knutarnesen Skrevet 2. april 2007 Del Skrevet 2. april 2007 Klikk for å se/fjerne innholdet nedenfor ComboScan v20070306.20 run by Knut Arnesen on 2007-04-02 at 20:26:06 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created ComboScan Restore Point. -- Last 5 Restore Point(s) -- 5: 2007-04-02 18:26:19 UTC - RP81 - ComboScan Restore Point 4: 2007-04-02 00:01:18 UTC - RP80 - Software Distribution Service 2.0 3: 2007-03-31 17:48:21 UTC - RP79 - Software Distribution Service 2.0 2: 2007-03-31 17:43:03 UTC - RP78 - Installed Windows Media Player 10 1: 2007-03-31 14:09:30 UTC - RP77 - Kontrollpunkt for system Performed disk cleanup. -- HijackThis (run as Knut Arnesen.exe) ---------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 20:27:32, on 02.04.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Thomson SpeedTouch\ST330\service\st330service.exe C:\Norman\Npm\bin\ELOGSVC.EXE C:\Norman\Npm\Bin\Zanda.exe C:\WINDOWS\system32\DllHost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Norman\Npf\BIN\NPFSVICE.EXE C:\Programfiler\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Hewlett-Packard\Shared\hpqwmiex.exe C:\Programfiler\Windows Media Player\WMPNetwk.exe C:\Norman\Npm\bin\NJEEVES.EXE C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Programfiler\HPQ\IAM\bin\asghost.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Thomson SpeedTouch\ST330\diagnostics\diagnostics.exe C:\Programfiler\PowerISO\PWRISOVM.EXE C:\Norman\Npm\bin\ZLH.EXE C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Norman\Npf\BIN\npfmsg2.exe C:\Programfiler\Skype\Phone\Skype.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Windows Media Player\WMPNSCFG.exe C:\Programfiler\Skype\Plugin Manager\SkypePM.exe C:\Programfiler\MSN Messenger\usnsvc.exe C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\Programfiler\uTorrent\uTorrent.exe C:\Norman\Nvc\BIN\NIP.EXE C:\Norman\Nvc\bin\nvcoas.exe C:\Norman\Nvc\BIN\NVCSCHED.EXE C:\Norman\Nvc\bin\cclaw.exe C:\Programfiler\Windows Media Player\wmplayer.exe C:\WINDOWS\system32\divxsm.exe C:\Programfiler\Internet Explorer\iexplore.exe C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\Knut Arnesen\Lokale innstillinger\Temporary Internet Files\Content.IE5\ZISBJLA6\comboscan[1].exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Programfiler\ATI Technologies\ATI.ACE\cli.exe C:\PROGRA~1\HIJACK~1\Knut Arnesen.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programfiler\HPQ\IAM\Bin\ItIeAddIN.dll O4 - HKLM\..\Run: [diagnostics] "C:\Programfiler/Thomson SpeedTouch/ST330/diagnostics/diagnostics.exe" /icon -l:en O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programfiler\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Npm\bin\ZLH.EXE /LOAD /SPLASH O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [skype] "C:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Programfiler\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send til &Bluetooth - C:\Programfiler\WIDCOMM\Bluetooth-programvare\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\WIDCOMM\Bluetooth-programvare\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\WIDCOMM\Bluetooth-programvare\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra button: Poker.com - {6FDD5236-C9F0-49ef-935D-385F5E21991A} - C:\Programfiler\Poker.com\Poker.exe (HKCU) O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1158522236453 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1158522322625 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: OneCard - C:\Programfiler\HPQ\IAM\Bin\AsWlnPkg.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programfiler\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE O23 - Service: Norman Type-R - Unknown owner - C:\Norman\Npf\BIN\NPFSVICE.EXE O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - C:\Programfiler/Thomson SpeedTouch/ST330/service/st330service.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programfiler\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- File Associations ----------------------------------------------------------- .bat - batfile - "%1" %* .chm - chm.file - "C:\WINDOWS\hh.exe" %1 .cmd - cmdfile - "%1" %* .com - comfile - "%1" %* .exe - exefile - "%1" %* .hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1 .inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1 .ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1 .js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %* .lnk - lnkfile - {00021401-0000-0000-C000-000000000046} .pif - piffile - "%1" %* .reg - regfile - regedit.exe "%1" .scr - scrfile - "%1" /S .txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1 .vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %* -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- 3R ADIHdAudAddService (ADI UAA Function Driver for High Definition Audio Service) - C:\WINDOWS\system32\drivers\ADIHdAud.sys 3R AEAudioService (AEAudio Service) - C:\WINDOWS\system32\drivers\aeaudio.sys 3S alcabus (Alcatel Mobile Phones Composite Device Driver (WDM)) - C:\WINDOWS\system32\drivers\alcabus.sys 3S alcamdfl (Alcatel Mobile Phones Modem Filter) - C:\WINDOWS\system32\drivers\alcamdfl.sys 3S alcamdm (Alcatel Mobile Phones Modem Drivers) - C:\WINDOWS\system32\drivers\alcamdm.sys 1R AmdK8 (AMD-prosessordriver) - C:\WINDOWS\system32\drivers\AmdK8.sys 3S Arp1394 (1394 ARP-klientprotokoll) - C:\WINDOWS\system32\drivers\arp1394.sys 3R ati2mtag - C:\WINDOWS\system32\drivers\ati2mtag.sys 3R ATSWPDRV (AuthenTec TruePrint USB Driver (AES2500)) - C:\WINDOWS\system32\drivers\atswpdrv.sys 3S b57w2k (Broadcom NetLink Gigabit Ethernet) - C:\WINDOWS\system32\drivers\b57xp32.sys 3R BCM43XX (Driver for Broadcom 802.11-nettverkskort) - C:\WINDOWS\system32\drivers\BCMWL5.SYS 3S Bridge (MAC Bridge) - C:\WINDOWS\system32\drivers\bridge.sys 3S BridgeMP (MAC Bridge Miniport) - C:\WINDOWS\system32\drivers\bridge.sys 3R btaudio (Bluetooth-lydenhet) - C:\WINDOWS\system32\drivers\btaudio.sys 3R BTDriver (Bluetooth-driver for virtuell kommunikasjon) - C:\WINDOWS\system32\drivers\btport.sys 3R BTKRNL (Bluetooth-bussenumerator) - C:\WINDOWS\system32\drivers\btkrnl.sys 3R BTWDNDIS (Bluetooth LAN Access Server) - C:\WINDOWS\system32\drivers\btwdndis.sys 3R btwhid - C:\WINDOWS\system32\drivers\btwhid.sys 3R btwmodem (Bluetooth-modem) - C:\WINDOWS\system32\drivers\btwmodem.sys 3R BTWUSB (WIDCOMM USB Bluetooth Driver) - C:\WINDOWS\system32\drivers\btwusb.sys 3S CCDECODE (Dekoder for teksting for hørselshemmede) - C:\WINDOWS\system32\drivers\CCDECODE.sys 2R DLABOIOM - C:\WINDOWS\system32\DLA\DLABOIOM.SYS 1R DLACDBHM - C:\WINDOWS\system32\drivers\DLACDBHM.SYS 2R DLADResN - C:\WINDOWS\system32\DLA\DLADResN.SYS 2R DLAIFS_M - C:\WINDOWS\system32\DLA\DLAIFS_M.SYS 2R DLAOPIOM - C:\WINDOWS\system32\DLA\DLAOPIOM.SYS 2R DLAPoolM - C:\WINDOWS\system32\DLA\DLAPoolM.SYS 1R DLARTL_N - C:\WINDOWS\system32\drivers\DLARTL_N.SYS 2R DLAUDFAM - C:\WINDOWS\system32\DLA\DLAUDFAM.SYS 2R DLAUDF_M - C:\WINDOWS\system32\DLA\DLAUDF_M.SYS 0R DRVMCDB - C:\WINDOWS\system32\drivers\DRVMCDB.SYS 2R DRVNDDM - C:\WINDOWS\system32\drivers\DRVNDDM.SYS 1R eabfiltr - C:\WINDOWS\system32\drivers\eabfiltr.sys 3S eabusb - C:\WINDOWS\system32\drivers\EabUsb.sys 3R HBtnKey - C:\WINDOWS\system32\drivers\CPQBttn.sys 3R HDAudBus (Microsoft UAA-bussdriver for High Definition Audio) - C:\WINDOWS\system32\drivers\Hdaudbus.sys 3S HidUsb (Microsoft HID-klassedriver) - C:\WINDOWS\system32\drivers\hidusb.sys 3R HSFHWAZL - C:\WINDOWS\system32\drivers\HSFHWAZL.sys 3R HSF_DPV - C:\WINDOWS\system32\drivers\HSF_DPV.sys 3R IFXTPM - C:\WINDOWS\system32\drivers\ifxtpm.sys 1R kbdhid (Tastatur-HID-driver) - C:\WINDOWS\system32\drivers\kbdhid.sys 3S LVUSBSta (Logitech USB Monitor Filter) - C:\WINDOWS\system32\drivers\LVUSBSta.sys 2R mdmxsdk - C:\WINDOWS\system32\drivers\mdmxsdk.sys 3R mouhid (HID-driver for mus) - C:\WINDOWS\system32\drivers\mouhid.sys 3S MSTEE (Tee/Sink-to-Sink-konverterer for Microsoft Streaming) - C:\WINDOWS\system32\drivers\MSTEE.sys 3S NABTSFEC (NABTS/FEC VBI-kodek) - C:\WINDOWS\system32\drivers\NABTSFEC.sys 3S NdisIP (Microsoft TV/video-tilkobling) - C:\WINDOWS\system32\drivers\NdisIP.sys 2R Ndiskio - C:\Norman\Nse\Bin\Ndiskio.sys 0R NDIS_RD (Firewall Engine Type-R2) - C:\WINDOWS\system32\drivers\Ndis_rd.sys 3S NIC1394 (1394-nettverksdriver) - C:\WINDOWS\system32\drivers\nic1394.sys 3S nvcfsr - C:\Norman\NVC\bin\Nvcfsr.sys 3R NvcMFlt - C:\WINDOWS\system32\drivers\nvcw32mf.sys 3S nvcoafl51 - C:\Norman\NVC\bin\Nvcoafl51.sys 3S nvcoaft51 - C:\Norman\NVC\bin\Nvcoaft51.sys 3S nvcoarc51 - C:\Norman\NVC\bin\Nvcoarc51.sys 0R ohci1394 (Texas Instruments OHCI-kompatibel IEEE 1394-vertskontroller) - C:\WINDOWS\system32\drivers\ohci1394.sys 0R PxHelp20 - C:\WINDOWS\system32\drivers\pxhelp20.sys 3S QCMerced (Logitech QuickCam Communicate) - C:\WINDOWS\system32\drivers\lvcm.sys 3S Rasirda (WAN-miniport (IrDA)) - C:\WINDOWS\system32\drivers\rasirda.sys 1R SCDEmu - C:\WINDOWS\system32\drivers\scdemu.sys 3R sdbus - C:\WINDOWS\system32\drivers\sdbus.sys 3S SLIP (BDA Slip De-Framer) - C:\WINDOWS\system32\drivers\SLIP.sys 3S SMCIRDA (SMC IrCC-miniportenhetsdriver) - C:\WINDOWS\system32\drivers\smcirda.sys 0R sptd - C:\WINDOWS\system32\drivers\sptd.sys 3S streamip (BDA IPSink) - C:\WINDOWS\system32\drivers\StreamIP.sys 3R SynTP (Synaptics TouchPad Driver) - C:\WINDOWS\system32\drivers\SynTP.sys 1R TDI_RD (Firewall Engine Type-R) - C:\WINDOWS\system32\drivers\Tdi_rd.sys 3R tifm21 - C:\WINDOWS\system32\drivers\tifm21.sys 3S usbaudio (USB-lyddriver (WDM)) - C:\WINDOWS\system32\drivers\USBAUDIO.sys 3S usbccgp (Microsoft USB generell overordnet driver) - C:\WINDOWS\system32\drivers\usbccgp.sys 3R usbehci (Miniportdriver for Microsoft USB 2.0 forbedret vertskontroller) - C:\WINDOWS\system32\drivers\usbehci.sys 3R usbohci (Miniportdriver for Microsoft USB åpen vertskontroller) - C:\WINDOWS\system32\drivers\usbohci.sys 3S USBSTOR (USB-masselagringsenhet) - C:\WINDOWS\system32\drivers\USBSTOR.SYS 3S V0080Dev (Creative Camera VF0080 Driver) - C:\WINDOWS\system32\drivers\V0080Dev.sys 3R winachsf - C:\WINDOWS\system32\drivers\HSF_CNXT.sys 1R WmiAcpi (Microsoft Windows Management-grensesnitt for ACPI) - C:\WINDOWS\system32\drivers\wmiacpi.sys 3S WSTCODEC (World Standard Teletext-kodek) - C:\WINDOWS\system32\drivers\WSTCODEC.SYS 3S WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - C:\WINDOWS\system32\drivers\WudfPf.sys 3S WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - C:\WINDOWS\system32\drivers\WudfRd.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- 2R ASChannel (Local Communication Channel) - C:\WINDOWS\System32\svchost.exe -k Cognizance 3S aspnet_state (Statustjeneste for ASP.NET) - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe 2R Ati HotKey Poller - C:\WINDOWS\system32\Ati2evxx.exe 2R btwdins (Bluetooth Service) - C:\Programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe 2R eLoggerSvc6 (Norman eLogger service 6) - C:\Norman\Npm\bin\ELOGSVC.EXE 2R hpqwmiex - C:\Programfiler\Hewlett-Packard\Shared\hpqwmiex.exe 3S IDriverT (InstallDriver Table Manager) - "C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe" 2R LightScribeService (LightScribeService Direct Disc Labeling Service) - C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe 3R Norman NJeeves - C:\Norman\Npm\bin\NJEEVES.EXE 2R Norman Type-R - C:\Norman\Npf\BIN\NPFSVICE.EXE 2R Norman ZANDA - "C:\Norman\Npm\Bin\Zanda.exe" 3R nvcoas (Norman Virus Control on-access component) - C:\Norman\Nvc\bin\nvcoas.exe 3R NVCScheduler (Norman Virus Control Scheduler) - C:\Norman\Nvc\BIN\NVCSCHED.EXE 3S ose (Office Source Engine) - "C:\Programfiler\Fellesfiler\Microsoft Shared\Source Engine\OSE.EXE" 2R st330service (SpeedTouch 330 Manager) - C:\Programfiler/Thomson SpeedTouch/ST330/service/st330service.exe -service 2R StarWindService (StarWind iSCSI Service) - C:\Programfiler\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe 3R usnjsvc (Messenger Sharing Folders USN Journal Reader service) - "C:\Programfiler\MSN Messenger\usnsvc.exe" -- Scheduled Tasks ------------------------------------------------------------- 2007-02-26 13:52:28 382 --a------ C:\WINDOWS\Tasks\RegCure.job -- Files created between 2007-03-02 and 2007-04-02 ----------------------------- 2007-04-02 02:01:24 0 d-------- C:\WINDOWS\LastGood 2007-04-01 18:26:41 2560 -----n--- C:\WINDOWS\system32\drivers\cdralw2k.sys 2007-04-01 18:26:41 2432 -----n--- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2007-04-01 18:26:40 129784 -----n--- C:\WINDOWS\system32\pxafs.dll 2007-03-31 19:51:54 0 d-------- C:\Programfiler\Windows Media Connect 2<WI4DF6~1> 2007-03-31 19:49:48 0 d-------- C:\WINDOWS\system32\drivers\UMDF 2007-03-31 00:02:11 0 d-------- C:\Programfiler\uTorrent 2007-03-30 23:55:14 95288 --a------ C:\WINDOWS\system32\drivers\nvcw32mf.sys 2007-03-27 09:55:57 524288 --a------ C:\WINDOWS\system32\DivXsm.exe 2007-03-27 09:55:48 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2007-03-27 09:55:23 200704 --a------ C:\WINDOWS\system32\ssldivx.dll 2007-03-27 09:55:23 1044480 --a------ C:\WINDOWS\system32\libdivx.dll 2007-03-27 09:49:07 196608 --a------ C:\WINDOWS\system32\dtu100.dll 2007-03-27 09:49:07 73728 --a------ C:\WINDOWS\system32\dpl100.dll 2007-03-27 09:49:05 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll 2007-03-27 09:49:03 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll 2007-03-27 09:49:02 57344 --a------ C:\WINDOWS\system32\dpv11.dll 2007-03-27 09:49:02 344064 --a------ C:\WINDOWS\system32\dpus11.dll 2007-03-27 09:49:02 294912 --a------ C:\WINDOWS\system32\dpu11.dll 2007-03-27 09:49:02 294912 --a------ C:\WINDOWS\system32\dpu10.dll 2007-03-27 09:48:59 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll<DIVX_X~2.DLL> 2007-03-27 09:48:58 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll<DIVX_X~3.DLL> 2007-03-27 09:48:58 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll<DIVX_X~1.DLL> 2007-03-27 09:48:58 639066 --a------ C:\WINDOWS\system32\DivX.dll 2007-03-07 15:56:16 0 d-------- C:\Programfiler\PowerISO -- Find3M Report --------------------------------------------------------------- 2007-04-02 20:25:24 0 d-------- C:\Documents and Settings\Knut Arnesen\Programdata\uTorrent 2007-04-02 19:58:53 0 d-------- C:\Documents and Settings\Knut Arnesen\Programdata\Skype 2007-04-02 01:53:29 387980 --a------ C:\WINDOWS\system32\perfh014.dat 2007-04-02 01:53:29 61698 --a------ C:\WINDOWS\system32\perfc014.dat 2007-04-02 01:48:48 5 --a------ C:\NPF_USER.DAT 2007-04-01 18:30:29 0 d-------- C:\Programfiler\Mozilla Firefox<MOZILL~1> 2007-04-01 18:26:53 0 d-------- C:\Programfiler\DivX 2007-03-31 19:48:54 0 d-------- C:\Programfiler\Windows Media Connect<WINDOW~4> 2007-03-30 23:59:59 0 d-------- C:\Programfiler\BitComet 2007-03-27 09:55:31 118520 -----n--- C:\WINDOWS\system32\pxinsi64.exe 2007-03-27 09:55:31 116472 -----n--- C:\WINDOWS\system32\pxcpyi64.exe 2007-03-19 15:18:38 0 d---s---- C:\Documents and Settings\Knut Arnesen\Programdata\Microsoft<MICROS~1> 2007-03-16 19:13:49 0 d-------- C:\Programfiler\Winamp 2007-03-16 18:47:21 0 d-------- C:\Documents and Settings\Knut Arnesen\Programdata\LimeWire 2007-03-05 22:52:08 0 d-------- C:\Programfiler\Far Cry<FARCRY~1> 2007-02-20 19:16:23 0 d-------- C:\Programfiler\Alcohol Soft<ALCOHO~1> 2007-02-19 19:35:47 0 d-------- C:\Programfiler\Creative 2007-02-19 19:35:39 0 d--h----- C:\Programfiler\InstallShield Installation Information<INSTAL~1> 2007-02-18 20:25:24 0 d-------- C:\Documents and Settings\Knut Arnesen\Programdata\Talkback 2007-02-18 14:30:19 0 d-------- C:\Programfiler\Poker.com 2007-02-18 14:05:29 0 d-------- C:\Programfiler\Steam 2007-02-18 13:55:42 0 d-------- C:\Documents and Settings\Knut Arnesen\Programdata\vmntoolbar<VMNTOO~1> 2007-02-18 04:08:08 0 d-------- C:\Programfiler\Fellesfiler\Microsoft Shared<MICROS~1> 2007-02-17 10:49:42 0 d-------- C:\Programfiler\Skype 2007-02-17 10:15:24 0 d-------- C:\Programfiler\Fellesfiler<FELLES~1> 2007-02-17 10:15:24 0 d-------- C:\Programfiler\Fellesfiler\Skype 2007-02-16 03:40:35 124472 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe<DIVXCO~1.EXE> 2007-02-15 18:02:03 12015 --a------ C:\WINDOWS\system32\xkh1udoe84fkszi4a.dll<XKH1UD~1.DLL> 2007-02-15 18:02:03 760 --a------ C:\WINDOWS\system32\qke3kixfeflkszi4a.dll<QKE3KI~1.DLL> 2007-02-15 18:02:03 22369 --a------ C:\WINDOWS\system32\lap20nh3l4dkszi4a.dll<LAP20N~1.DLL> 2007-02-15 08:24:41 0 d-------- C:\Programfiler\RegCure 2007-02-14 17:33:15 0 d-------- C:\Programfiler\MSN Messenger<MSNMES~1> 2007-02-14 17:07:54 0 d-------- C:\Programfiler\GameSpy Arcade<GAMESP~1> 2007-02-08 14:47:48 0 d-------- C:\Programfiler\Thomson SpeedTouch<THOMSO~1> 2007-01-29 10:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe 2007-01-19 13:53:04 51056 --a------ C:\WINDOWS\system32\sirenacm.dll 2007-01-12 10:27:42 232960 --a------ C:\WINDOWS\system32\webcheck.dll 2007-01-12 10:27:42 51712 -----n--- C:\WINDOWS\system32\msfeedsbs.dll<MSFEED~1.DLL> 2007-01-12 10:27:42 458752 -----n--- C:\WINDOWS\system32\msfeeds.dll 2007-01-12 10:27:42 6054400 --a------ C:\WINDOWS\system32\ieframe.dll 2007-01-08 20:04:54 105984 --a------ C:\WINDOWS\system32\url.dll 2007-01-08 20:04:08 102400 --a------ C:\WINDOWS\system32\occache.dll 2007-01-08 20:02:04 266752 --a------ C:\WINDOWS\system32\iertutil.dll 2007-01-08 20:02:04 44544 --a------ C:\WINDOWS\system32\iernonce.dll 2007-01-08 20:02:02 384000 --a------ C:\WINDOWS\system32\iedkcs32.dll 2007-01-08 20:02:02 383488 -----n--- C:\WINDOWS\system32\ieapfltr.dll 2007-01-08 20:02:02 161792 --a------ C:\WINDOWS\system32\ieakui.dll 2007-01-08 20:02:02 230400 --a------ C:\WINDOWS\system32\ieaksie.dll 2007-01-08 20:02:02 153088 --a------ C:\WINDOWS\system32\ieakeng.dll 2007-01-08 20:01:14 17408 --a------ C:\WINDOWS\system32\corpol.dll 2007-01-08 20:00:48 124928 --a------ C:\WINDOWS\system32\advpack.dll 2007-01-08 19:08:14 56832 --a------ C:\WINDOWS\system32\ie4uinit.exe 2007-01-08 19:08:10 13824 --a------ C:\WINDOWS\system32\ieudinit.exe -- Registry Dump --------------------------------------------------------------- [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "msnmsgr"="\"C:\\Programfiler\\MSN Messenger\\MsnMsgr.Exe\" /background" "Skype"="\"C:\\Programfiler\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" "WMPNSCFG"="C:\\Programfiler\\Windows Media Player\\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "diagnostics"="\"C:\\Programfiler/Thomson SpeedTouch/ST330/diagnostics/diagnostics.exe\" /icon -l:en" "PWRISOVM.EXE"="C:\\Programfiler\\PowerISO\\PWRISOVM.EXE" "Norman ZANDA"="C:\\Norman\\Npm\\bin\\ZLH.EXE /LOAD /SPLASH" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^BTTray.lnk] "item"="BTTray" "command"="C:\\Programfiler\\WIDCOMM\\Bluetooth-programvare\\BTTray.exe " "location"="Common Startup" "path"="C:\\Documents and Settings\\All Users\\Start-meny\\Programmer\\Oppstart\\BTTray.lnk" "backup"="C:\\WINDOWS\\pss\\BTTray.lnkCommon Startup" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^DVD Check.lnk] "item"="DVD Check" "command"="C:\\Programfiler\\InterVideo\\DVD Check\\DVDCheck.exe " "location"="Common Startup" "path"="C:\\Documents and Settings\\All Users\\Start-meny\\Programmer\\Oppstart\\DVD Check.lnk" "backup"="C:\\WINDOWS\\pss\\DVD Check.lnkCommon Startup" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^Hurtigstart for Adobe Reader.lnk] "item"="Hurtigstart for Adobe Reader" "command"="C:\\Programfiler\\Adobe\\Acrobat 7.0\\Reader\\reader_sl.exe " "location"="Common Startup" "path"="C:\\Documents and Settings\\All Users\\Start-meny\\Programmer\\Oppstart\\Hurtigstart for Adobe Reader.lnk" "backup"="C:\\WINDOWS\\pss\\Hurtigstart for Adobe Reader.lnkCommon Startup" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] "item"="MsnMsgr" "command"="\"C:\\Programfiler\\MSN Messenger\\MsnMsgr.Exe\" /background" "hkey"="HKEY" "key"="Run" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] "item"="SunJavaUpdateSched" "command"="\"C:\\Programfiler\\Java\\jre1.5.0_09\\bin\\jusched.exe\"" "hkey"="HKLM" "key"="Run" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}" "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 Cognizance REG_MULTI_SZ ASChannel\0\0 WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0 -- End of ComboScan: finished at 2007-04-02 at 20:28:12 ------------------------ Lenke til kommentar
Gjest medlem-105082 Skrevet 2. april 2007 Del Skrevet 2. april 2007 Sett i spoiler please? Lenke til kommentar
norbat Skrevet 2. april 2007 Del Skrevet 2. april 2007 (endret) Loggen ser fin ut den knutarnesen. Har du mistanke om noe eller var det bare en sjekk? EDIT: Ser du har en annen tråd - ang. noe pokersider. Det ligger en pokerrelatert sak i C:\Programfiler\Poker.com som du kan slette. Vet ikke om du har kjørt langversjonen, om du ikke har gjort det, anbefales det Du kan poste videre i tråden din, om du ønsker det :https://www.diskusjon.no/index.php?showtopic=741146 Endret 2. april 2007 av norbat Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå