knutarnesen Skrevet 2. april 2007 Skrevet 2. april 2007 Klikk for å se/fjerne innholdet nedenfor ComboScan v20070306.20 run by Knut Arnesen on 2007-04-02 at 20:26:06 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created ComboScan Restore Point. -- Last 5 Restore Point(s) -- 5: 2007-04-02 18:26:19 UTC - RP81 - ComboScan Restore Point 4: 2007-04-02 00:01:18 UTC - RP80 - Software Distribution Service 2.0 3: 2007-03-31 17:48:21 UTC - RP79 - Software Distribution Service 2.0 2: 2007-03-31 17:43:03 UTC - RP78 - Installed Windows Media Player 10 1: 2007-03-31 14:09:30 UTC - RP77 - Kontrollpunkt for system Performed disk cleanup. -- HijackThis (run as Knut Arnesen.exe) ---------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 20:27:32, on 02.04.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Thomson SpeedTouch\ST330\service\st330service.exe C:\Norman\Npm\bin\ELOGSVC.EXE C:\Norman\Npm\Bin\Zanda.exe C:\WINDOWS\system32\DllHost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Norman\Npf\BIN\NPFSVICE.EXE C:\Programfiler\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Hewlett-Packard\Shared\hpqwmiex.exe C:\Programfiler\Windows Media Player\WMPNetwk.exe C:\Norman\Npm\bin\NJEEVES.EXE C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Programfiler\HPQ\IAM\bin\asghost.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Thomson SpeedTouch\ST330\diagnostics\diagnostics.exe C:\Programfiler\PowerISO\PWRISOVM.EXE C:\Norman\Npm\bin\ZLH.EXE C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Norman\Npf\BIN\npfmsg2.exe C:\Programfiler\Skype\Phone\Skype.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Windows Media Player\WMPNSCFG.exe C:\Programfiler\Skype\Plugin Manager\SkypePM.exe C:\Programfiler\MSN Messenger\usnsvc.exe C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\Programfiler\uTorrent\uTorrent.exe C:\Norman\Nvc\BIN\NIP.EXE C:\Norman\Nvc\bin\nvcoas.exe C:\Norman\Nvc\BIN\NVCSCHED.EXE C:\Norman\Nvc\bin\cclaw.exe C:\Programfiler\Windows Media Player\wmplayer.exe C:\WINDOWS\system32\divxsm.exe C:\Programfiler\Internet Explorer\iexplore.exe C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\Knut Arnesen\Lokale innstillinger\Temporary Internet Files\Content.IE5\ZISBJLA6\comboscan[1].exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\PROGRA~1\HIJACK~1\Knut Arnesen.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programfiler\HPQ\IAM\Bin\ItIeAddIN.dll O4 - HKLM\..\Run: [diagnostics] "C:\Programfiler/Thomson SpeedTouch/ST330/diagnostics/diagnostics.exe" /icon -l:en O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programfiler\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Npm\bin\ZLH.EXE /LOAD /SPLASH O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [skype] "C:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Programfiler\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send til &Bluetooth - C:\Programfiler\WIDCOMM\Bluetooth-programvare\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\WIDCOMM\Bluetooth-programvare\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\WIDCOMM\Bluetooth-programvare\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra button: Poker.com - {6FDD5236-C9F0-49ef-935D-385F5E21991A} - C:\Programfiler\Poker.com\Poker.exe (HKCU) O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1158522236453 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1158522322625 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: OneCard - C:\Programfiler\HPQ\IAM\Bin\AsWlnPkg.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programfiler\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE O23 - Service: Norman Type-R - Unknown owner - C:\Norman\Npf\BIN\NPFSVICE.EXE O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - C:\Programfiler/Thomson SpeedTouch/ST330/service/st330service.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programfiler\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- File Associations ----------------------------------------------------------- .bat - batfile - "%1" %* .chm - chm.file - "C:\WINDOWS\hh.exe" %1 .cmd - cmdfile - "%1" %* .com - comfile - "%1" %* .exe - exefile - "%1" %* .hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1 .inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1 .ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1 .js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %* .lnk - lnkfile - {00021401-0000-0000-C000-000000000046} .pif - piffile - "%1" %* .reg - regfile - regedit.exe "%1" .scr - scrfile - "%1" /S .txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1 .vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %* -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- 3R ADIHdAudAddService (ADI UAA Function Driver for High Definition Audio Service) - C:\WINDOWS\system32\drivers\ADIHdAud.sys 3R AEAudioService (AEAudio Service) - C:\WINDOWS\system32\drivers\aeaudio.sys 3S alcabus (Alcatel Mobile Phones Composite Device Driver (WDM)) - C:\WINDOWS\system32\drivers\alcabus.sys 3S alcamdfl (Alcatel Mobile Phones Modem Filter) - C:\WINDOWS\system32\drivers\alcamdfl.sys 3S alcamdm (Alcatel Mobile Phones Modem Drivers) - C:\WINDOWS\system32\drivers\alcamdm.sys 1R AmdK8 (AMD-prosessordriver) - C:\WINDOWS\system32\drivers\AmdK8.sys 3S Arp1394 (1394 ARP-klientprotokoll) - C:\WINDOWS\system32\drivers\arp1394.sys 3R ati2mtag - C:\WINDOWS\system32\drivers\ati2mtag.sys 3R ATSWPDRV (AuthenTec TruePrint USB Driver (AES2500)) - C:\WINDOWS\system32\drivers\atswpdrv.sys 3S b57w2k (Broadcom NetLink Gigabit Ethernet) - C:\WINDOWS\system32\drivers\b57xp32.sys 3R BCM43XX (Driver for Broadcom 802.11-nettverkskort) - C:\WINDOWS\system32\drivers\BCMWL5.SYS 3S Bridge (MAC Bridge) - C:\WINDOWS\system32\drivers\bridge.sys 3S BridgeMP (MAC Bridge Miniport) - C:\WINDOWS\system32\drivers\bridge.sys 3R btaudio (Bluetooth-lydenhet) - C:\WINDOWS\system32\drivers\btaudio.sys 3R BTDriver (Bluetooth-driver for virtuell kommunikasjon) - C:\WINDOWS\system32\drivers\btport.sys 3R BTKRNL (Bluetooth-bussenumerator) - C:\WINDOWS\system32\drivers\btkrnl.sys 3R BTWDNDIS (Bluetooth LAN Access Server) - C:\WINDOWS\system32\drivers\btwdndis.sys 3R btwhid - C:\WINDOWS\system32\drivers\btwhid.sys 3R btwmodem (Bluetooth-modem) - C:\WINDOWS\system32\drivers\btwmodem.sys 3R BTWUSB (WIDCOMM USB Bluetooth Driver) - C:\WINDOWS\system32\drivers\btwusb.sys 3S CCDECODE (Dekoder for teksting for hørselshemmede) - C:\WINDOWS\system32\drivers\CCDECODE.sys 2R DLABOIOM - C:\WINDOWS\system32\DLA\DLABOIOM.SYS 1R DLACDBHM - C:\WINDOWS\system32\drivers\DLACDBHM.SYS 2R DLADResN - C:\WINDOWS\system32\DLA\DLADResN.SYS 2R DLAIFS_M - C:\WINDOWS\system32\DLA\DLAIFS_M.SYS 2R DLAOPIOM - C:\WINDOWS\system32\DLA\DLAOPIOM.SYS 2R DLAPoolM - C:\WINDOWS\system32\DLA\DLAPoolM.SYS 1R DLARTL_N - C:\WINDOWS\system32\drivers\DLARTL_N.SYS 2R DLAUDFAM - C:\WINDOWS\system32\DLA\DLAUDFAM.SYS 2R DLAUDF_M - C:\WINDOWS\system32\DLA\DLAUDF_M.SYS 0R DRVMCDB - C:\WINDOWS\system32\drivers\DRVMCDB.SYS 2R DRVNDDM - C:\WINDOWS\system32\drivers\DRVNDDM.SYS 1R eabfiltr - C:\WINDOWS\system32\drivers\eabfiltr.sys 3S eabusb - C:\WINDOWS\system32\drivers\EabUsb.sys 3R HBtnKey - C:\WINDOWS\system32\drivers\CPQBttn.sys 3R HDAudBus (Microsoft UAA-bussdriver for High Definition Audio) - C:\WINDOWS\system32\drivers\Hdaudbus.sys 3S HidUsb (Microsoft HID-klassedriver) - C:\WINDOWS\system32\drivers\hidusb.sys 3R HSFHWAZL - C:\WINDOWS\system32\drivers\HSFHWAZL.sys 3R HSF_DPV - C:\WINDOWS\system32\drivers\HSF_DPV.sys 3R IFXTPM - C:\WINDOWS\system32\drivers\ifxtpm.sys 1R kbdhid (Tastatur-HID-driver) - C:\WINDOWS\system32\drivers\kbdhid.sys 3S LVUSBSta (Logitech USB Monitor Filter) - C:\WINDOWS\system32\drivers\LVUSBSta.sys 2R mdmxsdk - C:\WINDOWS\system32\drivers\mdmxsdk.sys 3R mouhid (HID-driver for mus) - C:\WINDOWS\system32\drivers\mouhid.sys 3S MSTEE (Tee/Sink-to-Sink-konverterer for Microsoft Streaming) - C:\WINDOWS\system32\drivers\MSTEE.sys 3S NABTSFEC (NABTS/FEC VBI-kodek) - C:\WINDOWS\system32\drivers\NABTSFEC.sys 3S NdisIP (Microsoft TV/video-tilkobling) - C:\WINDOWS\system32\drivers\NdisIP.sys 2R Ndiskio - C:\Norman\Nse\Bin\Ndiskio.sys 0R NDIS_RD (Firewall Engine Type-R2) - C:\WINDOWS\system32\drivers\Ndis_rd.sys 3S NIC1394 (1394-nettverksdriver) - C:\WINDOWS\system32\drivers\nic1394.sys 3S nvcfsr - C:\Norman\NVC\bin\Nvcfsr.sys 3R NvcMFlt - C:\WINDOWS\system32\drivers\nvcw32mf.sys 3S nvcoafl51 - C:\Norman\NVC\bin\Nvcoafl51.sys 3S nvcoaft51 - C:\Norman\NVC\bin\Nvcoaft51.sys 3S nvcoarc51 - C:\Norman\NVC\bin\Nvcoarc51.sys 0R ohci1394 (Texas Instruments OHCI-kompatibel IEEE 1394-vertskontroller) - C:\WINDOWS\system32\drivers\ohci1394.sys 0R PxHelp20 - C:\WINDOWS\system32\drivers\pxhelp20.sys 3S QCMerced (Logitech QuickCam Communicate) - C:\WINDOWS\system32\drivers\lvcm.sys 3S Rasirda (WAN-miniport (IrDA)) - C:\WINDOWS\system32\drivers\rasirda.sys 1R SCDEmu - C:\WINDOWS\system32\drivers\scdemu.sys 3R sdbus - C:\WINDOWS\system32\drivers\sdbus.sys 3S SLIP (BDA Slip De-Framer) - C:\WINDOWS\system32\drivers\SLIP.sys 3S SMCIRDA (SMC IrCC-miniportenhetsdriver) - C:\WINDOWS\system32\drivers\smcirda.sys 0R sptd - C:\WINDOWS\system32\drivers\sptd.sys 3S streamip (BDA IPSink) - C:\WINDOWS\system32\drivers\StreamIP.sys 3R SynTP (Synaptics TouchPad Driver) - C:\WINDOWS\system32\drivers\SynTP.sys 1R TDI_RD (Firewall Engine Type-R) - C:\WINDOWS\system32\drivers\Tdi_rd.sys 3R tifm21 - C:\WINDOWS\system32\drivers\tifm21.sys 3S usbaudio (USB-lyddriver (WDM)) - C:\WINDOWS\system32\drivers\USBAUDIO.sys 3S usbccgp (Microsoft USB generell overordnet driver) - C:\WINDOWS\system32\drivers\usbccgp.sys 3R usbehci (Miniportdriver for Microsoft USB 2.0 forbedret vertskontroller) - C:\WINDOWS\system32\drivers\usbehci.sys 3R usbohci (Miniportdriver for Microsoft USB åpen vertskontroller) - C:\WINDOWS\system32\drivers\usbohci.sys 3S USBSTOR (USB-masselagringsenhet) - C:\WINDOWS\system32\drivers\USBSTOR.SYS 3S V0080Dev (Creative Camera VF0080 Driver) - C:\WINDOWS\system32\drivers\V0080Dev.sys 3R winachsf - C:\WINDOWS\system32\drivers\HSF_CNXT.sys 1R WmiAcpi (Microsoft Windows Management-grensesnitt for ACPI) - C:\WINDOWS\system32\drivers\wmiacpi.sys 3S WSTCODEC (World Standard Teletext-kodek) - C:\WINDOWS\system32\drivers\WSTCODEC.SYS 3S WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - C:\WINDOWS\system32\drivers\WudfPf.sys 3S WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - C:\WINDOWS\system32\drivers\WudfRd.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- 2R ASChannel (Local Communication Channel) - C:\WINDOWS\System32\svchost.exe -k Cognizance 3S aspnet_state (Statustjeneste for ASP.NET) - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe 2R Ati HotKey Poller - C:\WINDOWS\system32\Ati2evxx.exe 2R btwdins (Bluetooth Service) - C:\Programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe 2R eLoggerSvc6 (Norman eLogger service 6) - C:\Norman\Npm\bin\ELOGSVC.EXE 2R hpqwmiex - C:\Programfiler\Hewlett-Packard\Shared\hpqwmiex.exe 3S IDriverT (InstallDriver Table Manager) - "C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe" 2R LightScribeService (LightScribeService Direct Disc Labeling Service) - C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe 3R Norman NJeeves - C:\Norman\Npm\bin\NJEEVES.EXE 2R Norman Type-R - C:\Norman\Npf\BIN\NPFSVICE.EXE 2R Norman ZANDA - "C:\Norman\Npm\Bin\Zanda.exe" 3R nvcoas (Norman Virus Control on-access component) - C:\Norman\Nvc\bin\nvcoas.exe 3R NVCScheduler (Norman Virus Control Scheduler) - C:\Norman\Nvc\BIN\NVCSCHED.EXE 3S ose (Office Source Engine) - "C:\Programfiler\Fellesfiler\Microsoft Shared\Source Engine\OSE.EXE" 2R st330service (SpeedTouch 330 Manager) - C:\Programfiler/Thomson SpeedTouch/ST330/service/st330service.exe -service 2R StarWindService (StarWind iSCSI Service) - C:\Programfiler\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe 3R usnjsvc (Messenger Sharing Folders USN Journal Reader service) - "C:\Programfiler\MSN Messenger\usnsvc.exe" -- Scheduled Tasks ------------------------------------------------------------- 2007-02-26 13:52:28 382 --a------ C:\WINDOWS\Tasks\RegCure.job -- Files created between 2007-03-02 and 2007-04-02 ----------------------------- 2007-04-02 02:01:24 0 d-------- C:\WINDOWS\LastGood 2007-04-01 18:26:41 2560 -----n--- C:\WINDOWS\system32\drivers\cdralw2k.sys 2007-04-01 18:26:41 2432 -----n--- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2007-04-01 18:26:40 129784 -----n--- C:\WINDOWS\system32\pxafs.dll 2007-03-31 19:51:54 0 d-------- C:\Programfiler\Windows Media Connect 2<WI4DF6~1> 2007-03-31 19:49:48 0 d-------- C:\WINDOWS\system32\drivers\UMDF 2007-03-31 00:02:11 0 d-------- C:\Programfiler\uTorrent 2007-03-30 23:55:14 95288 --a------ C:\WINDOWS\system32\drivers\nvcw32mf.sys 2007-03-27 09:55:57 524288 --a------ C:\WINDOWS\system32\DivXsm.exe 2007-03-27 09:55:48 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2007-03-27 09:55:23 200704 --a------ C:\WINDOWS\system32\ssldivx.dll 2007-03-27 09:55:23 1044480 --a------ C:\WINDOWS\system32\libdivx.dll 2007-03-27 09:49:07 196608 --a------ C:\WINDOWS\system32\dtu100.dll 2007-03-27 09:49:07 73728 --a------ C:\WINDOWS\system32\dpl100.dll 2007-03-27 09:49:05 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll 2007-03-27 09:49:03 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll 2007-03-27 09:49:02 57344 --a------ C:\WINDOWS\system32\dpv11.dll 2007-03-27 09:49:02 344064 --a------ C:\WINDOWS\system32\dpus11.dll 2007-03-27 09:49:02 294912 --a------ C:\WINDOWS\system32\dpu11.dll 2007-03-27 09:49:02 294912 --a------ C:\WINDOWS\system32\dpu10.dll 2007-03-27 09:48:59 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll<DIVX_X~2.DLL> 2007-03-27 09:48:58 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll<DIVX_X~3.DLL> 2007-03-27 09:48:58 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll<DIVX_X~1.DLL> 2007-03-27 09:48:58 639066 --a------ C:\WINDOWS\system32\DivX.dll 2007-03-07 15:56:16 0 d-------- C:\Programfiler\PowerISO -- Find3M Report --------------------------------------------------------------- 2007-04-02 20:25:24 0 d-------- C:\Documents and Settings\Knut Arnesen\Programdata\uTorrent 2007-04-02 19:58:53 0 d-------- C:\Documents and Settings\Knut Arnesen\Programdata\Skype 2007-04-02 01:53:29 387980 --a------ C:\WINDOWS\system32\perfh014.dat 2007-04-02 01:53:29 61698 --a------ C:\WINDOWS\system32\perfc014.dat 2007-04-02 01:48:48 5 --a------ C:\NPF_USER.DAT 2007-04-01 18:30:29 0 d-------- C:\Programfiler\Mozilla Firefox<MOZILL~1> 2007-04-01 18:26:53 0 d-------- C:\Programfiler\DivX 2007-03-31 19:48:54 0 d-------- C:\Programfiler\Windows Media Connect<WINDOW~4> 2007-03-30 23:59:59 0 d-------- C:\Programfiler\BitComet 2007-03-27 09:55:31 118520 -----n--- C:\WINDOWS\system32\pxinsi64.exe 2007-03-27 09:55:31 116472 -----n--- C:\WINDOWS\system32\pxcpyi64.exe 2007-03-19 15:18:38 0 d---s---- C:\Documents and Settings\Knut Arnesen\Programdata\Microsoft<MICROS~1> 2007-03-16 19:13:49 0 d-------- C:\Programfiler\Winamp 2007-03-16 18:47:21 0 d-------- C:\Documents and Settings\Knut Arnesen\Programdata\LimeWire 2007-03-05 22:52:08 0 d-------- C:\Programfiler\Far Cry<FARCRY~1> 2007-02-20 19:16:23 0 d-------- C:\Programfiler\Alcohol Soft<ALCOHO~1> 2007-02-19 19:35:47 0 d-------- C:\Programfiler\Creative 2007-02-19 19:35:39 0 d--h----- C:\Programfiler\InstallShield Installation Information<INSTAL~1> 2007-02-18 20:25:24 0 d-------- C:\Documents and Settings\Knut Arnesen\Programdata\Talkback 2007-02-18 14:30:19 0 d-------- C:\Programfiler\Poker.com 2007-02-18 14:05:29 0 d-------- C:\Programfiler\Steam 2007-02-18 13:55:42 0 d-------- C:\Documents and Settings\Knut Arnesen\Programdata\vmntoolbar<VMNTOO~1> 2007-02-18 04:08:08 0 d-------- C:\Programfiler\Fellesfiler\Microsoft Shared<MICROS~1> 2007-02-17 10:49:42 0 d-------- C:\Programfiler\Skype 2007-02-17 10:15:24 0 d-------- C:\Programfiler\Fellesfiler<FELLES~1> 2007-02-17 10:15:24 0 d-------- C:\Programfiler\Fellesfiler\Skype 2007-02-16 03:40:35 124472 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe<DIVXCO~1.EXE> 2007-02-15 18:02:03 12015 --a------ C:\WINDOWS\system32\xkh1udoe84fkszi4a.dll<XKH1UD~1.DLL> 2007-02-15 18:02:03 760 --a------ C:\WINDOWS\system32\qke3kixfeflkszi4a.dll<QKE3KI~1.DLL> 2007-02-15 18:02:03 22369 --a------ C:\WINDOWS\system32\lap20nh3l4dkszi4a.dll<LAP20N~1.DLL> 2007-02-15 08:24:41 0 d-------- C:\Programfiler\RegCure 2007-02-14 17:33:15 0 d-------- C:\Programfiler\MSN Messenger<MSNMES~1> 2007-02-14 17:07:54 0 d-------- C:\Programfiler\GameSpy Arcade<GAMESP~1> 2007-02-08 14:47:48 0 d-------- C:\Programfiler\Thomson SpeedTouch<THOMSO~1> 2007-01-29 10:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe 2007-01-19 13:53:04 51056 --a------ C:\WINDOWS\system32\sirenacm.dll 2007-01-12 10:27:42 232960 --a------ C:\WINDOWS\system32\webcheck.dll 2007-01-12 10:27:42 51712 -----n--- C:\WINDOWS\system32\msfeedsbs.dll<MSFEED~1.DLL> 2007-01-12 10:27:42 458752 -----n--- C:\WINDOWS\system32\msfeeds.dll 2007-01-12 10:27:42 6054400 --a------ C:\WINDOWS\system32\ieframe.dll 2007-01-08 20:04:54 105984 --a------ C:\WINDOWS\system32\url.dll 2007-01-08 20:04:08 102400 --a------ C:\WINDOWS\system32\occache.dll 2007-01-08 20:02:04 266752 --a------ C:\WINDOWS\system32\iertutil.dll 2007-01-08 20:02:04 44544 --a------ C:\WINDOWS\system32\iernonce.dll 2007-01-08 20:02:02 384000 --a------ C:\WINDOWS\system32\iedkcs32.dll 2007-01-08 20:02:02 383488 -----n--- C:\WINDOWS\system32\ieapfltr.dll 2007-01-08 20:02:02 161792 --a------ C:\WINDOWS\system32\ieakui.dll 2007-01-08 20:02:02 230400 --a------ C:\WINDOWS\system32\ieaksie.dll 2007-01-08 20:02:02 153088 --a------ C:\WINDOWS\system32\ieakeng.dll 2007-01-08 20:01:14 17408 --a------ C:\WINDOWS\system32\corpol.dll 2007-01-08 20:00:48 124928 --a------ C:\WINDOWS\system32\advpack.dll 2007-01-08 19:08:14 56832 --a------ C:\WINDOWS\system32\ie4uinit.exe 2007-01-08 19:08:10 13824 --a------ C:\WINDOWS\system32\ieudinit.exe -- Registry Dump --------------------------------------------------------------- [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "msnmsgr"="\"C:\\Programfiler\\MSN Messenger\\MsnMsgr.Exe\" /background" "Skype"="\"C:\\Programfiler\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" "WMPNSCFG"="C:\\Programfiler\\Windows Media Player\\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "diagnostics"="\"C:\\Programfiler/Thomson SpeedTouch/ST330/diagnostics/diagnostics.exe\" /icon -l:en" "PWRISOVM.EXE"="C:\\Programfiler\\PowerISO\\PWRISOVM.EXE" "Norman ZANDA"="C:\\Norman\\Npm\\bin\\ZLH.EXE /LOAD /SPLASH" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^BTTray.lnk] "item"="BTTray" "command"="C:\\Programfiler\\WIDCOMM\\Bluetooth-programvare\\BTTray.exe " "location"="Common Startup" "path"="C:\\Documents and Settings\\All Users\\Start-meny\\Programmer\\Oppstart\\BTTray.lnk" "backup"="C:\\WINDOWS\\pss\\BTTray.lnkCommon Startup" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^DVD Check.lnk] "item"="DVD Check" "command"="C:\\Programfiler\\InterVideo\\DVD Check\\DVDCheck.exe " "location"="Common Startup" "path"="C:\\Documents and Settings\\All Users\\Start-meny\\Programmer\\Oppstart\\DVD Check.lnk" "backup"="C:\\WINDOWS\\pss\\DVD Check.lnkCommon Startup" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^Hurtigstart for Adobe Reader.lnk] "item"="Hurtigstart for Adobe Reader" "command"="C:\\Programfiler\\Adobe\\Acrobat 7.0\\Reader\\reader_sl.exe " "location"="Common Startup" "path"="C:\\Documents and Settings\\All Users\\Start-meny\\Programmer\\Oppstart\\Hurtigstart for Adobe Reader.lnk" "backup"="C:\\WINDOWS\\pss\\Hurtigstart for Adobe Reader.lnkCommon Startup" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] "item"="MsnMsgr" "command"="\"C:\\Programfiler\\MSN Messenger\\MsnMsgr.Exe\" /background" "hkey"="HKEY" "key"="Run" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] "item"="SunJavaUpdateSched" "command"="\"C:\\Programfiler\\Java\\jre1.5.0_09\\bin\\jusched.exe\"" "hkey"="HKLM" "key"="Run" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}" "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 Cognizance REG_MULTI_SZ ASChannel\0\0 WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0 -- End of ComboScan: finished at 2007-04-02 at 20:28:12 ------------------------
norbat Skrevet 2. april 2007 Skrevet 2. april 2007 (endret) Loggen ser fin ut den knutarnesen. Har du mistanke om noe eller var det bare en sjekk? EDIT: Ser du har en annen tråd - ang. noe pokersider. Det ligger en pokerrelatert sak i C:\Programfiler\Poker.com som du kan slette. Vet ikke om du har kjørt langversjonen, om du ikke har gjort det, anbefales det Du kan poste videre i tråden din, om du ønsker det :https://www.diskusjon.no/index.php?showtopic=741146 Endret 2. april 2007 av norbat
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå