ComboFix 09-03-14.02 - Lars Erik 2009-03-17  9:22:20.3 - NTFSx86
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.1.1033.18.3066.1886 [GMT 1:00]
Kjører fra: c:\users\Lars Erik\Downloads\ComboFix.exe
Command switches brukt :: c:\users\Lars Erik\Desktop\CFScript.txt.txt
AV: AVG Anti-Virus *On-access scanning enabled* (Updated)
 * Opprettet nytt gjenopprettingspunkt
.

(((((((((((((((((((((((((((((((((((((((   Andre slettinger   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\Okay meta anti lite
c:\programdata\Okay meta anti lite\Poll Rule.dat
c:\programdata\Okay meta anti lite\Poll Rule.exe
c:\users\All Users\Okay meta anti lite\Poll Rule.dat
c:\users\All Users\Okay meta anti lite\Poll Rule.exe

.
(((((((((((((((((((((((((((   Filer Opprettet Fra 2009-02-17 til 2009-03-17  )))))))))))))))))))))))))))))))))
.

2009-03-16 10:34 . 2009-03-16 10:34	<DIR>	d----c---	c:\windows\System32\DRVSTORE
2009-03-16 10:34 . 2009-03-16 10:34	<DIR>	d--------	c:\users\Lars Erik\AppData\Roaming\Apple Computer
2009-03-16 10:34 . 2009-03-16 10:34	<DIR>	d--------	c:\users\All Users\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-16 10:34 . 2009-03-16 10:34	<DIR>	d--------	c:\programdata\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-16 10:34 . 2009-03-16 10:34	<DIR>	d--------	c:\program files\iTunes
2009-03-16 10:34 . 2009-03-16 10:34	<DIR>	d--------	c:\program files\iPod
2009-03-16 10:34 . 2008-04-17 12:12	107,368	--a------	c:\windows\System32\GEARAspi.dll
2009-03-16 10:34 . 2009-01-15 12:19	23,848	--a------	c:\windows\System32\drivers\GEARAspiWDM.sys
2009-03-16 10:33 . 2009-03-16 10:33	<DIR>	d--------	c:\program files\Bonjour
2009-03-16 10:32 . 2009-03-16 10:34	<DIR>	d--------	c:\users\All Users\Apple Computer
2009-03-16 10:32 . 2009-03-16 10:34	<DIR>	d--------	c:\programdata\Apple Computer
2009-03-16 10:32 . 2009-03-16 10:33	<DIR>	d--------	c:\program files\QuickTime
2009-03-16 10:32 . 2009-03-16 10:32	<DIR>	d--------	c:\program files\Apple Software Update
2009-03-16 10:31 . 2009-03-16 10:31	<DIR>	d--------	c:\users\All Users\Apple
2009-03-16 10:31 . 2009-03-16 10:31	<DIR>	d--------	c:\programdata\Apple
2009-03-16 10:31 . 2009-03-16 10:34	<DIR>	d--------	c:\program files\Common Files\Apple
2009-03-16 06:09 . 2008-01-21 03:24	333,203	-rahs----	C:\bootmgr
2009-03-16 05:52 . 2009-03-16 06:09	<DIR>	d--hs----	C:\Boot
2009-03-15 22:41 . 2009-03-15 22:41	<DIR>	d--------	c:\users\Lars Erik\AppData\Roaming\Malwarebytes
2009-03-15 22:41 . 2009-03-15 22:41	<DIR>	d--------	c:\users\All Users\Malwarebytes
2009-03-15 22:41 . 2009-03-15 22:41	<DIR>	d--------	c:\programdata\Malwarebytes
2009-03-15 22:41 . 2009-03-15 22:41	<DIR>	d--------	c:\program files\Malwarebytes' Anti-Malware
2009-03-15 22:41 . 2009-02-11 10:19	38,496	--a------	c:\windows\System32\drivers\mbamswissarmy.sys
2009-03-15 22:41 . 2009-02-11 10:19	15,504	--a------	c:\windows\System32\drivers\mbam.sys
2009-03-15 22:10 . 2009-03-15 22:12	<DIR>	d--------	c:\program files\Counter-Strike 1.6
2009-03-15 00:33 . 2009-03-15 00:33	<DIR>	d--------	c:\program files\File Shredder
2009-03-13 22:37 . 2009-03-13 22:38	<DIR>	d--------	c:\program files\Windows Live Safety Center
2009-03-11 20:50 . 2009-02-09 04:10	2,033,152	--a------	c:\windows\System32\win32k.sys
2009-03-11 20:50 . 2008-11-27 05:43	268,288	--a------	c:\windows\System32\schannel.dll
2009-03-08 17:15 . 2009-03-08 17:15	<DIR>	d--------	c:\program files\Microsoft Silverlight
2009-03-08 17:14 . 2008-12-16 04:29	8,147,456	--a------	c:\windows\System32\wmploc.DLL
2009-03-08 17:14 . 2008-12-16 06:31	7,680	--a------	c:\windows\System32\spwmp.dll
2009-03-08 17:14 . 2008-12-16 06:31	4,096	--a------	c:\windows\System32\msdxm.ocx
2009-03-08 17:14 . 2008-12-16 06:31	4,096	--a------	c:\windows\System32\dxmasf.dll
2009-03-08 09:21 . 2009-03-08 09:21	<DIR>	d--------	c:\users\Lars Erik\AppData\Roaming\Publish Providers
2009-03-08 09:20 . 2009-03-08 09:20	<DIR>	d--------	c:\users\All Users\TEMP
2009-03-08 09:20 . 2009-03-08 09:20	<DIR>	d--------	c:\programdata\TEMP
2009-03-08 09:01 . 2009-03-08 09:20	<DIR>	d--------	c:\users\Lars Erik\AppData\Roaming\Sony
2009-03-08 08:55 . 2009-03-10 22:25	<DIR>	d--------	c:\program files\Microsoft SQL Server
2009-03-08 08:46 . 2009-03-08 09:00	<DIR>	d--------	c:\users\All Users\Sony
2009-03-08 08:46 . 2009-03-08 09:00	<DIR>	d--------	c:\programdata\Sony
2009-03-08 08:46 . 2009-03-08 08:46	<DIR>	d--------	c:\program files\Vstplugins
2009-03-08 08:46 . 2009-03-08 08:46	<DIR>	d--------	c:\program files\Sony
2009-03-08 08:45 . 2009-03-08 08:54	<DIR>	d--------	c:\program files\Sony Setup
2009-03-07 19:41 . 2009-03-07 19:41	<DIR>	d--------	c:\program files\Codec Pack Ultimate
2009-03-07 17:22 . 2009-03-07 17:22	<DIR>	d--------	c:\program files\PROnetworks
2009-03-06 21:25 . 2009-03-06 21:25	<DIR>	d--------	c:\users\Lars Erik\AppData\Roaming\DAEMON Tools Pro
2009-03-06 21:25 . 2009-03-06 21:25	<DIR>	d--------	c:\users\Lars Erik\AppData\Roaming\DAEMON Tools
2009-03-04 16:10 . 2009-03-04 16:10	<DIR>	d--------	c:\users\All Users\BVRP Software
2009-03-04 16:10 . 2009-03-04 16:10	<DIR>	d--------	c:\programdata\BVRP Software
2009-03-04 15:42 . 2009-03-04 15:42	<DIR>	d--------	c:\users\All Users\Sony Ericsson
2009-03-04 15:42 . 2009-03-04 15:42	<DIR>	d--------	c:\programdata\Sony Ericsson
2009-03-04 15:42 . 2009-03-09 09:43	<DIR>	d--------	c:\program files\Sony Ericsson
2009-03-03 23:51 . 2008-09-03 04:59	468,992	--a------	c:\windows\System32\newdev.dll
2009-03-03 23:51 . 2008-09-03 04:58	74,752	--a------	c:\windows\System32\newdev.exe
2009-03-03 23:31 . 2008-05-10 04:35	885,248	--a------	c:\windows\System32\RacEngn.dll
2009-03-03 23:31 . 2008-05-09 23:22	9,127	--a------	c:\windows\System32\RacUR.xml
2009-03-03 23:31 . 2008-05-09 23:22	153	--a------	c:\windows\System32\RacUREx.xml
2009-03-03 23:27 . 2009-03-03 23:27	0	--ah-----	c:\windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-03-02 09:11 . 2009-03-02 09:11	<DIR>	d--------	c:\program files\WinPcap
2009-03-02 00:49 . 2008-02-29 15:13	1,202,560	--a------	c:\windows\System32\drivers\AGRSM.sys
2009-03-02 00:49 . 2008-03-18 11:36	54,824	---------	c:\windows\System32\agrsmdel.exe
2009-03-02 00:49 . 2008-03-18 11:36	54,824	--a------	c:\windows\agrsmdel.exe
2009-03-02 00:49 . 2008-03-18 11:27	13,312	--a------	c:\windows\System32\agrsmsvc.exe
2009-03-02 00:49 . 2007-12-11 11:40	13,312	---------	c:\windows\System32\agrscoin.dll
2009-03-01 23:08 . 2009-03-01 23:08	<DIR>	d--------	c:\users\Lars Erik\AppData\Roaming\ImgBurn
2009-03-01 22:47 . 2009-03-01 22:47	<DIR>	d--------	c:\program files\HyCam2
2009-03-01 19:07 . 2009-03-01 19:07	<DIR>	d--------	c:\program files\PowerISO
2009-03-01 01:37 . 2006-10-26 19:56	32,592	--a------	c:\windows\System32\msonpmon.dll
2009-03-01 01:35 . 2009-03-01 01:35	<DIR>	d--------	c:\program files\Microsoft Works
2009-03-01 01:34 . 2009-03-08 08:56	<DIR>	d--------	c:\program files\Microsoft.NET
2009-03-01 01:32 . 2009-03-01 01:32	<DIR>	d--------	c:\program files\Microsoft Visual Studio 8
2009-03-01 01:31 . 2009-03-12 07:11	<DIR>	d--------	c:\users\All Users\Microsoft Help
2009-03-01 01:31 . 2009-03-12 07:11	<DIR>	d--------	c:\programdata\Microsoft Help
2009-03-01 01:29 . 2009-03-01 01:29	<DIR>	dr-h-----	C:\MSOCache
2009-03-01 00:55 . 2009-03-16 16:37	<DIR>	d--------	c:\program files\Cain
2009-02-28 21:31 . 2009-03-15 20:02	<DIR>	d--------	c:\users\All Users\Google
2009-02-28 21:31 . 2009-03-15 20:02	<DIR>	d--------	c:\program files\Google
2009-02-28 11:21 . 2009-03-17 09:11	32,251	--a------	c:\users\All Users\nvModes.dat
2009-02-28 11:21 . 2009-03-17 09:11	32,251	--a------	c:\programdata\nvModes.dat
2009-02-28 11:13 . 2009-02-28 11:13	<DIR>	d--------	c:\users\All Users\NVIDIA
2009-02-28 11:13 . 2009-02-28 11:13	<DIR>	d--------	c:\programdata\NVIDIA
2009-02-28 11:10 . 2009-02-28 11:10	<DIR>	d--------	c:\windows\System32\AGEIA
2009-02-28 11:10 . 2009-02-28 11:10	<DIR>	d--------	c:\program files\Common Files\Wise Installation Wizard
2009-02-28 11:10 . 2009-02-28 11:10	<DIR>	d--------	c:\program files\AGEIA Technologies
2009-02-28 11:10 . 2009-02-09 13:18	801,312	--a------	c:\windows\System32\nvcplui.exe
2009-02-28 11:10 . 2009-02-09 13:18	420,384	--a------	c:\windows\System32\nvcpl.cpl
2009-02-28 02:22 . 2009-03-16 12:04	<DIR>	d--h-----	C:\$AVG8.VAULT$
2009-02-28 02:21 . 2009-02-28 02:22	<DIR>	d--------	c:\users\All Users\Mfcd 1
2009-02-28 02:21 . 2009-02-28 02:22	<DIR>	d--------	c:\programdata\Mfcd 1
2009-02-28 02:11 . 2009-02-27 17:18	<DIR>	d--------	c:\windows\Panther
2009-02-28 02:05 . 2009-02-28 02:05	<DIR>	d--------	c:\program files\Common Files\Adobe
2009-02-28 02:03 . 1998-10-29 16:45	306,688	--a------	c:\windows\IsUninst.exe
2009-02-28 01:54 . 2009-02-28 01:54	0	--ah-----	c:\windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
2009-02-28 01:53 . 2009-02-28 01:53	<DIR>	d--------	c:\program files\Synaptics
2009-02-28 01:53 . 2006-03-09 09:58	1,060,424	--a------	c:\windows\System32\WdfCoInstaller01000.dll
2009-02-28 01:53 . 2008-02-22 11:50	198,064	--a------	c:\windows\System32\drivers\SynTP.sys
2009-02-28 01:53 . 2008-02-22 10:58	196,608	--a------	c:\windows\System32\SynCtrl.dll
2009-02-28 01:53 . 2008-02-22 10:57	163,840	--a------	c:\windows\System32\SynCOM.dll
2009-02-28 01:53 . 2008-02-22 11:11	147,456	--a------	c:\windows\System32\SynTPAPI.dll
2009-02-28 01:53 . 2008-02-22 11:49	110,592	--a------	c:\windows\System32\SynTPCo4.dll
2009-02-28 01:46 . 2008-02-25 16:28	238,080	--a------	c:\windows\System32\ITEIO_64.dll
2009-02-28 01:46 . 2008-02-25 16:29	14,544	--a------	c:\windows\System32\drivers\TVicPort.sys
2009-02-28 01:46 . 2008-02-25 16:29	6,080	--a------	c:\windows\System32\drivers\zntport.sys
2009-02-28 01:41 . 2008-04-23 15:58	204,800	--a------	c:\windows\System32\SysHook.dll
2009-02-28 01:24 . 2009-03-16 17:18	<DIR>	d--------	c:\program files\Common Files\InstallShield
2009-02-28 01:17 . 2009-02-28 01:17	<DIR>	d--------	c:\program files\Acer
2009-02-28 01:17 . 2008-03-21 13:21	487,424	--a------	c:\windows\System32\INT15.dll
2009-02-28 01:17 . 2008-03-21 10:48	17,952	--a------	c:\windows\System32\drivers\int15_64.sys
2009-02-28 01:17 . 2008-03-21 10:48	15,392	--a------	c:\windows\System32\drivers\int15.sys
2009-02-28 00:56 . 2009-03-16 16:07	<DIR>	d--------	c:\users\Lars Erik\Incomplete
2009-02-28 00:54 . 2009-03-15 02:15	<DIR>	d--------	c:\users\Lars Erik\AppData\Roaming\FrostWire
2009-02-28 00:53 . 2009-02-28 00:54	<DIR>	d--------	c:\program files\FrostWire
2009-02-28 00:48 . 2009-02-28 00:47	410,984	--a------	c:\windows\System32\deploytk.dll
2009-02-28 00:42 . 2009-03-16 16:09	<DIR>	d--------	c:\users\Lars Erik\Tracing
2009-02-28 00:41 . 2009-02-28 00:41	<DIR>	d--------	c:\users\All Users\DAEMON Tools Lite
2009-02-28 00:41 . 2009-02-28 00:41	<DIR>	d--------	c:\programdata\DAEMON Tools Lite
2009-02-28 00:41 . 2009-02-28 20:25	<DIR>	d--------	c:\program files\DAEMON Tools Toolbar
2009-02-28 00:41 . 2009-02-28 00:41	<DIR>	d--------	c:\program files\DAEMON Tools Lite
2009-02-28 00:31 . 2009-02-28 00:32	<DIR>	d--------	c:\program files\Magic Video Converter
2009-02-28 00:31 . 2004-05-26 21:37	719,872	--a------	c:\windows\System32\devil.dll
2009-02-28 00:31 . 2003-03-19 11:03	544,768	--a------	c:\windows\System32\msvcr71d.dll
2009-02-28 00:31 . 2002-01-05 14:37	344,064	--a------	c:\windows\System32\msvcr70.dll
2009-02-28 00:31 . 2006-09-16 19:44	314,368	--a------	c:\windows\System32\avisynth.dll
2009-02-28 00:22 . 2008-10-22 02:22	2,048	--a------	c:\windows\System32\tzres.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-12 06:12	---------	d-----w	c:\program files\Windows Mail
2009-03-07 22:49	107,272	----a-w	c:\windows\system32\drivers\avgtdix.sys
2009-03-07 22:49	10,520	----a-w	c:\windows\System32\avgrsstx.dll
2009-03-01 00:34	---------	d-----w	c:\program files\MSBuild
2009-02-28 09:43	80,051	----a-w	c:\windows\System32\slmgr.vbs
2009-02-06 17:52	49,504	----a-w	c:\windows\System32\sirenacm.dll
2009-01-30 14:42	1,257	----a-w	C:\silent.bat
2009-01-16 17:24	70,936	----a-w	c:\windows\System32\PhysXLoader.dll
2009-01-15 06:11	827,392	----a-w	c:\windows\System32\wininet.dll
2008-12-23 15:36	96,784	----a-w	c:\windows\System32\Packet.dll
2008-12-23 15:35	281,104	----a-w	c:\windows\System32\wpcap.dll
2008-12-23 15:33	53,299	----a-w	c:\windows\System32\pthreadVC.dll
2008-12-22 12:47	57,344	----a-w	c:\windows\System32\nvapo32v.dll
2008-12-22 12:47	19,456	----a-w	c:\windows\System32\nvhdap32.dll
2008-12-21 23:31	453,152	----a-w	c:\windows\System32\nvuhda.exe
2008-12-21 23:31	135,168	----a-w	c:\windows\System32\nvcohda.dll
2008-01-21 02:43	174	--sha-w	c:\program files\desktop.ini
.

((((((((((((((((((((((((((((((((((((((((((((   Look   )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of c:\programdata\Mfcd 1 ----

2009-02-28 02:22	380928	--a------	c:\programdata\Mfcd 1\DUPE EXIT JOY TICK.exe 
2009-02-28 02:21	761856	--a------	c:\programdata\Mfcd 1\pwhdzywf.exe 
2009-02-28 02:21	585728	--a------	c:\programdata\Mfcd 1\bone great manager.exe 


(((((((((((((((((((((((((((((   SnapShot@2009-03-16_21.13.32,52   )))))))))))))))))))))))))))))))))))))))))
.
- 2009-03-16 14:48:11	2,048	--sha-w	c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-03-17 08:10:08	2,048	--sha-w	c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-03-16 14:48:11	2,048	--sha-w	c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-03-17 08:10:08	2,048	--sha-w	c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-03-16 18:27:05	262,144	--sha-w	c:\windows\ServiceProfiles\LocalService\ntuser.dat
+ 2009-03-17 08:11:35	262,144	--sha-w	c:\windows\ServiceProfiles\LocalService\ntuser.dat
+ 2009-03-17 08:11:35	262,144	---ha-w	c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2009-03-16 19:04:55	262,144	--sha-w	c:\windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2009-03-17 08:11:30	262,144	--sha-w	c:\windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2009-03-17 08:11:30	262,144	---ha-w	c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2009-03-16 14:52:25	119,132	----a-w	c:\windows\System32\perfc009.dat
+ 2009-03-17 08:16:36	119,132	----a-w	c:\windows\System32\perfc009.dat
- 2009-03-16 14:52:25	633,886	----a-w	c:\windows\System32\perfh009.dat
+ 2009-03-17 08:16:36	633,886	----a-w	c:\windows\System32\perfh009.dat
- 2009-03-16 14:50:04	6,186	----a-w	c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3541046976-155896138-3030049883-1000_UserData.bin
+ 2009-03-17 08:11:54	6,362	----a-w	c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3541046976-155896138-3030049883-1000_UserData.bin
- 2009-03-16 14:50:04	71,962	----a-w	c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-03-17 08:11:53	72,072	----a-w	c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-03-16 14:50:03	35,960	----a-w	c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-03-17 08:11:54	36,252	----a-w	c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((   Oppstartspunkter I Registeret   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke  
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Lars Erik\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-02-28 133104]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-03-31 793096]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-03-07 1601304]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-28 136600]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 544768]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-23 397312]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-22 1037608]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13683232]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 92704]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-11 342312]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-02-28 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= c:\program files\Codec Pack Ultimate\Filters\FFDShow\ff_vfw.dll
"vidc.wmv3"= c:\progra~1\CODECP~1\Filters\wmv9vcm.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2009-02-06 18:51 3885408 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2007-08-07 01:05 200704 c:\program files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
--a------ 2008-07-02 16:16 393216 c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
--a------ 2009-03-04 16:55 281392 c:\program files\uTorrent\uTorrent.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{EF621767-876D-4CA2-8009-60D69BEB6AA0}c:\\program files\\counter-strike 1.6\\hl.exe"= UDP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"UDP Query User{8D4326F8-B1B8-4560-9B1C-BEDE8271931F}c:\\program files\\counter-strike 1.6\\hl.exe"= TCP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"{81496330-39EE-4A51-9BFC-F4533F9BE696}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe
"{780B164C-BFFF-48F9-9AD8-D57897AEDC31}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{6CF5AB7A-90A0-40A0-B2BF-7956CA9DA9C8}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"TCP Query User{F4077B27-D307-4066-A830-C166B1BF345F}c:\\program files\\frostwire\\frostwire.exe"= UDP:c:\program files\frostwire\frostwire.exe:FrostWire
"UDP Query User{593E9A40-EDE3-4B2E-8C03-984536B957D8}c:\\program files\\frostwire\\frostwire.exe"= TCP:c:\program files\frostwire\frostwire.exe:FrostWire
"TCP Query User{4D45FB25-A2DA-46E3-93EB-6E36880A3E63}c:\\program files\\cain\\cain.exe"= UDP:c:\program files\cain\cain.exe:Cain - Password Recovery Utility
"UDP Query User{E73B4659-DA76-4BF8-8350-B67D6D0F9689}c:\\program files\\cain\\cain.exe"= TCP:c:\program files\cain\cain.exe:Cain - Password Recovery Utility
"{6DDE5593-F833-43A3-90DB-8CC9A5F9F52E}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{81B3C39F-6853-40C2-A58A-3B01257C5026}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{2D7A9E23-1319-46A2-8B71-773420915F3C}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{3782EBA6-E5AB-4E08-B3D4-B0D61AB24EF0}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{22A87562-7439-477F-84A0-715842D4B607}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{1111B0DC-F84E-4EC1-ACB2-5086EEA72E6B}c:\\program files\\empire earth\\empire earth.exe"= UDP:c:\program files\empire earth\empire earth.exe:Empire Earth
"UDP Query User{4CB2F798-ED6F-4457-8FD5-F733339A2582}c:\\program files\\empire earth\\empire earth.exe"= TCP:c:\program files\empire earth\empire earth.exe:Empire Earth
"TCP Query User{105B72AC-AACC-4391-96E5-90C612D38F12}c:\\program files\\windows sidebar\\sidebar.exe"= UDP:c:\program files\windows sidebar\sidebar.exe:Windows Sidebar
"UDP Query User{49F8795B-A530-4DD2-B12E-963737C9376B}c:\\program files\\windows sidebar\\sidebar.exe"= TCP:c:\program files\windows sidebar\sidebar.exe:Windows Sidebar
"TCP Query User{DAF4CD37-EF7A-4AAF-BADE-9A125F89F421}c:\\program files\\frostwire\\frostwire.exe"= UDP:c:\program files\frostwire\frostwire.exe:FrostWire
"UDP Query User{C6006AFE-D3F7-4A82-AAC7-CB8110B92DC1}c:\\program files\\frostwire\\frostwire.exe"= TCP:c:\program files\frostwire\frostwire.exe:FrostWire
"TCP Query User{C587859E-7EA4-4477-B562-AD146831FF6D}c:\\program files\\cain\\cain.exe"= UDP:c:\program files\cain\cain.exe:Cain - Password Recovery Utility
"UDP Query User{4E3DB473-0D86-4BBD-94D4-7552F96F1AFC}c:\\program files\\cain\\cain.exe"= TCP:c:\program files\cain\cain.exe:Cain - Password Recovery Utility
"TCP Query User{7938C673-012E-4D5B-A26C-C10B69EAF538}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{0606A5DE-6C4C-4F2F-9EF1-E66959BC2013}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"TCP Query User{85B36ACC-8566-47D5-BE5B-65176ED61972}c:\\program files\\counter-strike 1.6\\hl.exe"= UDP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"UDP Query User{C0DF35B8-6AA8-4740-AB34-C00B0B19EBF6}c:\\program files\\counter-strike 1.6\\hl.exe"= TCP:c:\program files\counter-strike 1.6\hl.exe:Half-Life Launcher
"TCP Query User{FC5D43B6-1C4F-44AE-84E4-41767C12FE2E}c:\\program files\\empire earth\\empire earth.exe"= UDP:c:\program files\empire earth\empire earth.exe:Empire Earth
"UDP Query User{3854404A-C67A-4497-9EFA-5C0CD15AF4A0}c:\\program files\\empire earth\\empire earth.exe"= TCP:c:\program files\empire earth\empire earth.exe:Empire Earth
"{7740E24B-A025-4A7A-84C0-7E8F7119F094}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{A3F55D4E-369D-47F7-808B-A2630B6F1443}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{D562F644-0B0E-4BFC-B68D-1AEB9A52464A}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{0F676479-28B5-4F2B-A015-170F128041D6}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{A49F8A53-416D-4D4A-B318-EFCA01259C7A}c:\\program files\\utorrent\\utorrent.exe"= Disabled:UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{BBCD1EE9-B6B1-488E-B39F-53CE9BD5023C}c:\\program files\\utorrent\\utorrent.exe"= Disabled:TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"{0FEA0DFC-A27A-46F7-9DC5-A8257DEE28A6}"= UDP:c:\program files\Counter-Strike 1.6\cstrike.exe:Counter-Strike 1.6
"{A726DC7C-2542-4B4F-A2F3-42BD5F6B5B64}"= TCP:c:\program files\Counter-Strike 1.6\cstrike.exe:Counter-Strike 1.6

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [2009-02-27 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [2009-02-27 107272]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-03-07 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-07 298264]
R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2009-02-28 24576]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [2008-12-22 51232]
S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\System32\drivers\npf.sys [2008-12-23 50704]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

2009-03-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3541046976-155896138-3030049883-1000.job
- c:\users\Lars Erik\AppData\Local\Google\Update\GoogleUpdate.exe [2009-02-28 00:03]
.
.
------- Tilleggsskanning -------
.
uStart Page = hxxp://www.benjaminstrahs.com/start.php
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-17 09:23:59
Windows 6.0.6001 Service Pack 1 NTFS

skanner skjulte prosesser ...  

skanner skjulte autostart-oppføringer ... 

skanner skjulte filer ...  

skanning vellykket
skjulte filer: 0

**************************************************************************
.
Tidspunkt ferdig: 2009-03-17  9:25:38
ComboFix-quarantined-files.txt  2009-03-17 08:25:36
ComboFix2.txt  2009-03-16 20:14:52

Pre-Run: 43 549 356 032 bytes free
Post-Run: 43,201,892,352 bytes free

305	--- E O F ---	2009-03-17 08:14:52