ComboFix 11-05-07.02 - Glenn 08.05.2011 12:12:38.2.4 - x64 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.47.1033.18.8172.6512 [GMT 2:00] Kjører fra: c:\users\Glenn\Downloads\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\CFLog c:\program files (x86)\Steam\steam.exe . . ((((((((((((((((((((((((((( Filer Opprettet Fra 2011-04-08 til 2011-05-08 ))))))))))))))))))))))))))))))))) . . 2011-05-08 10:16 . 2011-05-08 10:16 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-05-08 04:00 . 2011-04-18 16:15 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{32392F1F-412B-4941-B07A-50C8CF7C5DFD}\mpengine.dll 2011-05-08 04:00 . 2011-02-02 16:11 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-05-08 00:37 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-05-08 00:37 . 2011-05-08 00:37 -------- d-----w- c:\programdata\Malwarebytes 2011-05-08 00:37 . 2011-05-08 00:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-05-08 00:37 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-08 00:36 . 2011-05-08 00:36 -------- d-----w- c:\program files\CCleaner 2011-05-07 21:43 . 2011-05-07 22:09 -------- d-----w- c:\programdata\Blizzard Entertainment 2011-05-07 20:57 . 2011-05-07 21:18 -------- d-----w- c:\users\Public\Games 2011-05-07 20:56 . 2011-05-07 20:56 -------- d-----w- c:\programdata\Blizzard 2011-05-07 19:56 . 2011-05-07 21:19 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment 2011-05-07 17:03 . 2010-03-04 15:27 411480 ----a-w- c:\windows\SysWow64\tsccvid.dll 2011-05-07 17:03 . 2011-05-07 17:03 -------- d-----w- c:\windows\SysWow64\QuickTime 2011-05-07 17:02 . 2011-05-07 17:02 -------- d-----w- c:\program files (x86)\Common Files\TechSmith Shared 2011-05-07 17:02 . 2011-05-07 17:03 -------- d-----w- c:\programdata\TechSmith 2011-05-07 17:02 . 2011-05-07 17:02 -------- d-----w- c:\program files (x86)\TechSmith 2011-05-05 20:10 . 2011-05-05 20:10 -------- d-----w- c:\program files\Microsoft Windows Performance Toolkit 2011-05-05 20:09 . 2011-05-05 20:09 -------- d-----w- c:\program files\Microsoft Help Viewer 2011-05-05 20:08 . 2011-05-05 20:23 -------- d-----w- c:\program files\Debugging Tools for Windows (x64) 2011-05-05 20:07 . 2011-05-05 20:07 -------- d-----w- c:\program files (x86)\Application Verifier 2011-05-05 20:07 . 2011-05-05 20:07 -------- d-----w- c:\program files\Application Verifier (x64) 2011-05-05 20:05 . 2011-05-05 20:05 -------- d-----w- c:\windows\symbols 2011-05-05 20:05 . 2011-05-05 20:05 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0 2011-05-05 19:58 . 2011-05-05 19:58 -------- d-----w- c:\program files\Microsoft SDKs 2011-05-05 19:54 . 2011-05-05 19:54 -------- d-----w- c:\program files (x86)\Microsoft.NET 2011-05-05 15:15 . 2011-05-05 15:15 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi 2011-05-05 12:47 . 2011-05-05 12:47 -------- d-----w- c:\programdata\Skype Extras 2011-05-05 12:46 . 2011-05-05 12:46 -------- d-----w- c:\program files (x86)\Common Files\Skype 2011-05-05 12:46 . 2011-05-05 12:46 -------- d-----r- c:\program files (x86)\Skype 2011-05-05 12:46 . 2011-05-05 12:46 -------- d-----w- c:\programdata\Skype 2011-05-05 12:38 . 2010-08-17 21:04 8724480 ------w- c:\windows\SysWow64\CAHS1.dll 2011-05-05 12:38 . 2010-07-27 21:30 400384 ------w- c:\windows\system32\CAHS1.cpl 2011-05-05 12:38 . 2010-07-18 23:52 798208 ------w- c:\windows\system32\CAHS1.exe 2011-05-05 12:38 . 2009-04-01 23:59 143360 ------w- c:\windows\VmixHS1.dll 2011-05-05 12:38 . 2006-09-12 17:21 200704 ------w- c:\windows\SysWow64\cmpaHS1.dll 2011-05-05 12:38 . 2009-04-07 21:22 354304 ------w- c:\windows\system32\CmiInstallResAll64.dll 2011-05-05 12:38 . 2006-10-05 12:45 524768 ---ha-w- c:\windows\difxapi.dll 2011-05-05 12:38 . 2010-06-29 02:06 1309184 ---ha-w- c:\windows\system32\drivers\CAHS164.sys 2011-05-05 12:38 . 2004-04-13 18:28 315392 ---ha-w- c:\windows\system\fltrCAHS1.dll 2011-05-04 13:50 . 2011-05-04 13:50 -------- d-----w- c:\program files (x86)\Z8Games 2011-05-04 13:38 . 2011-05-04 13:38 -------- dc----w- c:\windows\system32\DRVSTORE 2011-05-04 13:38 . 2009-05-18 11:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2011-05-04 13:38 . 2008-04-17 10:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll 2011-05-04 13:38 . 2008-04-17 10:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll 2011-05-04 13:37 . 2011-05-04 13:37 -------- d-----w- c:\program files (x86)\Apple Software Update 2011-05-04 13:36 . 2011-05-04 13:36 -------- d-----w- c:\program files\Common Files\Apple 2011-05-04 13:36 . 2011-05-04 13:36 -------- d-----w- c:\program files\Bonjour 2011-05-04 13:36 . 2011-05-04 13:36 -------- d-----w- c:\program files (x86)\Bonjour 2011-05-04 13:36 . 2011-05-04 13:38 -------- d-----w- c:\program files (x86)\Common Files\Apple 2011-05-04 13:36 . 2011-05-04 13:36 -------- d-----w- c:\programdata\Apple 2011-05-04 12:58 . 2011-04-01 15:07 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-05-04 12:58 . 2011-04-01 15:07 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-05-04 12:58 . 2011-05-04 12:58 -------- d-----w- c:\programdata\Avira 2011-05-04 12:58 . 2011-05-04 12:58 -------- d-----w- c:\program files (x86)\Avira 2011-05-03 15:18 . 2010-10-27 01:43 110592 ----a-w- c:\windows\system32\rtvcvfw32.dll 2011-05-03 15:08 . 2011-05-03 15:08 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle 2011-05-03 15:08 . 2011-05-03 15:08 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate 2011-05-03 15:06 . 2011-05-03 15:06 -------- d-----w- c:\programdata\Studio 12 2011-05-03 15:06 . 2011-05-03 15:06 -------- d-----w- c:\programdata\Pinnacle Studio Plus 2011-05-03 15:06 . 2011-05-03 15:06 -------- d-----w- c:\program files (x86)\Pinnacle 2011-05-03 15:06 . 2011-05-03 15:06 -------- d-----w- c:\program files (x86)\Common Files\Yahoo! 2011-05-03 15:05 . 2011-05-03 15:06 -------- d-----w- c:\programdata\Pinnacle 2011-05-03 13:40 . 2011-05-03 13:40 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2011-05-03 13:26 . 2011-05-03 13:26 -------- d-----w- c:\program files (x86)\Cheat Engine 6 2011-05-02 17:03 . 2011-05-02 17:03 3832 ----a-w- C:\STF97D1.tmp 2011-04-28 19:40 . 2011-04-28 19:40 3930 ----a-w- C:\STF73C5.tmp 2011-04-28 19:25 . 2011-04-28 19:25 -------- d-----w- c:\program files (x86)\Valve 2011-04-28 16:34 . 2011-04-28 16:34 -------- d-----w- c:\program files (x86)\Common Files\Java 2011-04-28 16:34 . 2011-04-28 16:34 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-04-28 16:34 . 2011-04-28 16:34 -------- d-----w- c:\program files (x86)\Java 2011-04-28 14:39 . 2011-04-28 14:39 -------- d-----w- c:\program files (x86)\uTorrent 2011-04-28 14:08 . 2011-04-28 16:25 -------- d-----w- C:\Fraps 2011-04-28 12:58 . 2011-04-28 12:58 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin 2011-04-28 00:00 . 2011-04-27 23:06 -------- d-----w- c:\windows\Panther 2011-04-27 23:47 . 2011-04-27 23:47 -------- d-----w- c:\windows\SysWow64\Macromed 2011-04-27 23:44 . 2011-04-27 23:44 -------- d-----w- c:\program files (x86)\Spotify 2011-04-27 23:36 . 2011-04-27 23:36 -------- d-----w- c:\program files\Intel 2011-04-27 23:35 . 2011-04-27 16:39 -------- d-----w- c:\program files (x86)\MSI 2011-04-27 23:35 . 2011-04-27 23:35 -------- d-----w- c:\program files (x86)\Renesas Electronics 2011-04-27 23:33 . 2011-04-27 23:33 -------- d-----w- c:\programdata\Downloaded Installations 2011-04-27 23:32 . 2010-11-11 06:37 74344 ----a-w- c:\windows\system32\RtNicProp64.dll 2011-04-27 23:32 . 2010-11-11 06:37 408680 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2011-04-27 23:32 . 2010-11-11 06:37 107624 ----a-w- c:\windows\system32\RTNUninst64.dll 2011-04-27 23:32 . 2011-04-27 23:32 -------- d-----w- c:\program files (x86)\Realtek 2011-04-27 23:32 . 2011-05-05 12:38 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information 2011-04-27 23:30 . 2010-12-23 05:56 29288 ----a-w- c:\windows\system32\nvhdap64.dll 2011-04-27 23:30 . 2010-12-23 05:56 155752 ----a-w- c:\windows\system32\drivers\nvhda64v.sys 2011-04-27 23:30 . 2010-12-23 05:56 1359976 ----a-w- c:\windows\system32\nvgenco64hda.dll 2011-04-27 23:30 . 2011-05-08 00:48 -------- d-----w- c:\programdata\NVIDIA 2011-04-27 23:30 . 2011-04-27 23:30 -------- d-----w- c:\program files (x86)\NVIDIA Corporation 2011-04-27 23:30 . 2011-05-07 17:03 -------- d-sh--w- c:\windows\Installer 2011-04-27 23:28 . 2011-04-27 23:28 -------- d-----w- c:\program files (x86)\LoiLoScope FREE trial 2011-04-27 23:13 . 2011-04-27 23:30 -------- d-----w- c:\program files\NVIDIA Corporation 2011-04-27 23:06 . 2011-04-27 16:47 -------- d-----w- c:\users\Glenn 2011-04-27 23:06 . 2011-04-27 23:06 -------- d-----w- C:\Recovery 2011-04-27 17:14 . 2011-04-27 17:14 -------- d-----w- c:\program files (x86)\Electronic Arts 2011-04-27 17:01 . 2011-03-26 01:03 17128 ----a-w- c:\windows\system32\roboot64.exe 2011-04-27 17:01 . 2011-03-25 11:55 286208 ----a-w- c:\windows\SysWow64\binkw32.dll 2011-04-27 17:01 . 2011-04-28 16:27 -------- d-----w- c:\program files (x86)\Dll-Files.com Fixer 2011-04-27 16:59 . 2011-04-27 18:15 -------- d-----w- c:\programdata\Solidshield 2011-04-27 16:51 . 2011-04-27 16:51 -------- d-----w- c:\program files\Microsoft IntelliType Pro 2011-04-27 16:46 . 2011-04-27 16:46 -------- d-----w- c:\windows\no 2011-04-27 16:44 . 2011-04-27 16:44 -------- d-----w- c:\windows\en 2011-04-27 16:44 . 2011-04-27 16:44 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition 2011-04-27 16:43 . 2000-05-11 08:00 90112 ------w- c:\windows\Updreg.EXE 2011-04-27 16:43 . 2009-10-15 20:38 17920 ------w- c:\windows\system32\THXCfg64.dll 2011-04-27 16:43 . 2009-10-01 23:42 141312 ------w- c:\windows\system32\THXCfg64.exe 2011-04-27 16:43 . 2010-05-04 18:00 237056 ----a-w- c:\windows\system32\APOMgr64.DLL 2011-04-27 16:43 . 2010-05-04 17:59 182272 ----a-w- c:\windows\SysWow64\APOMngr.DLL 2011-04-27 16:43 . 2009-12-29 23:52 89088 ----a-w- c:\windows\system32\CmdRtr64.DLL 2011-04-27 16:43 . 2009-12-29 23:50 73728 ----a-w- c:\windows\SysWow64\CmdRtr.DLL 2011-04-27 16:43 . 2011-04-27 16:43 -------- d-----w- c:\program files (x86)\Creative 2011-04-27 16:43 . 2011-04-27 16:43 -------- d-----w- c:\program files (x86)\Common Files\InstallShield 2011-04-27 16:41 . 2011-04-27 16:43 -------- d-----w- c:\program files (x86)\Windows Live 2011-04-27 16:41 . 2011-04-27 16:41 -------- d-----w- c:\program files\Windows Live 2011-04-27 16:41 . 2011-04-27 16:41 -------- d-----w- c:\windows\PCHEALTH 2011-04-27 16:39 . 2011-04-27 16:39 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2011-04-27 16:39 . 2010-10-05 12:50 8192 ----a-r- c:\windows\system32\drivers\IntelMEFWVer.dll 2011-04-27 16:39 . 2010-10-05 12:50 8192 ----a-r- c:\windows\SysWow64\drivers\IntelMEFWVer.dll 2011-04-27 16:39 . 2011-04-27 16:39 -------- d-----w- c:\program files (x86)\Intel 2011-04-27 16:39 . 2010-08-11 05:13 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2011-04-27 16:39 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll 2011-04-27 16:39 . 2010-08-11 05:19 3860992 ----a-w- c:\windows\system32\UIRibbon.dll 2011-04-27 16:39 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\SysWow64\UIRibbon.dll . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-27 16:41 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-04-06 14:26 . 2011-04-06 14:26 96544 ----a-w- c:\windows\system32\dnssd.dll 2011-04-06 14:26 . 2011-04-06 14:26 69408 ----a-w- c:\windows\system32\jdns_sd.dll 2011-04-06 14:26 . 2011-04-06 14:26 237856 ----a-w- c:\windows\system32\dnssdX.dll 2011-04-06 14:26 . 2011-04-06 14:26 119584 ----a-w- c:\windows\system32\dns-sd.exe 2011-04-06 14:20 . 2011-04-06 14:20 91424 ----a-w- c:\windows\SysWow64\dnssd.dll 2011-04-06 14:20 . 2011-04-06 14:20 75040 ----a-w- c:\windows\SysWow64\jdns_sd.dll 2011-04-06 14:20 . 2011-04-06 14:20 197920 ----a-w- c:\windows\SysWow64\dnssdX.dll 2011-04-06 14:20 . 2011-04-06 14:20 107808 ----a-w- c:\windows\SysWow64\dns-sd.exe . . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-04-18 15146376] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288] "Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2010-11-19 438272] "THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-06-12 1349632] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-04-26 421160] "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-03-28 1910152] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 NTIOLib_1_0_1;NTIOLib_1_0_1;c:\program files (x86)\MSI\ControlCenterII\NTIOLib_X64.sys [2009-10-06 14136] R3 X6va005;X6va005;c:\users\Glenn\AppData\Local\Temp\005B4A0.tmp [x] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360] S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 2111368] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-12-13 369256] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x] S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-05-21 134928] S3 CorsairCAHS1;CA-HS1 Interface;c:\windows\system32\drivers\CAHS164.sys [x] S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) . 2011-04-28 c:\windows\Tasks\DLL-files.com Fixer_MONTHLY.job - c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2011-04-27 01:03] . 2011-04-27 c:\windows\Tasks\DLL-files.com Fixer_UPDATES.job - c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2011-04-27 01:03] . 2011-05-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1359807575-2391420059-3718224889-1000Core.job - c:\users\Glenn\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-03 13:30] . 2011-05-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1359807575-2391420059-3718224889-1000UA.job - c:\users\Glenn\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-03 13:30] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "THXCfg64"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568] "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-04-13 1860496] "CAHS1Sound"="c:\windows\Syswow64\CAHS1.dll" [2010-08-17 8724480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Tilleggsskanning ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local FF - ProfilePath - c:\users\Glenn\AppData\Roaming\Mozilla\Firefox\Profiles\ek0jjyrj.default\ . - - - - TOMME PEKERE FJERNET - - - - . Wow6432Node-HKCU-Run-Steam - c:\program files (x86)\Steam\Steam.exe Wow6432Node-HKCU-Run-RDReminder - (no file) AddRemove-Steam App 10180 - c:\program files (x86)\Steam\steam.exe AddRemove-Steam App 10190 - c:\program files (x86)\Steam\steam.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005] "ImagePath"="\??\c:\users\Glenn\AppData\Local\Temp\005B4A0.tmp" . --------------------- LÅSTE REGISTERNØKLER --------------------- . [HKEY_USERS\S-1-5-21-1359807575-2391420059-3718224889-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-1359807575-2391420059-3718224889-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Tidspunkt ferdig: 2011-05-08 12:17:29 ComboFix-quarantined-files.txt 2011-05-08 10:17 . Pre-Run: 543 393 689 600 bytes free Post-Run: 543 276 224 512 bytes free . - - End Of File - - 3E15488A887E90AE37FC90EC042C1199