ComboFix 08-12-12.05 - 2008-12-13 18:19:21.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1044.18.502.113 [GMT 1:00] Kjører fra: c:\documents and settings\MyName\Skrivebord\Antivirus\ComboFix.exe [COLOR=RED][B]ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !![/B][/COLOR] . ((((((((((((((((((((((((((( Filer Opprettet Fra 2008-11-13 til 2008-12-13 ))))))))))))))))))))))))))))))))) . 2008-12-13 13:23 . 2008-12-13 13:23 d-------- c:\programfiler\Malwarebytes' Anti-Malware 2008-12-13 13:23 . 2008-12-13 13:23 d-------- c:\documents and settings\MyName\Programdata\Malwarebytes 2008-12-13 13:23 . 2008-12-13 13:23 d-------- c:\documents and settings\All Users\Programdata\Malwarebytes 2008-12-13 13:23 . 2008-12-03 19:54 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-13 13:23 . 2008-12-03 19:54 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-12-13 12:21 . 2008-12-13 12:21 d-------- c:\documents and settings\All Users\Programdata\SUPERAntiSpyware.com 2008-12-13 12:20 . 2008-12-13 12:20 d-------- c:\programfiler\SUPERAntiSpyware 2008-12-13 12:20 . 2008-12-13 12:20 d-------- c:\documents and settings\MyName\Programdata\SUPERAntiSpyware.com 2008-12-13 12:19 . 2008-12-13 12:19 d-------- c:\programfiler\Fellesfiler\Wise Installation Wizard 2008-12-04 11:22 . 2008-12-04 11:22 244 --ah----- C:\sqmnoopt02.sqm 2008-12-04 11:22 . 2008-12-04 11:22 232 --ah----- C:\sqmdata02.sqm 2008-11-13 17:00 . 2008-10-24 12:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys 2008-11-13 16:59 . 2008-09-04 18:17 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-13 17:17 --------- d-----w c:\documents and settings\MyName\Programdata\Skype 2008-12-09 13:00 --------- d-----w c:\documents and settings\MyName\Programdata\AVGTOOLBAR 2008-12-09 09:37 --------- d-----w c:\programfiler\Dl_cats 2008-11-11 22:30 --------- d-----w c:\documents and settings\MyName\Programdata\LimeWire 2008-11-09 15:18 --------- d-----w c:\programfiler\MSN Messenger 2008-11-09 08:59 --------- d-----w c:\programfiler\Sun 2008-11-09 08:59 --------- d-----w c:\programfiler\Java 2008-11-08 19:50 3,766 --sha-w c:\windows\system32\KGyGaAvL.sys 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-23 12:43 286,720 ----a-w c:\windows\system32\gdi32.dll 2008-10-23 12:43 286,720 ------w c:\windows\system32\dllcache\gdi32.dll 2008-10-17 01:03 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll 2008-10-16 13:15 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll 2008-10-16 13:11 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll 2008-10-15 16:38 337,408 ------w c:\windows\system32\dllcache\netapi32.dll 2008-10-15 07:06 633,632 ------w c:\windows\system32\dllcache\iexplore.exe 2008-10-15 07:04 161,792 ------w c:\windows\system32\dllcache\ieakui.dll 2008-10-03 10:04 247,326 ----a-w c:\windows\system32\strmdll.dll 2008-10-03 10:04 247,326 ------w c:\windows\system32\dllcache\strmdll.dll 2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll 2008-09-15 15:29 1,846,400 ----a-w c:\windows\system32\win32k.sys 2008-09-15 15:29 1,846,400 ------w c:\windows\system32\dllcache\win32k.sys . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "ModemOnHold"="c:\programfiler\NetWaiting\netwaiting.exe" [2003-09-10 20480] "MsnMsgr"="c:\programfiler\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] "Skype"="c:\programfiler\Skype\Phone\Skype.exe" [2007-02-22 25388584] "SUPERAntiSpyware"="c:\programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-12-04 1809648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ShowLOMControl"="1 (0x1)" [X] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-12-13 98304] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-12-13 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-12-13 118784] "SunJavaUpdateSched"="c:\programfiler\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2005-11-29 761947] "Dell QuickSet"="c:\programfiler\Dell\QuickSet\quickset.exe" [2005-12-06 839680] "IntelZeroConfig"="c:\programfiler\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 667718] "IntelWireless"="c:\programfiler\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 602182] "DVDLauncher"="c:\programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 49152] "DMXLauncher"="c:\programfiler\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 86016] "dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035] "ISUSPM Startup"="c:\programfiler\Fellesfiler\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856] "ISUSScheduler"="c:\programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2005-06-10 81920] "Corel Photo Downloader"="c:\programfiler\Corel\Corel Photo Album 6\MediaDetect.exe" [2005-08-31 106496] "DLCFCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll" [2005-09-08 73728] "QuickTime Task"="c:\programfiler\QuickTime\qttask.exe" [2006-10-25 282624] "iTunesHelper"="c:\programfiler\iTunes\iTunesHelper.exe" [2006-10-30 256576] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-06-26 1177368] "SigmatelSysTrayApp"="stsystra.exe" [2005-11-16 c:\windows\stsystra.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\ Digital Line Detect.lnk - c:\programfiler\Digital Line Detect\DLG.exe [2006-04-14 24576] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-03 14:56 352256 c:\programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programfiler\\iTunes\\iTunes.exe"= "c:\\Documents and Settings\\MyName\\Mine dokumenter\\Min musikk\\LimeWire\\LimeWire.exe"= "c:\\Programfiler\\QuickTime\\QuickTimePlayer.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgupd.exe"= "c:\\Programfiler\\MSN Messenger\\msnmsgr.exe"= "c:\\Programfiler\\MSN Messenger\\livecall.exe"= "c:\\Programfiler\\Skype\\Phone\\Skype.exe"= R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-06-26 96520] R1 SASDIFSV;SASDIFSV;\??\c:\programfiler\SUPERAntiSpyware\SASDIFSV.SYS [2008-12-04 8944] R1 SASKUTIL;SASKUTIL;\??\c:\programfiler\SUPERAntiSpyware\SASKUTIL.sys [2008-12-04 55024] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-06-26 282904] R3 SASENUM;SASENUM;\??\c:\programfiler\SUPERAntiSpyware\SASENUM.SYS [2008-12-04 7408] . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2008-12-04 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2006-10-10 17:13] . . ------- Tilleggsskanning ------- . uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-13 18:22:50 Windows 5.1.2600 Service Pack 3 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run DLCFCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'winlogon.exe'(840) c:\windows\system32\avgrsstx.dll c:\programfiler\SUPERAntiSpyware\SASWINLO.dll . Tidspunkt ferdig: 2008-12-13 18:24:24 ComboFix-quarantined-files.txt 2008-12-13 17:24:21 ComboFix2.txt 2008-12-13 16:24:32 Pre-Run: 38ÿ453ÿ141ÿ504 byte ledig Post-Run: 38,442,930,176 byte ledig 152 --- E O F --- 2008-12-11 21:03:46