ComboFix 09-11-25.05 - Torjus 26.11.2009 21:43.1.1 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.47.1044.18.3001.2249 [GMT 1:00] Kjører fra: c:\users\Torjus\Desktop\ComboFix.exe Command switches brukt :: c:\users\Torjus\Desktop\CFScript.txt SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-1111434089-2014490811-482573775-500 c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar\About Hotbar.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Customer Support Center.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Games!.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Uninstall Instructions.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Videos!.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar\Reset Cursor.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar\Weather.lnk c:\users\Torjus\AppData\Roaming\Hotbar c:\users\Torjus\AppData\Roaming\Hotbar\Weather\history c:\users\Torjus\AppData\Roaming\Hotbar\Weather\Weather_XML\Default c:\users\Torjus\AppData\Roaming\Hotbar\Weather\Weather_XML\Genera1 c:\users\Torjus\AppData\Roaming\Hotbar\Weather\Weather_XML\General c:\users\Torjus\AppData\Roaming\Hotbar\Weather\WeatherDPA\Links c:\users\Torjus\AppData\Roaming\Hotbar\Weather\WeatherDPA\Weather_XML\Display c:\users\Torjus\AppData\Roaming\Hotbar\Weather\WeatherDPA\Weather_XML\Loading c:\users\Torjus\AppData\Roaming\Hotbar\Weather\WeatherDPA\Weather_XML\screen2 c:\users\Torjus\AppData\Roaming\Hotbar\Weather\WeatherDPA\WeatherPreferences c:\users\Torjus\AppData\Roaming\Hotbar\Weather\WeatherStartup.xml c:\users\Torjus\AppData\Roaming\WeatherDPA c:\windows\system32\oem9.inf . ((((((((((((((((((((((((((( Filer Opprettet Fra 2009-10-26 til 2009-11-26 ))))))))))))))))))))))))))))))))) . 2009-11-26 16:00 . 2009-10-29 09:41 2048 ----a-w- c:\windows\system32\tzres.dll 2009-11-25 16:30 . 2009-08-10 11:01 1399296 ----a-w- c:\windows\system32\msxml6.dll 2009-11-25 16:30 . 2009-08-10 11:00 1257472 ----a-w- c:\windows\system32\msxml3.dll 2009-11-24 15:45 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-11-23 21:22 . 2009-11-23 21:22 -------- d-----w- c:\users\Torjus\AppData\Roaming\Malwarebytes 2009-11-23 21:17 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-11-23 21:17 . 2009-11-24 15:45 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-11-23 21:17 . 2009-11-23 21:17 -------- d-----w- c:\programdata\Malwarebytes 2009-11-23 21:17 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-23 20:53 . 2009-09-24 07:55 97208 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys 2009-11-23 20:53 . 2009-09-24 07:55 229304 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2009-11-23 20:53 . 2009-10-06 15:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2009-11-23 20:53 . 2009-09-23 15:10 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2009-11-23 20:53 . 2009-09-03 08:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2009-11-23 20:53 . 2009-11-23 20:53 -------- d-----w- C:\_117172_ 2009-11-23 20:53 . 2009-11-23 20:53 32768 d-----w- c:\program files\Spyware Doctor 2009-11-23 20:53 . 2009-11-23 20:53 -------- d-----w- c:\program files\Common Files\PC Tools 2009-11-23 20:53 . 2009-11-23 20:53 -------- d-----w- c:\users\Torjus\AppData\Roaming\PC Tools 2009-11-23 20:53 . 2009-11-23 20:53 -------- d-----w- c:\programdata\PC Tools 2009-11-23 16:07 . 2009-11-24 19:54 -------- d-----w- c:\users\Torjus\AppData\Local\vyybvw 2009-11-23 15:46 . 2009-11-23 15:46 50688 --sha-r- c:\windows\system32\JCEJ.dll 2009-11-22 10:25 . 2009-11-22 10:25 439816 ----a-w- c:\users\Torjus\AppData\Roaming\Real\Update\setup3.09\setup.exe 2009-11-19 20:08 . 2009-11-19 20:08 4096 d-----w- c:\program files\Gmail Password Recovery 2009-11-18 19:57 . 2009-11-18 20:23 4096 d-----w- c:\users\Torjus\AppData\Local\WarRockDF 2009-11-18 17:38 . 2009-11-18 17:38 -------- d-----w- c:\users\Torjus\Program Files 2009-11-17 18:33 . 2009-11-22 19:12 4096 d-----w- c:\users\Torjus\AppData\Local\GamersFirst LIVE! 2009-11-17 18:33 . 2009-11-17 18:33 -------- d-----w- c:\users\Torjus\AppData\Local\DNA 2009-11-17 18:33 . 2009-11-26 20:29 4096 d-----w- c:\users\Torjus\AppData\Roaming\DNA 2009-11-17 18:33 . 2009-11-17 18:33 -------- d-----w- c:\program files\DNA 2009-11-17 18:33 . 2009-11-17 21:11 -------- d-----w- c:\program files\GamersFirst 2009-11-11 15:04 . 2009-08-14 13:53 2035712 ----a-w- c:\windows\system32\win32k.sys 2009-11-11 15:04 . 2009-08-10 13:05 351232 ----a-w- c:\windows\system32\WSDApi.dll 2009-11-10 13:58 . 2009-11-12 14:52 4096 d-----w- c:\program files\Microsoft Silverlight 2009-11-10 13:56 . 2009-11-10 13:56 -------- d-----w- c:\program files\Microsoft Sync Framework 2009-11-10 13:54 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2009-11-10 13:53 . 2009-11-10 13:53 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2009-11-10 13:48 . 2009-11-10 13:57 -------- d-----w- c:\program files\Microsoft 2009-11-08 22:42 . 2009-11-24 15:41 4096 d-----w- c:\programdata\HotbarSA 2009-11-08 13:06 . 2009-11-08 13:06 4096 d-----w- c:\users\Torjus\AppData\Local\Microsoft Help 2009-11-04 22:17 . 2009-11-04 22:19 4096 d-----w- c:\program files\Stylish Profile 2009-11-04 17:01 . 2009-11-04 17:01 -------- d-sh--w- c:\windows\ftpcache . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-26 20:51 . 2009-07-15 13:05 8192 d-----w- c:\program files\Common Files\Akamai 2009-11-26 20:29 . 2009-06-06 15:19 28672 d-----w- c:\users\Torjus\AppData\Roaming\uTorrent 2009-11-26 15:56 . 2009-06-17 13:55 7 ----a-w- c:\windows\sbacknt.bin 2009-11-24 20:16 . 2009-06-06 16:35 -------- d-----w- c:\users\Torjus\AppData\Roaming\Spotify 2009-11-24 19:43 . 2009-10-20 13:44 -------- d-----w- c:\program files\Adult Online TV Player 2009 2009-11-24 15:40 . 2009-09-04 12:59 680 ----a-w- c:\users\Torjus\AppData\Local\d3d9caps.dat 2009-11-23 21:36 . 2009-09-27 12:41 -------- d-----w- c:\program files\iPod 2009-11-16 20:29 . 2008-01-21 05:56 76478 ----a-w- c:\windows\system32\perfc014.dat 2009-11-16 20:29 . 2008-01-21 05:56 452326 ----a-w- c:\windows\system32\perfh014.dat 2009-11-12 14:51 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail 2009-11-12 14:35 . 2008-08-09 18:20 8192 d-----w- c:\programdata\Microsoft Help 2009-11-10 13:57 . 2009-06-06 12:28 4096 d-----w- c:\program files\Windows Live 2009-11-04 22:17 . 2009-10-02 20:40 4096 d-----w- c:\program files\Opera 2009-10-28 14:12 . 2008-08-09 17:54 8192 d--h--w- c:\program files\InstallShield Installation Information 2009-10-25 21:35 . 2009-10-25 21:35 -------- d-----w- c:\users\Torjus\AppData\Roaming\My Games 2009-10-25 21:26 . 2009-10-25 21:26 -------- d-----w- c:\program files\Firaxis Games 2009-10-25 15:58 . 2009-10-25 15:58 -------- d-----w- c:\programdata\Age of Empires 3 2009-10-25 14:57 . 2006-11-02 12:35 4096 d-----w- c:\program files\Microsoft Games 2009-10-25 14:54 . 2008-08-09 17:53 -------- d-----w- c:\program files\Common Files\InstallShield 2009-10-25 14:53 . 2009-10-25 14:48 -------- d-----w- c:\users\Torjus\AppData\Roaming\DAEMON Tools Lite 2009-10-25 14:51 . 2009-10-25 14:51 -------- d-----w- c:\programdata\DAEMON Tools Lite 2009-10-25 14:51 . 2009-10-25 14:51 4096 d-----w- c:\program files\DAEMON Tools Toolbar 2009-10-25 14:51 . 2009-10-25 14:51 4096 d-----w- c:\program files\DAEMON Tools Lite 2009-10-25 14:47 . 2009-10-25 14:47 722416 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-10-25 14:46 . 2009-10-25 14:46 -------- d-----w- c:\users\Torjus\AppData\Roaming\DAEMON Tools Pro 2009-10-19 14:05 . 2009-10-19 14:05 -------- d-----w- c:\users\Torjus\AppData\Roaming\AccurateRip 2009-10-19 14:05 . 2009-10-19 14:05 15341 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat 2009-10-19 14:05 . 2009-10-19 14:05 -------- d-----w- c:\program files\Illustrate 2009-10-19 14:04 . 2009-10-19 14:05 5640880 ----a-w- c:\windows\system32\SpoonUninstall.exe 2009-10-19 13:14 . 2009-06-17 13:54 152904 ----a-w- c:\windows\system32\vghd.scr 2009-10-19 13:14 . 2009-06-17 13:54 4096 d-----w- c:\program files\vghd 2009-10-18 09:20 . 2009-08-16 19:12 4096 d-----w- c:\users\Torjus\AppData\Roaming\Apple Computer 2009-10-15 19:07 . 2009-09-02 19:08 4096 d-----w- c:\users\Torjus\AppData\Roaming\Music Editor Free 2009-10-15 13:03 . 2008-08-09 18:22 28672 d-----w- c:\program files\Microsoft Works 2009-10-14 05:39 . 2009-06-06 12:47 8192 d-----w- c:\program files\GameSpy Arcade 2009-10-13 18:20 . 2009-09-13 14:20 8192 d-----w- c:\program files\Cheat Engine 2009-10-03 12:49 . 2009-10-03 12:49 -------- d-----w- c:\users\Torjus\AppData\Roaming\Blender Foundation 2009-10-03 12:49 . 2009-10-03 12:49 -------- d-----w- c:\program files\Blender Foundation 2009-10-02 20:14 . 2009-10-02 20:09 19500 ----a-w- c:\windows\hpqins13.dat 2009-10-02 20:10 . 2009-10-02 20:09 -------- d-----w- c:\program files\HP 2009-10-02 20:09 . 2009-10-02 20:09 -------- d-----w- c:\program files\Common Files\HP 2009-10-02 20:09 . 2009-10-02 20:09 -------- d-----w- c:\programdata\HP 2009-10-02 18:41 . 2009-10-02 18:41 2140160 ----a-w- c:\windows\system32\python26.dll 2009-10-01 19:37 . 2009-10-01 19:36 -------- d-----w- c:\users\Torjus\AppData\Roaming\Clickteam 2009-10-01 19:36 . 2009-10-01 19:36 -------- d-----w- c:\program files\FreeGamePick.com 2009-09-30 21:11 . 2009-09-30 21:09 12444064 ----a-w- c:\users\Torjus\AppData\Roaming\vghd\Data\update\updater.exe 2009-09-27 12:31 . 2009-09-27 12:31 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.1.8\SetupAdmin.exe 2009-09-26 18:04 . 2009-09-26 18:04 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll 2009-09-16 13:13 . 2009-09-13 15:15 37 ----a-w- c:\users\Torjus\jagex_runescape_preferences.dat 2009-09-16 13:13 . 2009-09-13 15:16 45 ----a-w- c:\users\Torjus\jagex_runescape_preferences2.dat 2009-09-14 09:44 . 2009-10-14 17:21 144896 ----a-w- c:\windows\system32\drivers\srv2.sys 2009-09-10 17:30 . 2009-10-14 17:47 213504 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 15:21 . 2009-10-27 17:26 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-09-10 15:21 . 2009-10-27 17:26 310784 ----a-w- c:\windows\system32\unregmp2.exe 2009-09-08 18:01 . 2009-06-11 15:25 139072 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-09-08 18:00 . 2009-06-11 15:25 189672 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-09-04 12:24 . 2009-10-14 17:21 61440 ----a-w- c:\windows\system32\msasn1.dll . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2009-04-02 10:47 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-09-03 3342336] "Steam"="c:\valve\Steam\Steam.exe" [2003-11-11 1081344] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656] "BitTorrent DNA"="c:\users\Torjus\Program Files\DNA\btdna.exe" [2009-11-22 323392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-16 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-16 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-16 145944] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-09 24064] "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 40048] "WarReg_PopUp"="c:\program files\eMachines\WR_PopUp\WarReg_PopUp.exe" [2008-05-09 49152] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-25 768520] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-07-21 159744] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-08-13 198160] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016] "ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2009-09-22 1243088] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-06-27 6244896] "Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2008-06-27 1826816] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-06-12 56080] c:\users\Torjus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ DesktopVideoPlayer.LNK - c:\program files\vghd\vghd.exe [2009-6-17 423248] Kuma_Tray.lnk - c:\program files\Kuma Games\kgsystray\Kuma_tray.exe [2009-7-15 33992] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ GamersFirst LIVE!.lnk - c:\program files\GamersFirst\LIVE!\Live.exe [2009-10-28 2665328] Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-6-6 768528] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [23.11.2009 21:53 207280] R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [21.01.2008 03:33 21504] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [03.03.2008 12:11 16384] R2 ETService;Empowering Technology Service;c:\program files\eMachines\eMachines Recovery Management\Service\ETService.exe [06.06.2009 13:08 24576] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [06.04.2008 21:42 50424] R2 regi;regi;c:\windows\System32\drivers\regi.sys [17.04.2007 19:09 11032] R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [23.11.2009 21:53 358600] S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [25.10.2009 15:47 722416] S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [06.06.2009 16:20 234888] S2 gupdate1ca1c42e5a81690;Googles oppdateringstjeneste (gupdate1ca1c42e5a81690);c:\program files\Google\Update\GoogleUpdate.exe [13.08.2009 19:21 133104] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [04.04.2008 02:03 131072] S3 GoogleDesktopManager-071508-051939;Google Desktop Manager 5.7.807.15159;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [09.08.2008 19:09 24064] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc Akamai REG_MULTI_SZ Akamai . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2009-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-13 18:21] 2009-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-13 18:21] . . ------- Tilleggsskanning ------- . mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0414&s=2&o=vb32&d=0609&m=e520 uInternet Settings,ProxyOverride = uInternet Settings,ProxyServer = http=127.0.0.1:5555 IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Stylish Profile\ct.htm FF - ProfilePath - c:\users\Torjus\AppData\Roaming\Mozilla\Firefox\Profiles\q97xxgm7.default\ FF - prefs.js: browser.startup.homepage - hxxp://search13.net?clid=486 FF - prefs.js: keyword.URL - hxxp://search13.net/search.php?clid=486&q= FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - component: c:\users\Torjus\AppData\Roaming\Mozilla\Firefox\Profiles\q97xxgm7.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npclntax_HotbarSA.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: c:\users\Torjus\Program Files\DNA\plugins\npbtdna.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); . - - - - TOMME PEKERE FJERNET - - - - HKLM-Run-eRecoveryService - (no file) HKLM-Run-Bluetooth Connection Assistant - LBTWIZ.EXE AddRemove-Activation Assistant for the 2007 Microsoft Office suites - c:\programdata\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe REMOVE=TRUE MODIFY=FALSE AddRemove-Adult Online TV Player 2009 1.00 - c:\program files\Adult Online TV Player 2009\Uninstall.exe AddRemove-CCleaner - c:\users\Torjus\Desktop\CCleaner\uninst.exe AddRemove-dBpoweramp Music Converter - c:\windows\system32\SpoonUninstall.exe c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat AddRemove-LManager - c:\windows\UnInst32.exe LManager.UNI AddRemove-RealJukebox 1.0 - c:\program files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 AddRemove-RealPlayer 6.0 - c:\program files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 AddRemove-Sandbox - c:\program files\EA GAMES\Battlefield 2\mods\uninstallsandbox.exe AddRemove-vghd - c:\users\Torjus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtuaGirl HD\uninstall.lnk AddRemove-{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} - c:\program files\Apoint2K\Uninstap.exe ADDREMOVE AddRemove-{c1b0af13-105c-413a-8589-8d8ba613d4b5} - c:\program files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER=XM02-508X-MHAT-19WU-9Z3Z-0CH0-3U6E-85W5-MMHH-6647-1Z5L-7M8C-0U45-758P-0000 ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-11-26 21:51 Windows 6.0.6001 Service Pack 1 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . Tidspunkt ferdig: 2009-11-26 21:54 ComboFix-quarantined-files.txt 2009-11-26 20:54 Pre-Run: 78 050 738 176 byte ledig Post-Run: 78 012 841 984 byte ledig - - End Of File - - 3DD1D78C8A298B9E22C5C8B9C08C8AC5