ComboFix 11-12-22.04 - Charlotte 22.12.2011  22:47:33.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.47.1044.18.3895.2324 [GMT 1:00]
Kjører fra: c:\users\Charlotte\Downloads\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: SPYWAREfighter *Disabled/Updated* {2CA2BED9-C3E1-63C9-3FCE-3527C816A7C9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Andre slettinger   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Charlotte\Documents\~WRD0000.tmp
c:\windows\security\Database\tmp.edb
c:\windows\TEMP\t15i317d.vbt
.
.
(((((((((((((((((((((((((((   Filer Opprettet Fra 2011-11-23 til 2011-12-23  )))))))))))))))))))))))))))))))))
.
.
2011-12-22 22:01 . 2011-12-22 22:01	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-12-22 20:39 . 2011-12-22 20:39	--------	d-----w-	c:\users\Charlotte\AppData\Roaming\Malwarebytes
2011-12-22 20:39 . 2011-12-22 20:39	--------	d-----w-	c:\programdata\Malwarebytes
2011-12-22 20:39 . 2011-08-31 16:00	25416	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-12-20 22:33 . 2011-12-20 22:35	--------	d-----w-	c:\users\Charlotte\AppData\Roaming\Apple Computer
2011-12-20 22:33 . 2011-12-20 22:33	--------	d-----w-	c:\users\Charlotte\AppData\Local\Apple Computer
2011-12-20 22:33 . 2009-05-18 12:17	34152	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2011-12-20 22:33 . 2008-04-17 11:12	126312	----a-w-	c:\windows\system32\GEARAspi64.dll
2011-12-20 22:32 . 2011-12-20 22:32	--------	d-----w-	c:\program files\iPod
2011-12-20 22:32 . 2011-12-20 22:33	--------	d-----w-	c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-12-20 22:32 . 2011-12-20 22:33	--------	d-----w-	c:\program files\iTunes
2011-12-20 22:32 . 2011-12-20 22:33	--------	d-----w-	c:\program files (x86)\iTunes
2011-12-20 22:32 . 2011-12-20 22:32	--------	d-----w-	c:\programdata\Apple Computer
2011-12-20 22:31 . 2011-12-20 22:31	--------	d-----w-	c:\users\Charlotte\AppData\Local\Apple
2011-12-20 22:31 . 2011-12-20 22:31	--------	d-----w-	c:\program files (x86)\Apple Software Update
2011-12-20 22:30 . 2011-12-20 22:30	--------	d-----w-	c:\program files\Common Files\Apple
2011-12-20 22:29 . 2011-12-20 22:29	--------	d-----w-	c:\program files\Bonjour
2011-12-20 22:29 . 2011-12-20 22:29	--------	d-----w-	c:\program files (x86)\Bonjour
2011-12-20 22:29 . 2011-12-20 22:32	--------	d-----w-	c:\program files (x86)\Common Files\Apple
2011-12-20 22:29 . 2011-12-20 22:31	--------	d-----w-	c:\programdata\Apple
2011-12-20 00:41 . 2011-12-20 00:41	--------	d-----w-	c:\program files (x86)\Common Files\Java
2011-12-14 20:44 . 2011-10-26 05:21	43520	----a-w-	c:\windows\system32\csrsrv.dll
2011-12-14 20:44 . 2011-11-05 04:30	860672	----a-w-	c:\program files (x86)\Internet Explorer\iedvtool.dll
2011-12-14 20:44 . 2011-11-05 05:37	1013248	----a-w-	c:\program files\Internet Explorer\iedvtool.dll
2011-12-14 20:44 . 2011-11-05 05:37	451072	----a-w-	c:\program files\Internet Explorer\ieproxy.dll
2011-12-14 20:44 . 2011-11-05 04:30	163328	----a-w-	c:\program files (x86)\Internet Explorer\ieproxy.dll
2011-12-14 20:43 . 2011-11-05 03:32	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2011-12-14 20:42 . 2011-10-15 06:31	723456	----a-w-	c:\windows\system32\EncDec.dll
2011-12-14 16:07 . 2011-12-14 16:07	--------	d-----w-	C:\Preventon
2011-12-14 10:19 . 2011-12-14 12:32	--------	d-----w-	c:\program files (x86)\Troerejan Remover
2011-12-14 10:19 . 2011-12-14 10:19	--------	d-----w-	c:\users\Charlotte\AppData\Roaming\Simply Super Software
2011-12-14 10:19 . 2011-12-14 10:19	--------	d-----w-	c:\programdata\Simply Super Software
2011-12-14 10:15 . 2011-12-22 19:29	--------	d-----w-	c:\programdata\clp
2011-12-14 10:15 . 2011-12-14 11:38	--------	d-----w-	c:\users\Charlotte\AppData\Roaming\Fighters
2011-12-14 10:14 . 2011-12-14 10:14	--------	d-----w-	c:\program files (x86)\Common Files\Common Toolkit Suite
2011-12-14 10:14 . 2011-12-14 11:36	--------	d-----w-	c:\program files (x86)\Fighters
2011-12-14 10:14 . 2011-12-14 10:14	--------	d-----w-	c:\programdata\Common Toolkit Suite
2011-12-14 10:13 . 2011-12-14 11:35	--------	d-----w-	c:\programdata\Fighters
2011-12-14 06:41 . 2011-12-14 06:41	288	----a-w-	c:\users\Charlotte\AppData\Roaming\A4737D60.reg
2011-12-13 00:08 . 2011-12-13 00:08	--------	d-----w-	c:\users\Charlotte\AppData\Roaming\Adobe Mini Bridge CS5
2011-12-13 00:08 . 2011-12-13 00:08	--------	d-----w-	c:\users\Charlotte\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2011-12-09 22:26 . 2011-12-14 08:30	--------	d-----w-	c:\programdata\AVG Secure Search
2011-12-07 12:57 . 2011-12-07 12:57	--------	d-----w-	c:\users\Charlotte\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-24 04:52 . 2011-12-14 20:42	3145216	----a-w-	c:\windows\system32\win32k.sys
2011-11-16 12:40 . 2011-06-30 09:13	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-10 04:54 . 2011-05-02 13:09	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-11-05 05:41 . 2011-12-14 20:44	1188864	----a-w-	c:\windows\system32\wininet.dll
2011-11-05 05:32 . 2011-12-15 21:38	2048	----a-w-	c:\windows\system32\tzres.dll
2011-11-05 04:35 . 2011-12-14 20:44	981504	----a-w-	c:\windows\SysWow64\wininet.dll
2011-11-05 04:26 . 2011-12-15 21:38	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2011-11-05 02:48 . 2011-12-14 20:43	1638912	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-10-22 00:26 . 2010-06-24 10:33	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-10-19 10:06 . 2011-10-19 10:06	13720	----a-w-	c:\windows\system32\drivers\avfsfilter.sys
2011-10-15 05:38 . 2011-12-14 20:42	534528	----a-w-	c:\windows\SysWow64\EncDec.dll
2011-10-07 05:23 . 2011-10-07 05:23	283728	----a-w-	c:\windows\system32\drivers\avgldx64.sys
2011-09-29 16:29 . 2011-11-08 18:36	1923952	----a-w-	c:\windows\system32\drivers\tcpip.sys
.
.
((((((((((((((((((((((((((((((((   Oppstartspunkter I Registeret   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2011-12-14 08:38	1574240	----a-w-	c:\program files (x86)\AVG Secure Search\9.0.0.21\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\9.0.0.21\AVG Secure Search_toolbar.dll" [2011-12-14 1574240]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"AdobeBridge"="c:\program files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe" [2011-06-09 12002664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NBAgent"="c:\program files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" [2010-03-09 1086760]
"Bing Bar"="c:\program files (x86)\MSN Toolbar\Platform\5.0.1399.0\mswinext.exe" [2010-03-04 243032]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2011-09-28 646232]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-10-26 74752]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2011-12-14 892768]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
"CommonToolkitTray"="c:\program files (x86)\Fighters\Tray\FightersTray.exe" [2011-10-05 1429128]
"SWPROguard"="c:\program files (x86)\Fighters\SPYWAREfighter\swprotray.exe" [2011-10-19 1201800]
"TrojanScanner"="c:\program files (x86)\Troerejan Remover\Trjscan.exe" [2011-05-18 1233856]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"Malwarebytes' Anti-Malware"="c:\users\Charlotte\Desktop\Antivirus stæsj\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-03-18 947528]
R3 Common Toolkit Tools;Common Toolkit Tools;c:\program files (x86)\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [2011-10-19 270472]
R3 cxbu0x64;OMNIKEY 3x21;c:\windows\system32\DRIVERS\cxbu0x64.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys [x]
R3 ZTEusbwwan;ZTE MBN Miniport;c:\windows\system32\DRIVERS\ZTEusbwwan.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 MBAMService;MBAMService;c:\users\Charlotte\Desktop\Antivirus stæsj\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 Suite Service;Suite Service;c:\program files (x86)\Fighters\FighterSuiteService.exe [2011-10-10 1318536]
S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2011-09-08 6583160]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2011-09-08 528760]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
S2 vToolbarUpdater;vToolbarUpdater;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2011-12-09 855904]
S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-26 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-26 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-26 410648]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-10 520760]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-02-11 1050072]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-02-12 136136]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Tilleggsskanning -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.atcomet.com/b/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &D&ownload alle med BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
IE: &L&ast Ned &med BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: E&ksporter til Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{6541708B-C73F-42BF-8479-2E6E2D772B77}: NameServer = 10.203.129.68 10.203.129.68
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
FF - ProfilePath - c:\users\Charlotte\AppData\Roaming\Mozilla\Firefox\Profiles\1eer5fvn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2642706&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/?ref=hp
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4dc2a7f1&v=7.008.031.001&i=23&tp=ab&iy=&ychte=dk&lng=nb-NO&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - TOMME PEKERE FJERNET - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
AddRemove-{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B} - c:\program files\Amazon\UninstallerAmazon.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AV Engine Scanning Service]
"ImagePath"="C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AV Watch Service]
"ImagePath"="C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AV Engine Scanning Service]
"ImagePath"="C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AV Watch Service]
"ImagePath"="C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe"
.
--------------------- LÅSTE REGISTERNØKLER ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andre Kjørende Prosesser ------------------------
.
c:\program files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
c:\program files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
.
**************************************************************************
.
Tidspunkt ferdig: 2011-12-23  02:21:35 - maskinen ble startet på nytt
ComboFix-quarantined-files.txt  2011-12-23 01:21
.
Pre-Run: 51 893 764 096 byte ledig
Post-Run: 53 808 226 304 byte ledig
.
- - End Of File - - 4A10DB9CC1561BB3145CB1A759B7DF41