WaterMarked Skrevet 22. april 2008 Del Skrevet 22. april 2008 Lagte en tråd tidligere pga harddisken min loader hele veien. Tidligere i dag så skulle jeg bruke explorer pga da hang firefox seg,da det plutselig dukket opp 5-7 linker. Alt ifra orgasme\porno til poker. Jeg har søkt etter spyware osv med defender, den fant en ting som jeg har fjernet. Men som sagt, pcen er helt på tryne enda. Henger seg faktisk opp når jeg skriver her... Avast fant og 2 filer som nå ligger i kista, men jeg har enda ikke greid å fullføre et søk pga pcen klikker!!! Så er temmelig sikker på at jeg enda har virus.. Finnes det noen gode spyware\virus programmer der ute som er bedre enn defender og avast? Eller må jeg ta skrittet og formatere pcen igjen?.. I need HELP! Tnx for svar. Lenke til kommentar
snippsat Skrevet 22. april 2008 Del Skrevet 22. april 2008 Hei! Last ned HijackThis legg i egen mappe på skrivebordet. Start programmet og velg "Trykk scan og save log" . Loggfilen kopierer du og limer inn i posten din. Helst med skjult tekst [1skjul] logg her [1/skjul] fjern 1 for skjult tekst. Last Combofix ned ,legg på skrivebordet. Ikke klikk på vindu mens programet kjører. post logg C:\combofix.txt Lenke til kommentar
murdoc Skrevet 22. april 2008 Del Skrevet 22. april 2008 (endret) anbefaler deg og ta en titt her: Veiledning: Når du trenger hjelp til å få fjernet spyware Endret 22. april 2008 av murdoc Lenke til kommentar
WaterMarked Skrevet 22. april 2008 Forfatter Del Skrevet 22. april 2008 Tror jeg har fått vekk virus\spyware greiene. Men den loader enda. :S Her er loggen. Det andre programmet funket ikke på vista. Klikk for å se/fjerne innholdet nedenfor Logfile of Trend Micro HijackThis v2.0.2Scan saved at 01:12:16, on 23.04.2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe C:\Windows\SysWOW64\CTHELPER.EXE C:\Windows\SysWOW64\CTXFIHLP.EXE C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\SysWOW64\CTXFISPI.EXE C:\Windows\SysWOW64\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files\Alwil Software\Avast4\ashSimpl.exe C:\Program Files\Alwil Software\Avast4\ashSimpl.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\SysWOW64\conime.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [sony Ericsson PC Suite] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon O4 - HKCU\..\Run: [Nero MediaHome] "C:\Program Files (x86)\Nero\Nero8\Nero MediaHome\NeroMediaHome.exe" O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\SuSpEcT\AppData\Local\Temp\qoMfcywX.dll,c O4 - HKCU\..\Run: [c2bbc19a] rundll32.exe "C:\Users\SuSpEcT\AppData\Local\Temp\rfqaibbs.dll",b O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\SuSpEcT\AppData\Local\Temp\wvUmMecD.dll,#1 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user') O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Creative ALchemy AL1 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL1Licensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8733 bytes Ser du noe? Gjentar meg selv, men... Tnx for hjelp. =) Lenke til kommentar
snippsat Skrevet 23. april 2008 Del Skrevet 23. april 2008 Ja jeg ser noe som ikke bør være der. Du har 64bit så da fungerer ikke combofix. Kjøre en som lager en tilsvarende logg Decard Lenke til kommentar
WaterMarked Skrevet 23. april 2008 Forfatter Del Skrevet 23. april 2008 (endret) Hva er det du ser som er feil da? Endret 23. april 2008 av The_Free_Man Lenke til kommentar
WaterMarked Skrevet 23. april 2008 Forfatter Del Skrevet 23. april 2008 (endret) Klikk for å se/fjerne innholdet nedenfor Deckard's System Scanner v20071014.68Run by SuSpEcT on 2008-04-23 04:42:50 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- Last 5 Restore Point(s) -- 7: 2008-04-22 23:57:53 UTC - RP138 - Windows Update 6: 2008-04-22 22:52:43 UTC - RP137 - Removed GameSpy Comrade. 5: 2008-04-22 22:49:34 UTC - RP136 - Removed Diskeeper 2008 Pro Premier. 4: 2008-04-22 19:30:13 UTC - RP135 - Windows Defender Checkpoint 3: 2008-04-21 21:00:24 UTC - RP133 - Device Driver Package Install: NVIDIA Display adapters -- First Restore Point -- 1: 2008-04-21 06:26:54 UTC - RP131 - Scheduled Checkpoint Backed up registry hives. Performed disk cleanup. -- HijackThis (run as SuSpEcT.exe) --------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 04:59:02, on 23.04.2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe C:\Windows\SysWOW64\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe C:\Windows\SysWOW64\CTHELPER.EXE C:\Windows\SysWOW64\CTXFIHLP.EXE C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\SysWOW64\CTXFISPI.EXE C:\Windows\SysWOW64\rundll32.exe C:\Users\SuSpEcT\Desktop\dss.exe C:\Windows\SysWOW64\conime.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\PROGRA~2\TRENDM~1\HIJACK~1\SuSpEcT.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = <a href="http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank">http://go.microsoft.com/fwlink/?LinkId=54896</a> R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank">http://go.microsoft.com/fwlink/?LinkId=69157</a> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = <a href="http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank">http://go.microsoft.com/fwlink/?LinkId=69157</a> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = <a href="http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank">http://go.microsoft.com/fwlink/?LinkId=54896</a> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = <a href="http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank">http://go.microsoft.com/fwlink/?LinkId=54896</a> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank">http://go.microsoft.com/fwlink/?LinkId=69157</a> R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [sony Ericsson PC Suite] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon O4 - HKCU\..\Run: [Nero MediaHome] "C:\Program Files (x86)\Nero\Nero8\Nero MediaHome\NeroMediaHome.exe" O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\SuSpEcT\AppData\Local\Temp\qoMfcywX.dll,c O4 - HKCU\..\Run: [c2bbc19a] rundll32.exe "C:\Users\SuSpEcT\AppData\Local\Temp\rfqaibbs.dll",b O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\SuSpEcT\AppData\Local\Temp\vtUlLBTm.dll,#1 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user') O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - <a href="http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab" target="_blank">http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab</a> O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Creative ALchemy AL1 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL1Licensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8700 bytes -- File Associations ----------------------------------------------------------- .reg - regfile - shell\open\command - "regedit.exe" "%1" -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 ACPI (Microsoft ACPI Driver) - c:\windows\system32\drivers\acpi.sys (file missing) R0 atapi (IDE Channel) - c:\windows\system32\drivers\atapi.sys (file missing) R0 CLFS (Common Log (CLFS)) - c:\windows\system32\clfs.sys (file missing) R0 crcdisk (Crcdisk Filter Driver) - c:\windows\system32\drivers\crcdisk.sys (file missing) R0 disk (Disk Driver) - c:\windows\system32\drivers\disk.sys (file missing) R0 Ecache (ReadyBoost Caching Driver) - c:\windows\system32\drivers\ecache.sys (file missing) R0 FileInfo (File Information FS MiniFilter) - c:\windows\system32\drivers\fileinfo.sys (file missing) R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys (file missing) R0 fvevol (BitLocker Drive Encryption Filter Driver) - c:\windows\system32\drivers\fvevol.sys (file missing) R0 intelide - c:\windows\system32\drivers\intelide.sys (file missing) R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys (file missing) R0 MountMgr (Mount Point Manager) - c:\windows\system32\drivers\mountmgr.sys (file missing) R0 msisadrv (ISA/EISA Class Driver) - c:\windows\system32\drivers\msisadrv.sys (file missing) R0 Mup - c:\windows\system32\drivers\mup.sys (file missing) R0 NDIS (NDIS System Driver) - c:\windows\system32\drivers\ndis.sys (file missing) R0 partmgr (Partition Manager) - c:\windows\system32\drivers\partmgr.sys (file missing) R0 pci (PCI Bus Driver) - c:\windows\system32\drivers\pci.sys (file missing) R0 pciide - c:\windows\system32\drivers\pciide.sys (file missing) R0 spldr (Security Processor Loader Driver) - c:\windows\system32\drivers\spldr.sys (file missing) R0 Tcpip (TCP/IP Protocol Driver) - c:\windows\system32\drivers\tcpip.sys (file missing) R0 volmgr (Volume Manager Driver) - c:\windows\system32\drivers\volmgr.sys (file missing) R0 volmgrx (Dynamic Volume Manager) - c:\windows\system32\drivers\volmgrx.sys (file missing) R0 volsnap (Storage volumes) - c:\windows\system32\drivers\volsnap.sys (file missing) R0 Wdf01000 (Kernel Mode Driver Frameworks service) - c:\windows\system32\drivers\wdf01000.sys (file missing) R1 AFD (Ancilliary Function Driver for Winsock) - c:\windows\system32\drivers\afd.sys (file missing) R1 aswRdr - c:\windows\system32\drivers\aswrdr.sys (file missing) R1 aswSP (avast! Self Protection) - c:\windows\system32\drivers\aswsp.sys (file missing) R1 aswTdi (avast! Network Shield Support) - c:\windows\system32\drivers\aswtdi.sys (file missing) R1 cdrom (CD-ROM Driver) - c:\windows\system32\drivers\cdrom.sys (file missing) R1 CSC (Offline Files Driver) - c:\windows\system32\drivers\csc.sys (file missing) R1 DfsC (DFS Namespace Client Driver) - c:\windows\system32\drivers\dfsc.sys (file missing) R1 kbdclass (Keyboard Class Driver) - c:\windows\system32\drivers\kbdclass.sys (file missing) R1 kbdhid (Keyboard HID Driver) - c:\windows\system32\drivers\kbdhid.sys (file missing) R1 mouclass (Mouse Class Driver) - c:\windows\system32\drivers\mouclass.sys (file missing) R1 Msfs - c:\windows\system32\drivers\msfs.sys (file missing) R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys (file missing) R1 netbt - c:\windows\system32\drivers\netbt.sys (file missing) R1 Npfs - c:\windows\system32\drivers\npfs.sys (file missing) R1 nsiproxy (NSI proxy service) - c:\windows\system32\drivers\nsiproxy.sys (file missing) R1 Null - c:\windows\system32\drivers\null.sys (file missing) R1 PSched (QoS Packet Scheduler) - c:\windows\system32\drivers\pacer.sys (file missing) R1 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys (file missing) R1 rdbss (Redirected Buffering Sub Sysytem) - c:\windows\system32\drivers\rdbss.sys (file missing) R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys (file missing) R1 RDPENCDD (RDP Encoder Mirror Driver) - c:\windows\system32\drivers\rdpencdd.sys (file missing) R1 Serial (Serial port driver) - c:\windows\system32\drivers\serial.sys (file missing) R1 Smb (Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)) - c:\windows\system32\drivers\smb.sys (file missing) R1 tdx (NetIO Legacy TDI Support Driver) - c:\windows\system32\drivers\tdx.sys (file missing) R1 TermDD (Terminal Device Driver) - c:\windows\system32\drivers\termdd.sys (file missing) R1 VgaSave - c:\windows\system32\drivers\vga.sys (file missing) R1 Wanarpv6 (Remote Access IPv6 ARP Driver) - c:\windows\system32\drivers\wanarp.sys (file missing) R2 aswFsBlk - c:\windows\system32\drivers\aswfsblk.sys (file missing) R2 lltdio (Link-Layer Topology Discovery Mapper I/O Driver) - c:\windows\system32\drivers\lltdio.sys (file missing) R2 luafv (UAC File Virtualization) - c:\windows\system32\drivers\luafv.sys (file missing) R2 PEAUTH - c:\windows\system32\drivers\peauth.sys (file missing) R2 rspndr (Link-Layer Topology Discovery Responder) - c:\windows\system32\drivers\rspndr.sys (file missing) R2 secdrv (Security Driver) - c:\windows\system32\drivers\secdrv.sys (file missing) R2 tcpipreg (TCP/IP Registry Compatibility) - c:\windows\system32\drivers\tcpipreg.sys (file missing) R3 bowser - c:\windows\system32\drivers\bowser.sys (file missing) R3 CT20XUT.DLL - c:\windows\system32\ct20xut.dll (file missing) R3 ctaud2k (Creative Audio Driver (WDM)) - c:\windows\system32\drivers\ctaud2k.sys (file missing) R3 CTEXFIFX.DLL - c:\windows\system32\ctexfifx.dll (file missing) R3 ctprxy2k (Creative Proxy Driver) - c:\windows\system32\drivers\ctprxy2k.sys (file missing) R3 ctsfm2k (Creative SoundFont Management Device Driver) - c:\windows\system32\drivers\ctsfm2k.sys (file missing) R3 DXGKrnl (LDDM Graphics Subsystem) - c:\windows\system32\drivers\dxgkrnl.sys (file missing) R3 emupia (E-mu Plug-in Architecture Driver) - c:\windows\system32\drivers\emupia2k.sys (file missing) R3 fdc (Floppy Disk Controller Driver) - c:\windows\system32\drivers\fdc.sys (file missing) R3 flpydisk (Floppy Disk Driver) - c:\windows\system32\drivers\flpydisk.sys (file missing) R3 ha20x2k (Creative 20X HAL Driver) - c:\windows\system32\drivers\ha20x2k.sys (file missing) R3 HidUsb (Microsoft HID Class Driver) - c:\windows\system32\drivers\hidusb.sys (file missing) R3 HTTP - c:\windows\system32\drivers\http.sys (file missing) R3 intelppm (Intel Processor Driver) - c:\windows\system32\drivers\intelppm.sys (file missing) R3 iScsiPrt (iScsiPort Driver) - c:\windows\system32\drivers\msiscsi.sys (file missing) R3 ksthunk (Kernel Streaming Thunks) - c:\windows\system32\drivers\ksthunk.sys (file missing) R3 monitor (Microsoft Monitor Class Function Driver Service) - c:\windows\system32\drivers\monitor.sys (file missing) R3 mouhid (Mouse HID Driver) - c:\windows\system32\drivers\mouhid.sys (file missing) R3 mpsdrv (Windows Firewall Authorization Driver) - c:\windows\system32\drivers\mpsdrv.sys (file missing) R3 MRxDAV (WebDav Client Redirector Driver) - c:\windows\system32\drivers\mrxdav.sys (file missing) R3 mrxsmb (SMB MiniRedirector Wrapper and Engine) - c:\windows\system32\drivers\mrxsmb.sys (file missing) R3 mrxsmb10 (SMB 1.x MiniRedirector) - c:\windows\system32\drivers\mrxsmb10.sys (file missing) R3 mrxsmb20 (SMB 2.0 MiniRedirector) - c:\windows\system32\drivers\mrxsmb20.sys (file missing) R3 mssmbios (Microsoft System Management BIOS Driver) - c:\windows\system32\drivers\mssmbios.sys (file missing) R3 MTsensor (ATK0110 ACPI UTILITY) - c:\windows\system32\drivers\asacpi.sys (file missing) R3 NdisTapi (Remote Access NDIS TAPI Driver) - c:\windows\system32\drivers\ndistapi.sys (file missing) R3 NdisWan (Remote Access NDIS WAN Driver) - c:\windows\system32\drivers\ndiswan.sys (file missing) R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys (file missing) R3 Ntfs - c:\windows\system32\drivers\ntfs.sys (file missing) R3 nvlddmkm - c:\windows\system32\drivers\nvlddmkm.sys (file missing) R3 ossrv (Creative OS Services Driver) - c:\windows\system32\drivers\ctoss2k.sys (file missing) R3 Parport (Parallel port driver) - c:\windows\system32\drivers\parport.sys (file missing) R3 PptpMiniport (WAN Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys (file missing) R3 Rasl2tp (WAN Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys (file missing) R3 RasPppoe (Remote Access PPPOE Driver) - c:\windows\system32\drivers\raspppoe.sys (file missing) R3 RasSstp (WAN Miniport (SSTP)) - c:\windows\system32\drivers\rassstp.sys (file missing) R3 rdpdr (Terminal Server Device Redirector Driver) - c:\windows\system32\drivers\rdpdr.sys (file missing) R3 RTL8169 (Realtek 8169 NT Driver) - c:\windows\system32\drivers\rtlh64.sys (file missing) R3 Serenum (Serenum Filter Driver) - c:\windows\system32\drivers\serenum.sys (file missing) R3 srv - c:\windows\system32\drivers\srv.sys (file missing) R3 srv2 - c:\windows\system32\drivers\srv2.sys (file missing) R3 srvnet - c:\windows\system32\drivers\srvnet.sys (file missing) R3 swenum (Software Bus Driver) - c:\windows\system32\drivers\swenum.sys (file missing) R3 tunmp (Microsoft Tun Miniport Adapter Driver) - c:\windows\system32\drivers\tunmp.sys (file missing) R3 tunnel (Microsoft IPv6 Tunnel Miniport Adapter Driver) - c:\windows\system32\drivers\tunnel.sys (file missing) R3 umbus (UMBus Enumerator Driver) - c:\windows\system32\drivers\umbus.sys (file missing) R3 usbccgp (Microsoft USB Generic Parent Driver) - c:\windows\system32\drivers\usbccgp.sys (file missing) R3 usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - c:\windows\system32\drivers\usbehci.sys (file missing) R3 usbhub (USB2 Enabled Hub) - c:\windows\system32\drivers\usbhub.sys (file missing) R3 usbuhci (Microsoft USB Universal Host Controller Miniport Driver) - c:\windows\system32\drivers\usbuhci.sys (file missing) R4 cdfs (CD/DVD File System Reader) - c:\windows\system32\drivers\cdfs.sys (file missing) S3 agp440 (Intel AGP Bus Filter) - c:\windows\system32\drivers\agp440.sys (file missing) S3 AsyncMac (RAS Asynchronous Media Driver) - c:\windows\system32\drivers\asyncmac.sys (file missing) S3 BrFiltLo (Brother USB Mass-Storage Lower Filter Driver) - c:\windows\system32\drivers\brfiltlo.sys (file missing) S3 BrFiltUp (Brother USB Mass-Storage Upper Filter Driver) - c:\windows\system32\drivers\brfiltup.sys (file missing) S3 BrUsbSer (Brother MFC USB Serial WDM Driver) - c:\windows\system32\drivers\brusbser.sys (file missing) S3 COMMONFX.DLL - c:\windows\system32\commonfx.dll (file missing) S3 ctac32k (Creative AC3 Software Decoder) - c:\windows\system32\drivers\ctac32k.sys (file missing) S3 CTAUDFX.DLL - c:\windows\system32\ctaudfx.dll (file missing) S3 CTEAPSFX.DLL - c:\windows\system32\cteapsfx.dll (file missing) S3 CTEDSPFX.DLL - c:\windows\system32\ctedspfx.dll (file missing) S3 CTEDSPIO.DLL - c:\windows\system32\ctedspio.dll (file missing) S3 CTEDSPSY.DLL - c:\windows\system32\ctedspsy.dll (file missing) S3 CTERFXFX.DLL - c:\windows\system32\cterfxfx.dll (file missing) S3 CTHWIUT.DLL - c:\windows\system32\cthwiut.dll (file missing) S3 CTSBLFX.DLL - c:\windows\system32\ctsblfx.dll (file missing) S3 drmkaud (Microsoft Kernel DRM Audio Descrambler) - c:\windows\system32\drivers\drmkaud.sys (file missing) S3 E1G60 (Intel® PRO/1000 NDIS 6 Adapter Driver) - c:\windows\system32\drivers\e1g6032e.sys (file missing) S3 exfat (exFAT File System Driver) - c:\windows\system32\drivers\exfat.sys (file missing) S3 fastfat (FAT12/16/32 File System Driver) - c:\windows\system32\drivers\fastfat.sys (file missing) S3 Filetrace - c:\windows\system32\drivers\filetrace.sys (file missing) S3 gagp30kx (Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) - c:\windows\system32\drivers\gagp30kx.sys (file missing) S3 ggflt (SEMC USB Flash Driver Filter) - c:\windows\system32\drivers\ggflt.sys (file missing) S3 ggsemc (SEMC USB Flash Driver) - c:\windows\system32\drivers\ggsemc.sys (file missing) S3 HdAudAddService (Microsoft 1.1 UAA Function Driver for High Definition Audio Service) - c:\windows\system32\drivers\hdaudio.sys (file missing) S3 HDAudBus (Microsoft UAA Bus Driver for High Definition Audio) - c:\windows\system32\drivers\hdaudbus.sys (file missing) S3 IpFilterDriver (IP Traffic Filter Driver) - c:\windows\system32\drivers\ipfltdrv.sys (file missing) S3 IPNAT (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys (file missing) S3 IRENUM (IR Bus Enumerator) - c:\windows\system32\drivers\irenum.sys (file missing) S3 Modem - c:\windows\system32\drivers\modem.sys (file missing) S3 MSKSSRV (Microsoft Streaming Service Proxy) - c:\windows\system32\drivers\mskssrv.sys (file missing) S3 MSPCLOCK (Microsoft Streaming Clock Proxy) - c:\windows\system32\drivers\mspclock.sys (file missing) S3 MSPQM (Microsoft Streaming Quality Manager Proxy) - c:\windows\system32\drivers\mspqm.sys (file missing) S3 MsRPC - c:\windows\system32\drivers\msrpc.sys (file missing) S3 MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - c:\windows\system32\drivers\mstee.sys (file missing) S3 NativeWifiP (NativeWiFi Filter) - c:\windows\system32\drivers\nwifi.sys (file missing) S3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers\ndisuio.sys (file missing) S3 nv_agp (NVIDIA nForce AGP Bus Filter) - c:\windows\system32\drivers\nv_agp.sys (file missing) S3 QWAVEdrv (QWAVE driver) - c:\windows\system32\drivers\qwavedrv.sys (file missing) S3 RDPWD (RDP Winstation Driver) - c:\windows\system32\drivers\rdpwd.sys (file missing) S3 s116bus (Sony Ericsson Device 116 driver (WDM)) - c:\windows\system32\drivers\s116bus.sys (file missing) S3 s116mdfl (Sony Ericsson Device 116 USB WMC Modem Filter) - c:\windows\system32\drivers\s116mdfl.sys (file missing) S3 s116mdm (Sony Ericsson Device 116 USB WMC Modem Driver) - c:\windows\system32\drivers\s116mdm.sys (file missing) S3 s116mgmt (Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM)) - c:\windows\system32\drivers\s116mgmt.sys (file missing) S3 s116nd5 (Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS)) - c:\windows\system32\drivers\s116nd5.sys (file missing) S3 s116obex (Sony Ericsson Device 116 USB WMC OBEX Interface) - c:\windows\system32\drivers\s116obex.sys (file missing) S3 s116unic (Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM)) - c:\windows\system32\drivers\s116unic.sys (file missing) S3 sffp_mmc (SFF Storage Protocol Driver for MMC) - c:\windows\system32\drivers\sffp_mmc.sys (file missing) S3 sffp_sd (SFF Storage Protocol Driver for SDBus) - c:\windows\system32\drivers\sffp_sd.sys (file missing) S3 Tcpip6 (Microsoft IPv6 Protocol Driver) - c:\windows\system32\drivers\tcpip.sys (file missing) S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys (file missing) S3 TDTCP - c:\windows\system32\drivers\tdtcp.sys (file missing) S3 tssecsrv (Terminal Services Security Filter Driver) - c:\windows\system32\drivers\tssecsrv.sys (file missing) S3 uagp35 (Microsoft AGPv3.5 Filter) - c:\windows\system32\drivers\uagp35.sys (file missing) S3 uliagpkx (Uli AGP Bus Filter) - c:\windows\system32\drivers\uliagpkx.sys (file missing) S3 USBSTOR (USB Mass Storage Driver) - c:\windows\system32\drivers\usbstor.sys (file missing) S3 vga - c:\windows\system32\drivers\vgapnp.sys (file missing) S3 Wanarp (Remote Access IP ARP Driver) - c:\windows\system32\drivers\wanarp.sys (file missing) S3 WUDFRd - c:\windows\system32\drivers\wudfrd.sys (file missing) S4 adp94xx - c:\windows\system32\drivers\adp94xx.sys (file missing) S4 adpahci - c:\windows\system32\drivers\adpahci.sys (file missing) S4 adpu160m - c:\windows\system32\drivers\adpu160m.sys (file missing) S4 adpu320 - c:\windows\system32\drivers\adpu320.sys (file missing) S4 aic78xx - c:\windows\system32\drivers\djsvs.sys (file missing) S4 aliide - c:\windows\system32\drivers\aliide.sys (file missing) S4 amdide - c:\windows\system32\drivers\amdide.sys (file missing) S4 AmdK8 (AMD K8 Processor Driver) - c:\windows\system32\drivers\amdk8.sys (file missing) S4 arc - c:\windows\system32\drivers\arc.sys (file missing) S4 arcsas - c:\windows\system32\drivers\arcsas.sys (file missing) S4 Brserid (Brother MFC Serial Port Interface Driver (WDM)) - c:\windows\system32\drivers\brserid.sys (file missing) S4 BrSerWdm (Brother WDM Serial driver) - c:\windows\system32\drivers\brserwdm.sys (file missing) S4 BrUsbMdm (Brother MFC USB Fax Only Modem) - c:\windows\system32\drivers\brusbmdm.sys (file missing) S4 BTHMODEM (Bluetooth Serial Communications Driver) - c:\windows\system32\drivers\bthmodem.sys (file missing) S4 circlass (Consumer IR Devices) - c:\windows\system32\drivers\circlass.sys (file missing) S4 cmdide - c:\windows\system32\drivers\cmdide.sys (file missing) S4 Compbatt (Microsoft Composite Battery Driver) - c:\windows\system32\drivers\compbatt.sys (file missing) S4 elxstor - c:\windows\system32\drivers\elxstor.sys (file missing) S4 HidBth (Microsoft Bluetooth HID Miniport) - c:\windows\system32\drivers\hidbth.sys (file missing) S4 HidIr (Microsoft Infrared HID Driver) - c:\windows\system32\drivers\hidir.sys (file missing) S4 HpCISSs - c:\windows\system32\drivers\hpcisss.sys (file missing) S4 i2omp - c:\windows\system32\drivers\i2omp.sys (file missing) S4 i8042prt (i8042 Keyboard and PS/2 Mouse Port Driver) - c:\windows\system32\drivers\i8042prt.sys (file missing) S4 iaStorV (Intel RAID Controller Vista) - c:\windows\system32\drivers\iastorv.sys (file missing) S4 iirsp - c:\windows\system32\drivers\iirsp.sys (file missing) S4 IPMIDRV - c:\windows\system32\drivers\ipmidrv.sys (file missing) S4 isapnp (PnP ISA/EISA Bus Driver) - c:\windows\system32\drivers\isapnp.sys (file missing) S4 iteatapi (ITEATAPI_Service_Install) - c:\windows\system32\drivers\iteatapi.sys (file missing) S4 iteraid (ITERAID_Service_Install) - c:\windows\system32\drivers\iteraid.sys (file missing) S4 LSI_FC - c:\windows\system32\drivers\lsi_fc.sys (file missing) S4 LSI_SAS - c:\windows\system32\drivers\lsi_sas.sys (file missing) S4 LSI_SCSI - c:\windows\system32\drivers\lsi_scsi.sys (file missing) S4 megasas - c:\windows\system32\drivers\megasas.sys (file missing) S4 mpio (Microsoft Multi-Path Bus Driver) - c:\windows\system32\drivers\mpio.sys (file missing) S4 Mraid35x - c:\windows\system32\drivers\mraid35x.sys (file missing) S4 msahci - c:\windows\system32\drivers\msahci.sys (file missing) S4 msdsm (Microsoft Multi-Path Device Specific Module) - c:\windows\system32\drivers\msdsm.sys (file missing) S4 nfrd960 - c:\windows\system32\drivers\nfrd960.sys (file missing) S4 nvraid - c:\windows\system32\drivers\nvraid.sys (file missing) S4 nvstor - c:\windows\system32\drivers\nvstor.sys (file missing) S4 ohci1394 (NEC FireWarden OHCI Compliant IEEE 1394 Host Controller) - c:\windows\system32\drivers\ohci1394.sys (file missing) S4 pcmcia - c:\windows\system32\drivers\pcmcia.sys (file missing) S4 Processor (Processor Driver) - c:\windows\system32\drivers\processr.sys (file missing) S4 ql2300 (QLogic Fibre Channel Miniport Driver) - c:\windows\system32\drivers\ql2300.sys (file missing) S4 ql40xx (QLogic iSCSI Miniport Driver) - c:\windows\system32\drivers\ql40xx.sys (file missing) S4 sbp2port (SBP-2 Transport/Protocol Bus Driver) - c:\windows\system32\drivers\sbp2port.sys (file missing) S4 sermouse (Serial Mouse Driver) - c:\windows\system32\drivers\sermouse.sys (file missing) S4 sffdisk (SFF Storage Class Driver) - c:\windows\system32\drivers\sffdisk.sys (file missing) S4 sfloppy (High-Capacity Floppy Disk Drive) - c:\windows\system32\drivers\sfloppy.sys (file missing) S4 SiSRaid2 - c:\windows\system32\drivers\sisraid2.sys (file missing) S4 SiSRaid4 - c:\windows\system32\drivers\sisraid4.sys (file missing) S4 Sym_hi - c:\windows\system32\drivers\sym_hi.sys (file missing) S4 Sym_u3 - c:\windows\system32\drivers\sym_u3.sys (file missing) S4 Symc8xx - c:\windows\system32\drivers\symc8xx.sys (file missing) S4 udfs - c:\windows\system32\drivers\udfs.sys (file missing) S4 uliahci - c:\windows\system32\drivers\uliahci.sys (file missing) S4 UlSata - c:\windows\system32\drivers\ulsata.sys (file missing) S4 ulsata2 - c:\windows\system32\drivers\ulsata2.sys (file missing) S4 usbcir (eHome Infrared Receiver (USBCIR)) - c:\windows\system32\drivers\usbcir.sys (file missing) S4 usbohci (Microsoft USB Open Host Controller Miniport Driver) - c:\windows\system32\drivers\usbohci.sys (file missing) S4 usbprint (Microsoft USB PRINTER Class) - c:\windows\system32\drivers\usbprint.sys (file missing) S4 viaide - c:\windows\system32\drivers\viaide.sys (file missing) S4 vsmraid - c:\windows\system32\drivers\vsmraid.sys (file missing) S4 WacomPen (Wacom Serial Pen HID Driver) - c:\windows\system32\drivers\wacompen.sys (file missing) S4 Wd (Microsoft Watchdog Timer Driver) - c:\windows\system32\drivers\wd.sys (file missing) S4 WmiAcpi (Microsoft Windows Management Interface for ACPI) - c:\windows\system32\drivers\wmiacpi.sys (file missing) S4 ws2ifsl (Winsock IFS driver) - c:\windows\system32\drivers\ws2ifsl.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 CTAudSvcService (Creative Audio Service) - c:\program files (x86)\creative\shared files\ctaudsvc.exe R2 Nero BackItUp Scheduler 3 - c:\program files (x86)\nero\nero8\nero backitup\nbservice.exe R2 nvsvc (NVIDIA Display Driver Service) - c:\windows\system32\nvvsvc.exe (file missing) R2 SamSs (Security Accounts Manager) - c:\windows\system32\lsass.exe (file missing) R2 slsvc (Software Licensing) - c:\windows\system32\slsvc.exe (file missing) R2 Spooler (Print Spooler) - c:\windows\system32\spoolsv.exe (file missing) S3 ALG (Application Layer Gateway Service) - c:\windows\system32\alg.exe (file missing) S3 Creative ALchemy AL1 Licensing Service - "c:\program files (x86)\common files\creative labs shared\service\al1licensing.exe" <Not Verified; Creative Labs; Creative ALchemy AL1 Licensing Service> S3 DFSR (DFS Replication) - c:\windows\system32\dfsr.exe (file missing) S3 Fax - c:\windows\system32\fxssvc.exe (file missing) S3 KeyIso (CNG Key Isolation) - c:\windows\system32\lsass.exe (file missing) S3 MSDTC (Distributed Transaction Coordinator) - c:\windows\system32\msdtc.exe (file missing) S3 Netlogon - c:\windows\system32\lsass.exe (file missing) S3 ProtectedStorage (Protected Storage) - c:\windows\system32\lsass.exe (file missing) S3 RpcLocator (Remote Procedure Call (RPC) Locator) - c:\windows\system32\locator.exe (file missing) S3 SNMPTRAP (SNMP Trap) - c:\windows\system32\snmptrap.exe (file missing) S3 Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe /runasservice S3 UI0Detect (Interactive Services Detection) - c:\windows\system32\ui0detect.exe (file missing) S3 vds (Virtual Disk) - c:\windows\system32\vds.exe (file missing) S3 VSS (Volume Shadow Copy) - c:\windows\system32\vssvc.exe (file missing) S3 wbengine (Block Level Backup Engine Service) - "c:\windows\system32\wbengine.exe" (file missing) S3 wmiApSrv (WMI Performance Adapter) - c:\windows\system32\wbem\wmiapsrv.exe (file missing) -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft ISATAP Adapter Device ID: ROOT\*ISATAP�00 Manufacturer: Microsoft Name: isatap.lan PNP Device ID: ROOT\*ISATAP�00 Service: tunnel -- Files created between 2008-03-23 and 2008-04-23 ----------------------------- 2008-04-23 00:35:15 0 d-------- C:\Program Files (x86)\Trend Micro 2008-04-22 14:24:05 0 d-------- C:\Program Files (x86)\Any Video Converter 2008-04-21 23:01:33 0 d-------- C:\Users\SuSpEcT\{7c453eb5-02ff-40a6-ae68-9bce3bf4c55d} 2008-04-21 22:59:42 0 d-------- C:\Users\SuSpEcT\{d2395c99-4cfc-4442-af39-8addff94b429} 2008-04-21 16:17:48 0 d-------- C:\Program Files (x86)\Magic Video Converter 2008-04-20 22:55:08 0 d-------- C:\Program Files (x86)\TmNationsForever 2008-04-20 00:05:45 43698 --a------ C:\Windows\system32\xvid-uninstall.exe 2008-04-20 00:05:36 0 d-------- C:\Program Files (x86)\AviSynth 2.5 2008-04-20 00:02:50 0 d-------- C:\Program Files (x86)\Gabest 2008-04-19 23:30:11 0 d-------- C:\Program Files (x86)\Common Files\Nero 2008-04-15 17:14:35 0 d-------- C:\Program Files (x86)\mkv2vob 2008-04-15 17:11:51 0 d-------- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2008-04-15 08:00:42 0 d-------- C:\Program Files (x86)\VideoLAN 2008-04-15 00:36:58 0 d-------- C:\Program Files (x86)\OCCT 2008-04-14 20:33:34 110592 --a------ C:\Windows\system32\OpenAL32.dll <Not Verified; Portions © Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL Library> 2008-04-14 20:19:49 3972 --a------ C:\Windows\system32\drivers\PciBus.sys 2008-04-14 20:19:49 5632 --a------ C:\Windows\system32\drivers\Entech64.sys <Not Verified; EnTech Taiwan; EnTech.sys> 2008-04-14 20:19:49 21664 --a------ C:\Windows\system32\drivers\Entech.sys <Not Verified; EnTech Taiwan; PowerStrip> 2008-04-14 20:19:48 0 d-------- C:\Windows\system32\Futuremark 2008-04-14 20:19:07 0 d-------- C:\Program Files (x86)\Futuremark 2008-04-14 17:50:24 0 d-------- C:\Program Files (x86)\ASUS 2008-04-12 02:09:21 0 d-------- C:\Program Files (x86)\Lavalys 2008-04-10 00:00:49 0 d-------- C:\Program Files (x86)\SpeedFan 2008-04-05 05:14:41 0 d-------- C:\Program Files (x86)\Avanquest update 2008-04-05 05:06:28 0 d-------- C:\Program Files (x86)\Microsoft Silverlight 2008-04-03 21:06:43 53248 -----n--- C:\Windows\Ctregrun.exe <Not Verified; Creative Technology Ltd; Creative Product Registration> 2008-04-03 21:06:38 0 d-------- C:\Program Files (x86)\Common Files\Creative Labs Shared 2008-04-01 18:21:37 0 d-------- C:\PerfLogs 2008-04-01 15:31:23 0 d-------- C:\Windows\Internet Logs 2008-04-01 00:46:08 0 d-------- C:\Program Files (x86)\RivaTuner v2.08 2008-03-31 19:28:00 0 d-------- C:\Users\SuSpEcT\{e2b78d67-67db-4de9-a688-78234cf98f9f} 2008-03-31 19:05:47 0 d-------- C:\Program Files (x86)\Sony Ericsson 2008-03-29 21:16:45 0 d-------- C:\Windows\nvtmpinst 2008-03-29 21:06:45 0 d-------- C:\Program Files (x86)\SystemRequirementsLab 2008-03-29 21:05:27 0 d-------- C:\Program Files (x86)\Java 2008-03-29 21:04:52 0 d-------- C:\Program Files (x86)\Common Files\Java 2008-03-29 20:16:52 0 d-------- C:\Program Files (x86)\Natural Mod 2008-03-29 17:58:19 0 d-------- C:\Downloads 2008-03-28 18:43:09 0 d-------- C:\Windows\system32\directx 2008-03-28 18:40:24 0 d-------- C:\Windows\system32\URTTEMP 2008-03-28 18:39:27 669184 --a------ C:\Windows\system32\pbsvc.exe 2008-03-28 18:32:40 0 d-------- C:\Program Files (x86)\Electronic Arts 2008-03-28 16:18:51 0 d-------- C:\Program Files (x86)\BitSpirit 2008-03-28 15:55:15 0 d-------- C:\Program Files (x86)\Steinberg 2008-03-28 15:54:03 1720086 --a------ C:\Windows\system32\TmpA68053704 2008-03-28 04:00:33 0 d-------- C:\Program Files (x86)\MSXML 4.0 2008-03-27 21:17:57 0 d-------- C:\Program Files (x86)\ImgBurn 2008-03-27 21:08:44 0 d-------- C:\Program Files (x86)\Nero 2008-03-27 20:58:23 0 d-------- C:\Program Files (x86)\DAEMON Tools Lite 2008-03-26 16:43:19 0 d-------- C:\Program Files (x86)\Common Files\Steam 2008-03-25 17:27:29 53248 --a------ C:\Windows\system32\CSVer.dll <Not Verified; Windows XP Bundled build C-Centric Single User; Windows XP Bundled build C-Centric Single User CSVer> 2008-03-25 17:27:29 0 d-------- C:\Program Files (x86)\Intel 2008-03-25 17:27:21 0 d-------- C:\Intel 2008-03-25 16:04:06 225280 --a------ C:\Windows\system32\rewire.dll <Not Verified; Propellerhead Software AB; ReWire> 2008-03-25 16:04:06 0 d-------- C:\Program Files (x86)\Image-Line 2008-03-25 16:03:01 1777664 --a------ C:\Windows\system32\gdiplus.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-03-25 15:54:09 0 d-------- C:\Program Files (x86)\Common Files\Creative 2008-03-25 15:54:08 0 d--h----- C:\Program Files (x86)\Creative Installation Information 2008-03-25 15:52:50 413696 --a------ C:\Windows\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32> 2008-03-25 15:52:50 0 d-------- C:\Program Files (x86)\OpenAL 2008-03-25 15:50:51 0 d-------- C:\Windows\system32\Data 2008-03-25 15:50:51 3072 --a------ C:\Windows\system32\CTXFIRES.DLL <Not Verified; ; CTxfiRes Dynamic Link Library> 2008-03-25 15:50:50 69120 --a------ C:\Windows\system32\CmdRtr.DLL 2008-03-25 15:50:50 108544 --a------ C:\Windows\system32\APOMngr.DLL 2008-03-25 15:50:49 0 d-------- C:\Program Files (x86)\Creative 2008-03-25 15:50:45 0 d--h----- C:\Program Files (x86)\InstallShield Installation Information 2008-03-25 15:41:36 0 d-------- C:\Windows\nvidia icons 2008-03-25 15:39:48 0 d-------- C:\Program Files (x86)\Common Files\InstallShield 2008-03-25 15:39:44 0 d-------- C:\NVIDIA 2008-03-25 15:34:49 0 d-------- C:\Windows\PCHEALTH 2008-03-25 15:34:17 0 --a------ C:\Windows\nsreg.dat 2008-03-25 15:28:28 0 d--hs--c- C:\Program Files (x86)\Common Files\WindowsLiveInstaller 2008-03-25 15:28:21 0 d-------- C:\Program Files (x86)\Windows Live 2008-03-25 15:23:30 0 d--hs---- C:\Windows\Installer 2008-03-25 04:22:24 0 d-------- C:\Windows\Panther 2008-03-25 04:21:39 59 -ra------ C:\Windows\DELL_VERSION 2008-03-25 00:54:21 0 d-------- C:\Windows\system32\Macromed 2008-03-24 20:56:48 0 dr------- C:\Users\SuSpEcT\Searches 2008-03-24 20:56:34 0 dr------- C:\Users\SuSpEcT\Contacts 2008-03-24 20:56:28 0 d--hs---- C:\Users\SuSpEcT\Templates 2008-03-24 20:56:28 0 d--hs---- C:\Users\SuSpEcT\Start Menu 2008-03-24 20:56:28 0 d--hs---- C:\Users\SuSpEcT\SendTo 2008-03-24 20:56:28 0 d--hs---- C:\Users\SuSpEcT\Recent 2008-03-24 20:56:28 0 d--hs---- C:\Users\SuSpEcT\PrintHood 2008-03-24 20:56:28 0 d--hs---- C:\Users\SuSpEcT\NetHood 2008-03-24 20:56:28 0 d--hs---- C:\Users\SuSpEcT\My Documents 2008-03-24 20:56:28 0 d--hs---- C:\Users\SuSpEcT\Local Settings 2008-03-24 20:56:28 0 d--hs---- C:\Users\SuSpEcT\Cookies 2008-03-24 20:56:28 0 d--hs---- C:\Users\SuSpEcT\Application Data 2008-03-24 20:56:27 0 dr------- C:\Users\SuSpEcT\Videos 2008-03-24 20:56:27 0 dr------- C:\Users\SuSpEcT\Saved Games 2008-03-24 20:56:27 0 dr------- C:\Users\SuSpEcT\Pictures 2008-03-24 20:56:27 3407872 --ahs---- C:\Users\SuSpEcT\NTUSER.DAT 2008-03-24 20:56:27 0 dr------- C:\Users\SuSpEcT\Music 2008-03-24 20:56:27 0 dr------- C:\Users\SuSpEcT\Links 2008-03-24 20:56:27 0 dr------- C:\Users\SuSpEcT\Favorites 2008-03-24 20:56:27 0 dr------- C:\Users\SuSpEcT\Downloads 2008-03-24 20:56:27 0 dr------- C:\Users\SuSpEcT\Documents 2008-03-24 20:56:27 0 dr------- C:\Users\SuSpEcT\Desktop 2008-03-24 20:56:27 0 d--h----- C:\Users\SuSpEcT\AppData 2008-03-24 19:25:59 0 d-------- C:\Windows\SoftwareDistribution 2008-03-24 19:24:55 0 d-------- C:\Windows\Debug 2008-03-24 19:24:54 0 d-------- C:\Windows\CSC 2008-03-24 19:23:30 0 d-------- C:\Windows\Prefetch 2008-03-24 19:23:17 0 d--hs---- C:\System Volume Information -- Find3M Report --------------------------------------------------------------- 2008-04-20 10:58:03 564 --a------ C:\Users\SuSpEcT\AppData\Roaming\AutoGK.ini 2008-04-19 23:30:11 0 d-------- C:\Program Files (x86)\Common Files 2008-04-19 22:02:09 0 d-------- C:\Users\SuSpEcT\AppData\Roaming\Nero8 2008-04-15 17:06:35 0 d-------- C:\Users\SuSpEcT\AppData\Roaming\ImgBurn 2008-04-15 08:01:38 0 d-------- C:\Users\SuSpEcT\AppData\Roaming\vlc 2008-04-15 08:01:25 0 d-------- C:\Users\SuSpEcT\AppData\Roaming\dvdcss 2008-04-09 03:07:44 0 d-------- C:\Program Files (x86)\Windows Mail 2008-04-01 18:32:25 174 --ahs---- C:\Program Files (x86)\desktop.ini 2008-04-01 18:23:03 0 d-------- C:\Program Files (x86)\Windows Sidebar 2008-04-01 18:23:03 0 d-------- C:\Program Files (x86)\Windows Photo Gallery 2008-04-01 18:23:03 0 d-------- C:\Program Files (x86)\Windows Collaboration 2008-04-01 18:23:03 0 d-------- C:\Program Files (x86)\Windows Calendar 2008-04-01 18:23:02 0 d-------- C:\Program Files (x86)\Windows Defender 2008-03-31 19:05:42 0 d-------- C:\Users\SuSpEcT\AppData\Roaming\InstallShield 2008-03-29 21:06:38 0 d-------- C:\Users\SuSpEcT\AppData\Roaming\SystemRequirementsLab 2008-03-28 19:20:07 0 dr-h----- C:\Users\SuSpEcT\AppData\Roaming\SecuROM 2008-03-28 16:19:26 0 d-------- C:\Users\SuSpEcT\AppData\Roaming\BitSpirit 2008-03-27 21:11:22 0 d-------- C:\Users\SuSpEcT\AppData\Roaming\Nero 2008-03-27 20:41:13 0 d-------- C:\Users\SuSpEcT\AppData\Roaming\DAEMON Tools 2008-03-25 17:22:04 0 d-------- C:\Users\SuSpEcT\AppData\Roaming\WinRAR 2008-03-25 15:34:15 0 d-------- C:\Users\SuSpEcT\AppData\Roaming\Mozilla 2008-03-25 00:54:22 0 d-------- C:\Users\SuSpEcT\AppData\Roaming\Macromedia 2008-03-25 00:54:22 0 d-------- C:\Users\SuSpEcT\AppData\Roaming\Adobe 2008-03-24 20:56:37 0 d-------- C:\Users\SuSpEcT\AppData\Roaming\Identities -- Registry Dump --------------------------------------------------------------- -- Hosts ----------------------------------------------------------------------- 127.0.0.1 live.refx.net -- End of Deckard's System Scanner: finished at 2008-04-23 05:03:30 ------------ Klikk for å se/fjerne innholdet nedenfor Deckard's System Scanner v20071014.68Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft® Windows Vista™ Ultimate (build 6001) SP 1.0 Architecture: X64; Language: English CPU 0: Intel® Core2 CPU 6600 @ 2.40GHz Percentage of Memory in Use: 35% Physical Memory (total/avail): 4094.25 MiB / 2630.74 MiB Pagefile Memory (total/avail): 8401.77 MiB / 6740.67 MiB Virtual Memory (total/avail): 4095.88 MiB / 3940.66 MiB A: is Removable (No Media) C: is Fixed (NTFS) - 94.78 GiB total, 23.12 GiB free. D: is Fixed (NTFS) - 58.59 GiB total, 21.94 GiB free. E: is CDROM (No Media) F: is CDROM (No Media) H: is Fixed (NTFS) - 465.76 GiB total, 51.76 GiB free. \\.\PHYSICALDRIVE0 - HDT722516DLA380 ATA Device - 153.38 GiB - 2 partitions \PARTITION0 (bootable) - Installable File System - 58.59 GiB - D: \PARTITION1 - Extended w/Extended Int 13 - 94.78 GiB - C: \\.\PHYSICALDRIVE1 - WDC WD5000AAKS-00YGA0 ATA Device - 465.76 GiB - 1 partition \PARTITION0 - Logical Disk Manager - 465.76 GiB - H: -- Security Center ------------------------------------------------------------- Windows Internal Firewall is enabled. AV: avast! antivirus 4.8.1169 [VPS 080422-1] v4.8.1169 (ALWIL Software) AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) AS: avast! antivirus 4.8.1169 [VPS 080422-1] v4.8.1169 (ALWIL Software) [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\SuSpEcT\AppData\Roaming CommonProgramFiles=C:\Program Files (x86)\Common Files CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files CommonProgramW6432=C:\Program Files\Common Files COMPUTERNAME=SUSPECT-PC ComSpec=C:\Windows\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Users\SuSpEcT LOCALAPPDATA=C:\Users\SuSpEcT\AppData\Local LOGONSERVER=\\SUSPECT-PC NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE=x86 PROCESSOR_ARCHITEW6432=AMD64 PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 15 Stepping 6, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0f06 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files (x86) ProgramFiles(x86)=C:\Program Files (x86) ProgramW6432=C:\Program Files PROMPT=$P$G PUBLIC=C:\Users\Public SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\Users\SuSpEcT\AppData\Local\Temp TMP=C:\Users\SuSpEcT\AppData\Local\Temp USERDOMAIN=SuSpEcT-PC USERNAME=SuSpEcT USERPROFILE=C:\Users\SuSpEcT windir=C:\Windows -- User Profiles --------------------------------------------------------------- SuSpEcT -- Add/Remove Programs --------------------------------------------------------- --> "C:\Program Files (x86)\Creative Installation Information\SBCONTROL64\Setup.exe" /remove /l0x0009 --> C:\Program Files (x86)\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL --> C:\Windows\UNNeroBackItUp.exe /UNINSTALL --> C:\Windows\UNNeroMediaHome.exe /UNINSTALL --> C:\Windows\UNNeroShowTime.exe /UNINSTALL --> C:\Windows\UNNeroVision.exe /UNINSTALL --> C:\Windows\UNRecode.exe /UNINSTALL --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A68AACBA-C3AF-467B-978C-E05C31650CF6}\setup.exe" -l0x9 3DMark06 --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\101\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9 -removeonly Adobe Flash Player ActiveX --> C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin --> C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe Any Video Converter 1.2.1 --> "C:\Program Files (x86)\Any Video Converter\unins000.exe" ASUSUpdate --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\Setup.exe" -l0x9 Avanquest update --> C:\Program Files (x86)\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\setup.exe -runfromtemp -l0x0014 -removeonly avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup AviSynth 2.5 --> "C:\Program Files (x86)\AviSynth 2.5\Uninstall.exe" BitSpirit v3.3.2.115 Stable --> "C:\Program Files (x86)\BitSpirit\unins000.exe" Creative ALchemy (X-Fi Edition) --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A68AACBA-C3AF-467B-978C-E05C31650CF6}\setup.exe" -l0x9 /remove Creative Audio Console --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove Crysis® --> MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4} EVEREST Ultimate Edition v4.50 --> "C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\unins000.exe" FL Studio v7.0 --> "C:\Program Files (x86)\Image-Line\FL Studio 7\unins000.exe" HijackThis 2.0.2 --> "C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall ImgBurn --> "C:\Program Files (x86)\ImgBurn\uninstall.exe" Java 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} JScreenFix --> C:\Windows\system32\javaws.exe -uninstall -prompt "http://www.jscreenfix.com/JScreenFix.jnlp" Magic Video Converter Trial Version (English) 8.0.2.18 --> "C:\Program Files (x86)\Magic Video Converter\unins000.exe" Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1 Hotfix (KB929729) --> "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp" Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} mkv2vob --> MsiExec.exe /X{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D} Mozilla Firefox (2.0.0.14) --> C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} Natural Mod --> C:\Program Files (x86)\Natural Mod\uninstall.exe Nero 8 --> MsiExec.exe /X{5FCCD531-1B38-4A94-924C-127F722F1044} neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} OCCT Perestroika 2.0.0a --> "C:\Program Files (x86)\OCCT\unins000.exe" OpenAL --> "C:\Program Files (x86)\OpenAL\oalinst.exe" /U Påloggingsassistent for Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} PunkBuster Services --> C:\Windows\system32\pbsvc.exe -u rgc:audio z3ta+ VSTi v1.4 --> "C:\Program Files (x86)\Image-Line\FL Studio 7\Plugins\VST\unins000.exe" RivaTuner v2.08 --> "C:\Program Files (x86)\RivaTuner v2.08\uninstall.exe" Sony Ericsson PC Suite 3.204.00 --> C:\Program Files (x86)\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\Setup.exe -runfromtemp -l0x0014 -removeonly SpeedFan (remove only) --> "C:\Program Files (x86)\SpeedFan\uninstall.exe" System Requirements Lab --> C:\Program Files (x86)\SystemRequirementsLab\Uninstall.exe TmNationsForever --> "C:\Program Files (x86)\TmNationsForever\unins000.exe" VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027} VideoLAN VLC media player 0.8.6f --> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe VobSub v2.23 (Remove Only) --> "C:\Program Files (x86)\Gabest\VobSub\uninstall.exe" Windows Live installer --> MsiExec.exe /X{4218D9DC-282B-4596-BEA5-F20560C14400} Windows Live Messenger --> MsiExec.exe /X{D70A63D1-2F54-4713-8AE6-BBD28D1A62E6} Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} WinRAR Arkiverer --> C:\Program Files (x86)\WinRAR\uninstall.exe XviD MPEG4 Video Codec (remove only) --> "C:\Windows\system32\xvid-uninstall.exe" -- Application Event Log ------------------------------------------------------- Event Record #/Type3828 / Success Event Submitted/Written: 04/23/2008 03:09:50 AM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event Record #/Type3826 / Error Event Submitted/Written: 04/23/2008 02:59:28 AM Event ID/Source: 78 / SideBySide Event Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest. Event Record #/Type3817 / Success Event Submitted/Written: 04/23/2008 02:40:54 AM Event ID/Source: 5617 / WinMgmt Event Description: Event Record #/Type3816 / Success Event Submitted/Written: 04/23/2008 02:40:53 AM Event ID/Source: 5615 / WinMgmt Event Description: Event Record #/Type3814 / Success Event Submitted/Written: 04/23/2008 02:40:44 AM Event ID/Source: 902 / Software Licensing Service Event Description: The Software Licensing service has started. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type25479 / Warning Event Submitted/Written: 04/23/2008 04:59:26 AM Event ID/Source: 3004 / WinDefend Event Description: %%8271.1.1600.0{54888306-FFE2-4ED4-98F5-1700122D9108}SuSpEcT-PCSuSpEcTS-1-5-21-3160795295-1402837663-1100430166-1000Unknown%%832driver:huy320%%807 Event Record #/Type25478 / Warning Event Submitted/Written: 04/23/2008 04:59:26 AM Event ID/Source: 3004 / WinDefend Event Description: %%8271.1.1600.0{F3E72176-D544-44FD-A9E0-AEB3517BA134}SuSpEcT-PCSuSpEcTS-1-5-21-3160795295-1402837663-1100430166-1000Unknown%%832driver:xpdt0%%807 Event Record #/Type25477 / Warning Event Submitted/Written: 04/23/2008 04:59:26 AM Event ID/Source: 3004 / WinDefend Event Description: %%8271.1.1600.0{DB1B7ECA-444C-400C-84A7-5A0D393DB6C6}SuSpEcT-PCSuSpEcTS-1-5-21-3160795295-1402837663-1100430166-1000Unknown%%832service:xpdt0%%807 Event Record #/Type25476 / Warning Event Submitted/Written: 04/23/2008 04:59:23 AM Event ID/Source: 3004 / WinDefend Event Description: %%8271.1.1600.0{B1722B72-D565-4EDD-A280-C3CCAAC5591F}SuSpEcT-PCSuSpEcTS-1-5-21-3160795295-1402837663-1100430166-1000Unknown%%832driver:pe3860%%807 Event Record #/Type25475 / Warning Event Submitted/Written: 04/23/2008 04:59:23 AM Event ID/Source: 3004 / WinDefend Event Description: %%8271.1.1600.0{3904ADEE-DB67-49A4-9D4F-E277E0364E43}SuSpEcT-PCSuSpEcTS-1-5-21-3160795295-1402837663-1100430166-1000Unknown%%832driver:lzx320%%807 -- End of Deckard's System Scanner: finished at 2008-04-23 05:03:30 ------------ Endret 23. april 2008 av The_Free_Man Lenke til kommentar
snippsat Skrevet 23. april 2008 Del Skrevet 23. april 2008 Ja det så ikke så ille ut. Last ned kjør CCleaner 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer som er eldere 48t" Kjør register-renser og. Last ned oppdatere og kjør full scan SAS free Post loggen fra SAS (preferences->statistics/logs) Restart og en ny HijackThis logg. Lenke til kommentar
WaterMarked Skrevet 23. april 2008 Forfatter Del Skrevet 23. april 2008 Klikk for å se/fjerne innholdet nedenfor SUPERAntiSpyware Scan Loghttp://www.superantispyware.com Generated 04/23/2008 at 04:31 PM Application Version : 4.0.1154 Core Rules Database Version : 3445 Trace Rules Database Version: 1437 Scan type : Complete Scan Total Scan Time : 00:48:29 Memory items scanned : 396 Memory threats detected : 15 Registry items scanned : 5696 Registry threats detected : 2 File items scanned : 27819 File threats detected : 88 Adware.Vundo Variant/Resident C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\QOMFCYWX.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\QOMFCYWX.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\IIFDEWPF.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\IIFDEWPF.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\IIFDTJJJ.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\IIFDTJJJ.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\BYXOHEXV.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\BYXOHEXV.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\FCCCYAXO.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\FCCCYAXO.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\WVUMMKET.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\WVUMMKET.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\EFCAQJAS.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\EFCAQJAS.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\DDCCVMJA.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\DDCCVMJA.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\EFCDWMGV.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\EFCDWMGV.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\AWTTSTUT.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\AWTTSTUT.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\YAYWXYVN.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\YAYWXYVN.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\IIFEEXWP.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\IIFEEXWP.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\HGGXYOPH.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\HGGXYOPH.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\RQRJDDBB.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\RQRJDDBB.DLL Adware.Vundo-Variant/H C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\VTULLBTM.DLL C:\USERS\SUSPECT\APPDATA\LOCAL\TEMP\VTULLBTM.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\KHFCROFD.DLL Adware.Vundo Variant/Rel HKU\S-1-5-21-3160795295-1402837663-1100430166-1000\Software\Microsoft\Windows\CurrentVersion\Run#MSServer [ rundll32.exe C:\Users\SuSpEcT\AppData\Local\Temp\vtUlLBTm.dll,#1 ] HKU\S-1-5-21-3160795295-1402837663-1100430166-1000\Software\Microsoft\Windows\CurrentVersion\Run#cmds [ rundll32.exe C:\Users\SuSpEcT\AppData\Local\Temp\qoMfcywX.dll,c ] Adware.Vundo-Variant C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\AWTURRJH.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\AWTUSQPJ.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\AWTUTQPJ.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\BYXOGHHI.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\BYXPIXVS.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\BYXVWOFD.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\CBXNGABQ.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\CBXOICBA.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\DDCARQRH.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\DDCBSIYV.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\DDCCRHBS.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\DDCCSLCT.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\DDCYQRRL.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\EFCDSMDU.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\EFWVUMCC.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\FCCABSIJ.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\FCCBARJB.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\FCCYYXPP.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\HGGABYPI.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\GEBTQHIG.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\GEBUVUUS.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\HGGHBQPG.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\HGGVSSPH.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\HGVWURRJ.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\IIFCASKD.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\IIFDEWPF.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\IIFDTJJJ.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\IIFEBATQ.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\IIFFEUUL.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\KHFFYOGW.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\JKAXPJKA.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\JKKJCCUR.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\JKKJDDVM.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\JKKJYXNN.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\JKKKCARJ.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\JKKKCASK.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\KHFDSQPN.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\LJAPQJAB.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\LJJBTRQR.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\MLJARSQQ.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\MLJJYXOM.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\OPNKKHFE.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\NNNLJDET.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\NNNOLBQO.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\NNNOMEVU.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\OPIFYQRP.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\QOMCCBTQ.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\QOMDETNH.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\QOMGFCTT.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\RQRHXUST.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\RQRJCSLB.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\SSQNHXUV.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\SSQRHWQG.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\TULMECYW.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\TUVSIFCV.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\TUVWNOOO.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\VTULIHBT.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\VTUNNONM.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\VTUOMLJI.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\VTUOOOFV.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\WVULJGYR.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\WVURHARO.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\XXYAWWXW.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\XXYAYVLE.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\XXYVSRJI.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\XXYVVWOM.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\XXYXWPII.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\YAYOLDBX.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\YAYVSJGH.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\YAYXVSJB.DLL Adware.Vundo-Variant/Small-A C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\OHHUDVJT.DLL C:\DECKARD\SYSTEM SCANNER\BACKUP\USERS\SUSPECT\APPDATA\LOCAL\TEMP\RFQAIBBS.DLL Hijack this::: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:00:49, on 23.04.2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe C:\Windows\SysWOW64\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe C:\Windows\SysWOW64\CTHELPER.EXE C:\Windows\SysWOW64\CTXFIHLP.EXE C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\SysWOW64\CTXFISPI.EXE C:\Windows\SysWOW64\rundll32.exe C:\Windows\SysWOW64\conime.exe C:\Program Files\Alwil Software\Avast4\ashSimpl.exe C:\Program Files (x86)\CCleaner\CCleaner.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Windows\SysWOW64\notepad.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\SuSpEcT\AppData\Local\Temp\qoMfcywX.dll,c O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\SuSpEcT\AppData\Local\Temp\vtUlLBTm.dll,#1 O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user') O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Creative ALchemy AL1 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL1Licensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8510 bytes Lenke til kommentar
snippsat Skrevet 23. april 2008 Del Skrevet 23. april 2008 (endret) Kjør kun hjt. Start HijackThis "scan" finn disse linjene merk dem,så trykk fix checked. O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\SuSpEcT\AppData\Local\Temp\qoMfcywX.dll,c O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\SuSpEcT\AppData\Local\Temp\vtUlLBTm.dll,#1 Start->kjør->%temp% <slett alt du finner her> Restart og en ny HijackThis logg. Endret 23. april 2008 av SNIPPSAT Lenke til kommentar
SettRoXs Skrevet 23. april 2008 Del Skrevet 23. april 2008 søk på hitmanpro det er et program som instalere mange av de beste programmene innefår spywhere og sånt. og så laster du ned avg free. alt er gratis! Lenke til kommentar
snippsat Skrevet 23. april 2008 Del Skrevet 23. april 2008 (endret) Nå er vi mitt en prosses her SettRoXs. Det har ingen ting for seg og innstalere hitmanpro. Pcen hans vil blir ren,noe en aldri kan si med hitmanpro. Dette er et program jeg overhode ikke anbefaler. P.g.a dette. The disadvantages/con's with hitmanpro. The creator didn't make any of the bundled software The program will, upon it's first scan, automatically download and install spyware and adware removers After the software is downloaded the install will be auto, so no way you can choose where the 3rd party software should be installed. You have no control over any of the installation options since everything is automated. Though this may be an advantage to the average user No desktop icons or startmenu folders are created for the 3rd party programs, thus disabling easy access to the 3rd party programs without using HMP You need to uncheck 'delete all found threats automatically' else harmless items might be deleted during the process The creator removed all donate banners from the freeware programs and asks for a donation himself, thus no credit for the real creators of the programs. Update: you can find small links to the donation pages of the creators of the freeware here The trial versions will expire and cease to work.. Programs which are included, like CwShredder, made to remove certain CoolWebSearch infections, can damage your system when you're not infected with a Coolweb variant it can remove Spyware Doctor runs with the scan but doesn't remove any of the found infections Hitman Pro changes your default security settings, usefull when you don't know what to do (and don't read the tutorials on this site), useless when you can't access specific site due to these HMP actions and don't know what caused it (now you do) Hitman Pro still contains bugs causing a program crash, windows crash or even a crash during the deletion of registry files (ouch) Endret 23. april 2008 av SNIPPSAT Lenke til kommentar
WaterMarked Skrevet 23. april 2008 Forfatter Del Skrevet 23. april 2008 (endret) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:09:47, on 23.04.2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe C:\Windows\SysWOW64\CTHELPER.EXE C:\Windows\SysWOW64\CTXFIHLP.EXEC:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\SysWOW64\CTXFISPI.EXE C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user') O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Creative ALchemy AL1 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL1Licensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7910 bytes Hmm. jeg finner ikke: O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\SuSpEcT\AppData\Local\Temp\qoMfcywX.dll,c O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\SuSpEcT\AppData\Local\Temp\vtUlLBTm.dll,#1 Start->kjør->%temp%<slett alt du finner her> Det ligger og noen filer som jeg ikke får lov å slette. Navnet på alle begynner med DF, og en textfil. Ser ut til å være et tomt dokument. Endret 23. april 2008 av The_Free_Man Lenke til kommentar
snippsat Skrevet 23. april 2008 Del Skrevet 23. april 2008 (endret) Bruk dette programmet på filer du ikke får slettet unlocker Det ser bra ut nå Du får bruke pcen og gi tilbakemelding om problemet er borte. Endret 23. april 2008 av SNIPPSAT Lenke til kommentar
WaterMarked Skrevet 23. april 2008 Forfatter Del Skrevet 23. april 2008 Det ser faktisk veldig bra ut for øyeblikket. Takk for hjelpen! Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå