r2d290 Skrevet 3. desember 2008 Del Skrevet 3. desember 2008 Fortsett med det Submit skrev i innlegg 12, så får vi kanskje ryddet opp litt Lenke til kommentar
mona14 Skrevet 4. desember 2008 Forfatter Del Skrevet 4. desember 2008 Pc'n går fortsatt sinnsykt treigt.. Lenke til kommentar
r2d290 Skrevet 5. desember 2008 Del Skrevet 5. desember 2008 (endret) Har du kjørt alle disse programmene? (altså som snippsat skriver i den tråden som submit linker til i innlegg 12)? CCleaner Auslogics Registry Defrag(gratis) http://www.auslogics.com/en/software/registry-defrag Auslogics Disk Defrag(gratis) http://www.auslogics.com/en/software/disk-defrag edit: i tillegg, kan du kanskje oppdatere MBAM, og kjøre en FULL systemscan, og se om den finner noe mer nå Endret 5. desember 2008 av r2d290 Lenke til kommentar
mona14 Skrevet 5. desember 2008 Forfatter Del Skrevet 5. desember 2008 Har gjort det meste ja, finner ikke noe på loggene.. Prøve noen dager og se hvordan det går.. Lenke til kommentar
r2d290 Skrevet 5. desember 2008 Del Skrevet 5. desember 2008 Gjør det Gi tilbakemleding. Lenke til kommentar
mona14 Skrevet 5. desember 2008 Forfatter Del Skrevet 5. desember 2008 I will ;-D Kom plutselig hundre pop-ups nå i stad, internett siden jeg var på.. Måtte bare ta "svensken". Lenke til kommentar
snippsat Skrevet 5. desember 2008 Del Skrevet 5. desember 2008 (endret) Process explorer se på cpu forbruk(trykke på "fane cpu" forbruk kommer øverst) Er det noe som bruker mye kan du poste et skjermbilde. For og se på minnebruk. 1.Åpne Process Explorer 2.Velg View-menyen og velg videre Select Columns fra denne menyen. 3.Velg fanen Process Memory. 4.Huk av for Working Set Size,Private Bytes og Virtual Size og trykk OK. Sjekk ytelse hdd. Hd Tune Sjekk hdd for feil. Start->kjør->cmd #Finner skadede sektorer og gjenoppretter lesbar informasjon. chkdsk /r #Retter feil på disken. chkdsk /f Edit. Kom plutselig hundre pop-ups nå i stad, internett siden jeg var på.. Måtte bare ta "svensken". Kan du kjøre combofix på nytt og poste loggen. Kjør denne og. Last ned OTViewIt til skrivebordet. Steng alle vinduer dobbelklikk på OTviewlt. Merk av på "scan all user" boks. KLikk på "Run Scan" la programmet kjøre. Ferdig vil den lage to logger,post OTViewIt.txt og Extras.txt i din neste post. Endret 5. desember 2008 av SNIPPSAT Lenke til kommentar
r2d290 Skrevet 5. desember 2008 Del Skrevet 5. desember 2008 Takker for bistand, snipp Lenke til kommentar
mona14 Skrevet 5. desember 2008 Forfatter Del Skrevet 5. desember 2008 (endret) Endret 6. desember 2008 av mona14 Lenke til kommentar
snippsat Skrevet 6. desember 2008 Del Skrevet 6. desember 2008 Hei viss du ser i posten min over lager OTViewIt 2-logger. Kan du finne Extras.txt . Denne skal ligge på skrivebordet viss du kjørte OTViewIt fra skrivebordet. Lenke til kommentar
mona14 Skrevet 6. desember 2008 Forfatter Del Skrevet 6. desember 2008 (endret) Endret 6. desember 2008 av mona14 Lenke til kommentar
mona14 Skrevet 6. desember 2008 Forfatter Del Skrevet 6. desember 2008 Hm, rart : o Lenke til kommentar
mona14 Skrevet 6. desember 2008 Forfatter Del Skrevet 6. desember 2008 OTViewIt : OTViewIt logfile created on: 06.12.2008 21:39:01 - Run 7 OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Users\Lene\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 99,86% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 229,13 Gb Total Space | 171,59 Gb Free Space | 74,89% Space Free | Partition Type: NTFS Drive D: | 228,82 Gb Total Space | 228,73 Gb Free Space | 99,96% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LENE-PC Current User Name: Lene Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Whitelist: On File Age = 30 Days ========== Processes ========== [2008.01.19 08:33:37 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe [2008.01.19 08:33:14 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe [2008.01.19 08:33:22 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe [2008.01.19 08:33:32 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe [2008.01.19 08:33:08 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe [2007.07.06 12:06:52 | 04,669,440 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe [2007.01.24 09:27:50 | 00,319,488 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe [2007.02.06 23:04:16 | 00,464,168 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007.07.13 21:24:16 | 00,178,280 | ---- | M] (CyberLink Corp.) -- C:\Programfiler\Acer Arcade Live\Acer PlayMovie\PMVService.exe [2008.01.29 16:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Programfiler\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008.03.25 03:28:02 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programfiler\Java\jre1.6.0_06\bin\jusched.exe [2007.03.11 20:34:40 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Programfiler\HP\HP Software Update\hpwuSchd2.exe [2006.11.02 10:45:37 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe [2008.11.27 09:22:35 | 01,261,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programfiler\AVG\AVG8\avgtray.exe [2008.01.19 08:33:30 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programfiler\Windows Sidebar\sidebar.exe [2008.01.19 08:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe [2008.11.05 14:47:36 | 00,171,448 | ---- | M] (Google Inc.) -- C:\Programfiler\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [2008.01.19 08:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programfiler\Windows Media Player\wmpnscfg.exe [2006.11.02 10:45:37 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe [2007.03.11 20:26:24 | 00,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe [2007.04.04 17:54:58 | 00,200,812 | ---- | M] () -- C:\Programfiler\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007.12.07 19:44:36 | 00,101,440 | ---- | M] (Microsoft Corporation) -- C:\Programfiler\Microsoft Office\Office12\ONENOTEM.EXE [2008.01.19 08:33:32 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe [2008.01.19 08:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe [2007.04.04 17:54:08 | 00,266,343 | ---- | M] (CyberLink) -- C:\Programfiler\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2006.12.29 16:51:56 | 00,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2007.09.12 17:27:24 | 00,554,352 | ---- | M] (Symantec Corporation) -- C:\Programfiler\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008.10.27 07:42:01 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programfiler\AVG\AVG8\avgwdsvc.exe [2007.02.06 23:04:26 | 00,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007.01.17 10:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Programfiler\Common Files\LightScribe\LSSrvc.exe [2008.01.29 16:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Programfiler\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2007.04.09 17:29:18 | 00,143,360 | ---- | M] () -- C:\Programfiler\CyberLink\Shared Files\RichVideo.exe [2008.05.27 06:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe [2007.01.31 17:18:42 | 00,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2008.01.19 08:33:40 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe [2008.01.19 08:33:30 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programfiler\Windows Sidebar\sidebar.exe [2008.10.27 07:42:02 | 00,287,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programfiler\AVG\AVG8\avgrsx.exe [2008.01.19 08:33:15 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe [2008.10.27 07:42:02 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programfiler\AVG\AVG8\avgemc.exe [2008.01.19 08:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programfiler\Windows Media Player\wmpnetwk.exe [2007.03.11 20:32:42 | 00,151,552 | ---- | M] (Hewlett-Packard Co.) -- C:\Programfiler\HP\Digital Imaging\bin\hpqste08.exe [2008.03.25 03:28:02 | 00,329,104 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programfiler\Java\jre1.6.0_06\bin\jucheck.exe [2008.01.19 08:33:04 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe [2008.10.27 07:42:03 | 00,540,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programfiler\AVG\AVG8\aAvgApi.exe [2007.03.02 15:51:40 | 00,173,672 | R--- | M] (Hewlett-Packard Co.) -- C:\Programfiler\HP\Smart Web Printing\hpswp_clipbook.exe [2008.12.06 09:50:06 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Users\Lene\Desktop\OTViewIt.exe ========== (O23) Win32 Services ========== [2007.04.04 17:54:08 | 00,266,343 | ---- | M] (CyberLink) -- C:\Programfiler\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service [Auto | Running]) [2006.12.29 16:51:56 | 00,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService [Auto | Running]) [2007.03.14 14:53:10 | 00,569,344 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility [Auto | Stopped]) [2007.09.12 17:27:24 | 00,554,352 | ---- | M] (Symantec Corporation) -- C:\Programfiler\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler [Auto | Running]) [2008.10.27 07:42:02 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programfiler\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running]) [2008.10.27 07:42:01 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programfiler\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running]) File not found -- -- (CertPropSvc [unknown | Stopped]) [2008.01.05 12:26:41 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) File not found -- -- (CLTNetCnService [Auto | Stopped]) File not found -- -- (DcomLaunch [unknown | Running]) [2008.01.19 08:33:06 | 02,091,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe -- (DFSR [On_Demand | Stopped]) [2008.01.19 08:34:06 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dps.dll -- (DPS [unknown | Running]) [2007.02.06 23:04:26 | 00,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service [Auto | Running]) [2008.01.19 08:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr [On_Demand | Stopped]) [2006.11.02 13:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped]) [2007.01.31 17:18:42 | 00,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService [Auto | Running]) [2008.01.05 12:21:53 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) [2008.01.19 08:34:25 | 00,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll -- (gpsvc [unknown | Running]) [2008.11.05 14:47:33 | 00,138,168 | ---- | M] (Google) -- C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped]) [2007.01.17 10:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Programfiler\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running]) [2007.09.12 17:27:24 | 02,999,664 | ---- | M] (Symantec Corporation) -- C:\Programfiler\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate [On_Demand | Stopped]) File not found -- -- (LiveUpdate Notice Ex [Auto | Stopped]) [2008.01.29 16:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Programfiler\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service [Auto | Running]) [2006.11.02 14:04:14 | 00,000,000 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [unknown | Stopped]) [2008.01.05 12:21:39 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) [2007.08.24 02:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Programfiler\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped]) [2006.10.26 12:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Programfiler\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) [2007.04.09 17:29:18 | 00,143,360 | ---- | M] () -- C:\Programfiler\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running]) [2008.01.19 08:36:17 | 00,547,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll -- (RpcSs [unknown | Running]) [2008.01.19 08:36:19 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr [unknown | Stopped]) File not found -- -- (Schedule [unknown | Running]) File not found -- -- (SCPolicySvc [unknown | Stopped]) [2008.01.19 08:33:22 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc [Auto | Running]) [2006.11.02 10:45:46 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped]) [2008.01.19 08:33:33 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect [On_Demand | Stopped]) [2007.10.18 10:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Programfiler\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped]) [2008.01.19 08:33:33 | 00,382,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds [On_Demand | Stopped]) File not found -- -- (WdiServiceHost [unknown | Stopped]) File not found -- -- (WdiSystemHost [unknown | Running]) [2007.10.25 14:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Programfiler\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped]) [2008.01.19 08:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programfiler\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running]) [2008.05.27 06:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Auto | Running]) ========== Driver Services ========== [2006.11.02 10:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped]) [2006.11.02 10:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped]) [2006.11.02 10:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped]) [2006.11.02 10:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped]) [2006.11.02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped]) [2006.11.02 10:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\System32\drivers\aliide.sys -- (aliide [Disabled | Stopped]) [2006.11.02 10:49:59 | 00,054,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp [On_Demand | Stopped]) [2006.11.02 10:49:26 | 00,015,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdide.sys -- (amdide [Disabled | Stopped]) [2006.11.02 09:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7 [Disabled | Stopped]) [2008.01.19 06:27:20 | 00,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8 [On_Demand | Running]) [2006.11.02 10:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys -- (arc [Disabled | Stopped]) [2006.11.02 10:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped]) [2007.03.14 15:04:28 | 02,427,392 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag [On_Demand | Stopped]) [2006.10.30 04:22:26 | 00,008,192 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie [boot | Running]) [2008.10.27 07:42:08 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86 [system | Running]) [2008.10.27 07:42:06 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86 [system | Running]) [2008.10.27 07:42:12 | 00,069,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgwfpx.sys -- (AvgWfpX [On_Demand | Running]) [2008.01.19 06:28:26 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser [On_Demand | Running]) [2006.11.02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped]) [2006.11.02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped]) [2006.11.02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid [Disabled | Stopped]) [2006.11.02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm [Disabled | Stopped]) [2006.11.02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm [Disabled | Stopped]) [2006.11.02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped]) [2006.11.02 09:55:23 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM [Disabled | Stopped]) [2006.11.02 09:55:08 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\circlass.sys -- (circlass [Disabled | Stopped]) [2008.01.19 08:42:58 | 00,247,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys -- (CLFS [unknown | Running]) [2006.11.02 10:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped]) [2006.11.02 10:49:43 | 00,022,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk [boot | Running]) [2006.11.02 09:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe [Disabled | Stopped]) [2008.01.19 06:28:20 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC [system | Running]) [2008.01.19 06:49:12 | 00,131,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dot4.sys -- (Dot4 [On_Demand | Stopped]) [2008.01.19 06:49:09 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dot4Prt.sys -- (Dot4Print [On_Demand | Stopped]) [2008.01.19 06:49:10 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dot4usb.sys -- (dot4usb [On_Demand | Stopped]) [2008.08.02 02:01:23 | 00,625,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running]) [2006.11.02 08:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60 [On_Demand | Stopped]) [2008.01.19 08:42:11 | 00,143,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache [boot | Running]) [2008.05.15 16:21:16 | 00,385,072 | ---- | M] (Symantec Corporation) -- C:\Programfiler\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl [system | Running]) [2006.11.02 10:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped]) [2008.01.19 06:28:01 | 00,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\exfat.sys -- (exfat [On_Demand | Stopped]) [2008.01.19 08:42:31 | 00,058,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo [boot | Running]) [2008.01.19 06:30:23 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace [On_Demand | Stopped]) [2006.11.02 10:50:04 | 00,058,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx [On_Demand | Stopped]) [2006.11.02 08:36:49 | 00,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped]) [2008.01.19 05:30:49 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running]) [2006.11.02 09:55:22 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth [Disabled | Stopped]) [2006.11.02 09:55:01 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidir.sys -- (HidIr [Disabled | Stopped]) [2006.11.02 10:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs [Disabled | Stopped]) [2006.11.02 10:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV [Disabled | Stopped]) [2008.05.12 23:27:42 | 00,261,680 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20080606.003\IDSvix86.sys -- (IDSvix86 [system | Running]) [2006.11.02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped]) [2006.12.07 17:12:02 | 00,076,584 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15 [Auto | Running]) [2007.07.18 20:32:40 | 01,841,312 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running]) [2006.11.02 09:42:03 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV [Disabled | Stopped]) [2008.01.19 08:42:35 | 00,181,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt [On_Demand | Running]) [2006.11.02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped]) [2006.11.02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped]) [2008.01.19 06:49:17 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid [system | Running]) [2008.01.19 06:55:03 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio [Auto | Running]) [2006.11.02 10:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped]) [2006.11.02 10:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped]) [2006.11.02 10:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped]) [2008.01.19 06:30:36 | 00,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys -- (luafv [Auto | Running]) [2006.11.02 10:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\megasas.sys -- (megasas [Disabled | Stopped]) [2008.01.19 06:52:19 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor [On_Demand | Running]) [2006.11.02 10:50:16 | 00,078,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpio.sys -- (mpio [Disabled | Stopped]) [2008.01.19 06:54:46 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv [On_Demand | Running]) [2006.11.02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x [Disabled | Stopped]) [2008.08.27 02:05:41 | 00,212,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10 [On_Demand | Running]) [2008.01.19 06:28:37 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20 [On_Demand | Running]) [2006.11.02 10:49:44 | 00,023,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys -- (msahci [Disabled | Stopped]) [2006.11.02 10:50:17 | 00,080,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm [Disabled | Stopped]) [2008.01.19 08:41:14 | 00,016,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv [boot | Running]) [2008.01.19 08:42:29 | 00,163,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC [On_Demand | Stopped]) [2008.05.20 03:07:31 | 00,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP [On_Demand | Stopped]) [2006.11.02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped]) [2008.01.19 06:55:50 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy [system | Running]) [2007.05.05 23:07:16 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running]) [2006.11.02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped]) [2007.12.05 01:41:00 | 08,238,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running]) [2006.11.02 10:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped]) [2006.11.02 10:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped]) [2006.11.02 10:50:40 | 00,106,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp [On_Demand | Stopped]) [2006.11.02 10:04:35 | 00,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH [Auto | Running]) [2008.04.05 02:21:42 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched [system | Running]) [2007.02.06 23:04:48 | 00,020,264 | ---- | M] (HiTRUST) -- C:\Windows\System32\drivers\psdfilter.sys -- (PSDFilter [boot | Running]) [2007.02.06 23:04:54 | 00,016,680 | ---- | M] (HiTRUST) -- C:\Windows\System32\drivers\PSDNServ.sys -- (PSDNServ [boot | Running]) [2007.02.06 23:04:50 | 00,060,712 | ---- | M] (HiTRUST) -- C:\Windows\System32\drivers\psdvdisk.sys -- (psdvdisk [boot | Running]) [2006.11.02 10:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped]) [2006.11.02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped]) [2008.01.19 06:56:07 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv [On_Demand | Stopped]) [2008.01.19 06:56:43 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp [On_Demand | Running]) [2008.01.19 07:01:09 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD [system | Running]) [2008.01.19 06:55:03 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr [Auto | Running]) [2006.11.02 10:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port [Disabled | Stopped]) [2007.01.04 12:01:08 | 00,061,536 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\sea1bus.sys -- (sea1bus [On_Demand | Stopped]) [2007.01.04 12:01:18 | 00,009,360 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\sea1mdfl.sys -- (sea1mdfl [On_Demand | Stopped]) [2007.01.04 12:01:18 | 00,097,088 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\sea1mdm.sys -- (sea1mdm [On_Demand | Stopped]) [2006.11.02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running]) [2008.01.19 06:49:16 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse [Disabled | Stopped]) [2006.11.02 09:51:38 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk [Disabled | Stopped]) [2006.11.02 09:51:40 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc [On_Demand | Stopped]) [2006.11.02 09:51:40 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped]) [2006.11.02 10:49:51 | 00,053,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp [On_Demand | Stopped]) [2006.11.02 10:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped]) [2006.11.02 10:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped]) [2008.01.19 06:55:27 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb [system | Running]) [2008.01.19 08:41:30 | 00,021,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys -- (spldr [boot | Running]) [2008.01.19 06:29:15 | 00,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2 [On_Demand | Running]) [2008.01.19 06:29:12 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet [On_Demand | Running]) [2006.11.02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped]) [2006.11.02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped]) [2006.11.02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped]) [2008.01.19 06:56:07 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg [Auto | Running]) [2008.01.19 06:55:58 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx [system | Running]) [2008.01.19 07:01:15 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv [On_Demand | Stopped]) [2008.01.19 06:55:41 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp [On_Demand | Running]) [2008.01.19 06:55:50 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel [On_Demand | Running]) [2006.11.02 10:49:59 | 00,056,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35 [On_Demand | Stopped]) [2006.11.02 10:50:04 | 00,058,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx [On_Demand | Stopped]) [2006.11.02 10:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped]) [2006.11.02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped]) [2006.11.02 10:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped]) [2008.01.19 06:53:40 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus [On_Demand | Running]) [2006.11.02 09:55:09 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir [Disabled | Stopped]) [2006.11.02 09:53:56 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vgapnp.sys -- (vga [On_Demand | Stopped]) [2006.11.02 09:30:19 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7 [Disabled | Stopped]) [2006.11.02 10:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viaide.sys -- (viaide [Disabled | Stopped]) [2008.01.19 08:42:18 | 00,052,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr [boot | Running]) [2008.01.19 08:43:03 | 00,294,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx [boot | Running]) [2006.11.02 10:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped]) [2006.11.02 09:52:52 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen [Disabled | Stopped]) [2006.11.02 10:49:38 | 00,019,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wd.sys -- (Wd [Disabled | Stopped]) [2008.01.19 08:43:27 | 00,503,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000 [boot | Running]) [2006.11.02 09:35:03 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi [Disabled | Stopped]) [2008.01.19 06:56:49 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl [Disabled | Stopped]) [2007.03.23 03:12:00 | 00,240,128 | ---- | M] (Marvell) -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh [On_Demand | Running]) [2007.08.31 14:24:26 | 00,039,408 | ---- | M] (Cyberlink Corp.) -- C:\Programfiler\Acer Arcade Live\Acer PlayMovie0.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796} [Auto | Running]) ========== (R ) Internet Explorer ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main] "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Extensions Off Page"=about:NoAdd-ons "Local Page"=%SystemRoot%\system32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=http://home.sweetim.com [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search] "CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm "SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main] "Local Page"=C:\Windows\system32\blank.htm "SEARCH PAGE"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "SearchMigratedDefaultName"=Yahoo! Search "SearchMigratedDefaultURL"=http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 "Start Page"=http://www.sol.no/ "StartPageCache"= [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL] ""=http://home.microsoft.com/access/autosearch.asp?p=%s [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation) [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings] "ProxyEnable" = 0 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main] "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings] "ProxyEnable" = 0 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main] "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings] "ProxyEnable" = 0 [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main] [HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation) [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main] [HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation) [HKEY_USERS\S-1-5-21-4128802225-1587188728-665397840-1000\SOFTWARE\Microsoft\Internet Explorer\Main] "Local Page"=C:\Windows\system32\blank.htm "SEARCH PAGE"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "SearchMigratedDefaultName"=Yahoo! Search "SearchMigratedDefaultURL"=http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 "Start Page"=http://www.sol.no/ "StartPageCache"= [HKEY_USERS\S-1-5-21-4128802225-1587188728-665397840-1000\Software\Microsoft\Internet Explorer\SearchURL] ""=http://home.microsoft.com/access/autosearch.asp?p=%s [HKEY_USERS\S-1-5-21-4128802225-1587188728-665397840-1000\Software\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation) [HKEY_USERS\S-1-5-21-4128802225-1587188728-665397840-1000\Software\Microsoft\Internet Explorer\URLSearchHooks] "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found [HKEY_USERS\S-1-5-21-4128802225-1587188728-665397840-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings] "ProxyEnable" = 0 ========== (O1) Hosts File ========== Hosts file not found ========== (O2) BHO's ========== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\] {053F9267-DC04-4294-A72C-58F732D338C0} (HKLM) -- C:\Programfiler\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.) {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Programfiler\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} (HKLM) -- C:\Programfiler\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} (HKLM) -- C:\Programfiler\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll () {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Programfiler\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.) {7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found {A057A204-BACC-4D26-9990-79A187E2698E} (HKLM) -- C:\Programfiler\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o ) {AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- c:\Programfiler\Google\GoogleToolbar1.dll (Google Inc.) ========== (O3) Toolbars ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar] "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- c:\Programfiler\Google\GoogleToolbar1.dll (Google Inc.) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar] "{5CBE3B7C-1E47-477e-A7DD-396DB0476E29}" (HKLM) -- C:\Windows\System32\eDStoolbar.dll (HiTRUST) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar] "{A057A204-BACC-4D26-9990-79A187E2698E}" (HKLM) -- C:\Programfiler\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o ) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar] "{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}" (HKLM) -- C:\Programfiler\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare) [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser] "{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}" (HKLM) -- C:\Windows\System32\eDStoolbar.dll (HiTRUST) [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Programfiler\Google\GoogleToolbar1.dll (Google Inc.) [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{A057A204-BACC-4D26-9990-79A187E2698E}" (HKLM) -- C:\Programfiler\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o ) [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}" (HKLM) -- C:\Programfiler\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare) [HKEY_USERS\S-1-5-21-4128802225-1587188728-665397840-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser] "{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}" (HKLM) -- C:\Windows\System32\eDStoolbar.dll (HiTRUST) [HKEY_USERS\S-1-5-21-4128802225-1587188728-665397840-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Programfiler\Google\GoogleToolbar1.dll (Google Inc.) [HKEY_USERS\S-1-5-21-4128802225-1587188728-665397840-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{A057A204-BACC-4D26-9990-79A187E2698E}" (HKLM) -- C:\Programfiler\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o ) [HKEY_USERS\S-1-5-21-4128802225-1587188728-665397840-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}" (HKLM) -- C:\Programfiler\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare) ========== (O4) Run Keys ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acer Empowering Technology Monitor"=C:\Acer\Empowering Technology\SysMonitor.exe () "Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe (Acer Inc.) "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated) "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST) "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.) "NvCplDaemon"=RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation) "NvMediaCenter"=RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation) "NvSvc"=RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart (NVIDIA Corporation) "PlayMovie"="C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe" (CyberLink Corp.) "RtHDVCpl"=RtHDVCpl.exe (Realtek Semiconductor) "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" (Sun Microsystems, Inc.) "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" (Symantec Corporation) "WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acer Tour Reminder"= File not found "ehTray.exe"=C:\Windows\ehome\ehTray.exe (Microsoft Corporation) "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation) "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation) "swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.) "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation) [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe (Acer Inc.) [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe (Acer Inc.) [HKEY_USERS\S-1-5-21-4128802225-1587188728-665397840-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acer Tour Reminder"= File not found "ehTray.exe"=C:\Windows\ehome\ehTray.exe (Microsoft Corporation) "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation) "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation) "swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.) "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation) ========== (O6 & O7) Current Version Policies ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun"=227 "NoDrives"=0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] "ConsentPromptBehaviorAdmin"=2 "ConsentPromptBehaviorUser"=1 "EnableInstallerDetection"=1 "EnableLUA"=0 "EnableSecureUIAPaths"=1 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "EnableUIADesktopToggle"=0 "DisableRegistryTools"=0 "HideLegacyLogonScripts"=0 "HideLogoffScripts"=0 "RunLogonScriptSync"=1 "RunStartupScriptSync"=0 "HideStartupScripts"=0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats] "CF_TEXT"=1 "CF_BITMAP"=2 "CF_OEMTEXT"=7 "CF_DIB"=8 "CF_PALETTE"=9 "CF_UNICODETEXT"=13 "CF_DIBV5"=17 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun"=323 "NoDrives"=0 "NoDriveAutoRun"=67108863 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] "LogonHoursAction"=2 "DontDisplayLogonHoursWarnings"=1 "HideLegacyLogonScripts"=0 "HideLogoffScripts"=0 "HideStartupScripts"=0 "RunLogonScriptSync"=1 "RunStartupScriptSync"=0 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 [HKEY_USERS\S-1-5-21-4128802225-1587188728-665397840-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun"=323 "NoDrives"=0 "NoDriveAutoRun"=67108863 [HKEY_USERS\S-1-5-21-4128802225-1587188728-665397840-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] "LogonHoursAction"=2 "DontDisplayLogonHoursWarnings"=1 "HideLegacyLogonScripts"=0 "HideLogoffScripts"=0 "HideStartupScripts"=0 "RunLogonScriptSync"=1 "RunStartupScriptSync"=0 ========== (O8) IE Context Menu Extensions ========== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\] E&ksporter til Microsoft Excel: C:\Programfiler\Microsoft Office\Office12\EXCEL.EXE [2008.07.30 02:25:02 | 17,930,264 | ---- | M] (Microsoft Corporation) [HKEY_USERS\S-1-5-21-4128802225-1587188728-665397840-1000\Software\Microsoft\Internet Explorer\MenuExt\] E&ksporter til Microsoft Excel: C:\Programfiler\Microsoft Office\Office12\EXCEL.EXE [2008.07.30 02:25:02 | 17,930,264 | ---- | M] (Microsoft Corporation) ========== (O9) IE Extensions ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun Java Console -- %SystemDrive%\Programfiler\Java\jre1.6.0_06\bin\ssv.dll [2008.03.25 03:28:01 | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) {2670000A-7350-4f3c-8081-5663EE0C6C49}: Button: Send til OneNote -- %SystemDrive%\Programfiler\Microsoft Office\Office12\ONBttnIE.dll [2007.12.13 01:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}: Menu: S&end til OneNote -- %SystemDrive%\Programfiler\Microsoft Office\Office12\ONBttnIE.dll [2007.12.13 01:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation) {58ECB495-38F0-49cb-A538-10282ABF65E7}: Button: HP Utklippsbok -- %SystemDrive%\Programfiler\HP\Smart Web Printing\hpswp_extensions.dll [2007.03.02 15:53:20 | 00,153,192 | R--- | M] (Hewlett-Packard Co.) {700259D7-1666-479a-93B1-3250410481E8}: Button: HP Smart valgmetode -- %SystemDrive%\Programfiler\HP\Smart Web Printing\hpswp_extensions.dll [2007.03.02 15:53:20 | 00,153,192 | R--- | M] (Hewlett-Packard Co.) {92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Research -- %SystemDrive%\Programfiler\Microsoft Office\Office12\REFIEBAR.DLL [2006.10.26 19:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation) ========== (O12) Internet Explorer Plugins ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\] PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery ========== (O13) Default Prefixes ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// ========== (O16) DPF ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\] {0CCA191D-13A6-4E29-B746-314DEE697D83}: http://upload.facebook.com/controls/2008.1...toUploader5.cab -- Facebook Photo Uploader 5 Control {166B1BCA-3F9C-11CF-8075-444553540000}: http://download.macromedia.com/pub/shockwa...director/sw.cab -- Shockwave ActiveX Control {8AD9C840-044E-11D1-B3E9-00805F499D93}: http://sdlc-esd.sun.com/ESD42/JSCDL/jre/6u...ows-i586-jc.cab -- Java Plug-in 1.6.0_06 {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_06 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_06 {D71F9A27-723E-4B8B-B428-B725E47CBA3E}: http://imikimi.com/download/imikimi_plugin_0.5.1.cab -- Imikimi_activex_plugin Control ========== (O17) DNS Name Servers ========== {82D677F4-599F-48E3-9AC0-A0889BB40BDD} (Servers: | Description: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller) ========== (O20) AppInit_DLLs ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_Dlls"=C:\PROGRA~1\Comodo\Css\cssdll32.dll,avgrsstx.dll >File not found -- C:\PROGRA~1\Comodo\Css\cssdll32.dll >[2008.10.27 07:42:13 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll ========== HKLM *SecurityProviders* ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll >[2008.01.19 08:33:59 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll ========== LSA *Security Packages* ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "Security Packages"=kerberos,msv1_0,schannel,wdigest,tspkg, >[2008.01.19 08:36:42 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll ========== Safeboot Options ========== "AlternateShell"=cmd.exe ========== CDRom AutoRun Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] "AutoRun" = 1 ========== Autorun Files on Drives ========== autoexec.bat [REM Dummy file for NTVDM | ] [2006.09.18 22:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ] ========== Files/Folders - Created Within 30 Days ========== [2 C:\Windows\*.tmp files] [2008.12.06 21:30:50 | 00,000,000 | ---D | C] -- C:\ComboFix [2008.12.06 09:49:32 | 00,422,400 | ---- | C] (OldTimer Tools) -- C:\Users\Lene\Desktop\OTViewIt.exe [2008.12.06 08:33:00 | 00,000,000 | ---D | C] -- C:\Windows\Sun [2008.12.05 16:48:51 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2008.12.05 16:48:51 | 00,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2008.12.05 16:48:49 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2008.12.05 16:48:48 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2008.12.04 20:26:07 | 00,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2008.12.02 10:07:05 | 00,001,654 | ---- | C] () -- C:\Users\Lene\Desktop\My Dizzler Player.lnk [2008.12.02 10:07:05 | 00,000,049 | ---- | C] () -- C:\Users\Lene\Desktop\Goto dizzler.com.url [2008.12.02 10:07:03 | 00,000,000 | ---D | C] -- C:\Program Files\dizzler [2008.12.01 21:26:27 | 00,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2008.12.01 21:26:27 | 00,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2008.12.01 21:26:27 | 00,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2008.12.01 21:26:27 | 00,098,816 | ---- | C] () -- C:\Windows\sed.exe [2008.12.01 21:26:27 | 00,089,504 | ---- | C] (Smallfrogs Studio) -- C:\Windows\fdsv.exe [2008.12.01 21:26:27 | 00,080,412 | ---- | C] () -- C:\Windows\grep.exe [2008.12.01 21:26:27 | 00,068,096 | ---- | C] () -- C:\Windows\zip.exe [2008.12.01 21:26:27 | 00,049,152 | ---- | C] () -- C:\Windows\VFIND.exe [2008.12.01 21:26:27 | 00,028,672 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2008.12.01 21:26:22 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT [2008.12.01 21:26:22 | 00,000,000 | ---D | C] -- C:\Qoobox [2008.12.01 21:25:22 | 03,056,371 | R--- | C] () -- C:\Users\Lene\Desktop\ComboFix.exe [2008.12.01 21:18:15 | 00,000,174 | ---- | C] () -- C:\Users\Lene\AppData\Local\rahistory.xml [2008.12.01 21:18:02 | 00,001,647 | ---- | C] () -- C:\Users\Lene\Documents\fjernhjelp.msrcIncident [2008.12.01 21:15:22 | 00,000,000 | ---D | C] -- C:\Users\Lene\Documents\Remote Assistance Logs [2008.12.01 19:07:24 | 00,000,000 | ---D | C] -- C:\Users\Lene\AppData\Roaming\Malwarebytes [2008.12.01 19:07:19 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2008.12.01 12:07:55 | 00,001,878 | ---- | C] () -- C:\Users\Lene\Desktop\HijackThis.lnk [2008.11.28 11:39:13 | 00,000,000 | ---D | C] -- C:\Program Files\Imikimi [2008.11.26 00:13:21 | 00,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll [2008.11.26 00:13:20 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll [2008.11.26 00:13:20 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll [2008.11.26 00:13:20 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2008.11.26 00:13:19 | 01,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll [2008.11.19 20:47:43 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll [2008.11.19 20:47:43 | 01,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2008.11.19 20:47:43 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe [2008.11.19 20:47:43 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2008.11.19 20:47:32 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2008.11.19 20:47:32 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2008.11.19 20:47:32 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2008.11.19 20:47:27 | 00,162,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2008.11.19 20:47:27 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2008.11.15 12:48:19 | 00,020,239 | ---- | C] () -- C:\Users\Lene\Documents\zsnesw.cfg [2008.11.15 12:48:19 | 00,003,806 | ---- | C] () -- C:\Users\Lene\Documents\zinput.cfg [2008.11.15 12:48:19 | 00,002,480 | ---- | C] () -- C:\Users\Lene\Documents\zmovie.cfg [2008.11.12 03:53:12 | 01,191,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll [2008.11.12 03:53:12 | 00,212,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys [2008.11.12 03:53:11 | 01,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll [2008.11.11 21:01:18 | 00,000,000 | ---D | C] -- C:\Users\Lene\Documents\My Received Files [2008.11.11 21:00:42 | 00,483,328 | ---- | C] (SoftShape Development) -- C:\Windows\System32\actskn45.ocx [2008.11.11 21:00:37 | 00,000,000 | ---D | C] -- C:\Program Files\BearShare Applications [2008.11.11 17:33:19 | 00,012,818 | ---- | C] () -- C:\Users\Lene\Documents\Teknoliogi og lys.docx ========== Files - Modified Within 30 Days ========== [2 C:\Windows\*.tmp files] [2008.12.06 21:32:46 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini [2008.12.06 21:29:07 | 01,231,666 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2008.12.06 21:29:07 | 00,595,308 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2008.12.06 21:29:07 | 00,459,996 | ---- | M] () -- C:\Windows\System32\perfh014.dat [2008.12.06 21:29:07 | 00,104,742 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2008.12.06 21:29:07 | 00,080,318 | ---- | M] () -- C:\Windows\System32\perfc014.dat [2008.12.06 21:26:19 | 30,650,695 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2008.12.06 21:24:30 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2008.12.06 21:24:30 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2008.12.06 21:24:27 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2008.12.06 21:24:25 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2008.12.06 21:24:21 | 32,186,40896 | -HS- | M] () -- C:\hiberfil.sys [2008.12.06 09:50:06 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Users\Lene\Desktop\OTViewIt.exe [2008.12.06 08:35:23 | 00,086,440 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg [2008.12.05 21:16:45 | 00,000,524 | ---- | M] () -- C:\Users\Lene\Documents\Mine delte mapper.lnk [2008.12.05 20:17:37 | 00,007,592 | ---- | M] () -- C:\Users\Lene\AppData\Local\d3d9caps.dat [2008.12.05 16:48:51 | 00,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2008.12.04 20:34:11 | 02,719,534 | -H-- | M] () -- C:\Users\Lene\AppData\Local\IconCache.db [2008.12.04 20:26:07 | 00,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2008.12.03 19:52:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2008.12.03 19:52:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2008.12.02 10:07:05 | 00,001,654 | ---- | M] () -- C:\Users\Lene\Desktop\My Dizzler Player.lnk [2008.12.02 10:07:05 | 00,000,049 | ---- | M] () -- C:\Users\Lene\Desktop\Goto dizzler.com.url [2008.12.01 21:25:46 | 03,056,371 | R--- | M] () -- C:\Users\Lene\Desktop\ComboFix.exe [2008.12.01 21:18:15 | 00,001,647 | ---- | M] () -- C:\Users\Lene\Documents\fjernhjelp.msrcIncident [2008.12.01 21:18:15 | 00,000,174 | ---- | M] () -- C:\Users\Lene\AppData\Local\rahistory.xml [2008.12.01 12:07:55 | 00,001,878 | ---- | M] () -- C:\Users\Lene\Desktop\HijackThis.lnk [2008.11.15 12:57:06 | 00,008,192 | ---- | M] () -- C:\Users\Lene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.11.15 12:53:20 | 00,020,239 | ---- | M] () -- C:\Users\Lene\Documents\zsnesw.cfg [2008.11.15 12:53:20 | 00,003,806 | ---- | M] () -- C:\Users\Lene\Documents\zinput.cfg [2008.11.15 12:48:19 | 00,002,480 | ---- | M] () -- C:\Users\Lene\Documents\zmovie.cfg [2008.11.15 12:45:10 | 00,001,036 | ---- | M] () -- C:\Users\Lene\AppData\Roaming\wklnhst.dat [2008.11.12 13:50:53 | 00,012,818 | ---- | M] () -- C:\Users\Lene\Documents\Teknoliogi og lys.docx < End of report > Extras OTViewIt Extras logfile created on: 06.12.2008 21:39:01 - Run 7 OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Users\Lene\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 99,86% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 229,13 Gb Total Space | 171,59 Gb Free Space | 74,89% Space Free | Partition Type: NTFS Drive D: | 228,82 Gb Total Space | 228,73 Gb Free Space | 99,96% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LENE-PC Current User Name: Lene Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Whitelist: On File Age = 30 Days ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval"=1 "UacDisableNotify"=1 "InternetSettingsDisableNotify"=1 "AutoUpdateDisableNotify"=1 "FirewallDisableNotify"=0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring"=1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring"=1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 "VistaSp1"= [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile "DisableNotifications"=0 "EnableFirewall"=1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== (O10) Winsock2 Catalogs ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\] NameSpace_Catalog5\Catalog_Entries0000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] -- C:\Windows\System32\nlaapi.dll (Microsoft Corporation) NameSpace_Catalog5\Catalog_Entries0000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] -- C:\Windows\System32\NapiNSP.dll (Microsoft Corporation) NameSpace_Catalog5\Catalog_Entries0000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) NameSpace_Catalog5\Catalog_Entries0000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) ========== HKEY_LOCAL_MACHINE Protocol Defaults ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults - Default Protocols ldap -- 4 = Restricted sites (Not a Default Protocol) news -- 4 = Restricted sites (Not a Default Protocol) nntp -- 4 = Restricted sites (Not a Default Protocol) oecmd -- 4 = Restricted sites (Not a Default Protocol) snews -- 4 = Restricted sites (Not a Default Protocol) ========== HKEY_USERS Protocol Defaults ========== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols @ivt -- @ivt protocol not assigned file -- file protocol not assigned ftp -- ftp protocol not assigned http -- http protocol not assigned https -- https protocol not assigned shell -- shell protocol not assigned ========== HKEY_USERS Protocol Defaults ========== [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols @ivt -- @ivt protocol not assigned file -- file protocol not assigned ftp -- ftp protocol not assigned http -- http protocol not assigned https -- https protocol not assigned shell -- shell protocol not assigned ========== (O18) Protocol Handlers ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] [2008.10.27 07:42:03 | 00,079,128 | ---- | M] (AVG Technologies CZ, s.r.o.) C:\Programfiler\AVG\AVG8\avgpp.dll (linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} (HKLM) [XPLPPFilter Class]) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] [2007.10.18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Programfiler\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.]) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] [2006.10.26 12:45:02 | 00,873,216 | ---- | M] (Microsoft Corporation) C:\Programfiler\Common Files\microsoft shared\Help\hxds.dll (ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} (HKLM) [HxProtocol Class]) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] [2007.10.18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Programfiler\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.]) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] [2007.10.23 11:14:52 | 00,858,136 | ---- | M] (Microsoft Corporation) C:\Programfiler\Windows Live\Mail\mailcomm.dll (wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} (HKLM) [Windows Live Mail HTML Asynchronous Pluggable Protocol Handler]) ========== (O18) Protocol Filters ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters [2006.10.26 20:41:48 | 00,044,344 | ---- | M] (Microsoft Corporation) C:\Programfiler\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL text/xml:{807563E5-5146-11D5-A672-00B0D022E945} (HKLM) [Microsoft Office InfoPath XML Mime Filter] ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{10E1E87C-656C-4D08-86D6-5443D28583BE}"=TrayApp "{132888AE-EF67-41C5-BCA2-7D5D2488AB63}"=Acer HomeMedia Connect "{13F00518-807A-4B3A-83B0-A7CD90F3A398}"=MarketResearch "{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}"=NTI CD & DVD-Maker "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}"=eSobi v2 "{1753255A-0AEB-4220-8C75-607B73F0C133}"=Copy "{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=Google Toolbar for Internet Explorer "{29CB1674-DE1D-4D39-A871-FA0194FC58E9}"=Windows Live Mail "{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}"=WebReg "{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}"=Scan "{3248F0A8-6813-11D6-A77B-00B0D0160060}"=Java 6 Update 6 "{41581EF5-45A7-11DA-9D78-000129760D75}"=Acer SlideShow DVD "{415CDA53-9100-476F-A7B2-476691E117C7}"=HP Smart Web Printing "{4218D9DC-282B-4596-BEA5-F20560C14400}"=Windows Live installer "{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}"=HPSSupply "{543E938C-BDC4-4933-A612-01293996845F}"=UnloadSupport "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}"=Activation Assistant for the 2007 Microsoft Office suites "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}"=eSupportQFolder "{67ADE9AF-5CD9-4089-8825-55DE4B366799}"=NTI Backup NOW! 4.7 "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}"=CustomerResearchQFolder "{706BB40A-4102-4c89-8107-DC68C4EBD19B}"=HP Deskjet All-In-One Software 9.0 "{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable "{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}"=Acer ScreenSaver "{824D3839-DAA1-4315-A822-7AE3E620E528}"=VideoToolkit01 "{8389382B-53BA-4A87-8854-91E3D80A5AC7}"=HP Photosmart Essential2.01 "{90120000-0016-0414-0000-0000000FF1CE}"=Microsoft Office Excel MUI (Norwegian (Bokmål)) 2007 "{90120000-0016-0414-0000-0000000FF1CE}_HOMESTUDENTR_{7C86509D-1CB7-48BE-813E-6585CD97626B}"=2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0018-0414-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (Norwegian (Bokmål)) 2007 "{90120000-0018-0414-0000-0000000FF1CE}_HOMESTUDENTR_{7C86509D-1CB7-48BE-813E-6585CD97626B}"=2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001B-0414-0000-0000000FF1CE}"=Microsoft Office Word MUI (Norwegian (Bokmål)) 2007 "{90120000-001B-0414-0000-0000000FF1CE}_HOMESTUDENTR_{7C86509D-1CB7-48BE-813E-6585CD97626B}"=2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0407-0000-0000000FF1CE}"=Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}"=2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0409-0000-0000000FF1CE}"=Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}"=2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0414-0000-0000000FF1CE}"=Microsoft Office Proof (Norwegian (Bokmål)) 2007 "{90120000-001F-0414-0000-0000000FF1CE}_HOMESTUDENTR_{3FE135E8-2B21-44ED-99CA-87C782C4F5F7}"=2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0814-0000-0000000FF1CE}"=Microsoft Office Proof (Norwegian (Nynorsk)) 2007 "{90120000-001F-0814-0000-0000000FF1CE}_HOMESTUDENTR_{63BBC1EA-E390-403D-BFDE-B53E1D23FF46}"=2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-002C-0414-0000-0000000FF1CE}"=Microsoft Office Proofing (Norwegian (Bokmål)) 2007 "{90120000-006E-0414-0000-0000000FF1CE}"=Microsoft Office Shared MUI (Norwegian (Bokmål)) 2007 "{90120000-006E-0414-0000-0000000FF1CE}_HOMESTUDENTR_{3CC75FEB-8AA6-43F5-958E-0D074633CB2E}"=2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-00A1-0414-0000-0000000FF1CE}"=Microsoft Office OneNote MUI (Norwegian (Bokmål)) 2007 "{90120000-00A1-0414-0000-0000000FF1CE}_HOMESTUDENTR_{7C86509D-1CB7-48BE-813E-6585CD97626B}"=2007 Microsoft Office Suite Service Pack 1 (SP1) "{91120000-002F-0000-0000-0000000FF1CE}"=Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}"=2007 Microsoft Office Suite Service Pack 1 (SP1) "{93F54611-2701-454e-94AB-623F458D9E6B}"=DeviceDiscovery "{94389919-B0AA-4882-9BE8-9F0B004ECA35}"=Acer Tour "{A450831D-25F6-4F42-9662-D000B25E0D82}"=Acer PlayMovie "{A9C365A3-06C0-43b4-A2DB-EDF0A6079AA9}"=DJ_AIO_Software "{AA4BF92B-2AAF-11DA-9D78-000129760D75}"=Acer HomeMedia "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}"=DeviceManagementQFolder "{AB6097D9-D722-4987-BD9E-A076E2848EE2}"=Acer Empowering Technology "{AC76BA86-7AD7-1044-7B44-A81200000003}"=Adobe Reader 8.1.2 - Norsk "{AEA07F97-9088-497c-8821-0F36BD5DC251}"=HPProductAssistant "{AEEAE013-92F1-4515-B278-139F1A692A36}"=Acer eDataSecurity Management "{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}"=AIO_Scan "{B145EC69-66F5-11D8-9D75-000129760D75}"=Acer DVDivine "{B4B1F18B-5CED-4f8f-8A8F-1BD0503C222E}"=DJ_AIO_ProductContext "{B6B69D92-6CD8-4086-8D1D-7945BDA4AE5A}"=F4100_Help "{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}"=SolutionCenter "{C9D88AF8-7B0A-4200-BFBC-7827A7535096}"=F4100_doccd "{C9DC3EE4-7A92-F473-510D-48A5EAD52845}"=ATI Catalyst Install Manager "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1 "{CE386A4E-D0DA-4208-8235-BCE43275C694}"=LightScribe 1.4.142.1 "{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}"=Destination Component "{D462BF9E-0C35-4705-BF9B-3DF9F3816643}"=Acer ePerformance Management "{D70A63D1-2F54-4713-8AE6-BBD28D1A62E6}"=Windows Live Messenger "{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}"=LiveUpdate Notice (Symantec Corporation) "{DBEA1034-5882-4A88-8033-81C4EF0CFA29}"=Google Toolbar for Internet Explorer "{E2662C24-B31E-4349-A084-32EB76E8B760}"=BufferChm "{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}"=Toolbox "{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}"=Acer Arcade Live Main Page "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}"=32 Bit HP CIO Components Installer "{F22E8D16-0D5E-4b25-A630-F1361E6B02D2}"=Microsoft Works "{F56D6F46-1D62-4734-BF12-6457A1ED17BD}"=DJ_AIO_Software_min "{F6EFFB76-4A07-11DA-9D78-000129760D75}"=Acer DV Magician "{F72E2DDC-3DB8-4190-A21D-63883D955FE7}"=PSSWCORE "{F79A208D-D929-11D9-9D77-000129760D75}"=Acer VideoMagician "{F8FED11D-3584-4a72-8B26-E0951B655797}"=F4100 "{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}"=Status "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}"=Windows Live OneCare safety scanner "{FE57DE70-95DE-4B64-9266-84DA811053DB}"=HP Update "{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}"=Disc2Phone "Activation Assistant for the 2007 Microsoft Office suites"=Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX "Adobe Shockwave Player"=Adobe Shockwave Player "ATI Uninstaller"=ATI Uninstaller "AVG8Uninstall"=AVG Free 8.0 "BearShare MediaBar"=MediaBar 2.0 "Dizzler Media Player_is1"=www.dizzler.com "HijackThis"=HijackThis 2.0.2 "HOMESTUDENTR"=Microsoft Office Home and Student 2007 "HP Imaging Device Functions"=HP Imaging Device Functions 9.0 "HP Photosmart Essential"=HP Photosmart Essential 2.01 "HP Solution Center & Imaging Support Tools"=HP Solution Center 9.0 "HPExtendedCapabilities"=HP Customer Participation Program 9.0 "Imikimi Plugin"=Imikimi Plugin "InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}"=NTI CD & DVD-Maker "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}"=eSobi v2 "LiveUpdate"=LiveUpdate 3.2 (Symantec Corporation) "Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1 "NVIDIA Drivers"=NVIDIA Drivers "Windows Live OneCare safety scanner"=Windows Live OneCare safety scanner ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 02.12.2008 13:33:55 | Computer Name = Lene-PC | Source = MsiInstaller | ID = 1021 Description = Error - 02.12.2008 13:33:56 | Computer Name = Lene-PC | Source = MsiInstaller | ID = 1024 Description = Error - 02.12.2008 13:34:02 | Computer Name = Lene-PC | Source = MsiInstaller | ID = 1021 Description = Error - 02.12.2008 13:34:02 | Computer Name = Lene-PC | Source = MsiInstaller | ID = 1024 Description = Error - 02.12.2008 13:57:06 | Computer Name = Lene-PC | Source = MsiInstaller | ID = 1024 Description = Error - 02.12.2008 13:57:09 | Computer Name = Lene-PC | Source = MsiInstaller | ID = 1021 Description = Error - 02.12.2008 13:57:09 | Computer Name = Lene-PC | Source = MsiInstaller | ID = 1024 Description = Error - 02.12.2008 13:57:14 | Computer Name = Lene-PC | Source = MsiInstaller | ID = 1021 Description = Error - 02.12.2008 13:57:14 | Computer Name = Lene-PC | Source = MsiInstaller | ID = 1024 Description = Error - 02.12.2008 16:33:42 | Computer Name = Lene-PC | Source = Application Hang | ID = 1002 Description = Programmet iexplore.exe versjon 7.0.6001.18000 sluttet å samhandle med Windows og ble lukket. Hvis du vil se om det finnes mer informasjon tilgjengelig om problemet, ser du i problemhistorikken i kontrollpanelet for Problemrapportering og -løsninger. Prosess-ID: 1510 Starttidspunkt: 01c954bad7c768f0 Avslutningstidspunkt: 205 [ OSession Events ] Error - 12.11.2008 15:50:45 | Computer Name = Lene-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash. Error - 12.11.2008 15:54:17 | Computer Name = Lene-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash. Error - 12.11.2008 15:56:01 | Computer Name = Lene-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash. Error - 12.11.2008 16:05:09 | Computer Name = Lene-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 15.09.2008 06:38:05 | Computer Name = Lene-PC | Source = HTTP | ID = 15016 Description = Error - 18.09.2008 15:03:22 | Computer Name = Lene-PC | Source = HTTP | ID = 15016 Description = Error - 22.09.2008 09:13:48 | Computer Name = Lene-PC | Source = HTTP | ID = 15016 Description = Error - 22.09.2008 11:22:01 | Computer Name = Lene-PC | Source = EventLog | ID = 6008 Description = Forrige avslutning av systemet 17:20:49 på 22.09.2008 var uventet. Error - 22.09.2008 11:22:03 | Computer Name = Lene-PC | Source = HTTP | ID = 15016 Description = Error - 22.09.2008 11:22:06 | Computer Name = Lene-PC | Source = Dhcp | ID = 1002 Description = IP-adresseleasingavtalen 192.168.1.3 for nettverkskortet med nettverksadressen 001C253F9E5F ble avslått av DHCP-serveren 0.0.0.0 (DHCP-serveren sendte en DHCPNACK-melding). Error - 24.09.2008 10:31:40 | Computer Name = Lene-PC | Source = Print | ID = 6161 Description = Dokumentet Dokument uten navn.wps, eid av Lene, kunne ikke skrives ut på skriveren HP Deskjet F4100 series. Prøv å skrive ut dokumentet på nytt, eller start utskriftskøen på nytt. Datatype: NT EMF 1.008. Køfilstørrelse i byte: 2182124. Antall byte skrevet ut: 2182124. Totalt antall sider i dokumentet: 1. Antall sider skrevet ut: 3. Klientdatamaskin: \\LENE-PC. Win32-feilkode returnert av utskriftsprosessoren: 0. Operasjonen er utført. Error - 24.09.2008 11:53:31 | Computer Name = Lene-PC | Source = HTTP | ID = 15016 Description = Error - 24.09.2008 12:23:22 | Computer Name = Lene-PC | Source = HTTP | ID = 15016 Description = Error - 24.09.2008 12:23:25 | Computer Name = Lene-PC | Source = Print | ID = 54 Description = Dokument Dokument uten navn.wps kunne ikke skrives ut og ble slettet på grunn av skade i utskriftskøfilen. Den tilordnede driveren er: HP Deskjet F4100 series. Prøv å skrive ut dokumentet på nytt. < End of report > Lenke til kommentar
mona14 Skrevet 6. desember 2008 Forfatter Del Skrevet 6. desember 2008 (endret) CF ComboFix 08-12-01.01 - Lene 2008-12-06 21:49:02.6 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1044.18.2012 [GMT 1:00] Kjører fra: c:\users\Lene\Desktop\ComboFix.exe . ((((((((((((((((((((((((((( Filer Opprettet Fra 2008-11-06 til 2008-12-06 ))))))))))))))))))))))))))))))))) . 2008-12-06 08:33 . 2008-12-06 08:33 <DIR> d-------- c:\windows\Sun 2008-12-05 16:48 . 2008-12-05 16:48 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-05 16:48 . 2008-12-03 19:52 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2008-12-05 16:48 . 2008-12-03 19:52 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2008-12-02 10:07 . 2008-12-02 10:07 <DIR> d-------- c:\program files\dizzler 2008-12-01 19:07 . 2008-12-01 19:07 <DIR> d-------- c:\users\Lene\AppData\Roaming\Malwarebytes 2008-12-01 19:07 . 2008-12-01 19:07 <DIR> d-------- c:\users\All Users\Malwarebytes 2008-12-01 19:07 . 2008-12-01 19:07 <DIR> d-------- c:\programdata\Malwarebytes 2008-11-28 11:39 . 2008-11-28 11:39 <DIR> d-------- c:\program files\Imikimi 2008-11-26 00:13 . 2008-10-21 06:25 1,645,568 --a------ c:\windows\System32\connect.dll 2008-11-26 00:13 . 2008-08-28 04:40 712,704 --a------ c:\windows\System32\WindowsCodecs.dll 2008-11-26 00:13 . 2008-08-28 04:40 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll 2008-11-26 00:13 . 2008-08-28 04:40 347,136 --a------ c:\windows\System32\WindowsCodecsExt.dll 2008-11-26 00:13 . 2008-10-22 04:57 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll 2008-11-19 20:47 . 2008-10-16 22:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll 2008-11-19 20:47 . 2008-10-16 21:56 1,524,736 --a------ c:\windows\System32\wucltux.dll 2008-11-19 20:47 . 2008-10-16 22:12 561,688 --a------ c:\windows\System32\wuapi.dll 2008-11-19 20:47 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll 2008-11-19 20:47 . 2008-10-16 21:55 83,456 --a------ c:\windows\System32\wudriver.dll 2008-11-19 20:47 . 2008-10-16 22:09 51,224 --a------ c:\windows\System32\wuauclt.exe 2008-11-19 20:47 . 2008-10-16 22:09 43,544 --a------ c:\windows\System32\wups2.dll 2008-11-19 20:47 . 2008-10-16 22:08 34,328 --a------ c:\windows\System32\wups.dll 2008-11-19 20:47 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe 2008-11-12 03:53 . 2008-09-10 04:40 1,334,272 --a------ c:\windows\System32\msxml6.dll 2008-11-12 03:53 . 2008-09-05 06:14 1,191,936 --a------ c:\windows\System32\msxml3.dll 2008-11-12 03:53 . 2008-08-27 02:05 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys 2008-11-11 21:00 . 2008-11-12 11:16 <DIR> d-------- c:\program files\BearShare Applications 2008-11-11 21:00 . 2008-09-25 14:20 483,328 --a------ c:\windows\System32\actskn45.ocx . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-05 20:55 --------- d-----w c:\program files\Windows Live Safety Center 2008-12-04 17:42 --------- d-----w c:\users\Lene\AppData\Roaming\LimeWire 2008-12-04 05:38 --------- d-----w c:\program files\LimeWire 2008-11-15 11:45 1,036 ----a-w c:\users\Lene\AppData\Roaming\wklnhst.dat 2008-11-13 02:01 --------- d-----w c:\programdata\Microsoft Help 2008-11-05 13:47 --------- d-----w c:\program files\Google 2008-10-28 18:30 --------- d-----w c:\program files\Incomplete 2008-10-27 06:42 97,928 ----a-w c:\windows\system32\drivers\avgldx86.sys 2008-10-27 06:42 69,128 ----a-w c:\windows\system32\drivers\avgwfpx.sys 2008-10-27 06:42 10,520 ----a-w c:\windows\System32\avgrsstx.dll 2008-10-27 06:42 --------- d-----w c:\programdata\avg8 2008-10-27 05:41 147,456 ----a-w c:\users\Lene\vbzip10.dll 2008-10-26 20:55 --------- d-----w c:\users\Lene\AppData\Roaming\Comodo 2008-10-26 20:55 --------- d-----w c:\programdata\comodo 2008-10-26 20:55 --------- d-----w c:\program files\COMODO 2008-10-26 20:41 --------- d-----w c:\program files\AVG 2008-10-26 18:58 --------- d-----w c:\program files\Java 2008-10-26 18:48 --------- d-----w c:\program files\Common Files\eAcceleration 2008-10-24 19:17 --------- d-----w c:\program files\Euro Truck Simulator 30 Minuten Demo 2008-10-24 19:02 --------- d-----w c:\program files\Yahoo! 2008-10-24 19:02 --------- d-----w c:\program files\Windows Live Toolbar 2008-10-24 07:38 --------- d-----w c:\program files\Sweet Games 2008-10-21 13:19 --------- d---a-w c:\programdata\TEMP 2008-10-15 01:14 --------- d-----w c:\program files\Windows Mail 2008-10-02 03:49 827,392 ----a-w c:\windows\System32\wininet.dll 2008-09-30 15:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll 2008-09-23 16:46 245,408 ----a-w c:\windows\System32\unicows.dll 2008-09-18 05:09 3,601,464 ----a-w c:\windows\System32\ntkrnlpa.exe 2008-09-18 05:09 3,549,240 ----a-w c:\windows\System32\ntoskrnl.exe 2008-09-18 04:56 147,456 ----a-w c:\windows\System32\Faultrep.dll 2008-09-18 04:56 125,952 ----a-w c:\windows\System32\wersvc.dll 2008-09-18 02:16 2,032,640 ----a-w c:\windows\System32\win32k.sys 2008-08-31 06:36 174 --sha-w c:\program files\desktop.ini 2008-07-24 15:23 2,402,832 ----a-w c:\users\Gjest\WLinstaller.exe 2008-07-24 13:36 4,898,144 ----a-w c:\users\Gjest\LimeWireWin.exe 2008-07-24 13:34 2,402,832 ----a-w c:\users\Gjest\WLinstallerCAP31W3ECAT71HVPCA2TFO3ECA1PYA1ECAMF4359.txt.exe . ((((((((((((((((((((((((((((( snapshot_2008-12-05_20.33.13,14 ))))))))))))))))))))))))))))))))))))))))) . - 2008-12-05 19:17:26 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2008-12-06 20:24:25 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2008-12-05 19:17:26 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2008-12-06 20:24:25 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2008-12-05 19:18:37 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-12-06 20:26:18 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT - 2008-12-05 19:18:31 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-12-06 20:25:40 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT - 2008-12-05 19:22:44 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-12-06 20:29:47 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-12-05 19:22:44 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-12-06 20:29:47 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-12-05 19:22:44 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-12-06 20:29:47 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-12-05 19:21:58 104,742 ----a-w c:\windows\System32\perfc009.dat + 2008-12-06 20:29:07 104,742 ----a-w c:\windows\System32\perfc009.dat - 2008-12-05 19:21:58 80,318 ----a-w c:\windows\System32\perfc014.dat + 2008-12-06 20:29:07 80,318 ----a-w c:\windows\System32\perfc014.dat - 2008-12-05 19:21:58 595,308 ----a-w c:\windows\System32\perfh009.dat + 2008-12-06 20:29:07 595,308 ----a-w c:\windows\System32\perfh009.dat - 2008-12-05 19:21:58 459,996 ----a-w c:\windows\System32\perfh014.dat + 2008-12-06 20:29:07 459,996 ----a-w c:\windows\System32\perfh014.dat - 2008-12-05 19:19:28 6,478 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4128802225-1587188728-665397840-1000_UserData.bin + 2008-12-06 20:26:35 6,510 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4128802225-1587188728-665397840-1000_UserData.bin - 2008-12-05 19:19:28 77,538 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2008-12-06 20:26:35 77,538 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2008-12-05 16:39:37 319,910 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_FastS4.bin + 2008-12-06 16:06:36 320,102 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_FastS4.bin . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}] 2008-09-02 15:05 398776 --a------ c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-11-05 171448] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] "Acer Tour Reminder"="" [bU] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2007-01-24 319488] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 464168] "PlayMovie"="c:\program files\Acer Arcade Live\Acer PlayMovie\PMVService.exe" [2007-07-13 178280] "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-05 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8530464] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-27 1261336] "RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 c:\windows\RtHDVCpl.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552] c:\users\Lene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper og Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-05-05 528384] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 210520] PCM Media Sharing.lnk - c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007-05-05 200812] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Comodo\Css\cssdll32.dll,avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.mkdmp3enc"= c:\progra~1\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{64048293-F327-484A-8412-11F8111BAF31}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{7C8221AB-6183-4551-96DB-2E400DD0570A}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{E0663390-50D4-494F-908F-14F22C8DCB99}"= c:\program files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live "{D4C148B6-6294-4575-936B-2C6BEE8D3A6F}"= c:\program files\Acer Arcade Live\SlideShow DVD\Component\CLSLDVD.exe:SlideShow DVD workprocess "{6A0DC1D7-DC2E-4464-9D3B-2535FFE8AA1A}"= c:\program files\Acer Arcade Live\Acer DV Magician\Component\ARAWP.exe:DV Magician ARA workprocess "{123289ED-3F8A-401F-82D4-69F87EC672A5}"= c:\program files\Acer Arcade Live\Acer DV Magician\Component\DVAX2Process.exe:DV Magician AVAX workprocess "{5C84AC23-D575-436E-9E97-8FAA1D25843C}"= c:\program files\Acer Arcade Live\Acer DVDivine\DVDivine.exe:DVDivine "{A4B05E83-5A13-49E2-8130-7449D1890B5B}"= c:\program files\Acer Arcade Live\Acer HomeMedia\HomeMedia.exe:HomeMedia "{B4D2704A-61DB-43F6-95BA-6785EAFF0ECF}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\HomeMedia Connect.exe:HomeMedia Connect "{4AAEA8A4-EA8D-4454-94F3-E2532C237638}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:HomeMedia Connect Service "{D842B27B-51FD-4185-99C9-00D8D557D6A6}"= c:\program files\Acer Arcade Live\Acer VideoMagician\VideoMagician.exe:VideoMagician "{AB44F332-5C31-47C6-BA96-F214D30FB2C1}"= c:\program files\Acer Arcade Live\Acer PlayMovie\PlayMovie.exe:Acer PlayMovie "{D34341DA-1C34-4F75-B163-C9608FCA3656}"= c:\program files\Acer Arcade Live\Acer PlayMovie\PMVService.exe:Acer PlayMovie Resident Program "{A3DE84E7-6865-4E39-BECD-C0C30B3900CD}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{F4D63D29-5E99-4176-9B37-A875E0EB9C0A}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe "{FA8411F6-143E-4F04-BB11-0EB221850A7D}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe "{2AA6FE91-7242-47BF-AE83-75D67D0C10FF}"= UDP:c:\program files\BearShare Applications\BearShare\BearShare.exe:BearShare "{A749046C-2F94-444F-92AC-01045E005558}"= TCP:c:\program files\BearShare Applications\BearShare\BearShare.exe:BearShare "{2FAE745D-05BE-4A9D-842C-D77B48A4E58A}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) R0 AtiPcie;ATI PCI Express (3GIO) Filter;c:\windows\system32\DRIVERS\AtiPcie.sys [2007-05-05 8192] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-10-27 97928] R1 IDSvix86;Symantec Intrusion Prevention Driver;\??\c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20080606.003\IDSvix86.sys [2008-06-07 261680] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};\??\c:\program files\Acer Arcade Live\Acer PlayMovie\000.fcl [2008-05-20 11:44:46 39408] R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;"c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe" [2007-05-05 266343] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-10-27 875288] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-10-27 231704] R3 AvgWfpX;AVG Free8 Firewall Driver x86;c:\windows\system32\Drivers\avgwfpx.sys [2008-10-27 69128] S3 atikmdag;atikmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2007-05-06 2427392] S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM);c:\windows\system32\DRIVERS\sea1bus.sys [2008-07-27 61536] S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter;c:\windows\system32\DRIVERS\sea1mdfl.sys [2008-07-27 9360] S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver;c:\windows\system32\DRIVERS\sea1mdm.sys [2008-07-27 97088] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc *Newly Created Service* - CATCHME . . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.sol.no/ uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mStart Page = hxxp://home.sweetim.com IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 O16 -: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - hxxp://imikimi.com/download/imikimi_plugin_0.5.1.cab c:\windows\Downloaded Program Files\imikimi_cab.inf . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-06 21:50:22 Windows 6.0.6001 Service Pack 1 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'Explorer.exe'(5628) c:\windows\system32\MsnChatHook.dll c:\windows\system32\ShowErrMsg.dll c:\windows\system32\sysenv.dll c:\windows\system32\BatchCrypto.dll c:\windows\system32\CryptoAPI.dll c:\windows\system32\keyManager.dll . Tidspunkt ferdig: 2008-12-06 21:51:30 ComboFix-quarantined-files.txt 2008-12-06 20:51:27 ComboFix2.txt 2008-12-06 20:35:13 ComboFix3.txt 2008-12-05 19:35:20 ComboFix4.txt 2008-12-02 20:08:25 ComboFix5.txt 2008-12-06 20:48:51 Pre-Run: 184 229 339 136 byte ledig Post-Run: 184,205,856,768 byte ledig 234 --- E O F --- 2008-12-05 08:28:10 Der ja, endelig Har også problemer med at når jeg er på internettsider "låser/brenner" de seg fast. Må bare bruke Ctrl+Alt+Delete. Veit ikke om dette hjelper dere så mye men.. Endret 6. desember 2008 av mona14 Lenke til kommentar
snippsat Skrevet 6. desember 2008 Del Skrevet 6. desember 2008 (endret) Start med om dette. Du har tjenster og drivere fra norton som kjører. Se om det hjelper. Norton-Removal-Tool Restart ny runde med remove tool. Endret 6. desember 2008 av SNIPPSAT Lenke til kommentar
mona14 Skrevet 7. desember 2008 Forfatter Del Skrevet 7. desember 2008 Det der ble litt for komplisert for meg ; o Lenke til kommentar
raWrz Skrevet 7. desember 2008 Del Skrevet 7. desember 2008 (endret) last ned norton removal tool: http://www.softpedia.com/get/Tweak/Uninsta...oval-Tool.shtml og kjør det fordi: du har rester etter norton avinnstalering edit: og når den er ferdig slår du maskinen av og på og kjører programmet igjen Endret 7. desember 2008 av Submit Lenke til kommentar
mona14 Skrevet 7. desember 2008 Forfatter Del Skrevet 7. desember 2008 Jeg skjønner fortsatt ikke noe av det her : o direkte link til den greia? Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå