ComboFix 08-05-12.1 - Kjell Sverre 2008-05-15 21:42:11.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.148 [GMT 2:00] Running from: C:\Documents and Settings\Kjell Sverre\Skrivebord\ComboFix.exe * Created a new restore point * Resident AV is active [color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color] . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\cookies.ini C:\WINDOWS\pskt.ini C:\WINDOWS\SYSTEM32\fLmlTvut.ini C:\WINDOWS\SYSTEM32\fLmlTvut.ini2 C:\WINDOWS\system32\gxuflklm.ini C:\WINDOWS\system32\snljxehn.ini . ((((((((((((((((((((((((( Files Created from 2008-04-15 to 2008-05-15 ))))))))))))))))))))))))))))))) . 2008-05-12 20:04 . 2008-05-12 20:04 d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com 2008-05-12 20:03 . 2008-05-12 20:49 d-------- C:\Programfiler\SUPERAntiSpyware 2008-05-12 20:03 . 2008-05-12 20:03 d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard 2008-05-12 20:03 . 2008-05-12 20:03 d-------- C:\Documents and Settings\Kjell Sverre\Programdata\SUPERAntiSpyware.com 2008-05-12 20:01 . 2008-05-14 18:50 dr-h----- C:\Documents and Settings\Kjell Sverre\Siste 2008-05-12 18:41 . 2008-05-12 18:41 d-------- C:\Programfiler\CCleaner 2008-05-12 15:28 . 2008-05-12 15:28 d-------- C:\VundoFix Backups 2008-05-08 20:26 . 2008-05-12 15:20 109,825 --a------ C:\WINDOWS\BM3b87978b.xml 2008-05-08 15:54 . 2008-05-08 21:21 d-------- C:\WINDOWS\BDOSCAN8 2008-05-07 22:33 . 2004-08-04 10:03 221,184 --a------ C:\WINDOWS\SYSTEM32\wmpns.dll 2008-05-07 22:13 . 2008-05-07 22:13 d-------- C:\WINDOWS\SYSTEM32\no 2008-05-07 22:13 . 2008-05-07 22:13 d-------- C:\WINDOWS\l2schemas 2008-05-07 21:27 . 2008-04-14 18:22 276,992 --------- C:\WINDOWS\SYSTEM32\wmphoto.dll 2008-05-07 21:25 . 2008-04-14 18:22 1,306,624 --------- C:\WINDOWS\SYSTEM32\msxml6.dll 2008-05-07 21:24 . 2008-04-14 18:21 651,264 --------- C:\WINDOWS\SYSTEM32\dot3ui.dll 2008-05-07 21:23 . 2008-04-14 18:21 233,472 --------- C:\WINDOWS\SYSTEM32\azroles.dll 2008-05-07 21:23 . 2008-04-14 18:21 136,192 --------- C:\WINDOWS\SYSTEM32\aaclient.dll 2008-05-07 21:23 . 2008-04-14 18:21 7,168 --------- C:\WINDOWS\SYSTEM32\bitsprx4.dll 2008-05-06 19:56 . 2008-05-12 21:38 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-05-06 19:56 . 2008-05-06 19:56 1,409 --a------ C:\WINDOWS\QTFont.for 2008-04-27 14:07 . 2002-11-26 21:33 dr------- C:\Documents and Settings\Administrator\Start-meny 2008-04-27 14:07 . 2002-11-26 21:33 d--h----- C:\Documents and Settings\Administrator\Skrivere 2008-04-27 14:07 . 2002-11-26 21:33 d-------- C:\Documents and Settings\Administrator\Skrivebord 2008-04-27 14:07 . 2002-11-26 21:33 dr-h----- C:\Documents and Settings\Administrator\Siste 2008-04-27 14:07 . 2002-11-26 22:01 d-------- C:\Documents and Settings\Administrator\Programdata\Symantec 2008-04-27 14:07 . 2002-11-26 22:01 dr-h----- C:\Documents and Settings\Administrator\Programdata 2008-04-27 14:07 . 2002-11-26 21:33 dr------- C:\Documents and Settings\Administrator\Mine dokumenter 2008-04-27 14:07 . 2002-11-26 21:33 d--h----- C:\Documents and Settings\Administrator\Maler 2008-04-27 14:07 . 2008-05-15 21:47 d--h----- C:\Documents and Settings\Administrator\Lokale innstillinger 2008-04-27 14:07 . 2002-11-26 21:33 dr------- C:\Documents and Settings\Administrator\Favoritter 2008-04-27 14:07 . 2002-11-26 21:33 d--h----- C:\Documents and Settings\Administrator\AndrMask 2008-04-27 14:07 . 2008-05-01 17:25 d-------- C:\Documents and Settings\Administrator 2008-04-27 14:07 . 2008-05-15 21:42 1,024 --ah----- C:\Documents and Settings\Administrator\ntuser.dat.LOG 2008-04-17 20:39 . 2008-04-17 20:44 d-------- C:\Programfiler\NewLive All Media To Mp3 Converter 2008-04-17 18:04 . 2008-04-17 18:04 d-------- C:\Converted 2008-04-17 18:01 . 2008-04-17 11:59 508,544 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\MusCDriverV32.sys 2008-04-17 18:01 . 2008-04-17 11:59 3,768 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\MusCVideo32.sys 2008-04-17 17:53 . 2008-04-17 17:59 d-------- C:\Programfiler\NCH Software 2008-04-17 17:53 . 2008-04-17 17:56 d-------- C:\Documents and Settings\All Users\Programdata\NCH Swift Sound 2008-04-17 17:53 . 2008-04-17 17:53 d-------- C:\Documents and Settings\All Users\Programdata\NCH Software 2008-04-17 17:51 . 2008-04-17 18:03 d-------- C:\Programfiler\NCH Swift Sound 2008-04-17 17:51 . 2008-04-17 18:00 d-------- C:\Documents and Settings\Kjell Sverre\Programdata\NCH Swift Sound 2008-04-16 22:08 . 2008-04-16 22:08 d-------- C:\Documents and Settings\Kjell Sverre\Programdata\Nokia Multimedia Player 2008-04-16 20:54 . 2008-04-16 20:55 d-------- C:\Documents and Settings\Kjell Sverre\Programdata\Teleca 2008-04-16 20:40 . 2008-04-16 20:40 d-------- C:\Documents and Settings\Kjell Sverre\Programdata\Sony Ericsson 2008-04-16 20:39 . 2008-04-16 20:39 d-------- C:\Programfiler\Fellesfiler\Sony Ericsson Shared 2008-04-16 20:38 . 2008-04-16 20:38 d-------- C:\Programfiler\Sony Ericsson 2008-04-16 20:34 . 2008-04-16 20:39 d-------- C:\Documents and Settings\All Users\Programdata\Teleca 2008-04-16 20:34 . 2008-04-16 20:39 d-------- C:\Documents and Settings\All Users\Programdata\Sony Ericsson 2008-04-16 20:23 . 2007-06-28 11:46 98,952 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\s716unic.sys 2008-04-16 20:23 . 2007-06-28 11:46 23,176 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\s716nd5.sys 2008-04-16 20:23 . 2007-06-28 11:46 11,016 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\s716cr.sys 2008-04-16 20:22 . 2007-06-28 11:46 100,360 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\s716mgmt.sys 2008-04-16 20:22 . 2007-06-28 11:46 98,568 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\s716obex.sys 2008-04-16 20:21 . 2007-06-28 11:46 108,552 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\s716mdm.sys 2008-04-16 20:21 . 2007-06-28 11:46 15,112 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\s716mdfl.sys 2008-04-16 20:21 . 2007-06-28 11:46 12,424 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\s716cmnt.sys 2008-04-16 20:21 . 2007-06-28 11:46 12,424 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\s716cm.sys 2008-04-16 20:20 . 2007-06-28 11:46 83,208 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\s716bus.sys 2008-04-16 20:20 . 2007-06-28 11:46 12,424 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\s716whnt.sys 2008-04-16 20:20 . 2007-06-28 11:46 12,424 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\s716wh.sys 2008-04-16 20:14 . 2008-04-16 20:14 d-------- C:\Programfiler\Sony 2008-04-16 19:48 . 2008-04-16 19:48 d-------- C:\Programfiler\Fellesfiler\Nokia 2008-04-16 19:48 . 2008-04-16 19:48 d-------- C:\Documents and Settings\All Users\Programdata\Nokia 2008-04-16 19:45 . 2008-04-16 19:49 d-------- C:\Documents and Settings\Kjell Sverre\Programdata\Nokia 2008-04-16 19:45 . 2008-04-16 22:03 d-------- C:\Documents and Settings\All Users\Programdata\PC Suite 2008-04-16 19:43 . 2008-04-16 19:43 d-------- C:\Programfiler\Fellesfiler\PCSuite 2008-04-16 19:43 . 2008-04-16 19:43 d-------- C:\Programfiler\DIFX 2008-04-16 19:43 . 2008-04-16 19:45 d-------- C:\Documents and Settings\Kjell Sverre\Programdata\PC Suite 2008-04-16 19:42 . 2008-04-16 19:42 d-------- C:\Programfiler\PC Connectivity Solution 2008-04-16 19:42 . 2008-04-16 19:48 d-------- C:\Programfiler\Nokia 2008-04-16 19:42 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\nmwcd.sys 2008-04-16 19:42 . 2007-02-22 10:15 90,624 --a------ C:\WINDOWS\SYSTEM32\nmwcdcls.dll 2008-04-16 19:42 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\SYSTEM32\nmwcdcocls.dll 2008-04-16 19:42 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\nmwcdcm.sys 2008-04-16 19:42 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\nmwcdcj.sys 2008-04-16 19:42 . 2007-02-22 10:15 8,320 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\nmwcdc.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-27 08:23 --------- d-----w C:\Programfiler\Java 2008-04-16 18:42 --------- d-----w C:\Programfiler\Fellesfiler\Teleca Shared 2008-04-14 16:39 1,804 ----a-w C:\WINDOWS\SYSTEM32\dcache.bin 2008-04-14 16:26 330,752 ----a-w C:\WINDOWS\SYSTEM32\netsetup.exe 2008-04-14 16:22 996,352 ----a-w C:\WINDOWS\SYSTEM32\msgina.dll 2008-04-14 16:21 98,304 ----a-w C:\WINDOWS\SYSTEM32\actxprxy.dll 2008-04-14 16:20 7,680 ------w C:\WINDOWS\SYSTEM32\kbdsmsno.dll 2008-04-14 16:19 9,344 ----a-w C:\WINDOWS\SYSTEM32\framebuf.dll 2008-04-14 16:19 3,584 ----a-w C:\WINDOWS\SYSTEM32\icmp.dll 2008-04-14 16:19 3,072 ----a-w C:\WINDOWS\SYSTEM32\dpnlobby.dll 2008-04-14 16:19 3,072 ----a-w C:\WINDOWS\SYSTEM32\dpnaddr.dll 2008-04-14 16:19 285,696 ----a-w C:\WINDOWS\SYSTEM32\atmfd.dll 2008-04-14 16:19 16,896 ----a-w C:\WINDOWS\SYSTEM32\cfgmgr32.dll 2008-04-14 15:56 73,344 ----a-w C:\WINDOWS\system32\drivers\sr.sys 2008-04-14 15:56 120,192 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys 2008-04-14 15:55 80,000 ----a-w C:\WINDOWS\system32\drivers\parport.sys 2008-04-14 15:55 68,224 ----a-w C:\WINDOWS\system32\drivers\pci.sys 2008-04-14 15:55 46,592 ----a-w C:\WINDOWS\system32\drivers\p3.sys 2008-04-14 15:53 2,190,720 ----a-w C:\WINDOWS\SYSTEM32\ntoskrnl.exe 2008-04-14 15:53 2,067,584 ----a-w C:\WINDOWS\SYSTEM32\ntkrnlpa.exe 2008-04-14 15:52 4,096 ------w C:\WINDOWS\SYSTEM32\dsprpres.dll 2008-04-14 15:50 799,872 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys 2008-04-14 15:50 24,448 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys 2008-04-14 15:50 153,344 ----a-w C:\WINDOWS\system32\drivers\dmio.sys 2008-04-14 15:49 79,360 ------w C:\WINDOWS\SYSTEM32\msxml6r.dll 2008-04-14 15:49 79,360 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msxml6r.dll 2008-04-14 15:49 37,376 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys 2008-04-14 15:48 77,312 ------w C:\WINDOWS\SYSTEM32\msshavmsg.dll 2008-04-14 15:48 5,504 ----a-w C:\WINDOWS\system32\drivers\intelide.sys 2008-04-14 15:48 40,576 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys 2008-04-14 15:48 40,192 ------w C:\WINDOWS\system32\drivers\intelppm.sys 2008-04-14 15:47 556,032 ----a-w C:\WINDOWS\SYSTEM32\shdoclc.dll 2008-04-14 15:47 47,616 ----a-w C:\WINDOWS\SYSTEM32\inetres.dll 2008-04-14 15:46 64,640 ----a-w C:\WINDOWS\system32\drivers\serial.sys 2008-04-14 15:45 51,840 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys 2008-04-14 15:44 25,600 ------w C:\WINDOWS\system32\drivers\hidbth.sys 2008-04-14 15:43 9,728 ----a-w C:\WINDOWS\SYSTEM32\gpkrsrc.dll 2008-04-14 15:43 57,600 ----a-w C:\WINDOWS\system32\drivers\redbook.sys 2008-04-14 15:43 273,152 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-04-14 15:43 1,845,632 ----a-w C:\WINDOWS\SYSTEM32\win32k.sys 2008-04-14 15:42 65,024 ----a-w C:\WINDOWS\SYSTEM32\browselc.dll 2008-04-14 15:41 52,480 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys 2008-04-14 15:41 44,544 ----a-w C:\WINDOWS\system32\drivers\fips.sys 2008-04-14 15:41 39,680 ----a-w C:\WINDOWS\system32\drivers\processr.sys 2008-04-14 15:39 41,600 ------w C:\WINDOWS\system32\drivers\amdk7.sys 2008-04-14 15:39 41,216 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys 2008-04-14 15:39 103,424 ----a-w C:\WINDOWS\SYSTEM32\dpcdll.dll 2008-04-14 15:38 22,912 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys 2008-04-14 15:37 30,080 ----a-w C:\WINDOWS\system32\drivers\modem.sys 2008-04-14 15:37 187,776 ----a-w C:\WINDOWS\system32\drivers\acpi.sys 2008-04-14 07:23 11,264 ------w C:\WINDOWS\SYSTEM32\spnpinst.exe 2008-04-14 07:22 987,136 ----a-w C:\WINDOWS\SYSTEM32\setupapi.dll 2008-04-14 07:22 423,936 ----a-w C:\WINDOWS\SYSTEM32\licdll.dll 2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys 2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys 2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys 2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys 2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys 2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys 2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys 2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys 2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys 2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys 2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys 2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys 2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys 2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys 2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys 2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys 2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys 2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys 2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys 2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys 2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys 2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys 2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys 2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys 2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys 2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys 2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys 2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys 2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys 2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys 2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys 2008-04-13 18:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys 2008-04-13 18:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys 2008-04-13 18:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys 2008-04-13 18:56 12,288 ------w C:\WINDOWS\system32\drivers\tunmp.sys 2008-04-13 18:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2008-04-13 18:55 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys 2008-04-13 18:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys 2008-04-13 18:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys 2008-04-13 18:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys 2008-04-13 18:53 36,608 ------w C:\WINDOWS\system32\drivers\ip6fw.sys 2008-04-13 18:53 264,832 ------w C:\WINDOWS\system32\drivers\http.sys 2008-04-13 18:51 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys 2008-04-13 18:51 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{17962688-4745-41c0-bc8d-bbedf6f332f2}] C:\WINDOWS\system32\phdpwnmy.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 18:22 15360] "MSMSGS"="C:\Programfiler\Messenger\MSMSGS.exe" [2008-04-14 18:23 1695232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="atiptaxx.exe" [2005-08-31 03:05 344064 C:\WINDOWS\SYSTEM32\atiptaxx.exe] "DadApp"="C:\Programfiler\Dell\AccessDirect\dadapp.exe" [2002-02-01 12:16 189476] "DVDSentry"="C:\WINDOWS\System32\DSentry.exe" [2002-07-17 12:18 28672] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "Norman ZANDA"="C:\Norman\bin\ZLH.exe" [ ] "38b4a417"="C:\WINDOWS\system32\nhexjlns.dll" [ ] "BM3b87978b"="C:\WINDOWS\system32\wswfiprj.dll" [ ] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 18:22 15360] C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\ Acrobat Assistant.lnk - C:\Programfiler\Adobe\Acrobat 6.0\Distillr\acrotray.exe [15.05.2003 01:19:50 217193] Adobe Gamma Loader.lnk - C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe [13.12.2002 17:17:26 110592] Digital Line Detect.lnk - C:\Programfiler\Digital Line Detect\DLG.exe [26.11.2002 21:55:02 20480] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.dvsd"= dvc.dll "SENTINEL"= snti386.dll "msacm.ac3filter"= ac3filter.acm [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2008-02-19 14:10 267048 C:\Programfiler\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSLauncher] --a------ 2007-10-01 12:29 3104768 C:\Programfiler\Nokia\Nokia Software Launcher\NSLauncher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-02-01 00:13 385024 C:\Programfiler\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] -ra------ 2007-05-28 10:14 528384 C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] --a------ 2008-02-29 16:03 1481968 C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Programfiler\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe"= "C:\\Programfiler\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"= "C:\\Programfiler\\devolo\\informer\\devinf.exe"= "C:\\Programfiler\\devolo\\easyshare\\easyshare.exe"= "C:\\Programfiler\\iTunes\\iTunes.exe"= "C:\\Programfiler\\Fellesfiler\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= R1 atitray;atitray;C:\Programfiler\Radeon Omega Drivers\v2.6.71\ATI Tray Tools\atitray.sys [2005-07-31 16:08] R2 Ndiskio;Ndiskio;C:\Norman\Nse\bin\NDISKIO.SYS [2007-01-02 11:55] R2 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\plcndis5.sys [2004-05-17 11:21] R3 NvcMFlt;NvcMFlt;C:\WINDOWS\system32\DRIVERS\nvcw32mf.sys [2008-02-11 15:56] R3 nvcoas;Norman Virus Control on-access component;C:\Norman\Nvc\bin\nvcoas.exe [2007-12-12 12:45] R3 NVCScheduler;Norman Virus Control Scheduler;C:\Norman\Nvc\BIN\NVCSCHED.EXE [2007-05-23 14:23] S3 MusCDriverV32;MusCDriverV32;C:\WINDOWS\system32\drivers\MusCDriverV32.sys [2008-04-17 11:59] S3 MusCVideo32;MusCVideo32;C:\WINDOWS\system32\DRIVERS\MusCVideo32.sys [2008-04-17 11:59] S3 PLCMPR5;PLCMPR5 NDIS Protocol Driver;C:\WINDOWS\system32\PLCMPR5.SYS [] S3 s716bus;Sony Ericsson Device 716 driver (WDM);C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-06-28 11:46] S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-06-28 11:46] S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-06-28 11:46] S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-06-28 11:46] S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS);C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-06-28 11:46] S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-06-28 11:46] S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM);C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-06-28 11:46] S4 hpt3xx;hpt3xx;C:\WINDOWS\system32\DRIVERS\hpt3xx.sys [2001-08-17 23:52] . Contents of the 'Scheduled Tasks' folder "2008-03-28 18:10:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Programfiler\Apple Software Update\SoftwareUpdate.exe "2002-12-11 17:49:42 C:\WINDOWS\Tasks\Symantec NetDetect.job" - C:\Programfiler\Symantec\LiveUpdate\NDETECT.EXE . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-15 21:50:34 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\SYSTEM32\ati2evxx.exe C:\Norman\npm\bin\elogsvc.exe C:\Norman\npm\bin\Zanda.exe C:\WINDOWS\SYSTEM32\ati2evxx.exe C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Norman\npm\bin\Njeeves.exe . ************************************************************************** . Completion time: 2008-05-15 21:57:33 - machine was rebooted [Kjell Sverre] ComboFix-quarantined-files.txt 2008-05-15 19:57:29 Pre-Run: 7,297,925,120 byte ledig Post-Run: 7,228,571,648 byte ledig 300 --- E O F --- 2008-04-16 20:24:50