ComboFix 09-09-06.06 - armnat 08.09.2009 0:11.1.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.47.1044.18.2813.1977 [GMT 2:00] Kjører fra: c:\documents and settings\armnat\Skrivebord\ComboFix.exe AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C} . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr1.dat c:\recycler\S-1-5-21-3187933792-4212508947-3029363547-500 c:\windows\10058virzs259.bin c:\windows\10343zor9656.cpl c:\windows\10465pyw9re1z57.bin c:\windows\1080z9oj6395.bin c:\windows\10909hac95zol753.exe c:\windows\110449irzs51b.bin c:\windows\11097vizus509.exe c:\windows\11160s9azb5t7a.cpl c:\windows\11265zp9795.bin c:\windows\11694hack5ozl772.cpl c:\windows\11794hacktoz915b.exe c:\windows\118z4vir597e5.exe c:\windows\11z96vi5us56.ocx c:\windows\125bzc59oor1410.cpl c:\windows\1274zhac5tool59f.dll c:\windows\127z5spambot3599.exe c:\windows\1289sp5rze1523.cpl c:\windows\12z85t9oj30f.bin c:\windows\12z88wo9559f.exe c:\windows\131z1sp9mbot1d5.exe c:\windows\13748zir5s91f.exe c:\windows\139599orm16dz.ocx c:\windows\13995wo5z739.dll c:\windows\13d5thzef1963.ocx c:\windows\14073hack9ozl159.ocx c:\windows\15218hackto9lz0a.cpl c:\windows\15536spz99.cpl c:\windows\1553spars9z100.cpl c:\windows\15586s9yaz5.exe c:\windows\15699zpy3f.dll c:\windows\15912s5z243.dll c:\windows\15971szambo9545.dll c:\windows\15a5zackdoor971.cpl c:\windows\15z619acktool465.cpl c:\windows\15z6spy2de9.dll c:\windows\164z8not-9-5irus2ca.dll c:\windows\16947hacztool1549.exe c:\windows\174575o9z703.dll c:\windows\17475hzeat298199.dll c:\windows\17597worm32z.cpl c:\windows\17880wo9m795z.dll c:\windows\17948viru5698z.ocx c:\windows\1825zroj7e9.ocx c:\windows\1857bac9door26z6.exe c:\windows\18999not-a-virus5dz.dll c:\windows\19028tzo55c9.dll c:\windows\19180woz579f.ocx c:\windows\19555not-a-virus7z.exe c:\windows\1959add5arz27229.cpl c:\windows\195csparse804z.exe c:\windows\19750ha9ztool65c.dll c:\windows\19781zor55fe.exe c:\windows\19897troz1b5.dll c:\windows\198ethreat2559z.bin c:\windows\19999v5rus6cz.ocx c:\windows\19z19virus75f.bin c:\windows\1a23dow9loa5er72z.bin c:\windows\1b9b9hzeat15939.dll c:\windows\1b9z9ackdoor325.bin c:\windows\1ca6downl5zder8839.cpl c:\windows\1e65ba9kdzor3016.exe c:\windows\1e6eth9eat116z95.dll c:\windows\1z05worm69f5.dll c:\windows\1z1eba9k5oor690.dll c:\windows\1z4959yware1976.exe c:\windows\1z5759pyc1.cpl c:\windows\1z795virus605.cpl c:\windows\1z92sparse1335.dll c:\windows\20565wzrm7849.bin c:\windows\20880spazb592a1.bin c:\windows\20899vi5uz70c.ocx c:\windows\210bvi959z3.cpl c:\windows\21322w9r5z94.ocx c:\windows\2141b9ckdzor1551.ocx c:\windows\21697spyz545.exe c:\windows\21d25hreaz29179.cpl c:\windows\224395pyz4a.cpl c:\windows\22495wnloader1z68.exe c:\windows\225zvi9us78e.cpl c:\windows\22902ziru5651.ocx c:\windows\22z635ackt9olc6.bin c:\windows\22z8b9ckdoo51969.cpl c:\windows\23775acktool9fz.bin c:\windows\23785wormz59.cpl c:\windows\23z9spambot254.cpl c:\windows\2400down9oz5er1279.bin c:\windows\24155hacz5ool469.exe c:\windows\24453spam9ot69z.dll c:\windows\24f8threa532z95.exe c:\windows\2539downloader3946z.ocx c:\windows\2540woz9620.ocx c:\windows\255945zy3c59.ocx c:\windows\2559thzef2339.ocx c:\windows\2569vir1879z.bin c:\windows\25869hacktoolz559.exe c:\windows\25915s9y595z.dll c:\windows\25916vizus20a9.exe c:\windows\25c0szeal294.exe c:\windows\25d59parse85z5.exe c:\windows\25e3backdzor598.bin c:\windows\25z62worm549.exe c:\windows\2658t9iefz083.exe c:\windows\26z09ro534f.cpl c:\windows\27245not-a9vizus5f4.exe c:\windows\27475ha9ktzol2.exe c:\windows\275zsparse1059.dll c:\windows\27826zorm959.exe c:\windows\27895ackdoorz21.cpl c:\windows\279d5ackd9oz1323.ocx c:\windows\28392no5-a-virusz30.ocx c:\windows\28z29virus557.exe c:\windows\29128n5z-a-vir9s5df.dll c:\windows\29257wzr96bf.exe c:\windows\29322n5t-a-virzs1b9.exe c:\windows\2935viruz439.exe c:\windows\29396wzrm15e9.dll c:\windows\29722noz-5-9irus22e.exe c:\windows\297c5parze2049.cpl c:\windows\29953virus1zf.cpl c:\windows\299599py63z.dll c:\windows\29d1thiefz55.bin c:\windows\29dddo9nloade5424z.ocx c:\windows\29fa5ir25z0.ocx c:\windows\29z35t5oj693.dll c:\windows\2cbfspyware9z555.bin c:\windows\2d7aaddzar99485.ocx c:\windows\2e65zddware9900.cpl c:\windows\2e6zir5930.dll c:\windows\2eb5do9nloaderz392.dll c:\windows\2z005ir292.exe c:\windows\2z2495py9d6.exe c:\windows\2z452wormfe9.bin c:\windows\2z59spyware2415.cpl c:\windows\30239tro5zf8.dll c:\windows\3039z5irus513.exe c:\windows\306395oz-a-virus53e.cpl c:\windows\30639not-z-virus5dc.bin c:\windows\30831hac5toolz9.bin c:\windows\3090zsp9mbot7b5.cpl c:\windows\31152za9ktool525.cpl c:\windows\31542spy59z.exe c:\windows\3154zvir9s5f3.dll c:\windows\31559troj5c6z.bin c:\windows\31919t5ojz82.ocx c:\windows\31z40spam5ot7b9.dll c:\windows\322zir9s51.dll c:\windows\3261not-a-9ir5z35d.ocx c:\windows\327359r1z75.cpl c:\windows\32z01troj95e.bin c:\windows\331b5tealz6079.cpl c:\windows\33azdownloa95r1806.bin c:\windows\33c55parse59z.cpl c:\windows\34dctzreat916965.bin c:\windows\3502thze9t13582.bin c:\windows\3523spam9ot5cz.exe c:\windows\352cthizf2291.cpl c:\windows\35bethief2z9.bin c:\windows\35c5vi931z9.exe c:\windows\35e4spzware906.dll c:\windows\3658wzr9552.cpl c:\windows\36dfspar9e5637z.cpl c:\windows\38499parse2592z.cpl c:\windows\38d5t9iez4915.cpl c:\windows\398es9a5sez46.exe c:\windows\3a31szyware5961.exe c:\windows\3a68thief95z.bin c:\windows\3cf9spyw5re190z.cpl c:\windows\3dc99pyware15z8.bin c:\windows\3e2zsteal15809.cpl c:\windows\3z54add9are849.bin c:\windows\3z5759orm3af.dll c:\windows\3z95spywa5e2577.bin c:\windows\40299h5zf2515.cpl c:\windows\4050thr9a5141z.cpl c:\windows\4084not-9-vi5uz6b8.dll c:\windows\40zcv9r20215.exe c:\windows\417dbackdzor29599.exe c:\windows\41b9spy5arz739.exe c:\windows\42d3s9yware279z5.dll c:\windows\4308ha9ktoo54z4.cpl c:\windows\43bespa9se5067z.bin c:\windows\4495vzr3942.cpl c:\windows\453aaddware1z889.dll c:\windows\458fthrea5z9925.cpl c:\windows\4594s5ywar9z185.ocx c:\windows\459zw9rm45.bin c:\windows\47499o5m26z.exe c:\windows\4815hac9to5lza2.ocx c:\windows\4856virusz9b.dll c:\windows\4996haczt5ol670.bin c:\windows\49d5sparse1964z.exe c:\windows\49d8spyw5ze9641.exe c:\windows\49edba59dozr1942.exe c:\windows\49fdown9oa5erz168.dll c:\windows\49z7worm4485.cpl c:\windows\4a5za9dware2989.bin c:\windows\4b99sp5ware48z.exe c:\windows\4dcc95ief1z09.dll c:\windows\4e91a5dwa9ez758.dll c:\windows\4f97do5nloader485z.ocx c:\windows\4fa85pywzre4059.exe c:\windows\4z9f5ownloader2616.ocx c:\windows\4zf4add9are3537.ocx c:\windows\50316viru9754z.cpl c:\windows\50510spambot9dez.exe c:\windows\5059vz510369.ocx c:\windows\51080troz90.exe c:\windows\5130baczdo5r9777.exe c:\windows\51aviz9566.dll c:\windows\52b9a5dwar95z3.ocx c:\windows\52fthzef2996.exe c:\windows\5353zspam9ot37b.cpl c:\windows\5358virus55z9.cpl c:\windows\53656spyz69.cpl c:\windows\5398hzcktoo54a6.ocx c:\windows\53z1st5al1995.dll c:\windows\53zthi9f443.ocx c:\windows\5463h9ckzool9c5.cpl c:\windows\54ba5z9ware722.dll c:\windows\54e55teal93z.dll c:\windows\552cspywaze9003.cpl c:\windows\555f9parse2581z.ocx c:\windows\556ctz9eat4405.ocx c:\windows\5577addw5re1791z.exe c:\windows\55980hack9zol2e2.dll c:\windows\55czaddware938.cpl c:\windows\55zcv9r951.cpl c:\windows\567zad9ware464.exe c:\windows\56efsp9wzre85.bin c:\windows\56z9sp91df.bin c:\windows\57c5b9c5zoor1420.ocx c:\windows\5806t9oj5z4.exe c:\windows\5933zwor9495.exe c:\windows\5953tzief115.cpl c:\windows\5954spy749z.cpl c:\windows\595z5spy559.dll c:\windows\596downzo9der2795.bin c:\windows\5997dowz5oader372.bin c:\windows\599cs9azs52580.exe c:\windows\59b4doznloader2584.ocx c:\windows\59z2downloader3088.exe c:\windows\5a1cbzckdoo919845.exe c:\windows\5a25thre5t94911z.exe c:\windows\5a49bazkdoor845.dll c:\windows\5a55download9r19z0.ocx c:\windows\5a7zadd95re193.exe c:\windows\5ac5ddwarez0729.cpl c:\windows\5b95oznloader2496.dll c:\windows\5d10th9eat1861z.cpl c:\windows\5d54threat904z9.exe c:\windows\5d8e5ir2z129.exe c:\windows\5db6spzw59e438.cpl c:\windows\5ef1thief9z945.bin c:\windows\5f09down5oadzr3114.ocx c:\windows\5f0spyz9re5595.ocx c:\windows\5z14vi91757.bin c:\windows\5z9athief5002.cpl c:\windows\6123v9rz0555.cpl c:\windows\619wzrm25b.bin c:\windows\619ztro970a5.bin c:\windows\6221dowz5oader9754.ocx c:\windows\62c4s5ars91963z.dll c:\windows\6537azdwar92472.cpl c:\windows\6569spambotzd2.exe c:\windows\65z95ief807.exe c:\windows\6648not-a-95rus584z.bin c:\windows\68495z36e.ocx c:\windows\6852zackdoor1419.bin c:\windows\6e2badd5aze639.dll c:\windows\6e60b5c9door159z.bin c:\windows\6f15azdware2992.bin c:\windows\6za8ste9l5135.dll c:\windows\6ze5addware9339.dll c:\windows\6zf1s95al3016.exe c:\windows\7052tzoj591.bin c:\windows\7087no5-a-vzrus4109.dll c:\windows\718espzrse4905.dll c:\windows\72019zrm2085.ocx c:\windows\7370bazkdoo95572.ocx c:\windows\749adownloade519z8.bin c:\windows\7575a9dwarez519.bin c:\windows\757fs9zrse1493.ocx c:\windows\7599sparse2z6.cpl c:\windows\75f5thrzat198689.dll c:\windows\75z8worm1d9.bin c:\windows\768espz59e2821.dll c:\windows\77179iz2255.cpl c:\windows\793zspy6245.cpl c:\windows\79d5viz3196.ocx c:\windows\7bdbaddwaze54549.bin c:\windows\7bfezownloa9er1546.bin c:\windows\7bz5addwa5e2649.exe c:\windows\7c259owzloade51853.ocx c:\windows\7c6cs5yzare2809.ocx c:\windows\7d00addwa9e2895z.ocx c:\windows\7d3at5i9fz816.ocx c:\windows\7z5fspyware269.exe c:\windows\7z99hac5tool52d.dll c:\windows\817wor599z.bin c:\windows\81889pa5boz723.cpl c:\windows\81925irzs95c.cpl c:\windows\8255wozm459.dll c:\windows\83zvir9s51.exe c:\windows\8670noz-a-59rus2b7.cpl c:\windows\8792worm659z.cpl c:\windows\8941spzmbot575.bin c:\windows\8ba95rz66.dll c:\windows\8z55vi9us584.bin c:\windows\90450virus4z9.exe c:\windows\90765notza-virus573.ocx c:\windows\9099sparsez521.dll c:\windows\91345noz-a-virus301.dll c:\windows\913zsparse3245.exe c:\windows\9223v5zu960b.exe c:\windows\92beviz2035.ocx c:\windows\9303zp59bot29d.exe c:\windows\9318add5arez175.ocx c:\windows\9352baczdoor1369.cpl c:\windows\93z08tr5j254.cpl c:\windows\93z99w5rm16f.dll c:\windows\951st9az2088.ocx c:\windows\9582viru52z0.ocx c:\windows\9596zr5j93e.cpl c:\windows\95z4backdoor2376.exe c:\windows\96zc5parse1936.cpl c:\windows\9700s5amboz7b4.bin c:\windows\972495irus4z7.ocx c:\windows\97540not-a-vzruse9.exe c:\windows\977z3tr5j254.exe c:\windows\9795z5r970.bin c:\windows\98z0tr591bf.dll c:\windows\99535hacktzol1b8.dll c:\windows\99615ir12z9.ocx c:\windows\99998s5y6z3.exe c:\windows\9a14threzt7135.bin c:\windows\9c55threat12961z.ocx c:\windows\9cad5ware3z9.ocx c:\windows\9cbt59ef5z7.dll c:\windows\9e5backdoor37z.ocx c:\windows\9e5zt5ief2593.dll c:\windows\9z486ha5ktool220.dll c:\windows\9z94spa5bot3759.bin c:\windows\9ze7threat259915.ocx c:\windows\bfzdownloader1395.bin c:\windows\bzd9ddw5re2255.bin c:\windows\c1az5ware10859.ocx c:\windows\e5zthief32589.bin c:\windows\e68d9wnzoade5354.dll c:\windows\setup.exe c:\windows\system32\10375hacktool6z9.cpl c:\windows\system32\1045virusz39.exe c:\windows\system32\106vzr5s9f2.bin c:\windows\system32\1078st9z51755.bin c:\windows\system32\109estealz5455.ocx c:\windows\system32\11071z9oj599.cpl c:\windows\system32\112559pzmbot502.ocx c:\windows\system32\1137no5-a-virzs2d9.cpl c:\windows\system32\1167dow9load5r1514z.exe c:\windows\system32\11781szambot795.bin c:\windows\system32\1199virz258.cpl c:\windows\system32\1277sz59b9.ocx c:\windows\system32\13994spazbot685.exe c:\windows\system32\13cbthief19z75.bin c:\windows\system32\13f8down59ader447z.bin c:\windows\system32\1413zsp5929.cpl c:\windows\system32\141este95z960.cpl c:\windows\system32\14981tr5z556.cpl c:\windows\system32\14z9s5arse2034.ocx c:\windows\system32\15309wzrm5d65.exe c:\windows\system32\15490tzoj3b8.bin c:\windows\system32\15599wor97dz.dll c:\windows\system32\156zow5loader9593.exe c:\windows\system32\15799worm1z6.ocx c:\windows\system32\1589tzoj465.dll c:\windows\system32\15e5downloader997z.bin c:\windows\system32\15z235roj59a.ocx c:\windows\system32\15z59worm113.dll c:\windows\system32\1619z9ro555b.ocx c:\windows\system32\162z95py2cd.cpl c:\windows\system32\169945py295z.ocx c:\windows\system32\18c4t5iefz979.ocx c:\windows\system32\18z6059rm34b.exe c:\windows\system32\18zfv951859.ocx c:\windows\system32\191935zckto9l525.cpl c:\windows\system32\1919szywar52984.bin c:\windows\system32\1939backzoo5467.cpl c:\windows\system32\19504sp9zbot155.cpl c:\windows\system32\1958adzwar9579.exe c:\windows\system32\1966zsp953f5.dll c:\windows\system32\19963nzt-a-vir9s1715.ocx c:\windows\system32\19981zpy55b.exe c:\windows\system32\19ff5ownloadzr2635.cpl c:\windows\system32\1ac1s59al1z04.dll c:\windows\system32\1az4thief26959.dll c:\windows\system32\1ceesteaz11759.dll c:\windows\system32\1cz1vir58519.bin c:\windows\system32\1d04spzwar928935.dll c:\windows\system32\1z4965ot-a-virus132.exe c:\windows\system32\1z4spyw95e2287.dll c:\windows\system32\1z561s9ambot61.bin c:\windows\system32\1z586sp5mbot399.exe c:\windows\system32\1z926v5rus14.ocx c:\windows\system32\1z9asparse553.cpl c:\windows\system32\1zbaaddware52929.bin c:\windows\system32\2020spzmb9539a.ocx c:\windows\system32\20460not-a-zirus3985.exe c:\windows\system32\2049dowzloader579.bin c:\windows\system32\20679not-a-zirus3d75.exe c:\windows\system32\2075baczdoo5509.ocx c:\windows\system32\211zvir14995.ocx c:\windows\system32\2139wozm935.ocx c:\windows\system32\2167b9ckdo5r17z7.bin c:\windows\system32\21907szambot595.bin c:\windows\system32\2222backzoor19345.ocx c:\windows\system32\22250spambzt749.cpl c:\windows\system32\2310zspa5bot398.bin c:\windows\system32\23196hackt5ol5zd.dll c:\windows\system32\23951not-a-virus70z.exe c:\windows\system32\24098s9y5zb.ocx c:\windows\system32\24281not-a-vir597fdz.cpl c:\windows\system32\24999zeal1755.cpl c:\windows\system32\25064wzrmad9.dll c:\windows\system32\25507worz659.ocx c:\windows\system32\25559s9z582.bin c:\windows\system32\25666spambot1z19.bin c:\windows\system32\25791zirus7c1.cpl c:\windows\system32\25851zot-a-vi9us714.bin c:\windows\system32\25961hzck9oolca.cpl c:\windows\system32\25despy9are1z32.exe c:\windows\system32\265z8worm696.exe c:\windows\system32\268895zrm90d.ocx c:\windows\system32\268z59p5mbot3b6.exe c:\windows\system32\26z90vir9s59e.cpl c:\windows\system32\27785zacktool59c.ocx c:\windows\system32\27987not-a-zi5u92a9.bin c:\windows\system32\279downloazer9574.bin c:\windows\system32\27a1s9y5arz478.exe c:\windows\system32\282zh5ck9ool380.bin c:\windows\system32\28z75tr9j435.ocx c:\windows\system32\29023nz5-a-virus489.exe c:\windows\system32\29134sp9zbot522.exe c:\windows\system32\29317w9rmz95.dll c:\windows\system32\294705py4b8z.bin c:\windows\system32\294adownlozder26805.bin c:\windows\system32\29559vizus5629.ocx c:\windows\system32\2958tzief5232.cpl c:\windows\system32\29729spambot50z5.cpl c:\windows\system32\2980znot-5-virus6c9.cpl c:\windows\system32\29945wozm22b.bin c:\windows\system32\2996nzt-a-virus4c5.cpl c:\windows\system32\29ba5ackdzor895.cpl c:\windows\system32\29bfstezl1510.dll c:\windows\system32\2b9zbackd5o9826.exe c:\windows\system32\2c8cdown9oadez1542.bin c:\windows\system32\2f19vzr1596.ocx c:\windows\system32\2z326hack5o9l217.ocx c:\windows\system32\2z39vi52227.dll c:\windows\system32\2z462wo592bf.ocx c:\windows\system32\2z591t5oj40f.dll c:\windows\system32\2z776wo5944a.exe c:\windows\system32\2zafb5c9door1075.bin c:\windows\system32\300539irus48z5.bin c:\windows\system32\3032spy9are325z.bin c:\windows\system32\30353zo5-a9virus16e.ocx c:\windows\system32\3044z9t-a5virus539.bin c:\windows\system32\31459n9t-5-virzs253.ocx c:\windows\system32\31654hazk5ool76d9.cpl c:\windows\system32\317z5not-a9virus34c.exe c:\windows\system32\31871not-a9vir5zfb.dll c:\windows\system32\31b9vzr5259.dll c:\windows\system32\31z205r9j493.exe c:\windows\system32\32636not-a9virusz52.cpl c:\windows\system32\33acth9zf5748.cpl c:\windows\system32\345spamb9tz99.cpl c:\windows\system32\3524ad5war9298z.bin c:\windows\system32\3526z9rus4e5.bin c:\windows\system32\35a9adzware121.cpl c:\windows\system32\35z55spy5ce9.bin c:\windows\system32\3775dowzloade92585.ocx c:\windows\system32\37dft59zf575.dll c:\windows\system32\389zt5ief900.ocx c:\windows\system32\39295hief1z92.bin c:\windows\system32\3974spzrse14185.ocx c:\windows\system32\39z8threat285999.cpl c:\windows\system32\3a63zownlo5der3976.dll c:\windows\system32\3az95ddware3930.ocx c:\windows\system32\3b75zhr9at28465.bin c:\windows\system32\3c9dba5zdoor1218.exe c:\windows\system32\3d6bz5eal391.bin c:\windows\system32\3e58zhi951201.bin c:\windows\system32\3e8edownloaz5r2592.cpl c:\windows\system32\3eb0viz5549.cpl c:\windows\system32\3ed5downl9aderz386.exe c:\windows\system32\3z575spambo9176.dll c:\windows\system32\4248thrz9t19055.dll c:\windows\system32\4295dow5loadzr1084.dll c:\windows\system32\449bdo9zloader14695.exe c:\windows\system32\44d6t5re9t26608z.ocx c:\windows\system32\4504sp9rse596z.exe c:\windows\system32\4771hacztoo54a9.exe c:\windows\system32\47ce5dd9are1869z.exe c:\windows\system32\4809troj9z5.bin c:\windows\system32\48189pz85.ocx c:\windows\system32\4895bzck9oor2565.cpl c:\windows\system32\4905tzre9t31759.exe c:\windows\system32\490aba5kdz9r2885.bin c:\windows\system32\491bspa9s5357z.exe c:\windows\system32\4929addzare5132.exe c:\windows\system32\493zdo5nload9r2771.exe c:\windows\system32\4955s9zware1595.bin c:\windows\system32\4962threaz24582.exe c:\windows\system32\498abackdoz5994.bin c:\windows\system32\49b4ztea52087.bin c:\windows\system32\49d4thze5t9875.bin c:\windows\system32\4a2d9teal1z45.exe c:\windows\system32\4b19back9oo5173z.bin c:\windows\system32\4b6ft5izf9351.bin c:\windows\system32\4b6fv59184z.cpl c:\windows\system32\4b799hiez253.exe c:\windows\system32\4bc5spyware957z.bin c:\windows\system32\4d185teaz1099.ocx c:\windows\system32\4d94zp5ware62.bin c:\windows\system32\4e6f9hzef1559.cpl c:\windows\system32\4z595py562.ocx c:\windows\system32\4z96back5oo977.dll c:\windows\system32\50269zcktool5e5.exe c:\windows\system32\5029spywarz794.bin c:\windows\system32\507dsp9ware5z37.dll c:\windows\system32\5092zparse9564.bin c:\windows\system32\50ae5pywaze494.dll c:\windows\system32\50dct5rzat27089.cpl c:\windows\system32\5139zroj37b.bin c:\windows\system32\51a1downzo5der2039.exe c:\windows\system32\51c5szy9are551.cpl c:\windows\system32\51z39v9rus65.bin c:\windows\system32\5206virus2cz9.bin c:\windows\system32\52427trz9364.ocx c:\windows\system32\525s9zrse579.dll c:\windows\system32\52a2add9are15z6.cpl c:\windows\system32\539evzr472.exe c:\windows\system32\554hac9tozl78e.cpl c:\windows\system32\556edownlozder1495.cpl c:\windows\system32\55951v9zus164.exe c:\windows\system32\5599tzief544.bin c:\windows\system32\559bthief98z5.dll c:\windows\system32\55f99iz1047.dll c:\windows\system32\55zh9cktool535.ocx c:\windows\system32\5635wo5m6zc9.ocx c:\windows\system32\5651spywz9e3082.bin c:\windows\system32\57e3t5rza93992.bin c:\windows\system32\57z95ackdoor1719.cpl c:\windows\system32\58252sz974f.bin c:\windows\system32\5876ba9kdz5r2379.ocx c:\windows\system32\58c7st95lz789.dll c:\windows\system32\58d9zir1298.ocx c:\windows\system32\59404hack9ozl3c4.dll c:\windows\system32\5948zor5589.dll c:\windows\system32\5952addw9r5z068.cpl c:\windows\system32\599569ozm32e.exe c:\windows\system32\5996downloader2z45.dll c:\windows\system32\59e4threat2z7759.ocx c:\windows\system32\5a35t9az227.cpl c:\windows\system32\5a5cbackzoor2955.ocx c:\windows\system32\5aczs5y9are901.cpl c:\windows\system32\5c4ebackdoorz905.ocx c:\windows\system32\5c5ad9ware5z9.ocx c:\windows\system32\5c5zvir9432.exe c:\windows\system32\5c9vir9z.exe c:\windows\system32\5ca0dowzlo9der3225.cpl c:\windows\system32\5cbet9iefz253.exe c:\windows\system32\5eza5pyware3199.bin c:\windows\system32\5f15spa59z2243.exe c:\windows\system32\5z19t5ief1352.bin c:\windows\system32\5z8ad9ware322.exe c:\windows\system32\5z949hacktool11.ocx c:\windows\system32\5z95spy405.dll c:\windows\system32\6053doznloader589.bin c:\windows\system32\609woz5431.bin c:\windows\system32\60dzthr5at7594.cpl c:\windows\system32\6305dow5loader1499z.ocx c:\windows\system32\63bebzc5door9647.ocx c:\windows\system32\63c35owz9oader1117.dll c:\windows\system32\6409bac5d9or19z0.cpl c:\windows\system32\645zbackdoor1369.exe c:\windows\system32\645zvir2199.bin c:\windows\system32\64c9st5zl1195.ocx c:\windows\system32\6533backdozr29685.dll c:\windows\system32\653fa9dwzre173.bin c:\windows\system32\6545spar9z1402.bin c:\windows\system32\6551v9zus603.dll c:\windows\system32\6554n5t-a-viruz2ee9.exe c:\windows\system32\6573notz9-virus543.ocx c:\windows\system32\6591s59waze2287.bin c:\windows\system32\65cdownloader2905z.ocx c:\windows\system32\65z5ste9l4.exe c:\windows\system32\6769hacktzo5f0.bin c:\windows\system32\696fbackdo5r152z.bin c:\windows\system32\6987wzrm652.ocx c:\windows\system32\6a1fdzw9l5ader509.dll c:\windows\system32\6b95zir16995.bin c:\windows\system32\6be1zack5oor10439.exe c:\windows\system32\6bzbdown59ader2803.ocx c:\windows\system32\6caa5h9ezt18572.exe c:\windows\system32\6z5cdownl5ade9119.dll c:\windows\system32\6zcsp9ware17505.bin c:\windows\system32\7009notza-vi9us5075.dll c:\windows\system32\7195threat29z04.bin c:\windows\system32\7308zparse39485.ocx c:\windows\system32\7375zpy59.ocx c:\windows\system32\7393spyz58.cpl c:\windows\system32\749cdz5nl9ader3173.bin c:\windows\system32\7550vi919z4.exe c:\windows\system32\7551backdooz2935.exe c:\windows\system32\75aeadd5a9e29z5.bin c:\windows\system32\7666t5rzat19200.dll c:\windows\system32\76ezst59l2041.dll c:\windows\system32\77ee5par9z1162.ocx c:\windows\system32\780ed5wnloa9er19z8.ocx c:\windows\system32\7850sp5r9ez09.ocx c:\windows\system32\789zth5ea918690.dll c:\windows\system32\790zac9do5r197.cpl c:\windows\system32\7921spambzt554.ocx c:\windows\system32\7925viz933.ocx c:\windows\system32\794zspy5are1495.ocx c:\windows\system32\7975tzief42.dll c:\windows\system32\79919ot-a-virzs5df.dll c:\windows\system32\799zvir5536.ocx c:\windows\system32\7a51zparse28559.bin c:\windows\system32\7a5zsp9w5re39.exe c:\windows\system32\7a69s5ywaze2975.dll c:\windows\system32\7adz5a9kdoor2885.ocx c:\windows\system32\7az5t9ief1541.dll c:\windows\system32\7caest95lz559.exe c:\windows\system32\7ce2s9arse25z8.dll c:\windows\system32\7d959tea5552z.exe c:\windows\system32\7dac9own5oazer1075.exe c:\windows\system32\7z5spa59e3038.ocx c:\windows\system32\7z969pamb5t2e.bin c:\windows\system32\8355hac9tozl4d7.dll c:\windows\system32\8598vir9z420.cpl c:\windows\system32\8bb5hre9t2029z.exe c:\windows\system32\9557zirus343.exe c:\windows\system32\95797spamzot345.exe c:\windows\system32\oem13.inf c:\windows\system32\oem29.inf c:\windows\system32\z5727s9a5bot569.dll c:\windows\system32\z989downloader540.dll c:\windows\system32\zaebdow9loade52007.exe c:\windows\z0195troj583.bin c:\windows\z1659spa5b9t675.cpl c:\windows\z18dspa9se2815.cpl c:\windows\z294t5oj24e.bin c:\windows\z2998t5oj725.exe c:\windows\z33549py25.dll c:\windows\z3659py7a.bin c:\windows\z42059py9c.ocx c:\windows\z4d7s5eal759.ocx c:\windows\z6529ir1573.dll c:\windows\z690sparse1775.dll c:\windows\z79evi5216.ocx c:\windows\z9451not-5-vir9s5.exe c:\windows\z9997spambot55b9.cpl c:\windows\zac4sp5rse5559.bin ----- BITS: Mulige infiserte sider ----- hxxp://ped-01wsus . ((((((((((((((((((((((((((( Filer Opprettet Fra 2009-08-07 til 2009-09-07 ))))))))))))))))))))))))))))))))) . 2009-12-27 02:59 . 2009-12-27 02:59 8065 ----a-w- c:\windows\system32\9z5evir1461.dll 2009-11-13 08:05 . 2009-11-13 08:05 5995 ----a-w- c:\windows\system32\95143vzru543.dll 2009-09-07 21:47 . 2009-09-07 21:47 -------- d-----w- c:\documents and settings\armnat\Programdata\Malwarebytes 2009-09-07 21:46 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-07 21:46 . 2009-09-07 21:47 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware 2009-09-07 21:46 . 2009-09-07 21:46 -------- d-----w- c:\documents and settings\All Users\Programdata\Malwarebytes 2009-09-07 21:46 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-07 21:15 . 2009-09-07 22:01 -------- d--h--r- c:\documents and settings\armnat\Siste 2009-09-07 20:38 . 2009-09-07 21:15 -------- d-----w- c:\documents and settings\All Users\Programdata\Spybot - Search & Destroy 2009-09-07 20:38 . 2009-09-07 20:40 -------- d-----w- c:\programfiler\Spybot - Search & Destroy 2009-09-07 20:23 . 2009-09-07 20:35 -------- d---a-w- c:\documents and settings\All Users\Programdata\TEMP 2009-09-07 20:10 . 2009-09-07 20:10 5584 ----a-w- c:\windows\system32\c52sz9al2483.bin 2009-09-07 20:10 . 2009-09-07 20:10 5743 ----a-w- c:\windows\system32\939szyware12405.bin 2009-09-06 14:30 . 2009-09-06 14:30 -------- d-----w- c:\documents and settings\armnat\Lokale innstillinger\Programdata\Apple 2009-09-05 14:34 . 2009-09-05 14:34 -------- d-----w- c:\documents and settings\armnat\Lokale innstillinger\Programdata\World in Conflict 2009-09-05 14:21 . 2007-04-04 16:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll 2009-09-05 14:21 . 2007-03-15 14:57 443752 ----a-w- c:\windows\system32\d3dx10_33.dll 2009-09-05 14:21 . 2007-03-12 14:42 1123696 ----a-w- c:\windows\system32\D3DCompiler_33.dll 2009-09-05 14:21 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll 2009-09-05 14:21 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll 2009-09-05 14:08 . 2009-09-05 14:08 -------- d-----w- c:\programfiler\Ubisoft 2009-09-05 14:07 . 2009-09-05 14:07 -------- d-----w- c:\documents and settings\armnat\Programdata\InstallShield 2009-09-02 17:42 . 2009-09-02 17:42 -------- d-----w- c:\documents and settings\armnat\WINDOWS 2009-09-01 17:41 . 2009-09-01 17:48 -------- d-----w- c:\programfiler\Return to Castle Wolfenstein 2009-09-01 07:40 . 2009-09-01 07:40 -------- d-----w- c:\programfiler\Bullfrog 2009-09-01 06:23 . 2009-09-01 06:23 -------- d-----w- c:\documents and settings\armnat\Programdata\Design Science 2009-08-29 20:03 . 2009-08-29 20:03 -------- d-----w- c:\programfiler\Guitar Pro 5 2009-08-29 18:19 . 2009-08-29 18:19 -------- d-----w- c:\programfiler\uTorrent 2009-08-29 18:19 . 2009-09-07 21:57 -------- d-----w- c:\documents and settings\armnat\Programdata\uTorrent 2009-08-29 18:17 . 2009-09-07 21:57 -------- d-----w- c:\programfiler\PeerGuardian2 2009-08-25 08:56 . 2009-08-25 08:56 -------- d-----w- c:\programfiler\Fellesfiler\3DO Shared 2009-08-25 08:55 . 2009-08-25 08:56 -------- d-----w- c:\programfiler\3DO 2009-08-25 08:55 . 2009-08-25 08:55 -------- d-----w- c:\programfiler\directx 2009-08-25 08:54 . 1998-10-02 17:00 327168 ----a-w- c:\windows\IsUninst.exe 2009-08-24 15:38 . 2009-08-24 15:38 -------- d-----w- c:\documents and settings\profil-nr1\Programdata 2009-08-24 11:36 . 2009-08-24 15:26 -------- d-----w- c:\programfiler\DAEMON Tools Lite 2009-08-24 11:29 . 2009-07-03 17:01 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2009-08-24 11:29 . 2009-07-03 17:01 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2009-08-24 10:17 . 2009-08-24 10:17 -------- d-----w- c:\programfiler\Microsoft Games 2009-08-24 10:17 . 2009-08-24 10:17 1700352 ----a-w- c:\windows\system32\gdiplus.dll 2009-08-24 08:35 . 2009-08-24 11:17 -------- d-----w- c:\programfiler\EA GAMES 2009-08-24 08:33 . 2009-08-24 08:33 -------- d-----w- c:\documents and settings\All Users\Programdata\DAEMON Tools Lite 2009-08-24 08:33 . 2009-08-24 08:33 -------- d-----w- c:\programfiler\DAEMON Tools Toolbar 2009-08-24 08:28 . 2009-08-24 08:28 721904 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-08-24 08:28 . 2009-08-24 08:34 -------- d-----w- c:\documents and settings\armnat\Programdata\DAEMON Tools Lite 2009-08-23 22:12 . 2009-08-23 22:12 -------- d-----w- c:\programfiler\Java 2009-08-23 21:57 . 2009-08-23 21:57 -------- d-----w- c:\programfiler\PCB 2009-08-23 10:38 . 2009-08-23 16:55 -------- d-----w- c:\documents and settings\All Users\Programdata\NOS 2009-08-21 08:05 . 2009-08-21 08:05 -------- d-----w- c:\programfiler\Fellesfiler\L&H Shared 2009-08-21 07:49 . 2009-08-21 07:54 -------- d-----w- c:\programfiler\Fellesfiler\Autograph 3 2009-08-21 07:49 . 2009-08-21 07:56 -------- d-----w- c:\programfiler\Autograph 3.20 2009-08-20 20:48 . 2009-08-20 20:48 -------- d-----w- c:\documents and settings\armnat\Programdata\com.raptr.Raptr.848BBC53270CAC248E8FA0F339176201CDEB525F.1 2009-08-20 20:46 . 2009-08-20 20:46 -------- d-----w- c:\programfiler\Fellesfiler\Adobe AIR 2009-08-20 20:45 . 2009-08-20 20:47 -------- d-----w- c:\documents and settings\armnat\Programdata\Raptr 2009-08-20 20:40 . 2009-08-20 20:40 -------- d-----w- c:\documents and settings\armnat\Lokale innstillinger\Programdata\Temp 2009-08-20 20:39 . 2009-08-20 20:39 -------- d-----w- c:\documents and settings\armnat\Lokale innstillinger\Programdata\Google 2009-08-20 20:16 . 2009-08-20 20:16 -------- d-----w- c:\documents and settings\armnat\Lokale innstillinger\Programdata\Apple Computer 2009-08-20 20:16 . 2009-08-24 15:38 -------- d-----w- c:\documents and settings\profil-nr1 2009-08-20 20:16 . 2009-08-20 20:16 -------- d-----w- c:\documents and settings\profil-nr1\Lokale innstillinger 2009-08-20 17:17 . 2009-08-20 17:17 -------- d-----w- c:\documents and settings\armnat\Lokale innstillinger\Programdata\Opera 2009-08-20 17:17 . 2009-08-20 17:17 -------- d-----w- c:\programfiler\Opera 2009-08-20 14:19 . 2009-08-20 14:19 -------- d-----w- c:\documents and settings\armnat\Programdata\Autograph 2009-08-20 10:56 . 2009-09-07 22:07 -------- d-----w- c:\documents and settings\armnat\Tracing 2009-08-20 10:49 . 2009-08-20 10:49 -------- d-----w- c:\programfiler\Microsoft 2009-08-20 10:48 . 2009-08-20 10:48 -------- d-----w- c:\programfiler\Windows Live SkyDrive 2009-08-20 10:48 . 2009-08-20 10:48 -------- d-----w- c:\programfiler\Windows Live 2009-08-20 10:46 . 2009-08-20 10:46 -------- d-----w- c:\programfiler\Fellesfiler\Windows Live 2009-08-20 09:35 . 2009-09-07 21:44 -------- d-----w- c:\documents and settings\armnat\Programdata\vlc 2009-08-20 09:20 . 2009-09-03 11:19 -------- d-----w- c:\documents and settings\armnat\.JxBrowser 2009-08-20 09:14 . 2009-09-06 01:15 -------- d-----w- c:\documents and settings\armnat\Programdata\skypePM 2009-08-20 09:14 . 2009-08-20 09:14 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-08-20 09:13 . 2009-09-06 02:03 -------- d-----w- c:\documents and settings\armnat\Programdata\Skype 2009-08-20 09:13 . 2009-08-20 09:13 -------- d-----w- c:\programfiler\Fellesfiler\Skype 2009-08-20 09:13 . 2009-09-06 14:31 -------- d-----r- c:\programfiler\Skype 2009-08-20 09:13 . 2009-08-20 09:13 -------- d-----w- c:\documents and settings\All Users\Programdata\Skype 2009-08-20 07:28 . 2009-08-24 15:48 -------- d-----w- c:\documents and settings\armnat\Lokale innstillinger\Programdata\Spotify 2009-08-20 07:28 . 2009-08-24 15:48 -------- d-----w- c:\documents and settings\armnat\Programdata\Spotify 2009-08-20 07:28 . 2009-08-20 07:28 -------- d-----w- c:\programfiler\Spotify 2009-08-20 07:13 . 2009-08-20 07:13 -------- d-----w- c:\documents and settings\armnat\Lokale innstillinger\Programdata\Mozilla 2009-08-20 06:58 . 2009-08-29 11:53 -------- d-----w- c:\documents and settings\armnat\Lokale innstillinger\Programdata\Adobe 2009-08-20 06:58 . 2009-08-20 06:58 -------- d-----w- c:\documents and settings\armnat\Lokale innstillinger\Programdata\ATI 2009-08-20 06:58 . 2009-08-20 06:58 -------- d-----w- c:\documents and settings\armnat\Lokale innstillinger\Programdata\Symantec 2009-08-18 07:54 . 2009-08-21 08:10 -------- d-----w- c:\programfiler\Maskin 2009-08-18 07:53 . 2009-08-18 07:53 -------- d-----w- c:\windows\SchCache 2009-08-14 08:18 . 2009-08-14 08:18 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-08-14 07:11 . 2009-08-14 07:11 -------- d-----w- c:\programfiler\CCleaner 2009-08-14 07:08 . 2009-08-14 07:08 -------- d-----w- c:\programfiler\GeoGebra 2009-08-14 07:07 . 2009-08-14 07:08 -------- d--h--w- c:\programfiler\Zero G Registry 2009-08-14 06:53 . 2009-08-14 06:53 -------- d-----w- c:\programfiler\TI Education 2009-08-14 06:49 . 2009-08-14 06:49 -------- d-----w- c:\programfiler\CASIO 2009-08-14 06:49 . 2009-08-14 06:49 40672 ----a-w- c:\windows\system32\drivers\CESG502.SYS 2009-08-14 06:46 . 2009-08-14 06:46 -------- d-----w- c:\programfiler\VideoLAN 2009-08-14 06:17 . 2009-08-14 06:17 -------- d-----w- c:\windows\Kartleggeren 2009-08-12 12:58 . 2009-08-12 12:58 -------- d-----w- c:\documents and settings\All Users\Programdata\ALM 2009-08-12 12:48 . 2008-04-07 03:38 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll 2009-08-12 12:48 . 2008-04-07 03:38 45392 ----a-r- c:\windows\system32\AdobePDF.dll 2009-08-12 12:29 . 2009-08-12 12:29 -------- d-----w- c:\programfiler\Adobe Media Player 2009-08-12 12:17 . 2009-08-12 12:17 -------- d-----w- c:\programfiler\Fellesfiler\Macrovision Shared 2009-08-12 12:07 . 2009-08-12 12:07 -------- d-----w- c:\documents and settings\NetworkService\Lokale innstillinger\Programdata\Google 2009-08-12 12:02 . 2009-08-12 12:02 -------- d-----w- c:\documents and settings\LocalService\Lokale innstillinger\Programdata\Google 2009-08-12 12:02 . 2009-08-20 20:41 -------- d-----w- c:\programfiler\Google 2009-08-12 12:01 . 2009-08-12 12:01 -------- d-----w- c:\programfiler\LSI SoftModem 2009-08-12 12:00 . 2009-08-12 12:00 0 ----a-w- c:\windows\nsreg.dat 2009-08-12 12:00 . 2009-07-10 13:31 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll 2009-08-12 12:00 . 2009-08-12 12:00 -------- d-----w- c:\programfiler\Photo Story 3 for Windows 2009-08-12 11:54 . 2009-08-12 11:54 -------- d-----w- C:\ADOBE_READER_PLUGIN 2009-08-12 11:53 . 2009-08-14 06:43 -------- d-----w- c:\documents and settings\All Users\Programdata\OrdnettPluss 2009-08-12 11:53 . 2009-08-12 11:53 -------- d-----w- c:\programfiler\Kunnskapsforlaget 2009-08-12 11:47 . 2009-08-12 11:47 -------- d-----w- c:\programfiler\Efofex 2009-08-12 11:45 . 2009-08-12 11:45 -------- d-----w- c:\programfiler\MathType 2009-08-12 11:44 . 2009-08-12 11:44 -------- d-----w- c:\programfiler\Fellesfiler\Mikrov 2009-08-12 11:39 . 2009-08-12 11:39 -------- d-----w- c:\windows\speech 2009-08-12 11:37 . 2009-08-12 11:43 -------- d-----w- c:\programfiler\Mikrov . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-07 22:04 . 2009-02-24 20:45 80066 ----a-w- c:\windows\system32\perfc014.dat 2009-09-07 22:04 . 2009-02-24 20:45 444144 ----a-w- c:\windows\system32\perfh014.dat 2009-09-07 22:04 . 2009-03-25 14:09 -------- d-----w- c:\programfiler\Symantec AntiVirus 2009-09-05 14:08 . 2009-02-24 12:40 -------- d--h--w- c:\programfiler\InstallShield Installation Information 2009-08-29 20:05 . 2009-08-20 06:57 75056 ----a-w- c:\documents and settings\armnat\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT 2009-08-23 22:12 . 2009-03-26 12:05 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-08-14 08:34 . 2009-02-24 12:58 74072 ----a-w- c:\documents and settings\Administrator\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT 2009-08-14 06:49 . 2009-02-24 12:40 -------- d-----w- c:\programfiler\Fellesfiler\InstallShield 2009-08-14 06:16 . 2009-03-26 11:50 -------- d-----w- c:\programfiler\Fellesfiler\Adobe 2009-08-14 04:58 . 2009-09-07 20:24 7396 ----a-w- c:\windows\system32\drivers\pctcore.cat 2009-08-05 09:01 . 2009-02-24 20:45 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-08-01 17:07 . 2009-08-01 17:07 6088 ----a-w- c:\windows\system32\zc19pa5se956.bin 2009-07-29 04:38 . 2009-02-24 20:45 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-07-29 04:38 . 2009-02-24 20:44 81920 ----a-w- c:\windows\system32\fontsub.dll 2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- c:\windows\system32\sirenacm.dll 2009-07-21 10:03 . 2009-07-21 10:03 14026 ----a-w- c:\windows\system32\96z12v5rusc2.dll 2009-07-17 19:04 . 2009-02-24 20:44 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-13 21:43 . 2009-02-24 20:45 286208 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-03 17:01 . 2009-02-24 20:45 915456 ----a-w- c:\windows\system32\wininet.dll 2009-06-25 08:27 . 2009-02-24 20:45 54272 ----a-w- c:\windows\system32\wdigest.dll 2009-06-25 08:27 . 2009-02-24 20:45 56832 ----a-w- c:\windows\system32\secur32.dll 2009-06-25 08:27 . 2009-02-24 20:45 147456 ----a-w- c:\windows\system32\schannel.dll 2009-06-25 08:27 . 2009-02-24 20:45 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-06-25 08:27 . 2009-02-24 20:44 730112 ----a-w- c:\windows\system32\lsasrv.dll 2009-06-25 08:27 . 2009-02-24 20:44 301568 ----a-w- c:\windows\system32\kerberos.dll 2009-06-24 11:18 . 2009-02-24 20:44 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2009-06-15 10:45 . 2009-02-24 20:45 76800 ----a-w- c:\windows\system32\telnet.exe 2009-06-15 10:45 . 2009-02-24 20:45 80896 ----a-w- c:\windows\system32\tlntsess.exe 2009-06-10 14:16 . 2009-02-24 20:44 84992 ----a-w- c:\windows\system32\avifil32.dll 2009-06-10 07:22 . 2009-02-24 11:59 2066432 ----a-w- c:\windows\system32\mstscax.dll 2009-06-10 06:16 . 2009-02-24 20:45 132096 ----a-w- c:\windows\system32\wkssvc.dll . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PeerGuardian"="c:\programfiler\PeerGuardian2\pg2.exe" [2007-01-29 1432064] "uTorrent"="c:\programfiler\uTorrent\uTorrent.exe" [2009-09-07 288560] "msnmsgr"="c:\programfiler\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QlbCtrl.exe"="c:\programfiler\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 177456] "SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1310720] "WatchDog"="c:\programfiler\InterVideo\DVD Check\DVDCheck.exe" [2008-05-23 197904] "ccApp"="c:\programfiler\Fellesfiler\Symantec Shared\ccApp.exe" [2008-06-24 53096] "vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2008-09-30 125368] "Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "QuickTime Task"="c:\programfiler\QuickTime\qttask.exe" [2009-01-05 413696] "TkBellExe"="c:\programfiler\Fellesfiler\Real\Update_OB\realsched.exe" [2009-03-26 198160] "Windows Defender"="c:\programfiler\Windows Defender\MSASCui.exe" [2006-11-03 866584] "SoundMAXPnP"="c:\programfiler\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1044480] "StartCCC"="c:\programfiler\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-17 61440] "AdobeCS4ServiceManager"="c:\programfiler\Fellesfiler\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "Adobe Acrobat Speed Launcher"="c:\programfiler\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232] "Acrobat Assistant 8.0"="c:\programfiler\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376] "Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143360] "SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2009-08-23 149280] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\ DVD Check.lnk - c:\programfiler\InterVideo\DVD Check\DVDCheck.exe [2009-2-24 197904] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "HideShutdownScripts"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoWelcomeScreen"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "DisablePersonalDirChange"= 1 (0x1) "ForceStartMenuLogOff"= 1 (0x1) "NoPublishingWizard"= 0 (0x0) "NoWebServices"= 0 (0x0) "NoOnlinePrintsWizard"= 0 (0x0) "DisallowCpl"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-489248529-1699838375-1845911597-356567\Scripts\Logon\0\0] "Script"=Sym2Server.bat [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-489248529-1699838375-1845911597-356567\Scripts\Logon\1\0] "Script"=OYG_elev.bat [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programfiler\\Spotify\\spotify.exe"= "c:\\Programfiler\\uTorrent\\uTorrent.exe"= "c:\\Programfiler\\Ubisoft\\World in Conflict\\wic.exe"= "c:\\Programfiler\\Ubisoft\\World in Conflict\\wic_online.exe"= "c:\\Programfiler\\Ubisoft\\World in Conflict\\wic_ds.exe"= "c:\\Programfiler\\Skype\\Phone\\Skype.exe"= R0 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [24.02.2009 22:48 174600] R0 Amddfltr;Amd Disk Lower Filter Driver;c:\windows\system32\drivers\Amddfltr.sys [24.02.2009 15:05 15416] R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [28.03.2008 11:14 24064] R2 SavRoam;SAVRoam;c:\programfiler\Symantec AntiVirus\SavRoam.exe [30.09.2008 18:41 116664] R2 WinDefend;Windows Defender;c:\programfiler\Windows Defender\MsMpEng.exe [03.11.2006 20:19 13592] R3 Com4QLBEx;Com4QLBEx;c:\programfiler\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [24.02.2009 15:20 222512] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programfiler\Fellesfiler\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [29.08.2009 00:24 102448] R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [23.07.2008 12:31 44800] S2 gupdate;Google Update Service (gupdate);c:\programfiler\Google\Update\GoogleUpdate.exe [12.08.2009 14:02 133104] S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\programfiler\Fellesfiler\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [15.08.2008 05:46 284016] S3 PVUSB;CESG502 USB Driver;c:\windows\system32\drivers\CESG502.SYS [14.08.2009 08:49 40672] --- Andre tjenester/drivere lastet i minnet --- *Deregistered* - uphcleanhlp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2009-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\programfiler\Google\Update\GoogleUpdate.exe [2009-08-12 12:02] 2009-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\programfiler\Google\Update\GoogleUpdate.exe [2009-08-12 12:02] 2009-09-07 c:\windows\Tasks\MP Scheduled Scan.job - c:\programfiler\Windows Defender\MpCmdRun.exe [2006-11-03 18:20] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://oyg.hfk.no IE: Append Link Target to Existing PDF - c:\programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\armnat\Programdata\Mozilla\Firefox\Profiles\v1xjd7wm.default\ FF - prefs.js: network.proxy.type - 2 FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nppl3260.dll FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprjplug.dll FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprpjplug.dll FF - plugin: c:\programfiler\Google\Update\1.2.183.7\npGoogleOneClick8.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-09-08 00:22 Windows 5.1.2600 Service Pack 3 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'winlogon.exe'(788) c:\windows\system32\Ati2evxx.dll c:\programfiler\Fellesfiler\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . Tidspunkt ferdig: 2009-09-07 0:24 ComboFix-quarantined-files.txt 2009-09-07 22:24 Pre-Run: 106 412 888 064 byte ledig Post-Run: 106 452 529 152 byte ledig 954 --- E O F --- 2009-09-07 22:00