ComboFix 10-04-01.02 - Kristina Ballerina 02.04.2010  22:45:17.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6000.0.1252.47.1044.18.958.248 [GMT 2:00]
Kjører fra: c:\users\Kristina Ballerina\Downloads\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! Antivirus *disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((((((   Andre slettinger   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-230697710-1467258485-371283084-500
c:\$recycle.bin\S-1-5-21-3304469301-3354294434-3408640196-500

.
(((((((((((((((((((((((((((   Filer Opprettet Fra 2010-03-02 til 2010-04-02  )))))))))))))))))))))))))))))))))
.

2010-04-02 21:02 . 2010-04-02 21:12	--------	d-----w-	c:\users\Kristina Ballerina\AppData\Local\temp
2010-04-02 21:02 . 2010-04-02 21:02	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-04-02 17:32 . 2010-04-02 17:32	--------	d-----w-	c:\users\Kristina Ballerina\AppData\Roaming\dvdcss
2010-04-02 17:31 . 2010-04-02 17:32	--------	d-----w-	c:\users\Kristina Ballerina\AppData\Roaming\Roxio
2010-04-01 09:15 . 2010-04-01 09:15	--------	d-----w-	c:\users\Kristina Ballerina\AppData\Local\Cisco
2010-04-01 09:13 . 2010-04-01 09:13	--------	d-----w-	c:\program files\Cisco
2010-04-01 09:13 . 2010-04-01 09:13	--------	d-----w-	c:\programdata\Cisco
2010-03-28 14:23 . 2010-02-12 10:49	293376	----a-w-	c:\windows\system32\browserchoice.exe
2010-03-13 07:22 . 2010-02-20 23:54	24064	----a-w-	c:\windows\system32\nshhttp.dll
2010-03-13 07:22 . 2010-02-20 21:30	396800	----a-w-	c:\windows\system32\drivers\http.sys
2010-03-13 07:22 . 2010-02-20 23:51	31232	----a-w-	c:\windows\system32\httpapi.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-02 20:20 . 2006-11-21 05:16	476858	----a-w-	c:\windows\system32\perfh014.dat
2010-04-02 20:20 . 2006-11-21 05:16	79408	----a-w-	c:\windows\system32\perfc014.dat
2010-04-02 20:11 . 2009-12-25 18:18	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-04-02 19:57 . 2009-12-25 22:05	--------	d-----w-	c:\users\Kristina Ballerina\AppData\Roaming\vlc
2010-04-02 19:56 . 2009-12-25 17:38	--------	d-----w-	c:\users\Kristina Ballerina\AppData\Roaming\uTorrent
2010-04-02 19:21 . 2009-12-25 17:42	--------	d-----w-	c:\users\Kristina Ballerina\AppData\Roaming\Spotify
2010-04-02 18:09 . 2009-12-26 11:55	7484	----a-w-	c:\users\Kristina Ballerina\AppData\Local\d3d9caps.dat
2010-04-01 08:57 . 2009-12-25 16:46	36916	----a-w-	c:\users\Kristina Ballerina\AppData\Roaming\nvModes.dat
2010-03-29 13:24 . 2009-12-25 18:18	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-29 13:24 . 2009-12-25 18:18	20824	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-03-13 07:31 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail
2010-03-13 07:30 . 2010-02-14 12:56	--------	d-----w-	c:\programdata\Microsoft Help
2010-03-09 16:54 . 2010-03-31 16:01	832512	----a-w-	c:\windows\system32\wininet.dll
2010-03-09 16:50 . 2010-03-31 16:01	56320	----a-w-	c:\windows\system32\iesetup.dll
2010-03-09 16:50 . 2010-03-31 16:01	78336	----a-w-	c:\windows\system32\ieencode.dll
2010-03-09 16:50 . 2010-03-31 16:01	52736	----a-w-	c:\windows\AppPatch\iebrshim.dll
2010-03-09 16:48 . 2010-03-31 16:01	72704	----a-w-	c:\windows\system32\admparse.dll
2010-03-09 14:17 . 2010-03-31 16:01	26624	----a-w-	c:\windows\system32\ieUnatt.exe
2010-03-09 12:43 . 2010-03-31 16:01	48128	----a-w-	c:\windows\system32\mshtmler.dll
2010-03-09 11:24 . 2009-12-25 17:03	153184	----a-w-	c:\windows\system32\aswBoot.exe
2010-03-09 11:12 . 2009-12-25 17:03	46672	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2010-03-09 11:12 . 2009-12-25 17:03	162640	----a-w-	c:\windows\system32\drivers\aswSP.sys
2010-03-09 11:09 . 2009-12-25 17:03	23376	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2010-03-09 11:08 . 2009-12-25 17:03	51792	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2010-03-09 11:08 . 2009-12-25 17:03	19024	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2010-02-25 16:41 . 2009-12-25 15:47	104608	----a-w-	c:\users\Kristina Ballerina\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 17:35 . 2009-12-25 17:39	--------	d-----w-	c:\program files\uTorrent
2010-02-24 09:16 . 2009-12-25 20:01	181632	------w-	c:\windows\system32\MpSigStub.exe
2010-02-18 06:09 . 2009-12-25 13:32	--------	d-----w-	c:\program files\Microsoft Works
2010-02-17 20:06 . 2009-12-25 17:39	--------	d-----w-	c:\program files\Ask.com
2010-02-16 20:40 . 2010-02-16 20:40	--------	d-----w-	c:\users\Kristina Ballerina\AppData\Roaming\Uniblue
2010-02-16 20:40 . 2010-02-16 20:40	--------	d-----w-	c:\program files\Uniblue
2010-02-14 13:18 . 2006-11-02 12:37	--------	d-----w-	c:\program files\MSBuild
2010-02-14 13:12 . 2010-02-14 13:12	--------	d-----w-	c:\program files\Microsoft.NET
2010-02-14 13:02 . 2010-02-14 13:02	--------	d-----w-	c:\program files\Microsoft Visual Studio 8
2010-02-11 18:53 . 2009-12-25 17:03	38848	----a-w-	c:\windows\system32\avastSS.scr
2010-02-10 18:40 . 2009-12-25 17:03	--------	d-----w-	c:\program files\Alwil Software
2010-02-09 16:21 . 2010-02-09 16:21	--------	d-----w-	c:\programdata\Alwil Software
2010-01-25 12:58 . 2010-02-24 17:52	473088	----a-w-	c:\windows\system32\secproc_isv.dll
2010-01-25 12:58 . 2010-02-24 17:52	154624	----a-w-	c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:58 . 2010-02-24 17:52	154112	----a-w-	c:\windows\system32\secproc_ssp.dll
2010-01-25 12:58 . 2010-02-24 17:52	472576	----a-w-	c:\windows\system32\secproc.dll
2010-01-25 12:56 . 2010-02-24 17:52	312320	----a-w-	c:\windows\system32\msdrm.dll
2010-01-25 08:36 . 2010-02-24 17:52	435712	----a-w-	c:\windows\system32\RMActivate_ssp.exe
2010-01-25 08:36 . 2010-02-24 17:52	515584	----a-w-	c:\windows\system32\RMActivate.exe
2010-01-25 08:36 . 2010-02-24 17:52	431104	----a-w-	c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:35 . 2010-02-24 17:52	523776	----a-w-	c:\windows\system32\RMActivate_isv.exe
2010-01-23 08:05 . 2010-02-24 17:54	2048	----a-w-	c:\windows\system32\tzres.dll
2010-01-15 20:28 . 2010-01-04 16:53	520340	----a-w-	c:\programdata\Voddler\Uninstall.exe
2010-01-13 13:30 . 2010-01-13 13:30	11591888	----a-w-	c:\programdata\Voddler\VoddlerPlayer.exe
2010-01-10 21:02 . 2010-01-10 19:40	256	----a-w-	c:\windows\system32\pool.bin
.

((((((((((((((((((((((((((((((((   Oppstartspunkter I Registeret   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke  
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVGLS\Toolbar\IEToolbar.dll" [2009-11-25 1234176]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 12:02	1234176	----a-w-	c:\program files\AVG\AVGLS\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 15:50	1197448	----a-w-	c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVGLS\Toolbar\IEToolbar.dll" [2009-11-25 1234176]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVGLS\Toolbar\IEToolbar.dll" [2009-11-25 1234176]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Kristina Ballerina\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-12-25 135664]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2009-12-26 1006264]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-02-26 90191]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-02-26 7770112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-02-26 81920]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-10-09 729088]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-03-28 176128]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-11-06 159744]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-28 149280]
"CognizanceTS"="c:\progra~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll" [2003-12-22 17920]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"AVG8_TRAY"="c:\progra~1\AVG\AVGLS\avgtray.exe" [2009-12-25 1950488]
"VoddlerNet Manager"="c:\program files\Voddler\service\VNetManager.exe" [2010-01-13 573640]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-11-19 623960]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2009-07-08 236016]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-07 44128]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
Hurtigstart for Adobe Reader.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S1 aswSP;aswSP; [x]
S1 AvgLdx86;AVG LinkScanner® AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-12-25 253576]
S1 AvgTdiX;AVG LinkScanner® Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-12-25 108296]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2006-11-02 22016]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2006-11-02 22016]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-03-09 51792]
S2 avg8wd;AVG LinkScanner® WatchDog;c:\progra~1\AVG\AVGLS\avgwdsvc.exe [2009-12-25 298776]
S2 VoddlerNet;VoddlerNet;c:\program files\Voddler\service\voddler.exe [2010-01-13 1236688]
S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-10-09 493248]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2009-06-17 12648]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance	REG_MULTI_SZ   	ASBroker ASChannel
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

2010-04-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-230697710-1467258485-371283084-1000Core.job
- c:\users\Kristina Ballerina\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-25 16:34]

2010-04-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-230697710-1467258485-371283084-1000UA.job
- c:\users\Kristina Ballerina\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-25 16:34]
.
.
------- Tilleggsskanning -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NB_NO&c=73&bd=Pavilion&pf=laptop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NB_NO&c=73&bd=Pavilion&pf=laptop
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: vpn-student.bi.no
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://vpn-student.bi.no/CACHE/stc/5/binaries/vpnweb.cab
FF - ProfilePath - c:\users\Kristina Ballerina\AppData\Roaming\Mozilla\Firefox\Profiles\itd9y8ov.default\
FF - plugin: c:\program files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: c:\users\Kristina Ballerina\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",   1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight",       2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize",       1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",   25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",     5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-02 23:11
Windows 6.0.6000  NTFS

skanner skjulte prosesser ...  

skanner skjulte autostart-oppføringer ... 

skanner skjulte filer ...  

skanning vellykket
skjulte filer: 0

**************************************************************************
.
--------------------- LÅSTE REGISTERNØKLER ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

- - - - - - - > 'Explorer.exe'(1576)
c:\windows\system32\APSHook.dll
c:\program files\Bioscrypt\VeriSoft\Bin\ItClient.dll
.
------------------------ Andre Kjørende Prosesser ------------------------
.
c:\windows\SYSTEM32\WISPTIS.EXE
c:\program files\Common Files\microsoft shared\ink\TabTip.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
c:\windows\SYSTEM32\WISPTIS.EXE
c:\program files\Common Files\microsoft shared\ink\TabTip.exe
c:\program files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
c:\progra~1\AVG\AVGLS\avgnsx.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
c:\program files\Secunia\PSI\psi.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\WerCon.exe
c:\windows\system32\lpremove.exe
c:\windows\system32\lpksetup.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Tidspunkt ferdig: 2010-04-02  23:23:02 - maskinen ble startet på nytt
ComboFix-quarantined-files.txt  2010-04-02 21:22

Pre-Run: 56 445 362 176 byte ledig
Post-Run: 56 690 282 496 byte ledig

Current=1 Default=1 Failed=0 LastKnownGood=11 Sets=1,2,3,4,5,6,7,8,9,11
- - End Of File - - A59DB7CC983856B725AC8830AAC629D2