Entheniel
-
Innlegg
8 -
Ble med
-
Besøkte siden sist
Innholdstype
Profiler
Forum
Hendelser
Blogger
Om forumet
Innlegg skrevet av Entheniel
-
-
Jeg må bare først si at jeg har et heller dårlig forhold til dobbelnavn, jeg har mange i familien som har det, og erfaringen min med det er at det ofte blir brukt for å legge trykk på navnet når mor/far er mindre fornøyd med barnet og lignende. Jeg har et søskenbarn som krymper seg hver gang tante bruker mellomnavnet hans, fordi han sjelden har hørt det i en positiv sammenheng.
Ellers syns jeg navn er "sterkere" når det er enkelnavn, men jeg mener også at det er for mange med tvillinger som har dobbelnavn på begge om de først har det, og jeg syns ikke nødvendigvis det er et must.
Ellers tror jeg Ava kan stå helt fint for seg selv, litt mer usikker på Jakob.
-
jeg likte Jakob og Ava jeg, kjempepen kombinasjon.
-
ok, ny logg:
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Ruben\Programdata\filmloudcity
C:\Documents and Settings\Ruben\Programdata\filmloudcity\0
C:\Documents and Settings\Ruben\Programdata\filmloudcity\1EBD0C9
C:\Documents and Settings\Ruben\Programdata\filmloudcity\forbasemeet.exe
C:\Documents and Settings\Ruben\Programdata\filmloudcity\internet 4 keep.exe
C:\Documents and Settings\Ruben\Programdata\filmloudcity\ogalyfhl.exe
C:\Documents and Settings\Ruben\Programdata\filmloudcity\osubttwk.exe
.
((((((((((((((((((((((((( Files Created from 2007-12-04 to 2008-01-04 )))))))))))))))))))))))))))))))
.
2008-01-04 17:07 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-04 15:40 . 2008-01-04 15:40 <DIR> d-------- C:\Programfiler\Trend Micro
2008-01-03 15:09 . 2008-01-04 13:14 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-03 15:09 . 2008-01-03 15:09 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-02 18:55 . 2008-01-02 18:55 <DIR> d-------- C:\Programfiler\Ventrilo
2008-01-02 18:54 . 2008-01-02 18:54 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard
2008-01-02 18:27 . 2008-01-02 18:27 <DIR> d-------- C:\Programfiler\Maxtor
2008-01-02 18:27 . 2008-01-02 18:41 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Maxtor
2008-01-02 18:26 . 2008-01-02 18:26 <DIR> d-------- C:\Programfiler\MSXML 6.0
2008-01-01 23:41 . 2008-01-01 23:41 <DIR> d-------- C:\Programfiler\Fellesfiler\Skype
2008-01-01 23:41 . 2008-01-04 13:59 <DIR> d-------- C:\Documents and Settings\Ruben\Programdata\skypePM
2008-01-01 23:41 . 2008-01-01 23:41 32 --a------ C:\Documents and Settings\All Users\Programdata\ezsid.dat
2007-12-11 23:34 . 2007-12-11 23:34 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-12-11 23:34 . 2007-12-11 23:34 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-12-04 02:33 . 2007-12-04 02:33 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-12-04 02:33 . 2007-12-04 02:33 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-12-04 02:33 . 2007-12-04 02:33 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-12-04 02:33 . 2007-12-04 02:33 682,496 --a------ C:\WINDOWS\system32\DivX.dll
2007-12-04 02:33 . 2007-12-04 02:33 630,784 --a------ C:\WINDOWS\system32\divxdec.ax
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-04 16:02 --------- d-----w C:\Programfiler\McAfee
2008-01-04 15:59 --------- d-----w C:\Documents and Settings\Ruben\Programdata\Azureus
2008-01-04 14:22 --------- d-----w C:\Documents and Settings\All Users\Programdata\avg7
2008-01-04 13:20 --------- d-----w C:\Documents and Settings\Ruben\Programdata\Skype
2008-01-02 23:30 --------- d-----w C:\Documents and Settings\Ruben\Programdata\Hamachi
2008-01-02 17:56 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2008-01-02 17:27 --------- d--h--w C:\Programfiler\InstallShield Installation Information
2008-01-01 22:31 --------- d-----w C:\Documents and Settings\Ruben\Programdata\Activision
2008-01-01 21:57 --------- d-----w C:\Programfiler\Azureus
2008-01-01 21:29 --------- d-----w C:\Documents and Settings\All Users\Programdata\WLInstaller
2008-01-01 20:37 --------- d-----w C:\Documents and Settings\Ruben\Programdata\ZoomBrowser EX
2008-01-01 20:36 --------- d-----w C:\Documents and Settings\All Users\Programdata\ZoomBrowser
2008-01-01 12:19 --------- d-----w C:\Programfiler\Messenger Plus! Live
2007-12-31 17:41 --------- d-----w C:\Programfiler\SiteAdvisor
2007-12-13 21:43 --------- d-----w C:\Documents and Settings\Ruben\Programdata\LimeWire
2007-12-12 19:51 --------- d-----w C:\Programfiler\DivX
2007-12-10 12:21 --------- d-----w C:\Documents and Settings\LocalService\Programdata\SiteAdvisor
2007-12-09 13:48 --------- d-----w C:\Programfiler\Sony Ericsson
2007-12-09 13:48 --------- d-----w C:\Programfiler\Fellesfiler\Teleca Shared
2007-12-07 22:21 --------- d-----w C:\Programfiler\Windows Live
2007-12-07 22:16 --------- d-----w C:\Programfiler\Electronic Arts
2007-12-05 09:53 --------- d-----w C:\Programfiler\EA GAMES
2007-12-01 18:52 --------- d-----w C:\Documents and Settings\All Users\Programdata\Firefly Studios
2007-11-29 22:30 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-11-29 22:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-11-29 22:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-11-29 22:28 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-11-28 21:55 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-11-28 21:53 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-11-28 21:53 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-11-28 21:53 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-11-28 21:53 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-11-28 21:53 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-11-28 21:53 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-11-28 21:52 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-11-22 21:03 --------- dcsh--w C:\Programfiler\Fellesfiler\WindowsLiveInstaller
2007-11-22 21:00 --------- d-----w C:\Programfiler\Opera
2007-11-21 19:21 --------- d-----w C:\Programfiler\Disc2Phone
2007-11-14 18:49 --------- d-----w C:\Programfiler\World of Warcraft
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-10-31 11:46 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-10-30 23:30 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-29 22:45 1,290,752 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:45 1,290,752 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-25 16:44 8,466,432 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-10-10 23:54 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-10-10 23:54 232,960 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
2007-10-10 23:53 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-10-10 23:53 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-10-10 23:53 6,065,664 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-10-10 23:53 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-10-10 23:53 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-10-10 23:53 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-10-10 23:53 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
2007-10-10 23:53 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-10-10 23:53 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-10-10 23:53 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-10-10 23:53 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-10-10 23:53 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-10-10 23:53 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-10-10 23:53 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-10-10 23:53 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-10-10 23:53 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-10-10 23:53 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
2007-10-10 23:53 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
2007-10-10 23:53 102,400 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
2007-10-10 23:53 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-10-10 11:02 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-10-10 11:02 625,152 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-10-10 10:59 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-10-10 05:46 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-08-29 17:38 32 ----a-r C:\Documents and Settings\All Users\hash.dat
2007-07-26 20:12 52,329,617 ----a-w C:\Documents and Settings\Ruben\WoW-2.1.3.6898-to-0.2.0.6932-enGB-patch.exe
2007-04-25 21:49 311,384,068 ----a-w C:\Documents and Settings\Ruben\WoW-2.0.12.6546-to-0.1.0.6577-enGB-patch.exe
2007-03-25 10:29 40 ----a-w C:\Documents and Settings\Ruben\language.dat
2006-07-11 12:41 8 -csh--r C:\WINDOWS\system32\B782F673F5.sys
2006-09-11 12:42 56 -csh--r C:\WINDOWS\system32\F573F682B7.sys
2007-02-03 23:23 5,852 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 12:00 15360]
"msnmsgr"="C:\Programfiler\Windows Live\Messenger\msnmsgr.exe" [2008-01-01 22:44 5724184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-14 20:51 7323648]
"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"IAAnotif"="C:\Programfiler\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 07:56 139264]
"DMXLauncher"="C:\Programfiler\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 03:12 94208]
"CTSysVol"="C:\Programfiler\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-09-15 09:47 57344]
"MBMon"="CTMBHA.DLL" [2005-05-19 08:54 1345520 C:\WINDOWS\system32\CTMBHA.DLL]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]
"VoiceCenter"="C:\Programfiler\Creative\VoiceCenter\AndreaVC.exe" [2005-09-19 07:42 1159168]
"ISUSPM Startup"="C:\Programfiler\Fellesfiler\InstallShield\UpdateService\isuspm.exe" [2005-06-10 10:44 249856]
"ISUSScheduler"="C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2005-06-10 10:44 81920]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-10-21 12:28 29696 C:\WINDOWS\KHALMNPR.Exe]
"mmtask"="c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [ ]
"PD0620 STISvc"="P0620Pin.dll" [2005-05-10 18:03 36864 C:\WINDOWS\system32\P0620Pin.dll]
"Launch LGDCore"="C:\Programfiler\Fellesfiler\Logitech\G-series Software\LGDCore.exe" [2006-11-09 13:10 1126400]
"MskAgentexe"="C:\Programfiler\McAfee\MSK\MskAgent.exe" [2007-01-17 17:30 152144]
"SiteAdvisor"="C:\Programfiler\SiteAdvisor\6253\SiteAdv.exe" [2007-02-09 18:18 36904]
"Launch LCDMon"="C:\Programfiler\Fellesfiler\Logitech\LCD Manager\lcdmon.exe" [2006-11-09 12:45 549376]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-05-31 04:33 122941]
"QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2007-04-27 08:41 282624]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-31 17:07 579072]
"NeroFilterCheck"="C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe" [2006-01-12 14:40 155648]
"Adobe Reader Speed Launcher"="C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"MsgCenterExe"="C:\Programfiler\Fellesfiler\Real\Update_OB\RealOneMessageCenter.exe" [ ]
"mxomssmenu"="C:\Programfiler\Maxtor\OneTouch Status\maxmenumgr.exe" [2007-09-06 14:53 169264]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 00:20 339968 C:\WINDOWS\stsystra.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 12:00 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-23 11:34 219136]
C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\
Logitech Desktop Messenger.lnk - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-02-19 14:36:42]
Logitech SetPoint.lnk - C:\Programfiler\Logitech\SetPoint\KEM.exe [2006-07-11 12:09:45]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
R2 Maxtor Sync Service;Maxtor Service;C:\Programfiler\Maxtor\Sync\SyncServices.exe [2007-09-28 12:24]
S3 PLUsbbc2;High-Speed USB Bridge Cable Driver;C:\WINDOWS\system32\Drivers\usbbc2.sys [2003-05-07 15:54]
S3 PPDrv;Protector Plus Driver (UnRegistered);C:\Programfiler\Protector Plus\PPDrv.sys []
S3 SCREAMINGBDRIVER;Screaming Bee Audio;C:\WINDOWS\system32\drivers\ScreamingBAudio.sys []
S4 viaagp;VIA AGP-bussfilter;C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-03 23:07]
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
"2007-12-15 01:07:12 C:\WINDOWS\Tasks\McDefragTask.job"
- c:\programfiler\mcafee\mqc\QcConsol.exe'
"2008-01-01 00:00:17 C:\WINDOWS\Tasks\McQcTask.job"
- c:\programfiler\mcafee\mqc\QcConsol.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-04 18:19:13
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\\Programfiler\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe"
.
Completion time: 2008-01-04 18:19:44
ComboFix-quarantined-files.txt 2008-01-04 17:19:41
ComboFix2.txt 2008-01-04 16:43:08
ComboFix3.txt 2008-01-04 16:13:25
.
2008-01-02 19:40:33 --- E O F ---
-
ny HJT-logg:
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Programfiler\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Programfiler\Maxtor\Sync\SyncServices.exe
C:\Programfiler\Fellesfiler\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\programfiler\fellesfiler\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\FELLES~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\FELLES~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Programfiler\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Programfiler\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programfiler\SiteAdvisor\6253\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programfiler\McAfee\MPS\mpsevh.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Programfiler\Canon\CAL\CALMAIN.exe
C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe
C:\Programfiler\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Programfiler\Dell\Media Experience\DMXLauncher.exe
C:\Programfiler\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe
C:\Programfiler\Fellesfiler\Logitech\G-series Software\LGDCore.exe
C:\Programfiler\McAfee\MSK\MskAgent.exe
C:\Programfiler\SiteAdvisor\6253\SiteAdv.exe
C:\Programfiler\Fellesfiler\Logitech\LCD Manager\lcdmon.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Programfiler\Fellesfiler\Logitech\LCD Manager\Applets\LCDPOP3.exe
C:\Programfiler\Fellesfiler\Logitech\LCD Manager\Applets\LCDClock.exe
C:\Programfiler\Fellesfiler\Logitech\LCD Manager\Applets\LCDMedia.exe
C:\Programfiler\Maxtor\OneTouch Status\maxmenumgr.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programfiler\Logitech\SetPoint\KEM.exe
C:\Programfiler\Logitech\SetPoint\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\Opera\Opera.exe
C:\Programfiler\Windows Live\Messenger\msnmsgr.exe
C:\Programfiler\Windows Live\Messenger\usnsvc.exe
C:\Programfiler\Windows Media Player\wmplayer.exe
C:\WINDOWS\explorer.exe
C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Programfiler\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\programfiler\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Programfiler\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [iAAnotif] C:\Programfiler\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Programfiler\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [VoiceCenter] "C:\Programfiler\Creative\VoiceCenter\AndreaVC.exe" /tray
O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [PD0620 STISvc] RunDLL32.exe P0620Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Programfiler\Fellesfiler\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [MskAgentexe] C:\Programfiler\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [siteAdvisor] C:\Programfiler\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Programfiler\Fellesfiler\Logitech\LCD Manager\lcdmon.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [mxomssmenu] "C:\Programfiler\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Drv Name] C:\DOCUME~1\Ruben\PROGRA~1\FILMLO~1\forbasemeet.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\KEM.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Ruben\Start-meny\Programmer\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {A9DAD15A-365E-494D-9D41-8A0BB80007B0} (ArcticShell control) - http://www.arcticpigs.com/activex/mayhem.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programfiler\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Programfiler\Fellesfiler\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FELLES~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Programfiler\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Unknown owner - C:\Programfiler\iPod\bin\iPodService.exe (file missing)
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Programfiler\Maxtor\Sync\SyncServices.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Programfiler\Fellesfiler\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\programfiler\fellesfiler\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FELLES~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FELLES~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Programfiler\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Programfiler\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Programfiler\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SiteAdvisor-service (SiteAdvisor Service) - Unknown owner - C:\Programfiler\SiteAdvisor\6253\SAService.exe
--
End of file - 13170 bytes
Ny combofix-logg:
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Programdata\live 64 math does
C:\Documents and Settings\All Users\Programdata\live 64 math does\Boob funk.exe
C:\NoLopBackups
C:\NoLopBackups\A78B74A89208EDE0.job.01.infected
C:\Programfiler\Fellesfiler\Totem Shared
C:\Programfiler\Fellesfiler\Totem Shared\Update\Advertising.dll.053
C:\Programfiler\Fellesfiler\Totem Shared\Update\Bpk.dll.143
C:\Programfiler\Fellesfiler\Totem Shared\Update\Distribution.dll.056
C:\Programfiler\Fellesfiler\Totem Shared\Update\FavoriteLinks.dll.076
C:\Programfiler\Fellesfiler\Totem Shared\Update\FreeSamples.dll.048
C:\Programfiler\Fellesfiler\Totem Shared\Update\msvcr70.dll.010
C:\Programfiler\Fellesfiler\Totem Shared\Update\music.dll.027
C:\Programfiler\Fellesfiler\Totem Shared\Update\Network.dll.068
C:\Programfiler\Fellesfiler\Totem Shared\Update\Newsletters.dll.023
C:\Programfiler\Fellesfiler\Totem Shared\Update\ScreenSaver2.dll.025
C:\Programfiler\Fellesfiler\Totem Shared\Update\System.dll.094
C:\Programfiler\Fellesfiler\Totem Shared\Update\TotemDx.dll.020
C:\Programfiler\Fellesfiler\Totem Shared\Update\Update.dll.074
C:\Programfiler\Fellesfiler\Totem Shared\Update\Windows.dll.082
C:\Programfiler\Fellesfiler\Totem Shared\Update\WindowsEx.dll.051
.
((((((((((((((((((((((((( Files Created from 2007-12-04 to 2008-01-04 )))))))))))))))))))))))))))))))
.
2008-01-04 17:07 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-04 15:40 . 2008-01-04 15:40 <DIR> d-------- C:\Programfiler\Trend Micro
2008-01-03 15:09 . 2008-01-04 13:14 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-03 15:09 . 2008-01-03 15:09 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-02 18:55 . 2008-01-02 18:55 <DIR> d-------- C:\Programfiler\Ventrilo
2008-01-02 18:54 . 2008-01-02 18:54 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard
2008-01-02 18:27 . 2008-01-02 18:27 <DIR> d-------- C:\Programfiler\Maxtor
2008-01-02 18:27 . 2008-01-02 18:41 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Maxtor
2008-01-02 18:26 . 2008-01-02 18:26 <DIR> d-------- C:\Programfiler\MSXML 6.0
2008-01-01 23:41 . 2008-01-01 23:41 <DIR> d-------- C:\Programfiler\Fellesfiler\Skype
2008-01-01 23:41 . 2008-01-04 13:59 <DIR> d-------- C:\Documents and Settings\Ruben\Programdata\skypePM
2008-01-01 23:41 . 2008-01-01 23:41 32 --a------ C:\Documents and Settings\All Users\Programdata\ezsid.dat
2007-12-11 23:34 . 2007-12-11 23:34 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-12-11 23:34 . 2007-12-11 23:34 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-12-04 02:33 . 2007-12-04 02:33 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-12-04 02:33 . 2007-12-04 02:33 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-12-04 02:33 . 2007-12-04 02:33 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-12-04 02:33 . 2007-12-04 02:33 682,496 --a------ C:\WINDOWS\system32\DivX.dll
2007-12-04 02:33 . 2007-12-04 02:33 630,784 --a------ C:\WINDOWS\system32\divxdec.ax
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-04 16:02 --------- d-----w C:\Programfiler\McAfee
2008-01-04 15:59 --------- d-----w C:\Documents and Settings\Ruben\Programdata\Azureus
2008-01-04 14:22 --------- d-----w C:\Documents and Settings\All Users\Programdata\avg7
2008-01-04 13:20 --------- d-----w C:\Documents and Settings\Ruben\Programdata\Skype
2008-01-03 11:49 --------- d-----w C:\Documents and Settings\Ruben\Programdata\filmloudcity
2008-01-02 23:30 --------- d-----w C:\Documents and Settings\Ruben\Programdata\Hamachi
2008-01-02 17:56 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2008-01-02 17:27 --------- d--h--w C:\Programfiler\InstallShield Installation Information
2008-01-01 22:31 --------- d-----w C:\Documents and Settings\Ruben\Programdata\Activision
2008-01-01 21:57 --------- d-----w C:\Programfiler\Azureus
2008-01-01 21:29 --------- d-----w C:\Documents and Settings\All Users\Programdata\WLInstaller
2008-01-01 20:37 --------- d-----w C:\Documents and Settings\Ruben\Programdata\ZoomBrowser EX
2008-01-01 20:36 --------- d-----w C:\Documents and Settings\All Users\Programdata\ZoomBrowser
2008-01-01 12:19 --------- d-----w C:\Programfiler\Messenger Plus! Live
2007-12-31 17:41 --------- d-----w C:\Programfiler\SiteAdvisor
2007-12-13 21:43 --------- d-----w C:\Documents and Settings\Ruben\Programdata\LimeWire
2007-12-12 19:51 --------- d-----w C:\Programfiler\DivX
2007-12-10 12:21 --------- d-----w C:\Documents and Settings\LocalService\Programdata\SiteAdvisor
2007-12-09 13:48 --------- d-----w C:\Programfiler\Sony Ericsson
2007-12-09 13:48 --------- d-----w C:\Programfiler\Fellesfiler\Teleca Shared
2007-12-07 22:21 --------- d-----w C:\Programfiler\Windows Live
2007-12-07 22:16 --------- d-----w C:\Programfiler\Electronic Arts
2007-12-05 09:53 --------- d-----w C:\Programfiler\EA GAMES
2007-12-01 18:52 --------- d-----w C:\Documents and Settings\All Users\Programdata\Firefly Studios
2007-11-29 22:30 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-11-29 22:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-11-29 22:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-11-29 22:28 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-11-28 21:55 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-11-28 21:53 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-11-28 21:53 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-11-28 21:53 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-11-28 21:53 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-11-28 21:53 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-11-28 21:53 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-11-28 21:52 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-11-22 21:03 --------- dcsh--w C:\Programfiler\Fellesfiler\WindowsLiveInstaller
2007-11-22 21:00 --------- d-----w C:\Programfiler\Opera
2007-11-21 19:21 --------- d-----w C:\Programfiler\Disc2Phone
2007-11-14 18:49 --------- d-----w C:\Programfiler\World of Warcraft
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-10 20:20 --------- d-----w C:\Documents and Settings\Ruben\Programdata\dvdcss
2007-10-31 11:46 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-10-30 23:30 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-29 22:45 1,290,752 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:45 1,290,752 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-25 16:44 8,466,432 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-10-10 23:54 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-10-10 23:54 232,960 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
2007-10-10 23:53 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-10-10 23:53 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-10-10 23:53 6,065,664 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-10-10 23:53 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-10-10 23:53 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-10-10 23:53 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-10-10 23:53 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
2007-10-10 23:53 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-10-10 23:53 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-10-10 23:53 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-10-10 23:53 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-10-10 23:53 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-10-10 23:53 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-10-10 23:53 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-10-10 23:53 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-10-10 23:53 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-10-10 23:53 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
2007-10-10 23:53 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
2007-10-10 23:53 102,400 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
2007-10-10 23:53 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-10-10 11:02 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-10-10 11:02 625,152 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-10-10 10:59 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-10-10 05:46 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-08-29 17:38 32 ----a-r C:\Documents and Settings\All Users\hash.dat
2007-07-26 20:12 52,329,617 ----a-w C:\Documents and Settings\Ruben\WoW-2.1.3.6898-to-0.2.0.6932-enGB-patch.exe
2007-04-25 21:49 311,384,068 ----a-w C:\Documents and Settings\Ruben\WoW-2.0.12.6546-to-0.1.0.6577-enGB-patch.exe
2007-03-25 10:29 40 ----a-w C:\Documents and Settings\Ruben\language.dat
2006-07-11 12:41 8 -csh--r C:\WINDOWS\system32\B782F673F5.sys
2006-09-11 12:42 56 -csh--r C:\WINDOWS\system32\F573F682B7.sys
2007-02-03 23:23 5,852 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 12:00 15360]
"msnmsgr"="C:\Programfiler\Windows Live\Messenger\msnmsgr.exe" [2008-01-01 22:44 5724184]
"Drv Name"="C:\DOCUME~1\Ruben\PROGRA~1\FILMLO~1\forbasemeet.exe" [2008-01-03 12:48 399360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-14 20:51 7323648]
"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"IAAnotif"="C:\Programfiler\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 07:56 139264]
"DMXLauncher"="C:\Programfiler\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 03:12 94208]
"CTSysVol"="C:\Programfiler\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-09-15 09:47 57344]
"MBMon"="CTMBHA.DLL" [2005-05-19 08:54 1345520 C:\WINDOWS\system32\CTMBHA.DLL]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]
"VoiceCenter"="C:\Programfiler\Creative\VoiceCenter\AndreaVC.exe" [2005-09-19 07:42 1159168]
"ISUSPM Startup"="C:\Programfiler\Fellesfiler\InstallShield\UpdateService\isuspm.exe" [2005-06-10 10:44 249856]
"ISUSScheduler"="C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2005-06-10 10:44 81920]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-10-21 12:28 29696 C:\WINDOWS\KHALMNPR.Exe]
"mmtask"="c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [ ]
"PD0620 STISvc"="P0620Pin.dll" [2005-05-10 18:03 36864 C:\WINDOWS\system32\P0620Pin.dll]
"Launch LGDCore"="C:\Programfiler\Fellesfiler\Logitech\G-series Software\LGDCore.exe" [2006-11-09 13:10 1126400]
"MskAgentexe"="C:\Programfiler\McAfee\MSK\MskAgent.exe" [2007-01-17 17:30 152144]
"SiteAdvisor"="C:\Programfiler\SiteAdvisor\6253\SiteAdv.exe" [2007-02-09 18:18 36904]
"Launch LCDMon"="C:\Programfiler\Fellesfiler\Logitech\LCD Manager\lcdmon.exe" [2006-11-09 12:45 549376]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-05-31 04:33 122941]
"QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2007-04-27 08:41 282624]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-31 17:07 579072]
"NeroFilterCheck"="C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe" [2006-01-12 14:40 155648]
"Adobe Reader Speed Launcher"="C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"MsgCenterExe"="C:\Programfiler\Fellesfiler\Real\Update_OB\RealOneMessageCenter.exe" [ ]
"mxomssmenu"="C:\Programfiler\Maxtor\OneTouch Status\maxmenumgr.exe" [2007-09-06 14:53 169264]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 00:20 339968 C:\WINDOWS\stsystra.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 12:00 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-23 11:34 219136]
C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\
Logitech Desktop Messenger.lnk - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-02-19 14:36:42]
Logitech SetPoint.lnk - C:\Programfiler\Logitech\SetPoint\KEM.exe [2006-07-11 12:09:45]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
R2 Maxtor Sync Service;Maxtor Service;C:\Programfiler\Maxtor\Sync\SyncServices.exe [2007-09-28 12:24]
S3 PLUsbbc2;High-Speed USB Bridge Cable Driver;C:\WINDOWS\system32\Drivers\usbbc2.sys [2003-05-07 15:54]
S3 PPDrv;Protector Plus Driver (UnRegistered);C:\Programfiler\Protector Plus\PPDrv.sys []
S3 SCREAMINGBDRIVER;Screaming Bee Audio;C:\WINDOWS\system32\drivers\ScreamingBAudio.sys []
S4 viaagp;VIA AGP-bussfilter;C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-03 23:07]
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
"2007-12-15 01:07:12 C:\WINDOWS\Tasks\McDefragTask.job"
- c:\programfiler\mcafee\mqc\QcConsol.exe'
"2008-01-01 00:00:17 C:\WINDOWS\Tasks\McQcTask.job"
- c:\programfiler\mcafee\mqc\QcConsol.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-04 17:42:31
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\\Programfiler\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe"
.
Completion time: 2008-01-04 17:43:08
ComboFix-quarantined-files.txt 2008-01-04 16:42:59
ComboFix2.txt 2008-01-04 16:13:25
.
2008-01-02 19:40:33 --- E O F ---
Han aner ikke hvor mappa er fra eller noe, innhold i den: forbasemeet, internet 4 keep, ogalyfhl, osubttwk
-
ComboFix 08-01-04.1 - Ruben 2008-01-04 17:08:05.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1044.18.1450 [GMT 1:00]
Running from: C:\Documents and Settings\Ruben\Skrivebord\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Programfiler\Fellesfiler\{34E07~1
C:\Programfiler\Fellesfiler\{74E07~1
C:\WINDOWS\system32\UpMedia
J:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2007-12-04 to 2008-01-04 )))))))))))))))))))))))))))))))
.
2008-01-04 17:07 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-04 16:55 . 2008-01-04 17:01 <DIR> d-------- C:\NoLopBackups
2008-01-04 15:40 . 2008-01-04 15:40 <DIR> d-------- C:\Programfiler\Trend Micro
2008-01-03 15:09 . 2008-01-04 13:14 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-03 15:09 . 2008-01-03 15:09 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-03 12:44 . 2008-01-03 12:49 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\live 64 math does
2008-01-02 18:55 . 2008-01-02 18:55 <DIR> d-------- C:\Programfiler\Ventrilo
2008-01-02 18:54 . 2008-01-02 18:54 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard
2008-01-02 18:27 . 2008-01-02 18:27 <DIR> d-------- C:\Programfiler\Maxtor
2008-01-02 18:27 . 2008-01-02 18:41 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Maxtor
2008-01-02 18:26 . 2008-01-02 18:26 <DIR> d-------- C:\Programfiler\MSXML 6.0
2008-01-01 23:41 . 2008-01-01 23:41 <DIR> d-------- C:\Programfiler\Fellesfiler\Skype
2008-01-01 23:41 . 2008-01-04 13:59 <DIR> d-------- C:\Documents and Settings\Ruben\Programdata\skypePM
2008-01-01 23:41 . 2008-01-01 23:41 32 --a------ C:\Documents and Settings\All Users\Programdata\ezsid.dat
2007-12-11 23:34 . 2007-12-11 23:34 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-12-11 23:34 . 2007-12-11 23:34 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-12-05 17:59 . 2007-12-05 18:03 <DIR> d-------- C:\Programfiler\Fellesfiler\Totem Shared
2007-12-04 02:33 . 2007-12-04 02:33 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-12-04 02:33 . 2007-12-04 02:33 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-12-04 02:33 . 2007-12-04 02:33 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-12-04 02:33 . 2007-12-04 02:33 682,496 --a------ C:\WINDOWS\system32\DivX.dll
2007-12-04 02:33 . 2007-12-04 02:33 630,784 --a------ C:\WINDOWS\system32\divxdec.ax
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-04 16:02 --------- d-----w C:\Programfiler\McAfee
2008-01-04 15:59 --------- d-----w C:\Documents and Settings\Ruben\Programdata\Azureus
2008-01-04 14:22 --------- d-----w C:\Documents and Settings\All Users\Programdata\avg7
2008-01-04 13:20 --------- d-----w C:\Documents and Settings\Ruben\Programdata\Skype
2008-01-03 11:49 --------- d-----w C:\Documents and Settings\Ruben\Programdata\filmloudcity
2008-01-02 23:30 --------- d-----w C:\Documents and Settings\Ruben\Programdata\Hamachi
2008-01-02 17:56 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2008-01-02 17:27 --------- d--h--w C:\Programfiler\InstallShield Installation Information
2008-01-01 22:31 --------- d-----w C:\Documents and Settings\Ruben\Programdata\Activision
2008-01-01 21:57 --------- d-----w C:\Programfiler\Azureus
2008-01-01 21:29 --------- d-----w C:\Documents and Settings\All Users\Programdata\WLInstaller
2008-01-01 20:37 --------- d-----w C:\Documents and Settings\Ruben\Programdata\ZoomBrowser EX
2008-01-01 20:36 --------- d-----w C:\Documents and Settings\All Users\Programdata\ZoomBrowser
2008-01-01 12:19 --------- d-----w C:\Programfiler\Messenger Plus! Live
2007-12-31 17:41 --------- d-----w C:\Programfiler\SiteAdvisor
2007-12-13 21:43 --------- d-----w C:\Documents and Settings\Ruben\Programdata\LimeWire
2007-12-12 19:51 --------- d-----w C:\Programfiler\DivX
2007-12-10 12:21 --------- d-----w C:\Documents and Settings\LocalService\Programdata\SiteAdvisor
2007-12-09 13:48 --------- d-----w C:\Programfiler\Sony Ericsson
2007-12-09 13:48 --------- d-----w C:\Programfiler\Fellesfiler\Teleca Shared
2007-12-07 22:21 --------- d-----w C:\Programfiler\Windows Live
2007-12-07 22:16 --------- d-----w C:\Programfiler\Electronic Arts
2007-12-05 09:53 --------- d-----w C:\Programfiler\EA GAMES
2007-12-01 18:52 --------- d-----w C:\Documents and Settings\All Users\Programdata\Firefly Studios
2007-11-29 22:30 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-11-29 22:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-11-29 22:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-11-29 22:28 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-11-28 21:55 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-11-28 21:53 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-11-28 21:53 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-11-28 21:53 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-11-28 21:53 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-11-28 21:53 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-11-28 21:53 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-11-28 21:52 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-11-22 21:03 --------- dcsh--w C:\Programfiler\Fellesfiler\WindowsLiveInstaller
2007-11-22 21:00 --------- d-----w C:\Programfiler\Opera
2007-11-21 19:21 --------- d-----w C:\Programfiler\Disc2Phone
2007-11-14 18:49 --------- d-----w C:\Programfiler\World of Warcraft
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-10 20:20 --------- d-----w C:\Documents and Settings\Ruben\Programdata\dvdcss
2007-10-31 11:46 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-10-30 23:30 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-29 22:45 1,290,752 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:45 1,290,752 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-25 16:44 8,466,432 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-10-10 23:54 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-10-10 23:54 232,960 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
2007-10-10 23:53 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-10-10 23:53 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-10-10 23:53 6,065,664 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-10-10 23:53 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-10-10 23:53 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-10-10 23:53 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-10-10 23:53 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
2007-10-10 23:53 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-10-10 23:53 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-10-10 23:53 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-10-10 23:53 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-10-10 23:53 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-10-10 23:53 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-10-10 23:53 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-10-10 23:53 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-10-10 23:53 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-10-10 23:53 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
2007-10-10 23:53 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
2007-10-10 23:53 102,400 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
2007-10-10 23:53 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-10-10 11:02 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-10-10 11:02 625,152 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-10-10 10:59 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-10-10 05:46 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-08-29 17:38 32 ----a-r C:\Documents and Settings\All Users\hash.dat
2007-07-26 20:12 52,329,617 ----a-w C:\Documents and Settings\Ruben\WoW-2.1.3.6898-to-0.2.0.6932-enGB-patch.exe
2007-04-25 21:49 311,384,068 ----a-w C:\Documents and Settings\Ruben\WoW-2.0.12.6546-to-0.1.0.6577-enGB-patch.exe
2007-03-25 10:29 40 ----a-w C:\Documents and Settings\Ruben\language.dat
2006-07-11 12:41 8 -csh--r C:\WINDOWS\system32\B782F673F5.sys
2006-09-11 12:42 56 -csh--r C:\WINDOWS\system32\F573F682B7.sys
2007-02-03 23:23 5,852 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 12:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-14 20:51 7323648]
"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"IAAnotif"="C:\Programfiler\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 07:56 139264]
"DMXLauncher"="C:\Programfiler\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 03:12 94208]
"CTSysVol"="C:\Programfiler\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-09-15 09:47 57344]
"MBMon"="CTMBHA.DLL" [2005-05-19 08:54 1345520 C:\WINDOWS\system32\CTMBHA.DLL]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]
"VoiceCenter"="C:\Programfiler\Creative\VoiceCenter\AndreaVC.exe" [2005-09-19 07:42 1159168]
"ISUSPM Startup"="C:\Programfiler\Fellesfiler\InstallShield\UpdateService\isuspm.exe" [2005-06-10 10:44 249856]
"ISUSScheduler"="C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2005-06-10 10:44 81920]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-10-21 12:28 29696 C:\WINDOWS\KHALMNPR.Exe]
"mmtask"="c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [ ]
"PD0620 STISvc"="P0620Pin.dll" [2005-05-10 18:03 36864 C:\WINDOWS\system32\P0620Pin.dll]
"Launch LGDCore"="C:\Programfiler\Fellesfiler\Logitech\G-series Software\LGDCore.exe" [2006-11-09 13:10 1126400]
"MskAgentexe"="C:\Programfiler\McAfee\MSK\MskAgent.exe" [2007-01-17 17:30 152144]
"SiteAdvisor"="C:\Programfiler\SiteAdvisor\6253\SiteAdv.exe" [2007-02-09 18:18 36904]
"Launch LCDMon"="C:\Programfiler\Fellesfiler\Logitech\LCD Manager\lcdmon.exe" [2006-11-09 12:45 549376]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-05-31 04:33 122941]
"QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2007-04-27 08:41 282624]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-31 17:07 579072]
"NeroFilterCheck"="C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe" [2006-01-12 14:40 155648]
"Adobe Reader Speed Launcher"="C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"MsgCenterExe"="C:\Programfiler\Fellesfiler\Real\Update_OB\RealOneMessageCenter.exe" [ ]
"mxomssmenu"="C:\Programfiler\Maxtor\OneTouch Status\maxmenumgr.exe" [2007-09-06 14:53 169264]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 00:20 339968 C:\WINDOWS\stsystra.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 12:00 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-23 11:34 219136]
C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\
Logitech Desktop Messenger.lnk - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-02-19 14:36:42]
Logitech SetPoint.lnk - C:\Programfiler\Logitech\SetPoint\KEM.exe [2006-07-11 12:09:45]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
R2 Maxtor Sync Service;Maxtor Service;C:\Programfiler\Maxtor\Sync\SyncServices.exe [2007-09-28 12:24]
S3 PLUsbbc2;High-Speed USB Bridge Cable Driver;C:\WINDOWS\system32\Drivers\usbbc2.sys [2003-05-07 15:54]
S3 PPDrv;Protector Plus Driver (UnRegistered);C:\Programfiler\Protector Plus\PPDrv.sys []
S3 SCREAMINGBDRIVER;Screaming Bee Audio;C:\WINDOWS\system32\drivers\ScreamingBAudio.sys []
S4 viaagp;VIA AGP-bussfilter;C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-03 23:07]
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
"2007-12-15 01:07:12 C:\WINDOWS\Tasks\McDefragTask.job"
- c:\programfiler\mcafee\mqc\QcConsol.exe'
"2008-01-01 00:00:17 C:\WINDOWS\Tasks\McQcTask.job"
- c:\programfiler\mcafee\mqc\QcConsol.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-04 17:12:54
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\\Programfiler\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156]
-> C:\Programfiler\Logitech\SetPoint\lgscroll.dll
.
Completion time: 2008-01-04 17:13:25
ComboFix-quarantined-files.txt 2008-01-04 16:13:22
.
2008-01-02 19:40:33 --- E O F ---
-
okei, ikke min logg, men han som har den har ikke bruker her, så. Blir glad om noen gidder sjekke for meg!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe
C:\Programfiler\Dell\Media Experience\DMXLauncher.exe
C:\Programfiler\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\DOCUME~1\Ruben\LOKALE~1\Temp\clclean.0001
C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Programfiler\Fellesfiler\Logitech\G-series Software\LGDCore.exe
C:\Programfiler\McAfee\MSK\MskAgent.exe
C:\Programfiler\SiteAdvisor\6253\SiteAdv.exe
C:\Programfiler\Fellesfiler\Logitech\LCD Manager\lcdmon.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programfiler\Fellesfiler\Logitech\LCD Manager\Applets\LCDPOP3.exe
C:\Programfiler\Fellesfiler\Logitech\LCD Manager\Applets\LCDClock.exe
C:\Programfiler\Fellesfiler\Logitech\LCD Manager\Applets\LCDMedia.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\stsystra.exe
C:\Programfiler\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programfiler\Logitech\SetPoint\KEM.exe
C:\Programfiler\Logitech\SetPoint\KHALMNPR.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Programfiler\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Programfiler\Maxtor\Sync\SyncServices.exe
C:\Programfiler\Fellesfiler\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\programfiler\fellesfiler\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\FELLES~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\FELLES~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Programfiler\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Programfiler\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programfiler\SiteAdvisor\6253\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programfiler\McAfee\MPS\mpsevh.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Programfiler\Canon\CAL\CALMAIN.exe
C:\Programfiler\Fellesfiler\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\Windows Live\Messenger\usnsvc.exe
C:\Programfiler\Azureus\Azureus.exe
C:\WINDOWS\explorer.exe
C:\Programfiler\Maxtor\OneTouch Status\MaxMenuMgr.exe
C:\Programfiler\VideoLAN\VLC\vlc.exe
C:\PROGRA~1\Grisoft\AVG7\avgwb.dat
C:\Programfiler\Opera\Opera.exe
C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Programfiler\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\programfiler\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Programfiler\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [iAAnotif] C:\Programfiler\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Programfiler\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [VoiceCenter] "C:\Programfiler\Creative\VoiceCenter\AndreaVC.exe" /tray
O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [PD0620 STISvc] RunDLL32.exe P0620Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Programfiler\Fellesfiler\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [MskAgentexe] C:\Programfiler\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [siteAdvisor] C:\Programfiler\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Programfiler\Fellesfiler\Logitech\LCD Manager\lcdmon.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [mxomssmenu] "C:\Programfiler\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [MATH DOES FIRST MODE] C:\Documents and Settings\All Users\Programdata\live 64 math does\Boob funk.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Drv Name] C:\DOCUME~1\Ruben\PROGRA~1\FILMLO~1\forbasemeet.exe
O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Programfiler\Video ActiveX Access\iesmn.exe
O4 - HKCU\..\Policies\Explorer\Run: [{74E07418-0BB0-1044-0419-06022306002f}] "C:\Programfiler\Fellesfiler\{74E07418-0BB0-1044-0419-06022306002f}\Update.exe" mc-110-12-0001411
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\KEM.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Ruben\Start-meny\Programmer\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {A9DAD15A-365E-494D-9D41-8A0BB80007B0} (ArcticShell control) - http://www.arcticpigs.com/activex/mayhem.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL
O23 - Service: McAfee Application Installer Cleanup (0039491199448476) (0039491199448476mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP03949~1.EXE
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programfiler\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Programfiler\Fellesfiler\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FELLES~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Programfiler\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Unknown owner - C:\Programfiler\iPod\bin\iPodService.exe (file missing)
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Programfiler\Maxtor\Sync\SyncServices.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Programfiler\Fellesfiler\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\programfiler\fellesfiler\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FELLES~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FELLES~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Programfiler\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Programfiler\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Programfiler\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Programfiler\Fellesfiler\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SiteAdvisor-service (SiteAdvisor Service) - Unknown owner - C:\Programfiler\SiteAdvisor\6253\SAService.exe
--
End of file - 13929 bytes
-
Må bare ha nevnt at Elizabeth Haydons Rhapsody-trilogi er genial for de som liker fantasy. Litt rotete og slikt i førsten men absolutt verdt det. Bøkene i serien er:
"Rhapsody"
"Prophecy" og
"Destiny"
samt to "tilleggsbøker" på et vis. Som begge er betydelig mye tynnere:
"Requiem for the sun" og "Elegy for a lost star"
Jeg begynte på den andre boka forrige påske mens vi var på hyttetur og la den ikke fra meg før jeg var ferdig. Jeg spiste med den og sov vel fire timer hver natt. Ingen i familien fikk kontakt med meg, så vekk var jeg. Virkelig en genial trilogi.
Vondt i magen nesten vær dag nå
i Helse
Skrevet
Hei!
Har du sjekket om du kan ha matallergi? Noen typer matallergi har nemlig lignende symptomer, og jeg tror en del av symptomene kan dukke opp dagen etter at du har spist/drukket noe du ikke tåler også, så det trenger ikke nødvendigvis være tannkremen.
Det kan også være at du er allergisk mot noe i tannkremen, uansett kan leger gjøre tester på deg for å finne ut av det! Er også mulig du ikke får i deg nok fiber, da.
Ta deg en tur til legen og forklar det for han/henne, det er de som er kvalifisert til å finne ut av sånt i utgangspunktet.