ComboFix 10-08-15.04 - Jørgen 16.08.2010  14:32:33.1.2 - x86
Microsoft Windows 7 Professional   6.1.7600.0.1252.47.1033.18.2046.900 [GMT 2:00]
Kjører fra: c:\users\Jørgen\Downloads\ComboFix.exe
 * Anti-virus er aktiv

.

(((((((((((((((((((((((((((   Filer Opprettet Fra 2010-07-16 til 2010-08-16  )))))))))))))))))))))))))))))))))
.

2010-08-16 12:47 . 2010-08-16 12:47	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-08-16 12:08 . 2010-04-29 13:39	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-16 12:08 . 2010-08-16 12:08	--------	d-----w-	c:\programdata\Malwarebytes
2010-08-16 12:08 . 2010-04-29 13:39	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-08-16 12:08 . 2010-08-16 12:08	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-08-14 01:01 . 2010-08-14 01:01	--------	d-----w-	c:\windows\system32\Wat
2010-08-13 18:43 . 2010-07-12 08:55	64288	----a-w-	c:\windows\system32\drivers\Lbd.sys
2010-08-13 18:43 . 2010-08-13 18:43	95024	----a-w-	c:\windows\system32\drivers\SBREDrv.sys
2010-08-13 18:36 . 2010-08-13 18:36	--------	dc-h--w-	c:\programdata\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}
2010-08-13 18:36 . 2010-08-13 18:36	--------	d-----w-	c:\program files\Lavasoft
2010-08-13 18:36 . 2010-08-13 18:43	--------	d-----w-	c:\programdata\Lavasoft
2010-08-13 06:36 . 2009-11-25 10:47	99176	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2010-08-13 06:36 . 2009-11-25 10:47	49472	----a-w-	c:\windows\system32\netfxperf.dll
2010-08-13 06:36 . 2009-11-25 10:47	297808	----a-w-	c:\windows\system32\mscoree.dll
2010-08-13 06:36 . 2009-11-25 10:47	295264	----a-w-	c:\windows\system32\PresentationHost.exe
2010-08-13 06:36 . 2009-11-25 10:47	1130824	----a-w-	c:\windows\system32\dfshim.dll
2010-08-12 13:57 . 2010-06-16 05:48	224256	----a-w-	c:\windows\system32\schannel.dll
2010-08-12 13:57 . 2010-06-19 04:07	2326016	----a-w-	c:\windows\system32\win32k.sys
2010-07-27 12:34 . 2010-07-27 12:34	--------	d-----w-	c:\program files\Common Files\Blizzard Entertainment.Trash
2010-07-27 12:27 . 2010-08-08 19:01	--------	d-----w-	c:\program files\StarCraft II
2010-07-27 12:27 . 2010-08-08 18:57	--------	d-----w-	c:\program files\Common Files\Blizzard Entertainment
2010-07-27 12:27 . 2010-07-27 12:55	--------	d-----w-	c:\programdata\Blizzard Entertainment

.
((((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-16 12:26 . 2010-08-10 22:39	4716	----a-w-	c:\windows\system32\PerfStringBackup.TMP
2010-08-16 00:37 . 2009-10-08 11:11	--------	d-----w-	c:\program files\F-Secure
2010-08-13 15:08 . 2009-10-28 20:43	--------	d-----w-	c:\programdata\Microsoft Help
2010-08-06 22:39 . 2009-10-28 20:47	--------	d-----w-	c:\program files\Microsoft.NET
2010-07-29 06:30 . 2010-08-12 13:58	197632	----a-w-	c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-08-12 13:58	82944	----a-w-	c:\windows\system32\iccvid.dll
2010-07-26 22:08 . 2009-12-29 17:25	--------	d-----w-	c:\program files\Starcraft
2010-07-19 18:01 . 2010-05-12 21:16	--------	d-----w-	c:\programdata\DivX
2010-07-13 12:34 . 2009-10-08 11:12	41256	----a-w-	c:\windows\system32\drivers\fsbts.sys
2010-07-05 10:13 . 2010-07-05 10:12	35473	----a-w-	c:\windows\scunin.dat
2010-07-05 10:13 . 2010-07-05 10:12	967	----a-w-	c:\windows\ScUnin.pif
2010-07-05 10:13 . 2010-07-05 10:12	94208	----a-w-	c:\windows\ScUnin.exe
2010-06-30 06:25 . 2010-08-12 13:58	978432	----a-w-	c:\windows\system32\wininet.dll
2010-06-22 02:47 . 2010-08-12 13:58	310784	----a-w-	c:\windows\system32\drivers\srv.sys
2010-06-22 02:47 . 2010-08-12 13:58	307200	----a-w-	c:\windows\system32\drivers\srv2.sys
2010-06-22 02:47 . 2010-08-12 13:58	113664	----a-w-	c:\windows\system32\drivers\srvnet.sys
2010-06-19 06:33 . 2010-08-12 13:58	3955080	----a-w-	c:\windows\system32\ntkrnlpa.exe
2010-06-19 06:33 . 2010-08-12 13:58	3899784	----a-w-	c:\windows\system32\ntoskrnl.exe
2010-06-19 06:23 . 2010-08-12 13:58	37376	----a-w-	c:\windows\system32\rtutils.dll
2010-06-14 06:12 . 2010-08-12 13:58	1286016	----a-w-	c:\windows\system32\drivers\tcpip.sys
2010-06-08 06:02 . 2010-08-12 13:58	1233920	----a-w-	c:\windows\system32\msxml3.dll
2010-05-27 07:24 . 2010-06-10 13:29	34304	----a-w-	c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-06-10 13:29	293888	----a-w-	c:\windows\system32\atmfd.dll
2010-05-21 12:14 . 2009-10-03 14:31	221568	------w-	c:\windows\system32\MpSigStub.exe
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((   Oppstartspunkter I Registeret   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke  
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Jørgen\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-10-03 133104]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"F-Secure Manager"="c:\program files\F-Secure\Common\FSM32.EXE" [2009-03-02 182936]
"F-Secure TNB"="c:\program files\F-Secure\FSGUI\TNBUtil.exe" [2009-03-02 1182304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-19 13793824]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-04-12 1135912]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-12-30 813584]
VPN Client.lnk - c:\windows\Installer\{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD}\Icon3E5562ED7.ico [2009-10-3 6144]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 11:28	72208	----a-w-	c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-08-13 1355416]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2010-08-13 15008]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-12-30 137344]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-12-30 8320]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-14 1343400]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2009-03-02 39776]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure\Anti-Virus\Win2K\FSrec.sys [2009-03-02 25184]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2010-07-13 41256]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-07-12 64288]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\F-Secure\Anti-Virus\minifilter\fsvista.sys [2009-03-02 12384]
S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-12-17 497856]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure\Anti-Virus\minifilter\fsgk.sys [2010-07-29 124072]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files\F-Secure\ORSP Client\fsorsp.exe [2009-03-02 55904]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]

.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

2010-08-16 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-07-12 18:43]
.
.
------- Tilleggsskanning -------
.
uStart Page = hxxp://search.bearshare.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
- - - - TOMME PEKERE FJERNET - - - -

HKCU-Run-AdobeBridge - (no file)
AddRemove-05B59228C7E1C21DFBE89260F879BD95880548D8 - c:\progra~1\DIFX\270581355A767BF1\dpinst.exe
AddRemove-504244733D18C8F63FF584AEB290E3904E791693 - c:\progra~1\DIFX\B4723E9A0713E5B1\dpinst.exe
AddRemove-8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA - c:\progra~1\DIFX\270581355A767BF1\dpinst.exe


.
--------------------- LÅSTE REGISTERNØKLER ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

- - - - - - - > 'winlogon.exe'(632)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'Explorer.exe'(5408)
c:\program files\Logitech\SetPoint\lgscroll.dll
.
Tidspunkt ferdig: 2010-08-16  14:56:13
ComboFix-quarantined-files.txt  2010-08-16 12:56

Pre-Run: 9 525 010 432 bytes free
Post-Run: 10 086 211 584 bytes free

- - End Of File - - 360FF1BCCB6DE0F93D209DCF600B5576