
DDS (Ver_09-12-01.01) - NTFSx86  
Run by Marius at 20:02:54,18 on 19.12.2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_16
Microsoft Windows XP Home Edition  5.1.2600.3.1252.47.1044.18.503.169 [GMT 1:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated)   {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled*   {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Programfiler\Java\jre6\bin\jqs.exe
C:\Programfiler\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\FELLES~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FELLES~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Programfiler\McAfee\MPF\MPFSrv.exe
C:\Programfiler\McAfee\MSK\MskSrver.exe
C:\Programfiler\CDBurnerXP\NMSAccessU.exe
C:\Programfiler\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe
C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
C:\Programfiler\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programfiler\McAfee.com\Agent\mcagent.exe
C:\Programfiler\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programfiler\Skype\Phone\Skype.exe
C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programfiler\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Documents and Settings\Marius\Skrivebord\dds.scr

============== Pseudo HJT Report ===============

BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\programfiler\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\programfiler\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\programfiler\mcafee\virusscan\scriptsn.dll
BHO: Påloggingshjelp for Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programfiler\fellesfiler\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\programfiler\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\programfiler\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programfiler\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\programfiler\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programfiler\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\programfiler\google\google toolbar\GoogleToolbar_32.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\programfiler\windows live\toolbar\wltcore.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [Skype] "c:\programfiler\skype\phone\Skype.exe" /nosplash /minimized
uRun: [swg] "c:\programfiler\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "c:\programfiler\windows live\messenger\msnmsgr.exe" /background
mRun: [SynTPEnh] c:\programfiler\synaptics\syntp\SynTPEnh.exe
mRun: [SoundMAXPnP] c:\programfiler\analog devices\soundmax\SMax4PNP.exe
mRun: [SoundMAX] c:\programfiler\analog devices\soundmax\Smax4.exe /tray
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [mcagent_exe] "c:\programfiler\mcafee.com\agent\mcagent.exe" /runkey
mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide
mRun: [SunJavaUpdateSched] "c:\programfiler\java\jre6\bin\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-explorer: NoThumbnailCache = 1 (0x1)
IE: Google Sidewiki - c:\programfiler\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programfiler\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\programfiler\windows live\writer\WriterBrowserExtension.dll
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\programfiler\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\programfiler\skype\toolbars\internet explorer\SkypeIEPlugin.dll
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1261234958069
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\felles~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\marius\progra~1\mozilla\firefox\profiles\ca0ggjm5.default\
FF - component: c:\programfiler\mcafee\siteadvisor\components\McFFPlg.dll
FF - plugin: c:\programfiler\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\programfiler\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\programfiler\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\programfiler\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");

============= SERVICES / DRIVERS ===============

R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [2009-12-19 40560]
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-11-4 214664]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-12-19 54752]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\programfiler\mcafee\siteadvisor\McSACore.exe [2009-12-19 203280]
R2 McProxy;McAfee Proxy Service;c:\progra~1\felles~1\mcafee\mcproxy\mcproxy.exe [2009-12-19 359952]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2009-12-19 144704]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2009-12-19 606736]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-12-19 79816]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-12-19 35272]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-12-19 40552]
S1 SASDIFSV;SASDIFSV;\??\f:\superantispyware\sasdifsv.sys --> f:\superantispyware\SASDIFSV.SYS [?]
S1 SASKUTIL;SASKUTIL;\??\f:\superantispyware\saskutil.sys --> f:\superantispyware\SASKUTIL.sys [?]
S3 fsssvc;Windows Live Tryggere for familien-tjenesten;c:\programfiler\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-12-19 34248]
S3 SASENUM;SASENUM;\??\f:\superantispyware\sasenum.sys --> f:\superantispyware\SASENUM.SYS [?]

=============== Created Last 30 ================

2009-12-19 18:26:57	0	d--h--r-	c:\documents and settings\marius\Siste
2009-12-19 18:20:08	17248	----a-w-	c:\windows\system32\mucltui.dll.mui
2009-12-19 18:20:07	274288	----a-w-	c:\windows\system32\mucltui.dll
2009-12-19 18:12:21	0	d-----w-	C:\archive_db
2009-12-19 18:10:09	0	d-----w-	c:\docume~1\alluse~1\progra~1\Paragon
2009-12-19 16:25:14	0	d-----w-	c:\documents and settings\marius\Tracing
2009-12-19 16:24:07	54752	----a-w-	c:\windows\system32\drivers\fssfltr_tdi.sys
2009-12-19 16:21:52	3426072	----a-w-	c:\windows\system32\d3dx9_32.dll
2009-12-19 16:21:17	0	d-----w-	c:\programfiler\Microsoft SQL Server Compact Edition
2009-12-19 16:19:44	0	d-----w-	c:\programfiler\Microsoft
2009-12-19 16:19:19	0	d-----w-	c:\programfiler\Windows Live SkyDrive
2009-12-19 16:12:04	0	d-----w-	c:\programfiler\fellesfiler\Windows Live
2009-12-19 16:01:04	0	d-----w-	c:\docume~1\marius\progra~1\IObit
2009-12-19 16:01:02	0	d-----w-	c:\programfiler\IObit
2009-12-19 16:00:04	7168	----a-w-	c:\windows\system32\drivers\StarOpen.sys
2009-12-19 15:58:29	40560	----a-w-	c:\windows\system32\drivers\hotcore3.sys
2009-12-19 15:56:01	0	d-----w-	c:\programfiler\Paragon Software
2009-12-19 15:55:12	0	d-----w-	c:\programfiler\VS Revo Group
2009-12-19 15:41:57	0	d-----w-	c:\programfiler\VideoLAN
2009-12-19 15:39:59	0	d-----r-	c:\programfiler\Skype
2009-12-19 15:37:44	0	d-----w-	c:\programfiler\LimeWire
2009-12-19 15:32:54	0	d-----w-	c:\programfiler\JRE
2009-12-19 15:32:02	0	d-----w-	c:\programfiler\OpenOffice.org 3
2009-12-19 15:31:32	73728	----a-w-	c:\windows\system32\javacpl.cpl
2009-12-19 15:31:32	411368	----a-w-	c:\windows\system32\deploytk.dll
2009-12-19 14:48:22	14048	------w-	c:\windows\system32\spmsg2.dll
2009-12-19 14:45:09	0	d-----w-	c:\windows\system32\XPSViewer
2009-12-19 14:43:42	89088	-c----w-	c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-12-19 14:43:42	597504	-c----w-	c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-12-19 14:43:42	575488	-c----w-	c:\windows\system32\dllcache\xpsshhdr.dll
2009-12-19 14:43:42	575488	------w-	c:\windows\system32\xpsshhdr.dll
2009-12-19 14:43:42	117760	------w-	c:\windows\system32\prntvpt.dll
2009-12-19 14:43:41	1676288	-c----w-	c:\windows\system32\dllcache\xpssvcs.dll
2009-12-19 14:43:41	1676288	------w-	c:\windows\system32\xpssvcs.dll
2009-12-19 14:43:09	0	d-----w-	c:\docume~1\marius\progra~1\Malwarebytes
2009-12-19 14:42:58	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-19 14:42:55	0	d-----w-	c:\docume~1\alluse~1\progra~1\Malwarebytes
2009-12-19 14:42:54	19160	----a-w-	c:\windows\system32\drivers\mbam.sys
2009-12-19 14:42:53	0	d-----w-	c:\programfiler\Malwarebytes' Anti-Malware
2009-12-19 14:21:46	0	d-----w-	c:\programfiler\counter-strike
2009-12-19 14:13:40	0	d-----w-	c:\programfiler\Steam
2009-12-19 14:01:57	0	d-sh--w-	c:\documents and settings\marius\IECompatCache
2009-12-19 14:01:33	0	d-sh--w-	c:\documents and settings\marius\PrivacIE
2009-12-19 13:59:45	0	d-sh--w-	c:\documents and settings\marius\IETldCache
2009-12-19 13:55:27	0	d-----w-	c:\windows\ie8updates
2009-12-19 13:52:54	0	dc-h--w-	c:\windows\ie8
2009-12-19 13:50:56	594432	-c----w-	c:\windows\system32\dllcache\msfeeds.dll
2009-12-19 13:50:55	246272	-c----w-	c:\windows\system32\dllcache\ieproxy.dll
2009-12-19 13:50:54	55296	-c----w-	c:\windows\system32\dllcache\msfeedsbs.dll
2009-12-19 13:50:53	1985536	-c----w-	c:\windows\system32\dllcache\iertutil.dll
2009-12-19 13:50:50	12800	-c----w-	c:\windows\system32\dllcache\xpshims.dll
2009-12-19 13:50:48	11069952	-c----w-	c:\windows\system32\dllcache\ieframe.dll
2009-12-19 13:49:39	92160	-c----w-	c:\windows\system32\dllcache\iecompat.dll
2009-12-19 13:25:33	9221	----a-w-	c:\windows\system32\Config.MPF
2009-12-19 13:02:48	40552	----a-w-	c:\windows\system32\drivers\mfesmfk.sys
2009-12-19 13:02:47	79816	----a-w-	c:\windows\system32\drivers\mfeavfk.sys
2009-12-19 13:02:47	35272	----a-w-	c:\windows\system32\drivers\mfebopk.sys
2009-12-19 13:02:41	120136	----a-w-	c:\windows\system32\drivers\Mpfp.sys
2009-12-19 13:01:47	0	d-----w-	c:\programfiler\fellesfiler\McAfee
2009-12-19 13:01:40	0	d-----w-	c:\programfiler\McAfee.com
2009-12-19 13:01:22	0	d-----w-	c:\programfiler\McAfee
2009-12-19 12:59:36	2190976	-c----w-	c:\windows\system32\dllcache\ntoskrnl.exe
2009-12-19 12:59:28	2147328	-c----w-	c:\windows\system32\dllcache\ntkrnlmp.exe
2009-12-19 12:59:25	2025984	-c----w-	c:\windows\system32\dllcache\ntkrpamp.exe
2009-12-19 12:57:23	455296	-c----w-	c:\windows\system32\dllcache\mrxsmb.sys
2009-12-19 12:55:01	34248	----a-w-	c:\windows\system32\drivers\mferkdk.sys
2009-12-19 12:54:34	272256	-c----w-	c:\windows\system32\dllcache\bthport.sys
2009-12-19 12:54:34	272256	------w-	c:\windows\system32\drivers\bthport.sys
2009-12-19 12:52:41	0	d-----w-	c:\windows\system32\PreInstall
2009-12-19 12:52:39	26144	----a-w-	c:\windows\system32\spupdsvc.exe
2009-12-19 12:52:37	0	d--h--w-	c:\windows\$hf_mig$
2009-12-19 12:50:32	13646	----a-w-	c:\windows\system32\wpa.bak
2009-12-19 12:49:06	0	d-sh--w-	c:\documents and settings\marius\UserData
2009-12-19 12:31:30	0	d-----w-	c:\windows\system32\SoftwareDistribution
2009-12-19 12:24:49	139264	----a-w-	c:\windows\system32\igfxres.dll
2009-12-19 12:22:03	0	d-----w-	c:\windows\Options
2009-12-19 12:20:53	60160	-c--a-w-	c:\windows\system32\dllcache\drmk.sys
2009-12-19 12:20:48	0	d-----w-	c:\programfiler\Analog Devices
2009-12-19 12:19:35	0	d-----w-	c:\windows\system32\ReinstallBackups
2009-12-19 12:19:32	199040	----a-w-	c:\windows\system32\drivers\SynTP.sys
2009-12-19 12:19:32	196608	----a-w-	c:\windows\system32\SynCtrl.dll
2009-12-19 12:19:32	163840	----a-w-	c:\windows\system32\SynCOM.dll
2009-12-19 12:19:32	143360	----a-w-	c:\windows\system32\SynTPAPI.dll
2009-12-19 12:19:32	110592	----a-w-	c:\windows\system32\SynTPCo4.dll
2009-12-19 12:19:31	0	d-----w-	c:\programfiler\Synaptics
2009-12-19 12:17:18	69632	----a-w-	c:\windows\system32\bcmwlD2K.EXE
2009-12-19 12:17:18	371712	------w-	c:\windows\system32\drivers\BCMWL5.SYS
2009-12-19 12:17:18	176128	----a-w-	c:\windows\system32\bcmwlu00.EXE
2009-12-19 12:17:15	0	d-----w-	C:\SWSetup
2009-12-19 12:17:15	0	d-----w-	c:\programfiler\fellesfiler\InstallShield
2009-12-19 11:38:26	0	d-----w-	c:\programfiler\fellesfiler\ODBC
2009-12-19 11:38:23	0	d-----w-	c:\programfiler\CCleaner
2009-12-19 11:38:22	0	d-----w-	c:\programfiler\fellesfiler\SpeechEngines
2009-12-19 11:37:48	0	d--h--w-	c:\documents and settings\all users\Maler
2009-12-19 11:37:48	0	d-----w-	c:\documents and settings\all users\Skrivebord
2009-12-19 11:37:48	0	d-----w-	c:\documents and settings\all users\Favoritter
2009-12-19 11:37:48	0	d-----r-	c:\documents and settings\all users\Start-meny
2009-12-19 11:37:48	0	d-----r-	c:\documents and settings\all users\Dokumenter
2009-12-19 11:37:26	0	d--h--r-	c:\documents and settings\all users\Programdata
2009-12-19 11:31:58	0	d-----w-	c:\programfiler\RegistryFix8
2009-12-19 11:24:00	0	d-----w-	c:\docume~1\marius\progra~1\SUPERAntiSpyware.com
2009-12-19 11:24:00	0	d-----w-	c:\docume~1\alluse~1\progra~1\SUPERAntiSpyware.com
2009-12-19 10:52:36	0	d-sh--w-	c:\documents and settings\all users\DRM
2009-12-19 10:52:12	0	d--h--w-	c:\programfiler\WindowsUpdate
2009-12-19 10:52:07	0	d-----w-	c:\programfiler\Elektroniske tjenester
2009-12-19 10:51:24	0	d-----w-	c:\programfiler\fellesfiler\Tjenester
2009-12-19 10:51:20	0	d-----w-	c:\programfiler\fellesfiler\MSSoap
2009-12-19 10:49:01	0	d-----w-	c:\programfiler\Messenger
2009-12-19 10:48:56	0	d-----w-	c:\programfiler\MSN Gaming Zone
2009-12-19 10:48:24	0	d-----w-	c:\programfiler\Windows NT

==================== Find3M  ====================

2009-12-19 15:25:26	76006	----a-w-	c:\windows\system32\perfc014.dat
2009-12-19 15:25:26	436214	----a-w-	c:\windows\system32\perfh014.dat
2009-12-19 10:50:11	21704	----a-w-	c:\windows\system32\emptyregdb.dat
2009-11-04 15:54:12	214664	----a-w-	c:\windows\system32\drivers\mfehidk.sys
2009-10-29 07:45:25	916480	----a-w-	c:\windows\system32\wininet.dll
2009-10-21 05:41:14	75776	----a-w-	c:\windows\system32\strmfilt.dll
2009-10-21 05:41:14	25088	----a-w-	c:\windows\system32\httpapi.dll
2009-10-13 10:38:24	270848	----a-w-	c:\windows\system32\oakley.dll
2009-10-12 13:40:23	79872	----a-w-	c:\windows\system32\raschap.dll
2009-10-12 13:40:23	149504	----a-w-	c:\windows\system32\rastls.dll
2009-09-30 14:03:34	4254224	----a-w-	c:\windows\system32\qtp-mt334.dll
2009-09-30 14:03:18	249872	----a-w-	c:\windows\system32\prgiso.dll

============= FINISH: 20:04:03,53 ===============