ComboFix 08-10-18.03 - Eier 2008-10-19 21:11:06.1 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.47.1044.18.341 [GMT 2:00]
Running from: C:\Documents and Settings\Eier\Skrivebord\ComboFix.exe
 * Created a new restore point

[COLOR=RED][B]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/B][/COLOR]
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Eier\Mine dokumenter\My Documents.url
C:\Documents and Settings\Eier\Programdata\Dxccwrd.dll
C:\Documents and Settings\Eier\Programdata\Dxcdmns.dll
C:\Documents and Settings\Eier\Programdata\FNTS~1
C:\Documents and Settings\Eier\Programdata\RACLE~1
C:\Documents and Settings\LocalService\Lokale innstillinger\Temporary Internet Files\Dxc.log
C:\Programfiler\Fellesfiler\{3CF81~1
C:\Programfiler\InternetSoftware\pcre3.dll
C:\Programfiler\InternetSoftware\uninstall.exe
C:\Programfiler\stem~1
C:\Programfiler\stem~1\??stem\
C:\smp.bat
C:\temp\17o7
C:\temp\17o7\tmpTF.log
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\crosof~1
C:\WINDOWS\system32\drivers\fad.sys
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\smpi1

.
(((((((((((((((((((((((((   Files Created from 2008-09-19 to 2008-10-19  )))))))))))))))))))))))))))))))
.

2008-10-19 20:14 . 2008-10-19 20:14	<DIR>	d--------	C:\Programfiler\Malwarebytes' Anti-Malware
2008-10-19 20:14 . 2008-10-19 20:14	<DIR>	d--------	C:\Documents and Settings\Eier\Programdata\Malwarebytes
2008-10-19 20:14 . 2008-10-19 20:14	<DIR>	d--------	C:\Documents and Settings\All Users\Programdata\Malwarebytes
2008-10-19 20:14 . 2008-10-16 20:25	38,496	--a------	C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-19 20:14 . 2008-10-16 20:25	15,504	--a------	C:\WINDOWS\system32\drivers\mbam.sys
2008-10-19 20:03 . 2008-10-19 20:03	<DIR>	dr-h-----	C:\Documents and Settings\Eier\Siste
2008-10-19 20:00 . 2008-10-19 20:00	<DIR>	d--------	C:\Programfiler\CCleaner
2008-10-18 14:53 . 2008-10-18 14:53	<DIR>	d--------	C:\Programfiler\Trend Micro
2008-10-17 20:09 . 2008-10-17 20:09	<DIR>	d--------	C:\Documents and Settings\Admin\Programdata\ATI
2008-10-17 20:05 . 2006-03-20 20:19	<DIR>	dr-------	C:\Documents and Settings\Admin\Start-meny
2008-10-17 20:05 . 2006-03-20 20:19	<DIR>	d--h-----	C:\Documents and Settings\Admin\Skrivere
2008-10-17 20:05 . 2006-03-20 20:19	<DIR>	d--------	C:\Documents and Settings\Admin\Skrivebord
2008-10-17 20:05 . 2008-10-17 20:07	<DIR>	dr-h-----	C:\Documents and Settings\Admin\Siste
2008-10-17 20:05 . 2008-01-12 19:10	<DIR>	d--------	C:\Documents and Settings\Admin\Programdata\Teleca
2008-10-17 20:05 . 2008-01-12 19:10	<DIR>	d--------	C:\Documents and Settings\Admin\Programdata\Sony Ericsson
2008-10-17 20:05 . 2008-10-17 20:09	<DIR>	dr-h-----	C:\Documents and Settings\Admin\Programdata
2008-10-17 20:05 . 2008-10-17 20:07	<DIR>	dr-------	C:\Documents and Settings\Admin\Mine dokumenter
2008-10-17 20:05 . 2006-03-20 19:26	<DIR>	d--h-----	C:\Documents and Settings\Admin\Maler
2008-10-17 20:05 . 2008-10-19 21:18	<DIR>	d--h-----	C:\Documents and Settings\Admin\Lokale innstillinger
2008-10-17 20:05 . 2008-10-17 20:07	<DIR>	dr-------	C:\Documents and Settings\Admin\Favoritter
2008-10-17 20:05 . 2006-03-20 20:19	<DIR>	d--h-----	C:\Documents and Settings\Admin\AndrMask
2008-10-17 20:05 . 2008-10-17 20:18	<DIR>	d--------	C:\Documents and Settings\Admin
2008-10-16 17:31 . 2008-10-16 17:31	<DIR>	d--------	C:\Documents and Settings\All Users\Programdata\Ahead
2008-10-13 20:56 . 2008-10-19 20:33	<DIR>	d--------	C:\Documents and Settings\Eier\Programdata\NoNameScript
2008-10-13 20:55 . 2008-10-19 17:04	<DIR>	d--------	C:\Programfiler\mIRC
2008-10-13 20:55 . 2008-10-13 20:55	<DIR>	d--------	C:\Documents and Settings\Eier\Programdata\mIRC
2008-10-11 15:21 . 2008-10-11 15:21	<DIR>	d--------	C:\Documents and Settings\Eier\Programdata\ATI
2008-10-11 15:21 . 2008-10-11 15:21	<DIR>	d--------	C:\Documents and Settings\All Users\Programdata\ATI
2008-10-11 15:14 . 2008-10-11 15:14	0	--a------	C:\WINDOWS\ativpsrm.bin
2008-10-11 04:26 . 2008-10-11 04:26	<DIR>	d--------	C:\Programfiler\My Company Name
2008-10-11 04:14 . 2008-10-11 04:14	<DIR>	d--------	C:\Programfiler\Fellesfiler\ATI Technologies
2008-10-11 04:13 . 2006-12-28 05:44	84,992	-ra------	C:\WINDOWS\system32\drivers\AtiHdAud.sys
2008-10-11 04:09 . 2008-01-09 15:35	3,107,788	-ra------	C:\WINDOWS\system32\ativvaxx.dat
2008-10-11 04:09 . 2008-01-09 15:35	3,107,788	-ra------	C:\WINDOWS\system32\ativva5x.dat
2008-10-11 04:09 . 2008-01-09 15:35	887,724	-ra------	C:\WINDOWS\system32\ativva6x.dat
2008-10-11 04:09 . 2008-01-09 16:07	368,640	-ra------	C:\WINDOWS\system32\ATIDEMGX.dll
2008-10-11 04:09 . 2008-01-09 15:58	307,200	-ra------	C:\WINDOWS\system32\atiiiexx.dll
2008-10-11 04:09 . 2008-01-07 03:43	165,782	-ra------	C:\WINDOWS\system32\atiicdxx.dat
2008-10-11 04:09 . 2007-11-19 21:23	11,874	-ra------	C:\WINDOWS\atiogl.xml
2008-10-11 04:09 . 2007-08-31 03:20	7,167	-ra------	C:\WINDOWS\system32\atifglpf.xml
2008-10-11 04:07 . 2008-10-11 04:25	<DIR>	d--------	C:\Programfiler\ATI Technologies
2008-09-30 23:24 . 2008-09-30 23:34	<DIR>	d--------	C:\Diet & trenings program
2008-09-30 23:15 . 2008-10-01 00:54	<DIR>	d--------	C:\søknader

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-19 19:11	---------	d-----w	C:\Programfiler\InternetSoftware
2008-10-19 18:05	---------	d-----w	C:\Documents and Settings\All Users\Programdata\Spybot - Search & Destroy
2008-10-19 14:55	---------	d---a-w	C:\Documents and Settings\All Users\Programdata\TEMP
2008-10-17 14:44	---------	d-----w	C:\Programfiler\Fellesfiler\Real
2008-10-17 14:08	---------	d-----w	C:\Programfiler\Spybot - Search & Destroy
2008-10-17 13:55	---------	d-----w	C:\Documents and Settings\Eier\Programdata\Skype
2008-10-17 13:53	---------	d-----w	C:\Documents and Settings\Eier\Programdata\skypePM
2008-10-17 00:55	---------	d-----w	C:\Programfiler\Fellesfiler\Symantec Shared
2008-10-16 15:07	---------	d-----w	C:\Programfiler\Apple Software Update
2008-10-15 13:48	---------	d-----w	C:\Programfiler\iTunes
2008-10-15 13:34	---------	d-----w	C:\Programfiler\Fellesfiler\Teleca Shared
2008-10-15 13:34	---------	d-----w	C:\Documents and Settings\Eier\Programdata\Teleca
2008-10-11 15:41	---------	d-----w	C:\Programfiler\Steam
2008-10-11 02:14	---------	d--h--w	C:\Programfiler\InstallShield Installation Information
2008-09-30 20:32	---------	d-----w	C:\Programfiler\Norton AntiVirus
2008-09-15 15:42	1,846,016	----a-w	C:\WINDOWS\system32\win32k.sys
2008-08-29 23:13	---------	d-----w	C:\Documents and Settings\Eier\Programdata\TomTom
2008-08-29 23:13	---------	d-----w	C:\Documents and Settings\All Users\Programdata\TomTom
2008-08-28 10:04	333,056	----a-w	C:\WINDOWS\system32\drivers\srv.sys
2008-08-26 22:59	---------	d-----w	C:\Programfiler\MSN Messenger
2008-08-26 22:59	---------	d-----w	C:\Programfiler\Messenger Plus! Live
2008-08-26 08:30	826,368	----a-w	C:\WINDOWS\system32\wininet.dll
2008-08-21 01:34	---------	d-----w	C:\Programfiler\Skype
2008-08-21 01:34	---------	d-----w	C:\Programfiler\Fellesfiler\Skype
2008-08-21 01:34	---------	d-----w	C:\Documents and Settings\All Users\Programdata\Skype
2008-08-21 01:26	22,458,664	-c--a-w	C:\SkypeSetup.exe
2008-08-14 13:48	2,138,112	----a-w	C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 13:48	2,017,792	----a-w	C:\WINDOWS\system32\ntkrnlpa.exe
2007-03-12 11:38	18,616	----a-w	C:\Documents and Settings\Eier\Programdata\GDIPFONTCACHEV1.DAT
2001-11-22 13:08	712,704	----a-w	C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
2007-06-28 14:53	16,384	--sha-w	C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
2007-06-28 14:53	16,384	--sha-w	C:\WINDOWS\system32\config\systemprofile\Lokale innstillinger\Logg\History.IE5\index.dat
2007-06-28 14:53	32,768	--sha-w	C:\WINDOWS\system32\config\systemprofile\Lokale innstillinger\Temporary Internet Files\Content.IE5\index.dat
2007-05-10 22:42	367,392	--sha-w	C:\WINDOWS\system32\drivers\fidbox.dat
2007-05-10 22:42	3,104	--sha-w	C:\WINDOWS\system32\drivers\fidbox2.dat
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8600AC1E-BE58-4FFC-BD5D-F2A8EC38C838}]
2007-09-28 21:28	311296	--a------	C:\Programfiler\Snap Visual Search\snapbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-28 15360]
"Veoh"="C:\Programfiler\Veoh Networks\Veoh\VeohClient.exe" [2008-08-28 3660848]
"SpybotSD TeaTimer"="C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-05-21 221184]
"ccApp"="C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" [2007-01-09 115816]
"osCheck"="C:\Programfiler\Norton AntiVirus\osCheck.exe" [2006-09-05 26248]
"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"Symantec PIF AlertEng"="C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"StartCCC"="C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-09-28 15360]

C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\
BlackICE PC Protection.lnk - C:\Programfiler\ISS\BlackICE\blackice.exe [2006-03-23 778240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"= ctwdm32.dll
"msacm.enc"= ITIG726.acm
"vidc.XVID"= xvid.dll
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= divxa32.acm
"VIDC.HFYU"= huffyuv.dll
"VIDC.i263"= i263_32.drv
"VIDC.I420"= i263_32.drv
"msacm.imc"= imc32.acm
"VIDC.VP31"= vp31vfw.dll
"msacm.l3codec"= l3codecp.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\EPOX\\Magic BIOS\\Magic BIOS.EXE"=
"C:\\Programfiler\\The All-Seeing Eye\\eye.exe"=
"C:\\Programfiler\\BitComet\\BitComet.exe"=
"C:\\Programfiler\\MSN Messenger\\msrg.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Programfiler\\Steam\\SteamApps\\dj_furious_god\\counter-strike\\hl.exe"=
"C:\\Programfiler\\Steam\\SteamApps\\captainnazar\\counter-strike\\hl.exe"=
"C:\\Programfiler\\Steam\\Steam.exe"=
"C:\\Programfiler\\TVUPlayer\\TVUPlayer.exe"=
"C:\\Programfiler\\iMesh Applications\\iMesh\\iMesh.exe"=
"C:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Programfiler\\Veoh Networks\\Veoh\\VeohClient.exe"=
"C:\\Programfiler\\mIRC\\mirc.exe"=
"C:\\Programfiler\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4899:TCP"= 4899:TCP:Radmin
"4899:UDP"= 4899:UDP:Radmin
"1496:UDP"= 1496:UDP:Windows Media Format SDK (wmplayer.exe)
"1497:UDP"= 1497:UDP:Windows Media Format SDK (wmplayer.exe)
"1498:UDP"= 1498:UDP:Windows Media Format SDK (wmplayer.exe)
"15320:TCP"= 15320:TCP:BitComet 15320 TCP
"15320:UDP"= 15320:UDP:BitComet 15320 UDP

R0 pnpshark;pnpshark;C:\WINDOWS\system32\DRIVERS\pnpshark.sys [2003-10-02 119552]
R0 SI3112r;Silicon Image SiI 3112 SATARaid Controller;C:\WINDOWS\system32\DRIVERS\SI3112r.sys [2004-08-27 97920]
R0 st3shark;st3shark;C:\WINDOWS\system32\DRIVERS\st3shark.sys [2003-09-27 5504]
R2 Automatisk LiveUpdate-planlegging;Automatisk LiveUpdate-planlegging;C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-09-13 198336]
R4 black;black;C:\WINDOWS\system32\drivers\BlackDrv.sys [2005-03-30 229331]
S0 hpt3xx;hpt3xx;C:\WINDOWS\system32\DRIVERS\hpt3xx.sys [2003-05-09 43539]
S0 hptpro;hptpro;C:\WINDOWS\system32\DRIVERS\hptpro.sys [2003-01-27 9809]
S3 mad600m;mad600m;C:\WINDOWS\system32\Drivers\mad600m.sys [2005-06-16 25044]
S3 mad600u;mad600u;C:\WINDOWS\system32\Drivers\mad600u.sys [2005-11-08 51038]
S3 RapDrv;RapDrv;C:\WINDOWS\system32\drivers\RapDrv.sys [2003-10-24 104968]
S3 RapFile;RapFile;C:\WINDOWS\system32\drivers\RapFile.sys [2003-02-25 36644]
S3 RapNet;RapNet;C:\WINDOWS\system32\drivers\RapNet.sys [2003-02-25 24344]
S3 s716bus;Sony Ericsson Device 716 driver (WDM);C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-04-04 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-04-04 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-04-04 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-04-04 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS);C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-04-04 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-04-04 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM);C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-04-04 98952]
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 60800]
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 9264]
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 96352]
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 87824]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 85696]
S3 W700bus;Sony Ericsson W700 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\W700bus.sys [2006-10-09 61536]
S3 W700mdfl;Sony Ericsson W700 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\W700mdfl.sys [2006-10-09 9264]
S3 W700mdm;Sony Ericsson W700 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\W700mdm.sys [2006-10-09 97056]
S3 W700mgmt;Sony Ericsson W700 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\W700mgmt.sys [2006-10-09 88560]
S3 W700obex;Sony Ericsson W700 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\W700obex.sys [2006-10-09 86368]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0333ecc2-761f-11dd-9fa6-001346013d06}]
\Shell\AutoRun\command - D:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a0b143f-83d9-11dc-9d82-001346013d06}]
\Shell\AutoRun\command - F:\InstallTomTomHOME.exe

*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder

2008-10-19 C:\WINDOWS\Tasks\MP Scheduled Scan.job
- C:\Programfiler\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]

2008-10-17 C:\WINDOWS\Tasks\Norton AntiVirus - Kjør fullstendig systemsøk - Umair.job
- C:\PROGRA~1\Norton AntiVirus\Navw32.exe [2006-09-06 23:38]

2008-10-18 C:\WINDOWS\Tasks\Symantec Virus Update.job
- C:\Programfiler\Symantec\LiveUpdate\LUALL.EXE [2006-09-13 16:35]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Platform Okay Ace New - C:\Documents and Settings\All Users\Programdata\freedrawplatformokay\thirddownload.exe
HKLM-Run-Cmaudio - cmicnfg.cpl
Notify-NavLogon - (no file)


.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = www.vg.no
R0 -: HKCU-Main,SearchMigratedDefaultURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f
R0 -: HKLM-Main,SearchMigratedDefaultURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f
R1 -: HKCU-Internet Settings,ProxyOverride = localhost
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
O8 -: Download all links using BitComet - C:\Programfiler\BitComet\BitComet.exe/AddAllLink.htm
O8 -: Download all videos using BitComet - C:\Programfiler\BitComet\BitComet.exe/AddVideo.htm
O8 -: Download link using &BitComet - C:\Programfiler\BitComet\BitComet.exe/AddLink.htm
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O18 -: Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - %~$path:i
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-19 21:20:24
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-10-19 22:05:26
ComboFix-quarantined-files.txt  2008-10-19 20:05:20

Pre-Run: 4,515,565,568 byte ledig
Post-Run: 4,572,495,872 byte ledig

257	--- E O F ---	2008-10-15 02:26:27