ComboFix 11-12-12.02 - Nigge 2011-12-13 0:21.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.46.1053.18.3062.1362 [GMT 1:00]
Körs från: c:\users\Nigge\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\java_me_platform_sdk_3.0\bin\device-manager.exe
c:\users\Nigge\AppData\Local\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll
c:\windows\QMDIspatch.dll
c:\windows\system32\muzapp.exe
c:\windows\system32\system32
c:\windows\system32\system32\3DAudio.ax
c:\windows\system32\system32\avrt.dll
c:\windows\system32\system32\cis-2.4.dll
c:\windows\system32\system32\issacapi_bs-2.3.dll
c:\windows\system32\system32\issacapi_pe-2.3.dll
c:\windows\system32\system32\issacapi_se-2.3.dll
c:\windows\system32\system32\MACXMLProto.dll
c:\windows\system32\system32\MaDRM.dll
c:\windows\system32\system32\MaJGUILib.dll
c:\windows\system32\system32\MAMACExtract.dll
c:\windows\system32\system32\MASetupCleaner.exe
c:\windows\system32\system32\MaXMLProto.dll
c:\windows\system32\system32\mfplat.dll
c:\windows\system32\system32\MK_Lyric.dll
c:\windows\system32\system32\MSCLib.dll
c:\windows\system32\system32\MSFLib.dll
c:\windows\system32\system32\MSLUR71.dll
c:\windows\system32\system32\msvcp60.dll
c:\windows\system32\system32\MTTELECHIP.dll
c:\windows\system32\system32\MTXSYNCICON.dll
c:\windows\system32\system32\muzaf1.dll
c:\windows\system32\system32\muzapp.dll
c:\windows\system32\system32\muzapp.exe
c:\windows\system32\system32\muzdecode.ax
c:\windows\system32\system32\muzeffect.ax
c:\windows\system32\system32\muzmp4sp.ax
c:\windows\system32\system32\muzmpgsp.ax
c:\windows\system32\system32\muzoggsp.ax
c:\windows\system32\system32\muzwmts.dll
c:\windows\system32\system32\psapi.dll
.
.
(((((((((((((((((((((((( Filer skapade från 2011-11-12 till 2011-12-12 ))))))))))))))))))))))))))))))
.
.
2011-12-13 07:41 . 2011-12-13 07:41 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{220F646C-6158-4250-9012-D634FA894A91}\MpKsl6efabb73.sys
2011-12-13 07:41 . 2011-12-12 23:49 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{220F646C-6158-4250-9012-D634FA894A91}\offreg.dll
2011-12-12 23:46 . 2011-12-12 23:51 -------- d-----w- c:\users\Nigge\AppData\Local\temp
2011-12-12 23:46 . 2011-12-12 23:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-12 14:54 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{220F646C-6158-4250-9012-D634FA894A91}\mpengine.dll
2011-12-02 09:57 . 2011-12-02 09:57 -------- d-----w- c:\program files\iPod
2011-12-02 09:52 . 2011-12-02 09:52 -------- d-----w- c:\program files\Bonjour
2011-12-02 09:47 . 2011-12-02 09:47 -------- d-----w- c:\program files\Apple Software Update
2011-11-30 10:53 . 2011-11-30 10:53 -------- d-----w- c:\users\Nigge\AppData\Roaming\teamspeak2
2011-11-30 10:53 . 2011-11-30 10:53 34064 ----a-w- c:\windows\system32\lhacm.acm
2011-11-30 10:52 . 2011-11-30 10:57 -------- d-----w- c:\program files\Teamspeak2_RC2
2011-11-30 10:50 . 2009-07-22 16:44 57344 ----a-w- c:\windows\system32\zlib1i.dll
2011-11-30 10:50 . 2009-07-22 16:44 57344 ----a-w- c:\windows\system32\CGZipLibrary.dll
2011-11-30 10:50 . 2009-07-22 16:44 143360 ----a-w- c:\windows\system32\Unzip32.dll
2011-11-30 10:50 . 2009-07-22 16:44 49152 ----a-w- c:\windows\system32\DSPing.dll
2011-11-30 10:50 . 2011-11-30 10:55 -------- d-----w- c:\program files\IVAO
2011-11-24 14:49 . 2011-11-24 14:49 -------- d-----w- c:\program files\Application Updater
2011-11-24 14:49 . 2011-11-24 14:49 -------- d-----w- c:\program files\YouTube Downloader Toolbar
2011-11-24 14:49 . 2011-11-24 14:49 -------- d-----w- c:\program files\Common Files\Spigot
2011-11-24 14:49 . 2011-11-24 14:49 -------- d-----w- c:\programdata\YouTube Downloader
2011-11-24 14:49 . 2011-11-24 14:49 -------- d-----w- c:\program files\YouTube Downloader
2011-11-20 02:03 . 2011-11-20 02:08 -------- d-----w- c:\users\Nigge\AppData\Roaming\SecondLife
2011-11-20 02:03 . 2011-11-20 02:18 -------- d-----w- c:\users\Nigge\AppData\Local\SecondLife
2011-11-20 02:01 . 2011-11-20 02:09 -------- d-----w- c:\program files\SecondLifeViewer2
2011-11-13 22:18 . 2011-11-13 22:18 -------- d-----w- c:\users\Nigge\AppData\Local\Garmin
2011-11-13 21:54 . 2011-11-13 21:54 -------- d-----w- C:\Garmin
2011-11-13 21:25 . 2011-11-13 21:25 -------- d-----w- c:\users\Nigge\AppData\Roaming\Garmin
2011-11-13 21:25 . 2011-11-13 21:25 -------- d-----w- c:\programdata\Garmin
2011-11-13 21:16 . 2011-11-13 21:16 -------- d-----w- c:\program files\DIFX
2011-11-13 21:16 . 2011-11-13 21:54 -------- d-----w- c:\program files\Garmin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-21 10:47 . 2011-02-22 12:47 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-11-19 11:36 . 2011-05-24 08:12 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-11 09:41 . 2011-10-11 09:41 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B2542A56-F9CA-4B7B-BD43-A715982E0B42}\gapaengine.dll
2011-10-07 05:23 . 2011-10-07 05:23 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2011-10-04 05:21 . 2011-10-04 05:21 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys
2011-10-03 03:06 . 2011-02-22 13:18 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-29 16:03 . 2011-11-09 17:00 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-09-29 03:37 . 2011-11-09 17:00 2341888 ----a-w- c:\windows\system32\win32k.sys
2011-11-28 10:35 . 2011-04-26 14:36 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Not* tomma poster & legitima standardposter visas inte.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Nigge\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Nigge\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Nigge\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\Nigge\Downloads\utorrent.exe" [2011-02-22 396152]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"Steam"="c:\program files\Steam\Steam.exe" [2011-08-02 1242448]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-09-29 3508112]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-09-29 20880]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-09-29 929680]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2011-02-22 102400]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-12-22 2049320]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-10-24 2415456]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"USB Storage Toolbox"="c:\windows\UMStor\Res.EXE" [2009-06-08 65536]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-09-29 929680]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-09-29 3508112]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2007-07-26 192512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-11-15 896352]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-11-12 421736]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
.
c:\users\Nigge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Nigge\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-8-23 24182896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BankID säkerhetsprogram.lnk - c:\program files\Personal\bin\Personal.exe [2011-2-24 1086288]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
Scrybe.lnk - c:\windows\Installer\{13061CAA-0284-4F9A-B460-3D4699575B35}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe [2011-2-22 45056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 MpKsl02c4cef1;MpKsl02c4cef1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{64FFC6E2-C0C0-42E2-9A06-781B4ACC40DF}\MpKsl02c4cef1.sys [x]
R1 MpKsl031cd9af;MpKsl031cd9af;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DDAA4BEB-B6C1-4738-B7E9-D3038CD7033D}\MpKsl031cd9af.sys [x]
R1 MpKsl06bb0157;MpKsl06bb0157;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3534E075-41B3-4788-9DE9-910474E742AA}\MpKsl06bb0157.sys [x]
R1 MpKsl136a30d9;MpKsl136a30d9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{80FC3097-276E-4F4F-8D5C-D71B9116426D}\MpKsl136a30d9.sys [x]
R1 MpKsl1421abdf;MpKsl1421abdf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AB2260BD-3338-4092-BEA8-EE46350453D5}\MpKsl1421abdf.sys [x]
R1 MpKsl1e317ca9;MpKsl1e317ca9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F9456994-9251-4DE2-911C-A697797E555D}\MpKsl1e317ca9.sys [x]
R1 MpKsl207b5c6c;MpKsl207b5c6c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{611DFC38-C0E4-4A8F-9D34-F59E80200AEB}\MpKsl207b5c6c.sys [x]
R1 MpKsl2971eb2c;MpKsl2971eb2c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6C7450BA-EEB5-4A8A-B236-ECC2F523DF0F}\MpKsl2971eb2c.sys [x]
R1 MpKsl2e81590f;MpKsl2e81590f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7828DA00-2CA4-482F-87D3-3E80F078E890}\MpKsl2e81590f.sys [x]
R1 MpKsl34f52b87;MpKsl34f52b87;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F0E06594-C1B0-4DF4-A7A5-E272F028CBEE}\MpKsl34f52b87.sys [x]
R1 MpKsl3a7ed00b;MpKsl3a7ed00b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D62DCB2E-0D8B-4726-ADDA-B4DF52ACEC11}\MpKsl3a7ed00b.sys [x]
R1 MpKsl4acce590;MpKsl4acce590;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{766E8940-7064-469B-95EC-AC3F12C7A6DE}\MpKsl4acce590.sys [x]
R1 MpKsl51187524;MpKsl51187524;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{04626BF6-F294-46D2-8DA6-1D7EABAD19E9}\MpKsl51187524.sys [x]
R1 MpKsl5309f9bd;MpKsl5309f9bd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{465C732D-BDEC-4E29-B059-2010A74B6F9B}\MpKsl5309f9bd.sys [x]
R1 MpKsl604bae64;MpKsl604bae64;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BCDAF0BA-57A4-41EE-A7CD-489B4EB2B4EF}\MpKsl604bae64.sys [x]
R1 MpKsl60a48200;MpKsl60a48200;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A3BCFA84-29B3-4131-9E48-9B6D342F2374}\MpKsl60a48200.sys [x]
R1 MpKsl6159fbc5;MpKsl6159fbc5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F7A0EB59-CB9A-49C0-B54E-A288F7FFEF70}\MpKsl6159fbc5.sys [x]
R1 MpKsl62383fa2;MpKsl62383fa2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8DBF58A8-A6B4-49B9-BDE2-7A0AF99CE60C}\MpKsl62383fa2.sys [x]
R1 MpKsl75e2b1be;MpKsl75e2b1be;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CE8C7495-FDAF-4C81-A652-FF7151E2D3DA}\MpKsl75e2b1be.sys [x]
R1 MpKsl81f489d6;MpKsl81f489d6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CAE1B755-F14D-4BFE-8028-D45D3B05F825}\MpKsl81f489d6.sys [x]
R1 MpKsl84ff1df6;MpKsl84ff1df6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{974B0CAB-040A-4AD2-88EE-8407EDE87A58}\MpKsl84ff1df6.sys [x]
R1 MpKsl8575173f;MpKsl8575173f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A694F565-A6F1-481C-A924-EA91FAD50288}\MpKsl8575173f.sys [x]
R1 MpKsl87046805;MpKsl87046805;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{38F0FC5A-CEC5-4C76-B003-2C9898F4A1B0}\MpKsl87046805.sys [x]
R1 MpKsl94896009;MpKsl94896009;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{98F1DBF3-E103-422B-B538-173133445070}\MpKsl94896009.sys [x]
R1 MpKsl97ce992d;MpKsl97ce992d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{974B0CAB-040A-4AD2-88EE-8407EDE87A58}\MpKsl97ce992d.sys [x]
R1 MpKsla0d82524;MpKsla0d82524;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{22D8233F-8E02-4B13-9791-22A63593669B}\MpKsla0d82524.sys [x]
R1 MpKsla2600b9d;MpKsla2600b9d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{50B7A28C-5E5C-47BD-8F73-94E3E451BC80}\MpKsla2600b9d.sys [x]
R1 MpKslaa1c3c2d;MpKslaa1c3c2d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A1D11ABE-B7CE-4448-A292-D0F3A84CED07}\MpKslaa1c3c2d.sys [x]
R1 MpKslafdc4329;MpKslafdc4329;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{97BADB67-D594-4E1A-8888-819F3915F727}\MpKslafdc4329.sys [x]
R1 MpKslb5be1fab;MpKslb5be1fab;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71A6D961-E37B-4AB1-916A-2648B9AC679C}\MpKslb5be1fab.sys [x]
R1 MpKslbd9e666d;MpKslbd9e666d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7A1E85CB-45EF-4076-A70A-E4F324B968E7}\MpKslbd9e666d.sys [x]
R1 MpKslc13ecd6c;MpKslc13ecd6c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0CEA864C-BE68-498B-BAB4-3E48BE29BDDD}\MpKslc13ecd6c.sys [x]
R1 MpKslc62c913d;MpKslc62c913d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{88C74A28-85BB-496D-8DEF-2BB03D57ADF5}\MpKslc62c913d.sys [x]
R1 MpKslc8ac6a27;MpKslc8ac6a27;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F57972A0-2C24-4DA1-A90A-9E7FAFC5DF96}\MpKslc8ac6a27.sys [x]
R1 MpKslcee5f94c;MpKslcee5f94c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1DAD3DDA-6D62-4C7D-A844-BF86EFD0BA10}\MpKslcee5f94c.sys [x]
R1 MpKsld70316d6;MpKsld70316d6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{22D8233F-8E02-4B13-9791-22A63593669B}\MpKsld70316d6.sys [x]
R1 MpKsle62e61b1;MpKsle62e61b1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AD86E793-3608-49A3-8320-9AA2A5AC67D1}\MpKsle62e61b1.sys [x]
R1 MpKslf6469022;MpKslf6469022;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2E5DA6C1-8D8A-4098-B078-EE54E06BA7B4}\MpKslf6469022.sys [x]
R1 MpKslff761ec2;MpKslff761ec2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8BB6BF8A-61A4-484F-B804-4ED07B984104}\MpKslff761ec2.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Tjänsten Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-26 136176]
R2 MySQL55;MySQL55;c:\program files\MySQL\MySQL Server 5.5\bin\mysqld --defaults-file=c:\programdata\MySQL\MySQL Server 5.5\my.ini MySQL55 [x]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-08-11 77624]
R3 gupdatem;Tjänsten Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-26 136176]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2010-04-19 18432]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft - nätverkskontroll;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-08-11 181432]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Tdsshbecr;Handelsbanken card reader;c:\windows\system32\DRIVERS\shbecr.sys [2008-09-22 42368]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-23 1343400]
R3 WisLMSvc;WisLMSvc;c:\program files\LAUNCH MANAGER\WisLMSvc.exe [2006-11-17 118784]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-10 23120]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-10 295248]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-08 218688]
S1 MpKsl6efabb73;MpKsl6efabb73;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{220F646C-6158-4250-9012-D634FA894A91}\MpKsl6efabb73.sys [2011-12-13 29904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2011-11-15 746392]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 CDMA Device Service;CDMA Device Service;c:\program files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe [2011-08-02 63488]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 ScrybeUpdater;Scrybes uppdateringsprogram;c:\program files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-01-14 1294848]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-10 134736]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-10 24272]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-03-21 362600]
.
.
Innehåll i mappen 'Schemalagda aktiviteter':
.
2011-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-26 15:30]
.
2011-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-26 15:30]
.
.
------- Extra genomsökning -------
.
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 83.255.245.11 193.150.193.150
FF - ProfilePath - c:\users\Nigge\AppData\Roaming\Mozilla\Firefox\Profiles\s1qnpshy.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://se.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
.
- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -
.
HKCU-Run-Java ME Platform SDK 3.0 - c:\java_me_platform_sdk_3.0\bin\device-manager.exe
HKCU-Run-AdobeBridge - (no file)
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-26_VIA_driver2 - c:\program files\Samsung\USB Drivers\26_VIA_driver2\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL55]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\"c:\programdata\MySQL\MySQL Server 5.5\my.ini\" MySQL55"
.
--------------------- LÅSTA REGISTERNYCKLAR ---------------------
.
[HKEY_USERS\S-1-5-21-3879897788-162830540-79635064-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3879897788-162830540-79635064-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLL'er som "laddats" under processer som körs ---------------------
.
- - - - - - - > 'Explorer.exe'(1384)
c:\users\Nigge\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
c:\program files\WinSCP\DragExt.dll
.
------------------------ Andra processer som körs ------------------------
.
c:\progra~1\AVG\AVG2012\avgrsx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\taskhost.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\xampp\mysql\bin\mysqld.exe
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\AVG\AVG2012\avgnsx.exe
c:\program files\AVG\AVG2012\avgemcx.exe
c:\program files\TeamViewer\Version6\TeamViewer.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Sluttid: 2011-12-13 01:10:57 - datorn startades om.
ComboFix-quarantined-files.txt 2011-12-13 00:10
.
Före genomsökningen: 35 287 343 104 byte ledigt
Efter genomsökningen: 40 727 977 984 byte ledigt
.
- - End Of File - - 1AB0919821CAEEF887653A039BBB40DB
Edited by Nigge, 13 December 2011 - 03:15 AM.