ComboFix 08-12-30.02 - Erik 2008-12-31 20:11:30.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1044.18.2046.1570 [GMT 1:00]
Kjører fra: c:\documents and settings\Erik\Skrivebord\ComboFix.exe
 * Opprettet nytt gjenopprettingspunkt
.

(((((((((((((((((((((((((((((((((((((((   Andre slettinger   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Erik\Programdata\inst.exe
c:\windows\Downloaded Program Files\setup.inf

.
(((((((((((((((((((((((((((   Filer Opprettet Fra 2008-11-28 til 2008-12-31  )))))))))))))))))))))))))))))))))
.

2008-12-31 19:57 . 2008-12-31 19:57	<DIR>	d--------	c:\programfiler\Malwarebytes' Anti-Malware
2008-12-31 19:57 . 2008-12-31 19:57	<DIR>	d--------	c:\documents and settings\Erik\Programdata\Malwarebytes
2008-12-31 19:57 . 2008-12-31 19:57	<DIR>	d--------	c:\documents and settings\All Users\Programdata\Malwarebytes
2008-12-31 19:57 . 2008-12-03 19:52	38,496	--a------	c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-31 19:57 . 2008-12-03 19:52	15,504	--a------	c:\windows\system32\drivers\mbam.sys
2008-12-31 16:44 . 2008-12-31 16:44	<DIR>	d--------	c:\programfiler\Trend Micro
2008-12-21 23:25 . 2008-12-21 23:25	73,728	--a------	c:\windows\system32\javacpl.cpl
2008-12-21 20:20 . 2008-12-21 20:28	<DIR>	d--h-c---	c:\documents and settings\All Users\Programdata\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2008-12-21 20:11 . 2008-12-21 20:25	<DIR>	d--------	c:\windows\SxsCaPendDel
2008-12-21 20:11 . 2008-12-21 20:12	<DIR>	d--------	C:\[u]0[/u]28ee6d009c0e87a2be035
2008-12-21 20:11 . 2008-07-06 13:06	1,676,288	-----c---	c:\windows\system32\dllcache\xpssvcs.dll
2008-12-21 20:11 . 2008-07-06 11:50	597,504	-----c---	c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2008-12-21 20:11 . 2008-07-06 13:06	575,488	-----c---	c:\windows\system32\dllcache\xpsshhdr.dll
2008-12-21 20:11 . 2008-07-06 13:06	89,088	-----c---	c:\windows\system32\dllcache\filterpipelineprintproc.dll
2008-12-21 19:58 . 2008-12-21 19:58	<DIR>	dr-h-----	C:\AHCache
2008-12-21 19:54 . 2008-12-21 19:54	<DIR>	d--------	C:\Drivers
2008-12-21 19:53 . 2008-12-21 19:53	<DIR>	d--------	c:\programfiler\Fellesfiler\Logitech
2008-12-21 19:53 . 2003-12-11 09:50	152,064	---------	c:\windows\system32\lmoufrc.dll
2008-12-21 19:53 . 2003-12-18 09:50	104,960	--a------	c:\windows\system32\COMNCTR.DLL
2008-12-21 19:53 . 2003-12-18 09:50	97,792	--a------	c:\windows\system32\LGUICOM.DLL
2008-12-21 19:53 . 2003-12-11 09:50	70,894	--a------	c:\windows\system32\drivers\LMouFlt2.Sys
2008-12-21 19:53 . 2003-12-11 09:50	51,582	---------	c:\windows\system32\drivers\L8042PR2.SYS
2008-12-21 19:53 . 2003-12-11 09:50	37,916	--a------	c:\windows\system32\drivers\LHidUsb.sys
2008-12-21 19:53 . 2003-12-11 09:50	25,630	--a------	c:\windows\system32\drivers\LHidFlt2.Sys
2008-12-21 19:53 . 2003-12-11 09:50	23,372	---------	c:\windows\system32\LCOINST.DLL
2008-12-21 19:53 . 2003-12-11 09:50	20,992	---------	c:\windows\LOGI_MWX.EXE
2008-12-21 19:53 . 2003-12-18 09:50	16,896	--a------	c:\windows\system32\LMOUSE32.DLL
2008-12-21 19:53 . 2003-12-11 09:50	14,092	---------	c:\windows\system32\drivers\LCCFLTR.SYS
2008-12-21 19:53 . 2003-12-18 09:50	3,568	--a------	c:\windows\system32\LMOUSE16.DLL
2008-12-21 19:45 . 2008-12-21 19:47	<DIR>	d--------	c:\documents and settings\All Users\Programdata\DriverScanner
2008-12-21 19:44 . 2008-12-21 19:45	<DIR>	d--h-c---	c:\documents and settings\All Users\Programdata\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2008-12-21 17:33 . 2008-12-21 20:28	<DIR>	d--------	c:\programfiler\Uniblue
2008-12-21 17:33 . 2008-12-21 20:28	<DIR>	d--------	c:\documents and settings\Erik\Programdata\Uniblue
2008-12-21 17:33 . 2008-12-21 17:33	<DIR>	d--h-c---	c:\documents and settings\All Users\Programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-12-20 09:02 . 2008-12-20 09:02	<DIR>	d--------	c:\documents and settings\Erik\Programdata\vlc
2008-12-13 23:25 . 2008-12-13 23:41	<DIR>	d--------	c:\programfiler\Security Task Manager
2008-12-13 23:25 . 2008-12-13 23:40	<DIR>	d--------	c:\documents and settings\All Users\Programdata\SecTaskMan
2008-12-08 14:19 . 2008-12-31 19:56	<DIR>	d--------	c:\windows\system32\CatRoot2
2008-12-07 20:31 . 2008-12-07 20:31	<DIR>	d--------	c:\programfiler\Windows Resource Kits
2008-12-07 19:55 . 2008-12-07 20:11	<DIR>	d--------	C:\IN_BRUGES
2008-12-06 21:56 . 2007-10-04 10:22	66,048	--a------	c:\windows\ieResetIcons.exe
2008-12-06 21:56 . 2008-12-21 20:12	344	--a------	c:\windows\system32\spupdsvc.inf
2008-12-06 19:41 . 2008-10-16 14:07	23,576	--a------	c:\windows\system32\wuauserv.dll
2008-12-06 19:41 . 2008-10-16 14:07	23,576	--a--c---	c:\windows\system32\dllcache\wuauserv.dll
2008-12-06 14:53 . 2008-12-06 14:53	<DIR>	d--hs----	C:\found.009
2008-12-06 09:12 . 2008-12-21 21:01	<DIR>	d--hs----	C:\found.008
2008-11-29 21:42 . 2008-11-29 21:43	<DIR>	d--------	c:\documents and settings\Erik\Programdata\EPSON
2008-11-29 21:42 . 2008-11-29 21:42	29	--a------	c:\windows\DEBUGSM.INI
2008-11-29 20:06 . 2008-11-29 20:06	<DIR>	d--------	c:\documents and settings\All Users\Programdata\FLEXnet
2008-11-29 19:56 . 2008-11-29 19:56	<DIR>	d--------	c:\programfiler\Bonjour
2008-11-29 19:50 . 2008-11-29 19:50	<DIR>	d--------	c:\programfiler\Fellesfiler\Macrovision Shared
2008-11-28 16:43 . 2008-11-28 16:43	<DIR>	d--------	c:\documents and settings\Erik\Programdata\TomTom
2008-11-28 16:42 . 2008-11-28 16:42	<DIR>	d--------	c:\programfiler\TomTom HOME 2
2008-11-22 08:53 . 2008-12-31 19:49	<DIR>	d--------	c:\documents and settings\Erik\Programdata\Software Informer
2008-11-22 08:52 . 2008-11-22 08:52	<DIR>	d--------	c:\programfiler\Software Informer
2008-11-22 07:33 . 2008-12-21 23:25	410,984	--a------	c:\windows\system32\deploytk.dll
2008-11-21 21:42 . 2008-12-31 20:08	322,664	--a------	c:\windows\system32\drivers\APPFCONT.DAT.bck
2008-11-21 21:42 . 2008-12-31 20:08	322,664	--a------	c:\windows\system32\drivers\APPFCONT.DAT
2008-11-21 21:42 . 2008-06-18 16:06	193,792	--a------	c:\windows\system32\drivers\idsflt.sys
2008-11-21 21:42 . 2008-07-11 14:58	158,848	--a------	c:\windows\system32\drivers\NETFLTDI.SYS
2008-11-21 21:42 . 2008-06-25 15:42	73,728	--a------	c:\windows\system32\drivers\APPFLT.SYS
2008-11-21 21:42 . 2008-06-18 16:06	52,992	--a------	c:\windows\system32\drivers\dsaflt.sys
2008-11-21 21:42 . 2008-06-18 16:06	46,720	--a------	c:\windows\system32\drivers\wnmflt.sys
2008-11-21 21:42 . 2008-03-28 11:25	22,072	--a------	c:\windows\system32\drivers\fnetmon.sys
2008-11-21 21:42 . 2008-12-31 19:48	1,132	--a------	c:\windows\system32\drivers\APPFLTR.CFG.bck
2008-11-21 21:42 . 2008-12-31 19:48	1,132	--a------	c:\windows\system32\drivers\APPFLTR.CFG
2008-11-21 21:30 . 2008-12-31 15:57	8,627	--a------	c:\windows\system32\PAV_FOG.OPC
2008-11-21 21:25 . 2008-04-28 17:35	84,024	--a------	c:\windows\system32\drivers\pavdrv51.sys
2008-11-21 21:25 . 2007-03-15 19:38	54,832	--a------	c:\windows\system32\pavcpl.cpl
2008-11-21 21:25 . 2008-12-31 19:48	13,880	--a------	c:\windows\system32\drivers\COMFiltr.sys
2008-11-21 21:25 . 2008-11-21 21:25	247	--a------	c:\windows\system32\PavCPL.dat
2008-11-21 21:24 . 2008-11-21 21:24	<DIR>	d--------	c:\windows\system32\PAV
2008-11-21 21:24 . 2008-11-21 21:24	<DIR>	d--------	c:\documents and settings\Erik\Programdata\Panda Security
2008-11-21 21:24 . 2008-11-21 21:24	<DIR>	d--------	c:\documents and settings\All Users\Programdata\Panda Security
2008-11-21 21:24 . 2008-06-18 18:03	520,448	--a------	c:\windows\system32\PavSHook.dll
2008-11-21 21:24 . 2003-10-22 18:23	446,464	--a------	c:\windows\system32\HHActiveX.dll
2008-11-21 21:24 . 2008-06-26 11:25	197,888	--a------	c:\windows\system32\drivers\neti1634.sys
2008-11-21 21:24 . 2008-06-24 14:48	193,280	--a------	c:\windows\system32\TpUtil.dll
2008-11-21 21:24 . 2007-02-08 11:53	107,568	--a------	c:\windows\system32\SYSTOOLS.DLL
2008-11-21 21:24 . 2008-06-18 18:03	87,296	--a------	c:\windows\system32\PavLspHook.dll
2008-11-21 21:24 . 2008-03-18 16:58	58,672	--a------	c:\windows\system32\avldr.dll
2008-11-21 21:24 . 2008-06-18 18:03	55,552	--a------	c:\windows\system32\pavipc.dll
2008-11-21 21:24 . 2008-06-19 17:24	28,544	--a------	c:\windows\system32\drivers\pavboot.sys
2008-11-21 21:22 . 2008-11-21 21:22	<DIR>	d--------	c:\programfiler\Fellesfiler\Panda Security
2008-11-21 21:22 . 2008-02-07 12:03	179,640	--a------	c:\windows\system32\drivers\PavProc.sys
2008-11-21 21:22 . 2008-03-04 15:59	41,144	--a------	c:\windows\system32\drivers\ShlDrv51.sys
2008-11-21 21:07 . 2008-11-21 21:07	385	--a------	c:\windows\AvDetected.ini
2008-11-21 20:37 . 2008-12-21 23:20	<DIR>	d--------	c:\programfiler\Sun
2008-11-21 20:26 . 2008-11-21 20:26	<DIR>	d--------	c:\programfiler\Windows Installer Clean Up
2008-11-18 23:45 . 2008-11-19 16:12	<DIR>	d--------	c:\programfiler\NOS
2008-11-18 23:45 . 2008-11-19 16:11	<DIR>	d--------	c:\documents and settings\All Users\Programdata\NOS
2008-11-18 23:00 . 2007-06-28 17:51	2,097,152	--a------	c:\temp\autorun.bin
2008-11-18 23:00 . 2008-05-20 10:59	1,570,816	--a------	c:\temp\TSDNWIN.exe
2008-11-18 22:34 . 2008-11-18 22:34	<DIR>	d--------	c:\documents and settings\All Users\Programdata\UDL
2008-11-18 22:33 . 2008-11-18 22:33	<DIR>	d--------	c:\programfiler\ABBYY FineReader 6.0 Sprint
2008-11-18 22:20 . 2007-12-07 03:08	86,528	--a------	c:\windows\system32\E_FLBEGE.DLL
2008-11-18 22:20 . 2007-12-07 03:01	78,848	--a------	c:\windows\system32\E_FD4BEGE.DLL
2008-11-18 22:20 . 2007-04-10 02:06	8,192	--a------	c:\windows\system32\E_DCINST.DLL
2008-11-18 22:09 . 2008-11-18 22:34	<DIR>	d--------	c:\programfiler\epson
2008-11-18 22:09 . 2008-11-18 23:12	<DIR>	d--------	c:\documents and settings\All Users\Programdata\EPSON
2008-11-18 22:09 . 2007-07-13 00:00	71,680	--a------	c:\windows\system32\escwiad.dll
2008-11-18 22:08 . 2008-11-18 22:08	26	--a------	c:\windows\CDE SX400EXPORT.ini
2008-11-18 16:18 . 2008-07-16 22:35	9,728	--a------	c:\windows\system32\RtNicProp32.dll
2008-11-18 06:48 . 2008-09-17 23:55	201,050	--a------	c:\windows\system32\nvapps.nvb
2008-11-18 06:47 . 2008-11-18 16:07	<DIR>	d--------	c:\windows\NV4870851564.TMP
2008-11-18 06:42 . 2008-11-18 06:42	<DIR>	d--------	c:\windows\system32\GroupPolicy
2008-11-18 06:42 . 2008-11-21 21:20	<DIR>	d--------	c:\programfiler\Windows Desktop Search
2008-11-18 06:42 . 2008-03-07 18:02	192,000	-----c---	c:\windows\system32\dllcache\offfilt.dll
2008-11-18 06:42 . 2008-03-07 18:02	98,304	-----c---	c:\windows\system32\dllcache\nlhtml.dll
2008-11-18 06:42 . 2008-03-07 18:02	29,696	-----c---	c:\windows\system32\dllcache\mimefilt.dll
2008-11-18 06:41 . 2008-10-16 21:33	6,066,176	-----c---	c:\windows\system32\dllcache\ieframe.dll
2008-11-18 06:41 . 2007-04-17 10:32	2,455,488	-----c---	c:\windows\system32\dllcache\ieapfltr.dat
2008-11-18 06:41 . 2007-03-08 06:11	1,007,616	-----c---	c:\windows\system32\dllcache\ieframe.dll.mui
2008-11-18 06:41 . 2008-10-16 21:33	459,264	-----c---	c:\windows\system32\dllcache\msfeeds.dll
2008-11-18 06:41 . 2008-10-16 21:33	383,488	-----c---	c:\windows\system32\dllcache\ieapfltr.dll
2008-11-18 06:41 . 2008-10-16 21:33	267,776	-----c---	c:\windows\system32\dllcache\iertutil.dll
2008-11-18 06:41 . 2008-10-16 21:33	63,488	-----c---	c:\windows\system32\dllcache\icardie.dll
2008-11-18 06:41 . 2008-10-16 21:33	52,224	-----c---	c:\windows\system32\dllcache\msfeedsbs.dll
2008-11-18 06:41 . 2008-10-16 14:11	13,824	-----c---	c:\windows\system32\dllcache\ieudinit.exe
2008-11-18 03:12 . 2008-06-14 18:36	272,256	-----c---	c:\windows\system32\dllcache\bthport.sys
2008-11-18 03:11 . 2008-08-14 14:27	2,190,976	-----c---	c:\windows\system32\dllcache\ntoskrnl.exe
2008-11-18 03:11 . 2008-08-14 14:27	2,147,328	-----c---	c:\windows\system32\dllcache\ntkrnlmp.exe
2008-11-18 03:11 . 2008-08-14 14:27	2,067,840	-----c---	c:\windows\system32\dllcache\ntkrnlpa.exe
2008-11-18 03:11 . 2008-08-14 14:27	2,025,984	-----c---	c:\windows\system32\dllcache\ntkrpamp.exe
2008-11-18 03:11 . 2008-09-15 16:29	1,846,400	-----c---	c:\windows\system32\dllcache\win32k.sys

.
((((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-31 18:36	16,608	----a-w	c:\windows\gdrv.sys
2008-12-30 18:39	---------	d-----w	c:\programfiler\TightVNC
2008-12-25 22:49	---------	d-----w	c:\programfiler\Panda Security
2008-12-25 21:34	---------	d-----w	c:\documents and settings\Erik\Programdata\Vso
2008-12-21 22:25	---------	d-----w	c:\programfiler\Java
2008-12-21 18:53	---------	d--h--w	c:\programfiler\InstallShield Installation Information
2008-12-19 20:29	196,608	----a-w	c:\windows\system32\drivers\nStandard.bin
2008-12-07 18:54	---------	d-----w	c:\documents and settings\All Users\Programdata\DVD Shrink
2008-11-29 18:56	---------	d-----w	c:\programfiler\Fellesfiler\Adobe
2008-11-28 21:25	---------	d-----w	c:\documents and settings\Erik\Programdata\Sites
2008-11-28 21:25	---------	d-----w	c:\documents and settings\Erik\Programdata\SiteClasses
2008-11-28 16:41	---------	d-----w	c:\programfiler\Microsoft ActiveSync
2008-11-21 19:26	---------	d-----w	c:\programfiler\MSECache
2008-11-19 20:50	---------	d-----w	c:\programfiler\Hot CPU Tester Pro 4 LE
2008-11-18 16:27	---------	d-----w	c:\programfiler\Canon
2008-11-18 15:11	319,488	----a-w	c:\windows\HideWin.exe
2008-11-13 01:38	90,112	----a-w	c:\windows\DUMP3846.tmp
2008-11-13 01:32	90,112	----a-w	c:\windows\DUMP3807.tmp
2008-11-08 21:01	---------	d-----w	c:\documents and settings\Erik\Programdata\dvdcss
2008-11-06 16:52	---------	d-----w	c:\programfiler\Fellesfiler\InstallShield
2008-10-28 01:47	90,112	----a-w	c:\windows\DUMP35c5.tmp
2008-10-27 16:47	90,112	----a-w	c:\windows\DUMP3855.tmp
2008-10-23 12:43	286,720	----a-w	c:\windows\system32\gdi32.dll
2008-10-16 20:33	826,368	----a-w	c:\windows\system32\wininet.dll
2008-10-16 13:13	202,776	----a-w	c:\windows\system32\wuweb.dll
2008-10-16 13:13	1,809,944	----a-w	c:\windows\system32\wuaueng.dll
2008-10-16 13:12	561,688	----a-w	c:\windows\system32\wuapi.dll
2008-10-16 13:12	323,608	----a-w	c:\windows\system32\wucltui.dll
2008-10-16 13:09	92,696	----a-w	c:\windows\system32\cdm.dll
2008-10-16 13:09	51,224	----a-w	c:\windows\system32\wuauclt.exe
2008-10-16 13:09	43,544	----a-w	c:\windows\system32\wups2.dll
2008-10-16 13:08	34,328	----a-w	c:\windows\system32\wups.dll
2008-10-16 13:07	208,744	----a-w	c:\windows\system32\muweb.dll
2008-10-16 13:06	268,648	----a-w	c:\windows\system32\mucltui.dll
2008-10-03 10:04	247,326	----a-w	c:\windows\system32\strmdll.dll
2008-09-30 15:43	1,286,152	----a-w	c:\windows\system32\msxml4.dll
2008-09-19 17:07	34,968	----a-w	c:\documents and settings\Erik\Programdata\GDIPFONTCACHEV1.DAT
2008-09-15 15:29	1,846,400	----a-w	c:\windows\system32\win32k.sys
2008-09-10 01:16	1,307,648	------w	c:\windows\system32\msxml6.dll
2008-09-04 17:17	1,106,944	----a-w	c:\windows\system32\msxml3.dll
2008-07-06 08:12	47,360	----a-w	c:\documents and settings\Erik\Programdata\pcouffin.sys
2008-06-26 16:23	87,608	----a-w	c:\documents and settings\Erik\Programdata\ezpinst.exe
2008-06-26 16:23	87,608	----a-w	c:\documents and settings\Erik.KONTOR\Programdata\ezpinst.exe
2008-06-26 16:23	47,360	----a-w	c:\documents and settings\Erik.KONTOR\Programdata\pcouffin.sys
2008-06-26 16:07	32,768	----a-w	c:\windows\inf\UpdateUSB.exe
2006-03-02 12:00	1,444,718	----a-w	c:\windows\inf\SET1A.tmp
.

((((((((((((((((((((((((((((((((   Oppstartspunkter I Registeret   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"H/PC Connection Agent"="c:\programfiler\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
"LaunchList"="c:\programfiler\Pinnacle\Studio 11\LaunchList2.exe" [2007-03-21 145496]
"EPSON Stylus SX400 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE" [2007-12-17 188928]
"Software Informer"="c:\programfiler\Software Informer\softinfo.exe" [2008-11-01 1347653]
"TomTomHOME.exe"="c:\programfiler\TomTom HOME 2\HOMERunner.exe" [2008-11-27 234856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="m‘|\ü" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"SSBkgdUpdate"="c:\programfiler\Fellesfiler\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2008-06-26 210472]
"OpwareSE4"="c:\programfiler\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2008-06-26 79400]
"NeroFilterCheck"="c:\programfiler\Fellesfiler\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"APVXDWIN"="c:\programfiler\Panda Security\Panda Antivirus Pro 2009\APVXDWIN.EXE" [2008-12-03 869632]
"SCANINICIO"="c:\programfiler\Panda Security\Panda Antivirus Pro 2009\Inicio.exe" [2008-07-07 50432]
"SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2008-12-21 136600]
"nwiz"="nwiz.exe" [2008-09-17 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-23 c:\windows\RTHDCPL.exe]
"SoundMan"="SOUNDMAN.EXE" [2008-06-18 c:\windows\SoundMan.exe]
"AlcWzrd"="ALCWZRD.EXE" [2008-06-19 c:\windows\alcwzrd.exe]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-11 c:\windows\LOGI_MWX.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\
Microsoft Office.lnk - c:\programfiler\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2008-03-18 16:58 58672 c:\windows\system32\avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.MJPG"= Pvmjpg30.dll
"vidc.VP31"= vp31vfw.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\programfiler\Microsoft ActiveSync\rapimgr.exe"= c:\programfiler\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programfiler\Microsoft ActiveSync\wcescomm.exe"= c:\programfiler\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programfiler\Microsoft ActiveSync\WCESMgr.exe"= c:\programfiler\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Programfiler\\Pinnacle\\Studio 11\\programs\\RM.exe"=
"c:\\Programfiler\\Pinnacle\\Studio 11\\programs\\studio.exe"=
"c:\\Programfiler\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe"=
"c:\\Programfiler\\Pinnacle\\Studio 11\\programs\\umi.exe"=
"c:\\Programfiler\\Logitech\\Logitech Harmony Remote Software 7\\HarmonyRemote.exe"=
"c:\\Programfiler\\Bonjour\\mDNSResponder.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [2008-11-21 28544]
R1 APPFLT;App Filter Plugin;\??\c:\windows\system32\Drivers\APPFLT.SYS [2008-11-21 73728]
R1 DSAFLT;DSA Filter Plugin;\??\c:\windows\system32\Drivers\DSAFLT.SYS [2008-11-21 52992]
R1 FNETMON;NetMon Filter Plugin;\??\c:\windows\system32\Drivers\fnetmon.SYS [2008-11-21 22072]
R1 IDSFLT;Ids Filter Plugin;\??\c:\windows\system32\Drivers\IDSFLT.SYS [2008-11-21 193792]
R1 NETFLTDI;Panda Net Driver [TDI Layer];\??\c:\windows\system32\Drivers\NETFLTDI.SYS [2008-11-21 21:42:20 158848]
R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShlDrv51.sys [2008-11-21 41144]
R1 WNMFLT;Wifi Monitor Filter Plugin;\??\c:\windows\system32\Drivers\WNMFLT.SYS [2008-11-21 46720]
R2 GEST Service;GEST Service for program management.;"c:\programfiler\GIGABYTE\EnergySaver\GSvr.exe" [2008-06-24 80392]
R2 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost -k Panda []
R2 PavProc;Panda Process Protection Driver;\??\c:\windows\system32\DRIVERS\PavProc.sys [2008-11-21 179640]
R2 PskSvcRetail;Panda PSK service;"c:\programfiler\Panda Security\Panda Antivirus Pro 2009\PskSvc.exe" [2008-11-21 28928]
R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys []
R3 ComFiltr;Panda Anti-Dialer;\??\c:\windows\system32\DRIVERS\COMFiltr.sys [2008-11-21 13880]
R3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34;c:\windows\system32\DRIVERS\neti1634.sys [2008-11-21 197888]
R3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys []
R3 Video3D;ASUS Video3D Service;c:\windows\system32\Drivers\Video3D32.sys [2007-12-22 10752]
S3 7ByteIo;7ByteIo;\??\c:\programfiler\Hot CPU Tester Pro 4 LE\SysInfo.sys [2008-10-27 9984]
S3 RkPavproc1;RkPavproc1;\??\c:\windows\system32\drivers\RkPavproc1.sys []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
panda	REG_MULTI_SZ   	Gwmsrv

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{85554c2a-bd80-11dd-b44d-001fd08011a2}]
\Shell\AutoRun\command - InstallTomTomHOME.exe

*Newly Created Service* - PROCEXP90
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

2008-12-30 c:\windows\Tasks\SyncBack Backup.job
- c:\programfiler\2BrightSparks\SyncBack\SyncBack.exe [2008-02-12 10:19]
.
.
------- Tilleggsskanning -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: {90564647-D775-4F25-AE8A-818C1F8C9F4C} = 192.168.1.1
TCP: {B909C215-2D4B-448F-895D-6605D404E3A5} = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Erik\Programdata\Mozilla\Firefox\Profiles\khiqky2u.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.sol.no/
FF - plugin: c:\programfiler\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.30716.0.dll
FF - plugin: c:\programfiler\Microsoft Silverlight\2.0.31005.0\npctrl.dll

[color=red]ATTENTION: FIREFOX POLICES IS IN FORCE [/color]
c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-31 20:12:58
Windows 5.1.2600 Service Pack 3 NTFS

skanner skjulte prosesser ... 

skanner skjulte autostart-oppføringer ...

skanner skjulte filer ... 

skanning vellykket
skjulte filer: 0

**************************************************************************
.
--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

- - - - - - - > 'winlogon.exe'(1692)
c:\windows\SYSTEM32\avldr.dll
.
Tidspunkt ferdig: 2008-12-31 20:13:51
ComboFix-quarantined-files.txt  2008-12-31 19:13:48

Pre-Run: 347 156 811 776 byte ledig
Post-Run: 349,357,359,104 byte ledig

WindowsXP-KB310994-SP2-Pro-BootDisk-NOR.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

313	--- E O F ---	2008-12-18 20:44:57