ComboFix 11-03-11.02 - Joachim 13.03.2011 21:28:14.1.4 - x64 MINIMAL Microsoft Windows 7 Home Premium 6.1.7600.0.1252.47.1044.18.4094.3554 [GMT 1:00] Kjører fra: c:\users\Joachim\Desktop\ComboFix.exe AV: AVG Internet Security 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Internet Security 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((( Filer Opprettet Fra 2011-02-13 til 2011-03-13 ))))))))))))))))))))))))))))))))) . . 2011-03-13 20:31 . 2011-03-13 20:31 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-03-09 18:39 . 2011-03-09 18:39 -------- d-----w- c:\programdata\Malwarebytes 2011-03-09 18:39 . 2011-03-12 11:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-03-09 17:53 . 2011-03-12 11:04 -------- d-----w- C:\c90d0e1579239ae0f1c5 2011-03-09 14:45 . 2011-03-09 14:45 -------- d-----w- c:\programdata\Solidshield 2011-03-06 11:25 . 2011-03-06 13:00 -------- d--h--w- c:\windows\msdownld.tmp 2011-03-06 11:21 . 2007-05-16 15:45 4496232 ----a-w- c:\windows\system32\d3dx9_34.dll 2011-03-04 16:05 . 2011-03-04 16:05 -------- d-----w- c:\windows\SysWow64\Macromed 2011-03-04 16:04 . 2005-05-26 14:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll 2011-03-04 16:04 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll 2011-03-04 13:28 . 2011-03-04 13:28 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2011-03-04 13:27 . 2011-03-04 13:28 -------- d-----w- c:\programdata\DAEMON Tools Pro 2011-03-03 20:00 . 2011-03-03 20:00 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft 2011-03-03 19:52 . 2011-03-03 19:52 -------- d-----w- c:\program files (x86)\Spotify 2011-03-03 19:50 . 2009-05-18 12:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2011-03-03 19:50 . 2008-04-17 11:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll 2011-03-03 19:49 . 2011-03-03 19:49 -------- d-----w- c:\program files (x86)\QuickTime 2011-03-03 19:49 . 2011-03-03 19:49 -------- d-----w- c:\program files (x86)\Apple Software Update 2011-03-03 19:49 . 2011-03-03 19:49 -------- d-----w- c:\program files\Common Files\Apple 2011-03-03 19:49 . 2011-03-03 19:49 -------- d-----w- c:\program files\Bonjour 2011-03-03 19:49 . 2011-03-03 19:49 -------- d-----w- c:\program files (x86)\Bonjour 2011-03-03 19:49 . 2011-03-04 13:19 -------- d-----w- c:\programdata\Apple 2011-03-03 19:49 . 2011-03-03 19:50 -------- d-----w- c:\program files (x86)\Common Files\Apple 2011-03-03 18:03 . 2011-03-03 18:03 -------- d-----w- c:\program files (x86)\VideoLAN 2011-03-03 17:45 . 2011-03-03 17:51 -------- d-----w- c:\program files (x86)\Windows Live 2011-03-03 17:45 . 2011-03-03 17:45 -------- d-----w- c:\windows\PCHEALTH 2011-03-03 17:44 . 2011-03-08 15:08 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2011-03-03 17:42 . 2011-03-03 17:42 -------- d-----w- c:\program files (x86)\Common Files\Windows Live 2011-03-03 17:22 . 2011-03-03 17:22 -------- d-----w- c:\program files (x86)\Common Files\Skype 2011-03-03 14:47 . 2011-03-03 14:47 -------- d-----r- c:\program files (x86)\Skype 2011-03-03 14:47 . 2011-03-03 14:47 -------- d-----w- c:\programdata\Skype 2011-03-03 14:13 . 2011-03-03 14:13 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2011-03-03 13:56 . 2011-03-03 13:56 -------- d-----w- c:\program files (x86)\Microsoft.NET 2011-03-03 13:48 . 2011-03-03 13:48 -------- d-----w- c:\program files (x86)\MSXML 4.0 2011-03-03 13:46 . 2011-03-03 13:46 -------- d-----w- c:\program files (x86)\Common Files\Java 2011-03-03 13:45 . 2011-03-03 13:45 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-03-03 13:45 . 2011-03-03 13:45 -------- d-----w- c:\program files (x86)\Java 2011-03-03 13:44 . 2011-03-03 13:44 -------- d-----w- c:\programdata\McAfee 2011-03-03 13:40 . 2011-03-03 13:40 -------- d-----w- c:\windows\SysWow64\Wat 2011-03-03 13:40 . 2011-03-03 13:40 -------- d-----w- c:\windows\system32\Wat 2011-03-03 13:37 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll 2011-03-03 13:37 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll 2011-03-03 13:32 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll 2011-03-03 13:32 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll 2011-03-03 13:25 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll 2011-03-03 13:25 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll 2011-03-03 13:25 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll 2011-03-03 13:25 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll 2011-03-03 13:25 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe 2011-03-03 13:25 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll 2011-03-03 13:25 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2011-03-03 13:25 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll 2011-03-03 13:25 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe 2011-03-03 13:25 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll 2011-03-03 13:25 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe 2011-03-03 13:20 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys 2011-03-03 13:13 . 2010-12-18 06:11 714752 ----a-w- c:\windows\system32\kerberos.dll 2011-03-03 13:12 . 2010-04-07 07:37 861184 ----a-w- c:\windows\system32\oleaut32.dll 2011-03-03 13:11 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll 2011-03-03 13:11 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll 2011-03-03 13:11 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll 2011-03-03 13:11 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2011-03-03 13:11 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll 2011-03-03 13:11 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll 2011-03-03 13:11 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll 2011-03-03 13:11 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll 2011-03-03 13:11 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll 2011-03-03 13:11 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll 2011-03-03 13:07 . 2010-08-27 03:38 463360 ----a-w- c:\windows\system32\drivers\srv.sys 2011-03-03 13:07 . 2010-08-27 06:14 236032 ----a-w- c:\windows\system32\srvsvc.dll 2011-03-03 13:07 . 2010-08-27 05:46 9728 ----a-w- c:\windows\SysWow64\sscore.dll 2011-03-03 13:07 . 2010-08-27 03:37 402944 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-03-03 13:07 . 2010-08-27 03:37 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-03-02 23:25 . 2011-03-02 16:34 -------- d-----w- c:\windows\Panther 2011-03-02 19:51 . 2011-03-12 11:07 -------- d-----w- c:\users\Public\CyberLink 2011-03-02 19:43 . 2011-03-02 19:44 -------- d-----w- c:\program files\CCleaner 2011-03-02 19:01 . 2011-03-02 19:01 -------- d-----w- C:\temp 2011-03-02 18:50 . 2011-03-02 18:50 -------- d-----w- c:\program files (x86)\Common Files\CyberLink 2011-03-02 18:50 . 2011-03-02 18:50 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll 2011-03-02 18:50 . 2011-03-02 18:50 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll 2011-03-02 18:50 . 2011-03-02 18:50 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll 2011-03-02 18:44 . 2011-03-03 19:50 -------- dc----w- c:\windows\system32\DRVSTORE 2011-03-02 18:44 . 2011-03-02 20:04 -------- d-----w- c:\program files (x86)\CyberLink 2011-03-02 18:44 . 2011-03-02 19:58 -------- d-----w- c:\programdata\CyberLink 2011-03-02 18:30 . 2011-03-02 18:34 -------- d-----w- c:\program files (x86)\Nero 2011-03-02 18:30 . 2011-03-02 18:31 -------- d-----w- c:\programdata\Nero 2011-03-02 18:30 . 2011-03-02 18:38 -------- d-----w- c:\program files (x86)\Common Files\Nero 2011-03-02 18:19 . 2011-03-02 18:19 -------- d--h--w- c:\programdata\Common Files 2011-03-02 18:19 . 2011-03-13 11:42 -------- d-----w- c:\programdata\AVG10 2011-03-02 18:08 . 2011-02-23 08:34 7947600 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{05A26ED8-997F-46C3-B943-C731FA829D57}\mpengine.dll 2011-03-02 18:08 . 2011-02-02 16:11 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-03-02 18:07 . 2011-03-02 20:23 -------- d-----w- c:\programdata\MFAData 2011-03-02 17:48 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll 2011-03-02 17:48 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll 2011-03-02 17:48 . 2009-12-29 08:03 220672 ----a-w- c:\windows\system32\wintrust.dll 2011-03-02 17:48 . 2009-12-29 06:55 172032 ----a-w- c:\windows\SysWow64\wintrust.dll 2011-03-02 17:12 . 2011-03-02 17:12 -------- d-----w- c:\programdata\Razer 2011-03-02 17:12 . 2011-03-02 17:12 -------- d-----w- c:\program files (x86)\Razer 2011-03-02 17:12 . 2007-09-27 18:44 65536 ----a-w- c:\windows\SysWow64\Lycosa.cpl 2011-03-02 17:10 . 2011-03-02 17:10 -------- d-----w- c:\programdata\ATI 2011-03-02 17:09 . 2011-03-02 17:09 0 ----a-w- c:\windows\ativpsrm.bin 2011-03-02 17:08 . 2011-03-02 17:08 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies 2011-03-02 17:07 . 2011-03-02 17:07 -------- d-----w- c:\program files\Common Files\ATI Technologies 2011-03-02 17:03 . 2010-09-29 01:51 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll 2011-03-02 17:03 . 2010-09-29 01:23 58880 ----a-w- c:\windows\system32\coinst.dll 2011-03-02 17:02 . 2011-03-02 17:08 -------- d-----w- c:\program files (x86)\ATI Technologies 2011-03-02 17:01 . 2011-03-02 17:08 -------- d-----w- c:\program files\ATI Technologies 2011-03-02 17:01 . 2011-03-02 17:01 -------- d-----w- c:\program files\ATI 2011-03-02 16:57 . 2011-03-09 17:50 30528 ----a-w- c:\windows\GVTDrv64.sys 2011-03-02 16:57 . 2011-03-09 17:50 25640 ----a-w- c:\windows\gdrv.sys 2011-03-02 16:52 . 2011-03-02 17:13 -------- d-----w- c:\programdata\InstallShield 2011-03-02 16:52 . 2010-04-27 10:56 21544 ----a-w- c:\windows\system32\drivers\AppleCharger.sys 2011-03-02 16:52 . 2010-04-06 15:30 31272 ----a-w- c:\windows\system32\AppleChargerSrv.exe 2011-03-02 16:52 . 2011-03-02 16:52 -------- d-----w- c:\program files\GIGABYTE 2011-03-02 16:52 . 2005-02-17 06:15 73728 ----a-w- c:\windows\SysWow64\ISUSPM.cpl 2011-03-02 16:52 . 2011-03-02 16:52 -------- d-----w- c:\program files (x86)\NEC Electronics 2011-03-02 16:52 . 2010-03-10 09:57 158320 ------r- c:\windows\SysWow64\xRaidAPI.dll 2011-03-02 16:52 . 2011-03-02 16:52 -------- d-----w- C:\RaidTool 2011-03-02 16:52 . 2010-01-19 02:31 72304 ------r- c:\windows\SysWow64\XSrvSetup.exe 2011-03-02 16:52 . 2010-01-19 02:31 1976944 ------r- c:\windows\SysWow64\xRaidSetup.exe 2011-03-02 16:51 . 2010-01-27 08:58 115312 ----a-w- c:\windows\system32\drivers\jraid.sys 2011-03-02 16:51 . 2011-03-02 16:52 -------- d-----w- c:\windows\RaidTool 2011-03-02 16:51 . 2010-03-22 09:57 347680 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2011-03-02 16:51 . 2010-01-05 16:39 107552 ----a-w- c:\windows\system32\RTNUninst64.dll 2011-03-02 16:51 . 2009-12-03 09:27 74272 ----a-w- c:\windows\system32\RtNicProp64.dll . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . . . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] "Google Update"="c:\users\Joachim\AppData\Local\Google\Update\GoogleUpdate.exe" [2011-03-02 136176] "RocketDock"="c:\users\Joachim\Documents\Programmer\RocketDocket\RocketDock\RocketDock.exe" [2007-09-02 495616] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632] "NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304] "Lycosa"="c:\program files (x86)\Razer\Lycosa\razerhid.exe" [2007-11-20 147456] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"="start http:" [X] "GrpConv"="grpconv -o" [X] "EasyTuneVI"="c:\program files (x86)\Gigabyte\ET6\ETCall.exe" [2007-07-26 20480] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . R1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [x] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] R2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136] R2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2010-01-19 72304] R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x] R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] R3 AODDriver;AODDriver;c:\program files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [2010-03-12 52280] R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [x] R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2011-03-09 30528] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x] S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] . . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) . 2011-03-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1296955141-744290310-1339128705-1000Core.job - c:\users\Joachim\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-02 19:32] . 2011-03-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1296955141-744290310-1339128705-1000UA.job - c:\users\Joachim\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-02 19:32] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-06 10144288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Tilleggsskanning ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://google.no/ mStart Page = hxxp://no.woofi.info/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Free YouTube Download - c:\users\Joachim\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Free YouTube to MP3 Converter - c:\users\Joachim\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm . - - - - TOMME PEKERE FJERNET - - - - . Wow6432Node-HKLM-RunOnce- - (no file) . . . --------------------- LÅSTE REGISTERNØKLER --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Tidspunkt ferdig: 2011-03-13 21:32:08 ComboFix-quarantined-files.txt 2011-03-13 20:32 . Pre-Run: 971 922 464 768 byte ledig Post-Run: 971 550 380 032 byte ledig . - - End Of File - - D6FA61A1F64E8A006C6BB9385D51CFE3