ComboFix 08-06-09.7 - Heine 2008-06-11 10:43:32.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1044.18.2245 [GMT 2:00]
Running from: C:\Documents and Settings\Heine\Skrivebord\ComboFix.exe
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((( Files Created from 2008-05-11 to 2008-06-11 )))))))))))))))))))))))))))))))
.
2008-06-11 08:16 . 2008-06-11 08:16
d-------- C:\Programfiler\Malwarebytes' Anti-Malware
2008-06-11 08:16 . 2008-06-11 08:16 d-------- C:\Documents and Settings\Heine\Programdata\Malwarebytes
2008-06-11 08:16 . 2008-06-11 08:16 d-------- C:\Documents and Settings\All Users\Programdata\Malwarebytes
2008-06-11 08:16 . 2008-06-10 19:02 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-11 08:16 . 2008-06-10 19:02 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-10 22:45 . 2008-06-10 22:45 d-------- C:\Programfiler\SUPERAntiSpyware
2008-06-10 22:45 . 2008-06-10 22:45 d-------- C:\Documents and Settings\Heine\Programdata\SUPERAntiSpyware.com
2008-06-10 22:45 . 2008-06-10 22:45 d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com
2008-06-10 20:44 . 2008-06-10 20:44 d-------- C:\Programfiler\Trend Micro
2008-06-09 17:33 . 2008-06-09 21:01 d-------- C:\Documents and Settings\Heine\.housecall6.6
2008-06-09 17:31 . 2008-06-10 17:31 117 --a------ C:\WINDOWS\BM6f448e1a.xml
2008-06-08 23:41 . 2008-06-08 23:41 d-------- C:\Programfiler\Spybot - Search & Destroy
2008-06-08 23:41 . 2008-06-08 23:41 d-------- C:\Documents and Settings\All Users\Programdata\Spybot - Search & Destroy
2008-06-08 23:25 . 2008-06-11 08:24 d-a------ C:\Documents and Settings\All Users\Programdata\TEMP
2008-06-08 23:24 . 2008-06-11 08:24 d-------- C:\Programfiler\Spyware Doctor
2008-06-08 23:24 . 2008-06-08 23:24 d-------- C:\Documents and Settings\Heine\Programdata\PC Tools
2008-06-08 23:24 . 2007-12-10 13:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-06-08 23:24 . 2007-12-10 13:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-06-08 23:24 . 2008-02-01 11:55 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-06-08 23:24 . 2007-12-10 13:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-06-08 23:20 . 2008-06-08 23:20 18,473,000 --a------ C:\temp\sdsetup.exe
2008-06-08 22:41 . 2008-06-10 21:54 d-------- C:\WINDOWS\system32\6620
2008-06-08 21:40 . 2008-06-09 22:48 d-------- C:\Programfiler\uTorrent
2008-06-08 21:40 . 2008-06-08 21:40 dr------- C:\Documents and Settings\LocalService\Favoritter
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-11 06:02 --------- d-----w C:\Programfiler\Symantec AntiVirus
2008-06-09 18:33 --------- d-----w C:\Programfiler\Norton Security Scan
2008-06-08 20:48 --------- d-----w C:\Programfiler\Gabest
2008-06-08 20:47 --------- d-----w C:\Programfiler\Azureus
2008-06-08 19:35 --------- d-----w C:\Documents and Settings\Heine\Programdata\Azureus
2008-05-05 18:46 --------- d-----w C:\Documents and Settings\All Users\Programdata\TrackMania
2008-05-05 18:43 --------- d-----w C:\Programfiler\TmNationsForever
2008-04-17 20:13 --------- d-----w C:\Programfiler\Stata10
2008-04-17 20:12 --------- d-----w C:\Documents and Settings\Heine\Programdata\Stata10
2008-04-17 20:07 --------- d-----w C:\Programfiler\Fellesfiler\Wise Installation Wizard
2008-04-12 10:14 --------- d-----w C:\Programfiler\MagicDisc
2007-12-02 11:54 87,608 ----a-w C:\Documents and Settings\Heine\Programdata\inst.exe
2007-12-02 11:54 47,360 ----a-w C:\Documents and Settings\Heine\Programdata\pcouffin.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{38BB23AA-0EA4-4A1B-B782-8E7745240EE9}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{899202FF-9593-415D-8DBE-02282A77FE36}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c8871178-9d7e-4bf6-a100-1ad44c98587a}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 04:00 15360]
"swg"="C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-22 21:21 68856]
"updateMgr"="C:\Programfiler\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [ ]
"LaunchList"="C:\Programfiler\Pinnacle\Studio 11\LaunchList2.exe" [2007-03-21 16:41 145496]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programfiler\Fellesfiler\Nero\Lib\NMBgMonitor.exe" [ ]
"SpybotSD TeaTimer"="C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 10:33 1506544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2006-07-21 13:48 98304]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2006-07-21 13:50 86016]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2006-07-21 13:47 81920]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-04 17:26 16250880 C:\WINDOWS\RTHDCPL.exe]
"PTHOSTTR"="C:\Programfiler\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.exe" [2006-06-08 15:02 131072]
"PDF Complete"="C:\Programfiler\PDF Complete\pdfsty.exe" [2006-07-14 09:43 279576]
"SDMSSplash"="C:\Programfiler\HP_SDMS\SDMSSplash\launcher.exe" [2006-03-10 01:53 86016]
"SetRefresh"="C:\Programfiler\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 20:01 525824]
"CognizanceTS"="C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 21:12 17920]
"Recguard"="C:\WINDOWS\Sminst\Recguard.exe" [2006-05-12 13:50 1138688]
"Reminder"="C:\WINDOWS\Creator\Remind_XP.exe" [2006-03-31 15:44 761856]
"Scheduler"="C:\WINDOWS\SMINST\Scheduler.exe" [2006-04-24 11:42 888832]
"ccApp"="C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" [2006-03-24 18:14 53408]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2006-06-15 02:40 124656]
"EPSON Stylus Photo R800"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2J1.exe" [2003-08-07 03:00 99840]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2006-09-21 06:20 127036]
"ISUSPM Startup"="C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [ ]
"ISUSScheduler"="C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2006-09-11 05:40 86960]
"RoxioDragToDisc"="C:\Programfiler\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe" [2004-06-14 21:38 1691648]
"USBToolTip"="C:\Programfiler\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" [2005-06-13 03:30 192512]
"Sony Ericsson PC Suite"="C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 01:06 487424]
"NBKeyScan"="C:\Programfiler\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
"RoxWatchTray"="C:\Programfiler\Fellesfiler\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2007-08-24 16:52 240112]
"DMXLauncher"="C:\Programfiler\Roxio\CinePlayer\DMXLauncher.exe" [2007-08-14 04:44 113136]
"Adobe Reader Speed Launcher"="C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2008-02-01 00:13 385024]
"iTunesHelper"="C:\Programfiler\iTunes\iTunesHelper.exe" [2008-02-19 14:10 267048]
"ISTray"="C:\Programfiler\Spyware Doctor\pctsTray.exe" [2008-04-10 15:14 1107848]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 04:00 15360]
C:\Documents and Settings\Heine\Start-meny\Programmer\Oppstart\
Adobe Gamma.lnk - C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]
MagicDisc.lnk - C:\Programfiler\MagicDisc\MagicDisc.exe [2008-04-12 12:14:42 546816]
C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\
Program Neighborhood Agent.lnk - C:\WINDOWS\Installer\{E89956F9-5B89-470E-818D-BD46102D0A01}\Icon80951CEC.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe [2007-06-28 18:36:19 38480]
ZyXEL G-360 Wireless Adapter Utility.lnk - C:\Programfiler\ZyXEL\G360\Gcc.exe [2007-02-28 03:29:59 36864]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 10:13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\geBqOhHb]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IfxWlxEN]
IfxWlxEN.dll 2006-04-07 06:00 434176 C:\WINDOWS\system32\IfxWlxEN.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
C:\Programfiler\HPQ\IAM\Bin\AsWlnPkg.dll 2006-06-07 21:26 40448 C:\Programfiler\HPQ\IAM\Bin\AsWlnPkg.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.FFDS"= C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"VIDC.MJPX"= PICVideo MJPEG Codec
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\SMINST\\Scheduler.exe"=
"C:\\WINDOWS\\system32\\mmc.exe"=
"C:\\Programfiler\\SopCast\\SopCast.exe"=
"C:\\Documents and Settings\\Heine\\Programdata\\SopCast\\adv\\SopAdver.exe"=
"C:\\Programfiler\\Pinnacle\\Studio 11\\programs\\RM.exe"=
"C:\\Programfiler\\Pinnacle\\Studio 11\\programs\\Studio.exe"=
"C:\\Programfiler\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe"=
"C:\\Programfiler\\Pinnacle\\Studio 11\\programs\\umi.exe"=
"C:\\Programfiler\\iTunes\\iTunes.exe"=
"C:\\Programfiler\\TmNationsForever\\TmForever.exe"=
R0 xmasbus;xmasbus;C:\WINDOWS\system32\DRIVERS\xmasbus.sys [2003-12-21 17:24]
R0 xmasscsi;xmasscsi;C:\WINDOWS\system32\Drivers\xmasscsi.sys [2003-12-20 20:03]
R1 PersonalSecureDrive;PersonalSecureDrive;C:\WINDOWS\system32\drivers\psd.sys [2006-04-07 06:46]
R2 ASChannel;Local Communication Channel;C:\WINDOWS\System32\svchost.exe [2006-03-02 04:00]
R2 LMS;Intel(R) Active Management Technology LMS Service;C:\Programfiler\Intel\AMT\LMS.exe [2006-07-25 13:46]
R2 pdfcDispatcher;PDF Document Manager;C:\Programfiler\PDF Complete\pdfsvc.exe [2006-07-14 09:43]
R2 RoxWatch10;Roxio Hard Drive Watcher 10;"C:\Programfiler\Fellesfiler\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe" [2007-08-24 16:52]
R3 CBTNDIS5;CBTNDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\CBTNDIS5.SYS [2003-07-16 23:28]
R3 IFXTPM;IFXTPM;C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2006-04-25 18:26]
R3 odysseyIM3;Odyssey Network Services Miniport;C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys [2003-05-14 17:01]
R3 RoxMediaDB10;RoxMediaDB10;"C:\Programfiler\Fellesfiler\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe" [2007-08-24 16:52]
R3 TNET1130x;ZyXEL 802.11g Wireless Card;C:\WINDOWS\system32\DRIVERS\tnet1130x.sys [2004-06-10 18:14]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;"C:\Programfiler\Roxio\Digital Home 10\RoxioUpnpService10.exe" [2007-08-24 16:53]
S2 RoxLiveShare10;LiveShare P2P Server 10;"C:\Programfiler\Fellesfiler\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe" [2007-08-24 16:52]
S2 SessionLauncher;SessionLauncher;C:\DOCUME~1\Heine\LOKALE~1\Temp\DX9\SessionLauncher.exe []
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;"C:\Programfiler\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe" [2007-08-24 16:53]
S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 15:58]
S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 15:58]
S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 15:58]
S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 14:58]
S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS);C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 14:58]
S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 14:58]
S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM);C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 14:58]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASChannel
.
Contents of the 'Scheduled Tasks' folder
"2008-05-28 10:32:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Programfiler\Apple Software Update\SoftwareUpdate.exe
"2008-06-01 18:51:48 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Programfiler\Norton Security Scan\Nss.exe
.
**************************************************************************
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="C:\Programfiler\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
Completion time: 2008-06-11 10:49:58
ComboFix-quarantined-files.txt 2008-06-11 08:49:29
ComboFix2.txt 2008-06-10 21:48:04
ComboFix3.txt 2008-06-10 20:21:31
Pre-Run: 22,340,206,592 byte ledig
Post-Run: 22,343,954,432 byte ledig
173