ComboFix 10-11-17.04 - NAVN 18.11.2010 18:47:34.2.1 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.47.1033.18.2047.1297 [GMT 1:00] Kjører fra: c:\users\NAVN\Desktop\ComboFix.exe SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((( Filer Opprettet Fra 2010-10-18 til 2010-11-18 ))))))))))))))))))))))))))))))))) . 2010-11-18 17:51 . 2010-11-18 17:51 -------- d-----w- c:\users\NAVN\AppData\Local\temp 2010-11-18 17:51 . 2010-11-18 17:51 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-11-17 20:52 . 2010-10-18 07:41 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{159C5C4D-73E9-41E6-80FB-66CF12F30460}\mpengine.dll 2010-11-17 20:00 . 2010-11-17 20:06 -------- d-----w- C:\NAVN 2010-11-17 19:33 . 2010-11-17 19:36 -------- d-----w- C:\PHONE CARD 2010-11-17 13:12 . 2010-11-17 14:23 -------- d-----w- C:\Local Disk 2010-11-16 20:28 . 2010-11-16 20:28 -------- d-----w- c:\program files\Microsoft.NET 2010-11-11 21:14 . 2010-11-17 20:44 -------- d-----w- c:\program files\Panda Security 2010-11-11 20:29 . 2010-11-11 20:29 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2010-11-10 12:16 . 2010-10-07 11:37 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2010-10-29 21:14 . 2010-10-29 21:15 -------- d-----w- c:\program files\Common Files\Adobe 2010-10-29 20:28 . 2010-10-29 20:28 -------- d-----w- c:\users\NAVN\New Folder 2010-10-28 15:07 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll 2010-10-28 15:07 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2010-10-28 15:07 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2010-10-21 15:09 . 2010-10-21 15:09 -------- d-----w- c:\users\NAVN\AppData\Roaming\Malwarebytes 2010-10-21 15:09 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-10-21 15:09 . 2010-10-21 15:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-10-21 15:09 . 2010-10-21 15:09 -------- d-----w- c:\programdata\Malwarebytes 2010-10-21 15:09 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-10-19 09:41 . 2010-10-14 18:05 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-10-15 09:43 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll 2010-10-15 09:43 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll 2010-10-14 23:13 . 2010-10-14 23:13 377344 ----a-w- c:\windows\system32\winhttp.dll 2010-10-14 23:12 . 2010-10-14 23:12 36864 ----a-w- c:\windows\system32\drivers\en-US\http.sys.mui 2010-10-14 23:10 . 2010-10-14 23:10 37888 ----a-w- c:\windows\system32\printcom.dll 2010-10-14 23:09 . 2010-10-14 23:09 14848 ----a-w- c:\windows\system32\wshrm.dll 2010-10-14 23:09 . 2010-10-14 23:09 43520 ----a-w- c:\windows\system32\msdxm.tlb 2010-10-14 23:09 . 2010-10-14 23:09 313344 ----a-w- c:\windows\system32\wmpdxm.dll 2010-10-14 23:09 . 2010-10-14 23:09 18432 ----a-w- c:\windows\system32\amcompat.tlb 2010-10-14 23:08 . 2010-10-14 23:08 7680 ----a-w- c:\windows\system32\spwmp.dll 2010-10-14 23:08 . 2010-10-14 23:08 4096 ----a-w- c:\windows\system32\dxmasf.dll 2010-10-14 23:08 . 2010-10-14 23:08 4096 ----a-w- c:\windows\system32\msdxm.ocx 2010-10-14 22:13 . 2010-10-14 22:13 72704 ----a-w- c:\windows\system32\fontsub.dll 2010-10-14 22:13 . 2010-10-14 22:13 23552 ----a-w- c:\windows\system32\lpk.dll 2010-10-14 22:13 . 2010-10-14 22:13 10240 ----a-w- c:\windows\system32\dciman32.dll 2010-10-14 22:07 . 2010-10-14 22:07 61440 ----a-w- c:\windows\system32\winipsec.dll 2010-10-14 22:07 . 2010-10-14 22:07 272896 ----a-w- c:\windows\system32\polstore.dll 2010-10-14 21:59 . 2010-10-14 21:59 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE 2010-10-14 21:59 . 2010-10-14 21:59 11264 ----a-w- c:\windows\system32\MRINFO.EXE 2010-10-14 21:59 . 2010-10-14 21:59 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE 2010-10-14 21:59 . 2010-10-14 21:59 27136 ----a-w- c:\windows\system32\NETSTAT.EXE 2010-10-14 21:59 . 2010-10-14 21:59 105984 ----a-w- c:\windows\system32\netiohlp.dll 2010-10-14 21:59 . 2010-10-14 21:59 10240 ----a-w- c:\windows\system32\finger.exe 2010-10-14 21:59 . 2010-10-14 21:59 19968 ----a-w- c:\windows\system32\ARP.EXE 2010-10-14 21:59 . 2010-10-14 21:59 17920 ----a-w- c:\windows\system32\ROUTE.EXE 2010-10-14 21:55 . 2010-10-14 21:55 127488 ----a-w- c:\windows\system32\L2SecHC.dll 2010-10-14 21:55 . 2010-10-14 21:55 68096 ----a-w- c:\windows\system32\wlanhlp.dll 2010-10-14 21:55 . 2010-10-14 21:55 65024 ----a-w- c:\windows\system32\wlanapi.dll 2010-10-14 21:55 . 2010-10-14 21:55 513536 ----a-w- c:\windows\system32\wlansvc.dll 2010-10-14 21:55 . 2010-10-14 21:55 302592 ----a-w- c:\windows\system32\wlansec.dll 2010-10-14 21:55 . 2010-10-14 21:55 293376 ----a-w- c:\windows\system32\wlanmsm.dll 2010-10-14 21:55 . 2010-10-14 21:55 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs 2010-10-14 21:54 . 2010-10-14 21:54 1401856 ----a-w- c:\windows\system32\msxml6.dll 2010-10-14 21:54 . 2010-10-14 21:54 2048 ----a-w- c:\windows\system32\msxml3r.dll 2010-10-14 21:54 . 2010-10-14 21:54 2048 ----a-w- c:\windows\system32\msxml6r.dll 2010-10-14 21:52 . 2010-10-14 21:52 218624 ----a-w- c:\windows\system32\msv1_0.dll 2010-10-14 21:51 . 2010-10-14 21:51 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2010-10-14 21:51 . 2010-10-14 21:51 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2010-10-14 21:51 . 2010-10-14 21:51 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-10-14 21:48 . 2010-10-14 21:48 2868224 ----a-w- c:\windows\system32\mf.dll 2010-10-14 21:48 . 2010-10-14 21:48 98816 ----a-w- c:\windows\system32\mfps.dll 2010-10-14 21:48 . 2010-10-14 21:48 53248 ----a-w- c:\windows\system32\rrinstaller.exe 2010-10-14 21:48 . 2010-10-14 21:48 24576 ----a-w- c:\windows\system32\mfpmp.exe 2010-10-14 21:48 . 2010-10-14 21:48 2048 ----a-w- c:\windows\system32\mferror.dll 2010-10-14 21:39 . 2010-10-14 21:39 71680 ----a-w- c:\windows\system32\atl.dll 2010-10-14 21:33 . 2010-10-14 21:33 160256 ----a-w- c:\windows\system32\wkssvc.dll 2010-10-14 21:32 . 2010-10-14 21:32 53248 ----a-w- c:\windows\system32\tsgqec.dll 2010-10-14 21:32 . 2010-10-14 21:32 2066432 ----a-w- c:\windows\system32\mstscax.dll 2010-10-14 21:32 . 2010-10-14 21:32 136192 ----a-w- c:\windows\system32\aaclient.dll 2010-10-14 21:28 . 2010-10-14 21:28 714240 ----a-w- c:\windows\system32\timedate.cpl 2010-10-14 21:22 . 2010-10-14 21:22 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax 2010-10-14 21:18 . 2010-10-14 21:18 623616 ----a-w- c:\windows\system32\localspl.dll 2010-10-14 21:14 . 2010-10-14 21:14 499712 ----a-w- c:\windows\system32\kerberos.dll 2010-10-14 21:14 . 2010-10-14 21:14 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2010-10-14 21:14 . 2010-10-14 21:14 175104 ----a-w- c:\windows\system32\wdigest.dll 2010-10-14 21:14 . 2010-10-14 21:14 9728 ----a-w- c:\windows\system32\lsass.exe 2010-10-14 21:14 . 2010-10-14 21:14 72704 ----a-w- c:\windows\system32\secur32.dll 2010-10-14 21:14 . 2010-10-14 21:14 1259008 ----a-w- c:\windows\system32\lsasrv.dll 2010-10-14 21:11 . 2010-10-14 21:11 1793536 ----a-w- c:\windows\system32\NlsLexicons0045.dll 2010-10-14 21:11 . 2010-10-14 21:11 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll 2010-10-14 21:11 . 2010-10-14 21:11 1558016 ----a-w- c:\windows\system32\NlsLexicons0049.dll 2010-10-14 21:11 . 2010-10-14 21:11 1411072 ----a-w- c:\windows\system32\NlsLexicons0047.dll 2010-10-14 21:11 . 2010-10-14 21:11 1236992 ----a-w- c:\windows\system32\NlsLexicons0020.dll 2010-10-14 21:11 . 2010-10-14 21:11 1782272 ----a-w- c:\windows\system32\NlsLexicons0039.dll 2010-10-14 21:11 . 2010-10-14 21:11 7964672 ----a-w- c:\windows\system32\NlsLexicons0024.dll 2010-10-14 21:11 . 2010-10-14 21:11 5499904 ----a-w- c:\windows\system32\NlsLexicons0022.dll 2010-10-14 21:11 . 2010-10-14 21:11 2136064 ----a-w- c:\windows\system32\NlsLexicons0021.dll 2010-10-14 21:11 . 2010-10-14 21:11 6224896 ----a-w- c:\windows\system32\NlsLexicons0027.dll 2010-10-14 21:11 . 2010-10-14 21:11 5791232 ----a-w- c:\windows\system32\NlsLexicons0026.dll 2010-10-14 21:11 . 2010-10-14 21:11 4175872 ----a-w- c:\windows\system32\NlsLexicons0010.dll 2010-10-14 21:11 . 2010-10-14 21:11 4981248 ----a-w- c:\windows\system32\NlsLexicons0013.dll 2010-10-14 21:11 . 2010-10-14 21:11 3331072 ----a-w- c:\windows\system32\NlsLexicons0018.dll 2010-10-14 21:11 . 2010-10-14 21:11 2466816 ----a-w- c:\windows\system32\NlsLexicons0011.dll 2010-10-14 21:11 . 2010-10-14 21:11 6781440 ----a-w- c:\windows\system32\NlsLexicons0019.dll 2010-10-14 21:11 . 2010-10-14 21:11 11722752 ----a-w- c:\windows\system32\NlsLexicons0001.dll 2010-10-14 21:11 . 2010-10-14 21:11 4164096 ----a-w- c:\windows\system32\NlsLexicons0002.dll 2010-10-14 21:11 . 2010-10-14 21:11 1452544 ----a-w- c:\windows\system32\NlsLexicons0003.dll 2010-10-14 21:11 . 2010-10-14 21:11 4093440 ----a-w- c:\windows\system32\NlsLexicons004c.dll 2010-10-14 21:11 . 2010-10-14 21:11 3419136 ----a-w- c:\windows\system32\NlsLexicons004a.dll 2010-10-14 21:11 . 2010-10-14 21:11 1972736 ----a-w- c:\windows\system32\NlsLexicons004e.dll 2010-10-14 21:11 . 2010-10-14 21:11 1702912 ----a-w- c:\windows\system32\NlsLexicons004b.dll 2010-10-14 21:11 . 2010-10-14 21:11 6585856 ----a-w- c:\windows\system32\NlsLexicons001b.dll 2010-10-14 21:11 . 2010-10-14 21:11 6014976 ----a-w- c:\windows\system32\NlsLexicons001a.dll 2010-10-14 21:11 . 2010-10-14 21:11 4096 ----a-w- c:\windows\system32\NlsLexicons002a.dll 2010-10-14 21:11 . 2010-10-14 21:11 4045824 ----a-w- c:\windows\system32\NlsLexicons003e.dll 2010-10-14 21:11 . 2010-10-14 21:11 9892864 ----a-w- c:\windows\system32\NlsLexicons000a.dll 2010-10-14 21:11 . 2010-10-14 21:11 6346240 ----a-w- c:\windows\system32\NlsLexicons001d.dll 2010-10-14 21:11 . 2010-10-14 21:11 6237696 ----a-w- c:\windows\system32\NlsLexicons000c.dll 2010-10-14 21:11 . 2010-10-14 21:11 5654528 ----a-w- c:\windows\system32\NlsLexicons000f.dll 2010-10-14 21:11 . 2010-10-14 21:11 4616192 ----a-w- c:\windows\system32\NlsLexicons0414.dll 2010-10-14 21:11 . 2010-10-14 21:11 1722368 ----a-w- c:\windows\system32\NlsLexicons000d.dll 2010-10-14 21:11 . 2010-10-14 21:11 7042560 ----a-w- c:\windows\system32\NlsLexicons081a.dll 2010-10-14 21:11 . 2010-10-14 21:11 5090816 ----a-w- c:\windows\system32\NlsLexicons0416.dll 2010-10-14 21:11 . 2010-10-14 21:11 5031936 ----a-w- c:\windows\system32\NlsLexicons0816.dll 2010-10-14 21:11 . 2010-10-14 21:11 5071872 ----a-w- c:\windows\system32\NlsModels0011.dll 2010-10-14 21:11 . 2010-10-14 21:11 3104768 ----a-w- c:\windows\system32\NlsData0047.dll 2010-10-14 21:11 . 2010-10-14 21:11 3104768 ----a-w- c:\windows\system32\NlsData0046.dll 2010-10-14 21:11 . 2010-10-14 21:11 3104768 ----a-w- c:\windows\system32\NlsData0045.dll 2010-10-14 21:11 . 2010-10-14 21:11 3104768 ----a-w- c:\windows\system32\NlsData0049.dll . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760] "Google Update"="c:\users\NAVN\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-10-28 136176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] c:\users\N>AVN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-11-18 18:51 Windows 6.0.6002 Service Pack 2 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . Tidspunkt ferdig: 2010-11-18 18:54:13 ComboFix-quarantined-files.txt 2010-11-18 17:54 Pre-Run: 52 365 242 368 bytes free Post-Run: 52 444 635 136 bytes free - - End Of File - - 956D171980F1F014005FF1746031A3DF