ComboFix 11-03-27.02 - Jan-Roald 28.03.2011  18:25:36.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.47.1033.18.4095.1963 [GMT 2:00]
Kjører fra: c:\users\Jan-Roald\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Andre slettinger   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Internet Explorer\iesettings.ceb
c:\program files (x86)\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
c:\programdata\Tarma Installer
c:\programdata\Tarma Installer\{7CD4632C-0D36-4618-B7A3-6ADD836499DF}\_Setup.dll
c:\programdata\Tarma Installer\{7CD4632C-0D36-4618-B7A3-6ADD836499DF}\Setup.dat
c:\programdata\Tarma Installer\{7CD4632C-0D36-4618-B7A3-6ADD836499DF}\Setup.exe
c:\programdata\Tarma Installer\{7CD4632C-0D36-4618-B7A3-6ADD836499DF}\Setup.ico
c:\users\Jan-Roald\AppData\Roaming\inst.exe
c:\users\Jan-Roald\AppData\Roaming\Local
c:\users\Jan-Roald\AppData\Roaming\Local\Temp\DDM\Settings\.ddr
c:\users\Jan-Roald\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\Jan-Roald\AppData\Roaming\Local\Temp\DDM\Settings\1.ddi
c:\users\Jan-Roald\AppData\Roaming\Local\Temp\DDM\Settings\1294913781d5709c04cee4a84ec6d7fb789b8e17.m4v.ddr
c:\users\Jan-Roald\AppData\Roaming\Local\Temp\DDM\Settings\2.ddi
c:\users\Jan-Roald\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Jan-Roald\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\.ddp
c:\users\Jan-Roald\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\1294913781d5709c04cee4a84ec6d7fb789b8e17.m4v
c:\users\Jan-Roald\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\voice_in_the_flesh_by_eternal_turns_magic-d32tup4.divx
c:\users\Jan-Roald\AppData\Roaming\Local\Temp\DDM\Settings\voice_in_the_flesh_by_eternal_turns_magic-d32tup4.divx.ddr
c:\users\Jan-Roald\AppData\Roaming\Mozilla\Firefox\Profiles\g2ttuswo.default\searchplugins\SearchquWebSearch.xml
.
.
(((((((((((((((((((((((((((   Filer Opprettet Fra 2011-02-28 til 2011-03-28  )))))))))))))))))))))))))))))))))
.
.
2011-03-28 16:44 . 2011-03-28 16:44	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-03-27 13:15 . 2011-03-27 13:15	14336	----a-r-	c:\users\Jan-Roald\AppData\Roaming\Microsoft\Installer\{9F185C48-595B-401A-A1D6-AAB324890DC4}\IconCBE855212.exe
2011-03-27 13:15 . 2011-03-27 13:15	--------	d-----w-	c:\program files (x86)\Common Files\Gibinsoft Shared
2011-03-27 13:15 . 2011-03-27 13:15	--------	d-----w-	c:\program files (x86)\GiPo@Utilities
2011-03-26 18:22 . 2011-03-26 18:22	--------	d-----w-	c:\users\Jan-Roald\AppData\Local\Korbin_Bickel
2011-03-26 15:36 . 2011-03-26 15:36	--------	d-----w-	c:\program files (x86)\Theme Manager
2011-03-24 11:58 . 2011-03-24 11:58	--------	d-----w-	c:\users\Jan-Roald\AppData\Roaming\Uniblue
2011-03-24 11:58 . 2011-03-24 11:58	--------	d-----w-	c:\program files (x86)\Uniblue
2011-03-21 22:05 . 2011-03-18 17:53	142296	----a-w-	c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-03-21 22:05 . 2011-03-18 17:53	781272	----a-w-	c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-03-21 22:05 . 2011-03-18 17:53	1874904	----a-w-	c:\program files (x86)\Mozilla Firefox\mozjs.dll
2011-03-21 22:05 . 2011-03-18 17:53	15832	----a-w-	c:\program files (x86)\Mozilla Firefox\mozalloc.dll
2011-03-21 22:05 . 2011-03-18 17:53	728024	----a-w-	c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
2011-03-21 22:05 . 2011-03-18 17:53	142296	----a-w-	c:\program files (x86)\Mozilla Firefox\libEGL.dll
2011-03-21 22:05 . 2011-03-18 17:53	1893336	----a-w-	c:\program files (x86)\Mozilla Firefox\d3dx9_42.dll
2011-03-21 22:05 . 2011-03-18 17:53	1975768	----a-w-	c:\program files (x86)\Mozilla Firefox\D3DCompiler_42.dll
2011-03-20 19:35 . 2011-03-20 19:35	--------	d-----w-	c:\users\Administrator
2011-03-20 18:37 . 2011-03-26 15:01	--------	d-----w-	c:\users\Jan-Roald\AppData\Local\MediaMonkey
2011-03-20 18:37 . 2011-03-20 18:37	--------	d-----w-	c:\program files (x86)\MediaMonkey
2011-03-14 16:14 . 2011-03-14 16:14	--------	d-----w-	c:\users\Jan-Roald\AppData\Roaming\Malwarebytes
2011-03-14 16:14 . 2011-03-14 16:14	--------	d-----w-	c:\programdata\Malwarebytes
2011-03-14 16:14 . 2010-12-20 17:09	38224	----a-w-	c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-14 16:14 . 2011-03-14 16:14	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2011-03-14 16:14 . 2010-12-20 17:08	24152	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-03-14 15:17 . 2011-03-14 15:17	94208	--sha-r-	c:\windows\SysWow64\qintlgnta.dll
2011-03-14 05:09 . 2011-03-14 05:09	--------	d-----w-	c:\programdata\Telenor Norway
2011-03-14 05:09 . 2011-03-14 05:09	--------	d-----w-	c:\program files (x86)\Telenor Norway
2011-03-12 17:58 . 2011-02-11 07:30	7947600	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{45783C51-36D7-4557-BE78-BD75795F26F4}\mpengine.dll
2011-03-12 14:05 . 2011-03-12 14:05	--------	d-----w-	c:\program files (x86)\Common Files\Java
2011-03-12 14:04 . 2011-03-12 14:04	--------	d-----w-	c:\programdata\McAfee
2011-03-10 22:08 . 2011-02-23 14:57	505176	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2011-03-10 17:56 . 2011-02-19 12:05	1139200	----a-w-	c:\windows\system32\FntCache.dll
2011-03-10 17:56 . 2011-02-19 12:04	1544192	----a-w-	c:\windows\system32\DWrite.dll
2011-03-10 17:56 . 2011-02-19 12:04	902656	----a-w-	c:\windows\system32\d2d1.dll
2011-03-10 17:56 . 2011-02-19 06:30	1076736	----a-w-	c:\windows\SysWow64\DWrite.dll
2011-03-10 17:56 . 2011-02-19 06:30	739840	----a-w-	c:\windows\SysWow64\d2d1.dll
2011-03-09 03:58 . 2010-12-23 10:42	961024	----a-w-	c:\windows\system32\CPFilters.dll
2011-03-09 03:58 . 2010-12-23 10:42	723968	----a-w-	c:\windows\system32\EncDec.dll
2011-03-09 03:58 . 2010-12-23 05:54	642048	----a-w-	c:\windows\SysWow64\CPFilters.dll
2011-03-09 03:58 . 2010-12-23 05:54	534528	----a-w-	c:\windows\SysWow64\EncDec.dll
2011-03-09 03:58 . 2010-12-23 10:42	1118720	----a-w-	c:\windows\system32\sbe.dll
2011-03-09 03:58 . 2010-12-23 10:36	259072	----a-w-	c:\windows\system32\mpg2splt.ax
2011-03-09 03:58 . 2010-12-23 05:54	850944	----a-w-	c:\windows\SysWow64\sbe.dll
2011-03-09 03:58 . 2010-12-23 05:50	199680	----a-w-	c:\windows\SysWow64\mpg2splt.ax
2011-03-06 17:50 . 2010-11-20 05:32	4608	----a-w-	c:\windows\system32\drivers\zh-CN\rdvgkmd.sys.mui
2011-03-06 17:50 . 2010-11-20 05:24	2560	----a-w-	c:\windows\system32\drivers\zh-CN\rdpwd.sys.mui
2011-03-06 17:50 . 2010-11-20 04:13	6144	----a-w-	c:\windows\system32\drivers\en-US\rdvgkmd.sys.mui
2011-03-06 17:50 . 2010-11-20 04:01	2560	----a-w-	c:\windows\system32\drivers\en-US\rdpwd.sys.mui
2011-03-06 17:50 . 2010-11-20 05:24	3584	----a-w-	c:\windows\system32\drivers\zh-CN\sermouse.sys.mui
2011-03-06 17:50 . 2010-11-20 05:28	24064	----a-w-	c:\windows\system32\drivers\zh-CN\ndis.sys.mui
2011-03-06 17:50 . 2010-11-20 05:30	3072	----a-w-	c:\windows\system32\drivers\zh-CN\tsusbflt.sys.mui
2011-03-06 17:50 . 2010-11-20 05:21	3072	----a-w-	c:\windows\system32\drivers\zh-CN\tsusbhub.sys.mui
2011-03-06 17:50 . 2010-11-20 04:11	4096	----a-w-	c:\windows\system32\drivers\en-US\tsusbhub.sys.mui
2011-03-06 17:50 . 2010-11-20 03:57	3072	----a-w-	c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2011-03-06 17:50 . 2010-11-20 04:11	6144	----a-w-	c:\windows\system32\drivers\en-US\IPMIDrv.sys.mui
2011-03-06 17:50 . 2010-11-20 04:10	4608	----a-w-	c:\windows\system32\drivers\en-US\kbdclass.sys.mui
2011-03-06 17:49 . 2010-11-20 05:28	4608	----a-w-	c:\windows\system32\drivers\zh-TW\rdvgkmd.sys.mui
2011-03-06 17:49 . 2010-11-20 05:28	2560	----a-w-	c:\windows\system32\drivers\ko-KR\rdpwd.sys.mui
2011-03-06 17:49 . 2010-11-20 05:28	5120	----a-w-	c:\windows\system32\drivers\ko-KR\rdvgkmd.sys.mui
2011-03-06 17:49 . 2010-11-20 05:24	2560	----a-w-	c:\windows\system32\drivers\zh-TW\rdpwd.sys.mui
2011-03-06 17:49 . 2010-11-20 04:10	5120	----a-w-	c:\windows\system32\drivers\ja-JP\rdvgkmd.sys.mui
2011-03-06 17:49 . 2010-11-20 04:05	2560	----a-w-	c:\windows\system32\drivers\ja-JP\rdpwd.sys.mui
2011-03-06 17:48 . 2010-11-20 05:30	3072	----a-w-	c:\windows\system32\drivers\zh-TW\tsusbflt.sys.mui
2011-03-06 17:48 . 2010-11-20 05:29	3072	----a-w-	c:\windows\system32\drivers\zh-TW\tsusbhub.sys.mui
2011-03-06 17:48 . 2010-11-20 05:25	3584	----a-w-	c:\windows\system32\drivers\ko-KR\tsusbhub.sys.mui
2011-03-06 17:48 . 2010-11-20 05:23	3072	----a-w-	c:\windows\system32\drivers\ko-KR\tsusbflt.sys.mui
2011-03-06 17:48 . 2010-11-20 04:06	3072	----a-w-	c:\windows\system32\drivers\ja-JP\tsusbflt.sys.mui
2011-03-06 17:48 . 2010-11-20 03:59	3584	----a-w-	c:\windows\system32\drivers\ja-JP\tsusbhub.sys.mui
2011-03-06 17:48 . 2010-11-20 05:29	23552	----a-w-	c:\windows\system32\drivers\zh-TW\usbport.sys.mui
2011-03-06 17:48 . 2010-11-20 04:27	287744	----a-w-	c:\windows\system32\lzhfldr2.dll
2011-03-06 17:48 . 2010-11-20 03:20	266240	----a-w-	c:\windows\SysWow64\lzhfldr2.dll
2011-03-06 17:43 . 2010-11-20 04:39	2560	----a-w-	c:\windows\system32\drivers\nb-NO\rdpwd.sys.mui
2011-03-06 17:43 . 2010-11-20 04:35	6144	----a-w-	c:\windows\system32\drivers\nb-NO\rdvgkmd.sys.mui
2011-03-06 17:43 . 2010-11-20 04:29	14848	----a-w-	c:\windows\system32\drivers\nb-NO\nwifi.sys.mui
2011-03-06 17:43 . 2010-11-20 04:29	3584	----a-w-	c:\windows\system32\drivers\nb-NO\tsusbflt.sys.mui
2011-03-06 17:43 . 2010-11-20 04:27	4096	----a-w-	c:\windows\system32\drivers\nb-NO\tsusbhub.sys.mui
2011-03-06 17:38 . 2010-11-20 04:27	758784	----a-w-	c:\windows\system32\samsrv.dll
2011-03-06 17:37 . 2011-03-06 17:37	--------	d-----w-	c:\windows\system32\EventProviders
2011-03-03 14:22 . 2011-01-07 12:17	475648	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2011-03-03 14:22 . 2011-01-07 12:17	1465344	----a-w-	c:\windows\system32\XpsPrint.dll
2011-03-03 14:22 . 2011-01-07 07:46	870912	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2011-03-03 14:22 . 2011-01-07 07:46	288256	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2011-03-03 14:22 . 2011-01-17 11:09	197120	----a-w-	c:\windows\system32\d3d10_1.dll
2011-03-03 14:22 . 2011-01-17 05:47	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2011-03-03 14:22 . 2010-11-20 13:26	321024	----a-w-	c:\windows\system32\d3d10_1core.dll
2011-03-03 14:22 . 2010-11-20 12:18	219136	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-09 21:38 . 2011-02-21 21:17	316928	----a-w-	c:\windows\SysWow64\SilverEfexPro2FC32.dll
2011-03-06 18:12 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2011-03-06 18:12 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2011-02-23 15:04 . 2010-12-11 21:38	40648	----a-w-	c:\windows\avastSS.scr
2011-02-23 15:04 . 2010-12-11 21:38	190016	----a-w-	c:\windows\SysWow64\aswBoot.exe
2011-02-23 15:04 . 2011-01-15 10:07	238968	----a-w-	c:\windows\system32\aswBoot.exe
2011-02-23 14:57 . 2010-12-11 21:39	280408	----a-w-	c:\windows\system32\drivers\aswSP.sys
2011-02-23 14:55 . 2010-12-11 21:39	53592	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2011-02-23 14:55 . 2010-12-11 21:39	31064	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2011-02-23 14:55 . 2010-12-11 21:38	64344	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2011-02-23 14:54 . 2010-12-11 21:39	22360	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2011-02-21 21:17 . 2011-02-21 21:17	344064	----a-w-	c:\windows\system32\SilverEfexPro2FC64.dll
2011-02-21 21:17 . 2011-02-21 21:17	66560	----a-w-	c:\windows\SysWow64\nlssrv32.exe
2011-02-02 20:40 . 2010-04-15 21:19	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-02-02 16:11 . 2010-02-28 02:23	270720	------w-	c:\windows\system32\MpSigStub.exe
2011-01-07 12:14 . 2011-02-11 17:02	46080	----a-w-	c:\windows\system32\atmlib.dll
2011-01-07 09:51 . 2011-02-11 17:02	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2011-01-07 09:20 . 2011-02-11 17:02	366592	----a-w-	c:\windows\system32\atmfd.dll
2011-01-07 07:45 . 2011-02-11 17:02	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2011-01-07 06:01 . 2011-02-11 17:02	1638912	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-01-07 05:43 . 2011-02-11 17:02	294400	----a-w-	c:\windows\SysWow64\atmfd.dll
2011-01-05 10:34 . 2011-02-11 17:02	612864	----a-w-	c:\windows\system32\vbscript.dll
2011-01-05 06:56 . 2011-02-11 17:02	3129344	----a-w-	c:\windows\system32\win32k.sys
2011-01-05 05:55 . 2011-02-11 17:02	428032	----a-w-	c:\windows\SysWow64\vbscript.dll
.
.
((((((((((((((((((((((((((((((((   Oppstartspunkter I Registeret   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19	94208	----a-w-	c:\users\Jan-Roald\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19	94208	----a-w-	c:\users\Jan-Roald\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19	94208	----a-w-	c:\users\Jan-Roald\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-12-10 3872080]
"IncrediMail"="c:\program files (x86)\IncrediMail\bin\IncMail.exe" [2011-03-18 353736]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-01-26 15026056]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Telenorhjelpen"="c:\program files (x86)\Telenor Norway\Telenorhjelpen\Telenorhjelpen.exe" [2010-12-17 88440]
.
c:\users\Jan-Roald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Jan-Roald\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ColorVisionStartup.lnk - c:\program files (x86)\ColorVision\Utility\ColorVisionStartup.exe [2007-2-13 385024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 FLASHSYS;FLASHSYS;c:\program files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys [2008-02-15 15192]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [x]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [x]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [x]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [x]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [x]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [x]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [x]
R3 Spyder2;ColorVision Spyder2;c:\windows\system32\DRIVERS\Spyder2.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-10-26 155344]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 ESUSClient_TNO;Telenor Norway Software Update Service;c:\program files (x86)\Telenor Norway\ESUS_TNO\ESUS_TNO.exe [2010-12-17 358808]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe [2011-02-21 66560]
S2 TelenorhjelpenSvc;Telenorhjelpen Service;c:\program files (x86)\Telenor Norway\Telenorhjelpen\Service.exe [2011-02-15 463240]
S2 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe [2009-07-13 24168]
S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys [x]
S3 cxbu0x64;OMNIKEY 3x21;c:\windows\system32\DRIVERS\cxbu0x64.sys [x]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
.
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
.
2011-03-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4074526274-2474639622-3658340765-1001Core.job
- c:\users\Jan-Roald\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-04 22:28]
.
2011-03-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4074526274-2474639622-3658340765-1001UA.job
- c:\users\Jan-Roald\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-04 22:28]
.
2011-03-27 c:\windows\Tasks\SpeedUpMyPC.job
- c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2011-03-24 14:40]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04	134384	----a-w-	c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19	97792	----a-w-	c:\users\Jan-Roald\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19	97792	----a-w-	c:\users\Jan-Roald\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19	97792	----a-w-	c:\users\Jan-Roald\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-03-30 7574048]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-03-30 1833504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\acaptuser64.dll
.
------- Tilleggsskanning -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://10.0.0.138/?be=0&l0=-1&l1=-1
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download with Mipony - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
IE: E&ksporter til Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: newsleecher.com\www
FF - ProfilePath - c:\users\Jan-Roald\AppData\Roaming\Mozilla\Firefox\Profiles\g2ttuswo.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://el-toro.ath.cx/csv2/bin/browse|http://www.flickr.com/photos/contacts/|http://www.flickr.com/photos/48488148@N04/|http://www.flickr.com/photos/black_wizard/5050876262/sizes/l/in/photostream/|http://www.flickr.com/photos/manganite/page1/|http://www.flickr.com/photos/carmen_moreno/with/5467553551/|http://www.flickr.com/photos/jentootshoots/5470208863/in/photostream/|http://jan-roald.smugmug.com/|http://fetish.pornbb.org/latex-rubber-images-f26.html|http://fetish.pornbb.org/miss-mosh-masuimi-max-ancilla-tilia-new-exclusive-t1127707-105.html|http://fetish.pornbb.org/more-latex-fetish-bondage-pics-t1108694-255.html|http://my.ebay.com/ws/eBayISAPI.dll?MyEbayBeta&MyEbay=&gbh=1&guest=1|http://stores.ebay.com/12th-FaShioN-StoRe/_i.html?rt=nc&LH_Auction=1&_dmd=2&_sid=588135435&_trksid=p4634.c0.m309&_vc=1|http://translate.google.com/#auto|no|PENTAX%206X7%20%2B%20CDS%20PRISMA%0A%0AVOLL%20FUNKTIONSF%C3%84HIG%20!%0AAlle%20technischen%20und%20optischen%20Funktionen%20in%20Ordnung.%0A%0AZustand%20wie%20abgebildet%20mit%20Gebrauchsspuren.|http://www.pornbb.org/xxx-video-mega-threads-f2.html|http://www.pornbb.org/viewtopic.php?t=4353817&start=315|http://www.pornbb.org/viewtopic.php?t=2675447&start=1440|http://www.pornbb.org/viewtopic.php?t=3640867&start=1425|http://www.pornbb.org/very-deep-fisting-hardcore-dildo-t3904411-495.html?sid=83357359714a18cc651a0f1497d521a8|http://www.intimates21.com/|http://foto.no/cgi-bin/bruktmarked/visAnnonser.cgi?x=1&offset=60&limit=30|http://www.intimates21.com/sexy-vampire-costume-dress-w-gloves-p-1462.html|http://www.intimates21.com/specials.html?page=1&display=3|http://cgi.ebay.com.au/ws/eBayISAPI.dll?ViewItem&item=270709770298&ssPageName=ADME:B:FSEL:AU:1123
FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar&a=6R7MIPNQGH&search=
.
- - - - TOMME PEKERE FJERNET - - - -
.
URLSearchHooks-{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - (no file)
WebBrowser-{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - (no file)
AddRemove-WinNc 5 - c:\progra~3\TARMAI~1\{7CD46~1\Setup.exe
.
.
.
--------------------- LÅSTE REGISTERNØKLER ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tidspunkt ferdig: 2011-03-28  18:51:36
ComboFix-quarantined-files.txt  2011-03-28 16:51
.
Pre-Run: 38 361 833 472 bytes free
Post-Run: 37 819 060 224 bytes free
.
- - End Of File - - 3D6CBE5E429A96C8CDE7E9F4792BE39E