Gennemgang af HijackThis, ComboFix og MB Logfiler.

Hej eksperter.

Jeg oplever problemer med min computer, og har ikke selv forstand på at kigge logfiler igennem fra diverse figther programmer. Jeg har derfor fulgt Fromsej's (http://www.eksperten.dk/guide/1232) guide og har fået følgende resultater:

MalwareByte:
Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.29.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
fjappe :: MEANMACHINE [administrator]

Protection: Enabled

29-07-2012 16:54:34
mbam-log-2012-07-29 (16-54-34).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 433047
Time elapsed: 13 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\nordicbet (Poker) (PUP.Casino.Gen) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 9
C:\Microgaming\Poker\NordicBetMPP\install.exe (PUP.Casino.Gen) -> No action taken.
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> Quarantined and deleted successfully.
C:\Users\fjappe\AppData\Local\{e1298b49-05af-7473-ec70-0dbac5ceb0f9}\n (Rootkit.0Access) -> Delete on reboot.
C:\Users\fjappe\AppData\Local\{e1298b49-05af-7473-ec70-0dbac5ceb0f9}\L\00000008.@ (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Users\fjappe\AppData\Local\{e1298b49-05af-7473-ec70-0dbac5ceb0f9}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
C:\Users\fjappe\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\58a65e80-5860fe89 (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Windows\Installer\{e1298b49-05af-7473-ec70-0dbac5ceb0f9}\n (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{e1298b49-05af-7473-ec70-0dbac5ceb0f9}\L\00000008.@ (Trojan.BitMiner) -> Quarantined and deleted successfully.
C:\Windows\Installer\{e1298b49-05af-7473-ec70-0dbac5ceb0f9}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.

(end)


ComboFix:
ComboFix 12-07-29.02 - fjappe 29-07-2012  17:18:07.1.8 - x64
Microsoft Windows 7 Professional  6.1.7601.1.1252.45.1033.18.6135.4756 [GMT 2:00]
Kører fra: e:\aaa computer cleaning\ComboFix.exe
Kommandoer benyttet :: e:\aaa computer cleaning\CFScript
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Dannede nyt systemgendannelsespunkt
.
.
(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\fjappe\AppData\Local\assembly\tmp
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\Installer\{e1298b49-05af-7473-ec70-0dbac5ceb0f9}\@
c:\windows\Installer\{e1298b49-05af-7473-ec70-0dbac5ceb0f9}\L\00000004.@
c:\windows\Installer\{e1298b49-05af-7473-ec70-0dbac5ceb0f9}\U\00000004.@
c:\windows\Installer\{e1298b49-05af-7473-ec70-0dbac5ceb0f9}\U\00000008.@
c:\windows\Installer\{e1298b49-05af-7473-ec70-0dbac5ceb0f9}\U\000000cb.@
c:\windows\Installer\{e1298b49-05af-7473-ec70-0dbac5ceb0f9}\U\80000000.@
c:\windows\Installer\{e1298b49-05af-7473-ec70-0dbac5ceb0f9}\U\80000032.@
c:\windows\Installer\{e1298b49-05af-7473-ec70-0dbac5ceb0f9}\U\80000064.@
c:\windows\SysWow64\tmp2897.tmp
c:\windows\SysWow64\tmp29EF.tmp
.
Inficeret kopi af c:\windows\system32\services.exe blev fundet og desinficeret
Genskabt kopi fra - c:\32788r22fwjfw\HarddiskVolumeShadowCopy1_!Windows!System32!services.exe
.
.
(((((((((((((((((((((((((((((  Filer skabt fra 2012-06-28 til 2012-07-29  )))))))))))))))))))))))))))))))))))
.
.
2012-07-29 14:53 . 2012-07-29 14:53    --------    d-----w-    c:\users\fjappe\AppData\Roaming\Malwarebytes
2012-07-29 14:53 . 2012-07-29 14:53    --------    d-----w-    c:\programdata\Malwarebytes
2012-07-29 14:53 . 2012-07-03 11:46    24904    ----a-w-    c:\windows\system32\drivers\mbam.sys
2012-07-25 06:49 . 2012-07-25 14:16    --------    d-----w-    c:\users\fjappe\AppData\Roaming\Agozv
2012-07-25 06:49 . 2012-07-25 06:49    --------    d-----w-    c:\users\fjappe\AppData\Roaming\Edeg
2012-07-22 09:14 . 2012-07-22 09:14    --------    d-----w-    C:\RESTORATION
2012-07-22 09:09 . 2012-07-22 09:09    --------    d-----w-    c:\program files (x86)\EaseUS
2012-07-22 08:52 . 2012-07-22 08:52    --------    d-----w-    c:\program files\Recuva
2012-07-14 03:21 . 2012-07-14 03:21    21520    ----a-w-    c:\windows\DCEBoot64.exe
2012-07-14 03:21 . 2012-07-14 03:21    129024    ----a-w-    c:\windows\RegBootClean64.exe
2012-07-13 17:09 . 2012-07-13 17:12    --------    d-----w-    c:\users\fjappe\AppData\Local\SvchostViewer
2012-07-11 20:11 . 2012-06-12 03:08    3148800    ----a-w-    c:\windows\system32\win32k.sys
2012-07-11 20:07 . 2012-06-02 12:52    754808    ----a-w-    c:\program files\Internet Explorer\iexplore.exe
2012-07-11 15:03 . 2012-07-11 15:03    --------    d-----w-    c:\users\fjappe\AppData\Roaming\SUPERAntiSpyware.com
2012-07-11 15:03 . 2012-07-11 15:03    --------    d-----w-    c:\program files\SUPERAntiSpyware
2012-07-11 15:03 . 2012-07-11 15:03    --------    d-----w-    c:\programdata\SUPERAntiSpyware.com
2012-07-03 15:19 . 2012-05-31 04:04    9013136    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{B4972000-BA22-4BB9-AE98-A3C2E60E20B4}\mpengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-27 11:16 . 2012-04-01 18:22    426184    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-27 11:16 . 2011-10-09 12:17    70344    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-11 20:08 . 2010-11-27 11:02    59701280    ----a-w-    c:\windows\system32\MRT.exe
2012-06-25 14:04 . 2012-06-25 14:04    1394248    ----a-w-    c:\windows\SysWow64\msxml4.dll
2012-06-02 22:19 . 2012-06-19 15:24    38424    ----a-w-    c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-19 15:24    2428952    ----a-w-    c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-19 15:24    57880    ----a-w-    c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-19 15:24    44056    ----a-w-    c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-19 15:24    701976    ----a-w-    c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-19 15:24    2622464    ----a-w-    c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-19 15:24    99840    ----a-w-    c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-19 15:24    186752    ----a-w-    c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-19 15:24    36864    ----a-w-    c:\windows\system32\wuapp.exe
2012-05-15 10:48 . 2012-06-16 11:37    818496    ----a-w-    c:\windows\SysWow64\nvumdshim.dll
2012-05-15 10:48 . 2012-06-16 11:37    8139072    ----a-w-    c:\windows\system32\nvcuda.dll
2012-05-15 10:48 . 2012-06-16 11:37    5982528    ----a-w-    c:\windows\SysWow64\nvcuda.dll
2012-05-15 10:48 . 2012-06-16 11:37    364352    ----a-w-    c:\windows\system32\nvdecodemft.dll
2012-05-15 10:48 . 2012-06-16 11:37    301376    ----a-w-    c:\windows\SysWow64\nvdecodemft.dll
2012-05-15 10:48 . 2012-06-16 11:37    2881856    ----a-w-    c:\windows\system32\nvcuvenc.dll
2012-05-15 10:48 . 2012-06-16 11:37    2681664    ----a-w-    c:\windows\system32\nvcuvid.dll
2012-05-15 10:48 . 2012-06-16 11:37    2524992    ----a-w-    c:\windows\SysWow64\nvcuvid.dll
2012-05-15 10:48 . 2012-06-16 11:37    25248064    ----a-w-    c:\windows\system32\nvcompiler.dll
2012-05-15 10:48 . 2012-06-16 11:37    246592    ----a-w-    c:\windows\system32\nvinitx.dll
2012-05-15 10:48 . 2012-06-16 11:37    2445120    ----a-w-    c:\windows\SysWow64\nvcuvenc.dll
2012-05-15 10:48 . 2012-06-16 11:37    202048    ----a-w-    c:\windows\SysWow64\nvinit.dll
2012-05-15 10:48 . 2012-06-16 11:37    19607872    ----a-w-    c:\windows\SysWow64\nvoglv32.dll
2012-05-15 10:48 . 2012-06-16 11:37    17551680    ----a-w-    c:\windows\SysWow64\nvcompiler.dll
2012-05-15 10:48 . 2012-06-16 11:37    14298944    ----a-w-    c:\windows\system32\drivers\nvlddmkm.sys
2012-05-15 10:48 . 2012-06-16 11:37    10194752    ----a-w-    c:\windows\system32\nvwgf2umx.dll
2012-05-15 10:48 . 2012-05-26 17:59    18044224    ----a-w-    c:\windows\system32\nvd3dumx.dll
2012-05-15 10:48 . 2012-05-26 17:59    2741568    ----a-w-    c:\windows\system32\nvapi64.dll
2012-05-15 10:48 . 2012-04-18 22:23    68928    ----a-w-    c:\windows\system32\OpenCL.dll
2012-05-15 10:48 . 2012-04-18 22:23    61248    ----a-w-    c:\windows\SysWow64\OpenCL.dll
2012-05-15 10:48 . 2012-04-18 22:23    2368832    ----a-w-    c:\windows\SysWow64\nvapi.dll
2012-05-15 10:48 . 2012-04-18 22:23    15322432    ----a-w-    c:\windows\SysWow64\nvd3dum.dll
2012-05-15 10:48 . 2012-02-09 20:43    949056    ----a-w-    c:\windows\system32\nvumdshimx.dll
2012-05-15 10:48 . 2011-11-02 20:47    25743168    ----a-w-    c:\windows\system32\nvoglv64.dll
2012-05-15 10:48 . 2011-11-02 20:47    1738048    ----a-w-    c:\windows\system32\nvdispco64.dll
2012-05-15 10:48 . 2011-11-02 20:47    1468224    ----a-w-    c:\windows\system32\nvgenco64.dll
2012-05-15 10:48 . 2010-07-10 04:38    8105280    ----a-w-    c:\windows\SysWow64\nvwgf2um.dll
2012-05-15 09:29 . 2011-01-07 19:48    889664    ----a-w-    c:\windows\system32\nvvsvc.exe
2012-05-15 09:29 . 2011-01-07 19:48    118080    ----a-w-    c:\windows\system32\nvmctray.dll
2012-05-15 09:29 . 2010-04-28 15:49    63296    ----a-w-    c:\windows\system32\nvshext.dll
2012-05-15 09:29 . 2012-04-18 22:24    2621723    ----a-w-    c:\windows\system32\nvcoproc.bin
2012-05-15 09:29 . 2011-01-07 19:49    3149632    ----a-w-    c:\windows\system32\nvsvc64.dll
2012-05-15 09:28 . 2011-01-07 19:49    6151488    ----a-w-    c:\windows\system32\nvcpl.dll
2012-05-15 00:21 . 2012-05-15 00:21    423744    ----a-w-    c:\windows\SysWow64\nvStreaming.exe
2012-05-04 11:06 . 2012-06-14 14:55    5559664    ----a-w-    c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-14 14:55    3968368    ----a-w-    c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-14 14:55    3913072    ----a-w-    c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-14 14:55    209920    ----a-w-    c:\windows\system32\profsvc.dll
.
.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="e:\steam\steam.exe" [2011-08-02 1242448]
"Active Desktop Calendar"="c:\program files\XemiComputers\Active Desktop Calendar\ADC.exe" [2010-04-21 6950400]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2011-01-13 840000]
"Spotify Web Helper"="c:\users\fjappe\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-07-24 1193176]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-07-09 5661056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-09-17 1310720]
"VolPanel"="c:\program files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" [2009-07-07 241789]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-07-13 36864]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"DeathAdderBlackEdition"="c:\program files (x86)\Razer\DeathAdderBlackEdition\razerhid.exe" [2011-03-21 246272]
"Malwarebytes' Anti-Malware"="e:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Monitor Apache Servers.lnk - c:\webserver\apache\bin\ApacheMonitor.exe [2010-10-18 41051]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages    REG_MULTI_SZ      kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;e:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 MsDepSvc;Web Deployment Agent Service;c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2011-04-01 67400]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-27 250056]
R3 cpuz130;cpuz130;c:\users\fjappe\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-05-25 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-05-25 79360]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 LADF_BakerCOnly;BakerC Filter Driver;c:\windows\system32\DRIVERS\ladfBakerCamd64.sys [2011-03-18 410184]
R3 LADF_BakerROnly;BakerR Filter Driver;c:\windows\system32\DRIVERS\ladfBakerRamd64.sys [2011-03-18 335688]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-21 114144]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [2005-04-13 30720]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-03-17 68440]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1255736]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-02-28 430440]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-05-27 834544]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-07 254528]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 Apache2.2;Apache2.2;c:\webserver\apache\bin\httpd.exe [2010-10-18 20549]
S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x64.sys [2010-03-10 20456]
S2 DroidExplorerService;DroidExplorer Service;c:\program files\Droid Explorer\DroidExplorer.Service.exe [2010-08-21 253440]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896]
S2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe [2009-12-10 65536]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S3 DABlackFltr;DeathAdder Black Edition Mouse;c:\windows\system32\drivers\DABlack.sys [2010-11-29 23040]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys [2011-04-11 410184]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys [2011-04-11 341832]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
S3 MCfilt;MCfilt;c:\windows\system32\drivers\MCfilt64.sys [2009-09-17 25600]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
S3 VKbms;Virtual HID Minidriver;c:\windows\system32\DRIVERS\VKbms.sys [2010-09-30 13312]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-09-28 395264]
.
.
Indhold af mappen 'Planlagte Opgaver'
.
2012-07-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 11:16]
.
2012-07-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2337432176-2570498844-1704861366-1000Core.job
- c:\users\fjappe\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-11 16:55]
.
2012-07-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2337432176-2570498844-1704861366-1000UA.job
- c:\users\fjappe\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-11 16:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55    99080    ----a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55    99080    ----a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55    99080    ----a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55    99080    ----a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55    99080    ----a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55    99080    ----a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55    99080    ----a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55    99080    ----a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55    99080    ----a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RunDLLEntry"="c:\windows\system32\AmbRunE.dll" [2009-02-26 17920]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-12-07 5889816]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Yderligere scanning -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 193.162.153.164 194.239.134.83
FF - ProfilePath - c:\users\fjappe\AppData\Roaming\Mozilla\Firefox\Profiles\fp15gz7m.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.dk/
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - TOMME GENVEJE FJERNET - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - c:\program files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe
Wow6432Node-HKLM-Run-AdobeCS5ServiceManager - c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
Wow6432Node-HKLM-Run-SwitchBoard - c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MsDepSvc]
"ImagePath"="\"c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe\" -runService:MsDepSvc"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]
"ImagePath"="\"c:\webserver\mysql\bin\mysqld\" --defaults-file=\"c:\webserver\mysql\my.ini\" MySQL"
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
.
[HKEY_USERS\S-1-5-21-2337432176-2570498844-1704861366-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*e*x*e*¬*ghg˜ŒgÈ‹gøŠg(ŠgöÁ%\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2337432176-2570498844-1704861366-1000_Classes\{47BF077C-44C6-42B1-8F88-ADE2585DD2ED}*]
@Allowed: (Read) (RestrictedCode)
@=hex:3e,7b,01,ad,94,99,cc,01
.
[HKEY_USERS\S-1-5-21-2337432176-2570498844-1704861366-1000_Classes\{C4B20040-7D5A-4558-9E19-B7DF94366F97}*]
@Allowed: (Read) (RestrictedCode)
@=hex:be,d5,45,77,5c,df,cb,01
DUMPHIVE0.003 (REGF)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{47BF077C-44C6-42B1-8F88-ADE2585DD2ED}*]
@=hex:7f,d4,13,89,7f,d0,cb,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{97A98033-9FA1-4E80-A339-59787B43CC89}*]
@=hex:08,74,38,89,7f,d0,cb,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{A82EB336-567D-4F41-A63E-8113AD8B6903}*]
@=hex:20,d7,35,86,7f,d0,cb,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{C4B20040-7D5A-4558-9E19-B7DF94366F97}*]
@=hex:73,4a,4c,89,7f,d0,cb,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andre kørende processer ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files\Droid Explorer\SDK\tools\adb.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
.
**************************************************************************
.
Gennemført tid: 2012-07-29  17:24:23 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2012-07-29 15:24
.
Pre-Kørsel: 2.368.249.856 bytes free
Post-Kørsel: 2.184.806.400 bytes free
.
- - End Of File - - 2972F4DDF9F07D84038BA3E1B801E5E5

HijackThis:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:32:31, on 29-07-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
E:\steam\Steam.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Users\fjappe\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\webserver\apache\bin\ApacheMonitor.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razerhid.exe
E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razertra.exe
C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razerofa.exe
C:\Program Files (x86)\Razer\DeathAdderBlackEdition\vdDaemon.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 12\firefox.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 12\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
E:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DeathAdderBlackEdition] C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razerhid.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "e:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Steam] "E:\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\fjappe\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-21-2337432176-2570498844-1704861366-1008\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - HKUS\S-1-5-21-2337432176-2570498844-1704861366-1008\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'postgres')
O4 - Global Startup: Monitor Apache Servers.lnk = C:\webserver\apache\bin\ApacheMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: NordicBet - {C5BC268D-589C-40CD-B4CB-25C1505AFE6B} - C:\Microgaming\Poker\NordicBetMPP\MPPoker.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apache2.2 - Apache Software Foundation - C:\webserver\apache\bin\httpd.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: DroidExplorer Service (DroidExplorerService) - Ryan Conrad - C:\Program Files\Droid Explorer\DroidExplorer.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - e:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\webserver\mysql\bin\mysqld (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Unknown owner - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (file missing)
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12448 bytes


Jeg håber det hele er klar til gennemgang som i, eksperter, gerne vil have det.

På forhånd tusind tak for den frivillige hjælp :)