daggi911 Skrevet 10. desember 2009 Del Skrevet 10. desember 2009 Logfile of random's system information tool 1.06 (written by random/random) Run by Bruker at 2009-12-10 08:34:27 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 9 GB (34%) free of 27 GB Total RAM: 502 MB (15% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:35:00, on 10.12.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Acer\eManager\anbmServ.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Programfiler\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\acer\epm\epm-dm.exe C:\Programfiler\Launch Manager\LaunchAp.exe C:\Programfiler\Launch Manager\PowerKey.exe C:\Programfiler\Launch Manager\HotkeyApp.exe C:\Programfiler\Launch Manager\OSDCtrl.exe C:\Programfiler\Launch Manager\Wbutton.exe C:\Programfiler\Acer\eRecovery\Monitor.exe C:\Programfiler\MessengerPlus! 3\MsgPlus.exe C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Programfiler\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Programfiler\Internet Explorer\iexplore.exe C:\Programfiler\Internet Explorer\iexplore.exe C:\WINDOWS\system32\WgaTray.exe C:\Documents and Settings\Bruker\Skrivebord\RSIT.exe C:\Programfiler\Bruker.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programfiler\AVG\AVG8\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot O4 - HKLM\..\Run: [LaunchAp] "C:\Programfiler\Launch Manager\LaunchAp.exe" O4 - HKLM\..\Run: [PowerKey] "C:\Programfiler\Launch Manager\PowerKey.exe" O4 - HKLM\..\Run: [LManager] "C:\Programfiler\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [CtrlVol] "C:\Programfiler\Launch Manager\CtrlVol.exe" O4 - HKLM\..\Run: [LMgrOSD] "C:\Programfiler\Launch Manager\OSDCtrl.exe" O4 - HKLM\..\Run: [Wbutton] "C:\Programfiler\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Programfiler\Acer\eRecovery\Monitor.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programfiler\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programfiler\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [µTorrent] "C:\Programfiler\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Programfiler\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Programfiler/Mahjong%20Escape%20-%20Ancient%20China/Images/stg_drm.ocx O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Programfiler/Mahjong%20Escape%20-%20Ancient%20China/Images/armhelper.ocx O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://support.f-secure.com/enu/home/onlin.../fshc/fscax.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{D48E6E19-582B-4C21-BA35-009FEAAF4944}: NameServer = 192.168.1.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programfiler\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.DLL O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programfiler\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programfiler\Fellesfiler\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Programfiler\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O24 - Desktop Component 1: (no name) - http://www.posten.no/posten/pageskm/kmspor...703730013723568 O24 - Desktop Component 2: (no name) - http://www.finn.no/finn/realestate/homes/result?areaId=20217 -- End of file - 9363 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\User_Feed_Synchronization-{9DA8CEEB-AAE1-461E-9A13-5CEDADDEEEA1}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Programfiler\AVG\AVG8\avgssie.dll [2009-08-21 1111320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Påloggingshjelp for Windows Live - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Programfiler\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "preload"=C:\Windows\RUNXMLPL.exe [2005-05-19 32768] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-01-23 155648] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-01-23 126976] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-04-15 77824] "SynTPLpr"=C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe [2005-02-04 102490] "SynTPEnh"=C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe [2005-02-04 708698] "EPM-DM"=c:\acer\epm\epm-dm.exe [2005-06-01 192512] "ePowerManagement"=C:\Acer\ePM\ePM.exe [2005-03-15 2893824] "LaunchAp"=C:\Programfiler\Launch Manager\LaunchAp.exe [2005-07-25 32768] "PowerKey"=C:\Programfiler\Launch Manager\PowerKey.exe [2002-08-30 94208] "LManager"=C:\Programfiler\Launch Manager\HotkeyApp.exe [2005-06-06 69632] "CtrlVol"=C:\Programfiler\Launch Manager\CtrlVol.exe [2003-09-16 20480] "LMgrOSD"=C:\Programfiler\Launch Manager\OSDCtrl.exe [2005-07-25 241664] "Wbutton"=C:\Programfiler\Launch Manager\Wbutton.exe [2005-07-25 81920] "eRecoveryService"=C:\Programfiler\Acer\eRecovery\Monitor.exe [2005-06-29 352256] "MessengerPlus3"=C:\Programfiler\MessengerPlus! 3\MsgPlus.exe [2007-10-28 190024] "GrooveMonitor"=C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016] "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-11-26 2029336] "SunJavaUpdateSched"=C:\Programfiler\Java\jre6\bin\jusched.exe [2009-10-11 149280] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "MSMSGS"=C:\Programfiler\Messenger\msmsgs.exe [2008-04-14 1695232] "MessengerPlus3"=C:\Programfiler\MessengerPlus! 3\MsgPlus.exe [2007-10-28 190024] "SUPERAntiSpyware"=C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-24 2001648] "µTorrent"=C:\Programfiler\uTorrent\uTorrent.exe [2009-11-25 289072] "uTorrent"=C:\Programfiler\uTorrent\uTorrent.exe [2009-11-25 289072] "msnmsgr"=C:\Programfiler\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Programfiler\Messenger\msmsgs.exe [2008-04-14 1695232] C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart Hurtigstart for Adobe Reader.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon] C:\Programfiler\SUPERAntiSpyware\SASWINLO.DLL [2009-09-09 548352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter] C:\WINDOWS\system32\avgrsstx.dll [2009-08-21 11952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxsrvc.dll [2005-01-23 348160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2008-05-21 77824] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Programfiler\Grisoft\AVG Free\avginet.exe"="C:\Programfiler\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe" "C:\Programfiler\Messenger\MSMSGS.EXE"="C:\Programfiler\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger" "C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Programfiler\HP\Digital Imaging\bin\hpqste08.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Programfiler\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\Programfiler\HP\Digital Imaging\bin\hposfx08.exe"="C:\Programfiler\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\Programfiler\HP\Digital Imaging\bin\hposid01.exe"="C:\Programfiler\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Programfiler\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\Programfiler\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Programfiler\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\Programfiler\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\Programfiler\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\Programfiler\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Programfiler\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\Programfiler\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Programfiler\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\Programfiler\HP\Digital Imaging\bin\hpoews01.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\Programfiler\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Programfiler\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Programfiler\uTorrent\utorrent.exe"="C:\Programfiler\uTorrent\utorrent.exe:*:Enabled:µTorrent" "C:\Programfiler\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Programfiler\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Programfiler\Microsoft Office\Office12\groove.exe"="C:\Programfiler\Microsoft Office\Office12\groove.exe:*:Enabled:Microsoft Office Groove" "C:\Programfiler\Microsoft Office\Office12\ONENOTE.EXE"="C:\Programfiler\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\Programfiler\Internet Explorer\IEXPLORE.EXE"="C:\Programfiler\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer" "C:\Programfiler\AVG\AVG8\avgupd.exe"="C:\Programfiler\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe" "D:\Spotify\spotify.exe"="D:\Spotify\spotify.exe:*:Enabled:Spotify" "C:\Programfiler\Windows Live\Messenger\msnmsgr.exe"="C:\Programfiler\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Programfiler\Windows Live\Messenger\msnmsgr.exe"="C:\Programfiler\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======File associations====== .scr - open - C:\WINDOWS\system32\notepad.exe "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2009-12-10 08:34:34 ----A---- C:\Programfiler\Bruker.exe 2009-12-10 08:34:27 ----D---- C:\rsit 2009-12-09 07:46:18 ----HD---- C:\WINDOWS\$NtUninstallKB970430$ 2009-12-09 07:46:11 ----HD---- C:\WINDOWS\$NtUninstallKB974318$ 2009-12-09 07:45:34 ----HD---- C:\WINDOWS\$NtUninstallKB973904$ 2009-12-09 07:45:27 ----HD---- C:\WINDOWS\$NtUninstallKB974392$ 2009-12-09 07:45:11 ----HD---- C:\WINDOWS\$NtUninstallKB971737$ 2009-11-26 07:19:17 ----D---- C:\Documents and Settings\All Users\Programdata\cerasus.media 2009-11-26 07:19:14 ----D---- C:\Documents and Settings\Bruker\Programdata\cerasus.media 2009-11-26 07:17:58 ----D---- C:\WINDOWS\Mahjongg - Ancient Mayas 2009-11-26 07:17:58 ----D---- C:\Programfiler\Mahjongg - Ancient Mayas 2009-11-26 07:17:41 ----A---- C:\WINDOWS\Mahjongg - Ancient Mayas Setup Log.txt 2009-11-25 07:24:15 ----HD---- C:\WINDOWS\$NtUninstallKB976098-v2$ 2009-11-25 07:23:58 ----HD---- C:\WINDOWS\$NtUninstallKB973687$ 2009-11-24 14:24:30 ----D---- C:\Programfiler\Kyodai Mahjongg 2006 2009-11-12 07:06:17 ----HD---- C:\WINDOWS\$NtUninstallKB969947$ ======List of files/folders modified in the last 1 months====== 2009-12-10 07:10:40 ----N---- C:\WINDOWS\system32\eRLog.ini 2009-12-10 07:08:44 ----A---- C:\WINDOWS\ModemLog_SoftV90 Data Fax Modem with SmartCP.txt 2009-12-09 15:55:26 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-12-09 07:46:16 ----A---- C:\WINDOWS\imsins.BAK 2009-12-01 21:06:20 ----A---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-21 335240] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-21 27784] R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867] R1 intelppm;Intel-prosessordriver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192] R1 SASDIFSV;SASDIFSV; \??\C:\Programfiler\SUPERAntiSpyware\SASDIFSV.SYS [] R1 SASKUTIL;SASKUTIL; \??\C:\Programfiler\SUPERAntiSpyware\SASKUTIL.sys [] R1 WmiAcpi;Microsoft Windows Management-grensesnitt for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys [] R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys [] R2 int15.sys;int15.sys; \??\C:\Programfiler\Acer\eRecovery\int15.sys [] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059] R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys [] R2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys [] R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2002-12-17 76288] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-19 2317504] R3 CmBatt;Driver for batteri med Microsoft ACPI-kontrollmetode; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 HidUsb;Microsoft HID-klassedriver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208] R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-12-15 207232] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-01-23 804317] R3 mouhid;HID-driver for mus; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-06 12160] R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-03-11 6144] R3 POWERKEY;POWERKEY; \??\C:\Programfiler\Launch Manager\POWERKEY.sys [] R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912] R3 SASENUM;SASENUM; \??\C:\Programfiler\SUPERAntiSpyware\SASENUM.SYS [] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-02-04 193216] R3 usbehci;Miniportdriver for Microsoft USB 2.0 forbedret vertskontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;USB2 aktivert hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Microsoft USB PRINTER-klasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbuhci;Miniportdriver for Microsoft USB universell vertskontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-15 703232] S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys [] S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys [] S3 Arp1394;1394 ARP-klientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] S3 BCM43XX;Broadcom 802.11 Nettverkskort Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-22 369024] S3 catchme;catchme; \??\C:\DOCUME~1\Bruker\LOKALE~1\Temp\catchme.sys [] S3 dot4;MS IEEE-1284.4-driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976] S3 Dot4Print;Skriverklassedriver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928] S3 dot4usb;Dot4USB-filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-06 23808] S3 FETNDIS;NT-driver for VIA PCI 10/100Mb Fast Ethernet-kort; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] S3 G3GRSC;G3G R Smart Card; C:\WINDOWS\system32\DRIVERS\g3grsc.sys [2004-09-27 16256] S3 G3GRUMDM;G3G R USB Modem; C:\WINDOWS\system32\DRIVERS\g3grumdm.sys [2004-09-25 26496] S3 G3GRUSER;G3G R USB Serial; C:\WINDOWS\system32\DRIVERS\g3gruser.sys [2004-09-25 23296] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568] S3 NIC1394;1394-nettverksdriver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] S3 NSCIRDA;NSC infrarød enhetsdriver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672] S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368] S3 Rasirda;WAN-miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] S3 SONYPVU1;Sony USB-filterdriver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 usbccgp;Microsoft USB generell overordnet driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbohci;Miniportdriver for Microsoft USB åpen vertskontroller; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] S3 usbscan;USB-skannerdriver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;USB-masselagringsenhet; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 W8100PCI;Marvell Libertas 802.11b/g Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\mrv8k51.sys [2004-08-13 258560] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2005-06-06 1273344] R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-21 297752] R2 JavaQuickStarterService;Java Quick Starter; C:\Programfiler\Java\jre6\bin\jqs.exe [2009-10-11 153376] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632] R2 aawservice;Ad-Aware 2007 Service; C:\Programfiler\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-09-25 574808] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Programfiler\Fellesfiler\Autodesk Shared\Service\AdskScSrv.exe [2009-09-24 85096] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 getPlus® Helper;getPlus® Helper; C:\Programfiler\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Programfiler\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824] S3 odserv;Microsoft Office Diagnostics Service; C:\Programfiler\Fellesfiler\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Programfiler\Fellesfiler\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Programfiler\Windows Media Player\WMPNetwk.exe [2006-11-15 914944] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- Lenke til kommentar
snippsat Skrevet 10. desember 2009 Del Skrevet 10. desember 2009 Ser greit ut. Messenger Plus kan ta med seg(CID advertising popups) under install. http://www.msghelp.net/showthread.php?tid=80796 Bare så du er klart over viss du er plaget av reklame popup. Lenke til kommentar
daggi911 Skrevet 11. desember 2009 Forfatter Del Skrevet 11. desember 2009 ok, takk for hjelpen. problemet er msn virus, kontaktene mine sier at jeg sender ut virus, "iphone" reklame greier.. Dette er pcen jeg bruker på jobb, så har jeg lagt ut ein logg for hjemme pcen min også, håper noen ser på den loggen.. Takk for hjelpen, skal sjekke ut den linken du la til:-) Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå