ComboFix 13-04-19.01 -  19.04.2013  16:29:51.2.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.47.1044.18.1022.479 [GMT 2:00]
Kjører fra: c:\documents and settings\\Skrivebord\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !!
.
.
(((((((((((((((((((((((((((((((((((((((   Andre slettinger   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Programdata\TEMP
c:\windows\IsUn0414.exe
c:\windows\system32\Cache
c:\windows\system32\Cache\128b17d1b940ff42.fb
c:\windows\system32\Cache\2053d960868ba841.fb
c:\windows\system32\Cache\26c630d098e22dd5.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\2c6b33eed32c6ec4.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\43b45341b3a1c3c7.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\5d45241563607b49.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\699095ba13419776.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\82825ba3649ec2d1.fb
c:\windows\system32\Cache\95f567698be8a182.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\ae7436023bc01699.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\c79b826d79dd90a8.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
D:\AUTORUN.INF
.
.
(((((((((((((((((((((((((((   Filer Opprettet Fra 2013-03-19 til 2013-04-19  )))))))))))))))))))))))))))))))))
.
.
2013-04-19 14:27 . 2013-04-19 14:27	29904	----a-w-	c:\documents and settings\All Users\Programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0BCE4ED2-8078-4C97-A2F4-74E0E54BE97B}\MpKsl97dba8c8.sys
2013-04-19 13:57 . 2013-04-19 13:57	29904	----a-w-	c:\documents and settings\All Users\Programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0BCE4ED2-8078-4C97-A2F4-74E0E54BE97B}\MpKsl37d0993f.sys
2013-04-17 14:24 . 2013-04-19 13:55	--------	d--h--r-	c:\documents and settings\\Siste
2013-04-17 13:21 . 2013-04-04 03:35	94112	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2013-04-17 00:01 . 2013-03-14 22:21	7108640	----a-w-	c:\documents and settings\All Users\Programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0BCE4ED2-8078-4C97-A2F4-74E0E54BE97B}\mpengine.dll
2013-04-17 00:00 . 2013-04-02 10:33	237088	------w-	c:\windows\system32\MpSigStub.exe
2013-04-16 23:55 . 2013-04-16 23:55	--------	d-----w-	c:\programfiler\Microsoft Security Client
2013-04-16 23:39 . 2013-04-16 23:39	--------	d-----w-	c:\documents and settings\Lisbeth Høve\Programdata
2013-04-16 23:39 . 2013-04-16 23:39	--------	d-----w-	c:\documents and settings\Eier\Programdata
2013-04-16 23:38 . 2010-02-24 14:39	675840	----a-w-	c:\windows\system32\NETwLc32.dll
2013-04-16 23:38 . 2010-10-07 02:11	6609920	----a-w-	c:\windows\system32\drivers\NETwLx32.sys
2013-04-16 23:38 . 2010-02-24 14:37	2756608	----a-w-	c:\windows\system32\NETwLr32.dll
2013-04-16 23:38 . 2013-04-16 23:38	--------	d-----w-	c:\programfiler\Fellesfiler\Intel
2013-04-16 23:14 . 2013-04-16 23:14	--------	d-----w-	c:\programfiler\SystemRequirementsLab
2013-04-16 21:54 . 2013-04-16 21:54	--------	d-----w-	c:\programfiler\iPod
2013-04-16 21:53 . 2013-04-16 21:55	--------	d-----w-	c:\documents and settings\All Users\Programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-04-16 21:53 . 2013-04-16 21:55	--------	d-----w-	c:\programfiler\iTunes
2013-04-16 21:50 . 2013-04-16 23:39	--------	d-----w-	c:\documents and settings\Leif-Gøran Høve
2013-04-16 21:44 . 2013-04-16 21:44	--------	d-----w-	c:\programfiler\Bonjour
2013-04-16 21:01 . 2013-04-16 21:01	--------	d-----w-	c:\programfiler\Fellesfiler\Skype
2013-04-16 21:01 . 2013-04-16 21:01	--------	d-----r-	c:\programfiler\Skype
2013-04-16 20:34 . 2013-04-16 20:35	--------	d-----w-	c:\programfiler\Fellesfiler\Adobe
2013-04-16 20:32 . 2013-04-16 20:32	--------	d-----w-	c:\documents and settings\\Lokale innstillinger\Programdata\MFAData
2013-04-16 20:32 . 2013-04-16 20:32	--------	d-----w-	c:\documents and settings\\Lokale innstillinger\Programdata\Avg2013
2013-04-16 17:18 . 2013-04-16 17:18	--------	d-----w-	c:\programfiler\CCleaner
2013-04-16 17:17 . 2013-04-10 06:57	26520	----a-w-	c:\programfiler\Mozilla Firefox\plugin-hang-ui.exe
2013-04-16 13:50 . 2001-10-06 11:43	6784	----a-w-	c:\windows\system32\drivers\serscan.sys
2013-04-16 13:50 . 2001-10-06 11:43	6784	----a-w-	c:\windows\system32\dllcache\serscan.sys
2013-04-16 13:49 . 2013-04-16 13:49	--------	d-----w-	c:\programfiler\Hewlett-Packard
2013-04-16 13:49 . 2013-04-16 13:49	--------	d-----w-	c:\documents and settings\\Programdata\Hewlett-Packard
2013-04-16 13:49 . 2013-04-16 13:49	--------	d-----w-	c:\programfiler\HP Photo Creations
2013-04-16 13:49 . 2013-04-16 13:49	--------	d-----w-	c:\documents and settings\All Users\Programdata\HP Photo Creations
2013-04-16 13:49 . 2013-04-16 13:49	--------	d-----w-	c:\documents and settings\All Users\Programdata\Visan
2013-04-16 13:47 . 2013-04-17 14:13	--------	d-----w-	c:\documents and settings\\Programdata\HpUpdate
2013-04-16 13:46 . 2012-10-17 02:04	580712	------w-	c:\windows\system32\HPDiscoPMB111.dll
2013-04-16 13:45 . 2012-06-13 03:21	495504	----a-w-	c:\windows\system32\HPWia1_PS5520.dll
2013-04-16 13:45 . 2012-06-13 03:21	1979280	----a-w-	c:\windows\system32\HPScanTRDrv_PS5520.dll
2013-04-16 13:45 . 2012-06-13 03:21	529808	----a-w-	c:\windows\system32\hpinkstsB111.dll
2013-04-16 13:45 . 2012-06-13 03:21	268688	----a-w-	c:\windows\system32\hpinkstsB111LM.dll
2013-04-16 13:45 . 2012-06-13 03:21	220560	----a-w-	c:\windows\system32\hpinkcoiB111.dll
2013-04-16 13:45 . 2012-06-13 02:47	2216336	----a-w-	c:\windows\system32\hpinkinsB111.exe
2013-04-16 13:45 . 2013-04-16 13:45	--------	d-----w-	c:\documents and settings\All Users\Programdata\HP
2013-04-16 13:44 . 2013-04-16 13:47	--------	d-----w-	c:\programfiler\HP
2013-04-16 13:43 . 2013-04-16 13:51	--------	d-----w-	c:\documents and settings\\Lokale innstillinger\Programdata\HP
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-16 21:10 . 2012-09-20 18:05	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-16 21:10 . 2012-09-20 18:05	691592	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-03-13 20:34 . 2013-03-13 20:34	15859416	----a-w-	c:\windows\system32\FlashPlayerInstaller.exe
2013-03-12 16:49 . 2012-10-07 07:18	861088	----a-w-	c:\windows\system32\npdeployJava1.dll
2013-03-12 16:49 . 2010-07-22 22:04	782240	----a-w-	c:\windows\system32\deployJava1.dll
2013-03-08 08:36 . 2004-09-28 17:07	293376	----a-w-	c:\windows\system32\winsrv.dll
2013-03-07 15:56 . 2004-09-28 17:06	2151936	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-03-07 15:56 . 2004-08-03 23:58	2030592	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-03-02 02:08 . 2004-09-28 17:07	916480	----a-w-	c:\windows\system32\wininet.dll
2013-03-02 02:08 . 2004-09-28 17:06	43520	----a-w-	c:\windows\system32\licmgr10.dll
2013-03-02 02:08 . 2004-09-28 17:06	1469440	----a-w-	c:\windows\system32\inetcpl.cpl
2013-03-02 01:58 . 2004-09-28 17:07	1867264	----a-w-	c:\windows\system32\win32k.sys
2013-03-02 01:08 . 2004-09-28 17:06	385024	----a-w-	c:\windows\system32\html.iec
2013-02-27 07:58 . 2004-09-28 17:19	2067456	----a-w-	c:\windows\system32\mstscax.dll
2013-02-19 16:06 . 2012-09-05 16:30	33112	----a-w-	c:\windows\system32\drivers\avgtpx86.sys
2013-02-12 00:32 . 2008-04-13 18:56	12928	------w-	c:\windows\system32\drivers\usb8023x.sys
2013-02-12 00:32 . 2004-09-28 17:07	12928	----a-w-	c:\windows\system32\drivers\usb8023.sys
2013-01-26 03:55 . 2004-09-28 17:06	552448	----a-w-	c:\windows\system32\oleaut32.dll
2013-01-20 13:59 . 2013-01-20 13:59	195296	----a-w-	c:\windows\system32\drivers\MpFilter.sys
2008-07-13 17:11 . 2008-07-13 17:11	2228534	----a-w-	c:\programfiler\audacity-win-1.2.6.exe
2008-07-13 17:08 . 2008-07-13 17:07	1512927	----a-w-	c:\programfiler\LADSPA_plugins-win-0.4.15.exe
2013-04-10 06:57 . 2013-02-24 17:29	263064	----a-w-	c:\programfiler\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((   Oppstartspunkter I Registeret   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Photosmart 5520 series (NET)"="c:\programfiler\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 1837672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 282624]
"SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"ISUSPM Startup"="c:\programfiler\Fellesfiler\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"ATICCC"="c:\programfiler\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"LXCRCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2005-12-01 65536]
"IntelZeroConfig"="c:\programfiler\Intel\WiFi\bin\ZCfgSvc.exe" [2012-04-24 1407248]
"IntelWireless"="c:\programfiler\Fellesfiler\Intel\WirelessCommon\iFrmewrk.exe" [2012-04-24 1210640]
"SunJavaUpdateSched"="c:\programfiler\Fellesfiler\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^BTTray.lnk]
path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\BTTray.lnk
backup=c:\windows\pss\BTTray.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^Device Detector 3.lnk]
path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\Device Detector 3.lnk
backup=c:\windows\pss\Device Detector 3.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-09-23 18:43	926896	----a-w-	c:\programfiler\Fellesfiler\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-01-28 11:08	59720	----a-w-	c:\programfiler\Fellesfiler\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-10-27 18:17	207424	----a-w-	c:\programfiler\Fellesfiler\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
2005-01-27 00:02	86016	----a-w-	c:\programfiler\Dell\Media Experience\DMXLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
2006-02-07 05:10	98304	----a-w-	c:\programfiler\Lexmark 2400 Series\ezprint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2011-10-28 10:18	49208	----a-w-	c:\programfiler\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
2010-03-26 20:15	353736	----a-w-	c:\programfiler\IncrediMail\Bin\IncMail.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-02-20 10:35	152392	----a-w-	c:\programfiler\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcrmon.exe]
2006-01-22 17:45	286720	----a-w-	c:\programfiler\Lexmark 2400 Series\lxcrmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ModemOnHold]
2003-09-10 01:24	20480	------w-	c:\programfiler\NetWaiting\netwaiting.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2013-01-27 09:11	947152	----a-w-	c:\programfiler\Microsoft Security Client\msseces.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 01:12	421888	----a-w-	c:\programfiler\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-02-28 16:50	18642024	----a-r-	c:\programfiler\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
2013-04-17 13:35	4555776	----a-w-	c:\programfiler\Spotify\spotify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2013-04-17 13:34	1105408	----a-w-	c:\programfiler\Spotify\Data\SpotifyWebHelper.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programfiler\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programfiler\\DNA\\btdna.exe"=
"c:\\Programfiler\\Mozilla Firefox\\firefox.exe"=
"c:\\Programfiler\\Spotify\\spotify.exe"=
"c:\\Programfiler\\IncrediMail\\Bin\\IncMail.exe"=
"c:\\Programfiler\\IncrediMail\\Bin\\ImApp.exe"=
"c:\\Programfiler\\IncrediMail\\Bin\\ImpCnt.exe"=
"c:\\Programfiler\\SightSpeed\\SightSpeed.exe"=
"c:\\Programfiler\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programfiler\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programfiler\\Skype\\Phone\\Skype.exe"=
"c:\\Programfiler\\Fellesfiler\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programfiler\\Bonjour\\mDNSResponder.exe"=
"c:\\Programfiler\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10421:UDP"= 10421:UDP:SingleClick Discovery Protocol
"10426:UDP"= 10426:UDP:SingleClick ICC
.
R0 PzWDM;PzWDM;c:\windows\system32\drivers\PzWDM.sys [29.09.2008 22:20 15172]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [05.09.2012 18:30 33112]
R1 MpKsl97dba8c8;MpKsl97dba8c8;c:\documents and settings\All Users\Programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0BCE4ED2-8078-4C97-A2F4-74E0E54BE97B}\MpKsl97dba8c8.sys [19.04.2013 16:27 29904]
R2 BBUpdate;BBUpdate;c:\programfiler\Microsoft\BingBar\SeaPort.EXE [15.06.2011 17:33 249648]
R2 NAUpdate;@c:\programfiler\Nero\Update\NASvc.exe,-200;c:\programfiler\Nero\Update\NASvc.exe [04.05.2010 13:07 503080]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\programfiler\Fellesfiler\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [19.02.2013 18:07 968880]
R3 NETwLx32;    Intel(R) Wireless WiFi Link  5000-serien kortdriver for Windows XP 32-bit;c:\windows\system32\drivers\NETwLx32.sys [17.04.2013 01:38 6609920]
S2 cpuz134;cpuz134;\??\c:\windows\system32\drivers\cpuz134_x32.sys --> c:\windows\system32\drivers\cpuz134_x32.sys [?]
S2 SkypeUpdate;Skype Updater;c:\programfiler\Skype\Updater\Updater.exe [28.02.2013 18:45 161384]
S3 BBSvc;Bing Bar Update Service;c:\programfiler\Microsoft\BingBar\BBSvc.EXE [07.07.2011 19:31 195336]
S3 cpudrv;cpudrv;c:\programfiler\SystemRequirementsLab\cpudrv.sys [02.06.2011 10:08 11336]
S3 GemCCID;GemCCID;c:\windows\system32\drivers\GemCCID.sys [10.08.2009 13:07 89600]
S3 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
S3 SynasUSB;SynasUSB;c:\windows\system32\drivers\synasUSB.sys [22.05.2008 23:56 18432]
.
--- Andre tjenester/drivere lastet i minnet ---
.
*NewlyCreated* - MPKSL97DBA8C8
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
.
2013-04-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-20 21:10]
.
2013-04-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:57]
.
2013-04-17 c:\windows\Tasks\At1.job
- c:\programfiler\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17 02:15]
.
2013-04-16 c:\windows\Tasks\At2.job
- c:\programfiler\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17 02:15]
.
2013-04-19 c:\windows\Tasks\At3.job
- c:\programfiler\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17 02:15]
.
2013-04-17 c:\windows\Tasks\At4.job
- c:\programfiler\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17 02:15]
.
2013-04-19 c:\windows\Tasks\User_Feed_Synchronization-{3F40AAB4-1FD5-4464-BBED-939DCC433843}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Tilleggsskanning -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.sonic.com/links.asp?prod=9&SNML=CAL2AQR7D5P443F8J|CSMTHRM2VKQ2FKT4S|CY695VKQ7EY77F8MB|C2AJZ7PZ8G5676GVU|CTG3Q8P5R4PWG3C3F|SC-BRANCH_0_FROM_200B94A&SRNM=CSMTHRM2VKQ2FKT4S&LANG=ENU&type=PurchaseCP&ext1=Sonic%20DigitalMedia%20LE%20v7
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: DhcpNameServer = 192.168.1.1
DPF: {25C29129-E95F-4564-BFE3-000000007100} - hxxp://www.123hjemmeside.no/builder/pages/KvikVideo-7-1-0-0.CAB
DPF: {4445EA6A-9008-40D5-9160-035FDE5214C4} - hxxp://www.123hjemmeside.no/builder/pages/Mpu-dk-1-0-0-8.cab
FF - ProfilePath - c:\documents and settings\\Programdata\Mozilla\Firefox\Profiles\2gww0y9n.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
FF - prefs.js: browser.startup.homepage - hxxps://nb-no.facebook.com/
FF - ExtSQL: !HIDDEN! 2009-09-02 01:15; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - TOMME PEKERE FJERNET - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
MSConfigStartUp-DVDLauncher - c:\programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe
MSConfigStartUp-Google Desktop Search - c:\programfiler\Google\Google Desktop Search\GoogleDesktop.exe
MSConfigStartUp-MalwareWiped 6 - c:\programfiler\MW\MalwareWiped 6.0\MalwareWiped 6.0.exe
MSConfigStartUp-NBKeyScan - c:\programfiler\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
MSConfigStartUp-NeroFilterCheck - c:\programfiler\Fellesfiler\Nero\Lib\NeroCheck.exe
MSConfigStartUp-UnlockerAssistant - c:\programfiler\Unlocker\UnlockerAssistant.exe
AddRemove-Virtual Globe - c:\windows\system32\javaws.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-19 16:41
Windows 5.1.2600 Service Pack 3 NTFS
.
skanner skjulte prosesser ...  
.
skanner skjulte autostart-oppføringer ... 
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  LXCRCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? 
.
skanner skjulte filer ...  
.
skanning vellykket
skjulte filer: 0
.
**************************************************************************
.
--------------------- LÅSTE REGISTERNØKLER ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Intel\Wireless\Folders\0*& :*]
"Path"="c:\\WINDOWS\\system32\\config\\systemprofile\\Programdata\\Intel\\Wireless\\"
.
[HKEY_LOCAL_MACHINE\software\Intel\Wireless\Folders\¸* 7*]
"Path"="c:\\WINDOWS\\system32\\config\\systemprofile\\Programdata\\Intel\\Wireless\\"
.
[HKEY_LOCAL_MACHINE\software\Intel\Wireless\Folders\À* 7*]
"Path"="c:\\WINDOWS\\system32\\config\\systemprofile\\Programdata\\Intel\\Wireless\\"
.
--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------
.
- - - - - - - > 'winlogon.exe'(912)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\netprovcredman.dll
.
Tidspunkt ferdig: 2013-04-19  16:44:10
ComboFix-quarantined-files.txt  2013-04-19 14:44
.
Pre-Run: 34 370 207 744 byte ledig
Post-Run: 36 045 807 616 byte ledig
.
- - End Of File - - 4B34971BA54DE644270DDF42449382D6