The BullGuard products and services are part of NortonLifeLock Inc., a global leader in consumer Cyber Safety with a portofolio of brands including Norton, Avira and more. Learn more at NortonLifeLock.com

Virus?

Posted 4/22/2010 2:52 PM
#85220
User avatar

Bjorro Member

Date Joined Nov 2016
Total Posts: 9
My computer stops responding after a while. The only thing I can do is to start it in safe mode. I have tried to fix it self, but the problem just coming back. In safemode I have run Combofix, and when restart Windows it works normal. This have been done 3 times now, and hope someone will help me.
Post attachments:
Posted 4/23/2010 2:37 AM
#85225
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 4/23/2010 3:56 PM
#85250
User avatar

Bjorro Member

Date Joined Nov 2016
Total Posts: 9
Ok I try again
Post attachments:
Posted 4/23/2010 3:57 PM
#85251
User avatar

Bjorro Member

Date Joined Nov 2016
Total Posts: 9
And the last file here
Posted 4/23/2010 5:18 PM
#85259
User avatar

Bjorro Member

Date Joined Nov 2016
Total Posts: 9
Or is it like this I have to post....

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Database version: 4025

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

23.04.2010 17:50:13
mbam-log-2010-04-23 (17-50-13).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 191783
Time elapsed: 26 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


DDS (Ver_10-03-17.01) - NTFSx86
Run by Bjørkedal at 17:52:24,21 on 23.04.2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.3327.2336 [GMT 2:00]

AV: BullGuard Antivirus *On-access scanning disabled* (Outdated) {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913}
FW: BullGuard Firewall *enabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Main
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Programfiler\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
svchost.exe
C:\WINDOWS\System32\SvcHost.exe -k BullGuard
C:\Programfiler\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\Programfiler\Java\jre6\bin\jqs.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Programfiler\Fellesfiler\Java\Java Update\jusched.exe
C:\Programfiler\FSC\Wireless Wheel Mouse\MOUSE32A.EXE
C:\Programfiler\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programfiler\BullGuard Ltd\BullGuard\BullGuard.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programfiler\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\webshots.scr
C:\Programfiler\Netropa\Onscreen Display\OSD.exe
C:\Programfiler\Netropa\InetKb\Inetkb.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Programfiler\Lavasoft\Ad-Aware\AAWTray.exe
C:\Programfiler\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\WINDOWS\explorer.exe
C:\Programfiler\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Bjørkedal\Mine dokumenter\Nedlastinger\dds(2).scr

============== Pseudo HJT Report ===============

BHO: Påloggingshjelp for Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programfiler\fellesfiler\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programfiler\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programfiler\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: BGAntiphishingBHO Class: {fc872b94-35e3-4b94-b028-184a2a1c7cce} - c:\programfiler\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIEBHO.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\programfiler\canon\easy-webprint\Toolband.dll
uRun: [msnmsgr] "c:\programfiler\windows live\messenger\msnmsgr.exe" /background
mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe
mRun: [SunJavaUpdateSched] "c:\programfiler\fellesfiler\java\java update\jusched.exe"
mRun: [LWBMOUSE] c:\programfiler\fsc\wireless wheel mouse\MOUSE32A.EXE
mRun: [MULTIMEDIA KEYBOARD] c:\programfiler\netropa\multimedia keyboard\MMKeybd.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [BullGuard] "c:\programfiler\bullguard ltd\bullguard\BullGuard.exe" -boot
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [OpwareSE2] "c:\programfiler\scansoft\omnipagese2.0\OpwareSE2.exe"
mRun: [OPSE reminder] "c:\programfiler\scansoft\omnipagese2.0\eregeng\ereg.exe" -r "c:\programfiler\scansoft\omnipagese2.0\eregeng\ereg.ini"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\bjrked~1\start-~1\progra~1\oppstart\webshots.lnk - c:\programfiler\webshots\Launcher.exe
IE: E&ksporter til Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\programfiler\canon\easy-webprint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\programfiler\canon\easy-webprint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\programfiler\canon\easy-webprint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\programfiler\canon\easy-webprint\Resource.dll/RC_Print.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programfiler\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\programfiler\windows live\writer\WriterBrowserExtension.dll
IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\programfiler\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
LSP: c:\windows\system32\BGLsp.dll
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/Dcode/ActiveX/MSDcode.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
AppInit_DLLs: c:\windows\system32\BgGamingMonitor.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\bjrked~1\progra~1\mozilla\firefox\profiles\pnez6ob3.default\
FF - prefs.js: browser.startup.homepage - www.startsida.no
FF - component: c:\programfiler\bullguard ltd\bullguard\antiphishing\ff\antiphishing@bullguard\components\BGFFComponent.dll
FF - plugin: c:\programfiler\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\programfiler\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\programfiler\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\programfiler\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\programfiler\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programfiler\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programfiler\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programfiler\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programfiler\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\programfiler\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programfiler\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "https://www.firefox.com");
c:\programfiler\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programfiler\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-4-21 64288]
R1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [2010-3-12 58448]
R1 msikbd2k;Multimedia Keyboard Filter Driver;c:\windows\system32\drivers\Msikbd2k.sys [2010-4-18 6656]
R2 BsBrowser;BullGuard antiphishing service;c:\windows\system32\SvcHost.exe -k BullGuard_LowPriv [2004-8-4 14336]
R2 BsFileScan;BullGuard on-access service;c:\windows\system32\SvcHost.exe -k BullGuard [2004-8-4 14336]
R2 BsFire;BullGuard firewall service;c:\windows\system32\SvcHost.exe -k BullGuard [2004-8-4 14336]
R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\system32\SvcHost.exe -k BullGuard [2004-8-4 14336]
R2 BsMain;BullGuard main service;c:\windows\system32\SvcHost.exe -k BullGuard_Main [2004-8-4 14336]
R2 BsUpdate;BullGuard update service;c:\programfiler\bullguard ltd\bullguard\BullGuardUpdate.exe [2010-4-18 341328]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programfiler\lavasoft\ad-aware\AAWService.exe [2010-2-4 1265264]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [2009-12-4 31640]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2009-12-4 256792]
R3 BsScanner;BullGuard scanning service;c:\programfiler\bullguard ltd\bullguard\BullGuardScanner.exe [2010-3-3 297808]
R3 cxbu0wdm;OMNIKEY 3x21;c:\windows\system32\drivers\cxbu0wdm.sys [2010-1-25 115712]
R3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [2010-4-18 215040]
S2 nhksrv;Netropa NHK Server;c:\programfiler\netropa\multimedia keyboard\nhksrv.exe [2010-4-18 28672]
S3 BgRaSvc;BgRaSvc;c:\programfiler\bullguard ltd\bullguard\support\BgRaSvc.exe [2010-3-3 120144]

=============== Created Last 30 ================

2010-04-23 15:11:51 0 d--h--r- c:\documents and settings\bjørkedal\Siste
2010-04-22 19:19:41 3313 ----a-w- c:\windows\system32\wbem\Outlook_01cae250c24fc830.mof
2010-04-22 13:55:57 0 d-----w- c:\docume~1\bjrked~1\progra~1\Malwarebytes
2010-04-22 11:40:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-22 11:40:23 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-22 11:40:23 0 d-----w- c:\programfiler\Malwarebytes' Anti-Malware
2010-04-22 11:40:23 0 d-----w- c:\docume~1\alluse~1\progra~1\Malwarebytes
2010-04-21 15:55:59 0 d-sh--w- c:\documents and settings\bjørkedal\PrivacIE
2010-04-21 15:52:22 3313 ----a-w- c:\windows\system32\wbem\Outlook_01cae16aa1314868.mof
2010-04-21 14:59:22 1089883 -c----w- c:\windows\system32\dllcache\ntprint.cat
2010-04-21 13:05:48 0 d-----w- c:\docume~1\bjrked~1\progra~1\Foxit
2010-04-21 13:05:37 0 d-----w- c:\programfiler\Foxit Software
2010-04-21 10:37:02 0 d-----w- c:\windows\system32\XPSViewer
2010-04-21 10:36:32 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-04-21 10:36:32 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-04-21 10:36:32 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-04-21 10:36:32 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-04-21 10:36:32 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-04-21 10:36:32 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-04-21 10:36:32 117760 ------w- c:\windows\system32\prntvpt.dll
2010-04-21 10:36:32 0 d-----w- C:\5a8271f8f8c39a84261ca7
2010-04-21 09:58:54 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-04-21 09:25:05 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-04-21 09:24:58 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-04-21 09:22:25 0 d-----w- c:\programfiler\Lavasoft
2010-04-21 09:17:32 0 dc-h--w- c:\docume~1\alluse~1\progra~1\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-04-20 21:51:48 3313 ----a-w- c:\windows\system32\wbem\Outlook_01cae0d3ad89453a.mof
2010-04-20 21:45:46 382 ----a-w- c:\windows\ODBC.INI
2010-04-20 21:45:41 28040 ----a-w- c:\windows\system32\mdimon.dll
2010-04-20 21:44:50 0 d-----w- c:\windows\SHELLNEW
2010-04-20 21:33:29 0 d-----w- c:\programfiler\CCleaner
2010-04-20 21:23:27 0 d-----w- c:\programfiler\Trend Micro
2010-04-20 21:16:28 161296 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2010-04-20 18:36:23 98816 ----a-w- c:\windows\sed.exe
2010-04-20 18:36:23 77312 ----a-w- c:\windows\MBR.exe
2010-04-20 18:36:23 261632 ----a-w- c:\windows\PEV.exe
2010-04-20 18:36:23 161792 ----a-w- c:\windows\SWREG.exe
2010-04-19 16:22:26 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-04-19 16:22:26 215920 ----a-w- c:\windows\system32\muweb.dll
2010-04-19 16:22:26 17248 ----a-w- c:\windows\system32\mucltui.dll.mui
2010-04-19 14:30:43 0 d-----w- c:\documents and settings\bjørkedal\Tracing
2010-04-19 14:24:57 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-04-19 14:24:48 0 d-----w- c:\programfiler\Microsoft SQL Server Compact Edition
2010-04-19 14:24:12 0 d-----w- c:\programfiler\Microsoft
2010-04-19 14:23:55 0 d-----w- c:\programfiler\Windows Live SkyDrive
2010-04-19 14:17:07 0 d-----w- c:\programfiler\fellesfiler\Windows Live
2010-04-19 13:11:24 0 d-----w- c:\programfiler\OpenOffice.org 3
2010-04-19 12:18:59 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-04-19 12:18:59 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-04-18 23:03:40 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-04-18 23:01:42 112739 ------w- c:\windows\UNNeroVision.cfg
2010-04-18 23:01:40 3006464 ------w- c:\windows\UNNeroVision.exe
2010-04-18 23:01:40 24064 ------w- c:\windows\system32\msxml3a.dll
2010-04-18 23:00:58 364544 ------w- c:\windows\system32\TwnLib4.dll
2010-04-18 23:00:57 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-04-18 23:00:57 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-04-18 23:00:57 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-04-18 23:00:57 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-04-18 23:00:56 38912 ------w- c:\windows\system32\picn20.dll
2010-04-18 23:00:56 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-04-18 23:00:44 0 d-----w- c:\programfiler\fellesfiler\Ahead
2010-04-18 22:45:53 3932214 ----a-w- c:\windows\Webshots for Bjrkedal.bmp
2010-04-18 22:45:45 32768 ----a-w- c:\windows\system32\WSVersionATX.ocx
2010-04-18 22:45:45 1957888 ----a-w- c:\windows\webshots.scr
2010-04-18 22:45:44 0 d-----w- c:\programfiler\Webshots
2010-04-18 22:43:34 0 d-sh--w- c:\documents and settings\bjørkedal\IETldCache
2010-04-18 22:41:41 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-04-18 22:41:41 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-04-18 22:41:41 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-04-18 22:41:41 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-04-18 22:41:41 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-04-18 22:41:41 11070976 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-04-18 22:41:35 0 d-----w- c:\windows\ie8updates
2010-04-18 22:41:13 64000 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-04-18 22:39:59 0 dc-h--w- c:\windows\ie8
2010-04-18 22:14:20 0 d-----w- c:\windows\system32\nb-no
2010-04-18 22:14:17 0 d-----w- c:\windows\l2schemas
2010-04-18 22:14:16 0 d-----w- c:\windows\system32\no
2010-04-18 22:14:16 0 d-----w- c:\windows\system32\bits
2010-04-18 22:07:31 0 d-----w- c:\windows\network diagnostic
2010-04-18 22:03:23 0 d-----w- c:\windows\EHome
2010-04-18 21:43:47 0 d-----w- c:\windows\system32\LogFiles
2010-04-18 21:38:58 20992 ------w- c:\windows\system32\spupdwxp.exe
2010-04-18 21:37:59 638 ------w- c:\windows\system32\wbem\napclientprov.mof
2010-04-18 21:35:59 48640 ------w- c:\windows\system32\dhcpqec.dll
2010-04-18 21:26:40 0 d-----w- c:\windows\ServicePackFiles
2010-04-18 21:18:34 8704 ----a-w- c:\windows\system32\CNMVS7L.DLL
2010-04-18 21:18:32 140288 ----a-w- c:\windows\system32\CNMLM7L.DLL
2010-04-18 21:18:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-04-18 21:17:31 0 d-----w- c:\docume~1\alluse~1\progra~1\SSScanWizard
2010-04-18 21:17:31 0 d-----w- c:\docume~1\alluse~1\progra~1\SSScanAppDataDir
2010-04-18 21:17:29 528 ----a-w- c:\windows\MAXLINK.INI
2010-04-18 21:17:04 0 d-----w- c:\programfiler\ScanSoft
2010-04-18 21:17:04 0 d-----w- c:\programfiler\fellesfiler\ScanSoft Shared
2010-04-18 21:15:56 212480 ----a-w- c:\windows\PCDLIB32.DLL
2010-04-18 21:13:10 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-04-18 21:13:10 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-04-18 21:13:10 1060864 ----a-w- c:\windows\system32\MFC71.dll
2010-04-18 21:13:05 306688 ----a-w- c:\windows\IsUninst.exe
2010-04-18 21:12:18 0 d--h--w- c:\windows\system32\CanonMP Uninstaller Information
2010-04-18 21:12:06 49152 ----a-w- c:\windows\system32\cncisco.dll
2010-04-18 21:12:05 139264 ----a-w- c:\windows\system32\CNCL500.DLL
2010-04-18 21:12:04 69632 ----a-w- c:\windows\system32\CNCI500.DLL
2010-04-18 21:12:04 221184 ----a-w- c:\windows\system32\CNCC500.DLL
2010-04-18 21:11:36 0 d-----w- C:\CanonMP
2010-04-18 21:10:32 0 d-----w- c:\programfiler\Canon
2010-04-18 21:09:39 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-04-18 21:09:37 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-04-18 21:09:37 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-04-18 21:09:31 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-04-18 21:09:28 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2010-04-18 21:09:24 293376 ------w- c:\windows\system32\browserchoice.exe
2010-04-18 21:09:21 272256 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-04-18 21:09:21 272256 ------w- c:\windows\system32\drivers\bthport.sys
2010-04-18 21:07:37 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-04-18 21:07:13 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-04-18 21:04:48 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-04-18 21:04:46 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-04-18 21:02:56 217088 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-04-18 21:02:02 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-04-18 21:02:02 2191744 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-04-18 21:02:01 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-04-18 21:02:01 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-04-18 21:02:01 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-04-18 21:02:01 111104 -c----w- c:\windows\system32\dllcache\services.exe
2010-04-18 21:02:00 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-04-18 21:02:00 680448 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-04-18 21:02:00 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-04-18 21:01:59 710656 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-04-18 21:01:59 2148352 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-04-18 21:01:58 2026496 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-04-18 20:57:29 0 d-----w- c:\windows\system32\PreInstall
2010-04-18 20:50:35 0 d-----w- c:\docume~1\bjrked~1\progra~1\BullGuard
2010-04-18 20:48:01 0 d-----w- c:\docume~1\alluse~1\progra~1\NVIDIA Corporation
2010-04-18 20:47:56 600680 ----a-w- c:\windows\system32\nvuninst.exe
2010-04-18 20:47:55 0 d-----w- c:\programfiler\NVIDIA Corporation
2010-04-18 20:47:28 9046 ----a-w- c:\windows\system32\nvinfo.pb
2010-04-18 20:47:28 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-04-18 20:47:28 2646632 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-04-18 20:47:28 2030184 ----a-w- c:\windows\system32\nvcuvid.dll
2010-04-18 20:47:25 4075520 ----a-w- c:\windows\system32\nvcuda.dll
2010-04-18 20:47:25 2183470 ----a-w- c:\windows\system32\nvdata.bin
2010-04-18 20:47:25 11647592 ----a-w- c:\windows\system32\nvcompiler.dll
2010-04-18 20:47:16 0 d-----w- C:\NVIDIA
2010-04-18 20:41:37 0 d-----w- c:\programfiler\SystemRequirementsLab
2010-04-18 20:39:51 0 d-----w- c:\docume~1\alluse~1\progra~1\BullGuard
2010-04-18 20:39:25 0 d-----w- c:\programfiler\BullGuard Ltd
2010-04-18 20:33:18 0 d-----w- c:\windows\system32\SoftwareDistribution
2010-04-18 20:30:33 940794 ----a-w- c:\windows\system32\LoopyMusic.wav
2010-04-18 20:30:33 146650 ----a-w- c:\windows\system32\BuzzingBee.wav
2010-04-18 20:30:32 0 d-----w- c:\windows\system32\Lang
2010-04-18 20:27:21 600680 ----a-w- c:\windows\system32\nvudisp.exe
2010-04-18 20:27:21 25755 ----a-w- c:\windows\system32\nvdisp.nvu
2010-04-18 20:27:21 0 d-----w- c:\windows\nview
2010-04-18 20:27:02 49152 ----a-r- c:\windows\system32\unwlsdrv.exe
2010-04-18 20:27:02 215040 ----a-r- c:\windows\system32\drivers\sis163u.sys
2010-04-18 20:25:57 5504 ----a-w- c:\windows\system32\drivers\intelide.sys
2010-04-18 20:24:45 0 d-----w- c:\windows\system32\ReinstallBackups
2010-04-18 20:22:53 0 ----a-w- c:\windows\WININIT.INI
2010-04-18 20:22:52 6656 ----a-w- c:\windows\system32\drivers\Msikbd2k.sys
2010-04-18 20:22:52 28672 ----a-w- c:\windows\system32\msiosd32.dll
2010-04-18 20:22:52 245 ----a-w- c:\windows\MSIOSD.INI
2010-04-18 20:22:52 0 d-----w- c:\programfiler\Netropa
2010-04-18 20:22:43 0 d-----w- c:\programfiler\fellesfiler\InstallShield
2010-04-18 20:22:32 6205 ----a-w- c:\windows\system32\LWBHMVXD.VXD
2010-04-18 20:22:32 0 d-----w- c:\programfiler\FSC
2010-04-18 20:20:01 0 d-s---w- c:\windows\system32\Microsoft
2010-04-18 19:47:53 0 d-----w- c:\programfiler\fellesfiler\ODBC
2010-04-18 19:47:48 0 d-----w- c:\programfiler\fellesfiler\SpeechEngines
2010-04-18 19:47:16 0 d--h--w- c:\documents and settings\all users\Maler
2010-04-18 19:47:16 0 d-----w- c:\documents and settings\all users\Skrivebord
2010-04-18 19:47:16 0 d-----w- c:\documents and settings\all users\Favoritter
2010-04-18 19:47:16 0 d-----r- c:\documents and settings\all users\Start-meny
2010-04-18 19:47:16 0 d-----r- c:\documents and settings\all users\Dokumenter
2010-04-18 19:46:57 0 d--h--r- c:\documents and settings\all users\Programdata
2010-04-18 17:59:16 0 d-sh--w- c:\documents and settings\all users\DRM
2010-04-18 17:59:01 0 d--h--w- c:\programfiler\WindowsUpdate
2010-04-18 17:58:57 0 d-----w- c:\programfiler\Elektroniske tjenester
2010-04-18 17:58:13 0 d-----w- c:\programfiler\fellesfiler\Tjenester
2010-04-18 17:58:10 0 d-----w- c:\programfiler\fellesfiler\MSSoap
2010-04-18 17:56:46 0 d-----w- c:\programfiler\Messenger
2010-04-18 17:56:42 0 d-----w- c:\programfiler\MSN Gaming Zone
2010-04-18 17:56:17 0 d-----w- c:\programfiler\Windows NT

==================== Find3M ====================

2010-04-22 19:19:41 80632 ----a-w- c:\windows\system32\perfc014.dat
2010-04-22 19:19:41 446686 ----a-w- c:\windows\system32\perfh014.dat
2010-04-18 20:55:39 150864 ----a-w- c:\windows\system32\BGLsp.dll
2010-04-18 17:57:34 21704 ----a-w- c:\windows\system32\emptyregdb.dat
2010-04-03 22:55:31 6432128 ----a-w- c:\windows\system32\nv4_disp.dll
2010-04-03 22:55:31 227944 ----a-w- c:\windows\system32\nvcodins.dll
2010-04-03 22:55:31 227944 ----a-w- c:\windows\system32\nvcod.dll
2010-04-03 22:55:31 14757888 ----a-w- c:\windows\system32\nvoglnt.dll
2010-04-03 22:55:31 1097728 ----a-w- c:\windows\system32\nvapi.dll
2010-04-03 22:55:31 10232128 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-04-03 17:23:18 278120 ----a-w- c:\windows\system32\nvmccs.dll
2010-04-03 17:23:16 154216 ----a-w- c:\windows\system32\nvsvc32.exe
2010-04-03 17:23:16 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-04-03 17:23:16 13670504 ----a-w- c:\windows\system32\nvcpl.dll
2010-04-03 17:23:16 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-04-03 17:23:00 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2010-04-03 17:23:00 126976 ----a-w- c:\windows\system32\nvrszht.dll
2010-03-18 16:03:54 98128 ----a-w- c:\windows\system32\BgGamingMonitor.dll
2010-03-12 09:34:52 58448 ----a-w- c:\windows\system32\drivers\BdSpy.sys
2010-03-10 06:17:41 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-25 06:20:31 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11:07 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-16 19:10:49 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:10:49 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:35:06 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-01 17:42:58 123256 ----a-w- c:\windows\system32\BdInstHk.dll

============= FINISH: 17:52:41,42 ===============


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 18.04.2010 20:04:44
System Uptime: 23.04.2010 17:10:33 (0 hours ago)

Motherboard: FUJITSU SIEMENS | | GA-8I945PE
Processor: Intel(R) Pentium(R) D CPU 3.40GHz | Socket 775 | 3391/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 233 GiB total, 213,487 GiB free.
D: is FIXED (NTFS) - 233 GiB total, 152,808 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 18.04.2010 22:21:41 - Kontrollpunkt for system
RP2: 18.04.2010 22:22:51 - Installert Fujitsu Siemens Wireless Keyboard
RP3: 18.04.2010 22:48:38 - Installerte Windows Installer KB893803v2.
RP4: 18.04.2010 22:57:19 - Software Distribution Service 3.0
RP5: 18.04.2010 23:15:42 - Installed PhotoStudio
RP6: 18.04.2010 23:16:57 - Installed OmniPage SE
RP7: 18.04.2010 23:21:45 - Software Distribution Service 3.0
RP8: 18.04.2010 23:49:20 - Software Distribution Service 3.0
RP9: 18.04.2010 23:57:07 - Software Distribution Service 3.0
RP10: 19.04.2010 00:38:31 - Software Distribution Service 3.0
RP11: 19.04.2010 01:02:35 - Installed Windows Media Format 9 Series Runtime Setup
RP12: 19.04.2010 14:18:29 - Installed Java(TM) 6 Update 18
RP13: 19.04.2010 15:11:21 - Installert OpenOffice.org 3.2
RP14: 19.04.2010 16:24:55 - Installed DirectX
RP15: 19.04.2010 20:07:31 - Software Distribution Service 3.0
RP16: 19.04.2010 22:16:19 - Software Distribution Service 3.0
RP17: 19.04.2010 22:21:43 - Software Distribution Service 3.0
RP18: 19.04.2010 23:46:07 - Software Distribution Service 3.0
RP19: 20.04.2010 11:53:49 - Software Distribution Service 3.0
RP20: 20.04.2010 12:25:02 - Software Distribution Service 3.0
RP21: 20.04.2010 19:52:00 - Software Distribution Service 3.0
RP22: 20.04.2010 23:43:53 - Installerte Microsoft Office Standard Edition 2003
RP23: 21.04.2010 12:33:17 - Software Distribution Service 3.0
RP24: 21.04.2010 15:06:44 - Removed Foxit Toolbar.
RP25: 21.04.2010 17:04:38 - Software Distribution Service 3.0
RP26: 21.04.2010 17:58:59 - Tilfreds
RP27: 22.04.2010 18:07:14 - Kontrollpunkt for system
RP28: 22.04.2010 19:50:10 - Software Distribution Service 3.0

==== Installed Programs ======================

7-Zip 9.13 beta
Ad-Aware
Ad-Aware Email Scanner for Outlook
Adobe Flash Player 10 Plugin
ArcSoft PhotoStudio 5.5
BullGuard 9.0
Canon MP Navigator 2.0
Canon MP500
Canon Utilities Easy-PhotoPrint
CCleaner
CD-LabelPrint
Easy-WebPrint
Foxit Reader
Fujitsu Siemens Computers WLAN 802.11b/g D1705/D1706
Fujitsu Siemens Wireless Keyboard
Fujitsu Siemens Wireless Wheel Mouse
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
Hurtigreparasjon for Windows XP (KB942288-v3)
Hurtigreparasjon for Windows XP (KB952287)
Hurtigreparasjon for Windows XP (KB961118)
Hurtigreparasjon for Windows XP (KB979306)
Intel(R) PRO Network Connections Drivers
J2SE Runtime Environment 5.0
Java Auto Updater
Java(TM) 6 Update 18
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Norwegian Language Pack
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office Standard Edition 2003
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6.3)
MSVCRT
Nero Suite
NVIDIA Drivers
NVIDIA nView Desktop Manager
OmniPage SE 2.0
OpenOffice.org 3.2
Oppdatering for Windows Internet Explorer 8 (KB976662)
Oppdatering for Windows Internet Explorer 8 (KB980182)
Oppdatering for Windows Internet Explorer 8 (KB980302)
Oppdatering for Windows XP (KB951978)
Oppdatering for Windows XP (KB955759)
Oppdatering for Windows XP (KB961503)
Oppdatering for Windows XP (KB967715)
Oppdatering for Windows XP (KB968389)
Oppdatering for Windows XP (KB971737)
Oppdatering for Windows XP (KB973687)
Oppdatering for Windows XP (KB973815)
Oppdatering for Windows XP (KB980182)
Opplastingsverktøy for Windows Live
Påloggingsassistent for Windows Live
Realtek High Definition Audio Driver
Segoe UI
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB971961)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB981332)
Sikkerhetsoppdatering for Windows Media Player (KB952069)
Sikkerhetsoppdatering for Windows Media Player (KB954155)
Sikkerhetsoppdatering for Windows Media Player (KB968816)
Sikkerhetsoppdatering for Windows Media Player (KB973540)
Sikkerhetsoppdatering for Windows Media Player (KB979402)
Sikkerhetsoppdatering for Windows XP (KB923561)
Sikkerhetsoppdatering for Windows XP (KB923789)
Sikkerhetsoppdatering for Windows XP (KB946648)
Sikkerhetsoppdatering for Windows XP (KB950760)
Sikkerhetsoppdatering for Windows XP (KB950762)
Sikkerhetsoppdatering for Windows XP (KB950974)
Sikkerhetsoppdatering for Windows XP (KB951066)
Sikkerhetsoppdatering for Windows XP (KB951376-v2)
Sikkerhetsoppdatering for Windows XP (KB951748)
Sikkerhetsoppdatering for Windows XP (KB952004)
Sikkerhetsoppdatering for Windows XP (KB952954)
Sikkerhetsoppdatering for Windows XP (KB955069)
Sikkerhetsoppdatering for Windows XP (KB956572)
Sikkerhetsoppdatering for Windows XP (KB956744)
Sikkerhetsoppdatering for Windows XP (KB956802)
Sikkerhetsoppdatering for Windows XP (KB956803)
Sikkerhetsoppdatering for Windows XP (KB956844)
Sikkerhetsoppdatering for Windows XP (KB958644)
Sikkerhetsoppdatering for Windows XP (KB958869)
Sikkerhetsoppdatering for Windows XP (KB959426)
Sikkerhetsoppdatering for Windows XP (KB960803)
Sikkerhetsoppdatering for Windows XP (KB960859)
Sikkerhetsoppdatering for Windows XP (KB961501)
Sikkerhetsoppdatering for Windows XP (KB969059)
Sikkerhetsoppdatering for Windows XP (KB969947)
Sikkerhetsoppdatering for Windows XP (KB970238)
Sikkerhetsoppdatering for Windows XP (KB970430)
Sikkerhetsoppdatering for Windows XP (KB971468)
Sikkerhetsoppdatering for Windows XP (KB971657)
Sikkerhetsoppdatering for Windows XP (KB972270)
Sikkerhetsoppdatering for Windows XP (KB973354)
Sikkerhetsoppdatering for Windows XP (KB973507)
Sikkerhetsoppdatering for Windows XP (KB973869)
Sikkerhetsoppdatering for Windows XP (KB973904)
Sikkerhetsoppdatering for Windows XP (KB974112)
Sikkerhetsoppdatering for Windows XP (KB974318)
Sikkerhetsoppdatering for Windows XP (KB974392)
Sikkerhetsoppdatering for Windows XP (KB974571)
Sikkerhetsoppdatering for Windows XP (KB975025)
Sikkerhetsoppdatering for Windows XP (KB975467)
Sikkerhetsoppdatering for Windows XP (KB975560)
Sikkerhetsoppdatering for Windows XP (KB975561)
Sikkerhetsoppdatering for Windows XP (KB975713)
Sikkerhetsoppdatering for Windows XP (KB977816)
Sikkerhetsoppdatering for Windows XP (KB977914)
Sikkerhetsoppdatering for Windows XP (KB978037)
Sikkerhetsoppdatering for Windows XP (KB978262)
Sikkerhetsoppdatering for Windows XP (KB978338)
Sikkerhetsoppdatering for Windows XP (KB978601)
Sikkerhetsoppdatering for Windows XP (KB978706)
Sikkerhetsoppdatering for Windows XP (KB979309)
Sikkerhetsoppdatering for Windows XP (KB979683)
Sikkerhetsoppdatering for Windows XP (KB980232)
System Requirements Lab
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
Webshots Desktop
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:53:59, on 23.04.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\SvcHost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SvcHost.exe
C:\Programfiler\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\Programfiler\Java\jre6\bin\jqs.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programfiler\Fellesfiler\Java\Java Update\jusched.exe
C:\Programfiler\FSC\Wireless Wheel Mouse\MOUSE32A.EXE
C:\Programfiler\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programfiler\BullGuard Ltd\BullGuard\BullGuard.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programfiler\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\webshots.scr
C:\Programfiler\Netropa\Onscreen Display\OSD.exe
C:\Programfiler\Netropa\InetKb\Inetkb.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\Lavasoft\Ad-Aware\AAWTray.exe
C:\Programfiler\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\WINDOWS\explorer.exe
C:\Programfiler\Mozilla Firefox\firefox.exe
C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: BGAntiphishingBHO - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Programfiler\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programfiler\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programfiler\Fellesfiler\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LWBMOUSE] C:\Programfiler\FSC\Wireless Wheel Mouse\MOUSE32A.EXE
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Programfiler\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [BullGuard] "C:\Programfiler\BullGuard Ltd\BullGuard\BullGuard.exe" -boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OpwareSE2] "C:\Programfiler\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [OPSE reminder] "C:\Programfiler\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" -r "C:\Programfiler\ScanSoft\OmniPageSE2.0\EregEng\ereg.ini"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Webshots.lnk = C:\Programfiler\Webshots\Launcher.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Blogg dette - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programfiler\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blogg dette i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programfiler\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Programfiler\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll
O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\BgGamingMonitor.dll
O23 - Service: BgRaSvc - BullGuard Ltd. - C:\Programfiler\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Programfiler\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Programfiler\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programfiler\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Programfiler\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 8098 bytes
Posted 4/24/2010 1:52 AM
#85261
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974

Please download combofix: Here

Before Saving it to Desktop, please rename it to alg.exe to stop malware from disabling it.





Disable your AntiVirus and AntiSpyware applications, they may otherwise interfere with Combofix.

There are details for disabling many programmes: Here






Now, please make sure no other programs are running, close all other windows.


Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.
It may take a while to complete scanning and this is normal.

You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after scanning has completed.

Combofix will create a logfile and display it after your computer has rebooted.

Usually located in c:\combofix.txt, please post it to your next reply



The logs will be reasonably large so you may have to divide them into sections and make several posts to post them.


[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 4/25/2010 7:42 AM
#85296
User avatar

Bjorro Member

Date Joined Nov 2016
Total Posts: 9
I shut down bullguard, but Combofix said I hadn`t....
Hopefully you manage to find my problem anyway.......


ComboFix 10-04-21.01 - Bjørkedal 25.04.2010 9:15.7.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.3327.2417 [GMT 2:00]
Kjører fra: c:\documents and settings\Bjørkedal\Skrivebord\ComboFix.exe
AV: BullGuard Antivirus *On-access scanning enabled* (Updated) {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913}
FW: BullGuard Firewall *enabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1}

ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !!
.

((((((((((((((((((((((((((( Filer Opprettet Fra 2010-03-25 til 2010-04-25 )))))))))))))))))))))))))))))))))
.

2010-04-23 15:56 . 2010-04-23 15:56 2547 ----a-w- C:\hijackthis.zip
2010-04-23 15:56 . 2010-04-23 15:56 557 ----a-w- C:\mbam-log-2010-04-23 (17-50-13).zip
2010-04-23 15:56 . 2010-04-23 15:56 7248 ----a-w- C:\DDS.zip
2010-04-23 15:55 . 2010-04-23 15:55 2374 ----a-w- C:\Attach.zip
2010-04-23 14:59 . 2010-04-23 14:59 -------- d--h--r- c:\documents and settings\Administrator\Siste
2010-04-22 14:49 . 2010-04-22 14:49 -------- d-----w- c:\programfiler\7-Zip
2010-04-22 11:40 . 2010-04-22 11:40 -------- d-----w- c:\documents and settings\Administrator\Programdata\Malwarebytes
2010-04-22 11:40 . 2010-03-29 22:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-22 11:40 . 2010-04-22 11:40 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware
2010-04-22 11:40 . 2010-04-22 11:40 -------- d-----w- c:\documents and settings\All Users\Programdata\Malwarebytes
2010-04-22 11:40 . 2010-03-29 22:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-21 13:05 . 2010-04-21 13:05 -------- d-----w- c:\programfiler\Foxit Software
2010-04-21 10:37 . 2010-04-21 10:37 -------- d-----w- c:\windows\system32\XPSViewer
2010-04-21 09:58 . 2010-04-21 09:24 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-04-21 09:25 . 2010-04-21 09:25 -------- dc----w- c:\windows\system32\DRVSTORE
2010-04-21 09:25 . 2010-02-04 15:53 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-04-21 09:22 . 2010-02-04 15:53 2954656 -c--a-w- c:\documents and settings\All Users\Programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
2010-04-21 09:22 . 2010-04-21 09:23 -------- d-----w- c:\documents and settings\All Users\Programdata\Lavasoft
2010-04-21 09:22 . 2010-04-21 09:22 -------- d-----w- c:\programfiler\Lavasoft
2010-04-21 09:17 . 2010-04-21 09:22 -------- dc-h--w- c:\documents and settings\All Users\Programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-04-20 21:45 . 2007-04-09 11:23 28552 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2010-04-20 21:45 . 2007-04-09 11:23 28040 ----a-w- c:\windows\system32\mdimon.dll
2010-04-20 21:45 . 2010-04-21 15:05 -------- d-----w- c:\programfiler\Microsoft Works
2010-04-20 21:44 . 2010-04-20 21:45 -------- d-----w- c:\windows\SHELLNEW
2010-04-20 21:43 . 2010-04-20 21:43 -------- d-----w- c:\programfiler\Microsoft.NET
2010-04-20 21:42 . 2010-04-20 21:42 -------- d-----r- C:\MSOCache
2010-04-20 21:33 . 2010-04-20 21:38 -------- d-----w- c:\programfiler\CCleaner
2010-04-20 21:31 . 2010-04-20 21:31 -------- d-----w- c:\documents and settings\Administrator\log
2010-04-20 21:23 . 2010-04-20 21:23 -------- d-----w- c:\programfiler\Trend Micro
2010-04-20 21:16 . 2010-04-20 21:31 161296 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2010-04-20 10:51 . 2010-04-20 10:51 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-04-20 10:47 . 2010-04-20 10:47 -------- d-----w- c:\documents and settings\Administrator\Lokale innstillinger\Programdata\Thunderbird
2010-04-20 10:47 . 2010-04-20 10:47 -------- d-----w- c:\documents and settings\Administrator\Programdata\Thunderbird
2010-04-20 10:45 . 2010-04-20 10:45 19464 ----a-w- c:\documents and settings\Administrator\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT
2010-04-20 09:59 . 2010-04-20 09:59 -------- d-----w- c:\documents and settings\Administrator\Lokale innstillinger\Programdata\Mozilla
2010-04-20 09:58 . 2010-04-20 09:58 -------- d-----w- c:\documents and settings\Administrator\Programdata\BullGuard
2010-04-20 09:57 . 2010-04-20 09:57 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-04-19 16:22 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-04-19 16:22 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-04-19 14:29 . 2010-04-19 18:13 -------- d-----w- c:\programfiler\Microsoft Silverlight
2010-04-19 14:24 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-04-19 14:24 . 2010-04-19 14:24 -------- d-----w- c:\programfiler\Microsoft SQL Server Compact Edition
2010-04-19 14:24 . 2010-04-19 14:24 -------- d-----w- c:\programfiler\Microsoft
2010-04-19 14:23 . 2010-04-19 14:23 -------- d-----w- c:\programfiler\Windows Live SkyDrive
2010-04-19 14:23 . 2010-04-19 14:29 -------- d-----w- c:\programfiler\Windows Live
2010-04-19 14:17 . 2010-04-19 14:17 -------- d-----w- c:\programfiler\Fellesfiler\Windows Live
2010-04-19 13:11 . 2010-04-19 13:11 -------- d-----w- c:\programfiler\OpenOffice.org 3
2010-04-19 12:19 . 2010-04-19 12:19 -------- d-----w- c:\windows\Sun
2010-04-19 12:18 . 2010-04-19 12:18 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-04-18 23:03 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-04-18 23:02 . 2010-04-18 23:02 -------- d-----w- c:\programfiler\Fellesfiler\Nero
2010-04-18 23:01 . 2005-09-07 16:08 3006464 ------w- c:\windows\UNNeroVision.exe
2010-04-18 23:01 . 2001-03-08 17:30 24064 ------w- c:\windows\system32\msxml3a.dll
2010-04-18 23:00 . 2010-04-18 23:00 -------- d-----w- c:\documents and settings\All Users\Programdata\Ahead
2010-04-18 23:00 . 2004-07-09 07:43 364544 ------w- c:\windows\system32\TwnLib4.dll
2010-04-18 23:00 . 2004-07-26 15:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-04-18 23:00 . 2004-07-26 15:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-04-18 23:00 . 2004-07-26 15:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-04-18 23:00 . 2004-07-26 15:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-04-18 23:00 . 2001-06-26 06:15 38912 ------w- c:\windows\system32\picn20.dll
2010-04-18 23:00 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-04-18 23:00 . 2010-04-18 23:00 -------- d-----w- c:\programfiler\Fellesfiler\Ahead
2010-04-18 23:00 . 2010-04-18 23:03 -------- d-----w- c:\programfiler\Ahead
2010-04-18 22:45 . 2003-10-30 11:51 1957888 ----a-w- c:\windows\webshots.scr
2010-04-18 22:45 . 2010-04-18 22:45 -------- d-----w- c:\programfiler\Webshots
2010-04-18 22:43 . 2010-04-18 22:43 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-04-18 22:41 . 2010-02-25 09:50 11070976 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-04-18 22:41 . 2010-02-25 06:20 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-04-18 22:41 . 2010-02-25 06:20 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-04-18 22:41 . 2010-02-25 06:20 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-04-18 22:41 . 2010-02-25 06:20 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-04-18 22:41 . 2010-02-25 06:20 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-04-18 22:41 . 2010-04-19 18:12 -------- d-----w- c:\windows\ie8updates
2010-04-18 22:41 . 2010-02-16 04:50 64000 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-04-18 22:39 . 2010-04-18 22:41 -------- dc-h--w- c:\windows\ie8
2010-04-18 22:14 . 2010-04-18 22:43 -------- d-----w- c:\windows\system32\nb-no
2010-04-18 22:14 . 2010-04-18 22:14 -------- d-----w- c:\windows\l2schemas
2010-04-18 22:14 . 2010-04-18 22:14 -------- d-----w- c:\windows\system32\no
2010-04-18 22:14 . 2010-04-18 22:14 -------- d-----w- c:\windows\system32\bits
2010-04-18 22:03 . 2010-04-18 22:03 -------- d-----w- c:\windows\EHome
2010-04-18 21:45 . 2010-04-18 21:45 0 ----a-w- c:\windows\nsreg.dat
2010-04-18 21:43 . 2010-04-18 21:43 -------- d-----w- c:\windows\system32\LogFiles
2010-04-18 21:37 . 2008-04-14 16:23 176640 ------w- c:\windows\system32\napstat.exe
2010-04-18 21:35 . 2008-04-14 16:21 48640 ------w- c:\windows\system32\dhcpqec.dll
2010-04-18 21:26 . 2010-04-18 22:09 -------- d-----w- c:\windows\ServicePackFiles
2010-04-18 21:18 . 2005-09-14 20:00 87040 ----a-w- c:\documents and settings\All Users\Programdata\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules\0407\CNMsr7L.dll
2010-04-18 21:18 . 2005-09-14 20:00 281600 ----a-w- c:\documents and settings\All Users\Programdata\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules\0407\CNMur7L.dll
2010-04-18 21:18 . 2005-09-14 20:00 113664 ----a-w- c:\documents and settings\All Users\Programdata\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules\0407\CNMlr7L.dll
2010-04-18 21:18 . 2005-08-25 20:00 92160 ----a-w- c:\documents and settings\All Users\Programdata\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules\0409\CNMlr7L.dll
2010-04-18 21:18 . 2005-08-25 20:00 69632 ----a-w- c:\documents and settings\All Users\Programdata\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules\0409\CNMsr7L.dll
2010-04-18 21:18 . 2005-08-25 20:00 254464 ----a-w- c:\documents and settings\All Users\Programdata\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP500 Series Printer\LanguageModules\0409\CNMur7L.dll
2010-04-18 21:18 . 2010-04-18 21:18 -------- d--h--w- c:\documents and settings\All Users\Programdata\CanonBJ
2010-04-18 21:18 . 2005-08-25 20:00 8704 ----a-w- c:\windows\system32\CNMVS7L.DLL
2010-04-18 21:18 . 2005-08-25 20:00 59392 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP7L.DLL
2010-04-18 21:18 . 2005-08-25 20:00 20992 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD7L.DLL
2010-04-18 21:18 . 2005-08-25 20:00 140288 ----a-w- c:\windows\system32\CNMLM7L.DLL
2010-04-18 21:18 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-04-18 21:17 . 2010-04-18 21:17 -------- d-----w- c:\documents and settings\All Users\Programdata\SSScanWizard
2010-04-18 21:17 . 2010-04-18 21:17 -------- d-----w- c:\documents and settings\All Users\Programdata\SSScanAppDataDir
2010-04-18 21:17 . 2010-04-18 21:17 -------- d-----w- c:\programfiler\Fellesfiler\ScanSoft Shared
2010-04-18 21:17 . 2010-04-18 21:17 -------- d-----w- c:\programfiler\ScanSoft
2010-04-18 21:15 . 1995-08-01 02:44 212480 ----a-w- c:\windows\PCDLIB32.DLL
2010-04-18 21:15 . 2010-04-18 21:15 -------- d-----w- c:\programfiler\ArcSoft
2010-04-18 21:13 . 2003-09-18 12:32 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-04-18 21:13 . 2003-09-18 12:32 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-04-18 21:13 . 2003-09-18 12:32 1060864 ----a-w- c:\windows\system32\MFC71.dll
2010-04-18 21:13 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-04-18 21:12 . 2010-04-18 21:12 -------- d--h--w- c:\windows\system32\CanonMP Uninstaller Information
2010-04-18 21:12 . 2005-08-30 04:23 49152 ----a-w- c:\windows\system32\cncisco.dll
2010-04-18 21:12 . 2005-05-30 10:47 139264 ----a-w- c:\windows\system32\CNCL500.DLL
2010-04-18 21:12 . 2005-08-30 04:22 221184 ----a-w- c:\windows\system32\CNCC500.DLL
2010-04-18 21:12 . 2005-08-30 04:22 69632 ----a-w- c:\windows\system32\CNCI500.DLL
2010-04-18 21:11 . 2010-04-18 21:11 -------- d-----w- C:\CanonMP
2010-04-18 21:10 . 2010-04-18 21:14 -------- d-----w- c:\programfiler\Canon
2010-04-18 21:09 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-04-18 21:09 . 2009-10-15 16:39 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-04-18 21:09 . 2009-10-15 16:39 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-04-18 21:09 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-04-18 21:09 . 2008-04-11 19:06 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2010-04-18 21:09 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-04-18 21:09 . 2008-06-14 17:36 272256 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-04-18 21:09 . 2008-06-14 17:36 272256 ------w- c:\windows\system32\drivers\bthport.sys
2010-04-18 21:07 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-04-18 21:07 . 2009-07-10 13:31 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-04-18 21:04 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-22 19:19 . 2004-08-04 12:00 80632 ----a-w- c:\windows\system32\perfc014.dat
2010-04-22 19:19 . 2004-08-04 12:00 446686 ----a-w- c:\windows\system32\perfh014.dat
2010-04-21 10:36 . 2010-04-21 10:36 -------- d-----w- c:\programfiler\MSBuild
2010-04-21 10:36 . 2010-04-21 10:36 -------- d-----w- c:\programfiler\Reference Assemblies
2010-04-19 12:19 . 2010-04-18 18:02 -------- d-----w- c:\programfiler\Fellesfiler\Java
2010-04-19 12:18 . 2010-04-18 18:02 -------- d-----w- c:\programfiler\Java
2010-04-18 22:17 . 2010-04-18 17:59 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-18 18:03 . 2010-04-18 18:03 -------- d-----w- c:\programfiler\microsoft frontpage
2010-04-18 17:58 . 2010-04-18 17:58 -------- d-----w- c:\programfiler\Elektroniske tjenester
2010-04-18 17:58 . 2010-04-18 17:58 -------- d-----w- c:\programfiler\Fellesfiler\Tjenester
2010-04-18 17:57 . 2010-04-18 17:57 21704 ----a-w- c:\windows\system32\emptyregdb.dat
2010-04-03 22:55 . 2006-03-02 21:41 6432128 ----a-w- c:\windows\system32\nv4_disp.dll
2010-04-03 22:55 . 2006-03-02 21:41 227944 ----a-w- c:\windows\system32\nvcodins.dll
2010-04-03 22:55 . 2006-03-02 21:41 227944 ----a-w- c:\windows\system32\nvcod.dll
2010-04-03 22:55 . 2006-03-02 21:41 14757888 ----a-w- c:\windows\system32\nvoglnt.dll
2010-04-03 22:55 . 2006-03-02 21:41 1097728 ----a-w- c:\windows\system32\nvapi.dll
2010-04-03 22:55 . 2006-03-02 21:41 10232128 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-04-03 17:23 . 2010-04-03 17:23 278120 ----a-w- c:\windows\system32\nvmccs.dll
2010-04-03 17:23 . 2010-04-03 17:23 154216 ----a-w- c:\windows\system32\nvsvc32.exe
2010-04-03 17:23 . 2010-04-03 17:23 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-04-03 17:23 . 2010-04-03 17:23 13670504 ----a-w- c:\windows\system32\nvcpl.dll
2010-04-03 17:23 . 2010-04-03 17:23 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-04-03 17:23 . 2010-04-03 17:23 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2010-04-03 17:23 . 2010-04-03 17:23 126976 ----a-w- c:\windows\system32\nvrszht.dll
2010-03-18 16:03 . 2010-03-18 16:03 98128 ----a-w- c:\windows\system32\BgGamingMonitor.dll
2010-03-12 09:34 . 2010-03-12 09:34 58448 ----a-w- c:\windows\system32\drivers\BdSpy.sys
2010-03-10 06:17 . 2004-08-04 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-25 06:20 . 2004-09-29 18:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2004-10-28 01:14 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-16 19:10 . 2004-08-04 12:00 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:10 . 2004-08-04 00:58 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:35 . 2004-08-04 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2004-08-04 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-01 17:42 . 2010-02-01 17:42 123256 ----a-w- c:\windows\system32\BdInstHk.dll
2010-01-25 12:56 . 2010-01-25 12:56 115712 ----a-w- c:\windows\system32\drivers\cxbu0wdm.sys
.

((((((((((((((((((((((((((((( SnapShot_2010-04-23_15.17.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-18 18:04 . 2010-04-23 16:40 32768 c:\windows\system32\config\systemprofile\Lokale innstillinger\Logg\History.IE5\index.dat
- 2010-04-18 18:04 . 2010-04-23 15:12 32768 c:\windows\system32\config\systemprofile\Lokale innstillinger\Logg\History.IE5\index.dat
+ 2010-04-23 16:34 . 2010-04-23 16:40 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2010-04-23 15:12 . 2010-04-23 15:12 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
.
(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\programfiler\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"SunJavaUpdateSched"="c:\programfiler\Fellesfiler\Java\Java Update\jusched.exe" [2010-01-11 246504]
"LWBMOUSE"="c:\programfiler\FSC\Wireless Wheel Mouse\MOUSE32A.EXE" [2001-11-09 356352]
"MULTIMEDIA KEYBOARD"="c:\programfiler\Netropa\Multimedia Keyboard\MMKeybd.exe" [2003-06-03 163840]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 16143872]
"BullGuard"="c:\programfiler\BullGuard Ltd\BullGuard\BullGuard.exe" [2010-04-18 2069840]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696]
"OpwareSE2"="c:\programfiler\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"OPSE reminder"="c:\programfiler\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" [2003-07-07 729088]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Bj›rkedal\Start-meny\Programmer\Oppstart\
Webshots.lnk - c:\programfiler\Webshots\Launcher.exe [2010-4-19 45056]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programfiler\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [21.04.2010 11:25 64288]
R1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [12.03.2010 11:34 58448]
R1 msikbd2k;Multimedia Keyboard Filter Driver;c:\windows\system32\drivers\Msikbd2k.sys [18.04.2010 22:22 6656]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [04.12.2009 12:00 31640]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [04.12.2009 12:00 256792]
R3 cxbu0wdm;OMNIKEY 3x21;c:\windows\system32\drivers\cxbu0wdm.sys [25.01.2010 14:56 115712]
R3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [18.04.2010 22:27 215040]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
BullGuard_Main REG_MULTI_SZ BsMain
BullGuard REG_MULTI_SZ BsFileScan BsMailProxy BsFire
BullGuard_LowPriv REG_MULTI_SZ BsBrowser
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

2010-04-24 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\programfiler\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 09:24]
.
.
------- Tilleggsskanning -------
.
IE: E&ksporter til Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\programfiler\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\programfiler\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: {{27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\programfiler\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll
LSP: c:\windows\system32\BGLsp.dll
FF - ProfilePath - c:\documents and settings\Bjørkedal\Programdata\Mozilla\Firefox\Profiles\pnez6ob3.default\
FF - prefs.js: browser.startup.homepage - www.startsida.no
FF - component: c:\programfiler\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullguard\components\BGFFComponent.dll
FF - plugin: c:\programfiler\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\programfiler\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programfiler\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\programfiler\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programfiler\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programfiler\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programfiler\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programfiler\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programfiler\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "https://www.firefox.com");
c:\programfiler\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programfiler\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, https://www.gmer.net
Rootkit scan 2010-04-25 09:18
Windows 5.1.2600 Service Pack 3 NTFS

skanner skjulte prosesser ...

skanner skjulte autostart-oppføringer ...

skanner skjulte filer ...

skanning vellykket
skjulte filer: 0

**************************************************************************
.
--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

- - - - - - - > 'lsass.exe'(1368)
c:\windows\system32\BGLsp.dll

- - - - - - - > 'explorer.exe'(236)
c:\programfiler\BullGuard Ltd\BullGuard\Spamfilter\LittleHook.dll
c:\programfiler\ScanSoft\OmniPageSE2.0\ophookSE2.dll
c:\programfiler\FSC\Wireless Wheel Mouse\MOUDL32A.DLL
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
.
Tidspunkt ferdig: 2010-04-25 09:19:56
ComboFix-quarantined-files.txt 2010-04-25 07:19
ComboFix2.txt 2010-04-23 15:19
ComboFix3.txt 2010-04-23 15:09
ComboFix4.txt 2010-04-22 14:47
ComboFix5.txt 2010-04-25 07:14

Pre-Run: 229 112 532 992 byte ledig
Post-Run: 229 102 862 336 byte ledig

- - End Of File - - F25F6F071598101862F116D727D09BB2
Posted 4/26/2010 3:18 AM
#85318
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
It looks clean. Please tell how things are running now ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 4/27/2010 9:55 AM
#85367
User avatar

Bjorro Member

Date Joined Nov 2016
Total Posts: 9
So far the computer runs normal. I hope it stays this way.
Thank you for all help!
Posted 4/28/2010 4:31 AM
#85390
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
My pleasure :smile:






Now your computer problems are solved, it is time for the clean-up procedure

You should Create a New Restore Point to prevent possible reinfection from an old one.
The easiest and safest way to do this is:

Go to Start > All Programs > Accessories > System Tools > System Restore
Select Create a restore point, and Ok it.
Next, go to Start > Run and type in cleanmgr
Select the More options tab
Choose the option to clean up system restore and OK it.

This will remove all restore points except the new one you just created.





Download OTL by OldTimer, saving it to your desktop: Here

Click on the CleanUp! button. You'll be asked if you want to Begin cleanup process? Select Yes.

This step removes the files, folders, and shortcuts created by the tools I had you download and run.



When done, you will be prompted to restart your computer. Please restart your computer.






To find out what programs need to be updated, please download and run the:

[color=#222222>Secunia]



Please read Tony Klein´s guide about how to protect yourself while on the internet:

How did I get infected in the first place? [/color][/url]

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 4/28/2010 3:07 PM
#85410
User avatar

Bjorro Member

Date Joined Nov 2016
Total Posts: 9
Hi again. Now the computer is down again. When Windows starts I can`t do anything. Nothing works. Now I`m back in safemode and trying to follow the steps at the top of this post. I hope you have some solutions that I can try. I was just updating Bullguard when it happend. Bullguard stoped responding and after restart I can`t start any program. So I havent done the last step in the post.
Posted 4/29/2010 4:23 AM
#85452
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
Restart the computer a couple of times and see if it help. Otherwise, reboot and chose - Last good known configuration.

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 4/29/2010 4:52 PM
#85487
User avatar

Bjorro Member

Date Joined Nov 2016
Total Posts: 9
Hi. I will try this from the top again. I have formatted the harddrive and reinstalled Windows. When I said Windows freezes, I believe my CPU working at max, and therefore I can not open any program. I have scanned my computer again and leave you the logs from DDS, HiJackThis and malwarebytes. I have also placed 3 stars like this ***in front of two lines in Pseudo HJT report in the DDS report and ask what it can be.....
This logs are done in safemode


Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Database version: 4051

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

29.04.2010 17:09:55
mbam-log-2010-04-29 (17-09-55).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 180234
Time elapsed: 28 minute(s), 40 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 18.04.2010 20:04:44
System Uptime: 29.04.2010 15:18:36 (3 hours ago)

Motherboard: FUJITSU SIEMENS | | GA-8I945PE
Processor: Intel(R) Pentium(R) D CPU 3.40GHz | Socket 775 | 3391/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 233 GiB total, 216,256 GiB free.
D: is FIXED (NTFS) - 233 GiB total, 152,924 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP31: 28.04.2010 01:13:38 - Kontrollpunkt for system

==== Installed Programs ======================

7-Zip 9.13 beta
Ad-Aware
Ad-Aware Email Scanner for Outlook
Adobe Flash Player 10 Plugin
ArcSoft PhotoStudio 5.5
BullGuard 9.0
Canon MP Navigator 2.0
Canon MP500
Canon Utilities Easy-PhotoPrint
CCleaner
CD-LabelPrint
Easy-WebPrint
Foxit Reader
Fujitsu Siemens Computers WLAN 802.11b/g D1705/D1706
Fujitsu Siemens Wireless Keyboard
Fujitsu Siemens Wireless Wheel Mouse
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
Hurtigreparasjon for Windows XP (KB942288-v3)
Hurtigreparasjon for Windows XP (KB952287)
Hurtigreparasjon for Windows XP (KB961118)
Hurtigreparasjon for Windows XP (KB979306)
Intel(R) PRO Network Connections Drivers
J2SE Runtime Environment 5.0
Java Auto Updater
Java(TM) 6 Update 18
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Norwegian Language Pack
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office Standard Edition 2003
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6.3)
MSVCRT
Nero Suite
NVIDIA Drivers
NVIDIA nView Desktop Manager
OmniPage SE 2.0
OpenOffice.org 3.2
Oppdatering for Windows Internet Explorer 8 (KB976662)
Oppdatering for Windows Internet Explorer 8 (KB980182)
Oppdatering for Windows Internet Explorer 8 (KB980302)
Oppdatering for Windows XP (KB951978)
Oppdatering for Windows XP (KB955759)
Oppdatering for Windows XP (KB961503)
Oppdatering for Windows XP (KB967715)
Oppdatering for Windows XP (KB968389)
Oppdatering for Windows XP (KB971737)
Oppdatering for Windows XP (KB973687)
Oppdatering for Windows XP (KB973815)
Oppdatering for Windows XP (KB980182)
Opplastingsverktøy for Windows Live
Påloggingsassistent for Windows Live
Realtek High Definition Audio Driver
Segoe UI
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB971961)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB981332)
Sikkerhetsoppdatering for Windows Media Player (KB952069)
Sikkerhetsoppdatering for Windows Media Player (KB954155)
Sikkerhetsoppdatering for Windows Media Player (KB968816)
Sikkerhetsoppdatering for Windows Media Player (KB973540)
Sikkerhetsoppdatering for Windows Media Player (KB979402)
Sikkerhetsoppdatering for Windows XP (KB923561)
Sikkerhetsoppdatering for Windows XP (KB923789)
Sikkerhetsoppdatering for Windows XP (KB946648)
Sikkerhetsoppdatering for Windows XP (KB950760)
Sikkerhetsoppdatering for Windows XP (KB950762)
Sikkerhetsoppdatering for Windows XP (KB950974)
Sikkerhetsoppdatering for Windows XP (KB951066)
Sikkerhetsoppdatering for Windows XP (KB951376-v2)
Sikkerhetsoppdatering for Windows XP (KB951748)
Sikkerhetsoppdatering for Windows XP (KB952004)
Sikkerhetsoppdatering for Windows XP (KB952954)
Sikkerhetsoppdatering for Windows XP (KB955069)
Sikkerhetsoppdatering for Windows XP (KB956572)
Sikkerhetsoppdatering for Windows XP (KB956744)
Sikkerhetsoppdatering for Windows XP (KB956802)
Sikkerhetsoppdatering for Windows XP (KB956803)
Sikkerhetsoppdatering for Windows XP (KB956844)
Sikkerhetsoppdatering for Windows XP (KB958644)
Sikkerhetsoppdatering for Windows XP (KB958869)
Sikkerhetsoppdatering for Windows XP (KB959426)
Sikkerhetsoppdatering for Windows XP (KB960803)
Sikkerhetsoppdatering for Windows XP (KB960859)
Sikkerhetsoppdatering for Windows XP (KB961501)
Sikkerhetsoppdatering for Windows XP (KB969059)
Sikkerhetsoppdatering for Windows XP (KB969947)
Sikkerhetsoppdatering for Windows XP (KB970238)
Sikkerhetsoppdatering for Windows XP (KB970430)
Sikkerhetsoppdatering for Windows XP (KB971468)
Sikkerhetsoppdatering for Windows XP (KB971657)
Sikkerhetsoppdatering for Windows XP (KB972270)
Sikkerhetsoppdatering for Windows XP (KB973354)
Sikkerhetsoppdatering for Windows XP (KB973507)
Sikkerhetsoppdatering for Windows XP (KB973869)
Sikkerhetsoppdatering for Windows XP (KB973904)
Sikkerhetsoppdatering for Windows XP (KB974112)
Sikkerhetsoppdatering for Windows XP (KB974318)
Sikkerhetsoppdatering for Windows XP (KB974392)
Sikkerhetsoppdatering for Windows XP (KB974571)
Sikkerhetsoppdatering for Windows XP (KB975025)
Sikkerhetsoppdatering for Windows XP (KB975467)
Sikkerhetsoppdatering for Windows XP (KB975560)
Sikkerhetsoppdatering for Windows XP (KB975561)
Sikkerhetsoppdatering for Windows XP (KB975713)
Sikkerhetsoppdatering for Windows XP (KB977816)
Sikkerhetsoppdatering for Windows XP (KB977914)
Sikkerhetsoppdatering for Windows XP (KB978037)
Sikkerhetsoppdatering for Windows XP (KB978262)
Sikkerhetsoppdatering for Windows XP (KB978338)
Sikkerhetsoppdatering for Windows XP (KB978601)
Sikkerhetsoppdatering for Windows XP (KB978706)
Sikkerhetsoppdatering for Windows XP (KB979309)
Sikkerhetsoppdatering for Windows XP (KB979683)
Sikkerhetsoppdatering for Windows XP (KB980232)
Spybot - Search & Destroy
System Requirements Lab
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
Webshots Desktop
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalleri
Windows Live Messenger
Windows Live Sync
Windows Live Writer
Windows XP Service Pack 3

==== End Of File ===========================



DDS (Ver_10-03-17.01) - NTFSx86 NETWORK
Run by Bjørkedal at 18:17:04,07 on 29.04.2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.3327.2626 [GMT 2:00]

AV: BullGuard Antivirus *On-access scanning enabled* (Updated) {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913}
FW: BullGuard Firewall *enabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Main
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Programfiler\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\Programfiler\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\Programfiler\Lavasoft\Ad-Aware\AAWTray.exe
C:\Programfiler\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Bjørkedal\Mine dokumenter\Nedlastinger\dds.scr

============== Pseudo HJT Report ===============

BHO: Påloggingshjelp for Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programfiler\fellesfiler\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programfiler\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programfiler\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: BGAntiphishingBHO Class: {fc872b94-35e3-4b94-b028-184a2a1c7cce} - c:\programfiler\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIEBHO.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\programfiler\canon\easy-webprint\Toolband.dll
uRun: [msnmsgr] "c:\programfiler\windows live\messenger\msnmsgr.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe
mRun: [SunJavaUpdateSched] "c:\programfiler\fellesfiler\java\java update\jusched.exe"
mRun: [LWBMOUSE] c:\programfiler\fsc\wireless wheel mouse\MOUSE32A.EXE
mRun: [MULTIMEDIA KEYBOARD] c:\programfiler\netropa\multimedia keyboard\MMKeybd.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [OpwareSE2] "c:\programfiler\scansoft\omnipagese2.0\OpwareSE2.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [BullGuard] "c:\programfiler\bullguard ltd\bullguard\BullGuard.exe" -boot
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\bjrked~1\start-~1\progra~1\oppstart\webshots.lnk - c:\programfiler\webshots\Launcher.exe
***IE: E&ksporter til Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\programfiler\canon\easy-webprint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\programfiler\canon\easy-webprint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\programfiler\canon\easy-webprint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\programfiler\canon\easy-webprint\Resource.dll/RC_Print.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programfiler\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\programfiler\windows live\writer\WriterBrowserExtension.dll
IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\programfiler\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIE.dll
***IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
LSP: c:\windows\system32\BGLsp.dll
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/Dcode/ActiveX/MSDcode.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
AppInit_DLLs: c:\windows\system32\ BgGamingMonitor.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\bjrked~1\progra~1\mozilla\firefox\profiles\pnez6ob3.default\
FF - prefs.js: browser.startup.homepage - www.startsida.no
FF - component: c:\programfiler\bullguard ltd\bullguard\antiphishing\ff\antiphishing@bullguard\components\BGFFComponent.dll
FF - plugin: c:\programfiler\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\programfiler\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\programfiler\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\programfiler\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\programfiler\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\programfiler\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programfiler\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programfiler\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programfiler\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programfiler\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\programfiler\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\programfiler\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "https://www.firefox.com");
c:\programfiler\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\programfiler\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\programfiler\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-4-21 64288]
R1 msikbd2k;Multimedia Keyboard Filter Driver;c:\windows\system32\drivers\Msikbd2k.sys [2010-4-18 6656]
R2 BsMain;BullGuard main service;c:\windows\system32\SvcHost.exe -k BullGuard_Main [2004-8-4 14336]
R2 BsUpdate;BullGuard update service;c:\programfiler\bullguard ltd\bullguard\BullGuardUpdate.exe [2010-4-18 341328]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programfiler\lavasoft\ad-aware\AAWService.exe [2010-2-4 1284840]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [2009-12-4 31640]
R3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [2010-4-18 215040]
S1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [2010-3-12 58448]
S2 BsBrowser;BullGuard antiphishing service;c:\windows\system32\SvcHost.exe -k BullGuard_LowPriv [2004-8-4 14336]
S2 BsFileScan;BullGuard on-access service;c:\windows\system32\SvcHost.exe -k BullGuard [2004-8-4 14336]
S2 BsFire;BullGuard firewall service;c:\windows\system32\SvcHost.exe -k BullGuard [2004-8-4 14336]
S2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\system32\SvcHost.exe -k BullGuard [2004-8-4 14336]
S2 nhksrv;Netropa NHK Server;c:\programfiler\netropa\multimedia keyboard\nhksrv.exe [2010-4-18 28672]
S3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2009-12-4 256792]
S3 BgRaSvc;BgRaSvc;c:\programfiler\bullguard ltd\bullguard\support\BgRaSvc.exe [2010-3-3 120144]
S3 BsScanner;BullGuard scanning service;c:\programfiler\bullguard ltd\bullguard\BullGuardScanner.exe [2010-3-3 297808]
S3 cxbu0wdm;OMNIKEY 3x21;c:\windows\system32\drivers\cxbu0wdm.sys [2010-1-25 115712]

=============== Created Last 30 ================

2010-04-29 13:19:22 0 d--h--r- c:\documents and settings\bjørkedal\Siste
2010-04-29 11:48:22 0 d-----w- c:\programfiler\Spybot - Search & Destroy
2010-04-29 11:48:22 0 d-----w- c:\docume~1\alluse~1\progra~1\Spybot - Search & Destroy
2010-04-28 16:22:58 0 d-----w- c:\programfiler\Secunia
2010-04-22 19:19:41 3313 ----a-w- c:\windows\system32\wbem\Outlook_01cae250c24fc830.mof
2010-04-22 13:55:57 0 d-----w- c:\docume~1\bjrked~1\progra~1\Malwarebytes
2010-04-22 11:40:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-22 11:40:23 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-22 11:40:23 0 d-----w- c:\programfiler\Malwarebytes' Anti-Malware
2010-04-22 11:40:23 0 d-----w- c:\docume~1\alluse~1\progra~1\Malwarebytes
2010-04-21 15:55:59 0 d-sh--w- c:\documents and settings\bjørkedal\PrivacIE
2010-04-21 15:52:22 3313 ----a-w- c:\windows\system32\wbem\Outlook_01cae16aa1314868.mof
2010-04-21 14:59:22 1089883 -c----w- c:\windows\system32\dllcache\ntprint.cat
2010-04-21 13:05:48 0 d-----w- c:\docume~1\bjrked~1\progra~1\Foxit
2010-04-21 13:05:37 0 d-----w- c:\programfiler\Foxit Software
2010-04-21 10:37:02 0 d-----w- c:\windows\system32\XPSViewer
2010-04-21 10:36:32 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-04-21 10:36:32 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-04-21 10:36:32 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-04-21 10:36:32 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-04-21 10:36:32 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-04-21 10:36:32 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-04-21 10:36:32 117760 ------w- c:\windows\system32\prntvpt.dll
2010-04-21 10:36:32 0 d-----w- C:\5a8271f8f8c39a84261ca7
2010-04-21 09:58:54 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-04-21 09:25:05 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-04-21 09:24:58 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-04-21 09:22:25 0 d-----w- c:\programfiler\Lavasoft
2010-04-21 09:17:32 0 dc-h--w- c:\docume~1\alluse~1\progra~1\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-04-20 21:51:48 3313 ----a-w- c:\windows\system32\wbem\Outlook_01cae0d3ad89453a.mof
2010-04-20 21:45:46 382 ----a-w- c:\windows\ODBC.INI
2010-04-20 21:45:41 28040 ----a-w- c:\windows\system32\mdimon.dll
2010-04-20 21:44:50 0 d-----w- c:\windows\SHELLNEW
2010-04-20 21:33:29 0 d-----w- c:\programfiler\CCleaner
2010-04-20 21:23:27 0 d-----w- c:\programfiler\Trend Micro
2010-04-20 21:16:28 161296 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2010-04-20 18:36:23 77312 ----a-w- c:\windows\MBR.exe
2010-04-20 18:36:23 256512 ----a-w- c:\windows\PEV.exe
2010-04-19 16:22:26 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-04-19 16:22:26 215920 ----a-w- c:\windows\system32\muweb.dll
2010-04-19 16:22:26 17248 ----a-w- c:\windows\system32\mucltui.dll.mui
2010-04-19 14:30:43 0 d-----w- c:\documents and settings\bjørkedal\Tracing
2010-04-19 14:24:57 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-04-19 14:24:48 0 d-----w- c:\programfiler\Microsoft SQL Server Compact Edition
2010-04-19 14:24:12 0 d-----w- c:\programfiler\Microsoft
2010-04-19 14:23:55 0 d-----w- c:\programfiler\Windows Live SkyDrive
2010-04-19 14:17:07 0 d-----w- c:\programfiler\fellesfiler\Windows Live
2010-04-19 13:11:24 0 d-----w- c:\programfiler\OpenOffice.org 3
2010-04-19 12:18:59 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-04-19 12:18:59 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-04-18 23:03:40 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-04-18 23:01:42 112739 ------w- c:\windows\UNNeroVision.cfg
2010-04-18 23:01:40 3006464 ------w- c:\windows\UNNeroVision.exe
2010-04-18 23:01:40 24064 ------w- c:\windows\system32\msxml3a.dll
2010-04-18 23:00:58 364544 ------w- c:\windows\system32\TwnLib4.dll
2010-04-18 23:00:57 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-04-18 23:00:57 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-04-18 23:00:57 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-04-18 23:00:57 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-04-18 23:00:56 38912 ------w- c:\windows\system32\picn20.dll
2010-04-18 23:00:56 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-04-18 23:00:44 0 d-----w- c:\programfiler\fellesfiler\Ahead
2010-04-18 22:45:53 3932214 ----a-w- c:\windows\Webshots for Bjrkedal.bmp
2010-04-18 22:45:45 32768 ----a-w- c:\windows\system32\WSVersionATX.ocx
2010-04-18 22:45:45 1957888 ----a-w- c:\windows\webshots.scr
2010-04-18 22:45:44 0 d-----w- c:\programfiler\Webshots
2010-04-18 22:43:34 0 d-sh--w- c:\documents and settings\bjørkedal\IETldCache
2010-04-18 22:41:41 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-04-18 22:41:41 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-04-18 22:41:41 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-04-18 22:41:41 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-04-18 22:41:41 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-04-18 22:41:41 11070976 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-04-18 22:41:35 0 d-----w- c:\windows\ie8updates
2010-04-18 22:41:13 64000 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-04-18 22:39:59 0 dc-h--w- c:\windows\ie8
2010-04-18 22:14:20 0 d-----w- c:\windows\system32\nb-no
2010-04-18 22:14:17 0 d-----w- c:\windows\l2schemas
2010-04-18 22:14:16 0 d-----w- c:\windows\system32\no
2010-04-18 22:14:16 0 d-----w- c:\windows\system32\bits
2010-04-18 22:07:31 0 d-----w- c:\windows\network diagnostic
2010-04-18 22:03:23 0 d-----w- c:\windows\EHome
2010-04-18 21:43:47 0 d-----w- c:\windows\system32\LogFiles
2010-04-18 21:38:58 20992 ------w- c:\windows\system32\spupdwxp.exe
2010-04-18 21:37:59 638 ------w- c:\windows\system32\wbem\napclientprov.mof
2010-04-18 21:35:59 48640 ------w- c:\windows\system32\dhcpqec.dll
2010-04-18 21:26:40 0 d-----w- c:\windows\ServicePackFiles
2010-04-18 21:18:34 8704 ----a-w- c:\windows\system32\CNMVS7L.DLL
2010-04-18 21:18:32 140288 ----a-w- c:\windows\system32\CNMLM7L.DLL
2010-04-18 21:18:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-04-18 21:17:31 0 d-----w- c:\docume~1\alluse~1\progra~1\SSScanWizard
2010-04-18 21:17:31 0 d-----w- c:\docume~1\alluse~1\progra~1\SSScanAppDataDir
2010-04-18 21:17:29 528 ----a-w- c:\windows\MAXLINK.INI
2010-04-18 21:17:04 0 d-----w- c:\programfiler\ScanSoft
2010-04-18 21:17:04 0 d-----w- c:\programfiler\fellesfiler\ScanSoft Shared
2010-04-18 21:15:56 212480 ----a-w- c:\windows\PCDLIB32.DLL
2010-04-18 21:13:10 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-04-18 21:13:10 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-04-18 21:13:10 1060864 ----a-w- c:\windows\system32\MFC71.dll
2010-04-18 21:13:05 306688 ----a-w- c:\windows\IsUninst.exe
2010-04-18 21:12:18 0 d--h--w- c:\windows\system32\CanonMP Uninstaller Information
2010-04-18 21:12:06 49152 ----a-w- c:\windows\system32\cncisco.dll
2010-04-18 21:12:05 139264 ----a-w- c:\windows\system32\CNCL500.DLL
2010-04-18 21:12:04 69632 ----a-w- c:\windows\system32\CNCI500.DLL
2010-04-18 21:12:04 221184 ----a-w- c:\windows\system32\CNCC500.DLL
2010-04-18 21:11:36 0 d-----w- C:\CanonMP
2010-04-18 21:10:32 0 d-----w- c:\programfiler\Canon
2010-04-18 21:09:39 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-04-18 21:09:37 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-04-18 21:09:37 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-04-18 21:09:31 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-04-18 21:09:28 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2010-04-18 21:09:24 293376 ------w- c:\windows\system32\browserchoice.exe
2010-04-18 21:09:21 272256 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-04-18 21:09:21 272256 ------w- c:\windows\system32\drivers\bthport.sys
2010-04-18 21:07:37 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-04-18 21:07:13 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-04-18 21:04:48 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-04-18 21:04:46 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-04-18 21:02:56 217088 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-04-18 21:02:02 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-04-18 21:02:02 2191744 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-04-18 21:02:01 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-04-18 21:02:01 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-04-18 21:02:01 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-04-18 21:02:01 111104 -c----w- c:\windows\system32\dllcache\services.exe
2010-04-18 21:02:00 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-04-18 21:02:00 680448 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-04-18 21:02:00 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-04-18 21:01:59 710656 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-04-18 21:01:59 2148352 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-04-18 21:01:58 2026496 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-04-18 20:57:29 0 d-----w- c:\windows\system32\PreInstall
2010-04-18 20:50:35 0 d-----w- c:\docume~1\bjrked~1\progra~1\BullGuard
2010-04-18 20:48:01 0 d-----w- c:\docume~1\alluse~1\progra~1\NVIDIA Corporation
2010-04-18 20:47:56 600680 ----a-w- c:\windows\system32\nvuninst.exe
2010-04-18 20:47:55 0 d-----w- c:\programfiler\NVIDIA Corporation
2010-04-18 20:47:28 9046 ----a-w- c:\windows\system32\nvinfo.pb
2010-04-18 20:47:28 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-04-18 20:47:28 2646632 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-04-18 20:47:28 2030184 ----a-w- c:\windows\system32\nvcuvid.dll
2010-04-18 20:47:25 4075520 ----a-w- c:\windows\system32\nvcuda.dll
2010-04-18 20:47:25 2183470 ----a-w- c:\windows\system32\nvdata.bin
2010-04-18 20:47:25 11647592 ----a-w- c:\windows\system32\nvcompiler.dll
2010-04-18 20:47:16 0 d-----w- C:\NVIDIA
2010-04-18 20:41:37 0 d-----w- c:\programfiler\SystemRequirementsLab
2010-04-18 20:39:51 0 d-----w- c:\docume~1\alluse~1\progra~1\BullGuard
2010-04-18 20:39:25 0 d-----w- c:\programfiler\BullGuard Ltd
2010-04-18 20:33:18 0 d-----w- c:\windows\system32\SoftwareDistribution
2010-04-18 20:30:33 940794 ----a-w- c:\windows\system32\LoopyMusic.wav
2010-04-18 20:30:33 146650 ----a-w- c:\windows\system32\BuzzingBee.wav
2010-04-18 20:30:32 0 d-----w- c:\windows\system32\Lang
2010-04-18 20:27:21 600680 ----a-w- c:\windows\system32\nvudisp.exe
2010-04-18 20:27:21 25755 ----a-w- c:\windows\system32\nvdisp.nvu
2010-04-18 20:27:21 0 d-----w- c:\windows\nview
2010-04-18 20:27:02 49152 ----a-r- c:\windows\system32\unwlsdrv.exe
2010-04-18 20:27:02 215040 ----a-r- c:\windows\system32\drivers\sis163u.sys
2010-04-18 20:25:57 5504 ----a-w- c:\windows\system32\drivers\intelide.sys
2010-04-18 20:24:45 0 d-----w- c:\windows\system32\ReinstallBackups
2010-04-18 20:22:53 0 ----a-w- c:\windows\WININIT.INI
2010-04-18 20:22:52 6656 ----a-w- c:\windows\system32\drivers\Msikbd2k.sys
2010-04-18 20:22:52 28672 ----a-w- c:\windows\system32\msiosd32.dll
2010-04-18 20:22:52 245 ----a-w- c:\windows\MSIOSD.INI
2010-04-18 20:22:52 0 d-----w- c:\programfiler\Netropa
2010-04-18 20:22:43 0 d-----w- c:\programfiler\fellesfiler\InstallShield
2010-04-18 20:22:32 6205 ----a-w- c:\windows\system32\LWBHMVXD.VXD
2010-04-18 20:22:32 0 d-----w- c:\programfiler\FSC
2010-04-18 20:20:01 0 d-s---w- c:\windows\system32\Microsoft
2010-04-18 19:47:53 0 d-----w- c:\programfiler\fellesfiler\ODBC
2010-04-18 19:47:48 0 d-----w- c:\programfiler\fellesfiler\SpeechEngines
2010-04-18 19:47:16 0 d--h--w- c:\documents and settings\all users\Maler
2010-04-18 19:47:16 0 d-----w- c:\documents and settings\all users\Skrivebord
2010-04-18 19:47:16 0 d-----w- c:\documents and settings\all users\Favoritter
2010-04-18 19:47:16 0 d-----r- c:\documents and settings\all users\Start-meny
2010-04-18 19:47:16 0 d-----r- c:\documents and settings\all users\Dokumenter
2010-04-18 19:46:57 0 d--h--r- c:\documents and settings\all users\Programdata
2010-04-18 17:59:16 0 d-sh--w- c:\documents and settings\all users\DRM
2010-04-18 17:59:01 0 d--h--w- c:\programfiler\WindowsUpdate
2010-04-18 17:58:57 0 d-----w- c:\programfiler\Elektroniske tjenester
2010-04-18 17:58:13 0 d-----w- c:\programfiler\fellesfiler\Tjenester
2010-04-18 17:58:10 0 d-----w- c:\programfiler\fellesfiler\MSSoap
2010-04-18 17:56:46 0 d-----w- c:\programfiler\Messenger
2010-04-18 17:56:42 0 d-----w- c:\programfiler\MSN Gaming Zone
2010-04-18 17:56:17 0 d-----w- c:\programfiler\Windows NT

==================== Find3M ====================

2010-04-22 19:19:41 80632 ----a-w- c:\windows\system32\perfc014.dat
2010-04-22 19:19:41 446686 ----a-w- c:\windows\system32\perfh014.dat
2010-04-18 20:55:39 150864 ----a-w- c:\windows\system32\BGLsp.dll
2010-04-18 17:57:34 21704 ----a-w- c:\windows\system32\emptyregdb.dat
2010-04-03 22:55:31 6432128 ----a-w- c:\windows\system32\nv4_disp.dll
2010-04-03 22:55:31 227944 ----a-w- c:\windows\system32\nvcodins.dll
2010-04-03 22:55:31 227944 ----a-w- c:\windows\system32\nvcod.dll
2010-04-03 22:55:31 14757888 ----a-w- c:\windows\system32\nvoglnt.dll
2010-04-03 22:55:31 1097728 ----a-w- c:\windows\system32\nvapi.dll
2010-04-03 22:55:31 10232128 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-04-03 17:23:18 278120 ----a-w- c:\windows\system32\nvmccs.dll
2010-04-03 17:23:16 154216 ----a-w- c:\windows\system32\nvsvc32.exe
2010-04-03 17:23:16 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-04-03 17:23:16 13670504 ----a-w- c:\windows\system32\nvcpl.dll
2010-04-03 17:23:16 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-04-03 17:23:00 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2010-04-03 17:23:00 126976 ----a-w- c:\windows\system32\nvrszht.dll
2010-03-18 16:03:54 98128 ----a-w- c:\windows\system32\BgGamingMonitor.dll
2010-03-12 09:34:52 58448 ----a-w- c:\windows\system32\drivers\BdSpy.sys
2010-03-10 06:17:41 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-25 06:20:31 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-16 19:10:49 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:10:49 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:35:06 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-01 17:42:58 123256 ----a-w- c:\windows\system32\BdInstHk.dll

============= FINISH: 18:17:27,20 ===============



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:30:59, on 29.04.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\SvcHost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programfiler\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\Programfiler\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\Programfiler\Lavasoft\Ad-Aware\AAWTray.exe
C:\Programfiler\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\notepad.exe
C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: BGAntiphishingBHO - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Programfiler\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programfiler\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programfiler\Fellesfiler\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LWBMOUSE] C:\Programfiler\FSC\Wireless Wheel Mouse\MOUSE32A.EXE
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Programfiler\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OpwareSE2] "C:\Programfiler\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BullGuard] "c:\programfiler\bullguard ltd\bullguard\BullGuard.exe" -boot
O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Webshots.lnk = C:\Programfiler\Webshots\Launcher.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programfiler\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Blogg dette - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programfiler\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blogg dette i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programfiler\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Programfiler\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll
O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\ BgGamingMonitor.dll
O23 - Service: BgRaSvc - BullGuard Ltd. - C:\Programfiler\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Programfiler\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Programfiler\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programfiler\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Programfiler\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7249 bytes
Posted 5/2/2010 2:01 PM
#85582
User avatar

Bjorro Member

Date Joined Nov 2016
Total Posts: 9
Hi again. I found the trouble. An update from Microsoft Net.framework caused my cpu to work at 100%.
Uninstalled it and now my computer works normal :-).

Thank you for trying to help.
Posted 5/4/2010 4:24 AM
#85647
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
That´s good news you found out what´s wrong :yeah:

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Thursday, August 18, 2022, 6:43 AM (GMT +2)
There are a total of 61,974 posts in 13,697 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 38,573 registered members. Please welcome our newest member, iAwake.
32 Guest(s), 0 Registered Member(s) are currently online.