ComboFix 10-02-08.09 - Thomas 09.02.2010 19:13:53.9.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.2047.1594 [GMT 1:00] Kjører fra: c:\documents and settings\Thomas\Lokale innstillinger\Programdata\Opera\Opera\temporary_downloads\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !! . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Start-meny\Programmer\Monopoly Here & Now Edition c:\documents and settings\Thomas\Start-meny\Programmer\Oppstart\MagicDisc.lnk c:\windows\system32\SIntf16.dll c:\windows\system32\Thumbs.db . ((((((((((((((((((((((((((( Filer Opprettet Fra 2010-01-09 til 2010-02-09 ))))))))))))))))))))))))))))))))) . 2010-02-09 17:41 . 2010-02-09 17:41 5115824 ----a-w- c:\documents and settings\All Users\Programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-02-04 18:06 . 2010-02-04 18:23 -------- d-----w- c:\programfiler\Mass Effect 2 2010-01-15 20:45 . 2010-01-15 20:45 152576 ----a-w- c:\documents and settings\Thomas\Programdata\Sun\Java\jre1.6.0_17\lzma.dll 2010-01-15 20:45 . 2010-01-15 20:45 79488 ----a-w- c:\documents and settings\Thomas\Programdata\Sun\Java\jre1.6.0_17\gtapi.dll 2010-01-13 14:35 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-09 18:10 . 2007-05-12 12:36 -------- d-----w- c:\documents and settings\Thomas\Programdata\Azureus 2010-02-09 18:04 . 2009-12-10 21:44 -------- d-----w- c:\documents and settings\Thomas\Programdata\vlc 2010-02-09 17:42 . 2008-09-23 14:16 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware 2010-02-08 21:03 . 2009-08-04 22:58 -------- d-----w- c:\documents and settings\Thomas\Programdata\Spotify 2010-02-04 18:32 . 2008-06-18 10:14 -------- d-----w- c:\programfiler\Fellesfiler\BioWare 2010-01-30 19:16 . 2007-07-09 21:43 -------- d-----w- c:\programfiler\Fellesfiler\Wise Installation Wizard 2010-01-21 12:40 . 2009-11-09 17:10 -------- d-----w- c:\programfiler\Microsoft Silverlight 2010-01-15 22:29 . 2008-01-27 09:43 -------- d-----w- c:\programfiler\World of Warcraft 2010-01-15 20:47 . 2009-03-26 14:37 -------- d-----w- c:\programfiler\Java 2010-01-08 21:35 . 2010-01-08 21:35 -------- d-----w- c:\programfiler\The Creative Assembly 2010-01-08 21:35 . 2005-06-27 20:14 -------- d--h--w- c:\programfiler\InstallShield Installation Information 2010-01-07 15:07 . 2008-09-23 14:16 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07 . 2008-09-23 14:16 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-05 17:10 . 2010-01-05 17:10 -------- d-----w- c:\documents and settings\Thomas\Programdata\Uniblue 2010-01-05 10:00 . 2004-08-04 12:00 832512 ----a-w- c:\windows\system32\wininet.dll 2010-01-05 09:59 . 2004-08-04 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-01-05 09:59 . 2004-08-04 12:00 17408 ------w- c:\windows\system32\corpol.dll 2010-01-05 09:40 . 2009-07-09 15:00 -------- d-----w- c:\programfiler\DAEMON Tools Lite 2010-01-05 09:39 . 2007-05-14 15:53 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-01-05 09:39 . 2009-07-09 15:00 -------- d-----w- c:\documents and settings\All Users\Programdata\DAEMON Tools Lite 2009-12-24 20:40 . 2005-06-27 20:07 28528 ----a-w- c:\documents and settings\Thomas\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT 2009-12-24 19:18 . 2009-12-24 19:18 -------- d-----w- c:\programfiler\Microsoft IntelliType Pro 2009-12-24 13:41 . 2006-11-04 19:57 -------- d-----w- c:\programfiler\Ubisoft 2009-12-24 13:22 . 2009-09-25 21:03 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-12-24 13:22 . 2007-12-24 21:02 22328 ----a-w- c:\documents and settings\Thomas\Programdata\PnkBstrK.sys 2009-12-24 13:22 . 2007-12-24 21:02 22328 ----a-w- c:\documents and settings\Thomas\Programdata\PnkBstrK.sys 2009-12-24 13:22 . 2009-09-25 21:03 107832 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-12-24 13:21 . 2009-09-25 21:03 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-12-24 13:21 . 2009-09-25 21:03 2250024 ----a-w- c:\windows\system32\pbsvc.exe 2009-12-18 13:30 . 2007-05-12 12:35 -------- d-----w- c:\programfiler\Azureus 2009-12-16 13:42 . 2010-01-01 16:44 872960 ----a-w- c:\documents and settings\Thomas\Programdata\Mozilla\Firefox\Profiles\ooezh7a7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll 2009-12-16 13:42 . 2010-01-01 16:44 43008 ----a-w- c:\documents and settings\Thomas\Programdata\Mozilla\Firefox\Profiles\ooezh7a7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll 2009-12-16 13:42 . 2010-01-01 16:44 340480 ----a-w- c:\documents and settings\Thomas\Programdata\Mozilla\Firefox\Profiles\ooezh7a7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll 2009-12-16 13:41 . 2010-01-01 16:44 346624 ----a-w- c:\documents and settings\Thomas\Programdata\Mozilla\Firefox\Profiles\ooezh7a7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll 2009-12-12 21:33 . 2007-12-06 20:04 -------- d-----w- c:\programfiler\Paradox Interactive 2009-12-12 13:02 . 2009-10-31 13:27 69 ----a-w- c:\documents and settings\Thomas\jagex_runescape_preferences2.dat 2009-12-12 13:00 . 2008-07-16 17:10 39 ----a-w- c:\documents and settings\Thomas\jagex_runescape_preferences.dat 2009-12-10 13:47 . 2004-08-04 12:00 80980 ----a-w- c:\windows\system32\perfc014.dat 2009-12-10 13:47 . 2004-08-04 12:00 447018 ----a-w- c:\windows\system32\perfh014.dat 2009-11-21 16:03 . 2004-08-04 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LDM"="c:\programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-04-10 67128] "GAINWARD"="c:\programfiler\EXPERTool\TBPanel.exe" [2008-05-23 2170880] "PC Suite Tray"="c:\programfiler\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760] "DAEMON Tools Lite"="c:\programfiler\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-12 13672448] "RTHDCPL"="RTHDCPL.EXE" [2006-10-12 16267776] "SkyTel"="SkyTel.EXE" [2006-05-17 2879488] "AWWFSPU"="c:\programfiler\ASUS WiFi-AP Solo\AWWFSPU.exe" [2006-12-18 712781] "Gainward"="c:\windows\TBPanel.exe" [2008-03-10 2177576] "nwiz"="nwiz.exe" [2008-11-12 1630208] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 49152] "Launch LCDMon"="c:\programfiler\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2007-07-17 1687824] "Launch LGDCore"="c:\programfiler\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2007-07-17 2094352] "Start WingMan Profiler"="c:\programfiler\Logitech\Gaming Software\LWEMon.exe" [2007-09-25 93208] "QuickTime Task"="c:\programfiler\QuickTime\qttask.exe" [2008-09-19 413696] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-12 86016] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-12 2043160] "PWRISOVM.EXE"="c:\programfiler\PowerISO\PWRISOVM.EXE" [2009-03-15 180224] "Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696] "Adobe ARM"="c:\programfiler\Fellesfiler\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288] "Malwarebytes Anti-Malware (reboot)"="c:\programfiler\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000] "itype"="c:\programfiler\Microsoft IntelliType Pro\itype.exe" [2008-06-10 1442888] "SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2009-10-11 149280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NSSInstallation"="c:\windows\system32\Adobe\Shockwave 11\nssstub.exe" [2009-01-07 181624] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Thomas\Start-meny\Programmer\Oppstart\ Adobe Gamma.lnk - c:\programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\ InterVideo WinCinema Manager.lnk - c:\programfiler\InterVideo\Common\Bin\WinCinemaMgr.exe [2005-6-27 114688] Logitech Desktop Messenger.lnk - c:\programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-4-10 67128] Logitech SetPoint.lnk - c:\programfiler\Logitech\SetPoint\SetPoint.exe [2005-6-27 434176] [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] Source= c:\programfiler\Windows NT\kyzeveka.html FriendlyName= [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1] Source= c:\programfiler\Microsoft Works\howy.html FriendlyName= [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-22 10:05 356352 ----a-w- c:\programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-08-16 10:10 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0stera [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^Thomas^Start-meny^Programmer^Oppstart^Weather.lnk] path=c:\documents and settings\Thomas\Start-meny\Programmer\Oppstart\Weather.lnk backup=c:\windows\pss\Weather.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2005-05-04 18:43 69632 ------r- c:\windows\Alcmtr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gainward] 2008-03-10 10:46 2177576 ----a-w- c:\windows\TBPanel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2008-11-12 13:54 13672448 ----a-w- c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2008-11-12 13:54 1630208 ----a-w- c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2006-10-12 18:36 16267776 ------r- c:\windows\RTHDCPL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2009-12-01 18:25 1217808 ----a-w- c:\programfiler\Valve\Steam\Steam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Telenorhjelpen] 2008-02-07 15:35 189120 ----a-w- c:\programfiler\Telenor\Telenorhjelpen\Telenor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Ventrilo"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Programfiler\\Messenger\\msmsgs.exe"= "c:\\Programfiler\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Programfiler\\Azureus\\Azureus.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programfiler\\Valve\\Steam\\SteamApps\\sebbe1122\\counter-strike\\hl.exe"= "c:\\Programfiler\\Counter-Strike Source\\hl2.exe"= "c:\\Programfiler\\mIRC\\backups\\mirc.exe"= "c:\\Programfiler\\Opera\\opera.exe"= "c:\\Programfiler\\World of Warcraft\\BackgroundDownloader.exe"= "c:\\Programfiler\\Telenor\\Telenorhjelpen\\Telenor.exe"= "c:\\Programfiler\\Java\\jre6\\bin\\javaw.exe"= "c:\\Programfiler\\Valve\\Steam\\SteamApps\\common\\flatout demo\\FlatOutDemo.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgupd.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgnsx.exe"= "c:\\Programfiler\\World of Warcraft\\Launcher.exe"= "c:\\Programfiler\\Mozilla Firefox\\firefox.exe"= "c:\\Documents and Settings\\Thomas\\Mine dokumenter\\VLC\\vlc.exe"= "c:\\WINDOWS\\system32\\dplaysvr.exe"= "c:\\Programfiler\\Valve\\Steam\\SteamApps\\0wnerx\\condition zero\\hl.exe"= "c:\\Programfiler\\Spotify\\spotify.exe"= "c:\\Programfiler\\Ubisoft\\Techland\\Call of Juarez - Bound in Blood\\CoJBiBGame_x86.exe"= "c:\\Programfiler\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"= "c:\\Programfiler\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Programfiler\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"= "c:\\Programfiler\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe"= "c:\\Programfiler\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"= "c:\\Programfiler\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"= "c:\\Games\\Dragon Age\\bin_ship\\daorigins.exe"= "c:\\Games\\Dragon Age\\DAOriginsLauncher.exe"= "c:\\Games\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programfiler\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Programfiler\\Valve\\Steam\\SteamApps\\common\\empire total war\\Empire.exe"= "c:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"= "c:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"= "c:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"= "c:\\Programfiler\\Mass Effect 2\\Binaries\\MassEffect2.exe"= "c:\\Programfiler\\Mass Effect 2\\MassEffect2Launcher.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "32715:TCP"= 32715:TCP:t "4575:TCP"= 4575:TCP:Azureus "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [03.04.2009 11:58 335240] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [03.04.2009 11:58 108552] R1 SASDIFSV;SASDIFSV;c:\programfiler\SUPERAntiSpyware\sasdifsv.sys [22.12.2008 11:06 8944] R1 SASKUTIL;SASKUTIL;c:\programfiler\SUPERAntiSpyware\SASKUTIL.SYS [22.12.2008 11:05 55024] R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [19.04.2008 11:22 141312] R2 acedrv11;acedrv11;c:\windows\system32\drivers\ACEDRV11.sys [23.01.2008 09:19 501560] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [03.04.2009 11:57 297752] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [09.11.2009 18:09 54752] R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [08.04.2007 19:28 35840] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14.05.2007 16:53 691696] S3 AR2425;AzureWave AR5006 Wireless Network Adapter Service;c:\windows\system32\drivers\aw5006.sys [08.04.2007 19:29 556832] S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\games\Dragon Age\bin_ship\daupdatersvc.service.exe [07.11.2009 13:23 25832] S3 fsssvc;Windows Live Tryggere for familien-tjenesten;c:\programfiler\Windows Live\Family Safety\fsssvc.exe [05.08.2009 22:48 704864] S3 SASENUM;SASENUM;c:\programfiler\SUPERAntiSpyware\SASENUM.SYS [22.12.2008 11:06 7408] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [24.12.2009 20:00 11520] . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2010-02-09 c:\windows\Tasks\NSSstub.job - c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [2009-01-07 18:23] . . ------- Tilleggsskanning ------- . uDefault_Search_URL = about:blank uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uStart Page = hxxp://www.daemon-search.com/startpage IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll FF - ProfilePath - c:\documents and settings\Thomas\Programdata\Mozilla\Firefox\Profiles\ooezh7a7.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q= FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157 FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q= FF - prefs.js: browser.startup.homepage - hxxp://www.daemon-search.com/startpage|http://go.microsoft.com/fwlink/?LinkId=69157 FF - prefs.js: browser.search.selectedEngine - DAEMON Search FF - component: c:\documents and settings\Thomas\Programdata\Mozilla\Firefox\Profiles\ooezh7a7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - plugin: c:\programfiler\Microsoft\Office Live\npOLW.dll FF - plugin: c:\programfiler\Mozilla Firefox\plugins\NPAskSBr.dll FF - plugin: c:\programfiler\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); . - - - - TOMME PEKERE FJERNET - - - - AddRemove-8461-7759-5462-8226 - c:\programfiler\Azureus\uninstall.exe AddRemove-Azureus - c:\programfiler\Azureus\Uninstall.exe AddRemove-DAEMON Tools Toolbar - c:\programfiler\DAEMON Tools Toolbar\uninst.exe AddRemove-Ghost Recon Advanced Warfighter Patch_is1 - c:\programfiler\Ubisoft\Ghost Recon Advanced Warfighter\unins000.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-02-09 19:23 Windows 5.1.2600 Service Pack 3 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- LÅSTE REGISTERNØKLER --------------------- [HKEY_USERS\S-1-5-21-725345543-746137067-682003330-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:93,b6,99,50,ee,07,10,ad,b9,96,8d,cd,3e,be,e4,2c,26,b3,83,c5,a6,dd,d8, 06,cc,bc,ea,d4,50,c3,18,4a,3f,d9,aa,7d,7c,89,02,9b,0f,c3,29,04,b8,5e,d9,bf,\ "??"=hex:b5,5e,67,b3,49,08,72,ad,41,a9,3a,9c,e3,bb,58,83 [HKEY_USERS\S-1-5-21-725345543-746137067-682003330-1004\Software\SecuROM\License information*] "datasecu"=hex:a7,6f,a4,22,f3,f7,7d,89,dd,d9,33,20,44,1c,d0,fc,8f,d8,95,b5,5a, 9b,42,4b,33,fa,b8,6c,61,08,a3,65,ee,47,6b,61,7d,fd,bc,a9,4d,ec,22,65,3d,d0,\ "rkeysecu"=hex:75,9a,b0,8b,95,da,53,bf,e5,66,78,30,2f,f1,db,3f . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'winlogon.exe'(780) c:\programfiler\SUPERAntiSpyware\SASWINLO.dll . Tidspunkt ferdig: 2010-02-09 19:25:47 ComboFix-quarantined-files.txt 2010-02-09 18:25 ComboFix2.txt 2009-07-10 21:18 Pre-Run: 56 178 925 568 byte ledig Post-Run: 56 207 843 328 byte ledig - - End Of File - - F501A0B90EF3E5DA8D97F87D2C180EA2