paba Skrevet 11. september 2012 Rapporter Del Skrevet 11. september 2012 Har nå fått store problemer med min pc, og håper noen kan hjelpe meg med å rette feilene. Jeg får feilmeldingene error1067 og error1068 når jeg starter opp programmer. Har også mistet tilgangen til trådløst nett. Når jeg forsøker feilsøking så får jeg beskjed om at et problem hindrer feilsøkingsprogramet å starte. Har forsøkt systemgjenoppretting, men ikke noe skjer. Trenger hjelp! Lenke til kommentar
mobile999 Skrevet 11. september 2012 Rapporter Del Skrevet 11. september 2012 (endret) Last ned dette programmet og lagre det til skrivebordet: http://public.avast....erek/aswMBR.exe Kjør programmet. Klikk No for å ikke laste ned definisjoner. Klikk Scan Når den er ferdig (kan være vanskelig å se), så klikker du Save log og lagrer loggen på skrivebordet. Post denne loggen. Endret 11. september 2012 av mobile999 Lenke til kommentar
paba Skrevet 14. september 2012 Forfatter Rapporter Del Skrevet 14. september 2012 Når jeg har scannet en stund så får jeg beskjed om at et problem førte til at programmet sluttet å virke. Så lukkes programmet. Har du andre tips om løsning? Lenke til kommentar
mobile999 Skrevet 14. september 2012 Rapporter Del Skrevet 14. september 2012 (endret) Forsøk å scanne med Otl for å få ut noe informasjon fra datamaskinen din til å jobbe med: Last ned og lagre (på skrivebordet) OTL fra følgende nettside: http://www.geekstogo...for-hijackthis/ Kjør programmet og klikk Quick Scan for å kjøre scanningen. Post innholdet i begge filene som dukker opp når scanningen er ferdig, sett dem helst i hver sin spoilertekst. Endret 14. september 2012 av mobile999 Lenke til kommentar
paba Skrevet 14. september 2012 Forfatter Rapporter Del Skrevet 14. september 2012 (endret) OTL logfile created on: 9/14/2012 10:18:15 PM - Run 1 OTL by OldTimer - Version 3.2.61.4 Folder = F:\Pål 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy 3.87 Gb Total Physical Memory | 2.33 Gb Available Physical Memory | 60.18% Memory free 7.73 Gb Paging File | 6.06 Gb Available in Paging File | 78.38% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 444.62 Gb Total Space | 378.77 Gb Free Space | 85.19% Space Free | Partition Type: NTFS Drive D: | 20.85 Gb Total Space | 3.03 Gb Free Space | 14.55% Space Free | Partition Type: NTFS Drive F: | 931.51 Gb Total Space | 838.51 Gb Free Space | 90.02% Space Free | Partition Type: NTFS Computer Name: ANNEGRETE-HP | User Name: Anne Grete | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/09/14 21:41:23 | 000,599,552 | ---- | M] (OldTimer Tools) -- F:\Pål\OTL.exe PRC - [2012/07/03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012/07/03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe PRC - [2012/01/10 19:36:34 | 001,083,264 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe PRC - [2012/01/04 14:32:36 | 000,718,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe PRC - [2012/01/04 14:32:06 | 000,148,520 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2010/09/29 03:08:58 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe PRC - [2010/09/28 21:59:06 | 001,040,952 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe PRC - [2010/04/23 21:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe PRC - [2010/04/23 21:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe PRC - [2009/10/01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe PRC - [2009/10/01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe ========== Modules (No Company Name) ========== MOD - [2012/01/10 19:38:40 | 000,423,808 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll MOD - [2012/01/10 19:38:38 | 000,058,240 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll MOD - [2012/01/10 19:38:34 | 000,095,104 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll MOD - [2012/01/10 19:38:32 | 000,272,768 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll MOD - [2012/01/10 19:38:00 | 000,384,896 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QxtCore.dll MOD - [2012/01/10 19:38:00 | 000,165,248 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QxtWeb.dll MOD - [2012/01/10 19:37:58 | 002,557,312 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll MOD - [2012/01/10 19:37:56 | 000,346,496 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll MOD - [2012/01/10 19:37:54 | 010,843,520 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll MOD - [2012/01/10 19:37:48 | 000,196,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll MOD - [2012/01/10 19:37:46 | 001,294,208 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll MOD - [2012/01/10 19:37:44 | 000,682,880 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll MOD - [2012/01/10 19:37:42 | 000,919,936 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll MOD - [2012/01/10 19:37:40 | 000,517,504 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll MOD - [2012/01/10 19:37:38 | 008,172,928 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll MOD - [2012/01/10 19:37:36 | 002,252,672 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll MOD - [2012/01/10 19:37:34 | 002,288,512 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll MOD - [2012/01/10 19:37:32 | 000,422,272 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll MOD - [2012/01/10 19:37:22 | 000,202,624 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll MOD - [2012/01/10 19:37:20 | 000,034,688 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll MOD - [2012/01/10 19:37:18 | 000,032,640 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll MOD - [2012/01/10 19:36:38 | 000,388,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\OviShareLib.dll MOD - [2012/01/10 19:36:24 | 000,437,632 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll MOD - [2012/01/10 19:36:02 | 001,037,696 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\Maps Service API.dll MOD - [2012/01/10 19:35:06 | 000,758,656 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll MOD - [2012/01/05 17:00:24 | 000,112,640 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll MOD - [2010/09/28 22:12:00 | 001,696,824 | ---- | M] () -- C:\Users\Anne Grete\AppData\Roaming\PictureMover\NO-NO\Presentation.dll MOD - [2010/09/28 21:59:20 | 012,286,008 | ---- | M] () -- C:\Users\Anne Grete\AppData\Roaming\PictureMover\Bin\Core.dll MOD - [2010/08/16 23:21:30 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll MOD - [2010/08/16 23:21:30 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll MOD - [2010/08/16 23:21:30 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll MOD - [2009/07/14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll ========== Services (SafeList) ========== SRV:64bit: - [2012/07/03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2010/09/10 00:26:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2010/08/06 04:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc) SRV:64bit: - [2010/07/21 23:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service) SRV:64bit: - [2010/06/25 01:24:12 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService) SRV:64bit: - [2009/11/18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2012/08/23 20:52:52 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe -- (BBUpdate) SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe -- (BBSvc) SRV - [2012/01/04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2010/09/29 03:08:58 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC) SRV - [2010/06/19 03:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2010/06/02 01:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/10/01 06:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2009/10/01 06:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007/12/18 00:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) SRV - [2007/01/12 00:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/07/30 13:32:08 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2012/07/03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2012/07/03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2012/07/03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012/07/03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2012/07/03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2012/07/03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012/05/11 07:34:12 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2012/03/01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/11/01 11:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2011/11/01 11:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2011/11/01 11:07:24 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64) DRV:64bit: - [2011/11/01 11:07:24 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2011/11/01 11:07:24 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2011/11/01 11:07:24 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64) DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011/09/06 12:10:28 | 000,177,920 | ---- | M] (HID Global Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cxbu0x64.sys -- (cxbu0x64) DRV:64bit: - [2011/03/11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/09/29 09:55:54 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2010/09/13 20:00:08 | 001,390,640 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010/09/11 04:20:28 | 001,014,624 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x) DRV:64bit: - [2010/09/10 00:45:34 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2010/09/09 23:52:50 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010/05/07 21:19:58 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2010/05/06 15:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2010/04/13 19:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010/03/23 03:57:20 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009/09/17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2009/07/14 01:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2009/06/10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009/06/10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009/06/10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/06/10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009/06/10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008/08/28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/9 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/9 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/we...&l=dis&o=HPNTDF IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://no.search.yah...psg&type=HPNTDF IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://no.wikipedia....h={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/...rc=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/9 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/9 IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/we...&l=dis&o=HPNTDF IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://no.search.yah...psg&type=HPNTDF IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://no.wikipedia....h={searchTerms} IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/...rc=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/9 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/we...&l=dis&o=HPNTDF IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://no.search.yah...psg&type=HPNTDF IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://no.wikipedia....h={searchTerms} IE - HKCU\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/...rc=IE-SearchBox IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31 FF - prefs.js..extensions.enabledAddons: [email protected]:7.0.1456 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/09/11 21:12:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_6.0 [2012/02/05 14:31:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/06 20:18:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012/02/05 14:31:28 | 000,000,000 | ---D | M] [2011/04/28 22:54:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anne Grete\AppData\Roaming\mozilla\Extensions [2012/05/03 12:47:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anne Grete\AppData\Roaming\mozilla\Firefox\Profiles\4vl8xzu2.default\extensions [2012/04/12 20:53:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012/04/12 20:53:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012/09/11 21:12:39 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2012/03/06 20:18:05 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/03/06 20:18:02 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml [2012/03/06 20:18:02 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/03/06 20:18:02 | 000,001,218 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bok-NO.xml [2012/03/06 20:18:02 | 000,000,968 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\qxl-NO.xml [2012/03/06 20:18:02 | 000,001,203 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\telefonkatalogen-NO.xml [2012/03/06 20:18:02 | 000,001,176 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-NO.xml [2012/03/06 20:18:02 | 000,001,192 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-NO.xml ========== Chrome ========== CHR - homepage: http://www.google.com CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://www.google.com CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Java™ Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - Extension: avast! WebRep = C:\Users\Anne Grete\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\ O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe () O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [EPSON SX410 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU "C:\Windows\TEMP\E_S4637.tmp" /EF "HKCU" File not found O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Se&nd til OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Se&nd til OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{787284E1-98B0-4DF3-AF31-E335D347BF89}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD4A3CB1-4B41-4D2F-BF69-0A21F51BEE52}: DhcpNameServer = 40.6.1.100 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/09/10 21:20:51 | 000,000,000 | ---D | C] -- C:\Users\Anne Grete\AppData\Roaming\Malwarebytes [2012/09/10 21:20:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/09/10 21:20:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/09/10 21:20:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/09/10 20:56:52 | 000,000,000 | ---D | C] -- C:\Users\Anne Grete\AppData\Roaming\SUPERAntiSpyware.com [2012/09/10 20:56:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2012/09/10 20:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2012/09/10 20:56:46 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2012/09/08 20:33:01 | 000,000,000 | ---D | C] -- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E} [2012/08/23 14:06:12 | 000,000,000 | ---D | C] -- C:\Users\Anne Grete\AppData\Local\Macromedia [2012/08/23 14:03:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2012/08/22 15:11:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012/08/17 08:51:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome ========== Files - Modified Within 30 Days ========== [2012/09/14 21:00:09 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/09/14 21:00:09 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/09/14 20:57:11 | 000,000,996 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/09/14 20:52:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/09/14 20:52:15 | 3112,587,264 | -HS- | M] () -- C:\hiberfil.sys [2012/09/12 20:57:11 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/09/12 20:52:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/09/07 20:11:03 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForAnne Grete.job [2012/09/05 10:58:33 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012/09/04 18:25:12 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForANNEGRETE-HP$.job [2012/08/16 10:09:12 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012/08/16 09:32:21 | 000,426,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2012/08/23 14:03:07 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/08/17 08:51:23 | 000,002,340 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012/08/17 08:47:21 | 000,001,000 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/08/17 08:47:19 | 000,000,996 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/07/01 20:09:30 | 000,001,854 | ---- | C] () -- C:\Users\Anne Grete\AppData\Roaming\GhostObjGAFix.xml [2011/06/07 20:25:28 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat [2011/06/07 20:25:28 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat [2011/06/07 20:25:28 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat [2011/06/07 20:25:28 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat [2011/06/07 20:25:28 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat [2011/06/07 20:25:28 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat [2011/06/07 20:25:28 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat [2011/06/07 20:25:28 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat [2011/06/07 20:25:28 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat [2011/06/07 20:25:28 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat [2011/06/07 20:25:28 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat [2011/06/07 20:25:28 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat [2011/06/07 20:25:28 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat [2011/06/07 20:25:28 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat [2011/06/07 20:25:28 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat [2011/06/07 20:25:28 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat [2011/06/07 20:25:28 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat [2011/06/07 20:25:28 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat [2011/06/07 20:25:28 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2011/04/30 18:32:06 | 003,091,608 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/02/10 10:49:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011/02/10 10:47:46 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat [2011/02/10 10:43:02 | 000,000,268 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini [2011/02/10 10:43:02 | 000,000,209 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini [2011/02/10 10:39:14 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010/10/23 13:26:22 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini [2010/10/23 13:19:17 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat [2010/09/21 20:30:44 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL ========== LOP Check ========== [2012/02/05 14:43:17 | 000,000,000 | ---D | M] -- C:\Users\Anne Grete\AppData\Roaming\Nokia [2012/02/05 14:43:17 | 000,000,000 | ---D | M] -- C:\Users\Anne Grete\AppData\Roaming\Nokia Suite [2012/02/05 14:41:25 | 000,000,000 | ---D | M] -- C:\Users\Anne Grete\AppData\Roaming\PC Suite [2011/04/26 22:27:21 | 000,000,000 | ---D | M] -- C:\Users\Anne Grete\AppData\Roaming\PictureMover [2011/04/30 22:12:06 | 000,000,000 | ---D | M] -- C:\Users\Anne Grete\AppData\Roaming\SoftGrid Client [2011/04/30 21:54:34 | 000,000,000 | ---D | M] -- C:\Users\Anne Grete\AppData\Roaming\TP [2012/09/14 21:36:23 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== Endret 14. september 2012 av paba Lenke til kommentar
paba Skrevet 14. september 2012 Forfatter Rapporter Del Skrevet 14. september 2012 OTL Extras logfile created on: 9/14/2012 10:18:15 PM - Run 1 OTL by OldTimer - Version 3.2.61.4 Folder = F:\Pål 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy 3.87 Gb Total Physical Memory | 2.33 Gb Available Physical Memory | 60.18% Memory free 7.73 Gb Paging File | 6.06 Gb Available in Paging File | 78.38% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 444.62 Gb Total Space | 378.77 Gb Free Space | 85.19% Space Free | Partition Type: NTFS Drive D: | 20.85 Gb Total Space | 3.03 Gb Free Space | 14.55% Space Free | Partition Type: NTFS Drive F: | 931.51 Gb Total Space | 838.51 Gb Free Space | 90.02% Space Free | Partition Type: NTFS Computer Name: ANNEGRETE-HP | User Name: Anne Grete | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{22E4445E-6008-43A8-AAF4-FA7EC3A877D6}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{2C98394F-4DB2-4B9C-B1EB-876A03CD608E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2F26834D-8F1B-41D5-9004-FD646F58C1F9}" = rport=445 | protocol=6 | dir=out | app=system | "{2F5E124B-D497-4223-8A0A-D6AEEFBD71B1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3CBADABF-782C-44D4-815F-D75E2505E9AC}" = rport=138 | protocol=17 | dir=out | app=system | "{3D7FADA1-AAC4-4878-89D0-73BC8BDAE830}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{42B7BB1C-8B60-4609-86DB-CA918F55C6BF}" = rport=10243 | protocol=6 | dir=out | app=system | "{5686D38E-BD9B-4761-A78D-9A60A5666411}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{5EEEF5E7-19D8-43FE-B921-8615A51C60DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{610A3AF9-8D04-4A8E-AC37-C518F01D8566}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{734F9DE2-0864-4818-90CA-9EC3B8A32EB1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{8052E680-0ABA-46AC-80E9-5ACCC4E2A824}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{85F90ED0-727E-47E9-8D5A-ECF18EC12C48}" = rport=139 | protocol=6 | dir=out | app=system | "{93853802-C109-4215-9688-BA68E5DD0A6C}" = lport=138 | protocol=17 | dir=in | app=system | "{955B422D-723B-41F4-9526-E88E54D21AD3}" = lport=2869 | protocol=6 | dir=in | app=system | "{980242C6-94E2-4C70-B9E6-983D89AABBC0}" = lport=137 | protocol=17 | dir=in | app=system | "{A025180F-AFB7-497E-A98A-67312A4C36F6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B1261D2A-0A80-4B0D-94C2-E2DD96FBDB52}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{B3B7D9CA-60FD-446A-A180-8DFD09A0464F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{BEC8E119-5A4C-4071-AF34-19F0374AB5AB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | "{BEE796AD-5CB7-45D7-9C63-526797E8C6AB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C0EAE609-A416-46C8-87DE-038173C2EC6A}" = lport=139 | protocol=6 | dir=in | app=system | "{CA472083-9F64-4F9F-8AD4-AA8E65E0B0C3}" = rport=137 | protocol=17 | dir=out | app=system | "{CB42E684-EF4B-4493-8DD5-6EEAF0DB3181}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{EA914815-0BB0-4D1E-9A97-DCB6B753A016}" = lport=445 | protocol=6 | dir=in | app=system | "{ECD500B2-8F78-4510-845B-D872AD407C55}" = lport=10243 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{032D9930-A7F9-44C2-8E73-DA653CF7E059}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{06EFA5C8-0416-41EE-B7D1-03A34BAE204E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{19CC46E4-651D-4B57-957B-E539BF417FC3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{1F41637A-8C67-4A88-A639-F1CB39CC56FB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2294742B-DD36-4D43-A138-AED3F438BF48}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2891414D-09D4-457C-AAEE-E04D1C611899}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{2E854B73-41D8-4B3A-91AA-9190675AD9BF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{38527B09-4916-4568-9D15-C4D4EF11D61D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{3DBBA599-D595-42B7-8F30-140612208261}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{3F52822C-AA70-45B6-BF8F-0CC80BAAF175}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{4800D933-18F4-4427-B4A8-4229A980CBE2}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe | "{483C8E16-D8C9-48E9-87BC-1AA95A041089}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | "{4EB3DF37-773D-41B4-A509-D9ADC3D646FD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{5063A8E5-F3B3-4CC9-8F70-B62022D32BC4}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | "{653C01E4-D379-48B3-844B-F55A0CC7A9C4}" = protocol=1 | dir=out | [email protected],-28544 | "{68BCF5CB-6019-4662-9BEB-BB1FB18DBCE5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{6ADF5E5D-CDBD-47AA-996E-B36BBDD28DAD}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp clouddrive\zumodrive.exe | "{6CA2FB35-C1A1-4202-9A1C-2C7074179705}" = protocol=58 | dir=out | [email protected],-28546 | "{75ADE02E-5028-4709-BB3C-14DBCF2A9C3E}" = protocol=58 | dir=in | [email protected],-28545 | "{7EC72D95-859D-41BC-BCE2-E4F96266B39F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{80D425B6-A792-4963-9CDE-5F59D38818B8}" = protocol=17 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe | "{82D5A7E8-63AF-4F92-B4E5-B99455B1AE9C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{A22424F4-5EF3-44E1-A4D4-6EE17538068D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{A4FE2D58-FC3C-4E01-AC83-15D8C560C5AB}" = dir=out | app=c:\program files (x86)\hewlett-packard\hp clouddrive\zumodrive.exe | "{B335DFCB-FB87-4117-B5EC-BF09C512E12C}" = protocol=6 | dir=out | app=system | "{D2BDA949-2783-4131-AD78-DBE678FFE9DD}" = protocol=6 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe | "{E0A6C0FE-E339-4D51-B73F-13513BAE64C9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe | "{E7071699-0E67-49CE-96D0-19BEA862DE92}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{EAE92C88-665E-422C-A265-0781F1F74DB1}" = protocol=1 | dir=in | [email protected],-28543 | "{F6AB5A72-076B-4989-A102-AAF205F3E91B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FABC516C-7700-48D8-BB60-A1716F87A49D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{012B2B85-8467-5FD2-3CE4-654E5CAE0465}" = ATI Catalyst Install Manager "{091A0130-A82F-4A6D-9C61-3BBBB3289030}" = RtVOsd "{13DCC2C7-454D-42F0-A892-E0E9A5DE4E67}" = HP Wireless Assistant "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{26A24AE4-039D-4CA4-87B4-2F86416021FF}" = Java 6 Update 21 (64-bit) "{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services "{3B357E6A-6872-55BF-7138-3E3E5B8E8B31}" = ccc-utility64 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2 "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0414-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Norwegian (Bokmål)) 2010 "{90140000-006D-0414-1000-0000000FF1CE}" = Microsoft Office Klikk og bruk 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64 "{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "EPSON SX410 Series" = EPSON SX410 Series Printer Uninstall "FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-driverpakke - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{030830B5-EFFD-259E-976E-3427B7501B1D}" = CCC Help Russian "{043C6EDA-8D23-B061-871E-9CCFD051549A}" = CCC Help Dutch "{0448FD25-955D-8981-CC45-1B77C0D19759}" = Catalyst Control Center Graphics Previews Vista "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{097121BB-8CBF-C51E-012A-D11C14804560}" = CCC Help German "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti "{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail "{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{19C6E405-321A-4907-A0EA-1CAA354155DF}" = HP Software Framework "{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima "{1C71DC57-1388-4C1C-AB2F-2B9C0EF83409}" = Windows Live UX Platform Language Pack "{1E87F5D4-3502-4F8E-86A5-61DE5AAD1060}" = Windows Live UX Platform Language Pack "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2385DA7C-F545-4E66-A968-D464F0519425}" = HP Documentation "{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer "{264FE20A-757B-492a-B0C3-4009E2997D8A}" = PictureMover "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31 "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7 "{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common "{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources "{2E9A465A-5F28-9B29-6300-C6A8CC5D3425}" = CCC Help Japanese "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7 "{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger "{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}" = Adobe Shockwave Player 11.5 "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{3EDBDE63-4B37-39D1-8149-85D4DB36660A}" = CCC Help Norwegian "{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials "{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{52DE3AF0-1C26-4258-9A04-9AEBF3E145F7}" = Catalyst Control Center - Branding "{52E215CA-367C-7E66-251A-1ADBB70818B7}" = CCC Help Chinese Traditional "{53469506-A37E-4314-A9D9-38724EC23A75}" = HP Setup "{58410CF4-C71D-24C4-7877-22ED75979A11}" = CCC Help Turkish "{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri "{5E61D9EE-5833-2FF1-72CC-2AC24154F777}" = CCC Help Italian "{6200E68A-E24F-AABB-C647-7C16024BC68C}" = ccc-core-static "{6383BBD2-0C54-CC45-FF1E-92ACBAE3756E}" = CCC Help Finnish "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker "{70262548-73B2-2F5B-22F9-A4CADDFBE535}" = CCC Help Korean "{705B639E-FAAF-40D7-AD58-C445321C7C3F}" = LightScribe System Software "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources "{738A8CB9-A5D9-8291-47F1-67E0F376EBC5}" = CCC Help Hungarian "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common "{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials "{85895DD3-93E3-068F-E0EF-4BF4C5F58B4B}" = CCC Help English "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{876AAEC7-C8A3-D7B8-FC54-F3A3CE84A38A}" = CCC Help Thai "{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}" = Epson Easy Photo Print 2 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7 "{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery "{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A7547F0-F60F-7509-B72E-144D85E95979}" = CCC Help Swedish "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT5390 802.11b/g/n WiFi Adapter "{90140000-0015-0414-0000-0000000FF1CE}" = Microsoft Office Access MUI (Norwegian (Bokmål)) 2010 "{90140000-0015-0414-0000-0000000FF1CE}_Office14.SingleImage_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0414-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Norwegian (Bokmål)) 2010 "{90140000-0016-0414-0000-0000000FF1CE}_Office14.SingleImage_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0414-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Norwegian (Bokmål)) 2010 "{90140000-0018-0414-0000-0000000FF1CE}_Office14.SingleImage_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0414-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Norwegian (Bokmål)) 2010 "{90140000-0019-0414-0000-0000000FF1CE}_Office14.SingleImage_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0414-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Norwegian (Bokmål)) 2010 "{90140000-001A-0414-0000-0000000FF1CE}_Office14.SingleImage_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0414-0000-0000000FF1CE}" = Microsoft Office Word MUI (Norwegian (Bokmål)) 2010 "{90140000-001B-0414-0000-0000000FF1CE}_Office14.SingleImage_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0414-0000-0000000FF1CE}" = Microsoft Office Proof (Norwegian (Bokmål)) 2010 "{90140000-001F-0414-0000-0000000FF1CE}_Office14.SingleImage_{F3137115-1D72-46BE-9D42-B5DE61971F2A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0814-0000-0000000FF1CE}" = Microsoft Office Proof (Norwegian (Nynorsk)) 2010 "{90140000-001F-0814-0000-0000000FF1CE}_Office14.SingleImage_{751049E8-D99F-4DE1-9FC2-71DE06655678}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0414-1000-0000000FF1CE}_Office14.SingleImage_{BBFE07A3-B32C-4D6E-B5CA-9F420106EC9D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0414-0000-0000000FF1CE}" = Microsoft Office Proofing (Norwegian (Bokmål)) 2010 "{90140000-002C-0414-0000-0000000FF1CE}_Office14.SingleImage_{66FC3637-893A-4837-A32C-0DD98E7F8444}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0414-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Norwegian (Bokmål)) 2010 "{90140000-006E-0414-0000-0000000FF1CE}_Office14.SingleImage_{C166254D-5FB6-4D3F-8509-3575387141B9}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0414-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Norwegian (Bokmål)) 2010 "{90140000-00A1-0414-0000-0000000FF1CE}_Office14.SingleImage_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1) "{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail "{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{938ECF04-8B25-5E9D-F859-2C7DA65E3A61}" = Catalyst Control Center Localization All "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B345F22-06DE-59AD-EDDD-A24B5C2E905D}" = Catalyst Control Center InstallProxy "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A10AB1B4-C48A-7D69-BEB9-AE1C9820A9E2}" = CCC Help Portuguese "{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC364A5F-DE07-099B-32C7-F614BDB2BE9D}" = CCC Help Greek "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.2 MUI "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager "{AE907051-AC9D-CF3D-CA29-B4D288576C34}" = CCC Help Danish "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{AF306BD8-F9D1-4627-89B9-246E59074A05}" = HP Power Manager "{B6DEB30E-67CA-2FE7-237F-256357B4E221}" = CCC Help French "{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo "{C134EDA5-8CDE-0361-43CE-BFA29D5A11B4}" = CCC Help Chinese Standard "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C818CC64-542B-34F9-FD46-829877196610}" = CCC Help Czech "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker "{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail "{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar "{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer "{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker "{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E13A083C-F810-241D-5B7C-46D9DD9D61B8}" = CCC Help Spanish "{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86 "{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer "{E9618EB0-D09E-496B-A425-689271F5571B}" = Windows Live UX Platform Language Pack "{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EF682D1C-591D-48B5-9803-628DA622C281}" = HP Quick Launch "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F4EE283A-4851-43D4-887C-1932D55DE740}" = Windows Live UX Platform Language Pack "{F5968D0E-8DEC-E16F-A9AB-61301E375302}" = CCC Help Polish "{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger "{FDBF8F00-C9EF-9CEF-E1BF-6CDAD1E32E3E}" = Catalyst Control Center Graphics Previews Common "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "avast" = avast! Free Antivirus "EasyBits Magic Desktop" = Magic Desktop "EPSON Scanner" = EPSON Scan "Epson Stylus SX210_SX410_TX210_TX410 Brukerhåndbok" = Epson Stylus SX210_SX410_TX210_TX410 Håndbok "Google Chrome" = Google Chrome "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9 "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! "Mozilla Firefox 10.0.2 (x86 nb-NO)" = Mozilla Firefox 10.0.2 (x86 nb-NO) "My HP Game Console" = HP Game Console "Nokia Suite" = Nokia Suite "Office14.Click2Run" = Microsoft Office Klikk og bruk 2010 "Office14.SingleImage" = Microsoft Office Home and Student 2010 "WildTangent hp Master Uninstall" = HP Games "WinLiveSuite" = Windows Live Essentials "WT087328" = Blackhawk Striker 2 "WT087330" = Bounce Symphony "WT087343" = Dora's World Adventure "WT087361" = FATE "WT087362" = Final Drive Nitro "WT087394" = Penguins! "WT087395" = Poker Superstars III "WT087396" = Polar Bowler "WT087397" = Polar Golfer "WT087428" = Bejeweled 2 Deluxe "WT087453" = Chuzzle Deluxe "WT087501" = Plants vs. Zombies "WT087533" = Zuma Deluxe "WT089299" = Mystery P.I. - The London Caper "WT089300" = World Cup Cricket 20-20 "WT089307" = Virtual Villagers 4 - The Tree of Life "WT089308" = Blasterball 3 "WT089328" = Farm Frenzy "WT089359" = Cake Mania "WT089362" = Agatha Christie - Peril at End House "ZumoDrive" = HP CloudDrive ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 4/26/2012 10:26:47 AM | Computer Name = AnneGrete-HP | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Kan ikke trekke ut tredjeparts rotliste fra automatisk oppdatert cab-fil på <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> med feil Et nødvendig sertifikat er ikke i gyldighetsperioden ved godkjenning mot gjeldende systemklokke eller tidsstempelet i den signerte filen. . Error - 4/26/2012 10:26:48 AM | Computer Name = AnneGrete-HP | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Kan ikke trekke ut tredjeparts rotliste fra automatisk oppdatert cab-fil på <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> med feil Et nødvendig sertifikat er ikke i gyldighetsperioden ved godkjenning mot gjeldende systemklokke eller tidsstempelet i den signerte filen. . Error - 4/26/2012 10:26:48 AM | Computer Name = AnneGrete-HP | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Kan ikke trekke ut tredjeparts rotliste fra automatisk oppdatert cab-fil på <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> med feil Et nødvendig sertifikat er ikke i gyldighetsperioden ved godkjenning mot gjeldende systemklokke eller tidsstempelet i den signerte filen. . Error - 4/26/2012 10:26:49 AM | Computer Name = AnneGrete-HP | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Kan ikke trekke ut tredjeparts rotliste fra automatisk oppdatert cab-fil på <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> med feil Et nødvendig sertifikat er ikke i gyldighetsperioden ved godkjenning mot gjeldende systemklokke eller tidsstempelet i den signerte filen. . Error - 4/26/2012 10:26:50 AM | Computer Name = AnneGrete-HP | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Kan ikke trekke ut tredjeparts rotliste fra automatisk oppdatert cab-fil på <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> med feil Et nødvendig sertifikat er ikke i gyldighetsperioden ved godkjenning mot gjeldende systemklokke eller tidsstempelet i den signerte filen. . Error - 4/26/2012 1:16:58 PM | Computer Name = AnneGrete-HP | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 4/26/2012 3:19:33 PM | Computer Name = AnneGrete-HP | Source = Application Virtualization Client | ID = 3134 Description = {tid=79C} Kan ikke initialisere PerfMon-tjenesten for Application Virtualization Client (feil 0x80070002). Error - 4/26/2012 3:19:45 PM | Computer Name = AnneGrete-HP | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Kan ikke trekke ut tredjeparts rotliste fra automatisk oppdatert cab-fil på <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> med feil Et nødvendig sertifikat er ikke i gyldighetsperioden ved godkjenning mot gjeldende systemklokke eller tidsstempelet i den signerte filen. . Error - 4/27/2012 7:24:58 AM | Computer Name = AnneGrete-HP | Source = Application Virtualization Client | ID = 3134 Description = {tid=8CC} Kan ikke initialisere PerfMon-tjenesten for Application Virtualization Client (feil 0x80070002). Error - 4/27/2012 7:25:11 AM | Computer Name = AnneGrete-HP | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Kan ikke trekke ut tredjeparts rotliste fra automatisk oppdatert cab-fil på <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> med feil Et nødvendig sertifikat er ikke i gyldighetsperioden ved godkjenning mot gjeldende systemklokke eller tidsstempelet i den signerte filen. . [ Hewlett-Packard Events ] Error - 9/10/2012 7:35:22 AM | Computer Name = AnneGrete-HP | Source = HPSFMsgr.exe | ID = 2000 Description = Error - 9/10/2012 10:32:01 AM | Computer Name = AnneGrete-HP | Source = HPSFMsgr.exe | ID = 2000 Description = Error - 9/10/2012 10:33:02 AM | Computer Name = AnneGrete-HP | Source = HPSFMsgr.exe | ID = 2000 Description = Error - 9/10/2012 12:05:37 PM | Computer Name = AnneGrete-HP | Source = HPSFMsgr.exe | ID = 2000 Description = Error - 9/10/2012 12:06:38 PM | Computer Name = AnneGrete-HP | Source = HPSFMsgr.exe | ID = 2000 Description = Error - 9/10/2012 12:58:15 PM | Computer Name = AnneGrete-HP | Source = HPSFMsgr.exe | ID = 2000 Description = Error - 9/10/2012 12:59:15 PM | Computer Name = AnneGrete-HP | Source = HPSFMsgr.exe | ID = 2000 Description = Error - 9/10/2012 1:53:01 PM | Computer Name = AnneGrete-HP | Source = HPSFMsgr.exe | ID = 2000 Description = Error - 9/10/2012 1:54:01 PM | Computer Name = AnneGrete-HP | Source = HPSFMsgr.exe | ID = 2000 Description = Error - 9/10/2012 3:43:16 PM | Computer Name = AnneGrete-HP | Source = HPSFMsgr.exe | ID = 2000 Description = [ HP Wireless Assistant Events ] Error - 9/11/2012 1:54:53 PM | Computer Name = AnneGrete-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException Kallet ble avbrutt av meldingsfilteret. (Unntak fra HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) ved System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) ved System.Management.ManagementScope.InitializeGuts(Object o) ved System.Management.ManagementScope.Initialize() ved System.Management.ManagementObject.Initialize(Boolean getObject) ved System.Management.ManagementBaseObject.get_Properties() ved System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) ved HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 9/11/2012 1:56:53 PM | Computer Name = AnneGrete-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException Kallet ble avbrutt av meldingsfilteret. (Unntak fra HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) ved System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) ved System.Management.ManagementScope.InitializeGuts(Object o) ved System.Management.ManagementScope.Initialize() ved System.Management.ManagementObject.Initialize(Boolean getObject) ved System.Management.ManagementBaseObject.get_Properties() ved System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) ved HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 9/11/2012 2:09:27 PM | Computer Name = AnneGrete-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException Det eksterne prosedyrekallet (RPC) mislyktes og ble ikke utført. (Unntak fra HRESULT: 0x800706BF) ved System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) ved System.Management.ManagementScope.InitializeGuts(Object o) ved System.Management.ManagementScope.Initialize() ved System.Management.ManagementObject.Initialize(Boolean getObject) ved System.Management.ManagementBaseObject.get_Properties() ved System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) ved HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 9/11/2012 2:09:55 PM | Computer Name = AnneGrete-HP | Source = HP WA Service | ID = 0 Description = System.Exception GetDeviceInfo() failed : 597 ved HP_Common.CaslWrapper.GetDeviceInfo(List`1& radioList) ved HPPA_Service.CurrentConfiguration.ReloadRadioList() Error - 9/11/2012 3:09:18 PM | Computer Name = AnneGrete-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException (0x800706BA): RPC-serveren er ikke tilgjengelig. (Unntak fra HRESULT: 0x800706BA) ved System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) ved System.Management.SinkForEventQuery.Cancel() ved System.Management.ManagementEventWatcher.Stop() ved System.Management.ManagementEventWatcher.Finalize() Error - 9/11/2012 3:17:46 PM | Computer Name = AnneGrete-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException Det eksterne prosedyrekallet (RPC) mislyktes og ble ikke utført. (Unntak fra HRESULT: 0x800706BF) ved System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) ved System.Management.ManagementScope.InitializeGuts(Object o) ved System.Management.ManagementScope.Initialize() ved System.Management.ManagementObject.Initialize(Boolean getObject) ved System.Management.ManagementBaseObject.get_Properties() ved System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) ved HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 9/12/2012 11:13:52 AM | Computer Name = AnneGrete-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException Det eksterne prosedyrekallet (RPC) mislyktes og ble ikke utført. (Unntak fra HRESULT: 0x800706BF) ved System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) ved System.Management.ManagementScope.InitializeGuts(Object o) ved System.Management.ManagementScope.Initialize() ved System.Management.ManagementObject.Initialize(Boolean getObject) ved System.Management.ManagementBaseObject.get_Properties() ved System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) ved HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 9/12/2012 11:14:07 AM | Computer Name = AnneGrete-HP | Source = HP WA Service | ID = 0 Description = System.Exception GetDeviceInfo() failed : 597 ved HP_Common.CaslWrapper.GetDeviceInfo(List`1& radioList) ved HPPA_Service.CurrentConfiguration.ReloadRadioList() Error - 9/12/2012 3:05:06 PM | Computer Name = AnneGrete-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException ved System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) ved System.Management.ManagementObject.Initialize(Boolean getObject) ved System.Management.ManagementBaseObject.get_Properties() ved System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) ved HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() Error - 9/14/2012 2:55:09 PM | Computer Name = AnneGrete-HP | Source = HP WA Service | ID = 0 Description = System.Runtime.InteropServices.COMException Det eksterne prosedyrekallet (RPC) mislyktes og ble ikke utført. (Unntak fra HRESULT: 0x800706BF) ved System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) ved System.Management.ManagementScope.InitializeGuts(Object o) ved System.Management.ManagementScope.Initialize() ved System.Management.ManagementObject.Initialize(Boolean getObject) ved System.Management.ManagementBaseObject.get_Properties() ved System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) ved HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c() [ System Events ] Error - 9/14/2012 3:59:01 PM | Computer Name = AnneGrete-HP | Source = Service Control Manager | ID = 7009 Description = Det oppstod et tidsavbrudd (30000 millisekunder) under venting på at tjenesten Windows Search skal koble til. Error - 9/14/2012 3:59:01 PM | Computer Name = AnneGrete-HP | Source = Service Control Manager | ID = 7000 Description = Tjenesten Windows Search kan ikke starte på grunn av følgende feil: %%1053 Error - 9/14/2012 3:59:03 PM | Computer Name = AnneGrete-HP | Source = Service Control Manager | ID = 7009 Description = Det oppstod et tidsavbrudd (30000 millisekunder) under venting på at tjenesten Windows Search skal koble til. Error - 9/14/2012 3:59:03 PM | Computer Name = AnneGrete-HP | Source = Service Control Manager | ID = 7000 Description = Tjenesten Windows Search kan ikke starte på grunn av følgende feil: %%1053 Error - 9/14/2012 3:59:03 PM | Computer Name = AnneGrete-HP | Source = Service Control Manager | ID = 7009 Description = Det oppstod et tidsavbrudd (30000 millisekunder) under venting på at tjenesten Windows Search skal koble til. Error - 9/14/2012 3:59:03 PM | Computer Name = AnneGrete-HP | Source = Service Control Manager | ID = 7000 Description = Tjenesten Windows Search kan ikke starte på grunn av følgende feil: %%1053 Error - 9/14/2012 3:59:05 PM | Computer Name = AnneGrete-HP | Source = Service Control Manager | ID = 7009 Description = Det oppstod et tidsavbrudd (30000 millisekunder) under venting på at tjenesten Windows Search skal koble til. Error - 9/14/2012 3:59:05 PM | Computer Name = AnneGrete-HP | Source = Service Control Manager | ID = 7000 Description = Tjenesten Windows Search kan ikke starte på grunn av følgende feil: %%1053 Error - 9/14/2012 3:59:06 PM | Computer Name = AnneGrete-HP | Source = Service Control Manager | ID = 7009 Description = Det oppstod et tidsavbrudd (30000 millisekunder) under venting på at tjenesten Windows Search skal koble til. Error - 9/14/2012 3:59:06 PM | Computer Name = AnneGrete-HP | Source = Service Control Manager | ID = 7000 Description = Tjenesten Windows Search kan ikke starte på grunn av følgende feil: %%1053 < End of report > Lenke til kommentar
mobile999 Skrevet 14. september 2012 Rapporter Del Skrevet 14. september 2012 (endret) Avinstaller følgende programmer via kontrollpanel: Java™ 6 Update 21 (64-bit) Java™ 6 Update 31 Jeg ser du har Malwarebytes Anti Malware installert. Får du feilmelding når du åpner dette programmet? Hvis ikke oppdaterer du databasen og kjører quick scan. Post loggen (i spoiler). Hvis du ikke får kjørt Mawarebytes, så gjør du følgende: Last ned Combofix og lagre programmet direkte på skrivebordet. Dvs. høyreklikk linken og velg Lagre (link) som... Dette programmet er designet for å kjøres direkte fra skrivebordet å skal lagres der. Deaktiver Avast som beskrevet her: Link Start Combofix ved å dobbelklikke Combofix ikonet på skrivebordet. Klikk deg gjennom veiviseren for å kjøre skanningen. Tillat installering av gjenopprettingskonsollen hvis du blir spurt om det. Post loggfilen når Combofix er ferdig. Den finnes også her: C:\Combofix.txt Endret 14. september 2012 av mobile999 Lenke til kommentar
paba Skrevet 15. september 2012 Forfatter Rapporter Del Skrevet 15. september 2012 Har avinstallert java programmene. Når jeg forsøker å starte MBAM fra start-meny finnes ikke noen måte å åpne programmet på, heller ikke for SuperAntiSpyware. Er det en innstilling som er endret? Lastet derfor ned MBAM på en annen maskin og innstallerte det igjen. Får da startet programmet og kjørt hurtigscan. Her er loggen: Malwarebytes Anti-Malware (Prøveversjon) 1.65.0.1400 www.malwarebytes.org Databaseversjon: v2012.09.07.13 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 Anne Grete :: ANNEGRETE-HP [administrator] Beskyttelse: Deaktivert 15.09.2012 08:30:03 mbam-log-2012-09-15 (08-30-03).txt Skanntype: Hurtigsøk Aktiverte skanningsinnstillinger: Minne | Oppstart | Register | Filsystem | Heuristikk/Ekstra | Heuristikk/Shuriken | PUP | PUM Deaktiverte skanninnstillinger: P2P Objekter skannet: 195363 Tid tilbakelagt: 4 minutt(er), 14 sekund(er) Minneprosesser oppdaget: 0 (Ingen skadelige objekter funnet) Minnemoduler oppdaget: 0 (Ingen skadelige objekter funnet) Registernøkler oppdaget: 0 (Ingen skadelige objekter funnet) Registerverdier oppdaget: 0 (Ingen skadelige objekter funnet) Registerfiler oppdaget: 0 (Ingen skadelige objekter funnet) Mapper oppdaget: 0 (Ingen skadelige objekter funnet) Filer oppdaget 1 C:\Users\Anne Grete\Downloads\installer_ccleaner.exe (PUP.BundleInstaller.BT) -> Satt i karantene og slettet vellykket. (klar) Lenke til kommentar
mobile999 Skrevet 15. september 2012 Rapporter Del Skrevet 15. september 2012 Hvis du går in i mappen c:\Program Files\Superantispyware\ og dobbelklikker SAS der, får du samme feilen? Jeg er forøvrig nå tilbake først til kvelden igjen. Lenke til kommentar
paba Skrevet 15. september 2012 Forfatter Rapporter Del Skrevet 15. september 2012 Får også samme feil der ja. Skal jeg avinsallere avast før jeg kjører combofix? Blir borte på dagen jeg og, men poster så raskt jeg kan. Takk for hjelpen så lenge. Lenke til kommentar
paba Skrevet 15. september 2012 Forfatter Rapporter Del Skrevet 15. september 2012 Når jeg kjører Combofix så kommer det til Fullført Niva_50. Da står det: System file is infected!! Attempting to restore "C:Windows\system32\Services.exe" Så har Combofix stått i en halv time uten at noe mer skjer. Lenke til kommentar
mobile999 Skrevet 15. september 2012 Rapporter Del Skrevet 15. september 2012 Det ble tidlig kveld i dag. Hvis du ikke allerede har gjort det så skrur du av pc'en, evt. bruker reset knappen. Fikk combofix installert gjenopprettingskonsollen? Lenke til kommentar
mobile999 Skrevet 15. september 2012 Rapporter Del Skrevet 15. september 2012 (endret) Last ned Systemlook (til skrivebordet): http://jpshortstuff....temLook_x64.exe Høyreklikk Systemlook.exe og velg kjør som administrator. Kopier innholdet i boksen under (2 linjer) og lim det inn i tekstfeltet i Systemlook. :filefind services.exe Klikk Look-knappen for å start scanningen. Når den er ferdig åpnes loggfilen automatisk i notepad.Post denne. Den lagres også automatisk som SystemLook.txt på skrivebordet. Endret 15. september 2012 av mobile999 Lenke til kommentar
paba Skrevet 15. september 2012 Forfatter Rapporter Del Skrevet 15. september 2012 Skrudde av pc da combofix ikke kom videre. Får samme melding som over: System file is infected Når jeg starter combofix så kommer det opp en advarsel som tyder på at ikke alle filer av Avast er fjernet. Jeg avinstallerte Avast før jeg kjørte combofix. Lenke til kommentar
paba Skrevet 15. september 2012 Forfatter Rapporter Del Skrevet 15. september 2012 (endret) Feilmeldingen fra combofix er at følgende kjøretidsscannere er aktive: antivirus: avast! Antivirus antispyware: avast! Anitivirus Endret 15. september 2012 av paba Lenke til kommentar
paba Skrevet 15. september 2012 Forfatter Rapporter Del Skrevet 15. september 2012 Her er loggfilen fra Systemlook SystemLook 30.07.11 by jpshortstuff Log created at 19:35 on 15/09/2012 by AG Administrator - Elevation successful ========== filefind ========== Searching for "services.exe" C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB -= EOF =- Lenke til kommentar
paba Skrevet 15. september 2012 Forfatter Rapporter Del Skrevet 15. september 2012 Nå virker det som det meste har låst seg, får heller ikke åpnet combofix... Lenke til kommentar
mobile999 Skrevet 15. september 2012 Rapporter Del Skrevet 15. september 2012 (endret) Last ned Avast Uninstall Utility fra følgende nettside (ikke kjør den ennå): http://www.avast.com/uninstall-utility Last ned cfscript.txt til skrivebordet (vedlagt fil). Start pc'en i safe mode ved å bruke "F8-metoden"ved oppstart og kjør Avast Uninstall Utility. Når den er ferdig starter du pc'en på nytt i safe mode. Deretter drar du cfscript.txt filen over på combofix ikonet. La combofix kjøre minimum 1 time og 15 minutter (kan gå mye fortere). Post combofix loggen. Hvis den ikke dukker opp på skjermen etter at combofix har restartet pc'en, så finner du den her: c:\combofix.txt cfscript.txt Endret 15. september 2012 av mobile999 Lenke til kommentar
paba Skrevet 15. september 2012 Forfatter Rapporter Del Skrevet 15. september 2012 Samme feilmeldingen om avast antivirus kommer opp når jeg har kjørt uninstal programmet. Det var vel versjon 7 av avast som var på maskinen? Lenke til kommentar
mobile999 Skrevet 15. september 2012 Rapporter Del Skrevet 15. september 2012 Du kan bare ignorere advarselen og la combofix kjøre i safe mode. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå