ComboFix 14-01-23.02 - BRG 26.01.2014 13:41:34.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.47.1044.18.8168.6221 [GMT 1:00] Kjører fra: c:\users\BRG\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((( Filer Opprettet Fra 2013-12-26 til 2014-01-26 ))))))))))))))))))))))))))))))))) . . 2014-01-26 12:46 . 2014-01-26 12:46 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2014-01-26 12:46 . 2014-01-26 12:46 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-01-26 12:02 . 2013-10-24 17:38 965000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CEACDFB5-30B6-4981-82EA-071A8B4453B2}\gapaengine.dll 2014-01-26 12:01 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F8E41594-1268-4820-8A9B-19BC2FB5C6BA}\mpengine.dll 2014-01-22 17:08 . 2013-10-17 15:32 20472 ----a-w- c:\windows\system32\Spool\prtprocs\x64\TeamViewer_PrintProcessor.dll 2014-01-22 17:08 . 2013-10-17 15:32 35112 ----a-w- c:\windows\system32\drivers\teamviewervpn.sys 2014-01-22 17:08 . 2014-01-22 17:08 -------- d-----w- c:\program files (x86)\TeamViewer 2014-01-22 17:02 . 2011-03-02 19:54 886776 ----a-w- c:\windows\SysWow64\Codejock.TaskPanel.v15.0.2.ocx 2014-01-22 17:02 . 2011-03-02 19:53 501752 ----a-w- c:\windows\SysWow64\Codejock.ShortcutBar.v15.0.2.ocx 2014-01-22 17:02 . 2011-03-02 19:53 1374200 ----a-w- c:\windows\SysWow64\Codejock.ReportControl.v15.0.2.ocx 2014-01-22 17:02 . 2011-03-02 19:53 825336 ----a-w- c:\windows\SysWow64\Codejock.DockingPane.v15.0.2.ocx 2014-01-22 17:02 . 2011-03-02 19:53 1882104 ----a-w- c:\windows\SysWow64\Codejock.Controls.v15.0.2.ocx 2014-01-22 17:02 . 2011-03-02 19:53 2660344 ----a-w- c:\windows\SysWow64\Codejock.CommandBars.v15.0.2.ocx 2014-01-22 17:02 . 2004-03-09 00:00 1010720 ----a-w- c:\windows\SysWow64\MSCHRT20.OCX 2014-01-22 17:02 . 2014-01-22 17:02 -------- d-----w- c:\program files (x86)\Legacy8 2014-01-22 16:38 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys 2014-01-22 16:38 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2014-01-22 16:38 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys 2014-01-22 16:38 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys 2014-01-22 16:38 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys 2014-01-22 16:38 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys 2014-01-22 16:38 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys 2014-01-22 16:38 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys 2014-01-22 16:38 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys 2014-01-22 16:38 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2014-01-12 09:08 . 2014-01-12 09:08 -------- d-----w- c:\users\BRG\AppData\Local\LogMeIn Client 2014-01-11 13:37 . 2014-01-11 13:37 -------- d-----w- c:\users\BRG\AppData\Local\Unity . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-01-26 11:51 . 2011-10-27 18:56 107368 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2014-01-26 11:51 . 2011-10-27 18:56 92488 ----a-w- c:\windows\system32\LMIinit.dll 2014-01-26 11:51 . 2011-10-27 18:56 35656 ----a-w- c:\windows\system32\LMIport.dll 2014-01-22 22:08 . 2012-04-19 19:09 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-01-22 22:08 . 2011-10-27 21:14 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-01-22 21:49 . 2011-10-15 01:04 86054176 ----a-w- c:\windows\system32\MRT.exe 2014-01-19 07:33 . 2011-10-14 20:17 270496 ------w- c:\windows\system32\MpSigStub.exe 2013-12-19 18:36 . 2011-10-27 18:56 107368 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak 2013-12-18 20:09 . 2013-10-24 17:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-11-30 20:07 . 2013-11-30 20:07 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-11-30 20:07 . 2013-11-30 20:07 194048 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-11-30 20:06 . 2013-11-30 20:06 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2013-11-30 20:06 . 2013-11-30 20:06 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll 2013-11-30 20:06 . 2013-11-30 20:06 62464 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-11-30 20:06 . 2013-11-30 20:06 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll 2013-11-30 20:06 . 2013-11-30 20:06 61952 ----a-w- c:\windows\SysWow64\iesetup.dll 2013-11-30 20:06 . 2013-11-30 20:06 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll 2013-11-30 20:06 . 2013-11-30 20:06 454656 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-11-30 20:06 . 2013-11-30 20:06 36352 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-11-30 20:06 . 2013-11-30 20:06 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll 2013-11-30 20:06 . 2013-11-30 20:06 337408 ----a-w- c:\windows\SysWow64\html.iec 2013-11-30 20:06 . 2013-11-30 20:06 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-11-30 20:06 . 2013-11-30 20:06 235008 ----a-w- c:\windows\system32\elshyph.dll 2013-11-30 20:06 . 2013-11-30 20:06 182272 ----a-w- c:\windows\SysWow64\msls31.dll 2013-11-30 20:06 . 2013-11-30 20:06 151552 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-11-30 20:06 . 2013-11-30 20:06 139264 ----a-w- c:\windows\SysWow64\wextract.exe 2013-11-30 20:06 . 2013-11-30 20:06 13312 ----a-w- c:\windows\SysWow64\mshta.exe 2013-11-30 20:06 . 2013-11-30 20:06 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-11-30 20:06 . 2013-11-30 20:06 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-11-30 20:06 . 2013-11-30 20:06 942592 ----a-w- c:\windows\system32\jsIntl.dll 2013-11-30 20:06 . 2013-11-30 20:06 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-11-30 20:06 . 2013-11-30 20:06 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll 2013-11-30 20:06 . 2013-11-30 20:06 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2013-11-30 20:06 . 2013-11-30 20:06 81408 ----a-w- c:\windows\system32\icardie.dll 2013-11-30 20:06 . 2013-11-30 20:06 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-11-30 20:06 . 2013-11-30 20:06 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-11-30 20:06 . 2013-11-30 20:06 616104 ----a-w- c:\windows\system32\ieapfltr.dat 2013-11-30 20:06 . 2013-11-30 20:06 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-11-30 20:06 . 2013-11-30 20:06 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-11-30 20:06 . 2013-11-30 20:06 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-11-30 20:06 . 2013-11-30 20:06 453120 ----a-w- c:\windows\system32\dxtmsft.dll 2013-11-30 20:06 . 2013-11-30 20:06 413696 ----a-w- c:\windows\system32\html.iec 2013-11-30 20:06 . 2013-11-30 20:06 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll 2013-11-30 20:06 . 2013-11-30 20:06 296960 ----a-w- c:\windows\system32\dxtrans.dll 2013-11-30 20:06 . 2013-11-30 20:06 263376 ----a-w- c:\windows\system32\iedkcs32.dll 2013-11-30 20:06 . 2013-11-30 20:06 247808 ----a-w- c:\windows\system32\msls31.dll 2013-11-30 20:06 . 2013-11-30 20:06 235520 ----a-w- c:\windows\system32\url.dll 2013-11-30 20:06 . 2013-11-30 20:06 195584 ----a-w- c:\windows\system32\msrating.dll 2013-11-30 20:06 . 2013-11-30 20:06 13312 ----a-w- c:\windows\system32\msfeedssync.exe 2013-11-30 20:06 . 2013-11-30 20:06 131072 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-11-30 20:06 . 2013-11-30 20:06 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-11-30 20:06 . 2013-11-30 20:06 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-11-30 20:06 . 2013-11-30 20:06 105984 ----a-w- c:\windows\system32\iesysprep.dll 2013-11-30 20:06 . 2013-11-30 20:06 84992 ----a-w- c:\windows\system32\mshtmled.dll 2013-11-30 20:06 . 2013-11-30 20:06 83968 ----a-w- c:\windows\system32\MshtmlDac.dll 2013-11-30 20:06 . 2013-11-30 20:06 774144 ----a-w- c:\windows\system32\jscript.dll 2013-11-30 20:06 . 2013-11-30 20:06 626176 ----a-w- c:\windows\system32\msfeeds.dll 2013-11-30 20:06 . 2013-11-30 20:06 62464 ----a-w- c:\windows\system32\pngfilt.dll 2013-11-30 20:06 . 2013-11-30 20:06 548352 ----a-w- c:\windows\system32\vbscript.dll 2013-11-30 20:06 . 2013-11-30 20:06 48128 ----a-w- c:\windows\system32\imgutil.dll 2013-11-30 20:06 . 2013-11-30 20:06 30208 ----a-w- c:\windows\system32\licmgr10.dll 2013-11-30 20:06 . 2013-11-30 20:06 243200 ----a-w- c:\windows\system32\webcheck.dll 2013-11-30 20:06 . 2013-11-30 20:06 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-11-30 20:06 . 2013-11-30 20:06 147968 ----a-w- c:\windows\system32\occache.dll 2013-11-30 20:06 . 2013-11-30 20:06 143872 ----a-w- c:\windows\system32\wextract.exe 2013-11-30 20:06 . 2013-11-30 20:06 13824 ----a-w- c:\windows\system32\mshta.exe 2013-11-30 20:06 . 2013-11-30 20:06 135680 ----a-w- c:\windows\system32\iepeers.dll 2013-11-30 20:06 . 2013-11-30 20:06 101376 ----a-w- c:\windows\system32\inseng.dll 2013-11-26 11:54 . 2013-12-20 20:06 23183360 ----a-w- c:\windows\system32\mshtml.dll 2013-11-26 10:19 . 2013-12-20 20:06 2724864 ----a-w- c:\windows\system32\mshtml.tlb 2013-11-26 10:18 . 2013-12-20 20:06 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll 2013-11-26 09:48 . 2013-12-20 20:06 66048 ----a-w- c:\windows\system32\iesetup.dll 2013-11-26 09:46 . 2013-12-20 20:06 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll 2013-11-26 09:41 . 2013-12-20 20:06 2764288 ----a-w- c:\windows\system32\iertutil.dll 2013-11-26 09:29 . 2013-12-20 20:06 53760 ----a-w- c:\windows\system32\jsproxy.dll 2013-11-26 09:27 . 2013-12-20 20:06 33792 ----a-w- c:\windows\system32\iernonce.dll 2013-11-26 09:23 . 2013-12-20 20:06 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb 2013-11-26 09:21 . 2013-12-20 20:06 574976 ----a-w- c:\windows\system32\ieui.dll 2013-11-26 09:18 . 2013-12-20 20:06 139264 ----a-w- c:\windows\system32\ieUnatt.exe 2013-11-26 09:18 . 2013-12-20 20:06 111616 ----a-w- c:\windows\system32\ieetwcollector.exe 2013-11-26 09:16 . 2013-12-20 20:06 708608 ----a-w- c:\windows\system32\jscript9diag.dll 2013-11-26 08:57 . 2013-12-20 20:06 218624 ----a-w- c:\windows\system32\ie4uinit.exe 2013-11-26 08:35 . 2013-12-20 20:06 5769216 ----a-w- c:\windows\system32\jscript9.dll 2013-11-26 08:28 . 2013-12-20 20:06 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll 2013-11-26 08:16 . 2013-12-20 20:06 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll 2013-11-26 08:02 . 2013-12-20 20:06 1995264 ----a-w- c:\windows\system32\inetcpl.cpl 2013-11-26 07:48 . 2013-12-20 20:06 12996608 ----a-w- c:\windows\system32\ieframe.dll 2013-11-26 07:32 . 2013-12-20 20:06 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-11-26 07:07 . 2013-12-20 20:06 2334208 ----a-w- c:\windows\system32\wininet.dll 2013-11-26 06:40 . 2013-12-20 20:06 1395200 ----a-w- c:\windows\system32\urlmon.dll 2013-11-26 06:34 . 2013-12-20 20:06 817664 ----a-w- c:\windows\system32\ieapfltr.dll 2013-11-26 06:33 . 2013-12-20 20:06 1820160 ----a-w- c:\windows\SysWow64\wininet.dll 2013-11-23 18:26 . 2013-12-19 18:39 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll 2013-11-23 17:47 . 2013-12-19 18:39 465920 ----a-w- c:\windows\system32\WMPhoto.dll 2013-11-12 02:23 . 2013-12-19 18:39 2048 ----a-w- c:\windows\system32\tzres.dll 2013-11-12 02:07 . 2013-12-19 18:39 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2013-10-30 02:32 . 2013-12-19 18:39 335360 ----a-w- c:\windows\system32\msieftp.dll 2013-10-30 02:19 . 2013-12-19 18:39 301568 ----a-w- c:\windows\SysWow64\msieftp.dll . . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LaCie Desktop Manager Startup"="c:\program files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe" [2013-01-02 3461120] "TomTomHOME.exe"="d:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2013-08-27 248208] "Mamut Teamwork"="c:\users\BRG\AppData\Local\Apps\2.0\13053QNE.G0H\EMZLDA3A.5PY\mamu..kup4_bca9abb6896fdd2a_0004.0000_5b2793129ab03ae4\mob.exe" [2012-10-25 2565976] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-29 284440] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632] "BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-26 375000] "ASUS ShellProcess Execute"="c:\program files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe" [2010-11-25 252544] "ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2010-11-08 465536] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720] "Adobe Acrobat Speed Launcher"="d:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2013-05-08 44128] "Acrobat Assistant 8.0"="d:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2013-05-08 642664] "BCSSync"="d:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "LWS"="d:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336] "SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "PaperPort PTD"="d:\program files (x86)\ScanSoft\PaperPort\pptd40nt.exe" [2009-03-02 29984] "IndexSearch"="d:\program files (x86)\ScanSoft\PaperPort\IndexSearch.exe" [2009-03-02 46368] "PPort11reminder"="d:\program files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" [2008-11-03 328992] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "DR-2020U CaptureOnTouch"="d:\program files (x86)\Canon Electronics\DR2020U\TouchDR.exe" [2009-08-27 761856] "NUUO Main Console"="d:\program files (x86)\D-Link\D-ViewCam\MainConsole.exe" [2010-08-13 5821760] "EaseUs Watch"="d:\program files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe" [2013-05-10 70728] "EaseUs Tray"="d:\program files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe" [2013-05-10 1372232] "ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2012-03-28 309184] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2014-01-20 152392] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2010-5-28 276328] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x] R2 MBAMService;MBAMService;d:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;d:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x] R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\DRIVERS\AiChargerPlus.sys;c:\windows\SYSNATIVE\DRIVERS\AiChargerPlus.sys [x] S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys;c:\windows\SYSNATIVE\drivers\eubakup.sys [x] S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys;c:\windows\SYSNATIVE\drivers\EUBKMON.sys [x] S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv91xx.sys [x] S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x] S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys;c:\windows\SYSNATIVE\DRIVERS\ctxusbm.sys [x] S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys;c:\windows\SYSNATIVE\drivers\eudskacs.sys [x] S1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys;c:\windows\SYSNATIVE\drivers\EuFdDisk.sys [x] S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [x] S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [x] S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x] S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x] S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe [x] S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [x] S2 EaseUS Agent;EaseUS Agent Service;d:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe;d:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe [x] S2 Guard Agent;Guard Agent Service;d:\program files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe;d:\program files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [x] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x] S2 LaCieDesktopManagerService;LaCieDesktopManagerService;c:\program files\LaCie\Desktop Manager\lacie_dm_service.exe;c:\program files\LaCie\Desktop Manager\lacie_dm_service.exe [x] S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [x] S2 MBAMScheduler;MBAMScheduler;d:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;d:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x] S2 TomTomHOMEService;TomTomHOMEService;d:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;d:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x] S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x] S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x] S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x] S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x] S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe [x] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x] S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x] S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x] S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x] S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x] S3 cxbu0x64;OMNIKEY 3x21;c:\windows\system32\DRIVERS\cxbu0x64.sys;c:\windows\SYSNATIVE\DRIVERS\cxbu0x64.sys [x] S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x] S3 LVUVC64;Logitech Webcam 600(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x] . . --- Andre tjenester/drivere lastet i minnet --- . *NewlyCreated* - LMIINFO . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) . 2014-01-26 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-19 22:08] . 2014-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-11 17:40] . 2014-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-11 17:40] . 2014-01-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-461841695-3278487743-3562531080-1000Core.job - c:\users\BRG\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-10 16:46] . 2014-01-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-461841695-3278487743-3562531080-1000UA.job - c:\users\BRG\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-10 16:46] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288] "AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120] "AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552] "LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912] . ------- Tilleggsskanning ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&ksporter til Microsoft Excel - d:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000 IE: Konverter koblingsmål til en Adobe PDF-fil - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Konverter til Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Se&nd til OneNote - d:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105 IE: Tilføy koblingsmål til en eksisterende PDF-fil - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Tilføy til eksisterende PDF-fil - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html TCP: DhcpNameServer = 193.213.112.4 130.67.15.198 10.0.0.138 DPF: {12193C65-F0E1-4DD1-AD4E-DB73C6911011} - file:///X:/Mydlink/activeX/DCP.cab FF - ProfilePath - c:\users\BRG\AppData\Roaming\Mozilla\Firefox\Profiles\3oqvdww0.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.sol.no/ FF - ExtSQL: !HIDDEN! 2011-10-28 16:56; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . - - - - TOMME PEKERE FJERNET - - - - . Wow6432Node-HKLM-Run- - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start AddRemove-Pixie_is1 - d:\program files (x86)\Pixie\unins000.exe . . . --------------------- LÅSTE REGISTERNØKLER --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Tidspunkt ferdig: 2014-01-26 13:47:45 ComboFix-quarantined-files.txt 2014-01-26 12:47 . Pre-Run: 49 202 651 136 byte ledig Post-Run: 49 978 073 088 byte ledig . - - End Of File - - E1971CF5C1789517F39E988897B0AAE5