Results 1 to 4 of 4

Thread: Malware and infections on my computer

  1. 2008-05-16, 00:40 #1
    Bjarne
    Bjarne is offline
    Junior Member
    Join Date
    May 2008
    Posts
    2

    Default Malware and infections on my computer

    Hey!
    Lately I've had problems with virus/malware on my computer. Links are sent to my friends through Windows Messenger althougt I'm not logged in. I hope you can help me removing any virus or malware that causes this problem. Results from Kaspersky Online Scanner and HijackThis are attached. Thank you!
    Results from Kaspersky Online Scanner:
    C:\Documents and Settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
    C:\Documents and Settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
    C:\Documents and Settings\All Users\Programdata\Microsoft\Windows Defender\Support\MPLog-03212007-000519.log Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Logg\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Messenger\bjarne_nesse@hotmail.com\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Messenger\bjarne_nesse@hotmail.com\SharingMetadata\Working\database_FA60_F58F_60F5_533D\dfsr.db Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Messenger\bjarne_nesse@hotmail.com\SharingMetadata\Working\database_FA60_F58F_60F5_533D\fsr.log Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Messenger\bjarne_nesse@hotmail.com\SharingMetadata\Working\database_FA60_F58F_60F5_533D\fsrtmp.log Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Messenger\bjarne_nesse@hotmail.com\SharingMetadata\Working\database_FA60_F58F_60F5_533D\tmp.edb Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Windows Defender\FileTracker\{3D60FBCC-3EBD-4799-8014-31BD8C2A29CC} Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Windows Live Contacts\bjarne_nesse@hotmail.com\real\members.stg Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\Cache\_CACHE_001_ Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\Cache\_CACHE_002_ Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\Cache\_CACHE_003_ Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\Cache\_CACHE_MAP_ Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Temp\~DFB38E.tmp Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Temp\~DFB3AB.tmp Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\cert8.db Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\formhistory.dat Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\history.dat Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\key3.db Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\parent.lock Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\search.sqlite Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\urlclassifier2.sqlite Object is locked skipped
    C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Lokale innstillinger\Logg\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Lokale innstillinger\Programdata\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Lokale innstillinger\Programdata\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Lokale innstillinger\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\Mona\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\Mona\Lokale innstillinger\Logg\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Mona\Lokale innstillinger\Programdata\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\Mona\Lokale innstillinger\Programdata\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\Mona\Lokale innstillinger\Programdata\Microsoft\Windows Defender\FileTracker\{C9B19BDC-876B-4B60-B84E-60C5E95A3771} Object is locked skipped
    C:\Documents and Settings\Mona\Lokale innstillinger\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Mona\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\Mona\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\Lokale innstillinger\Programdata\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Lokale innstillinger\Programdata\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
    C:\Programfiler\Norman\npf\data\npfldata.bin Object is locked skipped
    C:\Programfiler\Norman\resources\store.nts Object is locked skipped
    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
    C:\System Volume Information\_restore{DAF35859-E31E-406E-ABE5-2986469BC4BB}\RP384\change.log Object is locked skipped
    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
    C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
    C:\WINDOWS\SchedLgU.Txt Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\EventCache\{02B1CF9F-A183-4145-A9AC-DC645D5C7B44}.bin Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
    C:\WINDOWS\Sti_Trace.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\default Object is locked skipped
    C:\WINDOWS\system32\config\default.LOG Object is locked skipped
    C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
    C:\WINDOWS\system32\config\SAM Object is locked skipped
    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
    C:\WINDOWS\system32\config\software Object is locked skipped
    C:\WINDOWS\system32\config\software.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\system Object is locked skipped
    C:\WINDOWS\system32\config\system.LOG Object is locked skipped
    C:\WINDOWS\system32\h323log.txt Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
    C:\WINDOWS\wiadebug.log Object is locked skipped
    C:\WINDOWS\wiaservc.log Object is locked skipped
    C:\WINDOWS\WindowsUpdate.log Object is locked skipped
    E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
    Result of HijackThis scan:
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://no.msn.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bt.no/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://no.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.msn.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [IntelZeroConfig] C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] C:\Programfiler\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Programfiler\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
    O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe
    O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
    O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe
    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [AVManager] "C:\Programfiler\Wistron\AVManager\AVManager.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Windows Defender] "C:\Programfiler\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Norman ZANDA] "C:\Programfiler\Norman\Npm\bin\ZLH.EXE" /LOAD /SPLASH
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [WinampAgent] C:\Programfiler\Winamp\winampa.exe
    O4 - HKLM\..\Run: [SBCSTray] C:\Programfiler\Sunbelt Software\CounterSpy\SBCSTray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MtdAcqu] "C:\Programfiler\Creative\MediaSource5\MtdAcqu.exe" /s
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Programfiler\Cisco Systems\VPN Client\vpngui.exe
    O4 - Global Startup: Picture Package Menu.lnk = ?
    O4 - Global Startup: Picture Package VCD Maker.lnk = ?
    O8 - Extra context menu item: &Windows Live Search - res://C:\Programfiler\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1162597060828
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programfiler\Cisco Systems\VPN Client\cvpnd.exe
    O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Programfiler\Norman\Npm\Bin\eLogsvc.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Norman NJeeves - Unknown owner - C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE
    O23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman ASA - C:\Programfiler\Norman\npf\bin\npfsvc32.exe
    O23 - Service: Norman Security service (NPROSECSVC) - Norman ASA - C:\Programfiler\Norman\Ngs\bin\NPROSEC.EXE
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Programfiler\Norman\Nvc\bin\nvcoas.exe
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Programfiler\Norman\Npm\bin\NVCSCHED.EXE
    O23 - Service: Norman's Very Own supplY of resources (NVOY) - Norman ASA - C:\Programfiler\Norman\npm\bin\nvoy.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Programfiler\Sunbelt Software\CounterSpy\SBCSSvc.exe
  2. 2008-05-17, 23:12 #2
    pskelley
    pskelley is offline
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,538

    Default

    Welcome to Safer Networking, I wish to be sure you have viewed and understand this information.
    "BEFORE you POST" (READ this Procedure before Requesting Assistance)
    http://forums.spybot.info/showthread.php?t=288
    All advice given is taken at your own risk.
    Please make sure you have read this information so we are on the same page.

    I don't if I can help you are not, if you wish to find out, start by reading the instructions again, neither log you posted is usable, looks like they are both partial logs and you need to read all of the instructions especially the part about turning off word wrap.

    Now look at this post, the two logs are posted correctly and that is how I need to see yours:
    http://forums.spybot.info/showthread.php?t=28183

    When you do that I will be able to look at your logs and advise if I can help or not.

    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006
  3. 2008-05-18, 20:26 #3
    Bjarne
    Bjarne is offline
    Junior Member
    Join Date
    May 2008
    Posts
    2

    Default

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 00:23:30, on 16.05.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\Programfiler\Norman\Npm\Bin\eLogsvc.exe
    C:\Programfiler\Norman\Ngs\bin\NPROSEC.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Programfiler\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe
    C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe
    C:\Programfiler\Norman\npm\bin\nvoy.exe
    C:\Programfiler\Norman\npf\bin\npfsvc32.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Programfiler\Cisco Systems\VPN Client\cvpnd.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Programfiler\Intel\Wireless\Bin\OProtSvc.exe
    C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe
    C:\Programfiler\Sunbelt Software\CounterSpy\SBCSSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Programfiler\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Programfiler\Intel\Wireless\Bin\EOUWiz.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\Programfiler\ltmoh\Ltmoh.exe
    C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe
    C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Launch Manager\LaunchAp.exe
    C:\Program Files\Launch Manager\HotkeyApp.exe
    C:\Program Files\Launch Manager\OSD.exe
    C:\Program Files\Launch Manager\Wbutton.exe
    C:\Programfiler\Wistron\AVManager\AVManager.exe
    C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe
    C:\Programfiler\QuickTime\qttask.exe
    C:\Programfiler\Windows Defender\MSASCui.exe
    C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\Programfiler\Norman\Npm\bin\ZLH.EXE
    C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe
    C:\Programfiler\Sunbelt Software\CounterSpy\SBCSTray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe
    C:\Programfiler\Creative\MediaSource5\MtdAcqu.exe
    C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe
    C:\Programfiler\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
    C:\Programfiler\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
    C:\Programfiler\Mozilla Firefox\firefox.exe
    C:\Programfiler\Windows Live\Messenger\usnsvc.exe
    C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://no.msn.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bt.no/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://no.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.msn.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [IntelZeroConfig] C:\Programfiler\Intel\Wireless\bin\ZCfgSvc.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] C:\Programfiler\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Programfiler\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
    O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe
    O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
    O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe
    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [AVManager] "C:\Programfiler\Wistron\AVManager\AVManager.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Windows Defender] "C:\Programfiler\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Norman ZANDA] "C:\Programfiler\Norman\Npm\bin\ZLH.EXE" /LOAD /SPLASH
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [WinampAgent] C:\Programfiler\Winamp\winampa.exe
    O4 - HKLM\..\Run: [SBCSTray] C:\Programfiler\Sunbelt Software\CounterSpy\SBCSTray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MtdAcqu] "C:\Programfiler\Creative\MediaSource5\MtdAcqu.exe" /s
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Programfiler\Cisco Systems\VPN Client\vpngui.exe
    O4 - Global Startup: Picture Package Menu.lnk = ?
    O4 - Global Startup: Picture Package VCD Maker.lnk = ?
    O8 - Extra context menu item: &Windows Live Search - res://C:\Programfiler\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1162597060828
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programfiler\Cisco Systems\VPN Client\cvpnd.exe
    O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Programfiler\Norman\Npm\Bin\eLogsvc.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Norman NJeeves - Unknown owner - C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE
    O23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman ASA - C:\Programfiler\Norman\npf\bin\npfsvc32.exe
    O23 - Service: Norman Security service (NPROSECSVC) - Norman ASA - C:\Programfiler\Norman\Ngs\bin\NPROSEC.EXE
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Programfiler\Norman\Nvc\bin\nvcoas.exe
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Programfiler\Norman\Npm\bin\NVCSCHED.EXE
    O23 - Service: Norman's Very Own supplY of resources (NVOY) - Norman ASA - C:\Programfiler\Norman\npm\bin\nvoy.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Programfiler\Sunbelt Software\CounterSpy\SBCSSvc.exe

    --
    End of file - 10301 bytes


    KASPERSKY ONLINE SCANNER REPORT
    Thursday, May 15, 2008 11:21:02 PM
    Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.98.0
    Kaspersky Anti-Virus database last update: 15/05/2008
    Kaspersky Anti-Virus database records: 775984
    Scan Settings
    Scan using the following antivirus database extended
    Scan Archives true
    Scan Mail Bases true
    Scan Target My Computer
    C:\
    D:\
    E:\
    Scan Statistics
    Total number of scanned objects 59853
    Number of viruses found 0
    Number of infected objects 0
    Number of suspicious objects 0
    Duration of the scan process 00:58:40

    Infected Object Name Virus Name Last Action
    C:\Documents and Settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
    C:\Documents and Settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
    C:\Documents and Settings\All Users\Programdata\Microsoft\Windows Defender\Support\MPLog-03212007-000519.log Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Logg\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Messenger\bjarne_nesse@hotmail.com\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Messenger\bjarne_nesse@hotmail.com\SharingMetadata\Working\database_FA60_F58F_60F5_533D\dfsr.db Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Messenger\bjarne_nesse@hotmail.com\SharingMetadata\Working\database_FA60_F58F_60F5_533D\fsr.log Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Messenger\bjarne_nesse@hotmail.com\SharingMetadata\Working\database_FA60_F58F_60F5_533D\fsrtmp.log Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Messenger\bjarne_nesse@hotmail.com\SharingMetadata\Working\database_FA60_F58F_60F5_533D\tmp.edb Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Windows Defender\FileTracker\{3D60FBCC-3EBD-4799-8014-31BD8C2A29CC} Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Microsoft\Windows Live Contacts\bjarne_nesse@hotmail.com\real\members.stg Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\Cache\_CACHE_001_ Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\Cache\_CACHE_002_ Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\Cache\_CACHE_003_ Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\Cache\_CACHE_MAP_ Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Temp\~DFB38E.tmp Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Temp\~DFB3AB.tmp Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Lokale innstillinger\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\cert8.db Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\formhistory.dat Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\history.dat Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\key3.db Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\parent.lock Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\search.sqlite Object is locked skipped
    C:\Documents and Settings\Bjarne Nesse\Programdata\Mozilla\Firefox\Profiles\bca2585c.default\urlclassifier2.sqlite Object is locked skipped
    C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Lokale innstillinger\Logg\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Lokale innstillinger\Programdata\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Lokale innstillinger\Programdata\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Lokale innstillinger\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\Mona\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\Mona\Lokale innstillinger\Logg\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Mona\Lokale innstillinger\Programdata\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\Mona\Lokale innstillinger\Programdata\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\Mona\Lokale innstillinger\Programdata\Microsoft\Windows Defender\FileTracker\{C9B19BDC-876B-4B60-B84E-60C5E95A3771} Object is locked skipped
    C:\Documents and Settings\Mona\Lokale innstillinger\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Mona\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\Mona\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\Lokale innstillinger\Programdata\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Lokale innstillinger\Programdata\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
    C:\Programfiler\Norman\npf\data\npfldata.bin Object is locked skipped
    C:\Programfiler\Norman\resources\store.nts Object is locked skipped
    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
    C:\System Volume Information\_restore{DAF35859-E31E-406E-ABE5-2986469BC4BB}\RP384\change.log Object is locked skipped
    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
    C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
    C:\WINDOWS\SchedLgU.Txt Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\EventCache\{02B1CF9F-A183-4145-A9AC-DC645D5C7B44}.bin Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
    C:\WINDOWS\Sti_Trace.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\default Object is locked skipped
    C:\WINDOWS\system32\config\default.LOG Object is locked skipped
    C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
    C:\WINDOWS\system32\config\SAM Object is locked skipped
    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
    C:\WINDOWS\system32\config\software Object is locked skipped
    C:\WINDOWS\system32\config\software.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\system Object is locked skipped
    C:\WINDOWS\system32\config\system.LOG Object is locked skipped
    C:\WINDOWS\system32\h323log.txt Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
    C:\WINDOWS\wiadebug.log Object is locked skipped
    C:\WINDOWS\wiaservc.log Object is locked skipped
    C:\WINDOWS\WindowsUpdate.log Object is locked skipped
    E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
    Scan process completed.
  4. 2008-05-18, 21:06 #4
    pskelley
    pskelley is offline
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,538

    Default

    KASPERSKY ONLINE SCANNER REPORT Thursday, May 15, 2008 11:21:02 PM

    ===== Infected Objects =====
    Number of items = 0
    Number of viruses found 0
    Number of infected objects 0
    Number of suspicious objects 0

    That's a clean scan.

    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:23:30, on 16.05.2008

    Thanks a clean scan? I don't see any malware in the logs, why do you think you have a problem?
    You might want to look at this information for help:
    http://www.google.com/search?hl=en&q...rt&btnG=Search

    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules