
>Stealth
==============================================
0x049E0000 Hidden Image-->UIAutomationTypes.dll [ EPROCESS 0x8735F020 ] PID: 3084, 110592 bytes
0x042C0000 Hidden Image-->WindowsBase.dll [ EPROCESS 0x8735F020 ] PID: 3084, 1257472 bytes
0x03AD0000 Hidden Image-->PWMUICtl.DLL [ EPROCESS 0x8735F020 ] PID: 3084, 1449984 bytes
0x048F0000 Hidden Image-->System.Printing.dll [ EPROCESS 0x8735F020 ] PID: 3084, 364544 bytes
0x04400000 Hidden Image-->PresentationCore.dll [ EPROCESS 0x8735F020 ] PID: 3084, 4206592 bytes
0x04A00000 Hidden Image-->PresentationCFFRasterizer.dll [ EPROCESS 0x8735F020 ] PID: 3084, 45056 bytes
0x03A50000 Hidden Image-->msvcm80.dll [ EPROCESS 0x8735F020 ] PID: 3084, 507904 bytes
0x03DB0000 Hidden Image-->PresentationFramework.dll [ EPROCESS 0x8735F020 ] PID: 3084, 5287936 bytes
0x03C80000 Hidden Image-->System.ServiceProcess.resources.dll [ EPROCESS 0x87376BE8 ] PID: 2672, 53248 bytes
0x03A40000 Hidden Image-->UIAutomationProvider.dll [ EPROCESS 0x8735F020 ] PID: 3084, 53248 bytes
0x04950000 Hidden Image-->ReachFramework.dll [ EPROCESS 0x8735F020 ] PID: 3084, 536576 bytes
0x04C90000 Hidden Image-->PWMUIAux.resources.dll [ EPROCESS 0x8735F020 ] PID: 3084, 86016 bytes
0x04810000 Hidden Image-->PresentationUI.dll [ EPROCESS 0x8735F020 ] PID: 3084, 872448 bytes

Download Tdsskiller.zip på dit skrivebord og pak den ud i en mappe.

Kør TDSSKiller.exe -> Klik på "Start Scan"

Hvis en inficeret fil bliver fundet, vil "Default action" være Cure, klik på Continue
Hvis en mistænkelig fil opdages, vil "Default action" være Skip, klik på Continue

Genstart hvis den kræver det.

Hvis den genstarter kan du finde logfilen her :
C:\TDSSKiller.[Version]_[Dato]_[Tidspunkt]_log.txt.

Kopier den tekst herind I denne tråd.

Ingen fejl...

Jeg vil gerne se loggen!!

Der kom ingen log før, computeren genstartede ikke. To sek. Jeg prøver lige at køre den igen så.

2011/01/28 22:01:03.0203    TDSS rootkit removing tool 2.4.15.0 Jan 22 2011 19:37:53
2011/01/28 22:01:03.0203    ================================================================================
2011/01/28 22:01:03.0203    SystemInfo:
2011/01/28 22:01:03.0203   
2011/01/28 22:01:03.0203    OS Version: 5.1.2600 ServicePack: 3.0
2011/01/28 22:01:03.0203    Product type: Workstation
2011/01/28 22:01:03.0203    ComputerName: JACOBLAPTOP
2011/01/28 22:01:03.0203    UserName: Jacob
2011/01/28 22:01:03.0203    Windows directory: C:\WINDOWS
2011/01/28 22:01:03.0203    System windows directory: C:\WINDOWS
2011/01/28 22:01:03.0203    Processor architecture: Intel x86
2011/01/28 22:01:03.0203    Number of processors: 2
2011/01/28 22:01:03.0203    Page size: 0x1000
2011/01/28 22:01:03.0203    Boot type: Normal boot
2011/01/28 22:01:03.0203    ================================================================================
2011/01/28 22:01:03.0750    Initialize success
2011/01/28 22:01:14.0484    ================================================================================
2011/01/28 22:01:14.0484    Scan started
2011/01/28 22:01:14.0484    Mode: Manual;
2011/01/28 22:01:14.0484    ================================================================================
2011/01/28 22:01:15.0109    Aavmker4        (479c9835b91147be1a92cb76fad9c6de) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/01/28 22:01:15.0265    ACPI            (991b6d6fe2a4d70caf76c41334e60926) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/01/28 22:01:15.0375    ACPIEC          (6f99fe216de8c4875dbb12937620da0c) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/01/28 22:01:15.0453    ADIHdAudAddService (ca6d262e0e68da7ac1e2edb0a8324031) C:\WINDOWS\system32\drivers\ADIHdAud.sys
2011/01/28 22:01:15.0515    AEAudio        (b4afcc2f911939a1c16a26e7eba7f36b) C:\WINDOWS\system32\drivers\AEAudio.sys
2011/01/28 22:01:15.0562    aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/01/28 22:01:15.0687    AFD            (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/01/28 22:01:15.0812    ANC            (11ab185a7af224800bbfb5b836974a17) C:\WINDOWS\system32\drivers\ANC.SYS
2011/01/28 22:01:15.0843    Arp1394        (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/01/28 22:01:15.0953    aswFsBlk        (cba53c5e29ae0a0ce76f9a2be3a40d9e) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/01/28 22:01:16.0046    aswMon2        (a1c52b822b7b8a5c2162d38f579f97b7) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/01/28 22:01:16.0078    aswRdr          (b6e8c5874377a42756c282fac2e20836) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/01/28 22:01:16.0109    aswSP          (b93a553c9b0f14263c8f016a44c3258c) C:\WINDOWS\system32\drivers\aswSP.sys
2011/01/28 22:01:16.0140    aswTdi          (1408421505257846eb336feeef33352d) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/01/28 22:01:16.0187    AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/01/28 22:01:16.0281    atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/01/28 22:01:16.0343    Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/01/28 22:01:16.0406    atmeltpm        (dbf0d7e2df33b469eb55406fea759350) C:\WINDOWS\system32\DRIVERS\atmeltpm.sys
2011/01/28 22:01:16.0625    audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/01/28 22:01:16.0687    Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/01/28 22:01:16.0796    btaudio        (9e8cf88d340e32fcb3c53955b2df388f) C:\WINDOWS\system32\drivers\btaudio.sys
2011/01/28 22:01:16.0890    BTDriver        (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
2011/01/28 22:01:16.0968    BTKRNL          (cbe422be7a6a34557fae9e5734d577e2) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
2011/01/28 22:01:17.0125    BTWDNDIS        (485020a1e1fc5c51a800ca69c618d881) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
2011/01/28 22:01:17.0171    BTWUSB          (90078a07da643317d9de386d87cd7604) C:\WINDOWS\system32\Drivers\btwusb.sys
2011/01/28 22:01:17.0218    cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/01/28 22:01:17.0312    Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/01/28 22:01:17.0406    Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/01/28 22:01:17.0453    Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/01/28 22:01:17.0500    CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/01/28 22:01:17.0578    Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/01/28 22:01:17.0671    Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/01/28 22:01:17.0734    dmboot          (8a3088f97b2caa3340bbb068f314e596) C:\WINDOWS\system32\drivers\dmboot.sys
2011/01/28 22:01:17.0843    dmio            (6d152a2781ffbd6a63a1e58801240e8e) C:\WINDOWS\system32\drivers\dmio.sys
2011/01/28 22:01:17.0875    dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/01/28 22:01:17.0937    DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/01/28 22:01:18.0000    DozeHDD        (e00b3ce273b17aee1259c105df5524ca) C:\WINDOWS\system32\DRIVERS\DozeHDD.sys
2011/01/28 22:01:18.0093    drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/01/28 22:01:18.0156    e1express      (06d94f4543671b497a5f4a0aedd5e36a) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
2011/01/28 22:01:18.0250    ewusbnet        (13d0f39d356e70f0a5e80d7771382245) C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
2011/01/28 22:01:18.0296    Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/01/28 22:01:18.0421    Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/01/28 22:01:18.0453    Fips            (bb52a20854cf3e8e0474ee7167c7a3a5) C:\WINDOWS\system32\drivers\Fips.sys
2011/01/28 22:01:18.0468    Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/01/28 22:01:18.0531    FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/01/28 22:01:18.0562    Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/01/28 22:01:18.0625    Ftdisk          (0a58505b5d0aba661d2ff59cd8cf79b9) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/01/28 22:01:18.0734    GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/01/28 22:01:18.0796    Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/01/28 22:01:18.0890    HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/01/28 22:01:18.0968    HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/01/28 22:01:19.0093    HPZid412        (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/01/28 22:01:19.0156    HPZipr12        (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/01/28 22:01:19.0218    HPZius12        (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/01/28 22:01:19.0312    HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/01/28 22:01:19.0421    hwdatacard      (8adf5ef39e896a65beded878494ee2b6) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
2011/01/28 22:01:19.0500    hwusbfake      (9be5caeabc6b2eb98b3a4839a55d47a0) C:\WINDOWS\system32\DRIVERS\ewusbfake.sys
2011/01/28 22:01:19.0593    i8042prt        (42f890598efb480076558ca3cc151107) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/01/28 22:01:19.0718    ialm            (c5db546f9028cd00e64335091860d8f3) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/01/28 22:01:19.0890    iaStor          (01446278d4563b3013c92830ae6cbb26) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2011/01/28 22:01:19.0953    IBMPMDRV        (400d7095d5ae08970f839bcac1843106) C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
2011/01/28 22:01:20.0015    IBMTPCHK        (3a7dbe81ec5edb96a0a61c7d4af3198d) C:\WINDOWS\system32\Drivers\IBMBLDID.sys
2011/01/28 22:01:20.0140    Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/01/28 22:01:20.0250    intelppm        (d1cd31b6cd4a99f3b82aec84cfdd4cba) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/01/28 22:01:20.0296    Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/01/28 22:01:20.0343    IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/01/28 22:01:20.0359    IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/01/28 22:01:20.0406    IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/01/28 22:01:20.0656    IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/01/28 22:01:20.0765    IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/01/28 22:01:20.0843    isapnp          (3ce6ec5903c59223b61f6a0b9b84b022) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/01/28 22:01:20.0921    Kbdclass        (32e823dfd0a7f18cf3b024f78c7aa7dd) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/01/28 22:01:20.0984    kbdhid          (530d40f58095397b6b8aa5a0fdd074a5) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/01/28 22:01:21.0046    kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/01/28 22:01:21.0156    KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/01/28 22:01:21.0250    lenovo.smi      (3c3f7f424e324c6971632c5de5ff458f) C:\WINDOWS\system32\DRIVERS\smiif32.sys
2011/01/28 22:01:21.0343    mcdbus          (5fb43fe50aee92b2b7b34cf2563db2ac) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
2011/01/28 22:01:21.0468    mdvrmng        (4e10e84320a8ec1c12bd0d00973b22ab) C:\WINDOWS\system32\drivers\mdvrmng.sys
2011/01/28 22:01:21.0515    mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/01/28 22:01:21.0625    Modem          (67ac997db66fdfd07738df58b45cd1b9) C:\WINDOWS\system32\drivers\Modem.sys
2011/01/28 22:01:21.0718    Mouclass        (22774a2ab832972eca2ce227819f5af0) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/01/28 22:01:21.0765    mouhid          (39f0a46109b167707018e8889d5fec93) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/01/28 22:01:21.0859    MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/01/28 22:01:21.0953    MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/01/28 22:01:22.0015    MRxSmb          (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/01/28 22:01:22.0156    Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/01/28 22:01:22.0203    MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/01/28 22:01:22.0250    MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/01/28 22:01:22.0281    MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/01/28 22:01:22.0343    mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/01/28 22:01:22.0421    Mup            (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/01/28 22:01:22.0468    NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/01/28 22:01:22.0500    NdisTapi        (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/01/28 22:01:22.0531    Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/01/28 22:01:22.0609    NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/01/28 22:01:22.0671    NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/01/28 22:01:22.0750    NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/01/28 22:01:22.0796    NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/01/28 22:01:23.0125    NETw5x32        (e0e8dfcd98bdbe8468f0202a64541222) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
2011/01/28 22:01:23.0468    NIC1394        (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/01/28 22:01:23.0531    Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/01/28 22:01:23.0593    Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/01/28 22:01:23.0750    Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/01/28 22:01:23.0781    NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/01/28 22:01:23.0828    NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/01/28 22:01:23.0890    ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/01/28 22:01:24.0015    Parport        (9e048790f33fe5f4fa9d27b5650a1dd5) C:\WINDOWS\system32\drivers\Parport.sys
2011/01/28 22:01:24.0031    PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/01/28 22:01:24.0078    ParVdm          (48e97af5b876301131e9d1b0c43212c3) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/01/28 22:01:24.0140    PCI            (5d756da95bd1e2f6e495704715532fdc) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/01/28 22:01:24.0203    PCIIde          (69ce0d409c11347196147ea4c6c02364) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/01/28 22:01:24.0312    Pcmcia          (e980b6d0ca6acba679a0ac810ab9a57c) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/01/28 22:01:24.0531    pmem            (dedef40e1d05842639491365cb2c069e) C:\WINDOWS\System32\drivers\pmemnt.sys
2011/01/28 22:01:24.0578    PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/01/28 22:01:24.0625    PROCDD          (1d80309fed4babf8ea9e7b84a394348b) C:\WINDOWS\system32\DRIVERS\PROCDD.SYS
2011/01/28 22:01:24.0687    psadd          (f8a25f1dd8b2c332cbc663e3579566e7) C:\WINDOWS\system32\DRIVERS\psadd.sys
2011/01/28 22:01:24.0734    PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/01/28 22:01:24.0750    Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/01/28 22:01:24.0812    PxHelp20        (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/01/28 22:01:24.0921    RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/01/28 22:01:24.0984    Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/01/28 22:01:25.0031    RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/01/28 22:01:25.0078    Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/01/28 22:01:25.0125    Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/01/28 22:01:25.0156    RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/01/28 22:01:25.0218    RDPWD          (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/01/28 22:01:25.0328    redbook        (d2ea9dae9a9f1bf40c0ea1d1d7c5592c) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/01/28 22:01:25.0390    rimmptsk        (c2ef513bbe069f0d4ee0938a76f975d3) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
2011/01/28 22:01:25.0437    rimsptsk        (c398bca91216755b098679a8da8a2300) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
2011/01/28 22:01:25.0468    rismxdp        (2a2554cb24506e0a0508fc395c4a1b42) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
2011/01/28 22:01:25.0546    s24trans        (e7958e8acda7ca20127ef5f2235f25cc) C:\WINDOWS\system32\DRIVERS\s24trans.sys
2011/01/28 22:01:25.0671    SASDIFSV        (a3281aec37e0720a2bc28034c2df2a56) C:\Programmer\SUPERAntiSpyware\SASDIFSV.SYS
2011/01/28 22:01:25.0703    SASKUTIL        (61db0d0756a99506207fd724e3692b25) C:\Programmer\SUPERAntiSpyware\SASKUTIL.SYS
2011/01/28 22:01:25.0828    sdbus          (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/01/28 22:01:25.0875    Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/01/28 22:01:25.0906    Serial          (680ed46039ebd4c23eb708f1af6b9e5d) C:\WINDOWS\system32\drivers\Serial.sys
2011/01/28 22:01:25.0968    Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/01/28 22:01:26.0031    Shockprf        (486a1bd22dd66d0a8542ebb0cd792bdb) C:\WINDOWS\system32\DRIVERS\Apsx86.sys
2011/01/28 22:01:26.0218    smihlp          (0b9c01236d25bdcb37aa79dc59dfb7d3) C:\Programmer\ThinkVantage Fingerprint Software\smihlp.sys
2011/01/28 22:01:26.0312    splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/01/28 22:01:26.0421    sr              (b3ecb8b07f7991132c71c1b16a82ffe3) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/01/28 22:01:26.0500    Srv            (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/01/28 22:01:26.0578    swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/01/28 22:01:26.0625    swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/01/28 22:01:26.0859    SynTP          (0e8676fb3bb95aa40fdf7a4a31018c8b) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/01/28 22:01:27.0015    sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/01/28 22:01:27.0093    Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/01/28 22:01:27.0218    TcUsb          (64abea4001f8eb869385e65d85bc302b) C:\WINDOWS\system32\Drivers\tcusb.sys
2011/01/28 22:01:27.0265    TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/01/28 22:01:27.0296    TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/01/28 22:01:27.0343    TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/01/28 22:01:27.0468    TPDIGIMN        (20a439d6475d6fe1909159c0143d0466) C:\WINDOWS\system32\DRIVERS\ApsHM86.sys
2011/01/28 22:01:27.0546    TPHKDRV        (8aef2188630f5ecd79ad9abba630630b) C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys
2011/01/28 22:01:27.0593    TPPWRIF        (44672de6cea9569c21c4b7a8d2560750) C:\WINDOWS\system32\drivers\Tppwrif.sys
2011/01/28 22:01:27.0640    TSMAPIP        (f10f36e20448a5500a5f83f67ee4aad4) C:\WINDOWS\system32\drivers\TSMAPIP.SYS
2011/01/28 22:01:27.0812    tvtfilter      (49258a02a1e8d304ed88b0f1c56b1738) C:\WINDOWS\system32\DRIVERS\tvtfilter.sys
2011/01/28 22:01:27.0906    TVTI2C          (7e66dda1ef146bfc3a6e36e08e036602) C:\WINDOWS\system32\DRIVERS\Tvti2c.sys
2011/01/28 22:01:27.0953    tvtumon        (930b8b8ef659a714cf1c755928b8850c) C:\WINDOWS\system32\DRIVERS\tvtumon.sys
2011/01/28 22:01:28.0046    Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/01/28 22:01:28.0125    Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/01/28 22:01:28.0203    USBAAPL        (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/01/28 22:01:28.0265    usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/01/28 22:01:28.0359    usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/01/28 22:01:28.0390    usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/01/28 22:01:28.0468    usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/01/28 22:01:28.0531    usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/01/28 22:01:28.0625    USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/01/28 22:01:28.0671    usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/01/28 22:01:28.0750    VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/01/28 22:01:28.0812    VolSnap        (69d9e1de5f897580f8b1d1957528b0b2) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/01/28 22:01:28.0906    Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/01/28 22:01:28.0968    Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/01/28 22:01:29.0109    wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/01/28 22:01:29.0234    WmiAcpi        (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/01/28 22:01:29.0296    WS2IFSL        (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2011/01/28 22:01:29.0359    WSIMD          (21ac4f228f3d36876a42277c76a766c0) C:\WINDOWS\system32\DRIVERS\wsimd.sys
2011/01/28 22:01:29.0437    WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/01/28 22:01:29.0515    WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/01/28 22:01:29.0593    ================================================================================
2011/01/28 22:01:29.0593    Scan finished
2011/01/28 22:01:29.0593    ================================================================================

Hvis den ikke spørger om "Reboot" (genstart) så klik på "Report", kopier den tekst herind i tråden.

Vi skrev vist samtidig :)
Se ovenfor..

Bruger du en elle anden form for CD-emulation ?

Vil du godt finde C:\Qoobox\Add-Remove Programs.txt, og kopiere den herind.

------

Find og upload nedenstående hos Jotti eller Virustotal:

c:\windows\system32\sfcfiles.dll

Jotti - Virustotal

Kopier resultatet herind som link.

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Add-Remove Programs.txt
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

3Connect
Access-hjælp
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.1 - Dansk
AiO_Scan
Amos 18
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
Canon Easy-WebPrint EX
Canon MP Navigator EX 3.0
Canon MP550 series Brugerregistrering
Canon MP550 series MP Drivers
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CCleaner
Client Security - Password Manager
Definition update for Microsoft Office 2010 (KB982726)
Dropbox
GIMP 2.6.11
Glary Utilities 2.28.0.1011
Help Center
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
Hotfix til Windows XP (KB2158563)
Hotfix til Windows XP (KB2443685)
Hotfix til Windows XP (KB952287)
Hotfix til Windows XP (KB961118)
Hotfix til Windows XP (KB981793)
HP Image Zone 4.2
HP PSC & OfficeJet 4.2
Huawei modem
Intel(R) Graphics Media Accelerator Driver
Intel(R) Network Connections Drivers
ISI ResearchSoft - Export Helper
iTunes
Java Auto Updater
Java(TM) 6 Update 23
Java(TM) SE Runtime Environment 6
Junk Mail filter update
Lenovo Hard Drive Quick Test
Lenovo System Interface Driver
Lenovo ThinkVantage Toolbox
Lizardtech DjVu Control
MagicDisc 2.6.93
Maintenance Manager
Malwarebytes' Anti-Malware
Meddelelsescenter
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DAN
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DAN
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 Language Pack - dan
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Access MUI (Danish) 2010
Microsoft Office Excel MUI (Danish) 2010
Microsoft Office OneNote MUI (Danish) 2010
Microsoft Office Outlook MUI (Danish) 2010
Microsoft Office PowerPoint MUI (Danish) 2010
Microsoft Office Professionel 2010
Microsoft Office Proof (Danish) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Swedish) 2010
Microsoft Office Proofing (Danish) 2010
Microsoft Office Publisher MUI (Danish) 2010
Microsoft Office Shared MUI (Danish) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (Danish) 2010
Microsoft Silverlight
Microsoft Software Update for Web Folders  (Danish) 14
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.6.13)
MSVCRT
MSXML 4.0 SP2 (KB973688)
Opdatering til Microsoft Outlook Social Connector (KB2289116)
Opdatering til Windows Internet Explorer 8 (KB976662)
Opdatering til Windows Internet Explorer 8 (KB982664)
Opdatering til Windows XP (KB2141007)
Opdatering til Windows XP (KB2345886)
Opdatering til Windows XP (KB2467659)
Opdatering til Windows XP (KB898461)
Opdatering til Windows XP (KB951978)
Opdatering til Windows XP (KB955759)
Opdatering til Windows XP (KB967715)
Opdatering til Windows XP (KB968389)
Opdatering til Windows XP (KB971737)
Opdatering til Windows XP (KB973687)
Opdatering til Windows XP (KB973815)
Overførselsværktøj til Windows Live
PASW Statistics 18
PDF-Viewer
PDFCreator
pdfforge Toolbar v4.1
Præsentationsstyring
QFolder
QuickTime
Reference Manager 12 Professional Edition
Rescue and Recovery
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2289161)
Security Update for Microsoft Publisher 2010 (KB2409055)
Security Update for Microsoft Word 2010 (KB2345000)
Security Update for Windows Search 4 - KB963093
Segoe UI
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB2183461)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB2360131)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB2416400)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB971961)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB981332)
Sikkerhedsopdatering til Windows Internet Explorer 8 (KB982381)
Sikkerhedsopdatering til Windows Media Player (KB2378111)
Sikkerhedsopdatering til Windows Media Player (KB954155)
Sikkerhedsopdatering til Windows Media Player (KB973540)
Sikkerhedsopdatering til Windows Media Player (KB975558)
Sikkerhedsopdatering til Windows Media Player (KB978695)
Sikkerhedsopdatering til Windows XP (KB2079403)
Sikkerhedsopdatering til Windows XP (KB2115168)
Sikkerhedsopdatering til Windows XP (KB2121546)
Sikkerhedsopdatering til Windows XP (KB2160329)
Sikkerhedsopdatering til Windows XP (KB2183461)
Sikkerhedsopdatering til Windows XP (KB2229593)
Sikkerhedsopdatering til Windows XP (KB2259922)
Sikkerhedsopdatering til Windows XP (KB2279986)
Sikkerhedsopdatering til Windows XP (KB2286198)
Sikkerhedsopdatering til Windows XP (KB2296011)
Sikkerhedsopdatering til Windows XP (KB2296199)
Sikkerhedsopdatering til Windows XP (KB2347290)
Sikkerhedsopdatering til Windows XP (KB2360937)
Sikkerhedsopdatering til Windows XP (KB2387149)
Sikkerhedsopdatering til Windows XP (KB2419632)
Sikkerhedsopdatering til Windows XP (KB2423089)
Sikkerhedsopdatering til Windows XP (KB2436673)
Sikkerhedsopdatering til Windows XP (KB2440591)
Sikkerhedsopdatering til Windows XP (KB2443105)
Sikkerhedsopdatering til Windows XP (KB923561)
Sikkerhedsopdatering til Windows XP (KB923789)
Sikkerhedsopdatering til Windows XP (KB950760)
Sikkerhedsopdatering til Windows XP (KB950762)
Sikkerhedsopdatering til Windows XP (KB950974)
Sikkerhedsopdatering til Windows XP (KB951376-v2)
Sikkerhedsopdatering til Windows XP (KB951748)
Sikkerhedsopdatering til Windows XP (KB952004)
Sikkerhedsopdatering til Windows XP (KB952954)
Sikkerhedsopdatering til Windows XP (KB954459)
Sikkerhedsopdatering til Windows XP (KB956572)
Sikkerhedsopdatering til Windows XP (KB956744)
Sikkerhedsopdatering til Windows XP (KB956802)
Sikkerhedsopdatering til Windows XP (KB956803)
Sikkerhedsopdatering til Windows XP (KB956844)
Sikkerhedsopdatering til Windows XP (KB958644)
Sikkerhedsopdatering til Windows XP (KB958869)
Sikkerhedsopdatering til Windows XP (KB959426)
Sikkerhedsopdatering til Windows XP (KB960803)
Sikkerhedsopdatering til Windows XP (KB960859)
Sikkerhedsopdatering til Windows XP (KB961501)
Sikkerhedsopdatering til Windows XP (KB969059)
Sikkerhedsopdatering til Windows XP (KB970238)
Sikkerhedsopdatering til Windows XP (KB970430)
Sikkerhedsopdatering til Windows XP (KB971657)
Sikkerhedsopdatering til Windows XP (KB971961)
Sikkerhedsopdatering til Windows XP (KB972270)
Sikkerhedsopdatering til Windows XP (KB973507)
Sikkerhedsopdatering til Windows XP (KB973869)
Sikkerhedsopdatering til Windows XP (KB973904)
Sikkerhedsopdatering til Windows XP (KB974112)
Sikkerhedsopdatering til Windows XP (KB974318)
Sikkerhedsopdatering til Windows XP (KB974392)
Sikkerhedsopdatering til Windows XP (KB974571)
Sikkerhedsopdatering til Windows XP (KB975467)
Sikkerhedsopdatering til Windows XP (KB975560)
Sikkerhedsopdatering til Windows XP (KB975562)
Sikkerhedsopdatering til Windows XP (KB975713)
Sikkerhedsopdatering til Windows XP (KB977816)
Sikkerhedsopdatering til Windows XP (KB977914)
Sikkerhedsopdatering til Windows XP (KB978037)
Sikkerhedsopdatering til Windows XP (KB978338)
Sikkerhedsopdatering til Windows XP (KB978542)
Sikkerhedsopdatering til Windows XP (KB978601)
Sikkerhedsopdatering til Windows XP (KB978706)
Sikkerhedsopdatering til Windows XP (KB979309)
Sikkerhedsopdatering til Windows XP (KB979482)
Sikkerhedsopdatering til Windows XP (KB979687)
Sikkerhedsopdatering til Windows XP (KB980195)
Sikkerhedsopdatering til Windows XP (KB980218)
Sikkerhedsopdatering til Windows XP (KB980232)
Sikkerhedsopdatering til Windows XP (KB980436)
Sikkerhedsopdatering til Windows XP (KB981322)
Sikkerhedsopdatering til Windows XP (KB981349)
Sikkerhedsopdatering til Windows XP (KB981852)
Sikkerhedsopdatering til Windows XP (KB981957)
Sikkerhedsopdatering til Windows XP (KB982132)
Sikkerhedsopdatering til Windows XP (KB982214)
Sikkerhedsopdatering til Windows XP (KB982665)
Sikkerhedsopdatering til Windows XP (KB982802)
SoundMAX
Spad 7.0
Sprogpakke til Microsoft .NET Framework 3.5 - dansk
Startup Delayer v2.5 (build 138)
STATISTICA 8.0.360.0 English
SUPERAntiSpyware
System Update
ThinkPad-strømstyring
ThinkPad 11a/b/g/n Wireless LAN Mini-PCI Express Adapter
ThinkPad Bluetooth with Enhanced Data Rate Software
ThinkPad EasyEject-funktioner
ThinkPad FullScreen Magnifier
ThinkPad Hotkey Features Integration Setup
ThinkPad Keyboard Customizer
ThinkPad Power Management Driver
ThinkPad Ultranav-funktioner
ThinkPad UltraNav Driver
ThinkVantage Access Connections
ThinkVantage Active Protection System
ThinkVantage Fingerprint Software
ThinkVantage Productivity Center
Tilmeldingsassistent til Windows Live
Total Commander (Remove or Repair)
TuneUp Utilities Language Pack (en-US)
Unknown Device Identifier 7.00
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft OneNote 2010 (KB2433299)
Update for Microsoft Outlook Social Connector (KB2289116)
Update for Windows XP (KB953356)
Vis på skærm
VLC media player 1.1.4
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
WinRAR archiver
XLSTAT 2011
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0

xxxxxxxxxxxxxxxxxxxxxxxxxxx
Link til Jotti scan:
xxxxxxxxxxxxxxxxxxxxxxxxxxx

http://virusscan.jotti.org/en/scanresult/5b04060d3a2fd803ff4c284ce0d2372296df9cc5

Mht #39, så har jeg vist stadig Magic disc installeret efter at have installeret et statistikbehandlingsprogram fra Uni - i stedet for at de skal brænde cd'er hele tiden, henter man en iso-fil på intranettet.

Skal jeg fjerne Magic disc?

1. Hent Defogger og gem programmet på dit Skrivebord:

http://www.jpshortstuff.247fixes.com/Defogger.exe

2. Dobbeltklik på Defogger.exe - et vindue vil åbne sig - klik på "Disable" og klik "Yes" for at fortsætte. Nu vil programmet deaktivere dit CD-emulations program og afslutte med "Finished!" - klik "OK". NB - efter rensning vil vi aktivere dit CD-emulations program igen; ingen grund til bekymring.

3. Defogger vil nu genstarte din computer - klik OK.

------

Prøv så at køre #30 igen - dog uden at køre #18

Computeren genstartede ikke efter finish. Skal jeg gøre det manuelt? Eller er det fint nok at fortsætte til #30?

Defogger log:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:35 on 29/01/2011 (Jacob)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Hmm... Jeg er ikke sikker på, at Magic disc overhovedet kørte før? Jeg brugte det kun, da jeg installerede statistik-programmet.
Jeg har kun et fysisk cd-drev i computeren, men i "Denne Computer" optræder stadig 2 drev:
DVD-ram-drev (D:)
DVD-drev (E:)

P.s. Jeg har en partition med ubuntu også (dualboot). Jeg ved ikke, om det kan være det?

Nå, nu har jeg fjernet Magicdisc og kørt #30 igen. Her er loggen:

RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #2
==============================================
>Drivers
==============================================
0xB9352000 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys 6602752 bytes (Intel Corporation, Intel® Wireless WiFi Link Driver)
0xBF2E9000 C:\WINDOWS\System32\igxpdx32.DLL 3837952 bytes (Intel Corporation, DirectDraw(R) Driver for Intel(R) Graphics Technology)
0xBF059000 C:\WINDOWS\System32\igxpdv32.DLL 2686976 bytes (Intel Corporation, Component GHAL Driver)
0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2154496 bytes (Microsoft Corporation, NT-kerne og -system)
0x804D7000 PnpManager 2154496 bytes
0x804D7000 RAW 2154496 bytes
0x804D7000 WMIxWDM 2154496 bytes
0xBF800000 Win32k 1855488 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1855488 bytes (Microsoft Corporation, Win32-flerbrugerdriver)
0xB9A3B000 C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 1732608 bytes (Intel Corporation, Intel Graphics Miniport Driver)
0xB918A000 C:\WINDOWS\system32\DRIVERS\SynTP.sys 1298432 bytes (Synaptics Incorporated, Synaptics Touchpad Driver)
0xB8FDD000 C:\WINDOWS\system32\DRIVERS\btkrnl.sys 987136 bytes (Broadcom Corporation., Bluetooth Bus Enumerator)
0xA8791000 C:\WINDOWS\System32\Drivers\dump_iaStor.sys 892928 bytes
0xB9E39000 iaStor.sys 892928 bytes (Intel Corporation, Intel Matrix Storage Manager driver - ia32)
0xB9D63000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xA886B000 C:\WINDOWS\system32\drivers\btaudio.sys 528384 bytes (Broadcom Corporation., Bluetooth Audio Device)
0xB9119000 C:\WINDOWS\System32\Drivers\wdf01000.sys 462848 bytes (Microsoft Corporation, Kernel Mode Driver Framework Runtime)
0xA89E9000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xB8E87000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xA8BFE000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xA7D91000 C:\WINDOWS\system32\DRIVERS\srv.sys 360448 bytes (Microsoft Corporation, Server driver)
0xB92C7000 C:\WINDOWS\system32\DRIVERS\rixdptsk.sys 335872 bytes (REDC, RICOH XD SM Driver)
0xA8CC8000 C:\WINDOWS\system32\drivers\ADIHdAud.sys 323584 bytes (Analog Devices, Inc., High Definition Audio Function Driver)
0xA8982000 C:\WINDOWS\System32\Drivers\aswSP.SYS 290816 bytes (AVAST Software, avast! self protection module)
0xBFFA0000 C:\WINDOWS\System32\ATMFD.DLL 290816 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xA6B8D000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xB99EA000 C:\WINDOWS\system32\DRIVERS\e1e5132.sys 249856 bytes (Intel Corporation, Intel(R) PRO/1000 Adapter NDIS 5.2 deserialized driver)
0xBF024000 C:\WINDOWS\System32\igxpgd32.dll 217088 bytes (Intel Corporation, Intel Graphics 2D Driver)
0xB9F79000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI-driver til NT)
0xA8019000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xB9D36000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xA4C85000 C:\WINDOWS\system32\drivers\kmixer.sys 176128 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
0xA8A59000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xB999E000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 163840 bytes (Windows (R) Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
0xA8AE8000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xA8BB0000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xA8CA4000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xB99C6000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xB90CE000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xA8AC6000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0xA8A84000 C:\Programmer\SUPERAntiSpyware\SASKUTIL.SYS 139264 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASKUTIL.SYS)
0x806E5000 ACPI_HAL 134400 bytes
0x806E5000 C:\WINDOWS\system32\hal.dll 134400 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xB9D16000 Apsx86.sys 131072 bytes (Lenovo., Shockproof Disk Driver)
0xB9E19000 fltMgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xB9F2B000 ftdisk.sys 126976 bytes (Microsoft Corporation, Diskdriver til FT)
0xA88EC000 C:\WINDOWS\system32\DRIVERS\btwdndis.sys 122880 bytes (Broadcom Corporation., Bluetooth LAN Access Server Driver)
0xB9F4A000 pcmcia.sys 122880 bytes (Microsoft Corporation, Driver til PCMCIA-bus)
0xA8C8A000 C:\WINDOWS\system32\drivers\AEAudio.sys 106496 bytes (Andrea Electronics Corporation, Audio Noise Filtering Driver (32-bit))
0xB9CFC000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xB9F13000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xB8EE5000 C:\WINDOWS\system32\DRIVERS\SCSIPORT.SYS 98304 bytes (Microsoft Corporation, SCSI Port Driver)
0xA82EE000 C:\WINDOWS\System32\Drivers\aswMon2.SYS 94208 bytes (AVAST Software, avast! File System Filter Driver for Windows XP)
0xB9DF0000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xB8FC6000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xA6F74000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xA84E5000 C:\WINDOWS\system32\drivers\mdvrmng.sys 81920 bytes (-, SmartRoaming Client)
0xB9319000 C:\WINDOWS\system32\DRIVERS\rimsptsk.sys 81920 bytes (REDC, RICOH MS Driver)
0xB933E000 C:\WINDOWS\system32\DRIVERS\sdbus.sys 81920 bytes (Microsoft Corporation, SecureDigital Bus Driver)
0xB9A27000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xA8C57000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xBF012000 C:\WINDOWS\System32\igxprd32.dll 73728 bytes (Intel Corporation, Intel Graphics 2D Rotation Driver)
0xB9E07000 sr.sys 73728 bytes (Microsoft Corporation, Filsystemfilterdriver til Systemgendannelse)
0xB9F68000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI-optælling)
0xB8FB5000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xB932D000 C:\WINDOWS\system32\DRIVERS\rimmptsk.sys 69632 bytes (REDC, RICOH SD Driver)
0xB8F55000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xBA2D8000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xBA298000 C:\WINDOWS\system32\DRIVERS\nic1394.sys 65536 bytes (Microsoft Corporation, IEEE1394 Ndis Miniport and Call Manager)
0xBA0B8000 ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xBA248000 C:\WINDOWS\system32\DRIVERS\arp1394.sys 61440 bytes (Microsoft Corporation, IP/1394 Arp Client)
0xBA1E8000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xBA2E8000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Filterdriver til Redbook-lyd)
0xA7801000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xBA218000 C:\WINDOWS\system32\DRIVERS\tvtumon.sys 61440 bytes (Lenovo, Windows Update Monitor Driver)
0xBA1D8000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xBA188000 C:\WINDOWS\system32\DRIVERS\wsimd.sys 61440 bytes (Atheros Communications, Inc., Wireless Intermediate Miniport Driver)
0xBA0C8000 C:\WINDOWS\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xBA0E8000 VolSnap.sys 57344 bytes (Microsoft Corporation, Driver til tjenesten Volume Snapshot)
0xBA2B8000 C:\WINDOWS\system32\DRIVERS\WDFLDR.SYS 57344 bytes (Microsoft Corporation, Kernel Mode Driver Framework Loader)
0xBA108000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xBA2A8000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, Driver til i8042-port)
0xBA2F8000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xBA318000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xBA268000 C:\WINDOWS\System32\Drivers\btwusb.sys 45056 bytes (Broadcom Corporation., Driver for Bluetooth USB Devices)
0xB8FA5000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, Driver til FIPS Crypto)
0xBA2C8000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xBA0D8000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xBA308000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xBA278000 C:\WINDOWS\System32\Drivers\tcusb.sys 45056 bytes (UPEK Inc., TouchChip USB Kernel Driver)
0xBA228000 C:\WINDOWS\System32\Drivers\aswTdi.SYS 40960 bytes (AVAST Software, avast! TDI Filter Driver)
0xBA288000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 40960 bytes (Microsoft Corporation, Processorenhedsdriver)
0xBA0A8000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA-busdriver)
0xBA1A8000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xBA158000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xBA128000 ApsHM86.sys 36864 bytes (Lenovo., ThinkVantage Active Protection System HID Digitizer Activity Monitor Driver)
0xBA0F8000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xB8F45000 C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xBA148000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xBA258000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xA4CD0000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xBA118000 PxHelp20.sys 36864 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xA86F9000 C:\WINDOWS\system32\DRIVERS\tvtfilter.sys 36864 bytes (Lenovo, Rescue and Recovery filter driver)
0xBA238000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xBA4A0000 C:\WINDOWS\system32\DRIVERS\atmeltpm.sys 32768 bytes (Atmel, Inc., Atmel TPM Driver)
0xBA358000 C:\WINDOWS\system32\DRIVERS\btport.sys 32768 bytes (Broadcom Corporation., Bluetooth BTPORT Driver for Windows 2000)
0xBA400000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xBA420000 C:\WINDOWS\system32\DRIVERS\Tvti2c.sys 32768 bytes (Lenovo (United States) Inc., SMBUS Driver)
0xBA378000 C:\WINDOWS\system32\DRIVERS\usbccgp.sys 32768 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0xBA3A0000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xBA3C8000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xBA3D8000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 28672 bytes (Microsoft Corporation, Klassedriver til tastatur)
0xBA328000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xBA4A8000 C:\WINDOWS\system32\DRIVERS\PROCDD.SYS 28672 bytes (Lenovo Group Limited, IPS Helper Driver)
0xBA360000 C:\WINDOWS\System32\Drivers\Aavmker4.SYS 24576 bytes (AVAST Software, avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP)
0xBA3B0000 C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0xBA498000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Klassedriver til mus)
0xBA408000 C:\WINDOWS\system32\DRIVERS\psadd.sys 24576 bytes (Lenovo (United States) Inc., SMBIOS Driver)
0xBA490000 C:\Programmer\SUPERAntiSpyware\SASDIFSV.SYS 24576 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASDIFSV.SYS)
0xBA370000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xBA3E0000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xBA418000 C:\WINDOWS\System32\Drivers\aswRdr.SYS 20480 bytes (AVAST Software, avast! TDI RDR Driver)
0xBA338000 DozeHDD.sys 20480 bytes (Lenovo., Doze Mode Kernel Driver for HDD control)
0xBA4B0000 C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys 20480 bytes (Lenovo., ThinkPad Power Management Driver)
0xBA3F0000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xBA330000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xBA398000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xBA3B8000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel(R) mini-port/call-manager driver)
0xBA368000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xBA468000 C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys 20480 bytes (Lenovo Group Limited, ThinkPad Hotkey Driver)
0xBA458000 C:\WINDOWS\System32\drivers\Tppwrif.sys 20480 bytes
0xBA450000 C:\WINDOWS\System32\drivers\TSMAPIP.SYS 20480 bytes
0xA892A000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xBA4C0000 C:\WINDOWS\system32\DRIVERS\BATTC.SYS 16384 bytes (Microsoft Corporation, Battery Class Driver)
0xB9C72000 C:\WINDOWS\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0xA8BDA000 C:\WINDOWS\system32\DRIVERS\kbdhid.sys 16384 bytes (Microsoft Corporation, Filterdriver til HID-mus)
0xBA5A4000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xA8555000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xA8625000 C:\WINDOWS\system32\DRIVERS\s24trans.sys 16384 bytes (Intel Corporation, Intel WLAN Packet Driver)
0xBA4C4000 ACPIEC.sys 12288 bytes (Microsoft Corporation, Driver til ACPI-integreret-controller)
0xA8D1B000 C:\WINDOWS\System32\drivers\ANC.SYS 12288 bytes (IBM Corp., IBM Access Connections - ANC)
0xA865D000 C:\WINDOWS\System32\Drivers\aswFsBlk.SYS 12288 bytes (AVAST Software, avast! File System Access Blocking Driver)
0xBA4B8000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xBA4BC000 compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0xA8D37000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xA8BF6000 C:\WINDOWS\system32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xA8BE2000 C:\WINDOWS\system32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, Filterdriver til HID-mus)
0xB9BEA000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xB8E83000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xB9BF6000 C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 12288 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0xBA5F2000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xBA5EE000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xBA60A000 C:\WINDOWS\system32\Drivers\IBMBLDID.sys 8192 bytes
0xBA5A8000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xBA5F6000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xBA648000 C:\WINDOWS\System32\drivers\pmemnt.sys 8192 bytes (Microsoft Corporation, Physical Memory Driver)
0xBA5FA000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xBA62C000 C:\Programmer\ThinkVantage Fingerprint Software\smihlp.sys 8192 bytes (UPEK Inc., SMI helper driver)
0xBA604000 C:\WINDOWS\system32\DRIVERS\smiif32.sys 8192 bytes (Lenovo Group Limited, SMI Driver for Lenovo system)
0xBA5D2000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xBA5BE000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xBA5AA000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xBA7EF000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xBA742000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xBA722000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xBA671000 C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS 4096 bytes (Microsoft Corporation, ACPI Operation Registration Driver)
0xBA670000 pciide.sys 4096 bytes (Microsoft Corporation, PCI IDE-standarddriver)
==============================================
>Stealth
==============================================
0x04A20000 Hidden Image-->UIAutomationTypes.dll [ EPROCESS 0x872CD358 ] PID: 4048, 110592 bytes
0x04300000 Hidden Image-->WindowsBase.dll [ EPROCESS 0x872CD358 ] PID: 4048, 1257472 bytes
0x03B10000 Hidden Image-->PWMUICtl.DLL [ EPROCESS 0x872CD358 ] PID: 4048, 1449984 bytes
0x04930000 Hidden Image-->System.Printing.dll [ EPROCESS 0x872CD358 ] PID: 4048, 364544 bytes
0x04440000 Hidden Image-->PresentationCore.dll [ EPROCESS 0x872CD358 ] PID: 4048, 4206592 bytes
0x04A40000 Hidden Image-->PresentationCFFRasterizer.dll [ EPROCESS 0x872CD358 ] PID: 4048, 45056 bytes
0x03A90000 Hidden Image-->msvcm80.dll [ EPROCESS 0x872CD358 ] PID: 4048, 507904 bytes
0x03DF0000 Hidden Image-->PresentationFramework.dll [ EPROCESS 0x872CD358 ] PID: 4048, 5287936 bytes
0x03C80000 Hidden Image-->System.ServiceProcess.resources.dll [ EPROCESS 0x8732D5B0 ] PID: 2528, 53248 bytes
0x03A80000 Hidden Image-->UIAutomationProvider.dll [ EPROCESS 0x872CD358 ] PID: 4048, 53248 bytes
0x04990000 Hidden Image-->ReachFramework.dll [ EPROCESS 0x872CD358 ] PID: 4048, 536576 bytes
0x04D10000 Hidden Image-->PWMUIAux.resources.dll [ EPROCESS 0x872CD358 ] PID: 4048, 86016 bytes
0x04850000 Hidden Image-->PresentationUI.dll [ EPROCESS 0x872CD358 ] PID: 4048, 872448 bytes

Det tror jeg det er, men jeg vil gerne lige se resultatet af denne. Den laver intet om, så du skal ikke være nervøs.

Hent MBRCheck.exe
http://ad13.geekstogo.com/MBRCheck.exe

Hvis Programmet finder en ukendt MBR, vil du få en række valgmuligheder.
Tryk N og derfter "ENTER" for at lukke Programmet.

Den vil lave en log på dit Skrivebord, "MBRCheck_mm.dd.yy_hh.mm.ss.txt"
Kopier denne log herind.

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:           
Windows Version:        Windows XP Home Edition
Windows Information:        Service Pack 3 (build 2600)
Logical Drives Mask:        0x0000000c

Kernel Drivers (total 164):
  0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
  0x806E5000 \WINDOWS\system32\hal.dll
  0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
  0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
  0xB9F79000 ACPI.sys
  0xBA5AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
  0xB9F68000 pci.sys
  0xBA0A8000 isapnp.sys
  0xBA0B8000 ohci1394.sys
  0xBA0C8000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
  0xBA4BC000 compbatt.sys
  0xBA4C0000 \WINDOWS\system32\DRIVERS\BATTC.SYS
  0xBA670000 pciide.sys
  0xBA328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
  0xB9F4A000 pcmcia.sys
  0xBA0D8000 MountMgr.sys
  0xB9F2B000 ftdisk.sys
  0xBA330000 PartMgr.sys
  0xBA4C4000 ACPIEC.sys
  0xBA671000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
  0xBA0E8000 VolSnap.sys
  0xB9F13000 atapi.sys
  0xB9E39000 iaStor.sys
  0xBA0F8000 disk.sys
  0xBA108000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
  0xB9E19000 fltMgr.sys
  0xB9E07000 sr.sys
  0xBA118000 PxHelp20.sys
  0xB9DF0000 KSecDD.sys
  0xBA338000 DozeHDD.sys
  0xB9D63000 Ntfs.sys
  0xB9D36000 NDIS.sys
  0xB9D16000 Apsx86.sys
  0xBA128000 ApsHM86.sys
  0xB9CFC000 Mup.sys
  0xBA288000 \SystemRoot\system32\DRIVERS\intelppm.sys
  0xB9A3B000 \SystemRoot\system32\DRIVERS\igxpmp32.sys
  0xB9A27000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
  0xB99EA000 \SystemRoot\system32\DRIVERS\e1e5132.sys
  0xBA370000 \SystemRoot\system32\DRIVERS\usbuhci.sys
  0xB99C6000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0xBA3A0000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0xB999E000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
  0xB9352000 \SystemRoot\system32\DRIVERS\NETw5x32.sys
  0xBA298000 \SystemRoot\system32\DRIVERS\nic1394.sys
  0xB933E000 \SystemRoot\system32\DRIVERS\sdbus.sys
  0xB932D000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
  0xB9319000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
  0xB92C7000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
  0xBA2A8000 \SystemRoot\system32\DRIVERS\i8042prt.sys
  0xBA3D8000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0xB918A000 \SystemRoot\system32\DRIVERS\SynTP.sys
  0xBA5BE000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0xBA2B8000 \SystemRoot\system32\DRIVERS\WDFLDR.SYS
  0xB9119000 \SystemRoot\System32\Drivers\wdf01000.sys
  0xBA498000 \SystemRoot\system32\DRIVERS\mouclass.sys
  0xBA4A0000 \SystemRoot\system32\DRIVERS\atmeltpm.sys
  0xB9C72000 \SystemRoot\system32\DRIVERS\CmBatt.sys
  0xBA4B0000 \SystemRoot\system32\DRIVERS\ibmpmdrv.sys
  0xBA2C8000 \SystemRoot\system32\DRIVERS\imapi.sys
  0xBA2D8000 \SystemRoot\system32\DRIVERS\cdrom.sys
  0xBA2E8000 \SystemRoot\system32\DRIVERS\redbook.sys
  0xB90CE000 \SystemRoot\system32\DRIVERS\ks.sys
  0xBA3B0000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  0xB9BF6000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
  0xB8FDD000 \SystemRoot\system32\DRIVERS\btkrnl.sys
  0xBA7EF000 \SystemRoot\system32\DRIVERS\audstub.sys
  0xBA2F8000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0xB9BEA000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0xB8FC6000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0xBA308000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0xBA318000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0xBA368000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0xB8FB5000 \SystemRoot\system32\DRIVERS\psched.sys
  0xBA148000 \SystemRoot\system32\DRIVERS\msgpc.sys
  0xBA398000 \SystemRoot\system32\DRIVERS\ptilink.sys
  0xBA3B8000 \SystemRoot\system32\DRIVERS\raspti.sys
  0xBA158000 \SystemRoot\system32\DRIVERS\termdd.sys
  0xB8EE5000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
  0xBA408000 \SystemRoot\system32\DRIVERS\psadd.sys
  0xBA420000 \SystemRoot\system32\DRIVERS\Tvti2c.sys
  0xBA5D2000 \SystemRoot\system32\DRIVERS\swenum.sys
  0xB8E87000 \SystemRoot\system32\DRIVERS\update.sys
  0xBA5A4000 \SystemRoot\system32\DRIVERS\mssmbios.sys
  0xBA188000 \SystemRoot\system32\DRIVERS\wsimd.sys
  0xBA358000 \SystemRoot\system32\DRIVERS\btport.sys
  0xBA1A8000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0xBA1D8000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0xA8CC8000 \SystemRoot\system32\drivers\ADIHdAud.sys
  0xA8CA4000 \SystemRoot\system32\drivers\portcls.sys
  0xBA1E8000 \SystemRoot\system32\drivers\drmk.sys
  0xA8C8A000 \SystemRoot\system32\drivers\AEAudio.sys
  0xBA218000 \SystemRoot\system32\DRIVERS\tvtumon.sys
  0xBA5EE000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
  0xBA722000 \SystemRoot\System32\Drivers\Null.SYS
  0xBA5F2000 \SystemRoot\System32\Drivers\Beep.SYS
  0xBA3C8000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
  0xBA3E0000 \SystemRoot\System32\drivers\vga.sys
  0xBA5F6000 \SystemRoot\System32\Drivers\mnmdd.SYS
  0xBA5FA000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0xBA3F0000 \SystemRoot\System32\Drivers\Msfs.SYS
  0xBA400000 \SystemRoot\System32\Drivers\Npfs.SYS
  0xB8E83000 \SystemRoot\system32\DRIVERS\rasacd.sys
  0xA8C57000 \SystemRoot\system32\DRIVERS\ipsec.sys
  0xA8BFE000 \SystemRoot\system32\DRIVERS\tcpip.sys
  0xBA228000 \SystemRoot\System32\Drivers\aswTdi.SYS
  0xA8BB0000 \SystemRoot\system32\DRIVERS\ipnat.sys
  0xBA238000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0xA8AE8000 \SystemRoot\system32\DRIVERS\netbt.sys
  0xBA248000 \SystemRoot\system32\DRIVERS\arp1394.sys
  0xBA418000 \SystemRoot\System32\Drivers\aswRdr.SYS
  0xA8AC6000 \SystemRoot\System32\drivers\afd.sys
  0xBA258000 \SystemRoot\system32\DRIVERS\netbios.sys
  0xBA450000 \SystemRoot\System32\drivers\TSMAPIP.SYS
  0xBA458000 \SystemRoot\System32\drivers\Tppwrif.sys
  0xBA468000 \SystemRoot\system32\DRIVERS\TPHKDRV.sys
  0xA8A84000 \??\C:\Programmer\SUPERAntiSpyware\SASKUTIL.SYS
  0xBA490000 \??\C:\Programmer\SUPERAntiSpyware\SASDIFSV.SYS
  0xA8A59000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0xA89E9000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0xBA268000 \SystemRoot\System32\Drivers\btwusb.sys
  0xBA604000 \SystemRoot\system32\DRIVERS\smiif32.sys
  0xBA60A000 \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys
  0xBA278000 \SystemRoot\System32\Drivers\tcusb.sys
  0xB8FA5000 \SystemRoot\System32\Drivers\Fips.SYS
  0xA8982000 \SystemRoot\System32\Drivers\aswSP.SYS
  0xA8D1B000 \SystemRoot\System32\drivers\ANC.SYS
  0xBA360000 \SystemRoot\System32\Drivers\Aavmker4.SYS
  0xBA378000 \SystemRoot\system32\DRIVERS\usbccgp.sys
  0xA88EC000 \SystemRoot\system32\DRIVERS\btwdndis.sys
  0xA886B000 \SystemRoot\system32\drivers\btaudio.sys
  0xB8F55000 \SystemRoot\System32\Drivers\Cdfs.SYS
  0xA8BF6000 \SystemRoot\system32\DRIVERS\hidusb.sys
  0xB8F45000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
  0xA8BE2000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0xA8BDA000 \SystemRoot\system32\DRIVERS\kbdhid.sys
  0xA8791000 \SystemRoot\System32\Drivers\dump_iaStor.sys
  0xBF800000 \SystemRoot\System32\win32k.sys
  0xA8D37000 \SystemRoot\System32\drivers\Dxapi.sys
  0xA892A000 \SystemRoot\System32\watchdog.sys
  0xBF000000 \SystemRoot\System32\drivers\dxg.sys
  0xBA742000 \SystemRoot\System32\drivers\dxgthk.sys
  0xBF024000 \SystemRoot\System32\igxpgd32.dll
  0xBF012000 \SystemRoot\System32\igxprd32.dll
  0xBF059000 \SystemRoot\System32\igxpdv32.DLL
  0xBF2E9000 \SystemRoot\System32\igxpdx32.DLL
  0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
  0xA865D000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
  0xA86F9000 \SystemRoot\system32\DRIVERS\tvtfilter.sys
  0xBA62C000 \??\C:\Programmer\ThinkVantage Fingerprint Software\smihlp.sys
  0xA84E5000 \??\C:\WINDOWS\system32\drivers\mdvrmng.sys
  0xA8555000 \SystemRoot\system32\DRIVERS\ndisuio.sys
  0xA8625000 \SystemRoot\system32\DRIVERS\s24trans.sys
  0xA82EE000 \SystemRoot\System32\Drivers\aswMon2.SYS
  0xA8019000 \SystemRoot\system32\DRIVERS\mrxdav.sys
  0xBA4A8000 \SystemRoot\system32\DRIVERS\PROCDD.SYS
  0xA7D91000 \SystemRoot\system32\DRIVERS\srv.sys
  0xBA648000 \??\C:\WINDOWS\System32\drivers\pmemnt.sys
  0xA6F74000 \SystemRoot\system32\drivers\wdmaud.sys
  0xA7801000 \SystemRoot\system32\drivers\sysaudio.sys
  0xA6B8D000 \SystemRoot\System32\Drivers\HTTP.sys
  0xA6880000 \SystemRoot\system32\DRIVERS\asyncmac.sys
  0xA3AAA000 \SystemRoot\system32\drivers\kmixer.sys
  0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 79):
      0 System Idle Process
      4 System
    904 C:\WINDOWS\system32\smss.exe
    1124 csrss.exe
    1148 C:\WINDOWS\system32\winlogon.exe
    1192 C:\WINDOWS\system32\services.exe
    1204 C:\WINDOWS\system32\lsass.exe
    1336 C:\WINDOWS\system32\ibmpmsvc.exe
    1372 C:\WINDOWS\system32\svchost.exe
    1452 svchost.exe
    1516 C:\WINDOWS\system32\svchost.exe
    1688 C:\Programmer\Intel\WiFi\bin\S24EvMon.exe
    1800 svchost.exe
    1864 svchost.exe
    280 C:\Programmer\Alwil Software\Avast5\AvastSvc.exe
    1672 C:\WINDOWS\system32\spoolsv.exe
    220 svchost.exe
    288 C:\Programmer\Lenovo\HOTKEY\TPHKSVC.exe
    336 C:\WINDOWS\system32\IPSSVC.EXE
    396 C:\Programmer\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
    528 C:\WINDOWS\system32\acs.exe
    600 C:\Programmer\ThinkPad\ConnectUtilities\AcSvc.exe
    632 C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    756 wmiprvse.exe
    936 C:\Programmer\ThinkPad\Utilities\DOZESVC.EXE
    988 C:\Programmer\Intel\WiFi\bin\EvtEng.exe
    1052 C:\Programmer\Java\jre6\bin\jqs.exe
    2004 C:\Programmer\Fælles filer\Intel\WirelessCommon\RegSrvc.exe
    2236 unsecapp.exe
    2348 C:\Programmer\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
    2504 C:\WINDOWS\system32\svchost.exe
    2528 C:\Programmer\Lenovo\System Update\SUService.exe
    2712 C:\Programmer\Fælles filer\Lenovo\tvt_reg_monitor_svc.exe
    2800 C:\WINDOWS\system32\TpKmpSvc.exe
    2864 tvttcsd.exe
    2884 C:\Programmer\Lenovo\Rescue and Recovery\rrpservice.exe
    2912 C:\Programmer\Lenovo\Rescue and Recovery\rrservice.exe
    2944 wmiprvse.exe
    2972 C:\Programmer\Fælles filer\Lenovo\Scheduler\tvtsched.exe
    3024 C:\Programmer\Lenovo\Rescue and Recovery\UpdateMonitor.exe
    3120 C:\WINDOWS\system32\searchindexer.exe
    3176 C:\Programmer\ThinkPad\Utilities\PWMDBSVC.exe
    3436 C:\Programmer\ThinkPad\Bluetooth Software\bin\btwdins.exe
    3668 alg.exe
    1572 C:\WINDOWS\explorer.exe
    3600 C:\WINDOWS\system32\ctfmon.exe
    240 C:\Programmer\Analog Devices\Core\smax4pnp.exe
    412 C:\WINDOWS\system32\TpShocks.exe
    4048 C:\WINDOWS\system32\rundll32.exe
    540 C:\PROGRA~1\ThinkPad\UTILIT~1\EZEJMNAP.EXE
    1548 C:\Programmer\Lenovo\HOTKEY\TPOSDSVC.exe
    664 C:\PROGRA~1\ALWILS~1\Avast5\AvastUI.exe
    1584 C:\Programmer\Fælles filer\Lenovo\Scheduler\scheduler_proxy.exe
    984 C:\Programmer\ThinkPad\ConnectUtilities\ACTray.exe
    848 C:\WINDOWS\system32\igfxext.exe
    1992 C:\Programmer\ThinkPad\ConnectUtilities\ACWLIcon.exe
    1428 C:\Programmer\Lenovo\HOTKEY\TPONSCR.exe
    2036 C:\WINDOWS\system32\igfxsrvc.exe
    2524 C:\Programmer\Lenovo\ZOOM\TpScrex.exe
    1732 C:\Programmer\Lenovo\Client Security Solution\cssauth.exe
    2744 C:\Programmer\Lenovo\AwayTask\AwaySch.EXE
    2692 C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.EXE
    3348 C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.EXE
    2060 C:\WINDOWS\system32\igfxtray.exe
    2852 C:\WINDOWS\system32\hkcmd.exe
    3544 C:\WINDOWS\system32\igfxpers.exe
    3576 C:\Programmer\Lenovo\NPDIRECT\tpfnf7sp.exe
    3708 C:\Programmer\ThinkVantage\AMSG\Amsg.exe
    1860 C:\Programmer\Fælles filer\Java\Java Update\jusched.exe
    3928 C:\Documents and Settings\Jacob\Application Data\Dropbox\bin\Dropbox.exe
    5292 C:\Programmer\Mozilla Firefox\firefox.exe
    2136 C:\WINDOWS\system32\wscntfy.exe
    5844 PresentationFontCache.exe
    4356 C:\Programmer\Microsoft Office\Office14\WINWORD.EXE
    4136 OSPPSVC.EXE
    3416 C:\WINDOWS\system32\WISPTIS.EXE
    3216 C:\WINDOWS\system32\searchprotocolhost.exe
    4396 searchfilterhost.exe
    2112 C:\Documents and Settings\Jacob\Dokumenter\Hentede filer\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00  (NTFS)

PhysicalDrive0 Model Number: HITACHIHTS542516K9SA00, Rev: BBCZC3HP

      Size  Device Name          MBR Status
  --------------------------------------------
    149 GB  \\.\PhysicalDrive0  Unknown MBR code
            SHA1: 614F31711679B96E3C1CBD5BC85F8DFB0597B68B


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

Fint nok - hvis din multiboot virker, er det den der viser sig på den måde.

Hvordan kører PCen ?

Den virker fint, multiboot'en. Den er grim, menu'en, men bortset fra det.
PC'en kører vist lidt bedre. Der er stadig et hav af processer igang i joblisten, men det betyder vel ikke noget?

Jeg er nysgerrig af natur. Kan du give mig et kort resume af, hvad det er vi har gjort?

Jacob