ComboFix 12-09-07.03 - ASUSRAN 08.09.2012 14:53:31.1.8 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.47.1044.18.6049.3347 [GMT 2:00] Kjører fra: c:\users\ASUSRAN\Downloads\ComboFix.exe AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984} FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF} SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Opprettet nytt gjenopprettingspunkt . . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\AsPatch10430001.exe c:\windows\msvcr71.dll . . ((((((((((((((((((((((((((( Filer Opprettet Fra 2012-08-08 til 2012-09-08 ))))))))))))))))))))))))))))))))) . . 2012-09-08 12:57 . 2012-09-08 12:57 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-09-08 09:54 . 2012-09-08 09:54 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-09-08 09:54 . 2012-09-08 09:53 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-09-08 09:53 . 2012-09-08 09:53 -------- d-----w- c:\program files (x86)\Java 2012-09-07 06:43 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{801AAF22-AAE5-4BDA-81F8-44474B54770D}\mpengine.dll 2012-08-26 08:52 . 2012-08-26 08:52 -------- d-----w- c:\windows\system32\SPReview 2012-08-26 08:52 . 2012-08-26 08:52 -------- d-----w- c:\windows\system32\EventProviders 2012-08-23 19:46 . 2012-08-23 19:46 -------- d-----w- c:\programdata\ASUS 2012-08-19 14:04 . 2012-08-19 14:04 -------- d-----w- c:\program files (x86)\Mobile Broadband 4G 2012-08-18 17:02 . 2012-08-18 17:21 -------- d-----w- C:\FM Genie Scout 12 2012-08-18 14:29 . 2010-11-05 01:57 48976 ----a-w- c:\windows\system32\netfxperf.dll 2012-08-18 14:29 . 2010-11-05 01:57 1942856 ----a-w- c:\windows\system32\dfshim.dll 2012-08-18 14:29 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll 2012-08-18 14:27 . 2010-11-20 13:29 345600 ----a-w- c:\windows\system32\fveapi.dll 2012-08-18 14:26 . 2010-11-20 13:27 769536 ----a-w- c:\windows\system32\sud.dll 2012-08-18 14:25 . 2010-11-20 13:27 5120 ----a-w- c:\windows\system32\msdxm.ocx 2012-08-18 14:24 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll 2012-08-18 14:24 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll 2012-08-18 14:24 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll 2012-08-18 14:16 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll 2012-08-18 14:16 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll 2012-08-18 14:16 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll 2012-08-18 13:41 . 2011-04-28 03:55 552960 ----a-w- c:\windows\system32\drivers\bthport.sys 2012-08-18 13:41 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS 2012-08-18 13:41 . 2010-11-20 13:24 229376 ----a-w- c:\windows\system32\fsquirt.exe 2012-08-18 06:25 . 2009-03-09 13:27 5425496 ----a-w- c:\windows\system32\D3DX9_41.dll 2012-08-18 06:25 . 2009-03-09 13:27 520544 ----a-w- c:\windows\system32\d3dx10_41.dll 2012-08-18 06:25 . 2009-03-09 13:27 453456 ----a-w- c:\windows\SysWow64\d3dx10_41.dll 2012-08-18 06:25 . 2009-03-09 13:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll 2012-08-18 06:25 . 2009-03-09 13:27 2430312 ----a-w- c:\windows\system32\D3DCompiler_41.dll 2012-08-18 06:25 . 2009-03-09 13:27 1846632 ----a-w- c:\windows\SysWow64\D3DCompiler_41.dll 2012-08-18 06:25 . 2009-03-16 12:18 73544 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2012-08-18 06:25 . 2009-03-16 12:18 69448 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll 2012-08-18 06:25 . 2009-03-16 12:18 521560 ----a-w- c:\windows\system32\XAudio2_4.dll 2012-08-18 06:25 . 2009-03-16 12:18 517448 ----a-w- c:\windows\SysWow64\XAudio2_4.dll 2012-08-18 06:25 . 2009-03-16 12:18 235352 ----a-w- c:\windows\SysWow64\xactengine3_4.dll 2012-08-18 06:25 . 2009-03-16 12:18 174936 ----a-w- c:\windows\system32\xactengine3_4.dll 2012-08-18 06:23 . 2005-03-18 15:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll 2012-08-18 06:23 . 2005-02-05 17:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll 2012-08-18 06:15 . 2012-08-18 06:15 -------- d-----w- C:\NVIDIA 2012-08-18 05:47 . 2012-08-18 05:47 -------- d-----w- c:\program files\CCleaner 2012-08-18 05:43 . 2012-08-18 05:43 -------- d-----w- c:\programdata\Malwarebytes 2012-08-18 05:43 . 2012-08-18 05:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-08-18 05:43 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-18 05:42 . 2012-08-18 05:42 -------- d-----w- c:\program files\CDBurnerXP 2012-08-18 05:37 . 2012-08-18 05:39 -------- d-----w- c:\program files (x86)\LibreOffice 3.6 2012-08-18 05:36 . 2012-08-18 05:36 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2012-08-18 05:35 . 2012-08-18 05:35 -------- d-----w- c:\program files (x86)\VideoLAN 2012-08-18 05:34 . 2012-08-18 05:35 -------- d-----w- c:\program files (x86)\Google 2012-08-18 05:34 . 2012-08-18 05:34 -------- d-----w- c:\program files (x86)\VS Revo Group 2012-08-18 05:34 . 2012-08-26 09:26 -------- d-----w- c:\program files (x86)\Common Files\Steam 2012-08-18 05:34 . 2012-09-07 21:43 -------- d-----w- c:\program files (x86)\Steam 2012-08-18 05:34 . 2012-08-18 05:34 -------- d-----w- c:\program files (x86)\uTorrent 2012-08-18 05:34 . 2012-08-18 05:33 916456 ----a-w- c:\windows\system32\deployJava1.dll 2012-08-18 05:34 . 2012-08-18 05:33 289768 ----a-w- c:\windows\system32\javaws.exe 2012-08-18 05:34 . 2012-08-18 05:33 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-08-18 05:33 . 2012-08-18 05:33 189416 ----a-w- c:\windows\system32\javaw.exe 2012-08-18 05:33 . 2012-08-18 05:33 188904 ----a-w- c:\windows\system32\java.exe 2012-08-18 05:33 . 2012-08-18 05:33 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll 2012-08-18 05:33 . 2012-08-18 05:33 -------- d-----w- c:\program files\Java 2012-08-18 05:33 . 2012-09-08 09:53 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-08-18 05:33 . 2012-09-08 09:53 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-08-18 05:30 . 2012-08-18 05:30 -------- d-----w- c:\program files\Microsoft Silverlight 2012-08-18 05:30 . 2012-08-18 05:30 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2012-08-18 05:30 . 2012-08-18 05:30 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-18 05:30 . 2012-08-18 05:30 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-18 05:30 . 2012-08-18 05:30 -------- d-----w- c:\windows\system32\Macromed 2012-08-18 05:20 . 2012-08-18 05:20 -------- d-----w- c:\windows\SysWow64\Wat 2012-08-18 05:20 . 2012-08-18 05:20 -------- d-----w- c:\windows\system32\Wat 2012-08-17 22:00 . 2012-08-17 22:00 -------- d-----w- c:\program files (x86)\MSXML 4.0 2012-08-17 21:55 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe 2012-08-17 21:45 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-08-17 21:45 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-08-17 21:45 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll 2012-08-17 21:45 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll 2012-08-17 21:45 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-08-17 21:45 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-08-17 21:45 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-08-17 21:42 . 2012-08-03 02:27 62134624 ----a-w- c:\windows\system32\MRT.exe 2012-08-17 21:40 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-17 21:39 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-08-17 21:38 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2012-08-17 21:37 . 2011-03-11 06:34 1359872 ----a-w- c:\windows\system32\mfc42u.dll 2012-08-17 21:36 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll 2012-08-17 21:36 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll 2012-08-17 21:36 . 2011-05-03 05:29 976896 ----a-w- c:\windows\system32\inetcomm.dll 2012-08-17 21:36 . 2011-05-03 04:30 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll 2012-08-17 21:36 . 2011-02-23 04:55 90624 ----a-w- c:\windows\system32\drivers\bowser.sys 2012-08-17 21:36 . 2011-02-12 11:34 267776 ----a-w- c:\windows\system32\FXSCOVER.exe 2012-08-17 21:36 . 2010-11-20 13:25 974336 ----a-w- c:\windows\system32\WFS.exe 2012-08-17 21:36 . 2012-04-28 05:32 1112064 ----a-w- c:\windows\system32\rdpcorets.dll 2012-08-17 21:36 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-08-17 21:36 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll 2012-08-17 21:36 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll 2012-08-17 21:36 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll 2012-08-17 21:36 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-08-17 11:32 . 2012-05-31 10:25 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-08-17 11:26 . 2011-10-07 08:49 2770944 ----a-w- c:\windows\system32\drivers\athrx.sys 2012-08-17 11:23 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-08-17 11:23 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-08-17 11:23 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-08-17 11:23 . 2010-11-20 11:07 162816 ----a-w- c:\windows\system32\rdpudd.dll 2012-08-17 11:23 . 2010-11-20 11:03 20992 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys 2012-08-17 11:19 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-08-17 11:19 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-08-17 11:19 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-08-17 11:19 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-08-17 11:19 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-08-17 11:19 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-08-17 11:19 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-08-17 11:19 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-08-17 11:19 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-08-17 11:15 . 2012-09-08 12:24 -------- d-----w- c:\programdata\Kaspersky Lab 2012-08-17 11:15 . 2012-08-17 11:15 -------- d-----w- c:\program files (x86)\Kaspersky Lab 2012-08-17 11:15 . 2012-08-17 11:15 615728 ----a-w- c:\windows\system32\drivers\klif.sys 2012-08-17 11:13 . 2012-09-07 06:37 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe 2012-08-17 10:18 . 2012-08-17 10:18 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll 2012-08-17 10:18 . 2012-08-17 10:18 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll 2012-08-17 10:18 . 2012-08-17 10:18 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll 2012-08-17 10:11 . 2012-08-17 10:21 -------- d-----w- c:\program files (x86)\CyberLink 2012-08-17 10:11 . 2012-08-17 10:11 -------- d-----w- c:\programdata\CyberLink 2012-08-17 10:09 . 2012-08-19 07:10 -------- d-----w- c:\windows\Panther 2012-08-17 10:09 . 2012-08-17 11:54 -------- d-----w- C:\ExpressGateUtil 2012-08-17 10:06 . 2012-08-17 10:06 -------- d-----w- c:\program files\Intel 2012-08-17 10:05 . 2012-08-17 10:05 -------- d-----w- C:\eSupport . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-26 08:57 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2012-08-26 08:57 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2012-06-27 02:14 . 2012-06-27 02:14 4472832 ----a-w- c:\windows\SysWow64\GPhotos.scr . . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "Spotify"="c:\users\ASUSRAN\AppData\Roaming\Spotify\spotify.exe" [2012-08-18 5576408] "Spotify Web Helper"="c:\users\ASUSRAN\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-08-18 1193176] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "FLxHCIm64"="c:\program files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe" [2011-10-17 47616] "SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-09 984400] "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-07-21 5716608] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-09-13 2317312] "VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2011-10-31 27528] "RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336] "UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-11-24 222504] "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-24 202296] "Blackcomb"="c:\program files (x86)\Mobile Broadband 4G\ModemPnPService.exe" [2010-12-09 134248] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . c:\users\ASUSRAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Intel® Turbo Boost-teknologi monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-18 250056] R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-08-02 36000] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-08-02 330912] R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-08-02 110240] R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-08-02 167584] R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-08-02 68256] R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-08-02 280992] R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-08-02 511136] R3 C2XXCOM;LTE/HSPA COM Port USB Device;c:\windows\system32\DRIVERS\C2XXCOM76.sys [2010-10-25 49920] R3 C2xxUSB;Samsung CMC2xx USB Network Driver;c:\windows\system32\DRIVERS\C2xxUSB76.sys [2010-11-04 46080] R3 C2xxUsbStorage;Samsung CMC2xx USB LTE Storage Driver;c:\windows\system32\DRIVERS\C2xSTR76.sys [2010-10-26 9216] R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-18 1255736] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-09-28 28992] S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536] S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11864] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 29488] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416] S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-08-02 146592] S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-08-02 103584] S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-01-14 1839616] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-09-28 2253120] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120] S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280] S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-10-31 83336] S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2011-09-20 16768] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-08-02 30368] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-09-08 129024] S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2011-10-17 202496] S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2011-10-17 69888] S3 IntcDAud;Intel(R) Skjermlyd;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 22544] S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136] S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] . . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) . 2012-09-08 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-18 05:30] . 2012-09-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3123920155-853950044-1027607638-1000Core.job - c:\users\ASUSRAN\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-18 05:23] . 2012-09-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3123920155-853950044-1027607638-1000UA.job - c:\users\ASUSRAN\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-18 05:23] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-08-02 961184] "AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-08-02 798880] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-07-28 167704] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-07-28 392472] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-07-28 416024] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-09-19 2278504] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Tilleggsskanning ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Legg til Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm TCP: DhcpNameServer = 217.13.7.140 217.13.4.24 . - - - - TOMME PEKERE FJERNET - - - - . HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr . . . --------------------- LÅSTE REGISTERNØKLER --------------------- . [HKEY_USERS\S-1-5-21-3123920155-853950044-1027607638-1000\Software\G*e*n*i*e*"!\FM Genie Scout 12] "GameDir"="c:\\FM Genie Scout 12\\games" "ShortlistDir"="c:\\FM Genie Scout 12\\shortlists" "FMPath"="" "ScreenshotsDir"="c:\\FM Genie Scout 12" "SaveDir"="c:\\FM Genie Scout 12\\" "HistoryDir"="c:\\FM Genie Scout 12\\History Points" "LangDB"="c:\\FM Genie Scout 12\\lang_db.dat" "LastSaveGame"="d:\\Spill\\FM2012\\RBK2012.fm" "Language"="Swedish" "LoadLangDB"=dword:00000001 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="Steklo Black" "LastUpdateCheck"=dword:0000a0c0 "VersionOf201"=dword:0000007b "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "ShowGuidNotification"=dword:00000000 "ShowDonateNotification"=dword:00000000 "Version"=dword:000000ce "UniqueID"="96-A5B0-EB5F" "Currency"=dword:0000003a "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "PlayerSearchFeatureNum"=dword:0000000c "StaffSearchFeatureNum"=dword:00000000 "ClubSearchFeatureNum"=dword:00000009 "FilterByClubFeatureNum"=dword:00000000 "CompareFeatureNum"=dword:00000000 "ShortlistFeatureNum"=dword:00000000 "ExportFeatureNum"=dword:00000000 "HistoryFeatureNum"=dword:00000000 "LanguageDBFeatureNum"=dword:0000000c "HintsFeatureNum"=dword:00000001 "GenieReportFeatureNum"=dword:0000000b "TopFormationFeatureNum"=dword:00000009 "ScreenshotFeatureNum"=dword:00000000 "AdClicksNum"=dword:00000001 "AdImpressionsNum"=dword:00000051 "GameLoadedCounter"=dword:00000006 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Tidspunkt ferdig: 2012-09-08 14:59:03 ComboFix-quarantined-files.txt 2012-09-08 12:59 . Pre-Run: 277 298 024 448 byte ledig Post-Run: 277 196 201 984 byte ledig . - - End Of File - - 512CB2139E189B01C9D5E923808E4D15