ComboFix 10-08-12.03 - Kamelot 14.08.2010   9:35.2.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.47.1044.18.1471.953 [GMT 2:00]
Kjører fra: c:\documents and settings\Kamelot\Skrivebord\ComboFix.exe
AV: Norton Internet Security Online *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security Online *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !!
.

(((((((((((((((((((((((((((   Filer Opprettet Fra 2010-07-14 til 2010-08-14  )))))))))))))))))))))))))))))))))
.

2010-08-12 12:14 . 2010-08-12 12:32	--------	d-----w-	c:\programfiler\Fellesfiler\Symantec Shared
2010-08-12 12:14 . 2010-08-12 12:14	60808	----a-w-	c:\windows\system32\S32EVNT1.DLL
2010-08-12 12:14 . 2010-08-12 12:14	124976	----a-w-	c:\windows\system32\drivers\SYMEVENT.SYS
2010-08-12 12:14 . 2010-08-12 12:14	--------	d-----w-	c:\programfiler\Symantec
2010-08-12 12:13 . 2010-08-12 12:36	--------	d-----w-	c:\windows\system32\drivers\NIS
2010-08-12 12:13 . 2010-08-12 12:13	--------	d-----w-	c:\programfiler\Norton Internet Security
2010-08-12 12:13 . 2010-08-12 12:13	--------	d-----w-	c:\programfiler\NortonInstaller
2010-08-12 09:42 . 2010-08-12 09:42	--------	d-----w-	c:\documents and settings\All Users\Programdata\Local
2010-08-12 09:42 . 2010-08-12 09:46	--------	d-----w-	c:\documents and settings\All Users\Programdata\Mobilt Bredbånd
2010-08-12 09:42 . 2010-08-12 09:42	--------	d-----w-	c:\programfiler\Telenor
2010-08-10 20:26 . 2010-06-28 20:57	38848	----a-w-	c:\windows\avastSS.scr
2010-08-10 20:26 . 2010-08-11 14:17	--------	d-----w-	c:\programfiler\Alwil Software
2010-08-10 20:26 . 2010-08-10 20:26	--------	d-----w-	c:\documents and settings\All Users\Programdata\Alwil Software
2010-08-10 19:01 . 2010-08-10 19:02	--------	d-----w-	c:\documents and settings\All Users\Programdata\NOS
2010-08-10 19:01 . 2010-08-10 19:01	--------	d-----w-	c:\programfiler\NOS
2010-08-08 20:09 . 2010-08-08 20:09	--------	d-----w-	C:\MBBInstall
2010-08-05 21:42 . 2010-08-05 21:42	--------	d-----w-	C:\archive_db
2010-08-05 21:33 . 2010-08-05 21:33	--------	d-----w-	c:\documents and settings\All Users\Programdata\Paragon
2010-08-04 19:39 . 2010-08-04 19:39	--------	d-----w-	c:\documents and settings\All Users\Programdata\SUPERAntiSpyware.com
2010-08-04 17:14 . 2010-08-04 17:14	--------	d-----w-	c:\programfiler\Device Doctor
2010-08-04 16:02 . 2009-09-30 13:03	40560	----a-w-	c:\windows\system32\drivers\hotcore3.sys
2010-08-04 16:01 . 2010-08-04 16:01	--------	d-----w-	c:\programfiler\Paragon Software
2010-08-04 13:53 . 2008-04-13 09:45	15104	-c--a-w-	c:\windows\system32\dllcache\usbscan.sys
2010-08-04 13:53 . 2008-04-13 09:45	15104	----a-w-	c:\windows\system32\drivers\usbscan.sys
2010-08-04 13:53 . 2010-08-04 13:53	--------	d-----w-	C:\Program Files
2010-08-04 13:53 . 2004-09-29 10:15	204800	----a-w-	c:\windows\system32\HPZipr12.dll
2010-08-04 13:53 . 2004-09-29 10:14	69632	----a-w-	c:\windows\system32\HPZipm12.exe
2010-08-04 13:53 . 2004-09-29 10:12	278584	----a-w-	c:\windows\system32\HPZidr12.dll
2010-08-04 13:53 . 2004-09-29 10:09	57344	----a-w-	c:\windows\system32\HPZisn12.dll
2010-08-04 13:53 . 2004-09-29 10:09	94208	----a-w-	c:\windows\system32\HPZipt12.dll
2010-08-04 13:53 . 2004-09-29 10:08	61440	----a-w-	c:\windows\system32\HPZinw12.exe
2010-08-04 13:53 . 1998-10-29 14:45	306688	----a-w-	c:\windows\IsUninst.exe
2010-08-04 13:52 . 2010-08-04 13:52	67191	----a-w-	c:\windows\hpoins05.dat
2010-08-04 13:52 . 2004-12-15 22:27	19696	------w-	c:\windows\hpomdl05.dat
2010-08-04 13:52 . 2004-12-15 22:27	51120	----a-w-	c:\windows\system32\drivers\HPZid412.sys
2010-08-04 13:52 . 2004-12-15 22:27	16496	----a-w-	c:\windows\system32\drivers\HPZipr12.sys
2010-08-04 13:51 . 2004-12-15 22:27	581632	----a-w-	c:\windows\system32\hpotscl.dll
2010-08-04 13:51 . 2004-12-15 22:27	278528	----a-w-	c:\windows\system32\hpgwiamd.dll
2010-08-04 13:51 . 2004-12-15 22:27	229376	----a-w-	c:\windows\system32\hpovst08.dll
2010-08-04 13:51 . 2004-12-15 22:27	180315	----a-w-	c:\windows\system32\hpzsnt12.dll
2010-08-04 13:51 . 2004-12-15 22:27	196608	----a-w-	c:\windows\system32\hpzcoi12.dll
2010-08-04 13:51 . 2004-12-15 22:27	393216	----a-w-	c:\windows\system32\hpzcon12.dll
2010-08-04 13:27 . 2010-08-04 13:27	--------	d-----w-	c:\programfiler\HP
2010-08-04 13:27 . 2008-04-13 09:47	25856	-c--a-w-	c:\windows\system32\dllcache\usbprint.sys
2010-08-04 13:27 . 2008-04-13 09:47	25856	----a-w-	c:\windows\system32\drivers\usbprint.sys
2010-08-04 13:26 . 2008-04-13 09:45	32128	-c--a-w-	c:\windows\system32\dllcache\usbccgp.sys
2010-08-04 13:26 . 2008-04-13 09:45	32128	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2010-08-03 23:02 . 2010-08-03 23:02	--------	d-----w-	C:\SLEKT
2010-08-03 22:37 . 2010-08-04 13:00	--------	d-----w-	C:\Legacy
2010-08-02 23:05 . 2010-08-02 23:05	--------	d-----w-	C:\linuxmint

.
((((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-13 10:43 . 2010-08-13 10:43	--------	d-----w-	c:\documents and settings\All Users\Programdata\Kaspersky Lab
2010-08-12 18:30 . 2008-04-15 12:00	76354	----a-w-	c:\windows\system32\perfc014.dat
2010-08-12 18:30 . 2008-04-15 12:00	436554	----a-w-	c:\windows\system32\perfh014.dat
2010-08-12 12:15 . 2010-07-09 16:26	--------	d-----w-	c:\documents and settings\All Users\Programdata\Norton
2010-08-12 12:14 . 2010-08-12 12:14	805	----a-w-	c:\windows\system32\drivers\SYMEVENT.INF
2010-08-12 12:14 . 2010-08-12 12:14	7443	----a-w-	c:\windows\system32\drivers\SYMEVENT.CAT
2010-08-10 15:54 . 2010-07-09 16:26	--------	d-----w-	c:\documents and settings\All Users\Programdata\NortonInstaller
2010-08-04 16:20 . 2010-07-09 17:14	--------	d---a-w-	c:\documents and settings\All Users\Programdata\TEMP
2010-07-29 11:01 . 2010-07-09 18:21	--------	d-----w-	c:\programfiler\CCleaner
2010-07-12 19:10 . 2010-07-12 19:10	--------	d-----w-	c:\programfiler\Mozilla ActiveX Control v1.7.12
2010-07-12 19:07 . 2010-07-12 19:07	--------	d-----w-	c:\programfiler\Graboid
2010-07-11 08:55 . 2010-07-09 16:02	76487	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-07-11 08:00 . 2010-07-11 08:00	56	---ha-w-	c:\windows\system32\ezsidmv.dat
2010-07-11 07:58 . 2010-07-11 07:58	--------	d-----r-	c:\programfiler\Skype
2010-07-11 07:58 . 2010-07-11 07:58	--------	d-----w-	c:\programfiler\Fellesfiler\Skype
2010-07-11 07:58 . 2010-07-11 07:58	--------	d-----w-	c:\documents and settings\All Users\Programdata\Skype
2010-07-09 23:31 . 2010-07-09 23:31	0	----a-w-	c:\windows\nsreg.dat
2010-07-09 22:48 . 2010-07-09 22:48	57344	----a-w-	c:\documents and settings\All Users\Programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-07-09 22:48 . 2010-07-09 22:41	--------	d-----w-	c:\documents and settings\All Users\Programdata\DivX
2010-07-09 22:48 . 2010-07-09 22:48	56765	----a-w-	c:\documents and settings\All Users\Programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-07-09 22:48 . 2010-07-09 22:43	--------	d-----w-	c:\programfiler\DivX
2010-07-09 22:48 . 2010-07-09 22:48	56997	----a-w-	c:\documents and settings\All Users\Programdata\DivX\WebPlayer\Uninstaller.exe
2010-07-09 22:48 . 2010-07-09 22:48	53600	----a-w-	c:\documents and settings\All Users\Programdata\DivX\Update\Uninstaller.exe
2010-07-09 22:47 . 2010-07-09 22:47	57715	----a-w-	c:\documents and settings\All Users\Programdata\DivX\Player\Uninstaller.exe
2010-07-09 22:47 . 2010-07-09 22:47	84054	----a-w-	c:\documents and settings\All Users\Programdata\DivX\TransferWizard\Uninstaller.exe
2010-07-09 22:46 . 2010-07-09 22:46	57054	----a-w-	c:\documents and settings\All Users\Programdata\DivX\DSDesktopComponents\Uninstaller.exe
2010-07-09 22:46 . 2010-07-09 22:46	54166	----a-w-	c:\documents and settings\All Users\Programdata\DivX\DSAVCDecoder\Uninstaller.exe
2010-07-09 22:46 . 2010-07-09 22:46	57532	----a-w-	c:\documents and settings\All Users\Programdata\DivX\DSASPDecoder\Uninstaller.exe
2010-07-09 22:45 . 2010-07-09 22:45	56458	----a-w-	c:\documents and settings\All Users\Programdata\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-07-09 22:45 . 2010-07-09 22:45	54174	----a-w-	c:\documents and settings\All Users\Programdata\DivX\DSAACDecoder\Uninstaller.exe
2010-07-09 22:45 . 2010-07-09 22:45	54153	----a-w-	c:\documents and settings\All Users\Programdata\DivX\DFXPlugin\Uninstaller.exe
2010-07-09 22:45 . 2010-07-09 22:45	54128	----a-w-	c:\documents and settings\All Users\Programdata\DivX\Converter\Uninstaller.exe
2010-07-09 22:45 . 2010-07-09 22:45	54644	----a-w-	c:\documents and settings\All Users\Programdata\DivX\TranscodeEngine\Uninstaller.exe
2010-07-09 22:45 . 2010-07-09 22:45	54101	----a-w-	c:\documents and settings\All Users\Programdata\DivX\MPEG2Plugin\Uninstaller.exe
2010-07-09 22:45 . 2010-07-09 22:45	57409	----a-w-	c:\documents and settings\All Users\Programdata\DivX\ControlPanel\Uninstaller.exe
2010-07-09 22:45 . 2010-07-09 22:45	52963	----a-w-	c:\documents and settings\All Users\Programdata\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-07-09 22:45 . 2010-07-09 22:44	--------	d-----w-	c:\programfiler\Fellesfiler\DivX Shared
2010-07-09 22:44 . 2010-07-09 22:44	54073	----a-w-	c:\documents and settings\All Users\Programdata\DivX\Qt4.5\Uninstaller.exe
2010-07-09 22:44 . 2010-07-09 22:44	56969	----a-w-	c:\documents and settings\All Users\Programdata\DivX\ASPEncoder\Uninstaller.exe
2010-07-09 22:42 . 2010-07-09 22:42	144696	----a-w-	c:\documents and settings\All Users\Programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-07-09 22:42 . 2010-07-09 22:48	1062184	----a-w-	c:\documents and settings\All Users\Programdata\DivX\Setup\Resource.dll
2010-07-09 22:41 . 2010-07-09 22:48	895256	----a-w-	c:\documents and settings\All Users\Programdata\DivX\Setup\DivXSetup.exe
2010-07-09 19:28 . 2010-07-09 19:28	--------	d-----w-	c:\programfiler\MSBuild
2010-07-09 19:28 . 2010-07-09 19:28	--------	d-----w-	c:\programfiler\Reference Assemblies
2010-07-09 18:55 . 2010-07-09 18:49	--------	d-----w-	c:\programfiler\Windows Live
2010-07-09 18:52 . 2010-07-09 18:52	--------	d-----w-	c:\programfiler\Microsoft Sync Framework
2010-07-09 18:51 . 2010-07-09 18:51	--------	d-----w-	c:\programfiler\Microsoft SQL Server Compact Edition
2010-07-09 18:50 . 2010-07-09 18:50	--------	d-----w-	c:\programfiler\Microsoft
2010-07-09 18:50 . 2010-07-09 18:50	--------	d-----w-	c:\programfiler\Windows Live SkyDrive
2010-07-09 18:41 . 2010-07-09 18:41	--------	d-----w-	c:\programfiler\Fellesfiler\Windows Live
2010-07-09 18:31 . 2010-07-09 18:31	--------	d-----w-	c:\programfiler\Malwarebytes' Anti-Malware
2010-07-09 18:31 . 2010-07-09 18:31	--------	d-----w-	c:\documents and settings\All Users\Programdata\Malwarebytes
2010-07-09 18:29 . 2010-07-09 18:29	--------	d-----w-	c:\programfiler\OpenOffice.org 3
2010-07-09 18:26 . 2010-07-09 18:25	--------	d-----w-	c:\programfiler\Fellesfiler\Adobe
2010-07-09 18:24 . 2010-07-09 18:24	--------	d-----w-	c:\programfiler\VideoLAN
2010-07-09 18:22 . 2010-07-09 18:22	--------	d-----w-	c:\programfiler\Google
2010-07-09 18:22 . 2010-07-09 18:22	--------	d-----w-	c:\programfiler\Spotify
2010-07-09 18:22 . 2010-07-09 18:22	--------	d-----w-	c:\programfiler\VS Revo Group
2010-07-09 18:22 . 2010-07-09 18:22	--------	d-----w-	c:\programfiler\Defraggler
2010-07-09 18:21 . 2010-07-09 18:21	--------	d-----w-	c:\programfiler\Microsoft Silverlight
2010-07-09 17:15 . 2010-07-09 17:15	--------	d-----w-	c:\documents and settings\All Users\Programdata\Norton Installer
2010-07-09 16:26 . 2010-07-09 16:26	--------	d-----w-	c:\programfiler\Windows Sidebar
2010-07-09 16:18 . 2010-07-09 16:18	--------	d-----w-	c:\programfiler\Synaptics
2010-07-09 16:18 . 2010-07-09 16:15	--------	d-----w-	c:\programfiler\Fellesfiler\InstallShield
2010-07-09 16:17 . 2010-07-09 16:17	--------	d-----w-	c:\programfiler\Realtek AC97
2010-07-09 16:17 . 2010-07-09 16:16	--------	d--h--w-	c:\programfiler\InstallShield Installation Information
2010-07-09 16:16 . 2010-07-09 16:16	--------	d-----w-	c:\programfiler\S3
2010-07-09 16:15 . 2010-07-09 16:15	--------	d-----w-	c:\programfiler\VIA
2010-07-09 16:03 . 2010-07-09 16:03	--------	d-----w-	c:\programfiler\microsoft frontpage
2010-07-09 16:01 . 2010-07-09 16:01	--------	d-----w-	c:\programfiler\Elektroniske tjenester
2010-07-09 16:00 . 2010-07-09 16:00	--------	d-----w-	c:\programfiler\Fellesfiler\Tjenester
2010-07-09 15:59 . 2010-07-09 15:59	21704	----a-w-	c:\windows\system32\emptyregdb.dat
2010-06-30 12:33 . 2008-04-15 12:00	149504	----a-w-	c:\windows\system32\schannel.dll
2010-06-24 12:27 . 2008-04-15 12:00	916480	----a-w-	c:\windows\system32\wininet.dll
2010-06-24 09:03 . 2008-04-15 12:00	1851904	----a-w-	c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2008-04-15 12:00	354304	----a-w-	c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2008-04-15 12:00	80384	----a-w-	c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2010-07-09 16:00	744448	----a-w-	c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:43 . 2008-04-15 12:00	1172480	----a-w-	c:\windows\system32\msxml3.dll
2010-06-09 23:01 . 2010-07-09 22:47	45648	------w-	c:\windows\system32\drivers\PxHelp20.sys
2010-06-09 23:01 . 2010-07-09 22:47	9072	------w-	c:\windows\system32\drivers\cdr4_xp.sys
2010-06-09 23:01 . 2010-07-09 22:47	9200	------w-	c:\windows\system32\drivers\cdralw2k.sys
2010-06-09 23:01 . 2010-07-09 22:47	123888	------w-	c:\windows\system32\pxcpyi64.exe
2010-06-09 23:01 . 2010-07-09 22:47	126448	------w-	c:\windows\system32\pxinsi64.exe
2010-06-09 23:01 . 2010-07-09 22:47	133616	------w-	c:\windows\system32\pxafs.dll
2010-06-03 02:41 . 2010-06-03 02:41	3600384	----a-w-	c:\windows\system32\GPhotos.scr
.

((((((((((((((((((((((((((((((((   Oppstartspunkter I Registeret   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke  
REGEDIT4

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^HPZRCV01.LNK]
path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\HPZRCV01.LNK
backup=c:\windows\pss\HPZRCV01.LNKCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Kamelot^Start-meny^Programmer^Oppstart^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\Kamelot\Start-meny\Programmer\Oppstart\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06	976832	----a-r-	c:\programfiler\Fellesfiler\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04	35760	----a-w-	c:\programfiler\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50	1144104	----a-w-	c:\programfiler\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-07-09 17:29	136176	----atw-	c:\documents and settings\Kamelot\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:23	1695232	------w-	c:\programfiler\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 20:12	3872080	----a-w-	c:\programfiler\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-05-13 14:12	26192168	----a-r-	c:\programfiler\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2005-08-17 16:39	90112	----a-w-	c:\windows\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2005-07-08 09:05	729178	----a-w-	c:\programfiler\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall Adobe Download Manager]
2010-07-26 14:01	66112	----a-w-	c:\programfiler\NOS\bin\getPlus_Helper_3004.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2010-07-12 21:37	322352	----a-w-	d:\marius\uTorrent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
2005-03-08 01:33	53248	----a-w-	c:\windows\system32\VTTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]
2005-09-14 11:47	167936	----a-w-	c:\windows\system32\VTTrayp.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programfiler\\Spotify\\spotify.exe"=
"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programfiler\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programfiler\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\marius\\uTorrent.exe"=
"c:\\Programfiler\\Skype\\Phone\\Skype.exe"=

R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [04.08.2010 18:02 40560]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1107000.00C\symds.sys [12.08.2010 14:23 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1107000.00C\symefa.sys [12.08.2010 14:23 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100719.001\BHDrvx86.sys [19.07.2010 23:30 692272]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1107000.00C\cchpx86.sys [12.08.2010 14:23 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1107000.00C\ironx86.sys [12.08.2010 14:23 116784]
R2 NIS;Norton Internet Security;c:\programfiler\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe [12.08.2010 14:23 126392]
R2 SesamService;Sesam Control Service;c:\programfiler\Telenor\Mobilt Bredbånd\Sesam\BIN\SecMIPService.exe [09.05.2008 17:01 1216296]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programfiler\Fellesfiler\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12.08.2010 14:20 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100813.004\IDSXpx86.sys [14.08.2010 07:05 331640]
R3 WtSmpFlt;Sesam Adapter;c:\windows\system32\drivers\wtsmpflt.sys [29.04.2008 16:24 272424]
S1 SASDIFSV;SASDIFSV;\??\f:\superantispyware\SASDIFSV.SYS --> f:\superantispyware\SASDIFSV.SYS [?]
S1 SASKUTIL;SASKUTIL;\??\f:\superantispyware\SASKUTIL.sys --> f:\superantispyware\SASKUTIL.sys [?]
S3 GTMM Device Service;GTMM Device Service;c:\programfiler\Telenor\Mobilt Bredbånd\GtmmDeviceService.exe [01.09.2009 06:48 106496]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [30.12.2008 19:57 103040]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [15.04.2008 14:00 14336]
S3 SASENUM;SASENUM;\??\f:\superantispyware\SASENUM.SYS --> f:\superantispyware\SASENUM.SYS [?]
S3 TSWLAN;TsWlan Packet Driver;c:\windows\system32\drivers\TsWlan.sys [17.10.2008 14:34 33664]
S3 wtsmpadap;Sesam Virtual Adapter;c:\windows\system32\drivers\wtsmpadap.sys [29.04.2008 16:24 39720]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper	REG_MULTI_SZ   	nosGetPlusHelper
.
.
------- Tilleggsskanning -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
FF - ProfilePath - c:\documents and settings\Kamelot\Programdata\Mozilla\Firefox\Profiles\tzghn5ie.default\
FF - component: c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\programfiler\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\programfiler\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\programfiler\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\programfiler\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programfiler\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programfiler\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programfiler\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-14 09:39
Windows 5.1.2600 Service Pack 3 NTFS

skanner skjulte prosesser ...  

skanner skjulte autostart-oppføringer ... 

skanner skjulte filer ...  

skanning vellykket
skjulte filer: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\programfiler\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\programfiler\Norton Internet Security\Engine\17.7.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

- - - - - - - > 'explorer.exe'(2856)
c:\windows\system32\webcheck.dll
.
Tidspunkt ferdig: 2010-08-14  09:42:32
ComboFix-quarantined-files.txt  2010-08-14 07:42
ComboFix2.txt  2010-08-12 19:08

Pre-Run: 9 719 992 320 byte ledig
Post-Run: 9 709 305 856 byte ledig

- - End Of File - - C6CD4861D1D0547FDF0A94D1E43A1C01