Rare symptomer på Pc

[Theecurtains]

Hei.

Synes noe merkelige ting skjer med laptopen min om dagen. Den henger på Superantispyware og på Norman scans. Når jeg høyreklikker i tekstfelt får jeg "opem IME" option enda jeg ikke har installert noen språkpakker. Og den tråløse forbindelsen min oppfører seg også noe merkelig om dagen.

 

Det er en stund siden nå at jeg hadde noe Vundogreier på maskina mi , og da fikk jeg så god hjelp her at jeg prøver igjen..

 

-Håper noen har lyst til å se på loggene mine.

 

 

 

Klikk for å se/fjerne innholdet nedenfor

<Malwarebytes' Anti-Malware 1.33

Database version: 1656

Windows 5.1.2600 Service Pack 3

 

15.01.2009 21:38:39

mbam-log-2009-01-15 (21-38-39).txt

 

Scan type: Quick Scan

Objects scanned: 55484

Time elapsed: 8 minute(s), 8 second(s)

 

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

 

Memory Processes Infected:

(No malicious items detected)

 

Memory Modules Infected:

(No malicious items detected)

 

Registry Keys Infected:

(No malicious items detected)

 

Registry Values Infected:

(No malicious items detected)

 

Registry Data Items Infected:

(No malicious items detected)

 

Folders Infected:

(No malicious items detected)

 

Files Infected:

(No malicious items detected)

>

 

 

Klikk for å se/fjerne innholdet nedenfor

<ComboFix 09-01-13.04 - Joachim 2009-01-15 21:42:48.4 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1365 [GMT 1:00]

Running from: c:\morro\Virusrens\ComboFix.exe

AV: Norman Security Suite ver. 7.00 *On-access scanning enabled* (Updated)

FW: Norman Personal Firewall v. 1.4 *enabled*

FW: Personal Firewall *enabled*

* Created a new restore point

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

 

((((((((((((((((((((((((( Files Created from 2008-12-15 to 2009-01-15 )))))))))))))))))))))))))))))))

.

 

2009-01-15 21:27 . 2009-01-15 21:27 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

2009-01-15 21:27 . 2009-01-15 21:27 <DIR> d-------- c:\documents and settings\Joachim\Application Data\Malwarebytes

2009-01-15 21:27 . 2009-01-15 21:27 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-01-15 21:27 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys

2009-01-15 21:27 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys

2009-01-15 17:55 . 2008-11-17 07:23 3,636,864 --a------ c:\windows\system32\drivers\NETw5x32.sys

2009-01-15 17:55 . 2008-06-20 09:33 2,756,608 --a------ c:\windows\system32\NETw5r32.dll

2009-01-15 17:55 . 2008-06-20 09:32 663,552 --a------ c:\windows\system32\NETw5c32.dll

2009-01-15 15:31 . 2009-01-15 15:31 3,750 --a------ C:\WirelessDiagLog.csv

2009-01-14 18:44 . 2009-01-14 18:44 <DIR> d-------- c:\documents and settings\Joachim\Application Data\Ahead

2009-01-14 13:44 . 2009-01-14 13:44 <DIR> d-------- c:\program files\uTorrent

2009-01-14 13:44 . 2009-01-14 20:28 <DIR> d-------- c:\documents and settings\Joachim\Application Data\uTorrent

2009-01-12 21:00 . 2009-01-12 21:00 <DIR> d-------- c:\documents and settings\Joachim\Application Data\Leadertech

2009-01-12 20:59 . 2009-01-12 20:59 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf

2009-01-12 20:59 . 2009-01-12 20:59 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf

2009-01-12 20:57 . 2009-01-12 20:57 <DIR> d-------- c:\program files\Logitech

2009-01-12 20:57 . 2009-01-12 21:00 <DIR> d-------- c:\program files\Common Files\Logishrd

2009-01-12 20:56 . 2009-01-12 20:56 <DIR> d-------- c:\documents and settings\All Users\Application Data\LogiShrd

2009-01-12 19:35 . 2008-04-14 02:11 21,504 --a------ c:\windows\system32\hidserv.dll

2009-01-12 19:35 . 2008-04-14 02:11 21,504 --a------ c:\windows\system32\dllcache\hidserv.dll

2009-01-12 16:58 . 2005-12-21 11:23 14,592 --a------ c:\windows\system32\drivers\USBICP.sys

2009-01-12 15:01 . 2009-01-12 15:01 <DIR> d-------- c:\program files\FMS

2009-01-11 11:45 . 2005-01-28 11:49 106,496 --a------ c:\windows\system32\GUStrLib.dll

2009-01-03 17:50 . 2009-01-15 00:13 <DIR> d-------- c:\program files\Atari

2008-12-23 14:45 . 2008-12-23 14:45 <DIR> d--h----- c:\windows\PIF

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-01-15 17:49 --------- d-----w c:\documents and settings\Joachim\Application Data\SUPERAntiSpyware.com

2009-01-15 17:47 --------- d-----w c:\program files\Norman

2009-01-15 16:52 --------- d-----w c:\program files\SystemRequirementsLab

2009-01-12 21:52 201,352 ----a-w c:\windows\system32\PnkBstrB.exe

2009-01-12 21:52 140,216 ----a-w c:\windows\system32\drivers\PnkBstrK.sys

2009-01-12 16:55 --------- d--h--w c:\program files\InstallShield Installation Information

2008-12-14 20:40 --------- d-----w c:\documents and settings\Joachim\Application Data\Skype

2008-12-14 11:28 410,984 ----a-w c:\windows\system32\deploytk.dll

2008-12-14 11:28 --------- d-----w c:\program files\Java

2008-12-14 11:17 --------- d-----w c:\documents and settings\Joachim\Application Data\OpenOffice.org2

2008-12-13 06:40 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll

2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys

2008-12-11 10:57 333,952 ------w c:\windows\system32\dllcache\srv.sys

2008-12-09 11:51 --------- d-----w c:\program files\EA GAMES

2008-12-09 11:51 --------- d-----w c:\documents and settings\Joachim\Application Data\InstallShield Installation Information

2008-10-24 11:21 455,296 ------w c:\windows\system32\dllcache\mrxsmb.sys

2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll

2008-10-23 12:36 286,720 ------w c:\windows\system32\dllcache\gdi32.dll

2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll

2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll

2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll

2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll

2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll

2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll

2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll

2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll

2008-10-16 13:11 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe

2008-10-16 13:11 13,824 ----a-w c:\windows\system32\dllcache\ieudinit.exe

2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll

2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll

2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe

2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe

2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll

2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll

2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll

2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll

2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll

2008-10-15 16:34 337,408 ------w c:\windows\system32\dllcache\netapi32.dll

2008-10-15 07:06 633,632 ----a-w c:\windows\system32\dllcache\iexplore.exe

2008-10-15 07:04 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll

2008-05-10 13:34 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008051020080511\index.dat

.

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]

"HControl"="c:\windows\ATK0100\HControl.exe" [2006-08-23 110592]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-20 86016]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-10-20 761945]

"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]

"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-03-14 90112]

"ABLKSR"="c:\windows\ABLKSR\ABLKSR.exe" [2006-01-02 61440]

"Norman ZANDA"="c:\program files\Norman\Npm\Bin\ZLH.EXE" [2008-06-02 277616]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-14 136600]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-09-16 286720]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-07-17 c:\windows\KHALMNPR.Exe]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Logitech SetPoint.lnk - c:\program files\SetPoint\SetPoint.exe [2007-02-14 532480]

SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetpointII.exe [2007-08-30 319488]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.ffds"= ffdshow.ax

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

@=""

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk

backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update]

--a------ 2007-02-09 09:38 49520 c:\program files\ASUS\ASUS Live Update\ALU.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]

--a------ 2006-05-16 15:29 53248 c:\program files\ASUS\ATK Media\DMedia.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone]

--a------ 2006-06-29 13:40 774144 c:\program files\PowerForPhone\PowerForPhone\PowerForPhone.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2007-09-16 16:48 286720 c:\program files\QuickTime\qttask.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

 

P4 NPFSvc32;Norman Personal Firewall Service;c:\program files\Norman\npf\bin\npfsvc32.exe [2008-09-19 597104]

R0 NDIS_RD;Norman Firewall NDIS driver;c:\windows\system32\drivers\ndis_rd.sys [2007-10-09 79752]

R1 NPROSEC;Norman Security driver;c:\program files\Norman\Ngs\Bin\nprosec.sys [2008-02-04 53816]

R1 TDI_RD;Norman Firewall TDI driver;c:\windows\system32\drivers\tdi_rd.sys [2007-10-09 74624]

R3 nsesvc;Norman Scanner Engine Service;c:\program files\Norman\Nse\Bin\Nsesvc.exe [2008-06-26 322616]

R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcw32mf.sys [2007-10-09 19512]

R3 nvcoas;Norman Virus Control on-access component;c:\program files\Norman\Nvc\bin\Nvcoas.exe [2007-10-09 191544]

R3 NVCScheduler;Norman Virus Control Scheduler;c:\program files\Norman\Npm\Bin\nvcsched.exe [2008-02-04 154680]

R4 Ndiskio;Ndiskio;c:\program files\Norman\Nse\Bin\Ndiskio.sys [2007-10-09 20448]

R4 NPROSECSVC;Norman Security service;c:\program files\Norman\Ngs\Bin\nprosec.exe [2008-02-04 121912]

R4 NVOY;Norman's Very Own supplY of resources;c:\program files\Norman\Npm\Bin\nvoy.exe [2008-02-04 121912]

S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [2008-07-30 83880]

S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [2008-07-30 15016]

S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [2008-07-30 110632]

S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [2008-07-30 104616]

S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [2008-07-30 25512]

S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [2008-07-30 100648]

S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [2008-07-30 110120]

S3 UsbFltr;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys [2005-11-02 11596]

 

--- Other Services/Drivers In Memory ---

 

*Deregistered* - mchInjDrv

*Deregistered* - SASENUM

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]

\Shell\AutoRun\command - D:\Autorun.exe

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.startsiden.no/

 

c:\windows\Downloaded Program Files\sysreqlab_ind.dll - O16 -: {5727FF4C-EF4E-4d96-A96C-03AD91910448}

hxxp://www.srtest.com/srl_bin/sysreqlab_ind.cab

c:\windows\Downloaded Program Files\sysreqlab.osd

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-01-15 21:44:33

Windows 5.1.2600 Service Pack 3 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

 

[HKEY_USERS\S-1-5-21-3875562060-3375591536-2856298136-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

"??"=hex:84,9e,cd,63,ee,bc,f0,f0,ac,17,8d,d7,80,00,68,fa,cd,b7,bc,0f,6c,3f,9c,

46,f7,70,c4,f8,95,57,93,7c,44,a1,97,d0,a7,d6,de,b7,ab,0b,7f,d7,b7,a0,dc,9f,\

"??"=hex:4f,7c,35,fd,bd,69,0d,d8,45,c5,63,dc,62,2b,30,b3

 

[HKEY_USERS\S-1-5-21-3875562060-3375591536-2856298136-1004\Software\SecuROM\License information*]

"datasecu"=hex:55,93,ed,1d,c0,23,73,4d,30,c3,ad,61,1a,66,0e,fb,8a,ba,0b,f7,bf,

a9,91,c7,9a,2b,90,08,68,19,f4,35,33,d7,bc,ac,b2,72,be,52,9f,ec,b3,8a,a7,1d,\

"rkeysecu"=hex:bd,40,f1,22,ee,df,c0,f2,0c,20,6e,d5,dd,81,11,da

.

--------------------- DLLs Loaded Under Running Processes ---------------------

 

- - - - - - - > 'winlogon.exe'(1232)

c:\windows\system32\IWPDGINA.DLL

c:\program files\Intel\Wireless\Bin\SsoGnENU.dll

c:\program files\SUPERAntiSpyware\SASWINLO.DLL

c:\windows\system32\wbem\fastprox.dll

.

Completion time: 2009-01-15 21:46:05

ComboFix-quarantined-files.txt 2009-01-15 20:46:02

 

Pre-Run: 44ÿ248ÿ122ÿ368 bytes free

Post-Run: 44,997,013,504 bytes free

 

205 --- E O F --- 2009-01-15 13:23:26

>

 

 

Klikk for å se/fjerne innholdet nedenfor

<Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:50:07, on 15.01.2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\Program Files\Norman\Npm\bin\ELOGSVC.EXE

C:\Program Files\Norman\Ngs\bin\NPROSEC.EXE

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

C:\Program Files\Norman\Npm\Bin\Zanda.exe

C:\Program Files\Norman\npm\bin\nvoy.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Norman\npf\bin\npfsvc32.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\Program Files\Norman\Npm\bin\NVCSCHED.EXE

C:\Program Files\Norman\Npm\bin\NJEEVES.EXE

C:\Program Files\Norman\nse\bin\NSESVC.EXE

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\ATK0100\HControl.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe

C:\Program Files\Norman\Npm\Bin\ZLH.EXE

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Norman\Nvc\bin\nvcoas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\SetPoint\SetPoint.exe

C:\Program Files\Logitech\SetPoint II\SetpointII.exe

C:\Program Files\Norman\Nvc\Bin\Nip.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\WINDOWS\ATK0100\ATKOSD.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Norman\Nvc\Bin\cclaw.exe

C:\Program Files\Norman\npf\bin\npfuser.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\WINDOWS\system32\drwtsn32.exe

C:\WINDOWS\system32\drwtsn32.exe

C:\WINDOWS\explorer.exe

C:\Documents and Settings\Joachim\Desktop\New Folder\snikkabo.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe

O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1

O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe

O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\SetPoint\SetPoint.exe

O4 - Global Startup: SetPointII.lnk = ?

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_ind.cab

O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwa...ash/swflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Program Files\Norman\Npm\bin\ELOGSVC.EXE

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: Norman NJeeves - Norman ASA - C:\Program Files\Norman\Npm\bin\NJEEVES.EXE

O23 - Service: Norman ZANDA - Norman ASA - C:\Program Files\Norman\Npm\Bin\Zanda.exe

O23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman ASA - C:\Program Files\Norman\npf\bin\npfsvc32.exe

O23 - Service: Norman Security service (NPROSECSVC) - Norman ASA - C:\Program Files\Norman\Ngs\bin\NPROSEC.EXE

O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\nse\bin\NSESVC.EXE

O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Program Files\Norman\Nvc\bin\nvcoas.exe

O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Program Files\Norman\Npm\bin\NVCSCHED.EXE

O23 - Service: Norman's Very Own supplY of resources (NVOY) - Norman ASA - C:\Program Files\Norman\npm\bin\nvoy.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

 

--

End of file - 8912 bytes

>

Endret 15. januar 2009 av jokis

[norbat]

Ser ikke noe malware i loggene dine.

Henger anti-programmene dine ved en spesiell fil?

 

ang. IME

Endret 15. januar 2009 av norbat

[Theecurtains]

Vel,jeg er ikke sikker.

Men de stopper ikke på samme fil ivertfall. Reistallerer nå , så får vi se.

Tusen takk for at du tok deg tid!!

 

..har du noen ide om hvorfor jeg plutselig har fått det "Open IME" option når jeg høyreklikker i adressevinduet i nettleseren?

Endret 15. januar 2009 av jokis