Thank you for replying! I have done as you told me to do, here's the logs from the scans:Logfile of random's system information tool 1.02 (written by random/random)
Run by XXXX XXXXX XXXXXXX at 2008-09-20 22:25:06
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 5 GB (13%) free of 37 GB
Total RAM: 446 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:25:33, on 20.09.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Programfiler\Norman\Npm\bin\ELOGSVC.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\Norman\npm\bin\Zanda.exe
C:\Programfiler\Norman\npm\bin\nvoy.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Programfiler\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Acer\eManager\anbmServ.exe
C:\WINDOWS\Explorer.EXE
C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programfiler\Windows Media Player\WMPNetwk.exe
C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe
C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Programfiler\Launch Manager\QtZgAcer.EXE
C:\Programfiler\Quick GPS Connection Data Download Manager\DesktopLtoManager.exe
C:\Programfiler\Norman\Npm\Bin\ZLH.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Programfiler\iTunes\iTunesHelper.exe
C:\Programfiler\acer\eRecovery\Monitor.exe
C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\Programfiler\Windows Media Player\WMPNSCFG.exe
C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\sistray.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Programfiler\Norman\Npm\bin\NVCSCHED.EXE
C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE
C:\Programfiler\iPod\bin\iPodService.exe
C:\Programfiler\Norman\nse\bin\NSESVC.EXE
C:\WINDOWS\System32\alg.exe
C:\Programfiler\Norman\Nvc\bin\nvcoas.exe
C:\Programfiler\Norman\Nvc\Bin\Nip.exe
C:\Programfiler\Norman\Nvc\Bin\cclaw.exe
C:\Documents and Settings\XXXX XXXXX XXXXXXX\Skrivebord\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\XXXX XXXXX XXXXXXX\Mine dokumenter\XXXXXX\Program Malwarefjerning\XXXX XXXXX XXXXXXX.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.startsiden.no/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LManager] C:\Programfiler\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [Lto Manager] "C:\Programfiler\Quick GPS Connection Data Download Manager\DesktopLtoManager.exe"
O4 - HKLM\..\Run: [Norman ZANDA] "C:\Programfiler\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime Alternative\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programfiler\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Opprett mobil favoritt... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Østlendingen - {54C37C8A-F94C-47cf-9C64-E30A1A5869A3} -
www.ostlendingen.no (file missing)
O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sparebanken - {C7D284A6-39A2-452c-9373-7394527CB818} -
https://www2.sparebank1.no/portal/1802/ ... 9635358097 (file missing)
O9 - Extra button: Glåmdalen - {C9EB53EE-FB70-4b79-AB0A-701E7A4C3A35} -
www.glomdalen.no (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} -
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) -
http://www.eset.eu/buxus/docs/OnlineScanner.cabO16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) -
http://www.creative.com/softwareupdate/ ... TSUEng.cabO16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} -
O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft Terminal Services Client Control (redist)) -
O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} (O2C-Player (ELECO Software GmbH)) -
http://www.o2c.de/download/o2cplayer.cabO16 - DPF: {B91AEDBE-93DF-4017-8BB3-F1C300C0EC51} -
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} (Java Plug-in 1.5.0_08) -
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Plug-in 1.5.0_09) -
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.5.0_10) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO16 - DPF: {DC6FEBC5-0A2D-458A-A01B-5DB15EEC4305} -
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) -
http://www.creative.com/softwareupdate/ ... /CTPID.cabO20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Programfiler\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Programfiler\Norman\Npm\bin\ELOGSVC.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe
O23 - Service: Norman NJeeves - Norman ASA - C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:\Programfiler\Norman\npm\bin\Zanda.exe
O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Programfiler\Norman\nse\bin\NSESVC.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Programfiler\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Programfiler\Norman\Npm\bin\NVCSCHED.EXE
O23 - Service: Norman's Very Own supplY of resources (NVOY) - Norman ASA - C:\Programfiler\Norman\npm\bin\nvoy.exe
O23 - Service: OKI OPHF DCS Loader - Oki Data Corporation - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHFLDCS.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 10513 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_ACER-ASPIRE3003_XXXX XXXXX XXXXXXX.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-07-07 324416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"SynTPLpr"=C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe [2004-10-07 98394]
"SynTPEnh"=C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe [2004-10-07 688218]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-02-23 77824]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-10-07 88363]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"LManager"=C:\Programfiler\Launch Manager\QtZgAcer.EXE [2005-03-28 315392]
"eRecoveryService"=C:\Windows\System32\Check.exe [2005-03-23 245760]
"Lto Manager"=C:\Programfiler\Quick GPS Connection Data Download Manager\DesktopLtoManager.exe [2006-04-13 53248]
"Norman ZANDA"=C:\Programfiler\Norman\Npm\Bin\ZLH.EXE [2008-06-02 277616]
"SiSPower"=C:\WINDOWS\system32\SiSPower.dll [2005-02-25 49152]
"SiS Windows KeyHook"=C:\WINDOWS\system32\keyhook.exe [2005-03-04 32768]
"Adobe Reader Speed Launcher"=C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"QuickTime Task"=C:\Programfiler\QuickTime Alternative\qttask.exe [2008-03-28 413696]
"iTunesHelper"=C:\Programfiler\iTunes\iTunesHelper.exe [2008-03-30 267048]
"SunJavaUpdateSched"=C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"H/PC Connection Agent"=C:\PROGRA~1\MI3AA1~1\wcescomm.exe [2005-11-15 1200128]
"WMPNSCFG"=C:\Programfiler\Windows Media Player\WMPNSCFG.exe [2006-11-15 204288]
"SUPERAntiSpyware"=C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-09-03 1576176]
C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe
C:\Documents and Settings\XXXX XXXXX XXXXXXX\Start-meny\Programmer\Oppstart
Adobe Gamma.lnk - C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programfiler\Telio Phone\TelioPhone.exe"="C:\Programfiler\Telio Phone\TelioPhone.exe:*:Enabled:Telio Phone"
"C:\Programfiler\Messenger\msmsgs.exe"="C:\Programfiler\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Programfiler\MSN Messenger\msnmsgr.exe"="C:\Programfiler\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\Programfiler\MSN Messenger\msncall.exe"="C:\Programfiler\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Programfiler\Microsoft ActiveSync\rapimgr.exe"="C:\Programfiler\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Programfiler\Microsoft ActiveSync\wcescomm.exe"="C:\Programfiler\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Programfiler\Microsoft ActiveSync\WCESMgr.exe"="C:\Programfiler\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\System32\P3MelonSvr.exe"="C:\WINDOWS\System32\P3MelonSvr.exe:*:Enabled:SKT Melon Music Control"
"C:\Programfiler\UniMicro\fakt_30.exe"="C:\Programfiler\UniMicro\fakt_30.exe:*:Enabled:fakt_30"
"C:\Programfiler\iTunes\iTunes.exe"="C:\Programfiler\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Programfiler\Skype\Phone\Skype.exe"="C:\Programfiler\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programfiler\MSN Messenger\msnmsgr.exe"="C:\Programfiler\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\Programfiler\MSN Messenger\msncall.exe"="C:\Programfiler\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Programfiler\Microsoft ActiveSync\rapimgr.exe"="C:\Programfiler\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Programfiler\Microsoft ActiveSync\wcescomm.exe"="C:\Programfiler\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Programfiler\Microsoft ActiveSync\WCESMgr.exe"="C:\Programfiler\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 3 months======
2008-09-20 22:25:06 ----D---- C:\rsit
2008-09-18 18:58:01 ----D---- C:\ComboFix
2008-09-18 13:27:37 ----A---- C:\ComboFix.txt
2008-09-18 13:09:09 ----D---- C:\WINDOWS\temp
2008-09-18 13:04:52 ----D---- C:\WINDOWS\erdnt
2008-09-18 12:37:25 ----D---- C:\Documents and Settings\XXXXX XXXXX XXXXXXX\Programdata\Malwarebytes
2008-09-18 00:06:10 ----D---- C:\Programfiler\Trend Micro
2008-09-17 18:17:57 ----D---- C:\Documents and Settings\All Users\Programdata\Malwarebytes
2008-09-17 18:17:56 ----D---- C:\Programfiler\Malwarebytes' Anti-Malware
2008-09-12 22:07:36 ----D---- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com
2008-09-12 22:07:24 ----D---- C:\Programfiler\SUPERAntiSpyware
2008-09-12 22:07:24 ----D---- C:\Documents and Settings\XXXX XXXXX XXXXXXX\Programdata\SUPERAntiSpyware.com
2008-08-29 08:33:05 ----D---- C:\WINDOWS\Prefetch
2008-08-28 23:40:41 ----D---- C:\WINDOWS\l2schemas
2008-08-28 23:40:40 ----D---- C:\WINDOWS\system32\no
2008-08-28 23:40:39 ----D---- C:\WINDOWS\system32\bits
2008-08-28 23:37:02 ----D---- C:\WINDOWS\ServicePackFiles
2008-08-28 23:21:34 ----HD---- C:\WINDOWS\$NtServicePackUninstall$
2008-08-28 23:21:27 ----D---- C:\WINDOWS\EHome
2008-08-19 23:06:30 ----D---- C:\Programfiler\EsetOnlineScanner
2008-08-16 19:12:46 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2008-08-16 19:12:04 ----A---- C:\WINDOWS\VfwUpd.exe
2008-08-16 19:12:04 ----A---- C:\WINDOWS\Twacker.ini
2008-08-16 19:12:04 ----A---- C:\WINDOWS\system32\PD100Vfw.dll
2008-08-16 19:12:04 ----A---- C:\WINDOWS\system32\PD100Pin.dll
2008-08-16 19:12:04 ----A---- C:\WINDOWS\system32\PD100Ex.dll
2008-08-16 19:12:04 ----A---- C:\WINDOWS\system32\JpegLib.dll
2008-08-16 19:12:04 ----A---- C:\WINDOWS\system32\FpxLib.dll
2008-08-16 19:12:04 ----A---- C:\WINDOWS\system32\CamUsd.dll
2008-08-16 19:12:04 ----A---- C:\WINDOWS\PD100Cfg.exe
2008-08-16 19:12:04 ----A---- C:\WINDOWS\CtDrvIns.exe
2008-08-16 19:12:02 ----D---- C:\CtDriverInstTemp
2008-08-16 19:11:57 ----D---- C:\WebCam5
2008-08-16 19:05:56 ----A---- C:\CTSUFile.txt
2008-08-16 19:05:43 ----D---- C:\Programfiler\Creative
2008-07-16 19:52:16 ----A---- C:\WINDOWS\system32\javaws.exe
2008-07-16 19:52:16 ----A---- C:\WINDOWS\system32\javaw.exe
2008-07-16 19:52:16 ----A---- C:\WINDOWS\system32\java.exe
======List of files/folders modified in the last 3 months======
2008-09-20 10:31:20 ----A---- C:\WINDOWS\system32\eRLog.ini
2008-09-20 10:31:20 ----A---- C:\WINDOWS\ModemLog_Agere Systems AC'97 Modem.txt
2008-09-19 23:52:10 ----N---- C:\WINDOWS\SchedLgU.Txt
2008-09-18 13:13:58 ----A---- C:\WINDOWS\system.ini
2008-08-29 08:38:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-08-26 22:28:12 ----A---- C:\WINDOWS\system32\MRT.exe
2008-07-18 22:10:48 ----A---- C:\WINDOWS\system32\cdm.dll
2008-07-18 22:10:42 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-07-18 22:10:40 ----A---- C:\WINDOWS\system32\wups2.dll
2008-07-18 22:10:24 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-07-18 22:10:20 ----A---- C:\WINDOWS\system32\wups.dll
2008-07-18 22:09:46 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-07-18 22:09:44 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-07-18 22:09:44 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-07-18 22:09:42 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-07-18 22:08:56 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-07-18 22:08:52 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-07-07 22:29:50 ----A---- C:\WINDOWS\system32\es.dll
2008-06-24 18:46:40 ----A---- C:\WINDOWS\system32\mscms.dll
2008-06-24 18:12:58 ----N---- C:\WINDOWS\system32\wmpeffects.dll
2008-06-24 10:57:38 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-06-23 18:57:40 ----A---- C:\WINDOWS\system32\wininet.dll
2008-06-23 18:57:40 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-06-23 18:57:40 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-06-23 18:57:40 ----A---- C:\WINDOWS\system32\url.dll
2008-06-23 18:57:40 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-06-23 18:57:40 ----A---- C:\WINDOWS\system32\occache.dll
2008-06-23 18:57:38 ----A---- C:\WINDOWS\system32\mstime.dll
2008-06-23 18:57:38 ----A---- C:\WINDOWS\system32\msrating.dll
2008-06-23 18:57:38 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-06-23 18:57:34 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-06-23 18:57:34 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-06-23 18:57:34 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-06-23 18:57:32 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-06-23 18:57:32 ----A---- C:\WINDOWS\system32\iernonce.dll
2008-06-23 18:57:32 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-06-23 18:57:28 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2008-06-23 18:57:28 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-06-23 18:57:28 ----A---- C:\WINDOWS\system32\ieaksie.dll
2008-06-23 18:57:28 ----A---- C:\WINDOWS\system32\ieakeng.dll
2008-06-23 18:57:26 ----A---- C:\WINDOWS\system32\icardie.dll
2008-06-23 18:57:26 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-06-23 18:57:26 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-06-23 18:57:26 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-06-23 18:57:26 ----A---- C:\WINDOWS\system32\advpack.dll
2008-06-23 11:23:00 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-06-23 11:20:26 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-06-21 07:23:54 ----A---- C:\WINDOWS\system32\ieakui.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;AMD-prosessordriver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424]
R1 SASDIFSV;SASDIFSV; \??\C:\Programfiler\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Programfiler\SUPERAntiSpyware\SASKUTIL.sys []
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2005-02-25 13312]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R1 WS2IFSL;Windows Socket 2.0-støttemiljø for ikke-IFS-tjenesteleverandør; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 Ndiskio;Ndiskio; \??\C:\Programfiler\Norman\Nse\bin\NDISKIO.SYS []
R2 osanbm;osanbm; C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 4010]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-10-07 1270540]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-02-24 2311680]
R3 BCM43XX;Broadcom 802.11 Nettverkskort Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-21 369024]
R3 CmBatt;Driver for batteri med Microsoft ACPI-kontrollmetode; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2004-12-08 16896]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 HidUsb;Microsoft HID-klassedriver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 int15.sys;int15.sys; \??\C:\Programfiler\acer\eRecovery\int15.sys []
R3 mouhid;HID-driver for mus; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-06 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-08-18 6144]
R3 NvcMFlt;NvcMFlt; C:\WINDOWS\system32\DRIVERS\nvcw32mf.sys [2008-09-02 19512]
R3 SASENUM;SASENUM; \??\C:\Programfiler\SUPERAntiSpyware\SASENUM.SYS []
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2005-03-02 240640]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-07 185824]
R3 usbehci;Miniportdriver for Microsoft USB 2.0 forbedret vertskontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 aktivert hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Miniportdriver for Microsoft USB åpen vertskontroller; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekoder for teksting for hørselshemmede; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cxbu0wdm;CardMan 3x21; C:\WINDOWS\system32\DRIVERS\cxbu0wdm.sys [2006-07-11 84608]
S3 ggsemc;Sony Ericsson USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2006-12-01 8704]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-01-05 51056]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-01-05 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-01-05 21488]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2006-03-13 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2006-03-13 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2006-03-13 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2006-03-13 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2006-03-13 79488]
S3 MSTEE;Tee/Sink-to-Sink-konverterer for Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI-kodek; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/video-tilkobling; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\PROGRA~1\OKIMFP~1\PCANDIS5.SYS []
S3 PD100VID;Video Blaster WebCam 5 (WDM); C:\WINDOWS\system32\DRIVERS\PD100Vid.sys [2002-06-04 374200]
S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
S3 SE2Cbus;Sony Ericsson Device 044 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Cbus.sys [2006-05-15 61600]
S3 SE2Cmdfl;Sony Ericsson Device 044 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Cmdfl.sys [2006-05-15 9360]
S3 SE2Cmdm;Sony Ericsson Device 044 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Cmdm.sys [2006-05-15 97184]
S3 SE2Cmgmt;Sony Ericsson Device 044 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE2Cmgmt.sys [2006-05-15 88688]
S3 se2Cnd5;Sony Ericsson Device 044 USB Ethernet Emulation SEMC44 (NDIS); C:\WINDOWS\system32\DRIVERS\se2Cnd5.sys [2006-05-15 18704]
S3 SE2Cobex;Sony Ericsson Device 044 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE2Cobex.sys [2006-05-15 86560]
S3 se2Cunic;Sony Ericsson Device 044 USB Ethernet Emulation SEMC44 (WDM); C:\WINDOWS\system32\DRIVERS\se2Cunic.sys [2006-05-15 90800]
S3 SE30bus;Sony Ericsson Device 048 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE30bus.sys [2006-05-15 61600]
S3 SE30mdfl;Sony Ericsson Device 048 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE30mdfl.sys [2006-05-15 9360]
S3 SE30mdm;Sony Ericsson Device 048 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE30mdm.sys [2006-05-15 97184]
S3 SE30mgmt;Sony Ericsson Device 048 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE30mgmt.sys [2006-05-15 88688]
S3 se30nd5;Sony Ericsson Device 048 USB Ethernet Emulation SEMC48 (NDIS); C:\WINDOWS\system32\DRIVERS\se30nd5.sys [2006-05-15 18704]
S3 SE30obex;Sony Ericsson Device 048 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE30obex.sys [2006-05-15 86560]
S3 se30unic;Sony Ericsson Device 048 USB Ethernet Emulation SEMC48 (WDM); C:\WINDOWS\system32\DRIVERS\se30unic.sys [2006-05-15 90800]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2004-06-28 42752]
S3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-11-05 32768]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Microsoft USB generell overordnet driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER-klasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSAMP;based USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\DFSTOR2K.SYS [2001-09-28 37972]
S3 usbscan;USB-skannerdriver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB-masselagringsenhet; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2005-06-14 104576]
S3 WSTCODEC;World Standard Teletext-kodek; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeActiveFileMonitor5.0;Adobe Active File Monitor V5; C:\Programfiler\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [2006-12-22 108712]
R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
R2 Apple Mobile Device;Apple Mobile Device; C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-09-06 110592]
R2 eLoggerSvc6;Norman eLogger service 6; C:\Programfiler\Norman\Npm\bin\ELOGSVC.EXE [2007-11-21 150584]
R2 MDM;Machine Debug Manager; C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Norman ZANDA;Norman ZANDA; C:\Programfiler\Norman\npm\bin\Zanda.exe [2008-04-24 429176]
R2 NVOY;Norman's Very Own supplY of resources; C:\Programfiler\Norman\npm\bin\nvoy.exe [2008-02-07 121912]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Programfiler\Windows Media Player\WMPNetwk.exe [2006-11-15 914944]
R3 iPod Service;iPod-tjeneste; C:\Programfiler\iPod\bin\iPodService.exe [2008-03-30 504104]
R3 Norman NJeeves;Norman NJeeves; C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE [2008-05-13 203896]
R3 nsesvc;Norman Scanner Engine Service; C:\Programfiler\Norman\nse\bin\NSESVC.EXE [2008-06-19 322616]
R3 nvcoas;Norman Virus Control on-access component; C:\Programfiler\Norman\Nvc\bin\nvcoas.exe [2008-04-30 191544]
R3 NVCScheduler;Norman Virus Control Scheduler; C:\Programfiler\Norman\Npm\bin\NVCSCHED.EXE [2007-09-18 154680]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]
S3 Adobe LM Service;Adobe LM Service; C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-01-21 72704]
S3 aspnet_state;Statustjeneste for ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Programfiler\Fellesfiler\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 OKI OPHF DCS Loader;OKI OPHF DCS Loader; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHFLDCS.EXE [2005-08-19 24576]
S3 ose;Office Source Engine; C:\Programfiler\Fellesfiler\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-01-05 65795]
S3 usnsvc;Messenger Sharing USN Journal Reader-tjeneste; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
Info txt log:info.txt logfile of random's system information tool 1.02 2008-09-20 22:25:43
======Uninstall list======
-->C:\WINDOWS\IsUninst.exe -f"C:\Programfiler\Acer Inc.\Acer English Online Help Creator\Uninst.isu"
-->MsiExec.exe /I{C4CBAD7E-DF4A-4FEC-AC17-8BC709AFB844}
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\Setup.exe" -l0x14 -uninst
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acer eManager for Notebook-->C:\Programfiler\Fellesfiler\InstallShield\Driver\8\Intel 32\IDriver.exe /M{827289F5-B44F-4E49-9993-840741585A62}
Ad-Aware SE Personal-->C:\PROGRA~1\LAVASOFT\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\LAVASOFT\AD-AWA~1\INSTALL.LOG
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe GoLive CS2 English-->msiexec /i {46548E80-0409-0000-7E8A-45000F855001}
Adobe Help Center 2.1-->MsiExec.exe /I{25569723-DC5A-4467-A639-79535BF01B71}
Adobe Photoshop Elements 5.0-->msiexec /I {A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Reader Chinese Traditional Fonts-->MsiExec.exe /I{AC76BA86-7AD7-2448-0000-705000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\MACROMED\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\MACROMED\SHOCKW~1\Install.log
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe SVG Viewer 3.0-->C:\Programfiler\Fellesfiler\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Programfiler\Fellesfiler\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Agere Systems AC'97 Modem-->agrsmdel
Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
CCleaner (remove only)-->"C:\Programfiler\CCleaner\uninst.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Creative Video Blaster WebCam 5 Driver-->C:\WINDOWS\CtDrvIns.exe -uninstall USB\VID_041E&PID_400C&MI_00 -plugin PD100Pin.dll -pluginres PD100Pin.crl
Disc2Phone-->MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
ESET Online Scanner-->C:\WINDOWS\system32\OnlineScannerUninstaller.exe
EuroLink-Lite-GS-->C:\WINDOWS\uninst.exe -fC:\Programfiler\EuroLink\DeIsL1.isu -cC:\Programfiler\EuroLink\_ISREG32.DLL
FEBDOK-->C:\PROGRA~1\FELLES~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{5281A6CC-FF1C-455C-8B79-3B41D4F41C55}
HijackThis 2.0.2-->"C:\Documents and Settings\XXXX XXXXX XXXXXXX\Mine dokumenter\XXXXXX\Program Malwarefjerning\HijackThis.exe" /uninstall
HP Image Transfer v.1.9.9-->C:\Programfiler\Microsoft ActiveSync\HP Image Transfer\Uninst.exe
HP Imaging Device Functions 6.0-->C:\Programfiler\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.0-->C:\Programfiler\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
Hurtigreparasjon for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
IKEA Home Planner-->MsiExec.exe /I{A987FEC8-5616-49BD-BCA6-ACFFFE7403FE}
iTunes-->MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LADSPA_plugins-win-0.4.15-->"C:\Programfiler\Audacity\Plug-Ins\unins000.exe"
Launch Manager-->C:\WINDOWS\UnInst32.exe QtZgAcer.UNI
Malwarebytes' Anti-Malware-->"C:\Programfiler\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1 Norwegian Language Pack-->MsiExec.exe /X{3EAC35F4-FF26-4123-9404-0B5B93DAB570}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Language Pack - NOR-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - NOR\install.exe
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft ActiveSync 4.0-->MsiExec.exe /I{B208806F-A231-4FA0-AB3F-5C1B8979223E}
Microsoft Base Smart Card Cryptographic Service Provider-pakke-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Standard Edition 2003-->MsiExec.exe /I{91120414-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
NOISGABPlugin-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{EB9ABA01-D70C-4FBF-9522-13BF9847DAAA}\Setup.exe" -l0x9
Norman Virus Control-->C:\Programfiler\Norman\npm\bin\DelNvc5.exe
novaPDF Printer Professional 4.2-->"C:\Programfiler\NovaPDF\unins000.exe"
NTI Backup NOW! 4-->C:\PROGRA~1\FELLES~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{69CC0647-7F98-4358-AAB6-4F65C0705400} /l1033 BUN4
NTI CD & DVD-Maker Gold-->C:\PROGRA~1\FELLES~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5242A858-AD61-4130-92D4-BDF5087CE562} /l1033 CDM7
oggcodecs 0.69.8924-->C:\Programfiler\oggcodecs\uninst.exe
OKI Print Control Client-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{1264AAF6-BE5D-4909-9238-2F3D2DC36808}\setup.exe" -l0x14 -Removeall -removeonly
OKI Template Application-->C:\WINDOWS\IsUninst.exe -f"C:\Programfiler\OKI Templates\Uninst.isu"
Operatør konfigurator v1.4.1-->C:\Programfiler\Microsoft ActiveSync\Operatør konfigurator v1.4.1\Uninstall.exe Operatør konfigurator v1.4.1
Operatør konfigurator v1.5.0-->C:\Programfiler\Microsoft ActiveSync\Operatør konfigurator v1.5.0\Uninstall.exe Operatør konfigurator v1.5.0
OptiWin-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{E9D3F4E2-CB28-4C4B-A0B2-DAD4D146D4BE}\Setup.exe" -l0x14 -uninst
PL-2303 USB-to-Serial-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\Setup.exe" -l0x9 Installed
PrimoPDF Redistribution Package-->MsiExec.exe /I{885744A4-1A01-44B0-858A-0AE6738CBCF7}
PrimoPDF-->"C:\WINDOWS\PrimoPDF\uninstall.exe" "/U:C:\Programfiler\activePDF\PrimoPDF\Uninstall\uninstall.xml"
Priskalkulator 4.01.02-->"C:\WINDOWS\Priskalkulator 4.01.02\uninstall.exe" "/U:C:\Programfiler\NorDan AS\Priskalkulator 4.01.02\Priskalkulator 4.01.02.xml"
Quick GPS Connection Data Download Manager-->MsiExec.exe /X{00DBF4AF-752B-4602-B387-7D48A1BFE733}
QuickTime Alternative 1.65-->"C:\Programfiler\QuickTime Alternative\unins000.exe"
QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Serviceoppdatering til Uni Økonomi v3-->C:\Programfiler\UniMicro\UnInstall_14914.exe
Servicepack for importfilter-->C:\Programfiler\Unimicro\UnInstal.exe
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
SiS 900 PCI Fast Ethernet Adapter Driver-->C:\WINDOWS\SiS\900\Uninst.exe
SiS VGA Utilities-->Rundll32 SiSInst.dll,Uninstall VGA,R,oem7.inf
SiSAGP driver-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{DC226AC9-0314-496C-BE6A-B6A132628466}\setup.exe" -l0x14
Skype 2.5-->"C:\Programfiler\Skype\Phone\unins000.exe"
SoapToolkit 3.0-->MsiExec.exe /I{01EBDAB8-3066-443A-9FD9-E2D294C8ABD6}
Sony Ericsson PC Suite-->MsiExec.exe /I{788A9E76-1079-445D-B9A1-6DBB9420F7C3}
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Programfiler\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Telio Phone 1.1.4-->"C:\Programfiler\Telio Phone\unins000.exe"
Uni Importfilter-->C:\PROGRA~1\UNIMICRO\UNWISE.EXE C:\PROGRA~1\UNIMICRO\INSTALL.LOG
Uni Lønn Classic+-->C:\unimicro\wnr\UNWISE.EXE C:\unimicro\wnr\INSTALL.LOG
Uni Økonomi - TimeregV3-->C:\PROGRA~1\UNIMICRO\UNWISE.EXE C:\PROGRA~1\UNIMICRO\INSTALL.LOG
Uni Økonomi V3 Contracting-->C:\Programfiler\UniMicro\UnInstall_18131.exe
Uni Økonomi V3-->C:\PROGRA~1\UNIMICRO\UNWISE.EXE C:\PROGRA~1\UNIMICRO\INSTALL.LOG
Vareimport til Uni Økonomi V3-->C:\Programfiler\UniMicro\UnInstall_23100.exe
Windows Live Messenger-->MsiExec.exe /I{8CEA4A05-F512-45F5-8F80-5F2FA9E7F187}
Windows Live Sign-in Assistant-->MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Programfiler\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Programfiler\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Rights Management-klient med Service Pack 2-->MsiExec.exe /X{770E7240-77BC-4391-B462-8DE56EDDFA18}
Windows Rights Management-klient med SP2 med bakoverkompatibilitet-->MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR Arkiverer-->C:\Programfiler\WinRAR\uninstall.exe
Xvid 1.1.2 final uninstall-->"C:\Programfiler\Xvid\unins000.exe"
======Security center information======
AV: Norman Security Suite ver. 7.00
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Programfiler\Fellesfiler\Teleca Shared;C:\Programfiler\Microsoft SQL Server\80\Tools\Binn;C:\Programfiler\Fellesfiler\Adobe\AGL;%NpmLib%;C:\Programfiler\QuickTime Alternative\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2c02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"NpmLib"=C:\Programfiler\Norman\npm\bin
"CLASSPATH"=.;C:\Programfiler\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Programfiler\Java\jre1.6.0_05\lib\ext\QTJava.zip
-----------------EOF-----------------