Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ad popup problem


  • This topic is locked This topic is locked
3 replies to this topic

#1 JensP

JensP

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:09:49 PM

Posted 14 December 2008 - 05:08 PM

Hi
I am trying to help a friend with his computer that was realy slow and a lot of popups coming up when in use.
Have installed Norman antivirus and Search and destroy and they ahve found a lot of things have removed everyting and now have a clean report after running theese. But still there are ad-popups when surfing.
Also cleaned the hosts file that had nomerusly items

Most of the popups pages starts with CiD:

Here are the logs from RSIT.
INFO:
info.txt logfile of random's system information tool 1.04 2008-12-14 22:56:27

======Uninstall list======

-->"C:\Programfiler\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
-->"C:\Programfiler\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009
-->"C:\Programfiler\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0009
-->"C:\Programfiler\Creative Installation Information\E-CENTER_PLUGIN_MTP_U\Setup.exe" /remove /l0x0009
-->"C:\Programfiler\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x0009
-->"C:\Programfiler\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
-->"C:\Programfiler\mcafee.com\antivirus\uninst.exe" /PopUpMsgBox="N" /CheckMutx="N" /S
-->C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{39DA87A1-0B26-4562-A70C-2A6147366E47}\SETUP.EXE"
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\SETUP.EXE" -l0x14 ControlPanelAnyText
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{9F765BD0-B900-4EDE-A90B-61C8A9E95C42}\SETUP.EXE"
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{BAD59025-5B73-4E12-B789-0028C5A573C2}\SETUP.EXE"
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\SETUP.EXE" -l0x14 ControlPanel
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{19822917-61F6-4221-B1D0-1C3B8A06BE60}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{19822917-61F6-4221-B1D0-1C3B8A06BE60}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{7C9F6AF4-E9D9-47FE-BE4B-E637C2FCB410}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{7C9F6AF4-E9D9-47FE-BE4B-E637C2FCB410}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{9A0B5225-B59B-4D72-B3FE-71AAA693A8E2}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{9A0B5225-B59B-4D72-B3FE-71AAA693A8E2}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9 /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Access IBM Message Center-->MsiExec.exe /X{F413B3A4-EE5D-457C-BAE5-6E58D9589ED5}
Access IBM-->MsiExec.exe /X{EC6AF20D-4376-4070-BEE4-D3A0DFF7E140}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.8-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70800000002}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
ATI - Software Uninstall Utility-->C:\Programfiler\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI HYDRAVISION-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"
Blåfjell-->C:\WINDOWS\unvise32.exe C:\Programfiler\Vision Park\Blåfjell\uninstal.log
CA Pest Patrol Realtime Protection-->MsiExec.exe /X{F05A5232-CE5E-4274-AB27-44EB8105898D}
Creative MediaSource 5-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x9 /remove
Creative Removable Disk Manager-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9 /remove
Creative System Information-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
Creative ZEN V Series (R2)-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{9862E0CB-4727-4FFC-963A-E22A9E9EC10C}\SETUP.EXE" -l0x9 /remove
EMEA Wallpaper-->MsiExec.exe /I{8745DEAB-1126-42F5-9585-C66D5497B47B}
HijackThis 2.0.2-->"C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Customer Participation Program 7.0-->C:\Programfiler\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet 5700-->msiexec /x{85B1BEF2-2357-4C27-ABBE-15A1AE3AF78D}
HP Document Viewer 7.0-->C:\Programfiler\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Imaging Device Functions 7.0-->C:\Programfiler\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.5-->C:\Programfiler\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Programfiler\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0-->C:\Programfiler\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Hurtigreparasjon for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hurtigreparasjon for Windows Media Player 10 - KB895316-->"C:\WINDOWS\$NtUninstallKB895316$\spuninst\spuninst.exe"
Hurtigreparasjon for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hurtigreparasjon for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
IBM 32-bit Runtime Environment for Java 2, v1.4.2-->C:\PROGRA~1\FELLES~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{E922961C-6DB6-41DE-9FEA-426DF3E9F81C} /l1033
IBM Access Connections-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{22B71A00-4DED-11D4-A5E5-0004AC564F43}\SETUP.EXE" -l0x14 anything
IBM Active Protection System-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{72806716-7088-41B2-8FA6-717A2A164DAB}\SETUP.EXE" -l0x14 anything
IBM DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
IBM RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
IBM Rescue and Recovery with Rapid Restore-->MsiExec.exe /X{11783F13-C3A9-44A8-929B-21A476F65272}
IBM SATA Power Management Driver-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{0873B1A3-00A9-40D6-BACE-3DB4BC5DA840}\SETUP.EXE" -l0x9 anything
IBM Themes-->MsiExec.exe /I{6CE96A14-61E2-48CC-837E-22710A953ADE}
IBM ThinkPad EasyEject -->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{1297C681-92D7-40EF-93BF-03F66EC5105C}\SETUP.EXE" -l0x14 -AddRemove
IBM ThinkPad Presentasjonsstyrer-->C:\WINDOWS\IsUn0414.exe -fC:\PROGRA~1\ThinkPad\UTILIT~1\UNNPDR.isu -cC:\Programfiler\ThinkPad\Utilities\Tpinsnpd.dll
IBM ThinkPad Strømstyrer-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}\SETUP.EXE" -l0x14 -AddRemove
IBM ThinkPad Tastbordtilpasser -->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{2111B23F-7FDA-4A41-8309-E5A1663CA296}\SETUP.EXE" -l0x14 anything
IBM ThinkPad UltraNav Driver-->rundll32.exe "C:\Programfiler\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
IBM ThinkPad-konfigurering-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{FC081D4D-DF1B-4CF1-B530-027E4118D846}\SETUP.EXE" -l0x14 -AddRemove
IBM ThinkVantage Technologies Welcome Message-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{1007F41F-7D69-468E-8017-3849A5A973C2}\SETUP.EXE" -l0x14 anything
IBM TrackPoint Tilgjengelighetsfunksjoner -->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{EA664480-3844-11D5-8C25-444553540000}\SETUP.EXE"
IBM Update Connector-->MsiExec.exe /X{8D815BF3-2399-459C-B121-49373FEFB9E8}
Intel® PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
InterVideo WinDVD Creator-->"C:\Programfiler\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
InterVideo WinDVD-->"C:\Programfiler\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iPlayer Mass Storage Driver V4.3 -->C:\WINDOWS\iun6002.exe "C:\Programfiler\iPlayer Mass Storage Driver V4.3\irunin.ini"
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java™ 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Lek og Lær Engelsk-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{AE6E9245-D22D-46C6-8F3E-C573AEABD8EF}\setup.exe"
Magnus og Myggen 2-->C:\Programfiler\Magnus2\UNWISE.EXE /A C:\PROGRA~1\Magnus2\INSTALL.LOG
mCore-->MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}
mDriver-->MsiExec.exe /I{28DA872A-0848-48CF-B749-19A198157A2A}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1 Norwegian Language Pack-->MsiExec.exe /X{3EAC35F4-FF26-4123-9404-0B5B93DAB570}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Language Pack - NOR-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - NOR\install.exe
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Base Smart Card Cryptographic Service Provider-pakke-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Media Content-->MsiExec.exe /I{90300414-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Standard-->MsiExec.exe /I{91120414-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mobile Modem Assistant-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{A6B7B910-69BE-4873-8CA8-B5C37BAFE9F4}\Setup.exe" -l0x14
Mobile Phone Manager-->C:\PROGRA~1\FELLES~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{938D9C57-3CF0-4DA8-B04E-EF99501859B5} /l1044
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
Music Manager-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{5AFA4872-16B2-419E-ADCA-8E96E739115D}\setup.exe" -l0x14
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
My Station-->MsiExec.exe /I{7B3C7D6A-761A-444C-A56D-DB8D023EE63E}
Norman Virus Control-->MsiExec.exe /X{704C87B4-B089-4415-BCE0-CBE76172F104}
OCR Software by I.R.I.S 7.0-->C:\Programfiler\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
Oppdatering for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
PC-Doctor for Windows-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{1F7CCFA3-D926-4882-B2A5-A0217ED25597}\SETUP.EXE"
Picture Package-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}\setup.exe" -l0x9 UNINSTALL
Påloggingsassistent for Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
QuickTime for Windows (32-bit)-->C:\WINDOWS\QTW32DEL.EXE
QuickTime-->C:\PROGRA~1\FELLES~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{929408E6-D265-4174-805F-81D1D914E2A4} /l1044
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
SmartSync-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{5B12573C-9C90-4790-BFEE-2BC43C2EB997}\Setup.exe" UNINSTALL
Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Spybot - Search & Destroy-->"C:\Programfiler\Spybot - Search & Destroy\unins000.exe"
ThinkPad Bluetooth with Enhanced Data Rate Software-->MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679}
ThinkPad FullScreen Magnifier-->RunDll32 setupapi.dll,InstallHinfSection DefaultUninstall.NT 132 C:\Programfiler\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.inf
ThinkPad Integrated 56K Modem-->C:\Programfiler\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_05591014\HXFSETUP.EXE -U -ITkp0559K.INF
ThinkPad Power Management Driver-->RunDll32.exe tpinspm.dll,Uninstall
ThinkPad Software Installer-->_tpiu000.exe /U
Veiviser for IBM ThinkPad UltraNav-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}\SETUP.EXE" UNINSTALL
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Live installer-->MsiExec.exe /X{4218D9DC-282B-4596-BEA5-F20560C14400}
Windows Live Messenger-->MsiExec.exe /X{D70A63D1-2F54-4713-8AE6-BBD28D1A62E6}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Programfiler\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime-->"C:\Programfiler\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Programfiler\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

=====HijackThis Backups=====

O4 - HKLM\..\Run: [Telenor Online Start] "C:\Programfiler\Telenor\Online Start\Telenor.exe"

======Security center information======

AV: Norman Virus Control ver. 5.99
FW: F-Secure Anti-Virus 2005 5.10 (disabled)

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Programfiler\ThinkPad\Utilities;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programfiler\Intel\Wireless\Bin\;C:\Programfiler\ATI Technologies\ATI Control Panel;%SystemDrive%\IBMTOOLS\Python22;C:\Programfiler\PC-Doctor for Windows\services;C:\Programfiler\QuickTime\QTSystem\;%NpmLib%
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.pyo;.pyc;.py;.pyw
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"RRU"=C:\Programfiler\IBM\IBM Rapid Restore Ultra\
"PYTHONPATH"=%SystemDrive%\IBMTOOLS\utils\support;%SystemDrive%\IBMTOOLS\utils\logger
"IBMSHARE"=%SystemDrive%\IBMSHARE
"TCL_LIBRARY"=%SystemDrive%\IBMTOOLS\Python22\tcl\tcl8.4
"TK_LIBRARY"=%SystemDrive%\IBMTOOLS\Python22\tcl\tk8.4
"PYTHONCASEOK"=1
"CLASSPATH"=C:\Programfiler\Java\jre1.5.0_06\lib\ext\QTJava.zip
"QTJAVA"=C:\Programfiler\Java\jre1.5.0_06\lib\ext\QTJava.zip
"NpmLib"=C:\Programfiler\Norman\Npm\Bin

-----------------EOF-----------------

Log:
Logfile of random's system information tool 1.04 (written by random/random)
Run by eyb at 2008-12-14 22:56:10
Microsoft Windows XP Professional Service Pack 3
System drive C: has 28 GB (53%) free of 53 GB
Total RAM: 510 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:56:19, on 14.12.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe
C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe
C:\Programfiler\Norman\Npm\Bin\Elogsvc.exe
C:\Programfiler\Norman\Npm\Bin\Zanda.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programfiler\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe
C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
C:\Programfiler\Java\jre6\bin\jusched.exe
C:\Programfiler\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Programfiler\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Programfiler\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\IBMTOOLS\UTILS\ibmprc.exe
C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe
C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Programfiler\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programfiler\Norman\Npm\bin\ZLH.EXE
C:\Programfiler\Internet Explorer\IEXPLORE.EXE
C:\Programfiler\CA\PPRT\bin\ITMRTSVC.exe
C:\Programfiler\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe
C:\Programfiler\Internet Explorer\IEXPLORE.EXE
C:\Programfiler\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programfiler\Norman\Nvc\BIN\NIP.EXE
C:\Programfiler\Norman\Nvc\bin\nvcoas.exe
C:\Programfiler\Norman\Nvc\BIN\NVCSCHED.EXE
C:\Programfiler\Norman\Nvc\bin\cclaw.exe
C:\Programfiler\Internet Explorer\iexplore.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\eyb\Skrivebord\RSIT.exe
C:\Programfiler\Trend Micro\HijackThis\eyb.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fjellhamar.skole.lorenskog.no/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre6\bin\ssv.dll
O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [QCWLICON] C:\Programfiler\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Programfiler\Fellesfiler\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [UC_Start] C:\Programfiler\IBM\Updater\\ucstartup.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Programfiler\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programfiler\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SmartSync - ScheduleSync] C:\PROGRA~1\MOBILE~1\SMARTS~1\SCHEDU~1.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [IBMPRC] C:\IBMTOOLS\UTILS\ibmprc.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Browse new fork rule] C:\Documents and Settings\All Users\Programdata\Wait Find Browse New\eggs win.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Norman ZANDA] "C:\Programfiler\Norman\Npm\bin\ZLH.EXE" /LOAD /SPLASH
O4 - HKLM\..\RunOnce: [MessengerPlusLiveUninstall] "C:\DOCUME~1\eyb\LOKALE~1\Temp\MsgPlusUninstall.exe" /Cleanup
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Programfiler\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Programfiler\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TEAM SLOW] C:\DOCUME~1\eyb\PROGRA~1\PEAKSI~1\DEFYLIESSTUPID.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send til &Bluetooth - C:\Programfiler\IBM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send til &Bluetooth-enhet... - C:\Programfiler\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O15 - Trusted Zone: http://clients.playout.se
O15 - Trusted Zone: http://psswe.playout.se
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {230C3D02-DA27-11D2-8612-00A0C93EEA3C} (SAXFile FileUpload ActiveX Control) - http://www.postfoto.no/SAXFile/saxfile.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientIn...2/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.postfoto.no/aurigma/ImageUploader4.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.allfoto.no/photos/upload/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programfiler\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Programfiler\Norman\Npm\Bin\Elogsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Programfiler\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Programfiler\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe
O23 - Service: Norman NJeeves - Norman ASA - C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:\Programfiler\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Programfiler\Norman\nse\bin\NSESVC.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Programfiler\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Programfiler\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: IBM HDD APS Logging Service (TPHDEXLGSVC) - IBM Corporation - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

--
End of file - 13576 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AD49E57F918E61AF.job
C:\WINDOWS\tasks\PMTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2004-09-02 118842]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Programfiler\Java\jre6\bin\ssv.dll [2008-12-04 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Påloggingshjelp for Windows Live - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Programfiler\Java\jre6\bin\jp2ssv.dll [2008-12-04 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-04 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QCWLICON"=C:\Programfiler\ThinkPad\ConnectUtilities\QCWLICON.EXE [2005-03-18 86016]
"UpdateManager"=C:\Programfiler\Fellesfiler\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]
"UC_Start"=C:\Programfiler\IBM\Updater\\ucstartup.exe [2004-07-14 36864]
"UC_SMB"= []
"TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2005-01-24 106496]
"TPKMAPHELPER"=C:\Programfiler\ThinkPad\Utilities\TpKmapAp.exe [2004-02-04 897024]
"TPHOTKEY"=C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe [2005-03-03 94208]
"TP4EX"=C:\WINDOWS\system32\tp4ex.exe [2004-11-12 40960]
"SynTPLpr"=C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe [2004-11-08 110592]
"SynTPEnh"=C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe [2004-11-08 512000]
"SunJavaUpdateSched"=C:\Programfiler\Java\jre6\bin\jusched.exe [2008-12-04 136600]
"SmartSync - ScheduleSync"=C:\PROGRA~1\MOBILE~1\SMARTS~1\SCHEDU~1.EXE [2006-02-02 45056]
"QuickTime Task"=C:\Programfiler\QuickTime\qttask.exe [2006-04-19 155648]
"PWRMGRTR"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL []
"IBMPRC"=C:\IBMTOOLS\UTILS\ibmprc.exe [2004-12-16 90112]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-03-04 172032]
"HP Software Update"=C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"HP Component Manager"=C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2004-11-24 212992]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2004-09-02 127035]
"Browse new fork rule"=C:\Documents and Settings\All Users\Programdata\Wait Find Browse New\eggs win.exe [2008-12-14 2449408]
"ATIPTA"=C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-12-11 344064]
"Norman ZANDA"=C:\Programfiler\Norman\Npm\bin\ZLH.EXE [2008-06-02 273520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"MessengerPlusLiveUninstall"=C:\DOCUME~1\eyb\LOKALE~1\Temp\MsgPlusUninstall.exe [2008-03-17 901456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Packard Bell Data Secure"=C:\Programfiler\Packard Bell Data Secure\PBDataSecure.exe []
"CTSyncU.exe"=C:\Programfiler\Creative\Sync Manager Unicode\CTSyncU.exe [2006-08-07 700416]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"TEAM SLOW"=C:\DOCUME~1\eyb\PROGRA~1\PEAKSI~1\DEFYLIESSTUPID.exe [2008-12-03 553472]
"SpybotSD TeaTimer"=C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-11-30 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\QConGina]
C:\WINDOWS\system32\QConGina.dll [2005-03-18 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey]
C:\WINDOWS\system32\tphklock.dll [2004-08-12 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{7FFEF373-055C-4CAA-A05F-08EB7B96B450}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
pwdmon

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programfiler\IBM\Updater\jre\bin\java.exe"="C:\Programfiler\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector"
"C:\Programfiler\IBM\Updater\jre\bin\javaw.exe"="C:\Programfiler\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector"
"C:\Programfiler\IBM\Updater\ucsmb.exe"="C:\Programfiler\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector"
"C:\Programfiler\Messenger\msmsgs.exe"="C:\Programfiler\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Programfiler\Outlook Express\msimn.exe"="C:\Programfiler\Outlook Express\msimn.exe:*:Enabled:Outlook Express"
"C:\Programfiler\Internet Explorer\IEXPLORE.EXE"="C:\Programfiler\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\Programfiler\Windows Media Player\wmplayer.exe"="C:\Programfiler\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Programfiler\LimeWire\LimeWire.exe"="C:\Programfiler\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpqste08.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hposfx08.exe"="C:\Programfiler\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hposid01.exe"="C:\Programfiler\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Programfiler\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Programfiler\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Programfiler\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Programfiler\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpoews01.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Programfiler\Fellesfiler\AOL\TopSpeed\3.0\aoltpsd3.exe"="C:\Programfiler\Fellesfiler\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programfiler\Telenor\Online Start\Telenor.exe"="C:\Programfiler\Telenor\Online Start\Telenor.exe:*:Enabled:Online Start"
"C:\Programfiler\Last.fm\LastFM.exe"="C:\Programfiler\Last.fm\LastFM.exe:*:Enabled:Last.fm"
"C:\Programfiler\Windows Live\Messenger\msnmsgr.exe"="C:\Programfiler\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programfiler\Windows Live\Messenger\livecall.exe"="C:\Programfiler\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Programfiler\Telenor\Telenorhjelpen\Telenor.exe"="C:\Programfiler\Telenor\Telenorhjelpen\Telenor.exe:*:Enabled:Telenorhjelpen"
"C:\Documents and Settings\eyb\Lokale innstillinger\Temp\WZSE1.TMP\SymNRT.exe"="C:\Documents and Settings\eyb\Lokale innstillinger\Temp\WZSE1.TMP\SymNRT.exe:*:Enabled:Norton Removal Tool"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programfiler\IBM\Updater\jre\bin\java.exe"="C:\Programfiler\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector"
"C:\Programfiler\IBM\Updater\jre\bin\javaw.exe"="C:\Programfiler\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector"
"C:\Programfiler\IBM\Updater\ucsmb.exe"="C:\Programfiler\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programfiler\Windows Live\Messenger\msnmsgr.exe"="C:\Programfiler\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programfiler\Windows Live\Messenger\livecall.exe"="C:\Programfiler\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5a89b0fd-2c5c-11da-8015-806d6172696f}]
shell\AutoRun\command - D:\Programs\nu2menu\nu2menu.exe


======List of files/folders created in the last 1 months======

2008-12-14 22:56:10 ----DC---- C:\rsit
2008-12-14 21:22:43 ----DC---- C:\Programfiler\Trend Micro
2008-12-11 23:13:11 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-11 23:13:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-11 23:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-11 23:07:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-11 23:07:16 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-11 23:06:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-08 09:41:30 ----DC---- C:\WINDOWS\Prefetch
2008-12-08 09:02:19 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-08 09:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-08 09:02:00 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-08 09:01:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-08 09:01:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-08 09:01:33 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-08 09:01:23 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-08 09:01:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-08 09:01:04 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-08 09:00:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-12-08 09:00:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-08 09:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-08 09:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-12-08 09:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-08 09:00:14 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-08 09:00:05 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-08 08:59:55 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-08 08:59:12 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-08 08:54:27 ----AC---- C:\WINDOWS\setuplog.txt
2008-12-08 08:52:29 ----DC---- C:\WINDOWS\l2schemas
2008-12-08 08:52:28 ----DC---- C:\WINDOWS\system32\no
2008-12-08 08:52:28 ----DC---- C:\WINDOWS\system32\bits
2008-12-08 08:48:40 ----DC---- C:\WINDOWS\ServicePackFiles
2008-12-08 08:38:46 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-07 20:40:26 ----DC---- C:\Programfiler\Norman
2008-12-07 13:54:20 ----DC---- C:\Programfiler\Fellesfiler\Wise Installation Wizard
2008-12-07 13:42:15 ----SHD---- C:\WINDOWS\CSC
2008-12-07 10:08:52 ----AC---- C:\SpybotSD.Results.txt
2008-12-07 00:17:01 ----DC---- C:\Programfiler\Spybot - Search & Destroy
2008-12-07 00:17:01 ----DC---- C:\Documents and Settings\All Users\Programdata\Spybot - Search & Destroy
2008-12-06 23:41:34 ----DC---- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com
2008-12-06 23:34:05 ----DC---- C:\Documents and Settings\All Users\Programdata\Avg8
2008-12-04 22:36:33 ----DC---- C:\WINDOWS\Temporary Internet Files
2008-12-04 22:36:33 ----DC---- C:\WINDOWS\Temp
2008-12-04 22:36:33 ----DC---- C:\WINDOWS\Recent
2008-12-04 22:36:33 ----DC---- C:\WINDOWS\History
2008-12-04 22:36:33 ----DC---- C:\WINDOWS\Cookies
2008-12-04 22:36:33 ----DC---- C:\System Volume Information
2008-12-04 09:31:57 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2008-12-04 08:40:32 ----AC---- C:\WINDOWS\system32\javaws.exe
2008-12-04 08:40:32 ----AC---- C:\WINDOWS\system32\javaw.exe
2008-12-04 08:40:32 ----AC---- C:\WINDOWS\system32\java.exe
2008-12-04 08:40:32 ----AC---- C:\WINDOWS\system32\deploytk.dll
2008-12-04 03:08:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2008-12-04 03:08:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-04 03:08:41 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
2008-12-04 03:07:11 ----AC---- C:\WINDOWS\system32\MRT.INI
2008-12-04 03:02:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2008-12-04 03:01:51 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2008-12-04 03:01:04 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-12-04 03:00:57 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2008-12-04 03:00:49 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2008-12-04 03:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-12-03 20:38:41 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-12-03 20:38:35 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-12-03 20:38:29 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-12-03 20:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-12-03 20:37:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-12-03 20:37:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-12-03 20:36:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-12-03 19:18:49 ----DC---- C:\Programfiler\AVG
2008-12-03 17:59:30 ----AC---- C:\WINDOWS\system32\qrvarm.dll

======List of files/folders modified in the last 1 months======

2008-12-14 22:27:32 ----SDC---- C:\WINDOWS\Downloaded Program Files
2008-12-14 21:22:43 ----RDC---- C:\Programfiler
2008-12-14 21:03:10 ----AC---- C:\WINDOWS\win.ini
2008-12-14 20:54:56 ----DC---- C:\Programfiler\Messenger Plus! Live
2008-12-14 20:51:19 ----DC---- C:\WINDOWS\system32\CatRoot2
2008-12-14 20:26:43 ----ADC---- C:\WINDOWS\system32
2008-12-12 10:00:38 ----DC---- C:\WINDOWS\system32\drivers
2008-12-12 09:59:32 ----ADC---- C:\WINDOWS
2008-12-12 08:57:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-11 23:41:09 ----DC---- C:\Programfiler\Internet Explorer
2008-12-11 23:13:14 ----HDC---- C:\WINDOWS\inf
2008-12-11 23:13:05 ----AC---- C:\WINDOWS\imsins.BAK
2008-12-11 23:13:03 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-11 23:12:13 ----DC---- C:\WINDOWS\ie7updates
2008-12-11 23:11:56 ----HDC---- C:\WINDOWS\$hf_mig$
2008-12-11 23:11:42 ----SHDC---- C:\WINDOWS\Installer
2008-12-11 23:11:42 ----SHDC---- C:\Config.Msi
2008-12-10 00:24:37 ----AC---- C:\WINDOWS\system32\MRT.exe
2008-12-08 10:15:01 ----DC---- C:\WINDOWS\Debug
2008-12-08 09:42:01 ----AC---- C:\WINDOWS\OEWABLog.txt
2008-12-08 09:40:56 ----RSDC---- C:\WINDOWS\Fonts
2008-12-08 09:40:56 ----DC---- C:\WINDOWS\system32\wbem
2008-12-08 09:40:56 ----DC---- C:\WINDOWS\system32\Setup
2008-12-08 09:40:56 ----DC---- C:\WINDOWS\AppPatch
2008-12-08 09:03:14 ----DC---- C:\WINDOWS\system32\CatRoot
2008-12-08 08:59:57 ----DC---- C:\Programfiler\Messenger
2008-12-08 08:57:06 ----DC---- C:\WINDOWS\security
2008-12-08 08:53:13 ----DC---- C:\WINDOWS\WinSxS
2008-12-08 08:53:03 ----DC---- C:\WINDOWS\ehome
2008-12-08 08:52:58 ----DC---- C:\WINDOWS\system32\inetsrv
2008-12-08 08:52:57 ----DC---- C:\WINDOWS\network diagnostic
2008-12-08 08:52:57 ----DC---- C:\WINDOWS\ime
2008-12-08 08:52:57 ----DC---- C:\WINDOWS\Help
2008-12-08 08:52:32 ----DC---- C:\WINDOWS\system32\usmt
2008-12-08 08:52:32 ----DC---- C:\WINDOWS\system32\nb-no
2008-12-08 08:52:28 ----DC---- C:\WINDOWS\PeerNet
2008-12-08 08:52:28 ----DC---- C:\Programfiler\Movie Maker
2008-12-08 08:48:25 ----DC---- C:\WINDOWS\system32\Restore
2008-12-08 08:48:25 ----DC---- C:\WINDOWS\system32\npp
2008-12-08 08:48:24 ----DC---- C:\WINDOWS\msagent
2008-12-08 08:48:22 ----DC---- C:\WINDOWS\srchasst
2008-12-08 08:48:21 ----DC---- C:\Programfiler\NetMeeting
2008-12-08 08:48:20 ----DC---- C:\WINDOWS\system32\Com
2008-12-08 08:48:12 ----DC---- C:\Programfiler\Windows Media Player
2008-12-08 08:48:09 ----DC---- C:\Programfiler\Windows NT
2008-12-08 08:48:09 ----DC---- C:\Programfiler\Outlook Express
2008-12-08 08:48:05 ----DC---- C:\Programfiler\Fellesfiler\System
2008-12-08 08:47:46 ----ADC---- C:\WINDOWS\system32\oobe
2008-12-08 08:47:44 ----DC---- C:\WINDOWS\system
2008-12-08 08:43:17 ----DC---- C:\WINDOWS\system32\ReinstallBackups
2008-12-07 20:40:38 ----DC---- C:\Program Files
2008-12-07 14:48:47 ----DC---- C:\IBMSHARE
2008-12-07 13:54:20 ----DC---- C:\Programfiler\Fellesfiler
2008-12-07 13:53:04 ----AC---- C:\WINDOWS\ntbtlog.txt
2008-12-07 13:52:35 ----DC---- C:\Programfiler\Fellesfiler\Symantec Shared
2008-12-06 23:35:43 ----DC---- C:\Documents and Settings\All Users\Programdata\Telenor
2008-12-06 23:35:42 ----DC---- C:\Programfiler\Telenor
2008-12-06 23:30:20 ----DC---- C:\Documents and Settings\eyb\Programdata\Lavasoft
2008-12-05 01:29:20 ----DC---- C:\Documents and Settings\eyb\Programdata\Peaksitebend
2008-12-04 09:29:09 ----DC---- C:\Programfiler\Windows Live Toolbar
2008-12-04 09:28:42 ----SDC---- C:\WINDOWS\Tasks
2008-12-04 08:40:06 ----DC---- C:\Programfiler\Java
2008-12-03 20:28:50 ----RASHC---- C:\BOOT.INI
2008-12-03 20:28:50 ----AC---- C:\WINDOWS\system.ini
2008-12-03 19:18:16 ----DC---- C:\Programfiler\Fellesfiler\Microsoft Shared
2008-12-03 18:31:31 ----DC---- C:\Downloads
2008-12-03 18:09:16 ----DC---- C:\Documents and Settings\All Users\Programdata\Wait Find Browse New
2008-12-03 17:58:41 ----AC---- C:\WINDOWS\system32\03fe4ffa-.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ANC;ANC; C:\WINDOWS\System32\drivers\ANC.SYS [2005-03-18 11520]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 IBMTPCHK;IBMTPCHK; C:\WINDOWS\System32\drivers\IBMBLDID.SYS [2005-03-18 2432]
R1 intelppm;Intel-prosessordriver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ShockMgr;ShockMgr; C:\WINDOWS\system32\drivers\ShockMgr.sys [2004-05-14 4608]
R1 Smapint;Smapint; C:\WINDOWS\System32\drivers\Smapint.sys [2005-01-21 14848]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-07-14 5627]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-07-14 23545]
R1 TDSMAPI;TDSMAPI; C:\WINDOWS\System32\drivers\TDSMAPI.SYS [2005-01-21 9340]
R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\drivers\TPHKDRV.sys [2004-09-06 16370]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwrif.sys [2005-01-21 4442]
R1 TSMAPIP;TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2004-12-01 7168]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.1.6.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2005-08-27 17119]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-07-14 40448]
R2 EGATHDRV;IBM Access Support; \??\C:\WINDOWS\system32\EGATHDRV.SYS []
R2 ibmfilter;ibmfilter; \??\C:\WINDOWS\system32\drivers\ibmfilter.sys []
R2 irda;IrDA-protokoll; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 Ndiskio;Ndiskio; \??\C:\Programfiler\Norman\Nse\bin\NDISKIO.SYS []
R2 PMEM;PMEM; \??\C:\WINDOWS\SYSTEM32\Drivers\PMEMNT.SYS []
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2004-10-15 11354]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-09-02 25723]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-09-02 34843]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-09-02 4123]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-09-02 2271]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-09-02 86202]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-09-02 14715]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-09-02 6363]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-09-02 98714]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-09-02 100603]
R3 actser;actser; C:\WINDOWS\system32\drivers\actser.sys [2006-02-20 29440]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-05-17 133200]
R3 Arp1394;1394 ARP-klientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-11-30 873984]
R3 btaudio;Bluetooth-lydenhet; C:\WINDOWS\system32\drivers\btaudio.sys [2006-08-01 328285]
R3 BTKRNL;Bluetooth-bussenumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-08-01 851706]
R3 CmBatt;Driver for Microsoft vekselstrømsadapter; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-01-25 1038208]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-01-25 207616]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2005-11-11 10112]
R3 NIC1394;1394-nettverksdriver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NSCIRDA;NSC infrarød enhetsdriver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 NvcMFlt;NvcMFlt; C:\WINDOWS\system32\DRIVERS\nvcw32mf.sys [2008-09-02 19512]
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 Rasirda;WAN-miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-09-01 259648]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-11-08 177504]
R3 TPInput;TPInput; C:\WINDOWS\System32\DRIVERS\TPInput.sys [2004-12-02 6016]
R3 TPM;Winbond Trusted Platform Module; C:\WINDOWS\system32\DRIVERS\tpm.sys [2005-10-09 17792]
R3 usbehci;Miniportdriver for Microsoft USB 2.0 forbedret vertskontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 aktivert hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Miniportdriver for Microsoft USB universell vertskontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vsbus;Virtual Serial Bus Enumerator; C:\WINDOWS\system32\DRIVERS\vsb.sys [2006-02-20 15264]
R3 w29n51;Intel® PRO/Wireless 2915ABG nettverkstilkoblingsdriver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-02-14 3255168]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-01-25 703616]
S1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys []
S1 SASDIFSV;SASDIFSV; \??\C:\DOCUME~1\eyb\LOKALE~1\Temp\superas\SASDIFSV.SYS []
S1 SASKUTIL;SASKUTIL; \??\C:\DOCUME~1\eyb\LOKALE~1\Temp\superas\SASKUTIL.sys []
S3 ac97intc;Installasjonstjeneste for Intel® 82801-lyddriver (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2001-10-06 96768]
S3 Bridge;MAC Bridge; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;MAC Bridge Miniport; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BTDriver;Bluetooth-driver for virtuell kommunikasjon; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-08-01 30427]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-08-01 148996]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-08-01 67384]
S3 cxbu0wdm;CardMan 3x21; C:\WINDOWS\system32\DRIVERS\cxbu0wdm.sys [2006-07-11 84608]
S3 E100B;Intel® PRO-kortdriver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-10-06 117760]
S3 HidUsb;Microsoft HID-klassedriver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-11-10 1041664]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-06-03 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-06-03 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-06-03 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-06-03 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-06-03 79488]
S3 mouhid;HID-driver for mus; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-06 12160]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCTINDIS5.SYS []
S3 portio;TPM Service; C:\WINDOWS\system32\DRIVERS\NscTpmDD.sys [2004-05-19 13757]
S3 psadd;IBM PSA Access Driver; \??\C:\WINDOWS\system32\Drivers\psadd.sys []
S3 QCNDISIF;QCNDISIF; C:\WINDOWS\System32\drivers\qcndisif.SYS [2005-03-18 12288]
S3 QV2KUX;Casio digitalt kamera; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2001-08-17 3328]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
S3 SASENUM;SASENUM; \??\C:\DOCUME~1\eyb\LOKALE~1\Temp\superas\SASENUM.SYS []
S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-04-28 61600]
S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-04-28 9360]
S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-04-28 97184]
S3 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-04-28 88688]
S3 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\WINDOWS\system32\DRIVERS\se27nd5.sys [2006-04-28 18704]
S3 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-04-28 86560]
S3 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-04-28 90800]
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360]
S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 97088]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624]
S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432]
S3 SONYPVU1;Sony USB-filterdriver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 susbser;Siemens Mobile Phone; C:\WINDOWS\system32\DRIVERS\susbser.sys [2006-02-20 77056]
S3 usbccgp;Microsoft USB generell overordnet driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER-klasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-skannerdriver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB-masselagringsenhet; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\WINDOWS\System32\DRIVERS\vserial.sys [2006-02-20 47744]
S3 w550bus;Sony Ericsson W550 driver (WDM); C:\WINDOWS\system32\DRIVERS\w550bus.sys []
S3 w550mdfl;Sony Ericsson W550 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w550mdfl.sys []
S3 w550mdm;Sony Ericsson W550 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\w550mdm.sys []
S3 w550mgmt;Sony Ericsson W550 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\w550mgmt.sys []
S3 w550obex;Sony Ericsson W550 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\w550obex.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S4 agp440;Intel AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Driver for AMD AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504]
S4 sisagp;SIS AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 sr;Filterdriver for systemgjenoppretting; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]
S4 viaagp;VIA AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-11-30 425984]
R2 btwdins;Bluetooth Service; C:\Programfiler\ThinkPad\Bluetooth Software\bin\btwdins.exe [2006-08-01 266295]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 eLoggerSvc6;Norman eLogger service 6; C:\Programfiler\Norman\Npm\Bin\Elogsvc.exe [2007-08-30 150584]
R2 EvtEng;EvtEng; C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe [2005-02-18 86016]
R2 IBM Rapid Restore Ultra Service;IBM Rapid Restore Ultra Service; C:\Programfiler\IBM\IBM Rapid Restore Ultra\rrpcsb.exe [2004-12-16 385024]
R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2005-11-11 73782]
R2 Irmon;Infrarød overvåking; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ITMRTSVC;CA Pest Patrol Realtime Protection Service; C:\Programfiler\CA\PPRT\bin\ITMRTSVC.exe [2006-09-13 263696]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programfiler\Java\jre6\bin\jqs.exe [2008-12-04 152984]
R2 Norman ZANDA;Norman ZANDA; C:\Programfiler\Norman\Npm\Bin\Zanda.exe [2008-04-23 408696]
R2 QCONSVC;QCONSVC; C:\WINDOWS\System32\QCONSVC.EXE [2005-03-18 77824]
R2 RegSrvc;RegSrvc; C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe [2005-02-18 139264]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe [2005-02-18 360521]
R2 TPHDEXLGSVC;IBM HDD APS Logging Service; C:\WINDOWS\System32\TPHDEXLG.EXE [2004-05-24 77824]
R2 TpKmpSVC;IBM KCU Service; C:\WINDOWS\system32\TpKmpSVC.exe [2003-07-11 32768]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 Norman NJeeves;Norman NJeeves; C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE [2008-03-27 150584]
R3 nsesvc;Norman Scanner Engine Service; C:\Programfiler\Norman\nse\bin\NSESVC.EXE [2008-06-19 322616]
R3 nvcoas;Norman Virus Control on-access component; C:\Programfiler\Norman\Nvc\bin\nvcoas.exe [2008-04-29 183352]
R3 NVCScheduler;Norman Virus Control Scheduler; C:\Programfiler\Norman\Nvc\BIN\NVCSCHED.EXE [2008-03-11 146488]
S2 MDM;Machine Debug Manager; C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
S3 aspnet_state;Statustjeneste for ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 PsaSrv;IBM PSA Access Driver Control; C:\WINDOWS\system32\PsaSrv.exe []
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader-tjeneste; C:\Programfiler\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Programfiler\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Programfiler\Windows Media Player\WMPNetwk.exe [2006-11-15 914944]

-----------------EOF-----------------

BC AdBot (Login to Remove)

 


#2 JensP

JensP
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:09:49 PM

Posted 15 December 2008 - 02:35 AM

Hi
After posting the last I did some reading in the forum and downloaded the Mbam software.
It did find several items. Enclosed is the log BEFORE the removal:
Malwarebytes' Anti-Malware 1.31
Databaseversjon: 1500
Windows 5.1.2600 Service Pack 3

15.12.2008 07:54:19
mbam-log-2008-12-15 (07-54-08).txt

Skanntype: Full Skann (C:\|)
Objekter skannet: 161123
Tid tilbakelagt: 1 hour(s), 35 minute(s), 31 second(s)

Minneprosesser infisert: 0
Minnemoduler infisert: 0
Registernøkler infisert: 5
Registerverdier infisert: 1
Registerfiler infisert: 0
Mapper infisert: 0
Filer infisert: 3

Minneprosesser infisert:
(Ingen mistenkelige filer funnet)

Minnemoduler infisert:
(Ingen mistenkelige filer funnet)

Registernøkler infisert:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> No action taken.

Registerverdier infisert:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Browse new fork rule (Trojan.Agent) -> No action taken.

Registerfiler infisert:
(Ingen mistenkelige filer funnet)

Mapper infisert:
(Ingen mistenkelige filer funnet)

Filer infisert:
C:\Documents and Settings\All Users\Programdata\Wait Find Browse New\eggs win.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\BM0beeb818.xml (Trojan.Vundo) -> No action taken.
C:\WINDOWS\BM0beeb818.txt (Trojan.Vundo) -> No action taken.

I then selectet fix everyting and restartet the computer, performed a new scan and here is the log:

Malwarebytes' Anti-Malware 1.31
Databaseversjon: 1500
Windows 5.1.2600 Service Pack 3

15.12.2008 08:22:47
mbam-log-2008-12-15 (08-22-47).txt

Skanntype: Rask Skann
Objekter skannet: 57608
Tid tilbakelagt: 6 minute(s), 38 second(s)

Minneprosesser infisert: 0
Minnemoduler infisert: 0
Registernøkler infisert: 0
Registerverdier infisert: 0
Registerfiler infisert: 0
Mapper infisert: 0
Filer infisert: 0

Minneprosesser infisert:
(Ingen mistenkelige filer funnet)

Minnemoduler infisert:
(Ingen mistenkelige filer funnet)

Registernøkler infisert:
(Ingen mistenkelige filer funnet)

Registerverdier infisert:
(Ingen mistenkelige filer funnet)

Registerfiler infisert:
(Ingen mistenkelige filer funnet)

Mapper infisert:
(Ingen mistenkelige filer funnet)

Filer infisert:
(Ingen mistenkelige filer funnet)


Here are the new files from RSIT:
log:
Logfile of random's system information tool 1.04 (written by random/random)
Run by eyb at 2008-12-15 08:32:05
Microsoft Windows XP Professional Service Pack 3
System drive C: has 29 GB (54%) free of 53 GB
Total RAM: 510 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:32:24, on 15.12.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe
C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programfiler\Norman\Npm\Bin\Elogsvc.exe
C:\Programfiler\Norman\Npm\Bin\Zanda.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programfiler\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe
C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
C:\Programfiler\Java\jre6\bin\jusched.exe
C:\Programfiler\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Programfiler\QuickTime\qttask.exe
C:\Programfiler\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\system32\rundll32.exe
C:\IBMTOOLS\UTILS\ibmprc.exe
C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe
C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programfiler\Norman\Npm\bin\ZLH.EXE
C:\Programfiler\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe
C:\Programfiler\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Programfiler\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\Programfiler\CA\PPRT\bin\ITMRTSVC.exe
C:\Programfiler\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programfiler\Norman\Nvc\BIN\NVCSCHED.EXE
C:\Programfiler\Norman\Nvc\bin\nvcoas.exe
C:\Programfiler\Norman\Nvc\BIN\NIP.EXE
C:\Programfiler\Norman\Nvc\bin\cclaw.exe
C:\Programfiler\Internet Explorer\iexplore.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\eyb\Skrivebord\RSIT.exe
C:\Programfiler\trend micro\eyb.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fjellhamar.skole.lorenskog.no/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre6\bin\ssv.dll
O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [QCWLICON] C:\Programfiler\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Programfiler\Fellesfiler\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [UC_Start] C:\Programfiler\IBM\Updater\\ucstartup.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Programfiler\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programfiler\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SmartSync - ScheduleSync] C:\PROGRA~1\MOBILE~1\SMARTS~1\SCHEDU~1.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [IBMPRC] C:\IBMTOOLS\UTILS\ibmprc.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Norman ZANDA] "C:\Programfiler\Norman\Npm\bin\ZLH.EXE" /LOAD /SPLASH
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Programfiler\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Programfiler\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TEAM SLOW] C:\DOCUME~1\eyb\PROGRA~1\PEAKSI~1\DEFYLIESSTUPID.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send til &Bluetooth - C:\Programfiler\IBM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send til &Bluetooth-enhet... - C:\Programfiler\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O15 - Trusted Zone: http://clients.playout.se
O15 - Trusted Zone: http://psswe.playout.se
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {230C3D02-DA27-11D2-8612-00A0C93EEA3C} (SAXFile FileUpload ActiveX Control) - http://www.postfoto.no/SAXFile/saxfile.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientIn...2/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.postfoto.no/aurigma/ImageUploader4.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.allfoto.no/photos/upload/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programfiler\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Programfiler\Norman\Npm\Bin\Elogsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Programfiler\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Programfiler\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe
O23 - Service: Norman NJeeves - Norman ASA - C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:\Programfiler\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Programfiler\Norman\nse\bin\NSESVC.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Programfiler\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Programfiler\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: IBM HDD APS Logging Service (TPHDEXLGSVC) - IBM Corporation - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

--
End of file - 13313 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AD49E57F918E61AF.job
C:\WINDOWS\tasks\PMTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2004-09-02 118842]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Programfiler\Java\jre6\bin\ssv.dll [2008-12-04 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Påloggingshjelp for Windows Live - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Programfiler\Java\jre6\bin\jp2ssv.dll [2008-12-04 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-04 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QCWLICON"=C:\Programfiler\ThinkPad\ConnectUtilities\QCWLICON.EXE [2005-03-18 86016]
"UpdateManager"=C:\Programfiler\Fellesfiler\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]
"UC_Start"=C:\Programfiler\IBM\Updater\\ucstartup.exe [2004-07-14 36864]
"UC_SMB"= []
"TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2005-01-24 106496]
"TPKMAPHELPER"=C:\Programfiler\ThinkPad\Utilities\TpKmapAp.exe [2004-02-04 897024]
"TPHOTKEY"=C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe [2005-03-03 94208]
"TP4EX"=C:\WINDOWS\system32\tp4ex.exe [2004-11-12 40960]
"SynTPLpr"=C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe [2004-11-08 110592]
"SynTPEnh"=C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe [2004-11-08 512000]
"SunJavaUpdateSched"=C:\Programfiler\Java\jre6\bin\jusched.exe [2008-12-04 136600]
"SmartSync - ScheduleSync"=C:\PROGRA~1\MOBILE~1\SMARTS~1\SCHEDU~1.EXE [2006-02-02 45056]
"QuickTime Task"=C:\Programfiler\QuickTime\qttask.exe [2006-04-19 155648]
"PWRMGRTR"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL []
"IBMPRC"=C:\IBMTOOLS\UTILS\ibmprc.exe [2004-12-16 90112]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-03-04 172032]
"HP Software Update"=C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"HP Component Manager"=C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2004-11-24 212992]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2004-09-02 127035]
"ATIPTA"=C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-12-11 344064]
"Norman ZANDA"=C:\Programfiler\Norman\Npm\bin\ZLH.EXE [2008-06-02 273520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Packard Bell Data Secure"=C:\Programfiler\Packard Bell Data Secure\PBDataSecure.exe []
"CTSyncU.exe"=C:\Programfiler\Creative\Sync Manager Unicode\CTSyncU.exe [2006-08-07 700416]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"TEAM SLOW"=C:\DOCUME~1\eyb\PROGRA~1\PEAKSI~1\DEFYLIESSTUPID.exe [2008-12-03 553472]
"SpybotSD TeaTimer"=C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-11-30 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\QConGina]
C:\WINDOWS\system32\QConGina.dll [2005-03-18 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey]
C:\WINDOWS\system32\tphklock.dll [2004-08-12 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{7FFEF373-055C-4CAA-A05F-08EB7B96B450}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
pwdmon

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programfiler\IBM\Updater\jre\bin\java.exe"="C:\Programfiler\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector"
"C:\Programfiler\IBM\Updater\jre\bin\javaw.exe"="C:\Programfiler\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector"
"C:\Programfiler\IBM\Updater\ucsmb.exe"="C:\Programfiler\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector"
"C:\Programfiler\Messenger\msmsgs.exe"="C:\Programfiler\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Programfiler\Outlook Express\msimn.exe"="C:\Programfiler\Outlook Express\msimn.exe:*:Enabled:Outlook Express"
"C:\Programfiler\Internet Explorer\IEXPLORE.EXE"="C:\Programfiler\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\Programfiler\Windows Media Player\wmplayer.exe"="C:\Programfiler\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Programfiler\LimeWire\LimeWire.exe"="C:\Programfiler\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpqste08.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hposfx08.exe"="C:\Programfiler\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hposid01.exe"="C:\Programfiler\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Programfiler\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Programfiler\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Programfiler\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Programfiler\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpoews01.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Programfiler\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Programfiler\Fellesfiler\AOL\TopSpeed\3.0\aoltpsd3.exe"="C:\Programfiler\Fellesfiler\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programfiler\Telenor\Online Start\Telenor.exe"="C:\Programfiler\Telenor\Online Start\Telenor.exe:*:Enabled:Online Start"
"C:\Programfiler\Last.fm\LastFM.exe"="C:\Programfiler\Last.fm\LastFM.exe:*:Enabled:Last.fm"
"C:\Programfiler\Windows Live\Messenger\msnmsgr.exe"="C:\Programfiler\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programfiler\Windows Live\Messenger\livecall.exe"="C:\Programfiler\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Programfiler\Telenor\Telenorhjelpen\Telenor.exe"="C:\Programfiler\Telenor\Telenorhjelpen\Telenor.exe:*:Enabled:Telenorhjelpen"
"C:\Documents and Settings\eyb\Lokale innstillinger\Temp\WZSE1.TMP\SymNRT.exe"="C:\Documents and Settings\eyb\Lokale innstillinger\Temp\WZSE1.TMP\SymNRT.exe:*:Enabled:Norton Removal Tool"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programfiler\IBM\Updater\jre\bin\java.exe"="C:\Programfiler\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector"
"C:\Programfiler\IBM\Updater\jre\bin\javaw.exe"="C:\Programfiler\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector"
"C:\Programfiler\IBM\Updater\ucsmb.exe"="C:\Programfiler\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programfiler\Windows Live\Messenger\msnmsgr.exe"="C:\Programfiler\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programfiler\Windows Live\Messenger\livecall.exe"="C:\Programfiler\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2008-12-14 23:57:21 ----DC---- C:\Documents and Settings\eyb\Programdata\Malwarebytes
2008-12-14 23:57:06 ----DC---- C:\Programfiler\Malwarebytes' Anti-Malware
2008-12-14 23:57:06 ----DC---- C:\Documents and Settings\All Users\Programdata\Malwarebytes
2008-12-14 22:56:10 ----DC---- C:\rsit
2008-12-14 21:22:43 ----DC---- C:\Programfiler\Trend Micro
2008-12-11 23:13:11 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-11 23:13:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-11 23:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-11 23:07:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-11 23:07:16 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-11 23:06:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-08 09:41:30 ----DC---- C:\WINDOWS\Prefetch
2008-12-08 09:02:19 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-08 09:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-08 09:02:00 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-08 09:01:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-08 09:01:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-08 09:01:33 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-08 09:01:23 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-08 09:01:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-08 09:01:04 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-08 09:00:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-12-08 09:00:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-08 09:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-08 09:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-12-08 09:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-08 09:00:14 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-08 09:00:05 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-08 08:59:55 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-08 08:59:12 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-08 08:54:27 ----AC---- C:\WINDOWS\setuplog.txt
2008-12-08 08:52:29 ----DC---- C:\WINDOWS\l2schemas
2008-12-08 08:52:28 ----DC---- C:\WINDOWS\system32\no
2008-12-08 08:52:28 ----DC---- C:\WINDOWS\system32\bits
2008-12-08 08:48:40 ----DC---- C:\WINDOWS\ServicePackFiles
2008-12-08 08:38:46 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-07 20:40:26 ----DC---- C:\Programfiler\Norman
2008-12-07 13:54:20 ----DC---- C:\Programfiler\Fellesfiler\Wise Installation Wizard
2008-12-07 13:42:15 ----SHD---- C:\WINDOWS\CSC
2008-12-07 10:08:52 ----AC---- C:\SpybotSD.Results.txt
2008-12-07 00:17:01 ----DC---- C:\Programfiler\Spybot - Search & Destroy
2008-12-07 00:17:01 ----DC---- C:\Documents and Settings\All Users\Programdata\Spybot - Search & Destroy
2008-12-06 23:41:34 ----DC---- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com
2008-12-06 23:34:05 ----DC---- C:\Documents and Settings\All Users\Programdata\Avg8
2008-12-04 22:36:33 ----DC---- C:\WINDOWS\Temporary Internet Files
2008-12-04 22:36:33 ----DC---- C:\WINDOWS\Temp
2008-12-04 22:36:33 ----DC---- C:\WINDOWS\Recent
2008-12-04 22:36:33 ----DC---- C:\WINDOWS\History
2008-12-04 22:36:33 ----DC---- C:\WINDOWS\Cookies
2008-12-04 22:36:33 ----DC---- C:\System Volume Information
2008-12-04 09:31:57 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2008-12-04 08:40:32 ----AC---- C:\WINDOWS\system32\javaws.exe
2008-12-04 08:40:32 ----AC---- C:\WINDOWS\system32\javaw.exe
2008-12-04 08:40:32 ----AC---- C:\WINDOWS\system32\java.exe
2008-12-04 08:40:32 ----AC---- C:\WINDOWS\system32\deploytk.dll
2008-12-04 03:08:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2008-12-04 03:08:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-04 03:08:41 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
2008-12-04 03:07:11 ----AC---- C:\WINDOWS\system32\MRT.INI
2008-12-04 03:02:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2008-12-04 03:01:51 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2008-12-04 03:01:04 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-12-04 03:00:57 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2008-12-04 03:00:49 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2008-12-04 03:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-12-03 20:38:41 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-12-03 20:38:35 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-12-03 20:38:29 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-12-03 20:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-12-03 20:37:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-12-03 20:37:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-12-03 20:36:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-12-03 19:18:49 ----DC---- C:\Programfiler\AVG

======List of files/folders modified in the last 1 months======

2008-12-15 08:05:02 ----DC---- C:\WINDOWS\system32\drivers
2008-12-15 08:03:57 ----ADC---- C:\WINDOWS
2008-12-15 08:01:40 ----RDC---- C:\Programfiler
2008-12-15 08:01:40 ----DC---- C:\Documents and Settings\All Users\Programdata\Wait Find Browse New
2008-12-15 08:01:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-15 00:28:07 ----ADC---- C:\WINDOWS\system32
2008-12-14 22:27:32 ----SDC---- C:\WINDOWS\Downloaded Program Files
2008-12-14 21:03:10 ----AC---- C:\WINDOWS\win.ini
2008-12-14 20:51:19 ----DC---- C:\WINDOWS\system32\CatRoot2
2008-12-11 23:41:09 ----DC---- C:\Programfiler\Internet Explorer
2008-12-11 23:13:14 ----HDC---- C:\WINDOWS\inf
2008-12-11 23:13:05 ----AC---- C:\WINDOWS\imsins.BAK
2008-12-11 23:13:03 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-11 23:12:13 ----DC---- C:\WINDOWS\ie7updates
2008-12-11 23:11:56 ----HDC---- C:\WINDOWS\$hf_mig$
2008-12-11 23:11:42 ----SHDC---- C:\WINDOWS\Installer
2008-12-11 23:11:42 ----SHDC---- C:\Config.Msi
2008-12-10 00:24:37 ----AC---- C:\WINDOWS\system32\MRT.exe
2008-12-08 10:15:01 ----DC---- C:\WINDOWS\Debug
2008-12-08 09:42:01 ----AC---- C:\WINDOWS\OEWABLog.txt
2008-12-08 09:40:56 ----RSDC---- C:\WINDOWS\Fonts
2008-12-08 09:40:56 ----DC---- C:\WINDOWS\system32\wbem
2008-12-08 09:40:56 ----DC---- C:\WINDOWS\system32\Setup
2008-12-08 09:40:56 ----DC---- C:\WINDOWS\AppPatch
2008-12-08 09:03:14 ----DC---- C:\WINDOWS\system32\CatRoot
2008-12-08 08:59:57 ----DC---- C:\Programfiler\Messenger
2008-12-08 08:57:06 ----DC---- C:\WINDOWS\security
2008-12-08 08:53:13 ----DC---- C:\WINDOWS\WinSxS
2008-12-08 08:53:03 ----DC---- C:\WINDOWS\ehome
2008-12-08 08:52:58 ----DC---- C:\WINDOWS\system32\inetsrv
2008-12-08 08:52:57 ----DC---- C:\WINDOWS\network diagnostic
2008-12-08 08:52:57 ----DC---- C:\WINDOWS\ime
2008-12-08 08:52:57 ----DC---- C:\WINDOWS\Help
2008-12-08 08:52:32 ----DC---- C:\WINDOWS\system32\usmt
2008-12-08 08:52:32 ----DC---- C:\WINDOWS\system32\nb-no
2008-12-08 08:52:28 ----DC---- C:\WINDOWS\PeerNet
2008-12-08 08:52:28 ----DC---- C:\Programfiler\Movie Maker
2008-12-08 08:48:25 ----DC---- C:\WINDOWS\system32\Restore
2008-12-08 08:48:25 ----DC---- C:\WINDOWS\system32\npp
2008-12-08 08:48:24 ----DC---- C:\WINDOWS\msagent
2008-12-08 08:48:22 ----DC---- C:\WINDOWS\srchasst
2008-12-08 08:48:21 ----DC---- C:\Programfiler\NetMeeting
2008-12-08 08:48:20 ----DC---- C:\WINDOWS\system32\Com
2008-12-08 08:48:12 ----DC---- C:\Programfiler\Windows Media Player
2008-12-08 08:48:09 ----DC---- C:\Programfiler\Windows NT
2008-12-08 08:48:09 ----DC---- C:\Programfiler\Outlook Express
2008-12-08 08:48:05 ----DC---- C:\Programfiler\Fellesfiler\System
2008-12-08 08:47:46 ----ADC---- C:\WINDOWS\system32\oobe
2008-12-08 08:47:44 ----DC---- C:\WINDOWS\system
2008-12-08 08:43:17 ----DC---- C:\WINDOWS\system32\ReinstallBackups
2008-12-07 20:40:38 ----DC---- C:\Program Files
2008-12-07 14:48:47 ----DC---- C:\IBMSHARE
2008-12-07 13:54:20 ----DC---- C:\Programfiler\Fellesfiler
2008-12-07 13:53:04 ----AC---- C:\WINDOWS\ntbtlog.txt
2008-12-07 13:52:35 ----DC---- C:\Programfiler\Fellesfiler\Symantec Shared
2008-12-06 23:35:43 ----DC---- C:\Documents and Settings\All Users\Programdata\Telenor
2008-12-06 23:35:42 ----DC---- C:\Programfiler\Telenor
2008-12-06 23:30:20 ----DC---- C:\Documents and Settings\eyb\Programdata\Lavasoft
2008-12-05 01:29:20 ----DC---- C:\Documents and Settings\eyb\Programdata\Peaksitebend
2008-12-04 09:29:09 ----DC---- C:\Programfiler\Windows Live Toolbar
2008-12-04 09:28:42 ----SDC---- C:\WINDOWS\Tasks
2008-12-04 08:40:06 ----DC---- C:\Programfiler\Java
2008-12-03 20:28:50 ----RASHC---- C:\BOOT.INI
2008-12-03 20:28:50 ----AC---- C:\WINDOWS\system.ini
2008-12-03 19:18:16 ----DC---- C:\Programfiler\Fellesfiler\Microsoft Shared
2008-12-03 18:31:31 ----DC---- C:\Downloads
2008-12-03 17:58:41 ----AC---- C:\WINDOWS\system32\03fe4ffa-.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ANC;ANC; C:\WINDOWS\System32\drivers\ANC.SYS [2005-03-18 11520]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 IBMTPCHK;IBMTPCHK; C:\WINDOWS\System32\drivers\IBMBLDID.SYS [2005-03-18 2432]
R1 intelppm;Intel-prosessordriver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ShockMgr;ShockMgr; C:\WINDOWS\system32\drivers\ShockMgr.sys [2004-05-14 4608]
R1 Smapint;Smapint; C:\WINDOWS\System32\drivers\Smapint.sys [2005-01-21 14848]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-07-14 5627]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-07-14 23545]
R1 TDSMAPI;TDSMAPI; C:\WINDOWS\System32\drivers\TDSMAPI.SYS [2005-01-21 9340]
R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\drivers\TPHKDRV.sys [2004-09-06 16370]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwrif.sys [2005-01-21 4442]
R1 TSMAPIP;TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2004-12-01 7168]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.1.6.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2005-08-27 17119]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-07-14 40448]
R2 ibmfilter;ibmfilter; \??\C:\WINDOWS\system32\drivers\ibmfilter.sys []
R2 irda;IrDA-protokoll; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 Ndiskio;Ndiskio; \??\C:\Programfiler\Norman\Nse\bin\NDISKIO.SYS []
R2 PMEM;PMEM; \??\C:\WINDOWS\SYSTEM32\Drivers\PMEMNT.SYS []
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2004-10-15 11354]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-09-02 25723]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-09-02 34843]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-09-02 4123]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-09-02 2271]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-09-02 86202]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-09-02 14715]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-09-02 6363]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-09-02 98714]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-09-02 100603]
R3 actser;actser; C:\WINDOWS\system32\drivers\actser.sys [2006-02-20 29440]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-05-17 133200]
R3 Arp1394;1394 ARP-klientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-11-30 873984]
R3 btaudio;Bluetooth-lydenhet; C:\WINDOWS\system32\drivers\btaudio.sys [2006-08-01 328285]
R3 BTKRNL;Bluetooth-bussenumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-08-01 851706]
R3 CmBatt;Driver for Microsoft vekselstrømsadapter; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-01-25 1038208]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-01-25 207616]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2005-11-11 10112]
R3 NIC1394;1394-nettverksdriver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NSCIRDA;NSC infrarød enhetsdriver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 NvcMFlt;NvcMFlt; C:\WINDOWS\system32\DRIVERS\nvcw32mf.sys [2008-09-02 19512]
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 Rasirda;WAN-miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-09-01 259648]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-11-08 177504]
R3 TPInput;TPInput; C:\WINDOWS\System32\DRIVERS\TPInput.sys [2004-12-02 6016]
R3 TPM;Winbond Trusted Platform Module; C:\WINDOWS\system32\DRIVERS\tpm.sys [2005-10-09 17792]
R3 usbehci;Miniportdriver for Microsoft USB 2.0 forbedret vertskontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 aktivert hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Miniportdriver for Microsoft USB universell vertskontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vsbus;Virtual Serial Bus Enumerator; C:\WINDOWS\system32\DRIVERS\vsb.sys [2006-02-20 15264]
R3 w29n51;Intel® PRO/Wireless 2915ABG nettverkstilkoblingsdriver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-02-14 3255168]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-01-25 703616]
S1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys []
S1 SASDIFSV;SASDIFSV; \??\C:\DOCUME~1\eyb\LOKALE~1\Temp\superas\SASDIFSV.SYS []
S1 SASKUTIL;SASKUTIL; \??\C:\DOCUME~1\eyb\LOKALE~1\Temp\superas\SASKUTIL.sys []
S3 ac97intc;Installasjonstjeneste for Intel® 82801-lyddriver (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2001-10-06 96768]
S3 Bridge;MAC Bridge; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;MAC Bridge Miniport; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BTDriver;Bluetooth-driver for virtuell kommunikasjon; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-08-01 30427]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-08-01 148996]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-08-01 67384]
S3 cxbu0wdm;CardMan 3x21; C:\WINDOWS\system32\DRIVERS\cxbu0wdm.sys [2006-07-11 84608]
S3 E100B;Intel® PRO-kortdriver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-10-06 117760]
S3 HidUsb;Microsoft HID-klassedriver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-11-10 1041664]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-06-03 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-06-03 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-06-03 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-06-03 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-06-03 79488]
S3 mouhid;HID-driver for mus; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-06 12160]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCTINDIS5.SYS []
S3 portio;TPM Service; C:\WINDOWS\system32\DRIVERS\NscTpmDD.sys [2004-05-19 13757]
S3 psadd;IBM PSA Access Driver; \??\C:\WINDOWS\system32\Drivers\psadd.sys []
S3 QCNDISIF;QCNDISIF; C:\WINDOWS\System32\drivers\qcndisif.SYS [2005-03-18 12288]
S3 QV2KUX;Casio digitalt kamera; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2001-08-17 3328]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
S3 SASENUM;SASENUM; \??\C:\DOCUME~1\eyb\LOKALE~1\Temp\superas\SASENUM.SYS []
S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-04-28 61600]
S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-04-28 9360]
S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-04-28 97184]
S3 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-04-28 88688]
S3 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\WINDOWS\system32\DRIVERS\se27nd5.sys [2006-04-28 18704]
S3 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-04-28 86560]
S3 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-04-28 90800]
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360]
S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 97088]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624]
S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432]
S3 SONYPVU1;Sony USB-filterdriver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 susbser;Siemens Mobile Phone; C:\WINDOWS\system32\DRIVERS\susbser.sys [2006-02-20 77056]
S3 usbccgp;Microsoft USB generell overordnet driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER-klasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-skannerdriver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB-masselagringsenhet; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\WINDOWS\System32\DRIVERS\vserial.sys [2006-02-20 47744]
S3 w550bus;Sony Ericsson W550 driver (WDM); C:\WINDOWS\system32\DRIVERS\w550bus.sys []
S3 w550mdfl;Sony Ericsson W550 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w550mdfl.sys []
S3 w550mdm;Sony Ericsson W550 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\w550mdm.sys []
S3 w550mgmt;Sony Ericsson W550 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\w550mgmt.sys []
S3 w550obex;Sony Ericsson W550 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\w550obex.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S4 agp440;Intel AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Driver for AMD AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504]
S4 sisagp;SIS AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 sr;Filterdriver for systemgjenoppretting; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]
S4 viaagp;VIA AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-11-30 425984]
R2 btwdins;Bluetooth Service; C:\Programfiler\ThinkPad\Bluetooth Software\bin\btwdins.exe [2006-08-01 266295]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 eLoggerSvc6;Norman eLogger service 6; C:\Programfiler\Norman\Npm\Bin\Elogsvc.exe [2007-08-30 150584]
R2 EvtEng;EvtEng; C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe [2005-02-18 86016]
R2 IBM Rapid Restore Ultra Service;IBM Rapid Restore Ultra Service; C:\Programfiler\IBM\IBM Rapid Restore Ultra\rrpcsb.exe [2004-12-16 385024]
R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2005-11-11 73782]
R2 Irmon;Infrarød overvåking; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ITMRTSVC;CA Pest Patrol Realtime Protection Service; C:\Programfiler\CA\PPRT\bin\ITMRTSVC.exe [2006-09-13 263696]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programfiler\Java\jre6\bin\jqs.exe [2008-12-04 152984]
R2 Norman ZANDA;Norman ZANDA; C:\Programfiler\Norman\Npm\Bin\Zanda.exe [2008-04-23 408696]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 QCONSVC;QCONSVC; C:\WINDOWS\System32\QCONSVC.EXE [2005-03-18 77824]
R2 RegSrvc;RegSrvc; C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe [2005-02-18 139264]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe [2005-02-18 360521]
R2 TPHDEXLGSVC;IBM HDD APS Logging Service; C:\WINDOWS\System32\TPHDEXLG.EXE [2004-05-24 77824]
R2 TpKmpSVC;IBM KCU Service; C:\WINDOWS\system32\TpKmpSVC.exe [2003-07-11 32768]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 Norman NJeeves;Norman NJeeves; C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE [2008-03-27 150584]
R3 nsesvc;Norman Scanner Engine Service; C:\Programfiler\Norman\nse\bin\NSESVC.EXE [2008-06-19 322616]
R3 nvcoas;Norman Virus Control on-access component; C:\Programfiler\Norman\Nvc\bin\nvcoas.exe [2008-04-29 183352]
R3 NVCScheduler;Norman Virus Control Scheduler; C:\Programfiler\Norman\Nvc\BIN\NVCSCHED.EXE [2008-03-11 146488]
S2 MDM;Machine Debug Manager; C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
S3 aspnet_state;Statustjeneste for ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 PsaSrv;IBM PSA Access Driver Control; C:\WINDOWS\system32\PsaSrv.exe []
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader-tjeneste; C:\Programfiler\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Programfiler\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Programfiler\Windows Media Player\WMPNetwk.exe [2006-11-15 914944]

-----------------EOF-----------------


Best regards
Jens

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:02:49 PM

Posted 23 December 2008 - 12:59 AM

Hello JensP,

Posted Image

Sorry about the delay.:thumbsup: If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#4 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:02:49 PM

Posted 03 January 2009 - 12:50 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users