Så lykkedes det også. Her er en log:
ComboFix 10-05-12.06 - Henrik 13-05-2010 19:39:12.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.45.1030.18.2046.1597 [GMT 2:00]
Kører fra: c:\alg\ComboFix.exe
Kommandoer benyttet :: c:\alg\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !!
.
((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\hpeC76.dll
c:\documents and settings\Henrik\Application Data\chrtmp
c:\documents and settings\Henrik\Application Data\inst.exe
c:\windows\system32\AbaleZip.dll
c:\windows\system32\drivers\bxgjwwff.sys
c:\windows\system32\w32apiw.dll
Inficeret kopi af c:\windows\system32\drivers\atapi.sys blev fundet og desinficeret
Genskabt kopi fra - Kitty had a snack :p
.
((((((((((((((((((((((((((((( Filer skabt fra 2010-04-13 til 2010-05-13 )))))))))))))))))))))))))))))))))))
.
2010-05-13 16:53 . 2010-05-13 16:53 -------- d-----r- c:\documents and settings\Administrator\Dokumenter
2010-05-13 16:53 . 2010-05-13 16:53 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-05-13 16:01 . 2010-05-13 17:38 -------- d-----w- C:\alg
2010-05-13 12:29 . 2010-05-13 12:42 -------- d-----w- C:\Lop SD
2010-05-13 11:22 . 2010-05-13 11:22 -------- d-----w- C:\VundoFix Backups
2010-05-13 11:15 . 2010-05-13 11:14 119808 ----a-w- C:\VundoFix.exe
2010-05-12 05:10 . 2010-05-12 05:10 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-05-12 05:09 . 2010-05-12 05:09 -------- d-sh--w- c:\documents and settings\Henrik\PrivacIE
2010-05-12 05:05 . 2010-05-12 05:05 -------- d-sh--w- c:\documents and settings\Henrik\IETldCache
2010-05-12 05:01 . 2010-05-12 05:02 -------- dc-h--w- c:\windows\ie8
2010-05-11 19:44 . 2010-05-11 19:44 -------- d-----w- c:\documents and settings\Henrik\Application Data\Malwarebytes
2010-05-11 19:43 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-11 19:43 . 2010-05-11 19:43 -------- d-----w- c:\programmer\Malwarebytes' Anti-Malware
2010-05-11 19:43 . 2010-05-11 19:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-05-11 19:43 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-11 19:33 . 2010-05-11 19:33 -------- d-----w- c:\programmer\CCleaner
2010-05-11 18:34 . 2010-05-11 18:34 -------- d-s---w- c:\documents and settings\NetworkService\UserData
2010-05-11 12:24 . 2010-05-11 12:24 -------- d-----w- c:\documents and settings\LocalService\Skrivebord
2010-05-10 15:13 . 2010-05-10 15:13 52224 ----a-w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-05-10 15:13 . 2010-05-10 15:13 117760 ----a-w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-05-10 15:12 . 2010-05-10 15:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2010-05-10 15:12 . 2010-05-10 17:30 -------- d-----r- c:\documents and settings\Administrator\Foretrukne
2010-05-10 14:21 . 2010-05-10 14:21 -------- d-----w- c:\windows\system32\wbem\Repository
2010-04-20 16:00 . 2010-04-20 16:00 -------- d-----w- c:\programmer\MIKSOFT
2010-04-20 15:52 . 2010-04-20 15:52 -------- d-----w- c:\documents and settings\Henrik\Application Data\Apple Computer
2010-04-20 15:39 . 2010-04-20 15:39 -------- d-----w- c:\documents and settings\All Users\Application Data\BVRP Software
2010-04-20 15:35 . 2010-04-20 15:35 -------- d-----w- c:\documents and settings\Henrik\Lokale indstillinger\Application Data\Sony
2010-04-20 15:28 . 2010-04-20 15:28 -------- d-----w- c:\programmer\Fælles filer\Sony Shared
2010-04-20 15:27 . 2010-04-20 15:27 10134 ----a-r- c:\documents and settings\Henrik\Application Data\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
2010-04-20 15:27 . 2010-04-20 15:27 -------- d-----w- c:\documents and settings\Henrik\Lokale indstillinger\Application Data\Downloaded Installations
2010-04-20 15:27 . 2010-04-20 15:28 -------- d-----w- c:\programmer\Sony
2010-04-20 15:27 . 2010-04-20 15:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony Corporation
2010-04-20 15:25 . 2010-05-10 12:54 -------- d-----w- c:\programmer\QuickTime
2010-04-20 15:25 . 2010-04-20 15:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-04-20 15:25 . 2010-04-20 15:25 -------- d-----w- c:\programmer\Fælles filer\Apple
2010-04-20 15:24 . 2010-04-20 15:24 -------- d-----w- c:\documents and settings\Henrik\Lokale indstillinger\Application Data\Apple
2010-04-20 15:24 . 2010-04-20 15:24 -------- d-----w- c:\programmer\Apple Software Update
2010-04-20 15:24 . 2010-04-20 15:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-04-20 15:24 . 2010-04-20 15:24 -------- d-----w- c:\documents and settings\Henrik\Lokale indstillinger\Application Data\Apple Computer
2010-04-20 15:20 . 2010-04-20 15:24 33850672 ----a-w- c:\documents and settings\Henrik\Application Data\Sony Setup\9234765D-29DF-48d0-93FB-284B7B6009B9\QuickTimeInstaller.exe
2010-04-20 15:17 . 2010-04-20 15:34 -------- d-----w- c:\documents and settings\Henrik\Application Data\Sony
2010-04-20 15:17 . 2010-04-20 15:20 -------- d-----w- c:\documents and settings\Henrik\Application Data\Sony Setup
2010-04-20 14:37 . 2010-04-21 15:28 -------- d-----w- c:\documents and settings\Henrik\Lokale indstillinger\Application Data\Sony Ericsson
2010-04-20 14:36 . 2009-03-25 15:48 109864 ----a-w- c:\windows\system32\drivers\s1018unic.sys
2010-04-20 14:36 . 2009-03-25 15:48 10792 ----a-w- c:\windows\system32\drivers\s1018cr.sys
2010-04-20 14:36 . 2009-03-25 15:48 26024 ----a-w- c:\windows\system32\drivers\s1018nd5.sys
2010-04-20 14:36 . 2009-03-25 15:48 106208 ----a-w- c:\windows\system32\drivers\s1018mgmt.sys
2010-04-20 14:36 . 2009-03-25 15:48 104744 ----a-w- c:\windows\system32\drivers\s1018obex.sys
2010-04-20 14:36 . 2009-03-25 15:48 15016 ----a-w- c:\windows\system32\drivers\s1018mdfl.sys
2010-04-20 14:36 . 2009-03-25 15:48 12200 ----a-w- c:\windows\system32\drivers\s1018cmnt.sys
2010-04-20 14:36 . 2009-03-25 15:48 12200 ----a-w- c:\windows\system32\drivers\s1018cm.sys
2010-04-20 14:36 . 2009-03-25 15:48 114728 ----a-w- c:\windows\system32\drivers\s1018mdm.sys
2010-04-20 14:36 . 2009-03-25 15:48 12200 ----a-w- c:\windows\system32\drivers\s1018whnt.sys
2010-04-20 14:36 . 2009-03-25 15:48 12200 ----a-w- c:\windows\system32\drivers\s1018wh.sys
2010-04-20 14:36 . 2009-03-25 15:48 86824 ----a-w- c:\windows\system32\drivers\s1018bus.sys
2010-04-20 14:35 . 2010-04-21 15:28 -------- d--h--w- c:\programmer\InstallShield Installation Information
2010-04-20 14:35 . 2010-04-21 15:28 -------- d-----w- c:\programmer\Sony Ericsson
2010-04-20 14:35 . 2010-04-20 15:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony Ericsson
2010-04-19 14:54 . 2010-04-19 14:59 -------- d-----w- c:\programmer\RamBooster
2010-04-19 14:54 . 1998-02-06 19:37 299520 ----a-w- c:\windows\uninst.exe
2010-04-19 14:54 . 2010-04-19 14:54 -------- d-----w- c:\documents and settings\Henrik\WINDOWS
2010-04-18 12:33 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-17 06:38 . 2010-04-17 06:38 -------- d-----w- c:\programmer\Fælles filer\InstallShield
2010-04-14 17:32 . 2010-04-14 17:32 -------- d-----w- c:\documents and settings\Henrik\Lokale indstillinger\Application Data\PCHealth
2010-04-14 06:22 . 2010-04-14 06:22 -------- d-----w- c:\documents and settings\Henrik\Application Data\Hyperz
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-12 17:50 . 2010-05-11 07:47 117760 ----a-w- c:\documents and settings\Henrik\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-05-11 13:20 . 2004-08-03 20:59 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2010-05-11 12:28 . 2010-05-11 07:44 -------- d-----w- c:\documents and settings\Henrik\Application Data\Spyware Terminator
2010-05-11 12:23 . 2010-05-11 09:49 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-05-11 12:23 . 2010-03-24 16:55 -------- d-----w- c:\programmer\SUPERAntiSpyware
2010-05-11 12:23 . 2010-03-24 16:55 -------- d-----w- c:\documents and settings\Henrik\Application Data\SUPERAntiSpyware.com
2010-05-11 12:23 . 2010-05-11 12:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2010-05-11 12:23 . 2010-05-11 07:44 -------- d-----w- c:\programmer\Spyware Terminator
2010-05-11 12:23 . 2010-01-03 18:59 -------- d-----w- c:\programmer\Fælles filer\Wise Installation Wizard
2010-05-11 12:22 . 2010-01-24 18:47 -------- d-----w- c:\documents and settings\Henrik\Application Data\uTorrent
2010-05-11 12:02 . 2010-04-05 16:21 -------- d-----w- c:\documents and settings\Henrik\Application Data\Vso
2010-05-11 09:52 . 2010-05-11 11:11 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-05-11 09:49 . 2010-05-11 09:49 -------- d-----w- c:\programmer\Lavasoft
2010-05-11 09:49 . 2010-03-19 23:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2010-05-11 07:47 . 2010-05-11 07:47 52224 ----a-w- c:\documents and settings\Henrik\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-05-11 07:45 . 2010-05-11 07:45 5632 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2010-05-11 07:45 . 2010-05-11 07:45 5632 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2010-05-10 16:50 . 2010-03-21 18:04 -------- d-----w- c:\documents and settings\Administrator\Application Data\Spyware Terminator
2010-05-03 10:31 . 2010-01-04 21:32 -------- d-----w- c:\programmer\Fælles filer\Adobe
2010-05-02 21:56 . 2010-04-08 21:08 -------- d-----w- c:\documents and settings\Henrik\Application Data\dvdcss
2010-04-22 09:13 . 2010-01-03 18:50 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-04-20 16:12 . 2010-03-31 21:08 -------- d-----w- c:\documents and settings\All Users\Application Data\xml_param
2010-04-19 13:21 . 2010-03-30 20:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-04-19 07:52 . 2010-04-04 08:51 175460 ----a-w- c:\windows\hpoins27.dat
2010-04-18 12:33 . 2010-01-03 22:58 -------- d-----w- c:\programmer\Java
2010-04-14 08:02 . 2010-04-13 15:17 -------- d-----w- c:\documents and settings\Henrik\Application Data\YoWindow
2010-04-13 15:17 . 2010-04-13 15:16 -------- d-----w- c:\programmer\YoWindow
2010-04-11 10:14 . 2010-04-11 10:14 24064 ----a-w- c:\windows\autoload.exe
2010-04-11 05:01 . 2010-04-04 07:20 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-04-10 08:22 . 2010-04-01 07:22 -------- d-----w- c:\documents and settings\Henrik\Application Data\ImgBurn
2010-04-09 21:13 . 2010-04-09 21:13 -------- d-----w- c:\programmer\TotalCommanderPortable
2010-04-09 09:11 . 2010-04-09 09:11 -------- d-----w- c:\documents and settings\All Users\Application Data\vsosdk
2010-04-08 19:19 . 2010-04-08 19:18 -------- d-----w- c:\documents and settings\Henrik\Application Data\vlc
2010-04-08 19:17 . 2010-04-08 19:17 -------- d-----w- c:\programmer\VideoLAN
2010-04-07 07:03 . 2010-04-07 07:03 341504 ----a-w- c:\windows\system32\yowindow.scr
2010-04-05 16:21 . 2010-04-05 16:21 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-04-05 16:21 . 2010-04-05 16:21 47360 ----a-w- c:\documents and settings\Henrik\Application Data\pcouffin.sys
2010-04-05 16:21 . 2010-04-05 16:21 47360 ----a-w- c:\documents and settings\Henrik\Application Data\pcouffin.sys
2010-04-05 16:20 . 2010-04-05 16:20 -------- d-----w- c:\programmer\VSO
2010-04-04 21:51 . 2010-01-03 23:09 68376 ----a-w- c:\documents and settings\Henrik\Lokale indstillinger\Application Data\GDIPFONTCACHEV1.DAT
2010-04-04 09:05 . 2010-04-04 09:05 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2010-04-04 09:05 . 2010-01-04 16:19 -------- d-----w- c:\programmer\HP
2010-04-04 09:05 . 2010-04-04 09:05 -------- d-----w- c:\programmer\Hewlett-Packard
2010-04-04 09:04 . 2010-04-04 09:04 -------- d-----w- c:\programmer\Fælles filer\HP
2010-04-04 08:34 . 2010-03-06 07:49 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2010-04-02 11:31 . 2010-04-01 16:37 -------- d-----w- c:\documents and settings\All Users\Application Data\DVD Shrink
2010-04-01 16:37 . 2010-04-01 16:37 -------- d-----w- c:\programmer\DVD Shrink
2010-04-01 07:20 . 2010-04-01 07:19 -------- d-----w- c:\programmer\ImgBurn
2010-04-01 07:11 . 2010-02-23 11:10 -------- d-----w- c:\programmer\Elaborate Bytes
2010-04-01 07:04 . 2010-04-01 06:55 -------- d-----w- c:\programmer\SlySoft
2010-03-30 21:15 . 2010-03-04 17:14 -------- d-----w- c:\programmer\MSBuild
2010-03-30 21:06 . 2010-03-30 21:06 503808 ----a-w- c:\documents and settings\Henrik\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43ba1001-n\msvcp71.dll
2010-03-30 21:06 . 2010-03-30 21:06 499712 ----a-w- c:\documents and settings\Henrik\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43ba1001-n\jmc.dll
2010-03-30 21:06 . 2010-03-30 21:06 348160 ----a-w- c:\documents and settings\Henrik\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-43ba1001-n\msvcr71.dll
2010-03-30 21:06 . 2010-03-30 21:06 -------- d-----w- c:\programmer\Fælles filer\Java
2010-03-30 21:06 . 2010-03-30 21:06 61440 ----a-w- c:\documents and settings\Henrik\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-669e87f7-n\decora-sse.dll
2010-03-30 21:06 . 2010-03-30 21:06 12800 ----a-w- c:\documents and settings\Henrik\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-669e87f7-n\decora-d3d.dll
2010-03-30 21:01 . 2001-10-09 12:00 78192 ----a-w- c:\windows\system32\perfc006.dat
2010-03-30 21:01 . 2001-10-09 12:00 447834 ----a-w- c:\windows\system32\perfh006.dat
2010-03-30 20:58 . 2010-03-25 07:53 -------- d-----w- c:\programmer\Google
2010-03-30 20:46 . 2010-03-30 20:46 -------- d-----w- c:\programmer\Microsoft.NET
2010-03-30 15:34 . 2010-03-30 12:46 -------- d-----w- c:\programmer\Simple Port Forwarding
2010-03-30 12:02 . 2010-03-30 11:32 -------- d-----w- c:\documents and settings\Henrik\Application Data\Scribus
2010-03-30 11:30 . 2010-03-30 11:30 -------- d-----w- c:\programmer\gs
2010-03-28 09:30 . 2010-03-28 09:30 -------- d-----w- c:\programmer\Daniusoft
2010-03-27 20:51 . 2010-03-27 20:51 -------- d-----w- c:\programmer\FLVCodec
2010-03-27 20:51 . 2010-03-27 20:51 -------- d-----w- c:\programmer\WinPcap
2010-03-27 20:34 . 2010-03-27 20:34 -------- d-----w- c:\documents and settings\Henrik\Application Data\AccurateRip
2010-03-27 20:34 . 2010-03-27 20:34 -------- d-----w- c:\programmer\Illustrate
2010-03-27 20:33 . 2010-03-27 20:34 5652144 ----a-w- c:\windows\system32\SpoonUninstall.exe
2010-03-27 20:27 . 2010-03-27 20:27 -------- d-----w- c:\documents and settings\Henrik\Application Data\FreeAudioPack
2010-03-27 20:23 . 2010-03-27 20:23 -------- d-----w- c:\programmer\directx
2010-03-27 14:14 . 2010-03-27 14:14 -------- d-----w- c:\programmer\Lavalys
2010-03-24 18:34 . 2010-03-24 18:34 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-03-24 18:33 . 2010-03-24 18:33 -------- d-----w- c:\programmer\SystemRequirementsLab
2010-03-24 18:33 . 2010-03-24 18:33 -------- d-----w- c:\documents and settings\Henrik\Application Data\SystemRequirementsLab
2010-03-24 18:32 . 2010-03-22 11:23 -------- d-----w- c:\programmer\Microsoft Windows 7 Upgrade Advisor
2010-03-22 11:36 . 2010-03-22 11:36 84480 ----a-w- c:\documents and settings\Henrik\Application Data\SystemRequirementsLab\srlproxy_intel_4.1.66.0A.dll
2010-03-21 16:11 . 2010-03-21 16:11 -------- d-----w- c:\programmer\Enigma Software Group
2010-03-21 10:37 . 2010-03-21 10:32 78093 ----a-w- c:\windows\hpqins05.dat
2010-03-20 12:05 . 2010-03-20 12:05 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-03-20 12:04 . 2010-03-20 09:36 -------- d-----w- c:\programmer\Microsoft AntiSpyware
2010-03-20 11:38 . 2010-03-20 11:38 -------- d-----w- c:\documents and settings\Henrik\Application Data\nCleaner
2010-03-20 11:37 . 2010-03-20 11:37 -------- d-----w- c:\programmer\NKProds
2010-03-19 23:58 . 2010-03-19 23:58 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-03-19 12:21 . 2010-03-27 20:50 23096 ----a-w- c:\windows\system32\drivers\DrmRAudio.sys
2010-03-17 15:42 . 2010-03-17 15:42 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-17 15:42 . 2010-01-03 18:50 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-17 14:58 . 2010-01-03 18:50 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony Ericsson PC Suite"="c:\programmer\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2009-11-20 434176]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hcenter"="c:\programmer\Support.com\bin\tgcmd.exe" [2005-04-08 1757184]
"SunJavaUpdateSched"="c:\programmer\Fælles filer\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Photo Downloader"="c:\programmer\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe" [2008-04-01 61440]
"Adobe Reader Speed Launcher"="c:\programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"VirtualCloneDrive"="c:\programmer\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"HP Software Update"="c:\programmer\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"QuickTime Task"="c:\programmer\QuickTime\QTTask.exe" [2010-03-17 421888]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menuen Start\Programmer\Start\
HP Digital Imaging Monitor.lnk - c:\programmer\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 12:21 548352 ----a-w- c:\programmer\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-03-17 15:42 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmer\\AVG\\AVG9\\avgemc.exe"=
"c:\\Programmer\\AVG\\AVG9\\avgupd.exe"=
"c:\\Programmer\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Programmer\\Support.com\\bin\\tgcmd.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmer\\uTorrent\\uTorrent.exe"=
"c:\\Programmer\\Mozilla Firefox\\firefox.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Programmer\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"55194:TCP"= 55194:TCP:SPF Port 55194 TCP
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [11-05-2010 11:53 64288]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [03-01-2010 20:50 216200]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [03-01-2010 20:50 242896]
R1 SASDIFSV;SASDIFSV;c:\programmer\SUPERAntiSpyware\sasdifsv.sys [17-02-2010 10:25 12872]
R1 SASKUTIL;SASKUTIL;c:\programmer\SUPERAntiSpyware\SASKUTIL.SYS [17-02-2010 10:15 66632]
R2 avg9emc;AVG Free E-mail Scanner;c:\programmer\AVG\AVG9\avgemc.exe [17-03-2010 16:58 916760]
R2 avg9wd;AVG Free WatchDog;c:\programmer\AVG\AVG9\avgwdsvc.exe [17-03-2010 17:42 308064]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programmer\Lavasoft\Ad-Aware\AAWService.exe [04-02-2010 17:52 1291544]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [01-06-2008 09:13 34064]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\programmer\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [20-04-2010 17:32 90112]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [27-03-2010 22:57 25704]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [27-03-2010 22:58 25704]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [27-03-2010 22:58 25704]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [27-03-2010 22:58 25704]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [27-03-2010 22:59 25704]
S0 yhvdwzqp;yhvdwzqp;c:\windows\system32\drivers\yhvdwzqp.sys --> c:\windows\system32\drivers\yhvdwzqp.sys [?]
S2 oaiofgqw;Sony Ericsson Device 1018 USB WMC Modem Helper;c:\windows\System32\svchost.exe -k netsvcs [26-08-2004 17:53 14336]
S3 cpudrv;cpudrv;c:\programmer\SystemRequirementsLab\cpudrv.sys [18-12-2009 11:58 11336]
S3 DrmRAudio;DrmRAudio;c:\windows\system32\drivers\DrmRAudio.sys [27-03-2010 22:50 23096]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [20-04-2010 16:36 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [20-04-2010 16:36 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [20-04-2010 16:36 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [20-04-2010 16:36 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [20-04-2010 16:36 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [20-04-2010 16:36 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [20-04-2010 16:36 109864]
S3 SASENUM;SASENUM;c:\programmer\SUPERAntiSpyware\SASENUM.SYS [17-02-2010 10:15 12872]
S3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [28-03-2010 00:53 23096]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
oaiofgqw
.
Indhold af mappen 'Planlagte Opgaver'
2010-05-13 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\programmer\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 09:52]
2010-04-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmer\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2010-05-13 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-01-03 21:18]
.
.
------- Yderligere scanning -------
.
IE: &Download All using 4shared Desktop - c:\programmer\4shared Desktop\down_all.htm
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Henrik\Application Data\Mozilla\Firefox\Profiles\nto7b4bn.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.dk/ig?hl=da&source=iglkFF - plugin: c:\programmer\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\programmer\Sony\Media Go\npmediago.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLITIKKER ----
c:\programmer\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmer\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmer\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmer\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmer\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programmer\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "
chrome://browser/locale/browser.properties");
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "
chrome://browser/locale/browser.properties");
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - TOMME GENVEJE FJERNET - - - -
ShellIconOverlayIdentifiers-{65589DBE-901A-41FD-B793-D0FB95D33F7F} - (no file)
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-05-13 19:48
Windows 5.1.2600 Service Pack 3 NTFS
scanner skjulte processer ...
scanner skjulte autostarter ...
scanner skjulte filer ...
scanning gennemført med succes
skjulte filer: 0
**************************************************************************
.
--------------------- DLLs startet under kørende Processer ---------------------
- - - - - - - > 'winlogon.exe'(584)
c:\programmer\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(956)
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\programmer\AVG\AVG9\avgchsvx.exe
c:\programmer\AVG\AVG9\avgrsx.exe
c:\programmer\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\Ati2evxx.exe
c:\programmer\Java\jre6\bin\jqs.exe
c:\programmer\AVG\AVG9\avgnsx.exe
c:\programmer\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
c:\programmer\HP\Digital Imaging\bin\hpqSTE08.exe
c:\programmer\HP\Digital Imaging\bin\hpqbam08.exe
.
**************************************************************************
.
Gennemført tid: 2010-05-13 19:50:34 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2010-05-13 17:50
Pre-Kørsel: 30.922.080.256 byte ledig
Post-Kørsel: 30.946.770.944 byte ledig
- - End Of File - - F2DD50BDC8DD3F2C9DDA999284F3A3C6
Ny bruger
Nybegynder
Opret
Preview
