Her en en Combofix-log kørt fra fejlsikret tilstand:
_____________________________________________________________
ComboFix 08-02.05.3 - Mads Lykke 2008-02-08 12:33:24.3 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Business 6.0.6000.0.1252.1.1033.18.2889 [GMT 1:00]
Running from: C:\Users\Mads Lykke\Desktop\clean\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2008-01-08 to 2008-02-08 )))))))))))))))))))))))))))))))
.
2008-02-08 10:06 . 2008-02-08 10:15 279,539,252 --a------ C:\Windows\MEMORY.DMP
2008-02-07 16:16 . 2008-02-07 16:16 54,156 --ah----- C:\Windows\QTFont.qfn
2008-02-07 16:16 . 2008-02-07 16:16 1,409 --a------ C:\Windows\QTFont.for
2008-02-07 15:23 . 2006-11-02 10:44 320,000 --a------ C:\kmd.exe
2008-02-07 14:10 . 2008-02-07 14:10 244 --ah----- C:\sqmnoopt12.sqm
2008-02-07 14:10 . 2008-02-07 14:10 232 --ah----- C:\sqmdata12.sqm
2008-02-07 14:04 . 2008-02-07 14:04 244 --ah----- C:\sqmnoopt11.sqm
2008-02-07 14:04 . 2008-02-07 14:04 232 --ah----- C:\sqmdata11.sqm
2008-02-07 13:05 . 2008-02-07 14:35 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-02-07 13:02 . 2008-02-07 13:02 <DIR> d-------- C:\Program Files\CCleaner
2008-02-07 12:07 . 2008-02-07 12:07 244 --ah----- C:\sqmnoopt10.sqm
2008-02-07 12:07 . 2008-02-07 12:07 232 --ah----- C:\sqmdata10.sqm
2008-02-07 11:52 . 2008-02-07 11:52 244 --ah----- C:\sqmnoopt09.sqm
2008-02-07 11:52 . 2008-02-07 11:52 232 --ah----- C:\sqmdata09.sqm
2008-02-07 11:48 . 2008-02-07 12:32 245 --a------ C:\Windows\wininit.ini
2008-02-07 11:26 . 2008-02-07 11:26 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-02-07 11:05 . 2008-02-07 11:05 244 --ah----- C:\sqmnoopt08.sqm
2008-02-07 11:05 . 2008-02-07 11:05 232 --ah----- C:\sqmdata08.sqm
2008-01-31 11:28 . 2008-02-06 12:18 844 --a------ C:\Windows\bookcase.ini
2008-01-31 11:27 . 2008-02-06 12:18 <DIR> d-------- C:\Program Files\Ordbog
2008-01-26 14:16 . 2008-01-26 14:16 <DIR> d-------- C:\Program Files\DivX
2008-01-22 12:55 . 2008-01-22 12:55 <DIR> d-------- C:\Program Files\SystemRequirementsLab
2008-01-19 11:08 . 2008-01-19 11:08 621,056 --a------ C:\Windows\System32\drivers\dxgkrnl.sys
2008-01-19 11:08 . 2008-01-19 11:08 36,864 --a------ C:\Windows\System32\cdd.dll
2008-01-19 11:06 . 2008-01-19 11:06 22,328 --a------ C:\Windows\System32\drivers\PnkBstrK.sys
2008-01-19 11:06 . 2008-01-19 11:06 22,328 --a------ C:\Users\Mads Lykke\AppData\Roaming\PnkBstrK.sys
2008-01-19 11:05 . 2007-07-19 18:14 1,358,192 --a------ C:\Windows\System32\D3DCompiler_35.dll
2008-01-19 11:05 . 2008-01-19 11:05 669,184 --a------ C:\Windows\System32\pbsvc.exe
2008-01-19 11:05 . 2007-07-19 18:14 444,776 --a------ C:\Windows\System32\d3dx10_35.dll
2008-01-19 11:05 . 2008-01-19 11:05 103,736 --a------ C:\Windows\System32\PnkBstrB.exe
2008-01-19 11:05 . 2008-01-19 11:05 66,872 --a------ C:\Windows\System32\PnkBstrA.exe
2008-01-19 11:04 . 2008-01-19 11:04 <DIR> d-------- C:\Users\All Users\Media Center Programs
2008-01-19 11:04 . 2008-01-19 11:04 <DIR> d-------- C:\ProgramData\Media Center Programs
2008-01-15 01:17 . 2008-01-15 01:17 305 --a------ C:\Windows\game.ini
2008-01-15 01:02 . 2008-01-15 01:02 <DIR> d--hs---- C:\Windows\ftpcache
2008-01-15 00:53 . 2008-01-15 00:53 <DIR> d-------- C:\Program Files\Alcohol Soft
2008-01-08 21:44 . 2008-01-08 21:44 802,816 --a------ C:\Windows\System32\drivers\tcpip.sys
2008-01-08 21:44 . 2008-01-08 21:44 216,760 --a------ C:\Windows\System32\drivers\netio.sys
2008-01-08 21:44 . 2008-01-08 21:44 167,424 --a------ C:\Windows\System32\tcpipcfg.dll
2008-01-08 21:44 . 2008-01-08 21:44 24,064 --a------ C:\Windows\System32\netcfg.exe
2008-01-08 21:44 . 2008-01-08 21:44 22,016 --a------ C:\Windows\System32\netiougc.exe
2008-01-08 21:43 . 2008-01-08 21:43 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-01-08 21:43 . 2008-01-08 21:43 1,686,016 --a------ C:\Windows\System32\gameux.dll
2008-01-08 21:43 . 2008-01-08 21:43 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
2008-01-08 21:43 . 2008-01-08 21:43 211,000 --a------ C:\Windows\System32\drivers\volsnap.sys
2008-01-08 21:43 . 2008-01-08 21:43 154,624 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-01-08 21:43 . 2008-01-08 21:43 109,624 --a------ C:\Windows\System32\drivers\ataport.sys
2008-01-08 21:43 . 2008-01-08 21:43 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys
2008-01-08 21:43 . 2008-01-08 21:43 21,560 --a------ C:\Windows\System32\drivers\atapi.sys
2008-01-08 21:43 . 2008-01-08 21:43 15,928 --a------ C:\Windows\System32\drivers\pciide.sys
2008-01-08 21:43 . 2008-01-08 21:43 11,776 --a------ C:\Windows\System32\sbunattend.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-08 11:33 --------- d-----w C:\ProgramData\FLEXnet
2008-02-08 11:30 --------- d-----w C:\Users\Mads Lykke\AppData\Roaming\uTorrent
2008-02-07 12:04 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-02-07 10:48 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-02-06 14:10 --------- d-----w C:\Users\Mads Lykke\AppData\Roaming\foobar2000
2008-01-22 12:14 --------- d-----w C:\ProgramData\NVIDIA
2008-01-17 19:23 --------- d-----w C:\Program Files\Common Files\Steam
2008-01-15 00:17 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-14 23:52 715,248 ----a-w C:\Windows\system32\drivers\sptd.sys
2008-01-08 20:49 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-08 20:49 --------- d-----w C:\Program Files\Windows Mail
2008-01-08 20:43 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-01-08 20:43 449,024 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-01-08 20:43 2,143,744 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-01-08 20:43 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-01-05 18:34 --------- d-----w C:\Program Files\PowerISO
2008-01-03 15:21 --------- d-----w C:\Program Files\Cisco Systems
2008-01-03 15:17 --------- d-----w C:\Program Files\Common Files\Deterministic Networks
2008-01-01 18:02 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-01 17:39 --------- d-----w C:\Program Files\Bonjour
2008-01-01 17:33 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2007-12-29 10:45 306,432 ----a-w C:\Windows\System32\TuneUpDefragService.exe
2007-12-29 10:45 --------- d-----w C:\ProgramData\TuneUp Software
2007-12-29 10:45 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2007-12-20 09:44 16,640 ----a-w C:\Windows\System32\authuitu.dll
2007-12-20 09:41 29,440 ----a-w C:\Windows\System32\uxtuneup.dll
2007-12-14 19:17 --------- d-----w C:\Program Files\VirtualDub 1.7.7
2007-12-14 17:19 --------- d-----w C:\ProgramData\Minnetonka Audio Software
2007-12-14 12:48 --------- d-----w C:\ProgramData\Microsoft Help
2007-12-13 21:07 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2007-12-13 21:07 824,832 ----a-w C:\Windows\System32\wininet.dll
2007-12-13 21:07 56,320 ----a-w C:\Windows\System32\iesetup.dll
2007-12-13 21:07 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2007-12-13 21:07 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2007-12-13 21:07 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2007-12-13 21:07 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2007-12-13 21:06 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys
2007-12-13 21:06 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys
2007-12-13 21:06 3,504,824 ----a-w C:\Windows\System32\ntkrnlpa.exe
2007-12-13 21:06 3,470,520 ----a-w C:\Windows\System32\ntoskrnl.exe
2007-12-13 21:06 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys
2007-12-13 21:06 101,888 ----a-w C:\Windows\system32\drivers\mrxsmb.sys
2007-12-13 16:59 --------- d-----w C:\Program Files\LD-Anime
2007-12-11 17:52 356,352 ----a-w C:\Windows\System32\nvuninst.exe
2007-12-11 16:06 86,016 ----a-w C:\Windows\System32\nvsvc.dll
2007-12-11 16:06 81,920 ----a-w C:\Windows\System32\nvmctray.dll
2007-12-11 16:06 8,530,464 ----a-w C:\Windows\System32\nvcpl.dll
2007-12-11 16:06 8,238,688 ----a-w C:\Windows\system32\drivers\nvlddmkm.sys
2007-12-11 16:06 795,104 ----a-w C:\Windows\System32\dpinst.exe
2007-12-11 16:06 753,664 ----a-w C:\Windows\System32\nvcplui.exe
2007-12-11 16:06 7,098,368 ----a-w C:\Windows\System32\nvoglv32.dll
2007-12-11 16:06 6,549,504 ----a-w C:\Windows\System32\nvdisps.dll
2007-12-11 16:06 5,263,360 ----a-w C:\Windows\System32\nvd3dum.dll
2007-12-11 16:06 45,056 ----a-w C:\Windows\System32\nvmccsrs.dll
2007-12-11 16:06 385,024 ----a-w C:\Windows\System32\nvapi.dll
2007-12-11 16:06 356,352 ----a-w C:\Windows\System32\nvudisp.exe
2007-12-11 16:06 35,328 ----a-w C:\Windows\System32\nvcod100.dll
2007-12-11 16:06 35,328 ----a-w C:\Windows\System32\nvcod.dll
2007-12-11 16:06 307,200 ----a-w C:\Windows\System32\nvexpbar.dll
2007-12-11 16:06 3,710,976 ----a-w C:\Windows\System32\nvvitvs.dll
2007-12-11 16:06 3,420,160 ----a-w C:\Windows\System32\nvgames.dll
2007-12-11 16:06 229,376 ----a-w C:\Windows\System32\nvmccs.dll
2007-12-11 16:06 2,498,560 ----a-w C:\Windows\System32\nvwss.dll
2007-12-11 16:06 188,416 ----a-w C:\Windows\System32\nvmccss.dll
2007-12-11 16:06 147,456 ----a-w C:\Windows\System32\nvcolor.exe
2007-12-11 16:06 1,830,912 ----a-w C:\Windows\System32\nvwgf2um.dll
2007-12-11 16:06 1,228,800 ----a-w C:\Windows\System32\nvmobls.dll
2007-12-04 13:04 837,496 ----a-w C:\Windows\System32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\Windows\System32\AvastSS.scr
2007-11-29 22:30 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2007-11-29 22:30 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2007-11-20 18:17 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll
2007-10-10 21:45 174 --sha-w C:\Program Files\desktop.ini
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D371865-5AD3-480A-8CAC-4992E64BA70A}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1043F31E-931E-4E2C-BBAD-35F4C715540A}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{19C7FA80-CFFB-4052-8A9A-176FD6AE5374}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1DD2E707-579E-402F-95CD-99AB71049B5F}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2135C9A8-22FF-4BF7-8E0D-01833C775C8A}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2D5509C6-B160-4E0E-A756-42C9249D2FAA}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2DB6DB0D-FBB0-4F00-93C0-44CC87C5FD8F}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2DCD1CF4-8572-4BD3-8B44-D23400CD9A66}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2FC74B0A-07E5-4173-96EC-6B218360C972}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2FEF87D3-D62C-40F3-AFEA-00D674086437}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4DB0876E-B069-454E-A637-156784C87162}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4F8F8CDD-E0B9-45B1-84AE-2C16B48DB608}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5096F4A5-8454-4D96-90C3-DC6D26E948C1}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54381471-743A-4B3D-B61D-6D3E75BBED87}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{58474119-7C8C-422E-AAC2-3FC9462E51D4}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5A9BC2C2-C6A1-4130-BAE9-681EC80C1010}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{61FA5A5A-2D55-400F-A13B-7F29742C2845}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{62FCB793-6A12-489F-AC67-4E1626D599B9}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6A21A42E-5EE9-44F7-BDCA-88A5233FFF77}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7631C3C4-B2E6-4703-801C-4DA8FCD23310}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7AF268D9-5ABE-40C6-A923-14418865A835}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{82D07083-A334-4935-8E8C-6270BF5D59A3}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8411C92A-0880-4C81-882A-7715A5CFBBDA}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8890A90A-D27E-4699-A149-6C515CC3E09A}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{895E31D2-D2F9-4401-A2AA-7743C65B947C}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8CD4E28B-CAF4-472C-8B40-F512A52EDD51}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8D35636B-24F3-403A-B575-D81DC11FD742}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8E909C06-F7B0-4802-8C66-695F10C048D3}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{956F9EDE-149F-4BCC-91A4-4E8AFE077A01}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{970547C0-2629-41B1-8EA6-44A45AF53C0B}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{970585B2-E201-4951-8770-6F7AC2CFAD3A}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9A3F6BED-5498-4987-9AE1-25598D6AB4FC}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9E60AB92-E4C8-4257-A149-7C53472473DA}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9EF214F0-B481-4D44-9D7C-0FF7D79CBE94}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A165B2B4-E264-458B-B1AF-D4BE09A9A88C}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3703CD5-0401-4BBF-969F-CD01B6EE45E0}]
C:\Windows\system32\gebbc.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B5A09B4A-A8F9-4845-B54D-304897FE2F53}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B9C3B349-FFBA-4DA9-818F-B0A7A4046039}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BFF13CF6-BB9A-4D73-BDEB-4DEC2CE75171}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C079AFE5-AC16-4F43-809E-C496AC8BFA35}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4C5C903-3102-4521-87E6-615B7ACCDE5F}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E463D6A8-35D8-4933-9ECB-3277B03D2863}]
C:\WINDOWS\SYSTEM32\WVUSR.DLL
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PhaseFireWireService"="C:\Program Files\Common Files\TerraTec\PhaseFW\common\PhaseFWService.exe" [2007-04-13 12:03 110592]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-04-23 15:46 1318128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-10-10 22:30 1006264]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 22:48 479232]
"JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe" [2007-03-20 07:36 36864]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 14:32 56080 C:\Windows\KHALMNPR.Exe]
"Memory Allocation Services"="cisrv.exe" []
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-12-11 17:06 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-12-11 17:06 8530464]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-12-11 17:06 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{A00CA75C-DEDD-4474-9088-5D6363D69338}"= C:\WINDOWS\SYSTEM32\SSQPO.DLL [ ]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup=C:\Windows\pss\Adobe Acrobat Speed Launcher.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk
backup=C:\Windows\pss\Adobe Acrobat Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=C:\Windows\pss\Adobe Gamma.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=C:\Windows\pss\Logitech SetPoint.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=C:\Windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
--a------ 2007-05-10 22:46 624248 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
--a------ 2007-12-22 08:23 221568 C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2007-09-20 14:35 202024 C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
--a------ 2007-09-20 08:51 1836328 C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 14:57 153136 C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
--a------ 2007-04-02 17:32 1261568 C:\Program Files\Analog Devices\Core\smax4pnp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundTray]
--a------ 2007-04-01 11:44 49152 C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2007-12-01 22:04 1266936 I:\Programmer\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-09-25 00:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
S1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-02 09:57]
S2 AEADIFilters;Andrea ADI Filters Service;C:\Windows\system32\AEADISRV.EXE [2007-02-05 23:44]
S2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot []
S2 UxTuneUp;TuneUp Theme Extension;C:\Windows\System32\svchost.exe [2006-11-02 10:45]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8187.sys [2007-11-19 06:59]
S3 s125bus;Sony Ericsson Device 125 driver (WDM);C:\Windows\system32\DRIVERS\s125bus.sys [2007-04-24 08:33]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s125mdfl.sys [2007-04-24 08:33]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s125mdm.sys [2007-04-24 08:33]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s125mgmt.sys [2007-04-24 08:33]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s125obex.sys [2007-04-24 08:33]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-01-17 20:22]
S3 TTFWgsif;TTFWgsif;C:\Windows\system32\Drivers\TTFWgsif.sys [2005-11-29 17:33]
S3 TTPhase1394;TTPhase1394;C:\Windows\system32\Drivers\TTPhase1394.sys [2007-06-22 23:04]
S3 TTPhaseA;TTPhaseA;C:\Windows\system32\Drivers\TTPhaseA.sys [2007-06-22 23:03]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2007-12-29 11:45]
S3 viaagp;VIA AGP Bus Filter;C:\Windows\system32\drivers\viaagp.sys [2006-11-02 10:49]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 09:51]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\shell\AutoRun\command - E:\Autoplay.exe -auto
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
\shell\AutoRun\command - J:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f977e545-7773-11dc-be70-806e6f6e6963}]
\shell\AutoRun\command - E:\.\Bin\Assetup.exe
*Newly Created Service* - ECACHE
.
Contents of the 'Scheduled Tasks' folder
"2008-01-25 16:16:45 C:\Windows\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-02-08 12:35:22
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-02-08 12:35:42
ComboFix-quarantined-files.txt 2008-02-08 11:35:39
ComboFix2.txt 2008-02-07 14:26:13
ComboFix3.txt 2008-02-07 13:31:44
.
2008-02-08 11:25:05 --- E O F ---
