ComboFix 09-08-10.06 - SaMo Service As 17.08.2009 10:44.1.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.47.1044.18.3070.1795 [GMT 2:00] Kjører fra: c:\users\SaMo Service As\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1335 [VPS 090526-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} SP: avast! antivirus 4.8.1335 [VPS 090526-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500 c:\$recycle.bin\S-1-5-21-3863989293-3250506042-639672707-500 . ((((((((((((((((((((((((((( Filer Opprettet Fra 2009-07-17 til 2009-08-17 ))))))))))))))))))))))))))))))))) . 2009-08-17 08:52 . 2009-08-17 08:52 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-08-14 09:28 . 2004-08-04 05:00 506368 ----a-w- c:\windows\system32\msxml.dll 2009-08-13 15:02 . 2009-08-13 15:02 -------- d-----w- c:\program files\RegCleaner 2009-08-13 14:29 . 2009-08-13 14:29 -------- d-----w- c:\users\SaMo Service As\AppData\Roaming\Malwarebytes 2009-08-13 14:29 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-13 14:29 . 2009-08-13 14:29 -------- d-----w- c:\programdata\Malwarebytes 2009-08-13 14:29 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-08-13 14:29 . 2009-08-13 14:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-08-13 14:23 . 2009-08-13 14:23 -------- d-----w- c:\users\SaMo Service As\AppData\Roaming\Stardock 2009-08-13 14:23 . 2009-08-13 14:23 -------- dc-h--w- c:\programdata\{834D2026-B540-4760-AA88-8738A7E11FC0} 2009-08-13 14:23 . 2009-07-16 18:16 3254128 -c--a-w- c:\programdata\{834D2026-B540-4760-AA88-8738A7E11FC0}\Fences.exe 2009-08-13 14:23 . 2009-08-13 14:23 -------- d-----w- c:\program files\Stardock 2009-08-13 14:23 . 2009-08-13 14:23 -------- d-----w- c:\users\SaMo Service As\AppData\Local\PackageAware 2009-08-13 14:06 . 2009-08-14 13:52 -------- d-----w- c:\users\SaMo Service As\Tracing 2009-08-13 14:06 . 2009-08-13 14:06 -------- d-----w- c:\program files\Microsoft 2009-08-13 14:05 . 2009-08-13 14:05 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-08-13 14:05 . 2009-08-13 14:06 -------- d-----w- c:\program files\Windows Live 2009-08-13 14:03 . 2009-08-13 14:03 -------- d-----w- c:\program files\Common Files\Windows Live 2009-08-12 14:51 . 2009-06-15 14:53 218624 ----a-w- c:\windows\system32\msv1_0.dll 2009-08-12 14:51 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll 2009-08-12 14:51 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll 2009-08-12 14:51 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll 2009-08-12 14:51 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll 2009-08-12 14:51 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2009-08-12 14:51 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll 2009-08-12 14:51 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe 2009-08-11 23:10 . 2009-07-17 13:54 71680 ----a-w- c:\windows\system32\atl.dll 2009-08-11 23:10 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll 2009-08-11 23:10 . 2009-06-04 12:07 2066432 ----a-w- c:\windows\system32\mstscax.dll 2009-08-11 23:10 . 2009-06-10 11:38 91136 ----a-w- c:\windows\system32\avifil32.dll 2009-08-11 23:10 . 2009-07-15 12:39 313344 ----a-w- c:\windows\system32\wmpdxm.dll 2009-08-11 23:10 . 2009-07-15 12:40 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-08-11 23:10 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\dxmasf.dll 2009-08-11 23:10 . 2009-07-15 12:39 7680 ----a-w- c:\windows\system32\spwmp.dll 2009-08-11 07:25 . 2009-08-11 07:25 -------- d-----w- c:\program files\Common Files\Brother 2009-08-11 07:25 . 2009-08-11 07:25 -------- d-----w- c:\program files\Brother 2009-08-05 19:36 . 2009-08-05 19:36 -------- d-----w- c:\users\SaMo Service As\AppData\Roaming\Canneverbe_Limited 2009-08-05 19:36 . 2009-08-05 19:36 -------- d-----w- c:\program files\CDBurnerXP 2009-07-22 10:25 . 2009-07-22 10:25 -------- d-----w- c:\users\SaMo Service As\AppData\Roaming\InstallShield 2009-07-22 10:17 . 2009-07-22 10:17 -------- d-----w- c:\users\SaMo Service As\AppData\Roaming\HP 2009-07-22 10:16 . 2009-07-22 11:08 -------- d-----w- c:\users\SaMo Service As\AppData\Local\ApplicationHistory 2009-07-22 10:16 . 2009-07-22 10:16 103 ----a-w- c:\users\SaMo Service As\AppData\Local\fusioncache.dat 2009-07-22 10:12 . 2009-07-22 10:12 -------- d-----w- c:\windows\system32\URTTEMP 2009-07-22 10:11 . 2009-07-22 10:11 -------- d-----w- c:\program files\Common Files\Hewlett-Packard 2009-07-22 10:11 . 2007-03-28 23:36 327680 ----a-r- c:\windows\system32\HPPEPR01.DLL 2009-07-22 10:11 . 2007-03-15 19:45 630 ----a-r- c:\windows\system32\HPPCPR01.DAT 2009-07-22 10:07 . 2007-03-22 17:45 573440 ----a-w- c:\windows\system32\hpxp3390.dll 2009-07-22 10:07 . 2007-02-28 19:39 458752 ----a-w- c:\windows\system32\hppasc01.dll 2009-07-22 10:07 . 2007-02-05 20:32 782336 ----a-w- c:\windows\system32\hpptpml3.dll 2009-07-22 10:07 . 2006-11-08 22:35 33280 ----a-w- c:\windows\system32\hpzipr12.dll 2009-07-22 10:07 . 2006-11-08 22:35 53248 ----a-w- c:\windows\system32\hpzipm12.dll 2009-07-22 10:07 . 2006-11-08 22:35 49152 ----a-w- c:\windows\system32\hpzidr12.dll 2009-07-22 10:06 . 2009-07-22 10:18 131193 ----a-w- c:\windows\hppins02.dat 2009-07-22 10:00 . 2009-07-22 10:25 -------- d-----w- c:\program files\Okidata 2009-07-22 09:53 . 2009-07-22 09:53 -------- d-----w- c:\users\SaMo Service As\AppData\Roaming\OPHC 2009-07-22 09:53 . 2009-07-22 09:53 -------- d-----w- c:\programdata\OPHC 2009-07-22 09:52 . 2006-12-07 15:33 53248 ----a-w- c:\windows\system32\OPUSBEXT.DLL 2009-07-22 09:52 . 2005-08-25 18:48 65536 ----a-w- c:\windows\system32\OPUSB010.DLL 2009-07-22 09:52 . 2003-12-10 11:00 65536 ----a-w- c:\windows\system32\OPM01LOC.DLL 2009-07-22 09:52 . 2003-11-11 12:08 49152 ----a-w- c:\windows\system32\OPS01LOC.DLL 2009-07-22 09:52 . 2003-10-30 09:24 57344 ----a-w- c:\windows\system32\OPSLD010.DLL 2009-07-22 09:52 . 2007-02-03 18:00 126976 ----a-w- c:\windows\system32\OPDMN014.DLL 2009-07-22 09:52 . 2006-11-22 10:23 65536 ----a-w- c:\windows\system32\OPEXTUAC.DLL 2009-07-22 09:52 . 2004-08-09 11:05 45132 ----a-w- c:\windows\system32\OPCLB012.DLL 2009-07-22 09:52 . 2003-07-29 09:15 40960 ----a-w- c:\windows\system32\OPDVA012.DLL 2009-07-22 09:52 . 2009-07-22 09:52 -------- d-----w- C:\OkiDriver 2009-07-21 09:27 . 2009-07-25 03:23 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-07-21 09:27 . 2009-08-05 08:18 -------- d-----w- c:\program files\Java 2009-07-21 08:29 . 2009-07-21 08:41 -------- d-----w- c:\users\SaMo Service As\AppData\Local\Screamer Radio . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-17 05:28 . 2007-06-19 10:59 81576 ----a-w- c:\windows\system32\perfc014.dat 2009-08-17 05:28 . 2007-06-19 10:59 463038 ----a-w- c:\windows\system32\perfh014.dat 2009-08-17 05:22 . 2009-05-26 14:58 -------- d-----w- c:\program files\LogMeIn 2009-08-14 14:57 . 2009-05-26 14:56 -------- d-----w- c:\users\SaMo Service As\AppData\Roaming\FileZilla 2009-08-14 13:53 . 2009-05-26 14:56 -------- d-----w- c:\program files\FileZilla FTP Client 2009-08-12 01:01 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-08-11 14:07 . 2009-05-26 14:53 123184 ----a-w- c:\users\SaMo Service As\AppData\Local\GDIPFONTCACHEV1.DAT 2009-08-11 07:25 . 2007-06-19 01:33 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-07-22 10:17 . 2007-06-19 01:39 -------- d-----w- c:\programdata\HP 2009-07-22 10:17 . 2007-06-19 02:14 -------- d-----w- c:\programdata\Hewlett-Packard 2009-07-22 10:13 . 2007-06-19 01:39 -------- d-----w- c:\program files\HP 2009-07-21 21:52 . 2009-07-28 22:24 915456 ----a-w- c:\windows\system32\wininet.dll 2009-07-21 21:47 . 2009-07-28 22:24 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-07-21 21:47 . 2009-07-28 22:24 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-07-21 20:13 . 2009-07-28 22:24 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-07-02 20:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2009-07-02 20:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar 2009-07-02 20:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery 2009-07-02 20:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal 2009-07-02 20:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration 2009-07-02 20:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender 2009-07-02 20:38 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-07-02 20:38 . 2009-07-02 20:38 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2009-07-02 20:36 . 2006-11-02 12:37 37665 ----a-w- c:\windows\Fonts\GlobalUserInterface.CompositeFont 2009-06-22 17:24 . 2009-06-22 17:24 -------- d-----w- c:\program files\Defraggler 2009-06-22 17:22 . 2009-06-22 17:22 -------- d-----w- c:\program files\CCleaner 2009-06-15 14:53 . 2009-07-14 20:01 156672 ----a-w- c:\windows\system32\t2embed.dll 2009-06-15 14:52 . 2009-07-14 20:01 23552 ----a-w- c:\windows\system32\lpk.dll 2009-06-15 14:52 . 2009-07-14 20:01 72704 ----a-w- c:\windows\system32\fontsub.dll 2009-06-15 14:51 . 2009-07-14 20:01 10240 ----a-w- c:\windows\system32\dciman32.dll 2009-06-15 12:42 . 2009-07-14 20:01 289792 ----a-w- c:\windows\system32\atmfd.dll 2009-06-02 06:35 . 2009-06-02 06:35 1915520 ----a-w- c:\users\SaMo Service As\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe 2009-05-27 15:50 . 2009-05-27 15:50 613208 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-05-27 06:09 . 2009-05-27 06:09 1889 ----a-w- c:\windows\unins000.dat 2009-05-27 05:36 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll 2009-05-27 05:36 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll 2009-05-27 04:40 . 2009-05-27 04:40 721904 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-05-26 16:41 . 2009-05-26 16:41 61440 ----a-w- c:\windows\system32\winipsec.dll 2009-05-26 16:41 . 2009-05-26 16:41 272896 ----a-w- c:\windows\system32\polstore.dll 2009-05-26 16:20 . 2009-05-26 16:20 2048 ----a-w- c:\windows\system32\msxml3r.dll 2009-05-26 16:00 . 2009-05-26 16:00 1793536 ----a-w- c:\windows\system32\NlsLexicons0045.dll 2009-05-26 16:00 . 2009-05-26 16:00 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll 2009-05-26 16:00 . 2009-05-26 16:00 1782272 ----a-w- c:\windows\system32\NlsLexicons0039.dll 2009-05-26 16:00 . 2009-05-26 16:00 1558016 ----a-w- c:\windows\system32\NlsLexicons0049.dll 2009-05-26 16:00 . 2009-05-26 16:00 1411072 ----a-w- c:\windows\system32\NlsLexicons0047.dll 2009-05-26 16:00 . 2009-05-26 16:00 1236992 ----a-w- c:\windows\system32\NlsLexicons0020.dll 2009-05-26 16:00 . 2009-05-26 16:00 7964672 ----a-w- c:\windows\system32\NlsLexicons0024.dll 2009-05-26 16:00 . 2009-05-26 16:00 5499904 ----a-w- c:\windows\system32\NlsLexicons0022.dll 2009-05-26 16:00 . 2009-05-26 16:00 2136064 ----a-w- c:\windows\system32\NlsLexicons0021.dll 2009-05-26 16:00 . 2009-05-26 16:00 6224896 ----a-w- c:\windows\system32\NlsLexicons0027.dll 2009-05-26 16:00 . 2009-05-26 16:00 5791232 ----a-w- c:\windows\system32\NlsLexicons0026.dll 2009-05-26 16:00 . 2009-05-26 15:59 4175872 ----a-w- c:\windows\system32\NlsLexicons0010.dll 2009-05-26 15:56 . 2009-05-26 15:56 6656 ----a-w- c:\windows\system32\kbd106n.dll 2009-05-26 15:46 . 2009-05-26 15:46 37888 ----a-w- c:\windows\system32\printcom.dll 2009-05-26 15:45 . 2009-05-26 15:45 14848 ----a-w- c:\windows\system32\wshrm.dll 2009-05-26 15:28 . 2009-05-26 15:28 41984 ----a-w- c:\windows\system32\netfxperf.dll 2009-05-26 15:22 . 2009-05-26 15:22 84480 ----a-w- c:\windows\system32\INETRES.dll 2009-05-26 15:19 . 2009-05-26 15:19 2048 ----a-w- c:\windows\system32\msxml6r.dll 2009-05-26 14:44 . 2009-05-26 14:44 51224 ----a-w- c:\windows\system32\wuauclt.exe 2009-05-26 14:44 . 2009-05-26 14:44 43544 ----a-w- c:\windows\system32\wups2.dll 2009-05-26 14:44 . 2009-05-26 14:44 1809944 ----a-w- c:\windows\system32\wuaueng.dll 2009-05-26 14:44 . 2009-05-26 14:44 1524736 ----a-w- c:\windows\system32\wucltux.dll 2009-05-26 14:44 . 2009-05-26 14:44 83456 ----a-w- c:\windows\system32\wudriver.dll 2009-05-26 14:44 . 2009-05-26 14:44 561688 ----a-w- c:\windows\system32\wuapi.dll 2009-05-26 14:44 . 2009-05-26 14:44 34328 ----a-w- c:\windows\system32\wups.dll 2009-05-26 14:44 . 2009-05-26 14:44 31232 ----a-w- c:\windows\system32\wuapp.exe 2009-05-26 14:44 . 2009-05-26 14:44 162064 ----a-w- c:\windows\system32\wuwebv.dll . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240] "RegistryMechanic"="c:\program files\Registry Mechanic\RMTray.exe" [2008-07-03 812952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-18 1008184] "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536] "KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536] "OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-04-19 151552] "LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 63048] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000] "Whitney2_S2P"="c:\program files\Samsung\Samsung SCX-4725 Series\SPanel\RCP\Scan2pc.exe" [2007-01-23 253952] "Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2007-02-05 520192] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-05-15 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-15 8429568] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-05-15 81920] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792] "ToolBoxFX"="c:\program files\HP\ToolBoxFX\bin\HPTLBXFX.exe" [2007-03-26 53248] "HPUsageTracking"="c:\program files\HP\HP UT\bin\hppusg.exe" [2007-05-03 36864] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-03-01 4390912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="c:\windows\SMINST\launcher.exe" [2007-03-07 44168] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler] "{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2009-07-16 120168] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):ea,20,56,dc,55,fb,c9,01 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "TCP Query User{F2FE8E23-AB05-4DB7-8CBC-D315E3A6671A}c:\\program files\\filezilla ftp client\\filezilla.exe"= UDP:c:\program files\filezilla ftp client\filezilla.exe:FileZilla FTP Client "UDP Query User{899D603D-A1F6-4B8E-A504-11D7C0E98648}c:\\program files\\filezilla ftp client\\filezilla.exe"= TCP:c:\program files\filezilla ftp client\filezilla.exe:FileZilla FTP Client "TCP Query User{E746EC2F-A6BB-4DDE-B0E9-808795DD65B7}c:\\users\\samo service as\\appdata\\local\\screamer radio\\screamer.exe"= UDP:c:\users\samo service as\appdata\local\screamer radio\screamer.exe:screamer.exe "UDP Query User{A18EBA4C-C098-41FB-A2E0-3DB9D8FC323C}c:\\users\\samo service as\\appdata\\local\\screamer radio\\screamer.exe"= TCP:c:\users\samo service as\appdata\local\screamer radio\screamer.exe:screamer.exe "{FAB26EB4-39EB-4D0D-A35B-9BFFB6B1F0C2}"= UDP:c:\program files\HP\Digital Imaging\bin\hppscan3.exe:Skanning "{48B25985-C20B-4368-8CEB-7BDEC7D36258}"= TCP:c:\program files\HP\Digital Imaging\bin\hppscan3.exe:Skanning R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [26.05.2009 17:15 114768] R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [26.05.2009 17:15 20560] R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [26.05.2009 17:15 51792] R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [24.07.2008 18:46 12856] R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\System32\drivers\LMIRfsDriver.sys [26.05.2009 16:58 47640] R2 SSPORT;SSPORT;c:\windows\System32\drivers\SSPORT.sys [24.01.2007 09:30 5120] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2009-08-17 c:\windows\Tasks\User_Feed_Synchronization-{6C211E3C-ECDA-4F6F-8BE4-DF8D0F4768EE}.job - c:\windows\system32\msfeedssync.exe [2009-07-28 20:13] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.gulesider.no/ mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NB_NO&c=73&bd=Pavilion&pf=desktop IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-08-17 10:52 Windows 6.0.6002 Service Pack 2 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'Explorer.exe'(4688) c:\program files\Stardock\Fences\FencesMenu.dll c:\program files\stardock\fences\DesktopDock.dll . Tidspunkt ferdig: 2009-08-17 10:56 ComboFix-quarantined-files.txt 2009-08-17 08:56 Pre-Run: 239 464 632 320 byte ledig Post-Run: 239 457 730 560 byte ledig 251 --- E O F --- 2009-08-12 14:53