ComboFix 09-12-19.04 - Rune Andre 21.12.2009 0:36.2.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.1471.1051 [GMT 1:00] Kjører fra: c:\documents and settings\Rune Andre\Skrivebord\ComboFix.exe AV: Norton 360 Premier Edition *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 Premier Edition *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !! . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivere/Tjenester ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_BHDRVX86 -------\Service_BHDrvx86 ((((((((((((((((((((((((((( Filer Opprettet Fra 2009-11-20 til 2009-12-20 ))))))))))))))))))))))))))))))))) . 2009-12-20 23:39 . 2009-12-11 19:25 165240 ----a-r- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll 2009-12-20 23:31 . 2009-12-20 23:31 -------- d--h--r- c:\documents and settings\Rune Andre\Siste 2009-12-20 23:11 . 2009-12-11 01:29 84912 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091220.004\NAVENG.SYS 2009-12-20 23:11 . 2009-12-11 01:29 177520 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091220.004\NAVENG32.DLL 2009-12-20 23:11 . 2009-12-11 01:29 1647984 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091220.004\NAVEX32A.DLL 2009-12-20 23:11 . 2009-12-11 01:29 1323568 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091220.004\NAVEX15.SYS 2009-12-20 23:11 . 2009-12-11 01:29 371248 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091220.004\EECTRL.SYS 2009-12-20 23:11 . 2009-12-11 01:29 2747440 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091220.004\CCERASER.DLL 2009-12-20 23:11 . 2009-12-11 01:29 259440 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091220.004\ECMSVR32.DLL 2009-12-20 23:11 . 2009-12-11 01:29 102448 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091220.004\ERASER.SYS 2009-12-20 07:45 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217.002\Scxpx86.dll 2009-12-20 07:45 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217.002\IDSvix86.sys 2009-12-20 07:45 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217.002\IDSXpx86.sys 2009-12-20 07:45 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217.002\IDSxpx86.dll 2009-12-20 07:45 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217.002\IDSviA64.sys 2009-12-12 10:49 . 2009-12-12 10:53 -------- d-----w- c:\programfiler\Legacy 2009-12-12 10:37 . 2009-12-12 10:37 -------- d-----w- c:\documents and settings\Rune Andre\Lokale innstillinger\Programdata\Thunderbird 2009-12-12 10:37 . 2009-12-12 10:37 -------- d-----w- c:\documents and settings\Rune Andre\Programdata\Thunderbird 2009-12-12 10:22 . 2009-12-12 10:22 1 ----a-w- c:\documents and settings\Rune Andre\Programdata\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2009-12-12 10:21 . 2009-12-12 10:21 -------- d-----w- c:\documents and settings\Rune Andre\Programdata\OpenOffice.org 2009-12-12 10:18 . 2009-12-12 10:18 -------- d-----w- c:\programfiler\JRE 2009-12-12 10:18 . 2009-12-12 10:18 -------- d-----w- c:\programfiler\OpenOffice.org 3 2009-12-12 10:18 . 2009-12-12 10:17 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-12-12 10:17 . 2009-12-12 10:17 -------- d-----w- c:\programfiler\Java 2009-12-12 07:59 . 2009-12-12 07:59 -------- d-----w- c:\documents and settings\Rune Andre\Programdata\vlc 2009-12-12 07:58 . 2009-12-12 07:58 -------- d-----w- c:\programfiler\VideoLAN 2009-12-12 07:57 . 2009-12-12 07:57 -------- d-----w- c:\documents and settings\Rune Andre\Programdata\Canneverbe_Limited 2009-12-12 07:57 . 2009-12-12 07:57 -------- d-----w- c:\documents and settings\All Users\Programdata\Canneverbe Limited 2009-12-12 07:56 . 2009-09-28 20:57 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2009-12-12 07:56 . 2009-12-12 10:16 -------- d-----w- c:\programfiler\CDBurnerXP 2009-12-12 07:35 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll 2009-12-12 07:32 . 2009-12-12 07:34 -------- d-----w- c:\windows\system32\XPSViewer 2009-12-12 07:32 . 2009-12-12 07:32 -------- d-----w- c:\programfiler\MSBuild 2009-12-12 07:32 . 2009-12-12 07:32 -------- d-----w- c:\programfiler\Reference Assemblies 2009-12-12 07:31 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll 2009-12-12 07:31 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-12-12 07:31 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-12-12 07:31 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-12-12 07:31 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2009-12-12 07:31 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-12-12 07:31 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2009-12-12 07:31 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2009-12-12 07:31 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-12-12 07:19 . 2009-12-12 07:19 -------- d-----w- C:\archive_db 2009-12-12 07:18 . 2009-12-12 07:18 -------- d-----w- c:\documents and settings\All Users\Programdata\Paragon 2009-12-12 06:52 . 2009-09-30 14:03 40560 ----a-w- c:\windows\system32\drivers\hotcore3.sys 2009-12-12 06:51 . 2009-12-12 06:51 -------- d-----w- c:\programfiler\Paragon Software 2009-12-12 02:10 . 2009-12-12 02:10 -------- d-----w- c:\documents and settings\All Users\Programdata\Symantec 2009-12-11 23:27 . 2009-12-11 23:27 4844296 ----a-w- c:\documents and settings\All Users\Programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-12-11 23:09 . 2009-12-12 07:57 12328 ----a-w- c:\documents and settings\Rune Andre\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT 2009-12-11 21:21 . 2008-04-13 10:45 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys 2009-12-11 20:53 . 2009-12-11 20:53 -------- d-sh--w- c:\documents and settings\Rune Andre\IECompatCache 2009-12-11 20:53 . 2009-12-11 20:53 -------- d-sh--w- c:\documents and settings\Rune Andre\PrivacIE 2009-12-11 20:52 . 2009-12-11 20:52 -------- d-sh--w- c:\documents and settings\Rune Andre\IETldCache 2009-12-11 20:46 . 2009-10-29 07:45 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2009-12-11 20:46 . 2009-10-29 07:45 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2009-12-11 20:46 . 2009-10-29 07:45 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll 2009-12-11 20:46 . 2009-10-29 07:45 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll 2009-12-11 20:46 . 2009-10-29 07:45 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2009-12-11 20:46 . 2009-10-29 07:45 11069952 -c----w- c:\windows\system32\dllcache\ieframe.dll 2009-12-11 20:46 . 2009-12-11 20:46 -------- d-----w- c:\windows\ie8updates 2009-12-11 20:46 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll 2009-12-11 20:45 . 2009-12-11 20:46 -------- dc-h--w- c:\windows\ie8 2009-12-11 20:19 . 2009-08-04 22:00 2190976 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe 2009-12-11 20:19 . 2009-08-04 17:30 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-12-11 20:19 . 2009-08-04 17:30 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe 2009-12-11 20:18 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2009-12-11 20:16 . 2008-06-14 17:36 272256 -c----w- c:\windows\system32\dllcache\bthport.sys 2009-12-11 20:16 . 2008-06-14 17:36 272256 ------w- c:\windows\system32\drivers\bthport.sys 2009-12-11 20:12 . 2009-01-07 17:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2009-12-11 20:12 . 2009-12-11 20:56 -------- d--h--w- c:\windows\$hf_mig$ 2009-12-11 20:06 . 2009-12-11 20:06 -------- d-sh--w- c:\documents and settings\Rune Andre\UserData 2009-12-11 20:02 . 2005-07-08 10:08 81920 ----a-w- c:\windows\system32\SynTPCo2.dll 2009-12-11 20:02 . 2005-07-08 10:06 69722 ----a-w- c:\windows\system32\SynTPFcs.dll 2009-12-11 20:02 . 2005-07-08 09:55 90202 ----a-w- c:\windows\system32\SynTPAPI.dll 2009-12-11 20:02 . 2005-07-08 09:54 114688 ----a-w- c:\windows\system32\SynCtrl.dll 2009-12-11 20:02 . 2005-07-08 09:54 82013 ----a-w- c:\windows\system32\SynCOM.dll 2009-12-11 20:02 . 2005-07-08 09:52 190560 ----a-w- c:\windows\system32\drivers\SynTP.sys 2009-12-11 20:02 . 2009-12-11 20:02 -------- d-----w- c:\programfiler\Synaptics 2009-12-11 20:02 . 2001-08-17 20:57 16128 -c--a-w- c:\windows\system32\dllcache\modemcsa.sys 2009-12-11 20:02 . 2001-08-17 20:57 16128 ----a-w- c:\windows\system32\drivers\MODEMCSA.sys 2009-12-11 20:02 . 2001-10-06 13:02 175104 -c--a-w- c:\windows\system32\dllcache\csamsp.dll 2009-12-11 20:02 . 2001-10-06 13:02 175104 ----a-w- c:\windows\system32\csamsp.dll 2009-12-11 20:00 . 2009-12-11 20:00 -------- d-----w- c:\programfiler\Realtek AC97 2009-12-11 20:00 . 2005-08-19 16:31 3644800 ----a-w- c:\windows\system32\drivers\ALCXWDM.SYS 2009-12-11 20:00 . 2005-08-17 17:39 90112 ----a-w- c:\windows\SOUNDMAN.EXE 2009-12-11 20:00 . 2004-09-07 13:23 156672 ----a-w- c:\windows\system32\RTLCPAPI.dll 2009-12-11 20:00 . 2005-08-17 17:21 10458112 ----a-w- c:\windows\system32\RTLCPL.EXE 2009-12-11 20:00 . 2005-07-15 15:48 40960 ----a-w- c:\windows\system32\ChCfg.exe 2009-12-11 20:00 . 2005-08-12 17:40 307200 ----a-w- c:\windows\alcupd.exe 2009-12-11 20:00 . 2005-08-12 16:35 212992 ----a-w- c:\windows\alcrmv.exe 2009-12-11 20:00 . 2005-07-27 12:54 1273 ----a-w- c:\windows\system32\drivers\alcxinit.dat 2009-12-11 20:00 . 2009-12-11 20:00 -------- d-----w- c:\programfiler\S3 . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-20 07:48 . 2009-12-11 19:07 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-12-12 10:37 . 2009-12-11 19:54 -------- d-----w- c:\programfiler\Mozilla Thunderbird 2009-12-12 07:51 . 2008-04-15 12:00 76006 ----a-w- c:\windows\system32\perfc014.dat 2009-12-12 07:51 . 2008-04-15 12:00 436214 ----a-w- c:\windows\system32\perfh014.dat 2009-12-11 23:28 . 2009-12-11 19:41 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware 2009-12-11 20:34 . 2009-12-11 19:25 -------- d-----w- c:\programfiler\Fellesfiler\Symantec Shared 2009-12-11 20:02 . 2009-12-11 19:59 -------- d-----w- c:\programfiler\Fellesfiler\InstallShield 2009-12-11 20:00 . 2009-12-11 19:59 -------- d--h--w- c:\programfiler\InstallShield Installation Information 2009-12-11 19:59 . 2009-12-11 19:59 -------- d-----w- c:\programfiler\VIA 2009-12-11 19:51 . 2009-12-11 19:51 -------- d-----w- c:\documents and settings\Rune Andre\Programdata\IObit 2009-12-11 19:51 . 2009-12-11 19:51 -------- d-----w- c:\programfiler\IObit 2009-12-11 19:50 . 2009-12-11 19:50 0 ----a-w- c:\windows\nsreg.dat 2009-12-11 19:49 . 2009-12-11 19:49 -------- d-----w- c:\programfiler\Unlocker 2009-12-11 19:48 . 2009-12-11 19:48 -------- d-----w- c:\programfiler\VS Revo Group 2009-12-11 19:41 . 2009-12-11 19:41 -------- d-----w- c:\documents and settings\Rune Andre\Programdata\Malwarebytes 2009-12-11 19:41 . 2009-12-11 19:41 -------- d-----w- c:\documents and settings\All Users\Programdata\Malwarebytes 2009-12-11 19:36 . 2009-12-11 19:34 -------- d-----w- c:\programfiler\RegistryFix8 2009-12-11 19:28 . 2009-12-11 19:28 -------- d-----w- c:\programfiler\CCleaner 2009-12-11 19:24 . 2009-12-11 19:24 -------- d-----w- c:\programfiler\Norton 360 Premier Edition 2009-12-11 19:24 . 2009-12-11 19:24 -------- d-----w- c:\programfiler\Windows Sidebar 2009-12-11 19:24 . 2009-12-11 19:24 -------- d-----w- c:\documents and settings\All Users\Programdata\NortonInstaller 2009-12-11 19:24 . 2009-12-11 19:24 -------- d-----w- c:\programfiler\NortonInstaller 2009-12-11 19:08 . 2009-12-11 19:08 -------- d-----w- c:\programfiler\microsoft frontpage 2009-12-11 19:06 . 2009-12-11 19:06 -------- d-----w- c:\programfiler\Elektroniske tjenester 2009-12-11 19:05 . 2009-12-11 19:05 -------- d-----w- c:\programfiler\Fellesfiler\Tjenester 2009-12-11 19:04 . 2009-12-11 19:04 21704 ----a-w- c:\windows\system32\emptyregdb.dat 2009-12-03 15:14 . 2009-12-11 19:41 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-03 15:13 . 2009-12-11 19:41 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-21 16:03 . 2008-04-15 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll 2009-10-29 07:45 . 2008-04-15 12:00 916480 ------w- c:\windows\system32\wininet.dll 2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys 2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSXpx86.sys 2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll 2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.dll 2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSviA64.sys 2009-10-21 05:41 . 2008-04-15 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:41 . 2008-04-15 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2008-04-15 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:38 . 2008-04-15 12:00 270848 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:40 . 2008-04-15 12:00 79872 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:40 . 2008-04-15 12:00 149504 ----a-w- c:\windows\system32\rastls.dll 2009-09-30 14:03 . 2009-09-30 14:03 4254224 ----a-w- c:\windows\system32\qtp-mt334.dll 2009-09-30 14:03 . 2009-09-30 14:03 249872 ----a-w- c:\windows\system32\prgiso.dll 2009-09-30 14:03 . 2009-09-30 14:03 385544 ----a-w- c:\windows\system32\drivers\Uim_IM.sys 2009-09-30 14:03 . 2009-09-30 14:03 34392 ----a-w- c:\windows\system32\drivers\UimBus.sys 2009-09-30 14:03 . 2009-09-30 14:03 261416 ----a-w- c:\windows\system32\drivers\UimFIO.sys 2009-09-25 05:48 . 2009-09-25 05:48 81920 ------w- c:\windows\system32\ieencode.dll . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VTTimer"="VTTimer.exe" [2005-03-08 53248] "VTTrayp"="VTtrayp.exe" [2005-09-14 167936] "SoundMan"="SOUNDMAN.EXE" [2005-08-17 90112] "SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2005-07-08 729178] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoThumbnailCache"= 1 (0x1) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2009-12-03 15:14 429392 ----a-w- c:\programfiler\Malwarebytes' Anti-Malware\mbamgui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] 2008-05-02 04:15 15872 ----a-w- c:\programfiler\Unlocker\UnlockerAssistant.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [12.12.2009 07:52 40560] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0305020.00B\SymEFA.sys [11.12.2009 20:25 310320] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0305020.00B\cchpx86.sys [11.12.2009 20:25 482432] R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217.002\IDSXpx86.sys [20.12.2009 08:45 329592] R2 N360;Norton 360;c:\programfiler\Norton 360 Premier Edition\Engine\3.5.2.11\ccSvcHst.exe [11.12.2009 20:25 117640] . ------- Tilleggsskanning ------- . FF - ProfilePath - c:\documents and settings\Rune Andre\Programdata\Mozilla\Firefox\Profiles\cok3qsj5.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.no/ FF - component: c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll FF - component: c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-21 00:40 Windows 5.1.2600 Service Pack 3 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360] "ImagePath"="\"c:\programfiler\Norton 360 Premier Edition\Engine\3.5.2.11\ccSvcHst.exe\" /s \"N360\" /m \"c:\programfiler\Norton 360 Premier Edition\Engine\3.5.2.11\diMaster.dll\" /prefetch:1" . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'explorer.exe'(3016) c:\windows\system32\webcheck.dll . ------------------------ Andre Kjørende Prosesser ------------------------ . c:\programfiler\Java\jre6\bin\jqs.exe c:\programfiler\CDBurnerXP\NMSAccessU.exe c:\windows\system32\wscntfy.exe c:\windows\system32\VTTimer.exe c:\windows\system32\VTtrayp.exe c:\windows\SOUNDMAN.EXE c:\windows\system32\wbem\wmiapsrv.exe . ************************************************************************** . Tidspunkt ferdig: 2009-12-21 00:41:45 - maskinen ble startet på nytt ComboFix-quarantined-files.txt 2009-12-20 23:41 Pre-Run: 9 460 486 144 byte ledig Post-Run: 9 387 827 200 byte ledig - - End Of File - - A347FEBAF0CB0968CFA8D8F90807468B