ComboFix 09-07-09.08 - Thomas 10.07.2009 22:56.8.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.2047.1447 [GMT 2:00] Kjører fra: c:\documents and settings\Thomas\Skrivebord\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !! . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\docume~1\Thomas\LOKALE~1\Temp\swt-gdip-win32-3448.dll c:\docume~1\Thomas\LOKALE~1\Temp\swt-win32-3448.dll c:\documents and settings\Thomas\Lokale innstillinger\temp\swt-gdip-win32-3448.dll c:\documents and settings\Thomas\Lokale innstillinger\temp\swt-win32-3448.dll c:\windows\Installer\4622a43.msi . ((((((((((((((((((((((((((( Filer Opprettet Fra 2009-06-10 til 2009-07-10 ))))))))))))))))))))))))))))))))) . 2009-07-09 15:00 . 2009-07-09 15:00 -------- d-----w- c:\documents and settings\All Users\Programdata\DAEMON Tools Lite 2009-07-09 15:00 . 2009-07-09 15:00 -------- d-----w- c:\programfiler\DAEMON Tools Toolbar 2009-07-09 15:00 . 2009-07-10 16:37 -------- d-----w- c:\programfiler\DAEMON Tools Lite 2009-07-09 14:55 . 2009-07-09 15:02 -------- d-----w- c:\documents and settings\Thomas\Programdata\DAEMON Tools Lite 2009-07-08 18:31 . 2009-07-10 18:08 -------- d-----w- c:\documents and settings\Thomas\Programdata\vlc 2009-07-04 15:16 . 2009-07-04 15:16 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll 2009-07-04 15:11 . 2009-07-04 15:11 -------- d-----w- c:\programfiler\VUGames 2009-06-26 13:51 . 2009-06-18 14:57 2052888 ----a-w- c:\documents and settings\All Users\Programdata\avg8\update\backup\avgcorex.dll 2009-06-19 23:21 . 2009-07-10 20:28 -------- d--h--r- c:\documents and settings\Thomas\Siste 2009-06-18 14:57 . 2009-06-12 13:13 1261344 ----a-w- c:\documents and settings\All Users\Programdata\avg8\update\backup\avgwd.dll 2009-06-18 14:57 . 2009-06-12 13:13 829208 ----a-w- c:\documents and settings\All Users\Programdata\avg8\update\backup\avgcfgx.dll 2009-06-18 14:57 . 2009-06-12 13:13 3298072 ----a-w- c:\documents and settings\All Users\Programdata\avg8\update\backup\setup.exe 2009-06-12 13:13 . 2009-06-16 17:56 1454360 ----a-w- c:\documents and settings\All Users\Programdata\avg8\update\backup\avgupd.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-10 21:09 . 2007-05-12 12:36 -------- d-----w- c:\documents and settings\Thomas\Programdata\Azureus 2009-07-10 20:23 . 2006-02-09 18:53 -------- d-----w- c:\documents and settings\All Users\Programdata\Electronic Arts 2009-07-10 16:37 . 2007-05-20 12:32 -------- d-----w- c:\programfiler\DAEMON Tools 2009-07-10 16:36 . 2009-06-01 10:42 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys 2009-07-10 16:36 . 2009-06-01 10:42 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys 2009-07-09 14:55 . 2007-05-14 15:53 721904 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-07-08 16:40 . 2008-05-30 21:02 -------- d-----w- c:\programfiler\Funcom 2009-07-04 12:13 . 2008-09-23 14:16 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware 2009-07-04 12:13 . 2008-10-22 04:12 3561743 ----a-w- c:\documents and settings\All Users\Programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-07-02 13:10 . 2008-07-04 13:22 -------- d-----w- c:\programfiler\Diablo II 2009-06-20 19:36 . 2008-01-27 09:43 -------- d-----w- c:\programfiler\World of Warcraft 2009-06-20 14:13 . 2006-02-09 18:48 -------- d-----w- c:\programfiler\Electronic Arts 2009-06-20 14:10 . 2008-02-24 00:38 -------- d-----w- c:\programfiler\GameShadow 2009-06-18 14:57 . 2009-04-03 10:58 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-06-17 09:27 . 2008-09-23 14:16 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-17 09:27 . 2008-09-23 14:16 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-14 17:41 . 2008-06-21 12:31 -------- d-----w- c:\documents and settings\Thomas\Programdata\dvdcss 2009-06-14 12:41 . 2008-10-11 08:24 -------- d-----w- c:\programfiler\Disney Interactive Studios 2009-06-14 12:41 . 2005-06-27 20:14 -------- d--h--w- c:\programfiler\InstallShield Installation Information 2009-06-14 12:39 . 2008-10-11 15:37 -------- d-----w- c:\documents and settings\Thomas\Programdata\Disney Interactive Studios 2009-06-14 12:37 . 2007-11-26 16:01 -------- d-----w- c:\programfiler\Atari 2009-06-14 11:33 . 2007-10-23 14:57 -------- d-----w- c:\documents and settings\All Users\Programdata\Tages 2009-06-13 15:10 . 2005-06-27 20:07 27552 ----a-w- c:\documents and settings\Thomas\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT 2009-06-13 10:24 . 2008-06-16 20:08 -------- d-----w- c:\documents and settings\Thomas\Programdata\Ubisoft 2009-06-13 10:24 . 2006-11-04 19:57 -------- d-----w- c:\programfiler\Ubisoft 2009-06-13 10:14 . 2009-05-24 11:26 -------- d-----w- c:\programfiler\My Tribe 2009-06-12 16:16 . 2009-06-02 15:08 -------- d-----w- c:\programfiler\GStudio7 2009-06-12 14:35 . 2009-06-02 15:08 17408 ----a-w- C:\psapi.dll 2009-06-12 13:13 . 2009-04-03 10:58 327688 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-06-07 12:18 . 2009-06-07 12:18 10134 ----a-r- c:\documents and settings\Thomas\Programdata\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe 2009-06-07 12:18 . 2009-06-07 12:18 -------- d-----w- c:\programfiler\Microsoft WSE 2009-06-06 21:13 . 2007-12-22 16:08 -------- d---a-w- c:\documents and settings\All Users\Programdata\TEMP 2009-06-06 21:06 . 2009-06-06 21:06 -------- d-----w- c:\programfiler\iWin.com 2009-06-06 21:05 . 2009-06-06 21:05 -------- d-----w- c:\documents and settings\All Users\Programdata\iWin Games 2009-06-06 18:47 . 2007-12-21 12:10 -------- d-----w- c:\programfiler\Uplink 2009-06-05 15:53 . 2009-06-05 15:53 -------- d-----w- c:\documents and settings\Thomas\Programdata\SaintXi 2009-05-31 23:04 . 2009-05-31 22:58 -------- d-----w- c:\documents and settings\Thomas\Programdata\Atari 2009-05-31 12:09 . 2009-05-31 12:09 -------- d-----w- c:\programfiler\LEGO Media 2009-05-30 20:40 . 2007-07-07 01:48 -------- d-----w- c:\programfiler\Microsoft Games 2009-05-30 17:33 . 2009-05-30 17:33 -------- d-----w- c:\programfiler\PowerISO 2009-05-30 12:03 . 2006-02-11 15:14 -------- d-----w- c:\documents and settings\All Users\Programdata\Sandlot Games 2009-05-29 17:56 . 2009-05-29 17:56 -------- d-----w- c:\documents and settings\Thomas\Programdata\YoudaGames 2009-05-16 13:53 . 2009-05-16 13:38 -------- d-----w- c:\programfiler\Flatspace II 2009-05-08 11:33 . 2009-04-03 10:58 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-05-08 11:32 . 2009-04-03 10:58 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-05-07 15:34 . 2004-08-04 12:00 346112 ----a-w- c:\windows\system32\localspl.dll 2009-04-29 04:50 . 2004-08-04 12:00 827392 ----a-w- c:\windows\system32\wininet.dll 2009-04-29 04:49 . 2004-08-04 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-04-24 19:34 . 2009-04-24 19:33 117760 ----a-w- c:\documents and settings\Thomas\Programdata\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-04-21 22:20 . 2009-04-21 22:20 14311680 ----a-w- c:\windows\system32\xlive.dll 2009-04-21 22:20 . 2009-04-21 22:20 13642496 ----a-w- c:\windows\system32\xlivefnt.dll 2009-04-19 19:51 . 2004-08-04 12:00 1847168 ----a-w- c:\windows\system32\win32k.sys 2009-04-16 13:57 . 2004-08-04 12:00 79480 ----a-w- c:\windows\system32\perfc014.dat 2009-04-16 13:57 . 2004-08-04 12:00 441942 ----a-w- c:\windows\system32\perfh014.dat 2009-04-15 14:55 . 2004-08-04 12:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "LDM"="c:\programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-04-10 67128] "GAINWARD"="c:\programfiler\EXPERTool\TBPanel.exe" [2008-05-23 2170880] "PC Suite Tray"="c:\programfiler\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760] "DAEMON Tools Lite"="c:\programfiler\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-12 13672448] "AWWFSPU"="c:\programfiler\ASUS WiFi-AP Solo\AWWFSPU.exe" [2006-12-18 712781] "Gainward"="c:\windows\TBPanel.exe" [2008-03-10 2177576] "Launch LCDMon"="c:\programfiler\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2007-07-17 1687824] "Launch LGDCore"="c:\programfiler\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2007-07-17 2094352] "Start WingMan Profiler"="c:\programfiler\Logitech\Gaming Software\LWEMon.exe" [2007-09-25 93208] "QuickTime Task"="c:\programfiler\QuickTime\qttask.exe" [2008-09-19 413696] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-12 86016] "Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2009-03-26 148888] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-12 1948440] "PWRISOVM.EXE"="c:\programfiler\PowerISO\PWRISOVM.EXE" [2009-03-15 180224] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-10-12 16267776] "SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-17 2879488] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-11-12 1630208] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2004-12-10 49152] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NSSInstallation"="c:\windows\system32\Adobe\Shockwave 11\nssstub.exe" [2009-01-07 181624] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Thomas\Start-meny\Programmer\Oppstart\ Adobe Gamma.lnk - c:\programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] MagicDisc.lnk - c:\programfiler\MagicDisc\MagicDisc.exe [2007-7-2 534016] c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\ InterVideo WinCinema Manager.lnk - c:\programfiler\InterVideo\Common\Bin\WinCinemaMgr.exe [2005-6-27 114688] Logitech Desktop Messenger.lnk - c:\programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-4-10 67128] Logitech SetPoint.lnk - c:\programfiler\Logitech\SetPoint\SetPoint.exe [2005-6-27 434176] [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] Source= c:\programfiler\Windows NT\kyzeveka.html FriendlyName= [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1] Source= c:\programfiler\Microsoft Works\howy.html FriendlyName= [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-22 10:05 356352 ----a-w- c:\programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-05-08 11:33 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0stera [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^Thomas^Start-meny^Programmer^Oppstart^Weather.lnk] path=c:\documents and settings\Thomas\Start-meny\Programmer\Oppstart\Weather.lnk backup=c:\windows\pss\Weather.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Ventrilo"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Programfiler\\Messenger\\msmsgs.exe"= "c:\\Programfiler\\EA GAMES\\Kampen om Midgard(tm)\\game.dat"= "c:\\Programfiler\\EA GAMES\\Kampen om Midgard(tm)\\patchget.dat"= "c:\\Programfiler\\Ubisoft\\Ghost Recon Advanced Warfighter\\GRAW.exe"= "c:\\Programfiler\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Programfiler\\Azureus\\Azureus.exe"= "c:\\Programfiler\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"= "c:\\Programfiler\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programfiler\\Valve\\Steam\\SteamApps\\sebbe1122\\counter-strike\\hl.exe"= "c:\\Programfiler\\Counter-Strike Source\\hl2.exe"= "c:\\Programfiler\\Codemasters\\GRID\\GRID.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"= "c:\\Programfiler\\mIRC\\backups\\mirc.exe"= "c:\\Programfiler\\Opera\\opera.exe"= "c:\\Programfiler\\World of Warcraft\\BackgroundDownloader.exe"= "c:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"= "c:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"= "c:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"= "c:\\Programfiler\\Telenor\\Telenorhjelpen\\Telenor.exe"= "c:\\Programfiler\\Java\\jre6\\bin\\javaw.exe"= "c:\\Programfiler\\Valve\\Steam\\SteamApps\\common\\flatout demo\\FlatOutDemo.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgupd.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgnsx.exe"= "c:\\Programfiler\\World of Warcraft\\Launcher.exe"= "c:\\Programfiler\\Mozilla Firefox\\firefox.exe"= "c:\\Documents and Settings\\Thomas\\Mine dokumenter\\VLC\\vlc.exe"= "c:\\WINDOWS\\system32\\dplaysvr.exe"= "c:\\Programfiler\\Valve\\Steam\\SteamApps\\common\\empire total war\\Empire.exe"= "c:\\Programfiler\\Valve\\Steam\\SteamApps\\0wnerx\\condition zero\\hl.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "32715:TCP"= 32715:TCP:t "4575:TCP"= 4575:TCP:Azureus "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [03.04.2009 12:58 327688] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [03.04.2009 12:58 108552] R1 SASDIFSV;SASDIFSV;c:\programfiler\SUPERAntiSpyware\sasdifsv.sys [22.12.2008 12:06 8944] R1 SASKUTIL;SASKUTIL;c:\programfiler\SUPERAntiSpyware\SASKUTIL.SYS [22.12.2008 12:05 55024] R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [19.04.2008 12:22 141312] R2 acedrv11;acedrv11;c:\windows\system32\drivers\ACEDRV11.sys [23.01.2008 10:19 501560] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [03.04.2009 12:57 298776] R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [08.04.2007 20:28 35840] S3 AR2425;AzureWave AR5006 Wireless Network Adapter Service;c:\windows\system32\drivers\aw5006.sys [08.04.2007 20:29 556832] S3 SASENUM;SASENUM;c:\programfiler\SUPERAntiSpyware\SASENUM.SYS [22.12.2008 12:06 7408] . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2009-07-10 c:\windows\Tasks\NSSstub.job - c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [2009-01-07 18:23] . - - - - TOMME PEKERE FJERNET - - - - HKCU-Run-EA Core - c:\programfiler\Electronic Arts\EADM\Core.exe . ------- Tilleggsskanning ------- . uDefault_Search_URL = about:blank uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uStart Page = hxxp://www.google.com/ IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll FF - ProfilePath - c:\documents and settings\Thomas\Programdata\Mozilla\Firefox\Profiles\ooezh7a7.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - GoogIe FF - prefs.js: browser.startup.homepage - hxxp://www.startsiden.no/ FF - prefs.js: keyword.URL - hxxp://www.offos.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=GQDvqqom&q= FF - plugin: c:\programfiler\Mozilla Firefox\plugins\NPAskSBr.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\programfiler\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\programfiler\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\programfiler\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: browser.search.selectedEngine - GoogIe FF - user.js: keyword.URL - hxxp://www.offos.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=GQDvqqom&q= c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-10 23:11 Windows 5.1.2600 Service Pack 3 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- LÅSTE REGISTERNØKLER --------------------- [HKEY_USERS\S-1-5-21-725345543-746137067-682003330-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:93,b6,99,50,ee,07,10,ad,b9,96,8d,cd,3e,be,e4,2c,26,b3,83,c5,a6,dd,d8, 06,cc,bc,ea,d4,50,c3,18,4a,3f,d9,aa,7d,7c,89,02,9b,0f,c3,29,04,b8,5e,d9,bf,\ "??"=hex:b5,5e,67,b3,49,08,72,ad,41,a9,3a,9c,e3,bb,58,83 [HKEY_USERS\S-1-5-21-725345543-746137067-682003330-1004\Software\SecuROM\License information*] "datasecu"=hex:d2,41,68,81,28,b9,ae,91,6c,a9,0d,a7,d1,ae,bc,e0,3c,1f,d3,78,5d, 3a,91,91,ff,1a,a4,06,e9,c4,97,5e,cd,4a,74,2a,9a,02,b0,66,31,36,99,67,26,c9,\ "rkeysecu"=hex:a1,ad,cb,dd,d5,19,b6,d4,0b,62,58,b0,6c,a0,c1,58 . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'winlogon.exe'(804) c:\programfiler\SUPERAntiSpyware\SASWINLO.dll - - - - - - - > 'explorer.exe'(2704) c:\programfiler\Logitech\SetPoint\GameHook.dll c:\programfiler\Logitech\SetPoint\lgscroll.dll c:\windows\system32\msimtf.dll c:\windows\system32\WPDShServiceObj.dll c:\programfiler\Nokia\Nokia PC Suite 7\PhoneBrowser.dll c:\programfiler\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\programfiler\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr c:\programfiler\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andre Kjørende Prosesser ------------------------ . c:\programfiler\Java\jre6\bin\jqs.exe c:\programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\nvsvc32.exe c:\programfiler\Spyware Terminator\sp_rsser.exe c:\programfiler\AVG\AVG8\avgrsx.exe c:\progra~1\AVG\AVG8\avgnsx.exe c:\programfiler\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe c:\windows\system32\rundll32.exe c:\programfiler\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe c:\programfiler\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe c:\programfiler\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe c:\programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE c:\programfiler\PC Connectivity Solution\ServiceLayer.exe c:\programfiler\PC Connectivity Solution\Transports\NclUSBSrv.exe c:\programfiler\PC Connectivity Solution\Transports\NclRSSrv.exe c:\windows\system32\msiexec.exe . ************************************************************************** . Tidspunkt ferdig: 2009-07-10 23:18 - maskinen ble startet på nytt ComboFix-quarantined-files.txt 2009-07-10 21:18 ComboFix2.txt 2009-02-14 10:55 Pre-Run: 22 449 217 536 byte ledig Post-Run: 24 448 217 088 byte ledig 289 --- E O F --- 2009-06-10 20:28