ComboFix 09-12-04.05 - Numan 07.12.2009 23:39.2.1 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.47.1044.18.958.430 [GMT 1:00] Kjører fra: c:\users\Numan\Desktop\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} AV: Norton Internet Security *On-access scanning enabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} SP: AntiVir Desktop *disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} SP: Norton Internet Security *enabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((( Filer Opprettet Fra 2009-11-07 til 2009-12-07 ))))))))))))))))))))))))))))))))) . 2009-12-07 22:50 . 2009-12-07 22:51 -------- d-----w- c:\users\Numan\AppData\Local\temp 2009-12-07 22:50 . 2009-12-07 22:50 -------- d-----w- c:\users\Public\AppData\Local\temp 2009-12-07 22:50 . 2009-12-07 22:50 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-12-07 22:25 . 2009-12-07 22:25 100648 ----a-w- c:\windows\system32\drivers\tsk_nvstor32.sys 2009-12-07 22:25 . 2009-12-07 22:25 16904 ----a-w- c:\windows\system32\drivers\KLMD.sys 2009-12-07 22:01 . 2009-12-07 22:01 -------- d-----w- c:\windows\system32\Adobe 2009-12-05 15:02 . 2009-12-05 15:02 -------- d-----w- c:\users\Numan\AppData\Roaming\Malwarebytes 2009-12-05 15:02 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-05 15:02 . 2009-12-05 15:02 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-05 15:02 . 2009-12-05 15:02 -------- d-----w- c:\programdata\Malwarebytes 2009-12-05 15:02 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-05 14:21 . 2009-12-05 14:21 2048 ----a-w- c:\windows\system32\msxml3r.dll 2009-12-05 14:21 . 2009-12-05 14:21 1260032 ----a-w- c:\windows\system32\msxml3.dll 2009-12-05 14:21 . 2009-12-05 14:21 2048 ----a-w- c:\windows\system32\msxml6r.dll 2009-12-05 14:21 . 2009-12-05 14:21 1406464 ----a-w- c:\windows\system32\msxml6.dll 2009-12-05 14:21 . 2009-12-05 14:21 2048 ----a-w- c:\windows\system32\tzres.dll 2009-12-05 14:19 . 2009-12-05 14:19 2031104 ----a-w- c:\windows\system32\win32k.sys 2009-12-05 14:19 . 2009-12-05 14:19 321536 ----a-w- c:\windows\system32\WSDApi.dll 2009-12-01 23:21 . 2009-10-25 18:00 57344 ----a-w- c:\programdata\Artweaver\1.0\Updater\Artweaver.exe 2009-12-01 23:21 . 2009-10-25 18:00 425984 ----a-w- c:\programdata\Artweaver\1.0\Updater\Update.dll 2009-12-01 23:21 . 2009-12-01 23:21 -------- d-----w- c:\users\Numan\AppData\Roaming\Artweaver 2009-12-01 23:21 . 2009-12-01 23:21 -------- d-----w- c:\programdata\Artweaver 2009-12-01 23:21 . 2009-12-01 23:21 4096 d-----w- c:\program files\Artweaver 1.0 2009-11-26 23:01 . 2009-11-26 23:01 -------- d-----w- c:\users\Numan\AppData\Local\MetaGeek,_LLC 2009-11-26 22:59 . 2009-11-26 22:59 45126 ----a-r- c:\users\Numan\AppData\Roaming\Microsoft\Installer\{9B7CAA1E-D2D2-40E8-8FA4-3B8FCC9B305B}\_AC2C7DBB7247109F093633.exe 2009-11-26 22:59 . 2009-11-26 22:59 45126 ----a-r- c:\users\Numan\AppData\Roaming\Microsoft\Installer\{9B7CAA1E-D2D2-40E8-8FA4-3B8FCC9B305B}\_6FEFF9B68218417F98F549.exe 2009-11-26 22:59 . 2009-11-26 22:59 -------- d-----w- c:\program files\MetaGeek 2009-11-25 22:50 . 2009-11-25 22:51 -------- d-----w- c:\users\Numan\AppData\Roaming\dvdcss 2009-11-25 19:52 . 2009-11-25 19:52 4096 d-----w- c:\users\Numan\mine mottatte filer 2009-11-25 19:10 . 2009-11-25 19:40 4096 d-----w- C:\Manna 2009-11-25 19:03 . 2009-11-25 19:03 53472 ----a-w- c:\windows\system32\wuauclt.exe 2009-11-25 19:03 . 2009-11-25 19:03 44768 ----a-w- c:\windows\system32\wups2.dll 2009-11-25 19:03 . 2009-11-25 19:03 2421760 ----a-w- c:\windows\system32\wucltux.dll 2009-11-25 19:03 . 2009-11-25 19:03 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2009-11-25 19:02 . 2009-11-25 19:02 87552 ----a-w- c:\windows\system32\wudriver.dll 2009-11-25 19:02 . 2009-11-25 19:02 575704 ----a-w- c:\windows\system32\wuapi.dll 2009-11-25 19:02 . 2009-11-25 19:02 35552 ----a-w- c:\windows\system32\wups.dll 2009-11-25 19:02 . 2009-11-25 19:02 171608 ----a-w- c:\windows\system32\wuwebv.dll 2009-11-25 19:02 . 2009-11-25 19:02 33792 ----a-w- c:\windows\system32\wuapp.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-07 22:33 . 2006-11-21 05:16 79408 ----a-w- c:\windows\system32\perfc014.dat 2009-12-07 22:33 . 2006-11-21 05:16 476858 ----a-w- c:\windows\system32\perfh014.dat 2009-12-07 22:29 . 2009-10-22 19:49 35291 ----a-w- c:\users\Numan\AppData\Roaming\nvModes.dat 2009-12-07 22:28 . 2006-12-22 05:28 100648 ----a-w- c:\windows\system32\drivers\nvstor32.sys 2009-12-07 22:01 . 2007-05-27 08:01 -------- d-----w- c:\program files\Common Files\Adobe 2009-12-07 21:32 . 2009-10-29 16:55 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-12-07 00:27 . 2009-10-25 14:47 8192 d-----w- c:\users\Numan\AppData\Roaming\BitTorrent 2009-12-07 00:25 . 2009-10-22 19:27 4096 d-----w- c:\users\Numan\AppData\Roaming\vlc 2009-11-02 19:42 . 2009-10-22 20:42 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-10-29 16:55 . 2009-10-29 16:55 -------- d-----w- c:\programdata\Avira 2009-10-29 16:55 . 2009-10-29 16:55 -------- d-----w- c:\program files\Avira 2009-10-28 20:24 . 2007-05-27 08:27 -------- d-----w- c:\program files\Java 2009-10-27 09:05 . 2009-10-22 17:59 85864 ----a-w- c:\users\Numan\AppData\Local\GDIPFONTCACHEV1.DAT 2009-10-26 13:09 . 2007-05-27 07:25 4096 d-----w- c:\programdata\Roxio 2009-10-25 14:47 . 2009-10-25 14:47 -------- d-----w- c:\program files\BitTorrent 2009-10-25 12:26 . 2009-10-24 13:08 4096 d-----w- c:\program files\Microsoft Silverlight 2009-10-25 12:23 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail 2009-10-25 12:22 . 2009-10-25 12:22 268800 ----a-w- c:\windows\system32\es.dll 2009-10-25 12:22 . 2009-10-25 12:22 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2 2009-10-25 12:21 . 2007-05-27 07:45 28672 d-----w- c:\program files\Microsoft Works 2009-10-24 23:40 . 2007-05-27 07:22 -------- d-----w- c:\programdata\Sonic 2009-10-24 23:40 . 2009-10-24 23:40 -------- d-----w- c:\users\Numan\AppData\Roaming\Roxio 2009-10-24 13:08 . 2009-10-24 13:02 4096 d-----w- c:\program files\Windows Live 2009-10-24 13:07 . 2009-10-24 13:07 -------- d-----w- c:\program files\Microsoft Sync Framework 2009-10-24 13:05 . 2009-10-24 13:05 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2009-10-24 13:04 . 2009-10-24 13:04 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll 2009-10-24 13:04 . 2009-10-24 13:04 347648 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2009-10-24 13:02 . 2009-10-24 13:02 -------- d-----w- c:\program files\Microsoft 2009-10-24 13:02 . 2009-10-24 13:02 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-10-24 12:59 . 2009-10-24 12:59 -------- d-----w- c:\program files\Common Files\Windows Live 2009-10-23 13:42 . 2009-10-23 13:40 4096 d-----w- c:\users\Numan\AppData\Roaming\Apple Computer 2009-10-23 13:41 . 2009-10-23 13:34 -------- d-----w- c:\programdata\Apple 2009-10-23 13:40 . 2009-10-23 13:39 4096 d-----w- c:\program files\iTunes 2009-10-23 13:40 . 2009-10-23 13:39 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-10-23 13:39 . 2009-10-23 13:39 -------- d-----w- c:\program files\iPod 2009-10-23 13:39 . 2009-10-23 13:34 -------- d-----w- c:\program files\Common Files\Apple 2009-10-23 13:39 . 2009-10-23 13:37 -------- d-----w- c:\programdata\Apple Computer 2009-10-23 13:38 . 2009-10-23 13:38 -------- d-----w- c:\program files\Bonjour 2009-10-23 13:38 . 2009-10-23 13:37 4096 d-----w- c:\program files\QuickTime 2009-10-23 13:36 . 2009-10-23 13:36 4096 d-----w- c:\program files\Apple Software Update 2009-10-23 09:48 . 2009-10-23 09:48 87040 ----a-w- c:\windows\system32\msoert2.dll 2009-10-23 09:48 . 2009-10-23 09:48 39424 ----a-w- c:\windows\system32\ACCTRES.dll 2009-10-23 09:48 . 2009-10-23 09:48 205824 ----a-w- c:\windows\system32\msoeacct.dll 2009-10-23 09:46 . 2009-10-23 09:46 84480 ----a-w- c:\windows\system32\INETRES.dll 2009-10-23 09:46 . 2009-10-23 09:46 737792 ----a-w- c:\windows\system32\inetcomm.dll 2009-10-22 20:55 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar 2009-10-22 20:55 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-10-22 20:51 . 2009-10-22 20:51 61440 ----a-w- c:\windows\system32\winipsec.dll 2009-10-22 20:51 . 2009-10-22 20:51 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll 2009-10-22 20:51 . 2009-10-22 20:51 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL 2009-10-22 20:51 . 2009-10-22 20:51 272896 ----a-w- c:\windows\system32\polstore.dll 2009-10-22 20:48 . 2009-10-22 20:48 194560 ----a-w- c:\windows\system32\WebClnt.dll 2009-10-22 20:48 . 2009-10-22 20:48 110080 ----a-w- c:\windows\system32\drivers\mrxdav.sys 2009-10-22 20:47 . 2009-10-22 20:47 47104 ----a-w- c:\windows\system32\wlanapi.dll 2009-10-22 20:47 . 2009-10-22 20:47 123904 ----a-w- c:\windows\system32\L2SecHC.dll 2009-10-22 20:47 . 2009-10-22 20:47 67584 ----a-w- c:\windows\system32\wlanhlp.dll 2009-10-22 20:47 . 2009-10-22 20:47 502272 ----a-w- c:\windows\system32\wlansvc.dll 2009-10-22 20:47 . 2009-10-22 20:47 297984 ----a-w- c:\windows\system32\wlansec.dll 2009-10-22 20:47 . 2009-10-22 20:47 290816 ----a-w- c:\windows\system32\wlanmsm.dll 2009-10-22 20:45 . 2009-10-22 20:45 72704 ----a-w- c:\windows\system32\fontsub.dll 2009-10-22 20:45 . 2009-10-22 20:45 34304 ----a-w- c:\windows\system32\atmlib.dll 2009-10-22 20:45 . 2009-10-22 20:45 289792 ----a-w- c:\windows\system32\atmfd.dll 2009-10-22 20:45 . 2009-10-22 20:45 24064 ----a-w- c:\windows\system32\lpk.dll 2009-10-22 20:45 . 2009-10-22 20:45 156160 ----a-w- c:\windows\system32\t2embed.dll 2009-10-22 20:45 . 2009-10-22 20:45 10240 ----a-w- c:\windows\system32\dciman32.dll 2009-10-22 20:44 . 2009-10-22 20:44 216576 ----a-w- c:\windows\system32\msv1_0.dll 2009-10-22 20:42 . 2009-10-22 20:42 49664 ----a-w- c:\windows\system32\csrsrv.dll 2009-10-22 20:42 . 2009-10-22 20:42 376320 ----a-w- c:\windows\system32\winsrv.dll 2009-10-22 20:41 . 2009-10-22 20:41 98816 ----a-w- c:\windows\system32\mfps.dll 2009-10-22 20:41 . 2009-10-22 20:41 52736 ----a-w- c:\windows\system32\rrinstaller.exe 2009-10-22 20:41 . 2009-10-22 20:41 2855424 ----a-w- c:\windows\system32\mf.dll 2009-10-22 20:41 . 2009-10-22 20:41 2048 ----a-w- c:\windows\system32\mferror.dll 2009-10-22 20:41 . 2009-10-22 20:41 24576 ----a-w- c:\windows\system32\mfpmp.exe 2009-10-22 20:39 . 2009-10-22 20:39 376832 ----a-w- c:\windows\system32\winhttp.dll 2009-10-22 20:36 . 2009-10-22 20:36 72704 ----a-w- c:\windows\system32\admparse.dll 2009-10-22 20:36 . 2009-10-22 20:36 832512 ----a-w- c:\windows\system32\wininet.dll 2009-10-22 20:36 . 2009-10-22 20:36 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-10-22 20:36 . 2009-10-22 20:36 48128 ----a-w- c:\windows\system32\mshtmler.dll 2009-10-22 20:36 . 2009-10-22 20:36 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-10-22 20:36 . 2009-10-22 20:36 56320 ----a-w- c:\windows\system32\iesetup.dll 2009-10-22 20:34 . 2009-10-22 20:34 71680 ----a-w- c:\windows\system32\atl.dll 2009-10-22 20:33 . 2009-10-22 20:33 297472 ----a-w- c:\windows\system32\gdi32.dll 2009-10-22 20:31 . 2009-10-22 20:31 3502152 ----a-w- c:\windows\system32\ntkrnlpa.exe 2009-10-22 20:31 . 2009-10-22 20:31 3467864 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-10-22 20:30 . 2009-10-22 20:30 211456 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2009-10-22 20:29 . 2009-10-22 20:29 500736 ----a-w- c:\windows\system32\msdtcprx.dll 2009-10-22 20:29 . 2009-10-22 20:29 30208 ----a-w- c:\windows\system32\xolehlp.dll 2009-10-22 20:28 . 2009-10-22 20:28 156160 ----a-w- c:\windows\system32\wkssvc.dll 2009-10-22 20:27 . 2009-10-22 20:27 36352 ----a-w- c:\windows\system32\tsgqec.dll 2009-10-22 20:27 . 2009-10-22 20:27 1871872 ----a-w- c:\windows\system32\mstscax.dll 2009-10-22 20:27 . 2009-10-22 20:27 116736 ----a-w- c:\windows\system32\aaclient.dll 2009-10-22 20:26 . 2009-10-22 20:26 303616 ----a-w- c:\windows\system32\wmpeffects.dll 2009-10-22 20:24 . 2009-10-22 20:24 414208 ----a-w- c:\windows\system32\msscp.dll 2009-10-22 20:23 . 2009-10-22 20:23 392192 ----a-w- c:\windows\system32\FirewallAPI.dll 2009-10-22 20:23 . 2009-10-22 20:23 86016 ----a-w- c:\windows\system32\icfupgd.dll 2009-10-22 20:23 . 2009-10-22 20:23 63488 ----a-w- c:\windows\system32\drivers\mpsdrv.sys 2009-10-22 20:23 . 2009-10-22 20:23 396800 ----a-w- c:\windows\system32\MPSSVC.dll 2009-10-22 20:23 . 2009-10-22 20:23 16896 ----a-w- c:\windows\system32\wfapigp.dll 2009-10-22 20:23 . 2009-10-22 20:23 61952 ----a-w- c:\windows\system32\cmifw.dll 2009-10-22 20:23 . 2009-10-22 20:23 23040 ----a-w- c:\windows\system32\drivers\tunnel.sys . ((((((((((((((((((((((((((((( SnapShot@2009-12-05_15.37.08 ))))))))))))))))))))))))))))))))))))))))) . + 2007-05-27 07:13 . 2009-12-07 22:31 35410 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2006-11-02 13:05 . 2009-12-07 22:31 49422 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2009-10-22 17:50 . 2009-12-05 15:12 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-10-22 17:50 . 2009-12-07 22:20 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-10-22 17:50 . 2009-12-07 22:20 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-10-22 17:50 . 2009-12-05 15:12 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-10-22 17:50 . 2009-12-05 15:12 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-10-22 17:50 . 2009-12-07 22:20 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-10-28 16:43 . 2009-10-28 16:43 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-10-28 16:43 . 2009-12-05 15:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-10-28 16:43 . 2009-12-05 15:12 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-10-28 16:43 . 2009-10-28 16:43 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-10-28 16:43 . 2009-12-05 15:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-10-28 16:43 . 2009-10-28 16:43 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-10-22 17:53 . 2009-12-07 22:31 5556 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2812869977-1322422075-365926359-1000_UserData.bin - 2009-10-22 17:53 . 2009-12-05 15:14 5556 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2812869977-1322422075-365926359-1000_UserData.bin + 2009-12-07 19:14 . 2009-12-07 19:14 9560 c:\windows\System32\networklist\icons\{143A5C6E-4EE0-4793-849F-EC811E41CBE7}_48.bin + 2009-12-07 19:14 . 2009-12-07 19:14 4280 c:\windows\System32\networklist\icons\{143A5C6E-4EE0-4793-849F-EC811E41CBE7}_32.bin + 2009-12-07 19:14 . 2009-12-07 19:14 2456 c:\windows\System32\networklist\icons\{143A5C6E-4EE0-4793-849F-EC811E41CBE7}_24.bin - 2009-12-05 15:12 . 2009-12-05 15:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-12-07 22:28 . 2009-12-07 22:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2009-12-05 15:12 . 2009-12-05 15:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-12-07 22:28 . 2009-12-07 22:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2006-11-02 10:33 . 2009-12-07 22:33 610142 c:\windows\System32\perfh009.dat - 2006-11-02 10:33 . 2009-12-05 15:17 610142 c:\windows\System32\perfh009.dat - 2006-11-02 10:33 . 2009-12-05 15:17 103924 c:\windows\System32\perfc009.dat + 2006-11-02 10:33 . 2009-12-07 22:33 103924 c:\windows\System32\perfc009.dat . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-10-22 1232896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-02-26 90191] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-02-26 7770112] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-02-26 81920] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392] "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-03-06 180224] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" [2007-05-27 77824] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-12-03 1394000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-07 44128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk backup=c:\windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Hurtigstart for Adobe Reader.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Hurtigstart for Adobe Reader.lnk backup=c:\windows\pss\Hurtigstart for Adobe Reader.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [29.10.2009 17:55 108289] S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [24.10.2009 14:08 54632] S3 fsssvc;Windows Live Tryggere for familien-tjenesten;c:\program files\Windows Live\Family Safety\fsssvc.exe [05.08.2009 21:48 704864] --- Andre tjenester/drivere lastet i minnet --- *NewlyCreated* - KLMD_SYSTEM *Deregistered* - KLMD_System . . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.google.no/ mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NB_NO&c=73&bd=PRESARIO&pf=laptop uInternet Settings,ProxyOverride = *.local IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-07 23:50 Windows 6.0.6000 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- LÅSTE REGISTERNØKLER --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Tidspunkt ferdig: 2009-12-07 23:54 ComboFix-quarantined-files.txt 2009-12-07 22:53 ComboFix2.txt 2009-12-05 15:41 Pre-Run: 9 470 713 856 byte ledig Post-Run: 9 241 096 192 byte ledig - - End Of File - - A6686BFA29764D24A5E927085E673D98