Ok, here's what you asked for. I'm not experiencing any problems with my machine right now.
Thanks again for your help so far!
REPORT
SDFix: Version 1.240
Run by K›dde on 13.03.2009 at 20:15
Microsoft Windows XP [Versjon 5.1.2600]
Running From: C:\SDFix
Checking Services :
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
Checking Files :
No Trojan Files Found
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-03-13 20:26:08
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Programfiler\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:8a,4d,a2,ad,70,83,a8,10,ab,55,77,59,4a,77,7f,3a,38,42,da,11,46,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,6a,0e,1d,18,63,78,4e,18,ae,1e,a1,3f,9a,68,81,4b,4c,..
"khjeh"=hex:c5,ca,38,3a,6d,ba,c5,9f,6d,cf,a1,a2,82,60,e0,2a,6d,21,36,9f,cd,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:7e,c5,9b,63,0d,38,ef,30,7b,dd,f9,34,28,d4,aa,c6,1b,07,a0,e9,82,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:96,69,f5,b7,60,74,c1,22,0f,98,1a,c5,fe,1f,da,99,3d,b3,d7,9a,97,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Programfiler\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:f8,6d,ff,1d,e8,7e,8f,da,ce,3f,5d,b6,9b,ca,0a,45,80,21,ad,c0,23,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,6a,0e,1d,18,63,78,4e,18,ae,1e,a1,3f,9a,68,81,4b,4c,..
"khjeh"=hex:c5,ca,38,3a,6d,ba,c5,9f,6d,cf,a1,a2,82,60,e0,2a,6d,21,36,9f,cd,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:3f,69,6a,7a,9a,b9,38,f8,95,25,ff,23,4e,3c,b5,42,c3,cd,74,4f,10,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:84,5e,4b,34,be,de,17,f9,58,c2,c0,56,9e,3e,e4,76,20,c3,32,21,4f,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s0"=dword:2a26279a
"s1"=dword:e727a182
"s2"=dword:9393da3b
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:02,f0,9c,e4,87,ad,8f,25,ec,69,ea,05,bc,a4,30,27,47,63,35,5c,e7,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:02,f0,9c,e4,87,ad,8f,25,ec,69,ea,05,bc,a4,30,27,47,63,35,5c,e7,..
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled
xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\cdiodytjqo.exe"="C:\\WINDOWS\\system32\\cdiodytjqo.exe:*
isabled:cdiodytjqo"
"C:\\Programfiler\\WinMX\\WinMX.exe"="C:\\Programfiler\\WinMX\\WinMX.exe:*:Enabled:WinMX Application"
"D:\\Spill\\LOTR\\game.dat"="D:\\Spill\\LOTR\\game.dat:*
isabled:Kampen om Midgard(tm)"
"C:\\Programfiler\\Kazaa\\kazaa.exe"="C:\\Programfiler\\Kazaa\\kazaa.exe:*
isabled:Kazaa"
"C:\\Programfiler\\BitComet\\BitComet.exe"="C:\\Programfiler\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\\Programfiler\\LimeWire\\LimeWire.exe"="C:\\Programfiler\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\Programfiler\\Google\\Google Talk\\googletalk.exe"="C:\\Programfiler\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\Programfiler\\MSI\\i-Speeder\\i-Speeder.exe"="C:\\Programfiler\\MSI\\i-Speeder\\i-Speeder.exe:*:Enabled:i-Speeder"
"C:\\Programfiler\\Grisoft\\AVG7\\avginet.exe"="C:\\Programfiler\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Programfiler\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Programfiler\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Programfiler\\Grisoft\\AVG7\\avgcc.exe"="C:\\Programfiler\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Programfiler\\Grisoft\\AVG7\\avgemc.exe"="C:\\Programfiler\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"D:\\Spill\\Valve\\Steam\\Steam.exe"="D:\\Spill\\Valve\\Steam\\Steam.exe:*:Enabled:Steam"
"D:\\Spill\\Valve\\Steam\\SteamApps\\kjetilss\\opposing force\\hl.exe"="D:\\Spill\\Valve\\Steam\\SteamApps\\kjetilss\\opposing force\\hl.exe:*:Enabled:Half-Life Launcher"
"D:\\Spill\\Valve\\Steam\\SteamApps\\kjetilss\\half-life blue shift\\hl.exe"="D:\\Spill\\Valve\\Steam\\SteamApps\\kjetilss\\half-life blue shift\\hl.exe:*:Enabled:Half-Life Launcher"
"D:\\Spill\\Valve\\Steam\\SteamApps\\kjetilss\\half-life\\hl.exe"="D:\\Spill\\Valve\\Steam\\SteamApps\\kjetilss\\half-life\\hl.exe:*:Enabled:Half-Life Launcher"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled
xpsp3res.dll,-20000"
"C:\\Programfiler\\uTorrent\\uTorrent.exe"="C:\\Programfiler\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"C:\\Programfiler\\Bonjour\\mDNSResponder.exe"="C:\\Programfiler\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Programfiler\\Spotify\\spotify.exe"="C:\\Programfiler\\Spotify\\spotify.exe:*:Enabled:Spotify"
"C:\\Programfiler\\iTunes\\iTunes.exe"="C:\\Programfiler\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Programfiler\\Skype\\Phone\\Skype.exe"="C:\\Programfiler\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled
xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled
xpsp3res.dll,-20000"
Remaining Files :
Files with Hidden Attributes :
Mon 26 Jan 2009 1,740,632 A.SHR --- "C:\Programfiler\Spybot - Search & Destroy\SDUpdate.exe"
Mon 26 Jan 2009 5,365,592 A.SHR --- "C:\Programfiler\Spybot - Search & Destroy\SpybotSD.exe"
Mon 26 Jan 2009 2,144,088 A.SHR --- "C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe"
Mon 31 Dec 2007 4,521 ...HR --- "C:\Documents and Settings\K›dde\Programdata\SecuROM\UserData\securom_v7_01.bak"
Finished!
INFO
info.txt logfile of random's system information tool 1.05 2009-03-13 20:39:54
======Uninstall list======
-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{9A0B5225-B59B-4D72-B3FE-71AAA693A8E2}\setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Norsk-->MsiExec.exe /I{AC76BA86-7AD7-1044-7B44-A90000000001}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ashampoo Burning Studio 6 FREE-->"C:\Programfiler\Ashampoo\Ashampoo Burning Studio 6 FREE\unins000.exe"
Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x14
Audacity 1.2.6-->"C:\Programfiler\Audacity\unins000.exe"
AVG 7.5-->C:\Programfiler\Grisoft\AVG7\setup.exe /UNINSTALL
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
CCleaner (remove only)-->"C:\Programfiler\CCleaner\uninst.exe"
Diskeeper Professional Edition-->MsiExec.exe /X{DE4847A9-E86B-4BBB-B991-58C5ACA4FA04}
ERUNT 1.1j-->C:\Programfiler\ERUNT\unins000.exe
FileZilla Server (remove only)-->"C:\Programfiler\FileZilla Server\uninstall.exe"
Free Mp3 Wma Converter V 1.8.0-->"C:\Programfiler\Free Audio Pack\unins000.exe"
GIMP 2.6.4-->"C:\Programfiler\GIMP-2.0\setup\unins000.exe"
HijackThis 2.0.2-->"C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hurtigreparasjon for Windows Media Player 10 - KB895316-->"C:\WINDOWS\$NtUninstallKB895316$\spuninst\spuninst.exe"
Hurtigreparasjon for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hurtigreparasjon for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
iDump (Backing up your iPod)-->C:\Programfiler\iDump\uninstall.exe
IrfanView (remove only)-->C:\Programfiler\IrfanView\iv_uninstall.exe
iTunes-->MsiExec.exe /I{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}
Java(TM) 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Karen's Directory Printer-->C:\Programfiler\Karen's Power Tools\Directory Printer\uninst.exe
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.7)-->C:\Programfiler\Mozilla Firefox\uninstall\helper.exe
Mp3tag v2.42-->C:\Programfiler\Mp3tag\Mp3tagUninstall.EXE
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
Oppdatering for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
RT2500 Wireless LAN Card-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{AAA66A0D-E610-40B8-9D51-C1854285773A}\setup.exe" -l0x9 -removeonly
Sikkerhetsoppdatering for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Sony USB Driver-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
SopCast 3.0.3-->C:\Programfiler\SopCast\uninst.exe
Spotify-->"C:\Programfiler\Spotify\uninstall.exe"
Spybot - Search & Destroy-->"C:\Programfiler\Spybot - Search & Destroy\unins000.exe"
Terayon DOCSIS Modem-->RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{C98F2FE6-5AF5-11D6-8209-00D0B701C7B5}\Setup.exe" -l0x9
TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
VCW VicMan's Photo Editor 8.1-->"C:\Programfiler\VCW VicMan's Photo Editor\unins000.exe"
VLC media player 0.9.8a-->C:\Programfiler\VideoLAN\VLC\uninstall.exe
Windows Media Format 11 runtime-->"C:\Programfiler\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Programfiler\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Programfiler\WinRAR\uninstall.exe
xp-AntiSpy 3.97-->C:\Programfiler\xp-AntiSpy\Uninstall.exe
Your Uninstaller! 2008 Version 6.0-->"C:\Programfiler\Your Uninstaller 2008\unins000.exe"
======Hosts File======
127.0.0.1 localhost
======Security center information======
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (outdated)
AV: AVG 7.5.557
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
System event log
Computer Name: CHRISTIAN
Event Code: 7035
Message: Apple Mobile Device-tjenesten har sendt en start-kontroll.
Record Number: 44204
Source Name: Service Control Manager
Time Written: 20090208155545.000000+060
Event Type: Informasjon
User: NT-MYNDIGHET\SYSTEM
Computer Name: CHRISTIAN
Event Code: 7036
Message: Tjenesten Windows Installer gikk inn i tilstanden Kjører.
Record Number: 44203
Source Name: Service Control Manager
Time Written: 20090208155508.000000+060
Event Type: Informasjon
User:
Computer Name: CHRISTIAN
Event Code: 7035
Message: Windows Installer-tjenesten har sendt en start-kontroll.
Record Number: 44202
Source Name: Service Control Manager
Time Written: 20090208155508.000000+060
Event Type: Informasjon
User: NT-MYNDIGHET\SYSTEM
Computer Name: CHRISTIAN
Event Code: 7036
Message: Tjenesten Computer Browser gikk inn i tilstanden Kjører.
Record Number: 44201
Source Name: Service Control Manager
Time Written: 20090208155401.000000+060
Event Type: Informasjon
User:
Computer Name: CHRISTIAN
Event Code: 7035
Message: Computer Browser-tjenesten har sendt en start-kontroll.
Record Number: 44200
Source Name: Service Control Manager
Time Written: 20090208155401.000000+060
Event Type: Informasjon
User: NT-MYNDIGHET\SYSTEM
Application event log
Computer Name: KJETIL
Event Code: 105
Message:
Record Number: 18928
Source Name: Creative Service for CDROM Access
Time Written: 20080330212956.000000+120
Event Type: Informasjon
User:
Computer Name: KJETIL
Event Code: 1
Message: Service started
Record Number: 18927
Source Name: Avg7UpdSvc
Time Written: 20080330212956.000000+120
Event Type: Informasjon
User:
Computer Name: KJETIL
Event Code: 1800
Message: Tjenesten Windows Security Center er startet.
Record Number: 18926
Source Name: SecurityCenter
Time Written: 20080329204317.000000+060
Event Type: Informasjon
User:
Computer Name: KJETIL
Event Code: 2
Message: The Diskeeper Control Center has been started.
Diskeeper service started
Record Number: 18925
Source Name: Diskeeper
Time Written: 20080329204313.000000+060
Event Type: Informasjon
User:
Computer Name: KJETIL
Event Code: 1
Message: Service started
Record Number: 18924
Source Name: AVGEMS
Time Written: 20080329204312.000000+060
Event Type: Informasjon
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;E:\Programmer\Diskeeper\;C:\Programfiler\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 15 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0f00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Programfiler\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Programfiler\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
LOG
Logfile of random's system information tool 1.05 (written by random/random)
Run by Kødde at 2009-03-13 20:39:47
Microsoft Windows XP Professional Service Pack 3
System drive C: has 14 GB (47%) free of 30 GB
Total RAM: 1023 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:39:52, on 13.03.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Programfiler\Bonjour\mDNSResponder.exe
E:\Programmer\Diskeeper\DkService.exe
C:\Programfiler\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\UAService7.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Programfiler\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programfiler\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programfiler\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
C:\Programfiler\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Programfiler\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Kødde\Skrivebord\DOwns\RSIT.exe
C:\Programfiler\Trend Micro\HijackThis\Kødde.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.no/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.no/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [MS Manager32 Startup] manager32.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [DiskeeperSystray] "E:\Programmer\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programfiler\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunServices: [MS Manager32 Startup] manager32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MS Manager32 Startup] manager32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Programfiler\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://www.msi.com.tw
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} -
http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} -
http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Diskeeper Corporation - E:\Programmer\Diskeeper\DkService.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Programfiler\FileZilla Server\FileZilla Server.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - E:\Norman\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
--
End of file - 6691 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programfiler\Java\jre6\bin\jp2ssv.dll [2009-03-11 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-11 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MS Manager32 Startup"=manager32.exe []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"AVG7_CC"=C:\PROGRA~1\Grisoft\AVG7\avgcc.exe [2009-02-25 590848]
"DiskeeperSystray"=E:\Programmer\Diskeeper\DkIcon.exe [2005-11-22 221184]
"QuickTime Task"=C:\Programfiler\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Programfiler\iTunes\iTunesHelper.exe [2009-01-06 290088]
"SunJavaUpdateSched"=C:\Programfiler\Java\jre6\bin\jusched.exe [2009-03-11 148888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MS Manager32 Startup"=manager32.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Programfiler\iTunes\iTunesHelper.exe [2009-01-06 290088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Programfiler\QuickTime\QTTask.exe [2009-01-05 413696]
C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart
Ralink Wireless Utility.lnk - C:\Programfiler\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoRecentDocsNetHood"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled
xpsp2res.dll,-22019"
"C:\WINDOWS\system32\cdiodytjqo.exe"="C:\WINDOWS\system32\cdiodytjqo.exe:*
isabled:cdiodytjqo"
"C:\Programfiler\WinMX\WinMX.exe"="C:\Programfiler\WinMX\WinMX.exe:*:Enabled:WinMX Application"
"D:\Spill\LOTR\game.dat"="D:\Spill\LOTR\game.dat:*
isabled:Kampen om Midgard(tm)"
"C:\Programfiler\Kazaa\kazaa.exe"="C:\Programfiler\Kazaa\kazaa.exe:*
isabled:Kazaa"
"C:\Programfiler\BitComet\BitComet.exe"="C:\Programfiler\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\Programfiler\LimeWire\LimeWire.exe"="C:\Programfiler\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Programfiler\Google\Google Talk\googletalk.exe"="C:\Programfiler\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"
"C:\Programfiler\MSI\i-Speeder\i-Speeder.exe"="C:\Programfiler\MSI\i-Speeder\i-Speeder.exe:*:Enabled:i-Speeder"
"C:\Programfiler\Grisoft\AVG7\avginet.exe"="C:\Programfiler\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe"
"C:\Programfiler\Grisoft\AVG7\avgamsvr.exe"="C:\Programfiler\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Programfiler\Grisoft\AVG7\avgcc.exe"="C:\Programfiler\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"
"C:\Programfiler\Grisoft\AVG7\avgemc.exe"="C:\Programfiler\Grisoft\AVG7\avgemc.exe:*:Enabled:avgemc.exe"
"D:\Spill\Valve\Steam\Steam.exe"="D:\Spill\Valve\Steam\Steam.exe:*:Enabled:Steam"
"D:\Spill\Valve\Steam\SteamApps\kjetilss\opposing force\hl.exe"="D:\Spill\Valve\Steam\SteamApps\kjetilss\opposing force\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Spill\Valve\Steam\SteamApps\kjetilss\half-life blue shift\hl.exe"="D:\Spill\Valve\Steam\SteamApps\kjetilss\half-life blue shift\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Spill\Valve\Steam\SteamApps\kjetilss\half-life\hl.exe"="D:\Spill\Valve\Steam\SteamApps\kjetilss\half-life\hl.exe:*:Enabled:Half-Life Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled
xpsp3res.dll,-20000"
"C:\Programfiler\uTorrent\uTorrent.exe"="C:\Programfiler\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Programfiler\Bonjour\mDNSResponder.exe"="C:\Programfiler\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Programfiler\Spotify\spotify.exe"="C:\Programfiler\Spotify\spotify.exe:*:Enabled:Spotify"
"C:\Programfiler\iTunes\iTunes.exe"="C:\Programfiler\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Programfiler\Skype\Phone\Skype.exe"="C:\Programfiler\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled
xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled
xpsp3res.dll,-20000"
======List of files/folders created in the last 3 months======
2009-03-13 20:39:47 ----D---- C:\rsit
2009-03-13 20:14:28 ----D---- C:\WINDOWS\ERUNT
2009-03-13 20:09:06 ----D---- C:\WINDOWS\pss
2009-03-11 23:08:52 ----D---- C:\SDFix
2009-03-11 11:21:51 ----A---- C:\WINDOWS\system32\javaws.exe
2009-03-11 11:21:51 ----A---- C:\WINDOWS\system32\javaw.exe
2009-03-11 11:21:51 ----A---- C:\WINDOWS\system32\java.exe
2009-03-10 19:26:32 ----D---- C:\Programfiler\SopCast
2009-03-10 14:04:34 ----D---- C:\WINDOWS\ERDNT
2009-03-10 13:58:14 ----D---- C:\Programfiler\ERUNT
2009-03-10 13:34:57 ----D---- C:\Programfiler\Trend Micro
2009-03-10 13:07:59 ----D---- C:\Programfiler\iPod
2009-03-10 13:07:57 ----D---- C:\Documents and Settings\All Users\Programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-03-10 13:07:30 ----D---- C:\Programfiler\QuickTime
2009-03-10 13:07:21 ----D---- C:\Programfiler\Apple Software Update
2009-03-10 13:07:11 ----D---- C:\Programfiler\Fellesfiler\Apple
2009-03-09 20:34:04 ----D---- C:\Programfiler\Spybot - Search & Destroy
2009-03-09 20:34:04 ----D---- C:\Documents and Settings\All Users\Programdata\Spybot - Search & Destroy
2009-03-09 19:37:46 ----D---- C:\Documents and Settings\Kødde\Programdata\Spotify
2009-03-09 19:37:44 ----D---- C:\Programfiler\Spotify
2009-03-05 16:28:32 ----D---- C:\lame-398-2
2009-03-05 01:39:39 ----D---- C:\Programfiler\FileZilla Server
2009-03-01 19:07:09 ----A---- C:\WINDOWS\phedit.ini
2009-03-01 18:57:01 ----D---- C:\Programfiler\VCW VicMan's Photo Editor
2009-03-01 18:57:01 ----A---- C:\WINDOWS\system32\msvcrt10.dll
2009-03-01 18:57:01 ----A---- C:\WINDOWS\fmachine.ini
2009-03-01 10:24:54 ----D---- C:\Programfiler\Karen's Power Tools
2009-03-01 10:24:45 ----D---- C:\Documents and Settings\All Users\Programdata\Karen's Power Tools
2009-02-28 18:41:21 ----D---- C:\Documents and Settings\Kødde\Programdata\skypePM
2009-02-28 18:39:16 ----D---- C:\Documents and Settings\Kødde\Programdata\Skype
2009-02-28 18:35:31 ----D---- C:\Programfiler\Fellesfiler\Skype
2009-02-28 18:35:29 ----RD---- C:\Programfiler\Skype
2009-02-28 18:35:24 ----D---- C:\Documents and Settings\All Users\Programdata\Skype
2009-02-28 13:27:52 ----A---- C:\WINDOWS\system32\AudPlayer.dll
2009-02-28 13:27:52 ----A---- C:\WINDOWS\system32\AudioVisu.dll
2009-02-28 13:27:52 ----A---- C:\WINDOWS\system32\AudioRecord.dll
2009-02-28 13:27:52 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2009-02-28 13:27:52 ----A---- C:\WINDOWS\system32\AudFile.dll
2009-02-28 13:27:52 ----A---- C:\WINDOWS\system32\AudDisplay.dll
2009-02-28 13:27:51 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2009-02-28 13:27:51 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2009-02-28 13:27:51 ----A---- C:\WINDOWS\system32\TABCTFR.DLL
2009-02-28 13:27:51 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2009-02-28 13:27:51 ----A---- C:\WINDOWS\system32\Mscc2fr.dll
2009-02-28 13:27:51 ----A---- C:\WINDOWS\system32\inetfr.DLL
2009-02-28 13:27:51 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2009-02-28 13:27:51 ----A---- C:\WINDOWS\system32\AudDesign.dll
2009-02-28 13:27:50 ----D---- C:\Programfiler\Free Audio Pack
2009-02-28 13:27:50 ----A---- C:\WINDOWS\system32\lame_enc.dll
2009-02-28 00:37:04 ----D---- C:\Documents and Settings\Kødde\Programdata\Processing
2009-02-26 02:04:26 ----D---- C:\Programfiler\Audacity
2009-02-24 23:53:26 ----D---- C:\iTunes Rettung
2009-02-24 23:33:01 ----D---- C:\Programfiler\iTunes
2009-02-22 16:15:59 ----D---- C:\Documents and Settings\Kødde\Programdata\gtk-2.0
2009-02-21 20:07:46 ----D---- C:\Documents and Settings\Kødde\Programdata\Ashampoo
2009-02-21 20:07:33 ----D---- C:\Documents and Settings\All Users\Programdata\ashampoo
2009-02-21 20:07:30 ----D---- C:\Programfiler\Ashampoo
2009-02-21 18:27:48 ----D---- C:\Programfiler\IrfanView
2009-02-21 17:51:33 ----D---- C:\Programfiler\GIMP-2.0
2009-02-21 14:52:50 ----D---- C:\Programfiler\TVAnts
2009-02-19 13:34:48 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-02-09 21:53:56 ----D---- C:\Documents and Settings\All Users\Programdata\Adobe
2009-02-09 21:53:49 ----D---- C:\Programfiler\Fellesfiler\Adobe
2009-02-09 21:53:49 ----D---- C:\Programfiler\Adobe
2009-02-08 21:53:51 ----D---- C:\Programfiler\iDump
2009-02-08 17:51:16 ----D---- C:\Documents and Settings\Kødde\Programdata\dvdcss
2009-02-08 16:25:42 ----D---- C:\Documents and Settings\Kødde\Programdata\WinRAR
2009-02-08 16:25:17 ----D---- C:\Programfiler\WinRAR
2009-02-08 15:56:41 ----D---- C:\Documents and Settings\Kødde\Programdata\Apple Computer
2009-02-08 15:56:14 ----D---- C:\Programfiler\Bonjour
2009-02-07 11:16:47 ----D---- C:\Documents and Settings\Kødde\Programdata\Mp3tag
2009-02-07 11:16:42 ----D---- C:\Programfiler\Mp3tag
2009-02-07 01:11:41 ----D---- C:\Programfiler\uTorrent
2009-02-07 01:11:36 ----D---- C:\Documents and Settings\Kødde\Programdata\uTorrent
2009-02-06 12:39:37 ----D---- C:\WINDOWS\flurry-win32-1.1.1.11
2009-02-06 11:50:13 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-02-06 11:50:04 ----D---- C:\Programfiler\Java
2009-02-06 11:28:07 ----D---- C:\Documents and Settings\Kødde\Programdata\vlc
2009-02-06 11:26:55 ----D---- C:\Programfiler\VideoLAN
2009-02-06 11:17:57 ----D---- C:\Programfiler\xp-AntiSpy
2009-02-06 10:55:10 ----A---- C:\WINDOWS\system32\WRLSetup.exe
2009-02-06 10:55:10 ----A---- C:\WINDOWS\system32\installrt2500qa.dll
2009-02-06 10:55:10 ----A---- C:\WINDOWS\system32\AegisI5.exe
2009-02-06 10:54:56 ----D---- C:\Programfiler\RALINK
2009-02-06 10:27:48 ----D---- C:\Documents and Settings\Kødde\Programdata\MSN6
2009-02-06 10:27:48 ----D---- C:\Documents and Settings\All Users\Programdata\MSN6
2009-02-06 00:11:38 ----A---- C:\WINDOWS\ModemLog_Standard modem med 56000 bps.txt
2009-01-21 21:09:55 ----D---- C:\Documents and Settings\Kødde\Programdata\Media Player Classic
2009-01-14 21:18:00 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2008-12-17 22:01:42 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
======List of files/folders modified in the last 3 months======
2009-03-13 20:39:44 ----D---- C:\WINDOWS\Prefetch
2009-03-13 20:37:57 ----D---- C:\WINDOWS
2009-03-13 20:37:44 ----D---- C:\Programfiler\Mozilla Firefox
2009-03-13 20:34:06 ----AD---- C:\WINDOWS\Temp
2009-03-13 20:32:29 ----RASH---- C:\boot.ini
2009-03-13 20:32:29 ----A---- C:\WINDOWS\win.ini
2009-03-13 20:32:29 ----A---- C:\WINDOWS\system.ini
2009-03-13 20:15:23 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-03-13 20:10:09 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-03-11 22:51:04 ----D---- C:\WINDOWS\system32\drivers
2009-03-11 22:51:03 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-11 11:22:52 ----SHD---- C:\WINDOWS\Installer
2009-03-11 11:21:53 ----SHD---- C:\Config.Msi
2009-03-11 11:21:51 ----D---- C:\WINDOWS\system32
2009-03-10 19:26:32 ----AD---- C:\Programfiler
2009-03-10 18:02:41 ----D---- C:\Documents and Settings\Kødde\Programdata\AVG7
2009-03-10 13:07:19 ----HD---- C:\WINDOWS\inf
2009-03-10 13:07:17 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-03-10 13:07:11 ----D---- C:\Programfiler\Fellesfiler
2009-03-10 12:54:11 ----AD---- C:\Documents and Settings\All Users\Programdata\TEMP
2009-02-24 23:41:35 ----D---- C:\WINDOWS\system32\NtmsData
2009-02-08 23:39:01 ----D---- C:\WINDOWS\Debug
2009-02-06 12:38:30 ----D---- C:\WINDOWS\system
2009-02-06 10:54:56 ----HD---- C:\Programfiler\InstallShield Installation Information
2009-01-31 14:25:32 ----D---- C:\WINDOWS\Help
2009-01-28 22:00:25 ----D---- C:\Documents and Settings\Kødde\Programdata\Real
2009-01-27 22:38:55 ----D---- C:\Documents and Settings\All Users\Programdata\Creative
2009-01-27 22:23:17 ----D---- C:\Documents and Settings\All Users\Programdata\avg7
2009-01-22 18:17:50 ----SD---- C:\WINDOWS\Tasks
2009-01-22 18:16:21 ----D---- C:\WINDOWS\system32\Adobe
2009-01-22 18:16:01 ----D---- C:\Documents and Settings\Kødde\Programdata\Macromedia
2009-01-22 18:16:00 ----D---- C:\WINDOWS\system32\Macromed
2009-01-22 18:16:00 ----D---- C:\Documents and Settings\Kødde\Programdata\Adobe
2009-01-21 20:55:56 ----A---- C:\WINDOWS\clue.ini
2009-01-21 20:38:28 ----D---- C:\Documents and Settings
2009-01-21 20:28:32 ----D---- C:\WINDOWS\WinSxS
2009-01-21 20:17:08 ----RSD---- C:\WINDOWS\Fonts
2009-01-14 21:17:47 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-10 02:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-04 22:21:22 ----D---- C:\Programfiler\CCleaner
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;AMD Athlon64 Processor Driver; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2003-11-07 35328]
R1 Avg7Core;AVG7 Kernel; C:\WINDOWS\System32\Drivers\avg7core.sys [2007-10-23 821856]
R1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\System32\Drivers\avg7rsw.sys [2007-09-26 4224]
R1 Avg7RsXP;AVG7 Resident Driver XP; C:\WINDOWS\System32\Drivers\avg7rsxp.sys [2007-09-26 27776]
R1 AvgClean;AVG7 Clean Driver; C:\WINDOWS\System32\Drivers\avgclean.sys [2007-12-20 10760]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 kbdhid;Tastatur-HID-driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WS2IFSL;Windows Socket 2.0-støttemiljø for ikke-IFS-tjenesteleverandør; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-09 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.1.6.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-02-06 17119]
R2 AvgTdi;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdi.sys [2007-09-26 4960]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-06-21 626204]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Microsoft HID-klassedriver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;HID-driver for mus; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-06 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-09 5888]
R3 RT2500;RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2500.sys [2004-12-15 218368]
R3 usbccgp;Microsoft USB generell overordnet driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Miniportdriver for Microsoft USB 2.0 forbedret vertskontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 aktivert hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Miniportdriver for Microsoft USB åpen vertskontroller; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
S1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys []
S3 Arp1394;1394 ARP-klientprotokoll; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 catchme;catchme; \??\C:\DOCUME~1\KDDE~1\LOKALE~1\Temp\catchme.sys []
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2006-02-03 223128]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\System32\DRIVERS\ENTECH.sys []
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 Jukebox3;Jukebox3; C:\WINDOWS\system32\DRIVERS\ctpdusb.sys [2004-09-30 16880]
S3 NIC1394;1394-nettverksdriver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2005-04-06 33536]
S3 QV2KUX;Casio digitalt kamera; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2001-08-17 3328]
S3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys [2003-12-31 69504]
S3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-12-14 85120]
S3 SONYPVU1;Sony USB-filterdriver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 st3mp28;st3mp28; C:\WINDOWS\System32\DRIVERS\st3mp28.sys []
S3 StMp3Rec;Player Recovery Device Control Driver; C:\WINDOWS\System32\Drivers\StMp3Rec.sys [2007-06-15 19840]
S3 USBSTOR;USB-masselagringsenhet; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 atapi;atapi; C:\WINDOWS\system32\drivers\atapi.sys [2008-04-13 96512]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Avg7Alrt;AVG7 Alert Manager Server; C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe [2007-10-23 418816]
R2 Avg7UpdSvc;AVG7 Update Service; C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe [2007-09-26 49664]
R2 AVGEMS;AVG E-mail Scanner; C:\PROGRA~1\Grisoft\AVG7\avgemc.exe [2007-12-20 406528]
R2 Bonjour Service;Bonjour-tjeneste; C:\Programfiler\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Diskeeper;Diskeeper; E:\Programmer\Diskeeper\DkService.exe [2005-11-23 765952]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programfiler\Java\jre6\bin\jqs.exe [2009-03-11 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2005-09-02 126976]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod-tjeneste; C:\Programfiler\iPod\bin\iPodService.exe [2009-01-06 536872]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 FileZilla Server;FileZilla Server FTP server; C:\Programfiler\FileZilla Server\FileZilla Server.exe [2009-03-03 691200]
S3 IDriverT;InstallDriver Table Manager; C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NipSvc;Norman API-hooking helper; E:\Norman\Nvc\BIN\nipsvc.exe []
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Programfiler\Windows Media Player\WMPNetwk.exe [2006-11-15 914944]
-----------------EOF-----------------
HJT
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:37:23, on 13.03.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Programfiler\Bonjour\mDNSResponder.exe
E:\Programmer\Diskeeper\DkService.exe
C:\Programfiler\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\UAService7.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Programfiler\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programfiler\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programfiler\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
C:\Programfiler\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.no/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.no/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [MS Manager32 Startup] manager32.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [DiskeeperSystray] "E:\Programmer\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programfiler\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunServices: [MS Manager32 Startup] manager32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MS Manager32 Startup] manager32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Programfiler\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://www.msi.com.tw
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} -
http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} -
http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Diskeeper Corporation - E:\Programmer\Diskeeper\DkService.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Programfiler\FileZilla Server\FileZilla Server.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - E:\Norman\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
--
End of file - 6625 bytes
