Just nu i M3-nätverket
Gå till innehåll

LAX

Medlem
  • Antal inlägg

    18
  • Gick med

  • Senaste besök

  1. Ja, just så gjorde jag
  2. Tack så mycket mbgtmari! Att ange Unicod (UTF-8)löste problemet. (vägen till inställningen var inte den du beskrev, lite annorlunda i Outlook 2016, men jag hittade den ändå)
  3. Har nyligen skaffat Office 2016, med Outlook 2016, på en ny dator med Windows 10. Har nu problem med skickade mejl. Svenska tecken, åäö, byts i de mejlen ut mot frågetecken. När jag skriver ser det rätt ut, men så fort det är skickat så blir det detta fel. I mejlets ämnesrad finns svenska tecken kvar som de ska, men inte i meddelandetexten där de som sagts ersätts med frågetecken. I övrigt tycks å ä ö hanteras rätt av olika program på datorn. Kan inte säkert säga om det var så här direkt när jag började använda Outlook, eller om det kom lite senare. Jag har bara haft datorn en kort tid ännu. Så här kan jag inte ha det. Förslag på vad som kan göras?
  4. Problemet löst! Men det satt långt inne. Fick detta tips på ett annat forum: "....... testa att döpa om eller ta bort Windows Messaging Subsystem. HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem Att döpa om nyckeln hjälpte åtminstone 1 användare i länken nedan Outlook cannot open/mail applet not enough resources" Kan vara bra att känna till denna lösning även om problemet verkar vara ovanligt. Lasse
  5. Tack för förslagen och instruktionerna! Jag har följt dem så noga som möjligt. Men nu när jag ominstallerat och uppdaterat så är det samma igen. Alla office-programen utom Outlook startar som de ska. Överväger att avinstallera WordPerfect Office 12, eftersom det möjligen är så att Outlookproblemet kom först efter att jag installrat det programmet. Dock trivs samma program bra ihop på min stationära dator. Några fler tankar och förslag? Lasse
  6. System: Win 7 64 bitars Microsoft Office Hem och Småföretag 2010 Säkerhetsprogram F-Secure Först fungerade Outlook liksom alla office-programmen på min nya Lenovodator. Men rätt vad det var gick det inte att starta Outlook. Avinstallerade därför Office och installerade det på nytt. Men nu var det samma fel redan från början (innan jag konfigurerat e-postkonton och angett pst-fil): Vid försök att starta Outlook (via start-menyn, eller genom att direkt klicka på Outlook.exe) händer bara följande, ett felmeddelande visas: "Det går inte att starta Microsoft Outlook" Mina försök att förstå och åtgärda felet: Gjorde en kopia av Outlook.exe, som fick nytt namn. Vid klick på den började startbilden av Outlook visas, men sedan kom felmeddelanden och det gick inte att komma vidare. Har surfat runt bland lite supportartiklar och prövat olika tips: Prövade att i kontrollpanelen, efter sökning på E-post, klicka på E-post. Det gav meddelandet: "Det finns inte tillräckligt med minne eller systemresurser. Stäng några fönster och försök igen." Verkar helt ologiskt, har inte startat något. Samma även om jag gör det direkt efter omstart. Prövade med att köra outlook.exe /resetnavpane hade ingen effekt Tittade på filen outlook.xml (under Användare ... Roaming...). Den var inte på 0 kB (vilket skulle kunna vara en felindikator enligt ett tips), utan på 3 kB. Däremot hade den datum två dygn tidigare än när jag ominstallerade Office 2010, vilket verkar lite skumt. Tittat på egenskaper för otlook.exe-filen: Inget markerat för kompatibilitet. Har prövat att i Kontrollpanelen Program Ändra - Reparera Microsoft Office Hem och Småföretag 2010. (något val att bara "behandla" Outlook ser jag inte där) Detta har ingen effekt. Fortfarande "Det går inte att starta Microsoft Outlook" Filen outlook.xml har fortfarande samma datum. Kan nämna att jagockså har installerat Microsoft Office Hem och Småföretag 2010 på min nyligen uppgraderade stationära dator (med Win 7 den med), med ungefär samma prestanda som Lenovodatorn. Där funkar allt som det ska. Lasse
  7. Tack för förslagen. "Öppna alltid popup-fönster i en ny flik" påverkar inte det hela. Byta till annan webbläsare är inget altermativ eftersom IEverkar vara den enda webbläsaren som ger full funktionalitet på vissa webbsidor som jag loggar in på och arbetar med. Men att byta till annan pdf-läsare går, jag har nu testat med Foxit Reader och det funkar! Så om det inte är så att Foxit saknar något som Adobe har som jag upptäcker att jag behöver så kommer jag nu att fortsätta med Foxit Reader.
  8. Problemet: Jag vill att länkar i en pdf-fil till internet ska öppnas i nya flikar i Internet Explorer (IE). Men det funkar inte nu. När jag i IE under Internetalternativ-Allmänt-Ändra hur webbsidor visas i flikar väljer "Öppna länkar från andra program i ny flik i det aktuella fönstret" fungerar det inte, inte heller öppna sådana länkar i nytt fönster. De öppnas hela tiden bara i befintlig flik oavsett inställning i IE och döljer därmed en webbsida som var öppen (som jag fortfarande vill ha öppen). Detta gäller länkar från pdf-filer. Innan uppgradering av min dator från Win XP med IE8 till Win7 med IE9 fungerade detta som det skulle! Jag hade då Adobe Reader 8. Hur kan detta åtgärdas? Har ställt denna fråga på ett Microsoft-forum och fått hjälp som lett fram till att det nog knappast beror på IntrnetExplorer utan på Adobe Reader. Weblänkar från word-dokument, och från WordPerfect-dokument, öppnas nämligen som de ska i nya flikar i IE9. Jag har prövat med Opera, och där öppnas länkar från pdf i nya flikar som det ska. Men jag kan inte använda Opera eftersom IE är den enda webbläsaren som ger full funktionalitet på vissa webbsidor som jag loggar in på och arbetar med. Har försökt med att byta från Adobe reader X till Acrobat Reader 9.5, men förhållandet var detsamma. Kan jag pröva med ännu äldre versioner av Adobe Readerän 9.5 (fast jag hittar inte dem på Adobes sajt. när jag angav mitt operativ till Win 7.). Andra förslag på lösningar? Inställningar i Adobe Reader? (men jag tror jag försökt med alla...) Att komma i kontakt med support och forum hos Adobe verkar mer än krångligt, jag har dock sökt bland deras engelskspråkiga forum utan att hitta någon som tar upp samma problem. Hoppas någon här kan hjälpa mig. Lasse
  9. Revo uninstaller lyckas inte heller. RegistryBooster har en genväg på skrivbordet, när jag pekar på den med Revo uninstaller och väljer avinstallera så får jag besked "Inget avinstallationspaket hittades". Samma resultat om jag går andra vägar med Revo unistaller till Registry Booster, t.ex. väljer exe-fil i C:/Program/Uniblue/Registry booster. I Revos huvudfönster syns inte RegistryBooster (eller Uniblu) Så det är väl bara att låta det vara då. RegistryBooster går alltså att köra, men startar inte automatiskt. Jag kan förstås radera hela mappen under program, men det är kanske inte tillrådligt? Nej jag tror inte att det finns fler fel på datorn nu.
  10. Här är resultatet av Eset scanning: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=881047e2eb985248bb69fe10a2dd0ae0 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-04-13 12:00:30 # local_time=2012-04-13 02:00:30 (+0100, Västeuropa, sommartid) # country="Sweden" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=2304 16777191 100 0 0 0 0 0 # compatibility_mode=8192 67108863 100 0 178 178 0 0 # scanned=168290 # found=12 # cleaned=0 # scan_time=7369 C:\Documents and Settings\Lasse\Lokala inställningar\Temp\mia1A7.tmp\data\OFFLINE\ABFB75E6\3CA86709\Launcher.exe a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I C:\Documents and Settings\Lasse\Lokala inställningar\Temp\mia1A7.tmp\data\OFFLINE\ABFB75E6\3CA86709\rbmonitor.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I C:\Documents and Settings\Lasse\Lokala inställningar\Temp\mia1A7.tmp\data\OFFLINE\ABFB75E6\3CA86709\rbnotifier.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I C:\Documents and Settings\Lasse\Lokala inställningar\Temp\mia1A7.tmp\data\OFFLINE\ABFB75E6\3CA86709\rb_move_serial.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I C:\Documents and Settings\Lasse\Lokala inställningar\Temp\mia1A7.tmp\data\OFFLINE\ABFB75E6\3CA86709\rb_ubm.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I C:\Documents and Settings\Lasse\Lokala inställningar\Temp\mia1A7.tmp\data\OFFLINE\ABFB75E6\3CA86709\registrybooster.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I C:\Program\Uniblue\RegistryBooster\Launcher.exe a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I C:\Program\Uniblue\RegistryBooster\rbmonitor.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I C:\Program\Uniblue\RegistryBooster\rbnotifier.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I C:\Program\Uniblue\RegistryBooster\rb_move_serial.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I C:\Program\Uniblue\RegistryBooster\rb_ubm.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I C:\Program\Uniblue\RegistryBooster\registrybooster.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I Ser att allt hänför sig till Registry Booster. Det är ett program jag haft ett halvår eller kanske ett år. Försökte nyligen ta bort det (i samband med denna process att få datorn frisk igen, om jag minns rätt), men det blev tydligen istället så att den uppdaterade sig till en ny version. Jag har stoppat autostart av den, men hittar inget sätt att avinstallera, listas inte i Lägg till eller ta bort program. Är Registry Booster något att ha, eller ska jag försöka bli av med det helt, och i så fall hur? Tack åter för all hjälp!
  11. Fick snabb hjälp av FSecure support. Det var FS2011 som blockerade FS2012 att installeras (trots att samma procedur gick bra på min bärbara dator). Jag kunde nu köra deras särskilda rensningsprogram och sedan gick installationen av FS 2012 som den skulle. De har väntat med att gå ut med automatisk uppdatering till FS2012 just på grund att det inte funkar riktigt som det ska. Kan kanske vara bra att veta. Har plockat bort Java så får vi se om behov visar sig någon gång. Återkommer med mer info när jag jag kört eset enligt din tidigare instruktion.
  12. Tack för fortsatt hjälp! Ja, jag har tänkt at jag ju borde ha FSecure 2012 nu (har 2-årsprenumeration som går ut om ett år). Laddade därför ner FS2012 och installerade, men det avbröts pga Conflicting Security Product som jag ombads ta bort manuellt eftersom det inte gick automatskt. Innan dess hade FS-installationen på egen hand tagit bort Malwarebytes. Från FS-installationen kom jag då direkt in i Lägg till eller ta bort program, men inget var markerats, så jag vet inte vad FS avsåg med Conflicting Security Product. Men jag såg ju där den nyligen installerade Erunt och avinstalleradde den. Men FS-installationen var ändå inte nöjd, (även efter omstart av datorn och omstart av FS2012-installationen) utan jag ombads ånyo ta bort Conflicting Security Product. Men jag vet inte vad mer jag kan ta bort, hittar inget som verkar rimligt. Så nu står jag där utan fungerande säkerhetsprogram, för FS 2011 hade FS2012-installationen redan dödat. Får kontakta FSecuresupporten om detta, hur jag ska bära mig åt, men innan jag har säkerhetsprogrammet på plats vill jag inte gärna starta datorn igen och låta den ha kontakt med nätet. På min bärbara, som jag använder just nu, gick däremot uppdateringen av FS till 2012 utan problem. Uppdatera Adobe Reader är lätt, det finns ju ett menyval "Kontrollera om det bfinns uppdateringar" och det har jag nu gjort på min bärbara, den nya versionen heter 8.1.5. Och ska göra det på drabbade datorn också sedan. Men det där med Java™ 6 Update 26 begriper jag mig inte på. Ta bort kan jag alltid göra, men är inte detta något som behöver finnas i datorn? Hur en uppdateringen skulle gå till vet jag inte. (Inom parentes kan jag nämna att på min bärbara finns två stycken: Java™ 6 Update 7 och Java™ 6 Update 31).
  13. De loggar som inte fick plats i det förra meddelandet Loggen OTL.txt ******************** OTL logfile created on: 2012-04-12 12:14:07 - Run 1 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Hemladdat\oldtimer Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 73,88% Memory free 3,85 Gb Paging File | 3,40 Gb Available in Paging File | 88,40% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Drive C: | 295,03 Gb Total Space | 218,37 Gb Free Space | 74,02% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: LASSE-DELL | User Name: Lasse | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012-04-12 12:07:10 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Hemladdat\oldtimer\OTL.exe PRC - [2012-03-14 18:25:22 | 001,015,464 | ---- | M] (F-Secure Corporation) -- C:\Program\F-Secure\Anti-Virus\fssm32.exe PRC - [2012-03-14 18:25:02 | 000,548,520 | ---- | M] (F-Secure Corporation) -- C:\Program\F-Secure\Anti-Virus\fsgk32.exe PRC - [2012-02-09 11:25:08 | 002,445,992 | ---- | M] (F-Secure) -- C:\Program\F-Secure\Online Backup\apps\Online Backup\agmailagent.exe PRC - [2012-01-31 13:13:44 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011-11-01 09:13:42 | 000,147,096 | ---- | M] (F-Secure Corporation) -- C:\Program\F-Secure\Online Backup\fshoster32.exe PRC - [2011-02-18 17:37:16 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010-12-13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) -- C:\Program\Microsoft LifeCam\MSCamS32.exe PRC - [2010-10-22 08:32:46 | 000,221,864 | ---- | M] (F-Secure Corporation) -- C:\Program\F-Secure\Anti-Virus\fsgk32st.exe PRC - [2010-10-22 08:32:44 | 000,189,096 | ---- | M] (F-Secure Corporation) -- C:\Program\F-Secure\Common\FSMA32.EXE PRC - [2010-10-22 08:32:44 | 000,078,504 | ---- | M] (F-Secure Corporation) -- C:\Program\F-Secure\Common\FSLAUNCHER1.EXE PRC - [2009-09-08 17:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Program\Canon\CAL\CALMAIN.exe PRC - [2008-04-14 18:05:06 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2001-10-11 16:35:00 | 000,082,026 | ---- | M] (Adobe Systems Inc.) -- C:\Program\Adobe\Acrobat 5.0\Distillr\acrotray.exe ========== Modules (No Company Name) ========== MOD - [2011-11-17 20:34:26 | 000,372,392 | ---- | M] () -- C:\WINDOWS\WinSxS\x86_F-Secure.Qt462_2e112a926211c0a3_4.6.2.135_x-ww_597ae435\QtXml4.dll MOD - [2011-11-17 20:34:22 | 008,347,304 | ---- | M] () -- C:\WINDOWS\WinSxS\x86_F-Secure.Qt462_2e112a926211c0a3_4.6.2.135_x-ww_597ae435\QtGui4.dll MOD - [2011-11-17 20:34:14 | 002,256,552 | ---- | M] () -- C:\WINDOWS\WinSxS\x86_F-Secure.Qt462_2e112a926211c0a3_4.6.2.135_x-ww_597ae435\QtCore4.dll MOD - [2011-11-01 09:13:42 | 000,241,304 | ---- | M] () -- C:\Program\F-Secure\Online Backup\imageformats\qmng4.dll MOD - [2011-11-01 09:13:42 | 000,035,992 | ---- | M] () -- C:\Program\F-Secure\Online Backup\imageformats\qico4.dll MOD - [2011-11-01 09:13:42 | 000,033,944 | ---- | M] () -- C:\Program\F-Secure\Online Backup\imageformats\qgif4.dll MOD - [2011-06-09 07:55:01 | 000,030,888 | ---- | M] () -- C:\Program\F-Secure\Anti-Virus\minifilter\hashlib_x86.dll MOD - [2010-10-22 08:33:22 | 000,238,248 | ---- | M] () -- \\?\c:\program\f-secure\hips\fsumi.dll MOD - [2010-10-22 08:33:13 | 000,201,384 | ---- | M] () -- C:\Program\F-Secure\Spam Control\fsas.dll MOD - [2010-04-14 12:37:20 | 000,768,712 | ---- | M] () -- C:\Program\F-Secure\Anti-Virus\fm4av.dll MOD - [2008-04-14 18:04:42 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2007-05-29 09:18:52 | 000,051,716 | ---- | M] () -- C:\WINDOWS\system32\pdf995mon.dll ========== Win32 Services (SafeList) ========== SRV - [2012-03-29 19:55:49 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-01-31 13:13:44 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011-05-23 12:51:44 | 000,061,088 | ---- | M] (F-Secure Corporation) [On_Demand | Stopped] -- C:\Program\F-Secure\ORSP Client\fsorsp.exe -- (FSORSPClient) SRV - [2011-02-18 17:37:16 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010-12-13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc) SRV - [2010-10-22 08:32:52 | 000,529,064 | ---- | M] (F-Secure Corporation) [On_Demand | Stopped] -- C:\Program\F-Secure\FWES\program\fsdfwd.exe -- (FSDFWD) SRV - [2010-10-22 08:32:46 | 000,221,864 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program\F-Secure\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter) SRV - [2010-10-22 08:32:44 | 000,189,096 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program\F-Secure\Common\FSMA32.EXE -- (FSMA) SRV - [2009-09-08 17:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program\Canon\CAL\CALMAIN.exe -- (CCALib8) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012-04-09 22:10:16 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2011-12-10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011-09-08 14:47:48 | 000,148,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program\F-Secure\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper) DRV - [2011-08-17 12:14:44 | 000,042,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\fsbts.sys -- (fsbts) DRV - [2010-12-13 14:37:46 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo) DRV - [2010-10-22 08:33:22 | 000,072,520 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program\F-Secure\HIPS\drivers\fshs.sys -- (F-Secure HIPS) DRV - [2010-10-22 08:32:52 | 000,082,824 | ---- | M] (F-Secure Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\fsdfw.sys -- (FSFW) DRV - [2006-08-15 05:00:18 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2006-08-14 08:29:44 | 000,044,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006-08-05 09:00:40 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus) DRV - [2006-06-18 23:43:34 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006-01-10 13:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct) DRV - [2005-09-08 07:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2005-09-08 07:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2005-09-08 07:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2005-09-08 07:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2005-09-08 07:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2005-09-08 07:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2005-09-08 07:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN) DRV - [2005-08-25 14:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2005-08-25 14:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=5070313 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=5070313 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...referrer:source?} IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=5070313 IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=5070313 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=5070313 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=5070313 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.se/ig/dell?hl=sv&client=dell-row&channel=se&ibd=5070313 IE - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8 IE - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hbh.cirka.se/ IE - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005\..\SearchScopes,DefaultScope = {9665E35C-6027-4B23-B4DF-9596E0FA4180} IE - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC IE - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005\..\SearchScopes\{9665E35C-6027-4B23-B4DF-9596E0FA4180}: "URL" = http://www.google.co...ie=utf8&oe=utf8 IE - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\litmus-ff@f-secure.com: C:\Program\F-Secure\NRS\litmus-ff@f-secure.com [2012-04-03 09:21:00 | 000,000,000 | ---D | M] [2011-04-01 04:12:02 | 000,032,040 | ---- | M] () -- C:\Program\mozilla firefox\plugins\npMeetingJoinPluginAOC.dll O1 HOSTS File: ([2004-08-04 14:00:00 | 000,000,710 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - No CLSID value found. O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program\Google\GoogleToolbar2.dll (Google Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll (Google Inc.) O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program\BAE\BAE.dll (Dell Inc.) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program\Google\GoogleToolbar2.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation) O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program\Canon\Easy-WebPrint\Toolband.dll () O3 - HKLM\..\Toolbar: (Copernic Desktop Search - Home Toolbar) - {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - C:\Program\Copernic Desktop Search 2\Toolbar\ToolbarContainer101000315.dll (Copernic Inc.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program\Google\GoogleToolbar2.dll (Google Inc.) O3 - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program\Google\GoogleToolbar2.dll (Google Inc.) O3 - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O4 - HKLM..\Run: [Adobe ARM] C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [F-Secure Manager] C:\Program\F-Secure\Common\FSM32.EXE (F-Secure Corporation) O4 - HKLM..\Run: [F-Secure TNB] C:\Program\F-Secure\FSGUI\TNBUtil.exe (F-Secure Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program\Java\jre6\bin\jusched.exe File not found O4 - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005..\Run: [Copernic Desktop Search - Home] C:\Program\Copernic Desktop Search 2\DesktopSearchService.exe (Copernic Inc.) O4 - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005..\Run: [F-Secure Hoster] C:\Program\f-secure\Online Backup\fshoster32.exe (F-Secure Corporation) O4 - Startup: C:\Documents and Settings\Lasse\Start-meny\Program\Autostart\acrotray.exe.lnk = C:\Program\Adobe\Acrobat 5.0\Distillr\acrotray.exe (Adobe Systems Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-21-3119582060-3181642054-1182302181-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0 O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint Print - C:\Program\Canon\Easy-WebPrint\Resource.dll () O9 - Extra 'Tools' menuitem : Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre6\bin\npjpi160_26.dll (Sun Microsystems, Inc.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation) O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} http://qpvgr.vgregion.se/qp2.cab (QuickPlace Class) O16 - DPF: {5B08F3E8-C2D4-4D7F-9CD2-5F452B3E3ED8} http://www.infosoc.s...line/asbocx.CAB (Asbocx.Asbreader) O16 - DPF: {71C51CB8-6116-44F5-A2DC-575DAE8ADAA4} https://wwwedit.prox...ISUploadOCX.CAB (ISUploadOCX.Upload) O16 - DPF: {8322BA28-C057-42D1-91AC-6364F6D60E7B} http://www.infosoc.s...line/asbocx.CAB (Asbocx.Asbreader) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://194.17.150.62...sCamControl.cab (CamImage Class) O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} http://support.f-sec.../fshc/fscax.cab (F-Secure Health Check 1.1) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object) O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://194.17.150.62/activex/AMC.cab (AxisMediaControlEmb Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E89936E5-476B-4DD2-8FB9-6A18E5C8DE49} http://www.infosoc.s...line/asbocx.CAB (Asbocx.Asbreader) O16 - DPF: {F0BD7BC0-78EE-43B4-8AF4-134A70509B64} http://www.infosoc.s...line/asbocx.CAB (Asbocx.Asbreader) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59075554-8820-4A68-A1FC-9C3FEA3142B2}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Min aktuella startsida) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004-09-15 14:32:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012-04-12 11:13:30 | 000,000,000 | ---D | C] -- C:\LassesCanonbilder [2012-04-11 23:46:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lasse\Skrivbord\RK_Quarantine [2012-04-11 23:40:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF [2012-04-11 23:37:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2012-04-11 23:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ERUNT [2012-04-11 23:26:12 | 000,000,000 | ---D | C] -- C:\Program\ERUNT [2012-04-11 15:56:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46} [2012-04-11 15:48:04 | 000,000,000 | ---D | C] -- C:\Program\Uniblue [2012-04-11 15:48:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Uniblue [2012-04-11 11:13:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Lasse\Recent [2012-04-09 21:50:47 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2012-04-06 13:08:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lasse\Application Data\Malwarebytes [2012-04-06 13:07:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes' Anti-Malware [2012-04-06 13:07:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2012-04-06 13:07:55 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012-04-06 13:07:55 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware [2012-03-28 17:10:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Online Backup [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012-04-12 12:11:31 | 000,000,158 | ---- | M] () -- C:\Documents and Settings\Lasse\Application Data\cnts.ini [2012-04-12 11:55:25 | 000,002,409 | ---- | M] () -- C:\Documents and Settings\Lasse\Application Data\Microsoft\Internet Explorer\Quick Launch\WordPerfect (2).lnk [2012-04-12 11:55:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-04-12 11:22:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-04-12 09:32:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-04-12 09:31:57 | 000,039,472 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012-04-12 09:31:54 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-04-12 09:31:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-04-12 09:31:43 | 2145,898,496 | -HS- | M] () -- C:\hiberfil.sys [2012-04-12 00:01:22 | 000,000,516 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled scanning task.job [2012-04-11 23:44:40 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\Lasse\Skrivbord\RogueKiller.exe.lnk [2012-04-11 23:41:00 | 000,002,855 | ---- | M] () -- C:\Documents and Settings\Lasse\Skrivbord\dds.com.pif [2012-04-11 23:26:14 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\Lasse\Skrivbord\NTREGOPT.lnk [2012-04-11 23:26:14 | 000,000,560 | ---- | M] () -- C:\Documents and Settings\Lasse\Skrivbord\ERUNT.lnk [2012-04-11 17:32:05 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012-04-11 17:09:17 | 000,002,471 | ---- | M] () -- C:\Documents and Settings\Lasse\Skrivbord\Microsoft Word.lnk [2012-04-11 16:14:17 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012-04-11 16:06:09 | 000,450,978 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat [2012-04-11 16:06:09 | 000,448,926 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-04-11 16:06:09 | 000,086,720 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat [2012-04-11 16:06:09 | 000,074,760 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-04-11 15:48:05 | 000,001,451 | ---- | M] () -- C:\Documents and Settings\Lasse\Skrivbord\Uniblue RegistryBooster.lnk [2012-04-11 15:48:05 | 000,001,435 | ---- | M] () -- C:\Documents and Settings\Lasse\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk [2012-04-11 11:21:26 | 000,000,566 | ---- | M] () -- C:\Documents and Settings\Lasse\Skrivbord\tetris.exe.lnk [2012-04-10 13:45:51 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\Lasse\Start-meny\Program\Autostart\acrotray.exe.lnk [2012-04-09 22:10:16 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2012-04-09 21:50:20 | 000,002,905 | ---- | M] () -- C:\Documents and Settings\Lasse\Application Data\cnts.nws [2012-04-06 13:07:57 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk [2012-03-19 12:40:44 | 000,001,790 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Visma Skatt 2012.lnk [2012-03-15 16:11:18 | 000,004,184 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2012-03-15 09:14:26 | 000,270,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2012-04-11 23:44:40 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\Lasse\Skrivbord\RogueKiller.exe.lnk [2012-04-11 23:41:00 | 000,002,855 | ---- | C] () -- C:\Documents and Settings\Lasse\Skrivbord\dds.com.pif [2012-04-11 23:26:14 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\Lasse\Skrivbord\NTREGOPT.lnk [2012-04-11 23:26:14 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Lasse\Skrivbord\ERUNT.lnk [2012-04-11 16:14:13 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2012-04-11 15:48:05 | 000,001,451 | ---- | C] () -- C:\Documents and Settings\Lasse\Skrivbord\Uniblue RegistryBooster.lnk [2012-04-11 15:48:05 | 000,001,435 | ---- | C] () -- C:\Documents and Settings\Lasse\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk [2012-04-11 11:21:26 | 000,000,566 | ---- | C] () -- C:\Documents and Settings\Lasse\Skrivbord\tetris.exe.lnk [2012-04-10 13:45:51 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\Lasse\Start-meny\Program\Autostart\acrotray.exe.lnk [2012-04-06 15:15:52 | 000,002,409 | ---- | C] () -- C:\Documents and Settings\Lasse\Application Data\Microsoft\Internet Explorer\Quick Launch\WordPerfect (2).lnk [2012-04-06 15:15:52 | 000,001,504 | ---- | C] () -- C:\Documents and Settings\Lasse\Application Data\Microsoft\Internet Explorer\Quick Launch\Kalkylatorn (2).lnk [2012-04-06 15:15:52 | 000,001,493 | ---- | C] () -- C:\Documents and Settings\Lasse\Application Data\Microsoft\Internet Explorer\Quick Launch\Utforskaren (2).lnk [2012-04-06 15:15:52 | 000,001,454 | ---- | C] () -- C:\Documents and Settings\Lasse\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk [2012-04-06 15:15:52 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\Lasse\Application Data\Microsoft\Internet Explorer\Quick Launch\Starta webbläsaren Internet Explorer.lnk [2012-04-06 15:15:52 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\Lasse\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk [2012-04-06 15:15:52 | 000,000,758 | ---- | C] () -- C:\Documents and Settings\Lasse\Application Data\Microsoft\Internet Explorer\Quick Launch\Finale NotePad 2007.lnk [2012-04-06 15:15:52 | 000,000,748 | ---- | C] () -- C:\Documents and Settings\Lasse\Application Data\Microsoft\Internet Explorer\Quick Launch\Starta Microsoft Outlook.lnk [2012-04-06 15:15:52 | 000,000,632 | ---- | C] () -- C:\Documents and Settings\Lasse\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till Mina snabblänkar.pdf.lnk [2012-04-06 15:15:52 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\Lasse\Application Data\Microsoft\Internet Explorer\Quick Launch\NoteTab Std.lnk [2012-04-06 15:15:52 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Lasse\Application Data\Microsoft\Internet Explorer\Quick Launch\Visa skrivbordet.scf [2012-04-06 14:39:18 | 2145,898,496 | -HS- | C] () -- C:\hiberfil.sys [2012-04-06 13:07:57 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk [2012-03-28 23:29:41 | 000,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-03-19 12:40:44 | 000,001,790 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Visma Skatt 2012.lnk [2012-02-16 09:47:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011-12-22 10:46:47 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-09-21 00:15:19 | 000,296,848 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\FontCache3.0.0.0.dat [2010-12-23 20:03:50 | 000,051,520 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat ========== LOP Check ========== [2007-03-27 23:50:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Borland [2007-03-30 19:12:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ [2011-11-17 20:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure [2009-11-30 01:09:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure Online Backup [2010-10-22 08:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fssg [2011-12-21 11:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995 [2007-12-13 09:17:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SPCS [2008-12-22 12:49:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Storegate [2010-11-21 13:52:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft [2010-04-23 08:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2012-04-11 15:56:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46} [2012-02-10 10:00:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\2BrightSparks [2009-01-20 21:13:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\Agency9 [2009-01-31 00:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\Copernic [2009-09-19 18:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\F-Secure [2008-07-21 10:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\GARMIN [2007-03-27 16:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\InterTrust [2008-02-07 11:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\Leadertech [2009-06-15 21:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\onedata.oneglobalconnect.2e5c80d0-7e55-102b-83e0-d58416df1ff9.D45FE6DB8CAC475DE9B799058C6F9A7FFEDDFAC3.1 [2010-05-04 13:04:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\Opera [2010-11-20 13:30:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\PCDr [2007-05-29 09:21:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\pdf995 [2008-11-22 13:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\Personal [2009-09-17 18:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\play2p [2008-02-18 22:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\SPCS [2010-05-16 23:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\System Tweaker [2007-05-14 11:01:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\Template [2008-11-16 23:16:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\Unity [2012-04-10 14:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\wsInspector [2012-04-02 09:52:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lasse\Application Data\ZipGenius [2012-04-12 00:01:22 | 000,000,516 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled scanning task.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE > [2008-04-14 18:05:06 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=74BB7DCD2BFDCC0E52869DB3582CA781 -- C:\WINDOWS\explorer.exe [2008-04-14 18:05:06 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=74BB7DCD2BFDCC0E52869DB3582CA781 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe [2007-06-13 15:12:26 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=75CF621935A2138BB0DD354BB72548FC -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe [2004-08-04 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=87A3C8EAD27CF3591713D629D8BCB990 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe [2007-06-13 15:23:56 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=96D1DDE74E550113D2FCB97C8A4C43CB -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe < MD5 for: SVCHOST.EXE > [2004-08-04 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=22D8A75754B7B9ECC4753E3C09A56B18 -- C:\i386\svchost.exe [2004-08-04 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=22D8A75754B7B9ECC4753E3C09A56B18 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe [2008-04-14 18:05:21 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=6CCEF19D7301D9861F90E299C798AD3F -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe [2008-04-14 18:05:21 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=6CCEF19D7301D9861F90E299C798AD3F -- C:\WINDOWS\system32\svchost.exe [2012-01-31 13:13:46 | 000,182,856 | ---- | M] () MD5=9F37B15F56C3D248CD299D34BCB2CEFA -- C:\Program\Malwarebytes' Anti-Malware\Chameleon\svchost.exe < MD5 for: USERINIT.EXE > [2008-04-14 18:05:22 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=317799A2E42B5EA048A8A70F482CBA9F -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008-04-14 18:05:22 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=317799A2E42B5EA048A8A70F482CBA9F -- C:\WINDOWS\system32\userinit.exe [2004-08-04 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=452202227D7A5020D058D49106C0B872 -- C:\i386\userinit.exe [2004-08-04 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=452202227D7A5020D058D49106C0B872 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe < MD5 for: WINLOGON.EXE > [2004-08-04 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=3E080D3D4F81B0638766CCC4D7707D10 -- C:\i386\winlogon.exe [2004-08-04 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=3E080D3D4F81B0638766CCC4D7707D10 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2012-01-31 13:13:46 | 000,182,856 | ---- | M] () MD5=9F37B15F56C3D248CD299D34BCB2CEFA -- C:\Program\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2008-04-14 18:05:23 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ABD2D070BE76A9386A0A283A332E3862 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 18:05:23 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ABD2D070BE76A9386A0A283A332E3862 -- C:\WINDOWS\system32\winlogon.exe < C:\Windows\assembly\tmp\U\*.* /s > < %Temp%\smtmp\1\*.* > < %Temp%\smtmp\2\*.* > < %Temp%\smtmp\3\*.* > < %Temp%\smtmp\4\*.* > < type c:\diskreport.txt /c > Microsoft DiskPart version 5.1.3565 Copyright © 1999-2003 Microsoft Corporation. Dator: LASSE-DELL Volymnr. Enh Etikett Fils. Typ Storlek Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- Volym 0 D DVD-ROM 0 B Volym 1 C NTFS Partition 295 GB Felfri System Volym 2 E Flyttbar 0 B Volym 3 F Flyttbar 0 B Volym 4 G Flyttbar 0 B Volym 5 H Flyttbar 0 B < End of report > Loggen aswMBR.txt ********************** aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-04-12 12:47:20 ----------------------------- 12:47:20.406 OS Version: Windows 5.1.2600 Service Pack 3 12:47:20.406 Number of processors: 2 586 0x4B02 12:47:20.406 ComputerName: LASSE-DELL UserName: Lasse 12:47:33.875 Initialize success 12:49:37.843 AVAST engine defs: 12041200 12:49:59.015 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 12:49:59.015 Disk 0 Vendor: WDC_WD3200KS-75PFB0 21.00M21 Size: 305245MB BusType: 3 12:49:59.031 Disk 0 MBR read successfully 12:49:59.031 Disk 0 MBR scan 12:49:59.875 Disk 0 unknown MBR code 12:49:59.875 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63 12:49:59.906 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 302112 MB offset 112455 12:49:59.937 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3074 MB offset 618839865 12:49:59.953 Disk 0 scanning sectors +625137345 12:50:00.031 Disk 0 scanning C:\WINDOWS\system32\drivers 12:50:52.656 Service scanning 12:51:39.703 Modules scanning 12:51:46.625 Module: C:\WINDOWS\System32\DLA\DLADResN.SYS **SUSPICIOUS** 12:51:48.093 Disk 0 trace - called modules: 12:51:48.109 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 12:51:48.109 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a345ab8] 12:51:48.109 3 CLASSPNP.SYS[ba0c8fd7] -> nt!IofCallDriver -> \Device\00000060[0x8a31e570] 12:51:48.109 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a2e9d98] 12:51:49.484 AVAST engine scan C:\WINDOWS 12:52:01.734 AVAST engine scan C:\WINDOWS\system32 13:01:18.218 AVAST engine scan C:\WINDOWS\system32\drivers 13:01:45.875 AVAST engine scan C:\Documents and Settings\Lasse 13:26:23.531 AVAST engine scan C:\Documents and Settings\All Users 13:28:41.734 Scan finished successfully 13:55:30.656 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Lasse\Skrivbord\MBR.dat" 13:55:30.656 The log file has been saved successfully to "C:\Documents and Settings\Lasse\Skrivbord\aswMBR.txt"
  14. Till WinGuider.se: DeepGuard är aktiverat sedan tidigare. Till Cecilia: Nu har jag genomfört de nya åtgärderna enligt ditt senaste svar. Här är en resumé och därefter är loggarna inklistrade, filen Extras.txt är bifogad. 1.Körde TDSSKiller som rapporterade att den inte hittade något Loggen TDSSKiller.2.7.28.0_12.04.2012_12.02.55_log.txt skapades. 2. Skulle sedan ladda hem OTL.exe - men InternetSecurity varnade mig för att det var en skadlig webbplats. Jag ignorerade det och laddade hem OTL.exe i alla fall Skrev in de angivna raderna och körde enligt instruktionen. Filerna OTL.txt och Extras.txt skapades 3. Laddade sedan hem aswMBR.exe (men även då varnade FSecure för skadlig webbplats). Startade om datorn Körde aswMBR.exe och fick då förslag om att ladda hem Avast virus definition database vilket jag gjorde. Körde sedan Scan. Ett objekt rödmarkerades i scanninglistan och angavs som suspicuous. Försökte inte göra något åt det utan sparade loggen aswMBR.txt Någon gång i anslutning till att aswMBR.exe kördes, eller efter det (jag bevakade inte datorn hela tiden) meddelade FSecure: "Viruset togs bort. Du kan fortsätta använda datorn". FSecures historik visar att det som tagits bort är Trojan.Agent.ABVU (2 st vid samma tidpunkt). Såg för övrigt då att det fanns ett tiotal objekt som tagits bort av FSecure sedan 31 mars i år, medan närmaste borttagning innan dess är från 2009. Mitt problem med att SMART HDD visade sig i datorn började 2 april. Tack åter för din hjälp, mycket uppskattat! TDSSKiller logg (TDSSKiller.2.7.28.0_12.04.2012_12.02.55_log) *********************************************************************** 12:02:55.0609 2964 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05 12:02:55.0859 2964 ============================================================ 12:02:55.0859 2964 Current date / time: 2012/04/12 12:02:55.0859 12:02:55.0859 2964 SystemInfo: 12:02:55.0859 2964 12:02:55.0859 2964 OS Version: 5.1.2600 ServicePack: 3.0 12:02:55.0859 2964 Product type: Workstation 12:02:55.0859 2964 ComputerName: LASSE-DELL 12:02:55.0859 2964 UserName: Lasse 12:02:55.0859 2964 Windows directory: C:\WINDOWS 12:02:55.0859 2964 System windows directory: C:\WINDOWS 12:02:55.0859 2964 Processor architecture: Intel x86 12:02:55.0859 2964 Number of processors: 2 12:02:55.0859 2964 Page size: 0x1000 12:02:55.0859 2964 Boot type: Normal boot 12:02:55.0859 2964 ============================================================ 12:03:00.0140 2964 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 12:03:00.0187 2964 \Device\Harddisk0\DR0: 12:03:00.0187 2964 MBR used 12:03:00.0187 2964 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x24E107F2 12:03:00.0234 2964 Initialize success 12:03:00.0234 2964 ============================================================ 12:03:13.0578 3356 ============================================================ 12:03:13.0578 3356 Scan started 12:03:13.0578 3356 Mode: Manual; 12:03:13.0578 3356 ============================================================ 12:03:14.0171 3356 Abiosdsk - ok 12:03:14.0234 3356 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 12:03:14.0234 3356 abp480n5 - ok 12:03:14.0296 3356 ACPI (48547e29772befe3c554ff5e4855bf51) C:\WINDOWS\system32\DRIVERS\ACPI.sys 12:03:14.0296 3356 ACPI - ok 12:03:14.0328 3356 ACPIEC (decedc736cef3c0fff6e981b31e73a61) C:\WINDOWS\system32\drivers\ACPIEC.sys 12:03:14.0328 3356 ACPIEC - ok 12:03:14.0421 3356 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 12:03:14.0437 3356 AdobeFlashPlayerUpdateSvc - ok 12:03:14.0484 3356 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 12:03:14.0500 3356 adpu160m - ok 12:03:14.0531 3356 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 12:03:14.0546 3356 aec - ok 12:03:14.0687 3356 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 12:03:14.0687 3356 AFD - ok 12:03:14.0718 3356 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys 12:03:14.0734 3356 agp440 - ok 12:03:14.0765 3356 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 12:03:14.0765 3356 agpCPQ - ok 12:03:14.0796 3356 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 12:03:14.0796 3356 Aha154x - ok 12:03:14.0843 3356 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 12:03:14.0843 3356 aic78u2 - ok 12:03:14.0875 3356 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 12:03:14.0875 3356 aic78xx - ok 12:03:14.0906 3356 Alerter (7e3c83703327499d0b98ae392ff07ede) C:\WINDOWS\system32\alrsvc.dll 12:03:14.0937 3356 Alerter - ok 12:03:14.0968 3356 ALG (5df46f9ad9c1d611a38af2abb9365b5b) C:\WINDOWS\System32\alg.exe 12:03:14.0968 3356 ALG - ok 12:03:15.0015 3356 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 12:03:15.0015 3356 AliIde - ok 12:03:15.0046 3356 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys 12:03:15.0046 3356 alim1541 - ok 12:03:15.0062 3356 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys 12:03:15.0062 3356 amdagp - ok 12:03:15.0093 3356 AmdK8 (052b6ceab3f00905a0fd45f247f9318b) C:\WINDOWS\system32\DRIVERS\AmdK8.sys 12:03:15.0093 3356 AmdK8 - ok 12:03:15.0125 3356 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 12:03:15.0125 3356 amsint - ok 12:03:15.0328 3356 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe 12:03:15.0328 3356 Apple Mobile Device - ok 12:03:15.0437 3356 AppMgmt (6912d676607594c3554c2e43f4b1feee) C:\WINDOWS\System32\appmgmts.dll 12:03:15.0453 3356 AppMgmt - ok 12:03:15.0578 3356 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 12:03:15.0578 3356 asc - ok 12:03:15.0593 3356 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 12:03:15.0656 3356 asc3350p - ok 12:03:15.0687 3356 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 12:03:15.0687 3356 asc3550 - ok 12:03:15.0796 3356 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 12:03:15.0843 3356 aspnet_state - ok 12:03:15.0875 3356 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 12:03:15.0875 3356 AsyncMac - ok 12:03:15.0906 3356 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 12:03:15.0906 3356 atapi - ok 12:03:15.0921 3356 Atdisk - ok 12:03:15.0953 3356 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 12:03:15.0953 3356 Atmarpc - ok 12:03:16.0000 3356 AudioSrv (73f7604cfb13a066a93442f431c62c4a) C:\WINDOWS\System32\audiosrv.dll 12:03:16.0000 3356 AudioSrv - ok 12:03:16.0062 3356 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 12:03:16.0062 3356 audstub - ok 12:03:16.0125 3356 bcm4sbxp (78e7b52da292fa90bad2f887bbf22159) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys 12:03:16.0156 3356 bcm4sbxp - ok 12:03:16.0171 3356 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 12:03:16.0171 3356 Beep - ok 12:03:16.0281 3356 BITS (9741942a86e579231d3c41aa51de042f) C:\WINDOWS\system32\qmgr.dll 12:03:16.0328 3356 BITS - ok 12:03:16.0375 3356 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program\Bonjour\mDNSResponder.exe 12:03:16.0390 3356 Bonjour Service - ok 12:03:16.0437 3356 Browser (e0d4a1cc49efb58a32b5e9d35798c9dd) C:\WINDOWS\System32\browser.dll 12:03:16.0437 3356 Browser - ok 12:03:16.0484 3356 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 12:03:16.0484 3356 cbidf - ok 12:03:16.0500 3356 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 12:03:16.0500 3356 cbidf2k - ok 12:03:16.0578 3356 CCALib8 (359e5a91d26d0439933bef1c29cedef7) C:\Program\Canon\CAL\CALMAIN.exe 12:03:16.0593 3356 CCALib8 - ok 12:03:16.0703 3356 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 12:03:16.0703 3356 CCDECODE - ok 12:03:16.0781 3356 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 12:03:16.0781 3356 cd20xrnt - ok 12:03:16.0890 3356 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 12:03:16.0890 3356 Cdaudio - ok 12:03:16.0890 3356 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 12:03:16.0890 3356 Cdfs - ok 12:03:16.0906 3356 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 12:03:16.0921 3356 Cdrom - ok 12:03:16.0921 3356 Changer - ok 12:03:16.0968 3356 CiSvc (359c676391504438f334478585fd6465) C:\WINDOWS\system32\cisvc.exe 12:03:16.0968 3356 CiSvc - ok 12:03:17.0000 3356 ClipSrv (b8345830c5d789d3da21b91c0c94d086) C:\WINDOWS\system32\clipsrv.exe 12:03:17.0031 3356 ClipSrv - ok 12:03:17.0156 3356 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 12:03:17.0328 3356 clr_optimization_v2.0.50727_32 - ok 12:03:17.0343 3356 CmdIde (4c36a458153f8d7329e96192e653cb01) C:\WINDOWS\system32\DRIVERS\cmdide.sys 12:03:17.0343 3356 CmdIde - ok 12:03:17.0359 3356 COMSysApp - ok 12:03:17.0375 3356 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 12:03:17.0375 3356 Cpqarray - ok 12:03:17.0406 3356 CryptSvc (04fd6585508a7320b2c7453ced231d6b) C:\WINDOWS\System32\cryptsvc.dll 12:03:17.0406 3356 CryptSvc - ok 12:03:17.0437 3356 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 12:03:17.0453 3356 dac2w2k - ok 12:03:17.0468 3356 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 12:03:17.0468 3356 dac960nt - ok 12:03:17.0531 3356 DcomLaunch (87dadc3f6e6cd5aaeb913e19cbff922c) C:\WINDOWS\system32\rpcss.dll 12:03:17.0531 3356 DcomLaunch - ok 12:03:17.0593 3356 Dhcp (0ce3fa1c1a6803b34022d6c47273930d) C:\WINDOWS\System32\dhcpcsvc.dll 12:03:17.0671 3356 Dhcp - ok 12:03:17.0718 3356 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 12:03:17.0718 3356 Disk - ok 12:03:17.0828 3356 DLABOIOM (e2d0de31442390c35e3163c87cb6a9eb) C:\WINDOWS\system32\DLA\DLABOIOM.SYS 12:03:17.0843 3356 DLABOIOM - ok 12:03:17.0875 3356 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS 12:03:17.0906 3356 DLACDBHM - ok 12:03:17.0921 3356 DLADResN (83545593e297f50a8e2524b4c071a153) C:\WINDOWS\system32\DLA\DLADResN.SYS 12:03:17.0921 3356 DLADResN - ok 12:03:17.0937 3356 DLAIFS_M (96e01d901cdc98c7817155cc057001bf) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS 12:03:17.0937 3356 DLAIFS_M - ok 12:03:17.0953 3356 DLAOPIOM (0a60a39cc5e767980a31ca5d7238dfa9) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS 12:03:17.0953 3356 DLAOPIOM - ok 12:03:17.0953 3356 DLAPoolM (9fe2b72558fc808357f427fd83314375) C:\WINDOWS\system32\DLA\DLAPoolM.SYS 12:03:17.0968 3356 DLAPoolM - ok 12:03:17.0968 3356 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS 12:03:17.0968 3356 DLARTL_N - ok 12:03:17.0984 3356 DLAUDFAM (f08e1dafac457893399e03430a6a1397) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS 12:03:17.0984 3356 DLAUDFAM - ok 12:03:18.0000 3356 DLAUDF_M (e7d105ed1e694449d444a9933df8e060) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS 12:03:18.0000 3356 DLAUDF_M - ok 12:03:18.0015 3356 dmadmin - ok 12:03:18.0078 3356 dmboot (80008bd0c19d97b0b3f4d1d9cbf190a8) C:\WINDOWS\system32\drivers\dmboot.sys 12:03:18.0109 3356 dmboot - ok 12:03:18.0140 3356 dmio (41862731f82be80f0cfba5d0da36b683) C:\WINDOWS\system32\drivers\dmio.sys 12:03:18.0140 3356 dmio - ok 12:03:18.0156 3356 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 12:03:18.0156 3356 dmload - ok 12:03:18.0187 3356 dmserver (77db107fd2d8de42b3adc7fce084f653) C:\WINDOWS\System32\dmserver.dll 12:03:18.0187 3356 dmserver - ok 12:03:18.0281 3356 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 12:03:18.0312 3356 DMusic - ok 12:03:18.0359 3356 Dnscache (efac4d4c80ccd725cc5bd7d3dbf18c74) C:\WINDOWS\System32\dnsrslvr.dll 12:03:18.0375 3356 Dnscache - ok 12:03:18.0421 3356 Dot3svc (c3c6cf67796acdd8329cb0e44367a1eb) C:\WINDOWS\System32\dot3svc.dll 12:03:18.0437 3356 Dot3svc - ok 12:03:18.0546 3356 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 12:03:18.0546 3356 dpti2o - ok 12:03:18.0593 3356 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 12:03:18.0671 3356 drmkaud - ok 12:03:18.0671 3356 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS 12:03:18.0687 3356 DRVMCDB - ok 12:03:18.0718 3356 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS 12:03:18.0750 3356 DRVNDDM - ok 12:03:18.0906 3356 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program\Dell Support\GTAction\triggers\DSproct.sys 12:03:18.0921 3356 DSproct - ok 12:03:18.0937 3356 E100B (c6a2dc3ae99c7a462fbfd9d302d4d190) C:\WINDOWS\system32\DRIVERS\e100b325.sys 12:03:18.0937 3356 E100B - ok 12:03:18.0984 3356 EapHost (d9cabe63af4bc951302d9e508cb5599a) C:\WINDOWS\System32\eapsvc.dll 12:03:18.0984 3356 EapHost - ok 12:03:19.0015 3356 ERSvc (bc5287dc6dc7ebb13aa825caa6482f94) C:\WINDOWS\System32\ersvc.dll 12:03:19.0015 3356 ERSvc - ok 12:03:19.0078 3356 Eventlog (8870b0c4a094c1ce80cea6f85fa38ff2) C:\WINDOWS\system32\services.exe 12:03:19.0078 3356 Eventlog - ok 12:03:19.0140 3356 EventSystem (01cec6de315f1a06ce5aa70009c6979e) C:\WINDOWS\system32\es.dll 12:03:19.0140 3356 EventSystem - ok 12:03:19.0390 3356 F-Secure Gatekeeper (29d12e1e45d93b45d2598e2663bbeff4) C:\Program\F-Secure\Anti-Virus\minifilter\fsgk.sys 12:03:19.0390 3356 F-Secure Gatekeeper - ok 12:03:19.0437 3356 F-Secure Gatekeeper Handler Starter (a081425c6a0286affccbe1f7ee1f9f23) C:\Program\F-Secure\Anti-Virus\fsgk32st.exe 12:03:19.0453 3356 F-Secure Gatekeeper Handler Starter - ok 12:03:19.0546 3356 F-Secure HIPS (91fc6a3c01a771a5aa65959a361c22c5) C:\Program\F-Secure\HIPS\drivers\fshs.sys 12:03:19.0546 3356 F-Secure HIPS - ok 12:03:19.0656 3356 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 12:03:19.0671 3356 Fastfat - ok 12:03:19.0703 3356 FastUserSwitchingCompatibility (c5684b98920f9ba98d6a33701ca816e6) C:\WINDOWS\System32\shsvcs.dll 12:03:19.0718 3356 FastUserSwitchingCompatibility - ok 12:03:19.0765 3356 Fax (fabd828c834c76e71c02a315dda5ab87) C:\WINDOWS\system32\fxssvc.exe 12:03:19.0781 3356 Fax - ok 12:03:19.0812 3356 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 12:03:19.0812 3356 Fdc - ok 12:03:19.0859 3356 Fips (b66ddb75642f6722468707840c67a394) C:\WINDOWS\system32\drivers\Fips.sys 12:03:19.0859 3356 Fips - ok 12:03:19.0890 3356 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 12:03:19.0906 3356 Flpydisk - ok 12:03:19.0984 3356 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 12:03:20.0000 3356 FltMgr - ok 12:03:20.0171 3356 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 12:03:20.0171 3356 FontCache3.0.0.0 - ok 12:03:20.0203 3356 fsbts (343786e182b9c9ae3066e00dec650f50) C:\WINDOWS\system32\Drivers\fsbts.sys 12:03:20.0203 3356 fsbts - ok 12:03:20.0328 3356 FSDFWD (262813b0b310c6474b3680fbbc8fa786) C:\Program\F-Secure\FWES\Program\fsdfwd.exe 12:03:20.0328 3356 FSDFWD - ok 12:03:20.0390 3356 FSFW (b7feb06217a421ffd9eee6604e60f903) C:\WINDOWS\system32\drivers\fsdfw.sys 12:03:20.0390 3356 FSFW - ok 12:03:20.0500 3356 FSMA (7f0c12d9c38a51319687132c41a36468) C:\Program\F-Secure\Common\FSMA32.EXE 12:03:20.0500 3356 FSMA - ok 12:03:20.0515 3356 FSORSPClient (42aef6a385354aca65fc210ce7ce4d7c) C:\Program\F-Secure\ORSP Client\fsorsp.exe 12:03:20.0515 3356 FSORSPClient - ok 12:03:20.0531 3356 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 12:03:20.0531 3356 Fs_Rec - ok 12:03:20.0593 3356 Ftdisk (45fc410cfe68ff036ad232a141e69c19) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 12:03:20.0687 3356 Ftdisk - ok 12:03:20.0718 3356 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys 12:03:20.0718 3356 GEARAspiWDM - ok 12:03:20.0781 3356 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 12:03:20.0781 3356 Gpc - ok 12:03:20.0828 3356 grmnusb (d956358054e99e6ffac69cd87e893a89) C:\WINDOWS\system32\drivers\grmnusb.sys 12:03:20.0843 3356 grmnusb - ok 12:03:20.0921 3356 gupdate1c99671c5d1adf6 (626a24ed1228580b9518c01930936df9) C:\Program\Google\Update\GoogleUpdate.exe 12:03:20.0921 3356 gupdate1c99671c5d1adf6 - ok 12:03:20.0921 3356 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program\Google\Update\GoogleUpdate.exe 12:03:20.0921 3356 gupdatem - ok 12:03:20.0968 3356 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe 12:03:20.0984 3356 gusvc - ok 12:03:21.0000 3356 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 12:03:21.0000 3356 HDAudBus - ok 12:03:21.0046 3356 helpsvc (202c95f334c53a5a8bd0d8465512b3f4) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 12:03:21.0062 3356 helpsvc - ok 12:03:21.0093 3356 HidServ (71aace06b5f93cf02d05e4e2ec479aac) C:\WINDOWS\System32\hidserv.dll 12:03:21.0093 3356 HidServ - ok 12:03:21.0125 3356 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 12:03:21.0125 3356 HidUsb - ok 12:03:21.0171 3356 hkmsvc (98580e101404565700fd12e03f7ee056) C:\WINDOWS\System32\kmsvc.dll 12:03:21.0187 3356 hkmsvc - ok 12:03:21.0343 3356 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 12:03:21.0343 3356 hpn - ok 12:03:21.0406 3356 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 12:03:21.0406 3356 HTTP - ok 12:03:21.0468 3356 HTTPFilter (f504d07cb25d62ab8d079c1f868651ae) C:\WINDOWS\System32\w3ssl.dll 12:03:21.0468 3356 HTTPFilter - ok 12:03:21.0500 3356 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys 12:03:21.0515 3356 i2omgmt - ok 12:03:21.0546 3356 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys 12:03:21.0546 3356 i2omp - ok 12:03:21.0546 3356 i8042prt (82e56cd09b2ce1edec3fba9111c7ee3a) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 12:03:21.0546 3356 i8042prt - ok 12:03:21.0750 3356 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 12:03:21.0843 3356 idsvc - ok 12:03:21.0906 3356 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 12:03:21.0906 3356 Imapi - ok 12:03:22.0015 3356 ImapiService (891b69c3de6c55a7868b3bb52bc131aa) C:\WINDOWS\system32\imapi.exe 12:03:22.0015 3356 ImapiService - ok 12:03:22.0062 3356 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 12:03:22.0062 3356 ini910u - ok 12:03:22.0078 3356 IntelIde (3012ee13f357a99361ad8b0d93e13c45) C:\WINDOWS\system32\DRIVERS\intelide.sys 12:03:22.0078 3356 IntelIde - ok 12:03:22.0125 3356 intelppm (02431778e84a525d29929d14bab71d53) C:\WINDOWS\system32\DRIVERS\intelppm.sys 12:03:22.0125 3356 intelppm - ok 12:03:22.0156 3356 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 12:03:22.0156 3356 Ip6Fw - ok 12:03:22.0187 3356 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 12:03:22.0187 3356 IpFilterDriver - ok 12:03:22.0203 3356 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 12:03:22.0203 3356 IpInIp - ok 12:03:22.0343 3356 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 12:03:22.0343 3356 IpNat - ok 12:03:22.0484 3356 iPod Service (b84a28b3984185eda8867541af14cddb) C:\Program\iPod\bin\iPodService.exe 12:03:22.0562 3356 iPod Service - ok 12:03:22.0593 3356 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 12:03:22.0671 3356 IPSec - ok 12:03:22.0703 3356 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 12:03:22.0703 3356 IRENUM - ok 12:03:22.0765 3356 isapnp (48f97c77daf8811598cfae21368eacb6) C:\WINDOWS\system32\DRIVERS\isapnp.sys 12:03:22.0765 3356 isapnp - ok 12:03:22.0906 3356 JavaQuickStarterService (9dba73c2f1e76ec4cb837e67c5743596) C:\Program\Java\jre6\bin\jqs.exe 12:03:22.0906 3356 JavaQuickStarterService - ok 12:03:23.0000 3356 Kbdclass (d655ca94c8e2e0223c1bc28bcd95723a) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 12:03:23.0000 3356 Kbdclass - ok 12:03:23.0046 3356 kbdhid (e1e28876fe7602b0a1d040354de35c06) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 12:03:23.0046 3356 kbdhid - ok 12:03:23.0062 3356 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 12:03:23.0062 3356 kmixer - ok 12:03:23.0093 3356 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 12:03:23.0093 3356 KSecDD - ok 12:03:23.0125 3356 lanmanserver (2c633a578d5adaaa821c675d65f959c5) C:\WINDOWS\System32\srvsvc.dll 12:03:23.0140 3356 lanmanserver - ok 12:03:23.0203 3356 lanmanworkstation (eaa41d225b9da1314e0977c774864430) C:\WINDOWS\System32\wkssvc.dll 12:03:23.0203 3356 lanmanworkstation - ok 12:03:23.0203 3356 lbrtfdc - ok 12:03:23.0343 3356 LmHosts (ee155cf65cdc8be1b4effa24a69fc924) C:\WINDOWS\System32\lmhsvc.dll 12:03:23.0343 3356 LmHosts - ok 12:03:23.0390 3356 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys 12:03:23.0390 3356 MBAMProtector - ok 12:03:23.0468 3356 MBAMService (fa083726e6ca3fc67fac69c1118f1f03) C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe 12:03:23.0484 3356 MBAMService - ok 12:03:23.0546 3356 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys 12:03:23.0546 3356 MBAMSwissArmy - ok 12:03:23.0703 3356 Messenger (363e8ebae26bb8b4987c91b4d3ce0f54) C:\WINDOWS\System32\msgsvc.dll 12:03:23.0703 3356 Messenger - ok 12:03:23.0750 3356 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 12:03:23.0750 3356 mnmdd - ok 12:03:23.0796 3356 mnmsrvc (2bc41300b822562ac0a524dcdd2da027) C:\WINDOWS\system32\mnmsrvc.exe 12:03:23.0796 3356 mnmsrvc - ok 12:03:23.0843 3356 Modem (42ce19726d9c410dff75d3ff1cc79db2) C:\WINDOWS\system32\drivers\Modem.sys 12:03:23.0843 3356 Modem - ok 12:03:23.0859 3356 Mouclass (e0c4c36573bcf0c0d2a1578caa791f7d) C:\WINDOWS\system32\DRIVERS\mouclass.sys 12:03:23.0859 3356 Mouclass - ok 12:03:23.0921 3356 mouhid (98e474ecf11f1db62fb072157a95ea83) C:\WINDOWS\system32\DRIVERS\mouhid.sys 12:03:23.0921 3356 mouhid - ok 12:03:23.0953 3356 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 12:03:23.0953 3356 MountMgr - ok 12:03:23.0984 3356 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 12:03:23.0984 3356 mraid35x - ok 12:03:24.0031 3356 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 12:03:24.0031 3356 MRxDAV - ok 12:03:24.0109 3356 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 12:03:24.0109 3356 MRxSmb - ok 12:03:24.0296 3356 MSCamSvc (b03e3f64b70f8031e65eb26da23de91a) C:\Program\Microsoft LifeCam\MSCamS32.exe 12:03:24.0296 3356 MSCamSvc - ok 12:03:24.0406 3356 MSDTC (7a73fdeef6cf45d27edd73220eaf1c8f) C:\WINDOWS\system32\msdtc.exe 12:03:24.0406 3356 MSDTC - ok 12:03:24.0484 3356 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 12:03:24.0484 3356 Msfs - ok 12:03:24.0531 3356 MSHUSBVideo (7a0f9cbdbdb135113b9a3c138e20c85d) C:\WINDOWS\system32\Drivers\nx6000.sys 12:03:24.0531 3356 MSHUSBVideo - ok 12:03:24.0531 3356 MSIServer - ok 12:03:24.0562 3356 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 12:03:24.0562 3356 MSKSSRV - ok 12:03:24.0578 3356 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 12:03:24.0578 3356 MSPCLOCK - ok 12:03:24.0671 3356 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 12:03:24.0671 3356 MSPQM - ok 12:03:24.0703 3356 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 12:03:24.0718 3356 mssmbios - ok 12:03:24.0781 3356 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 12:03:24.0781 3356 MSTEE - ok 12:03:24.0812 3356 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 12:03:24.0812 3356 Mup - ok 12:03:24.0843 3356 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 12:03:24.0843 3356 NABTSFEC - ok 12:03:24.0890 3356 napagent (28d11a2ecdfcb280624bd7006d85c38e) C:\WINDOWS\System32\qagentrt.dll 12:03:24.0890 3356 napagent - ok 12:03:24.0953 3356 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 12:03:24.0953 3356 NDIS - ok 12:03:25.0000 3356 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 12:03:25.0000 3356 NdisIP - ok 12:03:25.0046 3356 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12:03:25.0046 3356 NdisTapi - ok 12:03:25.0078 3356 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 12:03:25.0078 3356 Ndisuio - ok 12:03:25.0156 3356 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 12:03:25.0156 3356 NdisWan - ok 12:03:25.0218 3356 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 12:03:25.0250 3356 NDProxy - ok 12:03:25.0359 3356 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 12:03:25.0359 3356 NetBIOS - ok 12:03:25.0406 3356 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 12:03:25.0406 3356 NetBT - ok 12:03:25.0453 3356 NetDDE (5a922c8e35bf372f3dd3ec61345634b7) C:\WINDOWS\system32\netdde.exe 12:03:25.0453 3356 NetDDE - ok 12:03:25.0453 3356 NetDDEdsdm (5a922c8e35bf372f3dd3ec61345634b7) C:\WINDOWS\system32\netdde.exe 12:03:25.0453 3356 NetDDEdsdm - ok 12:03:25.0500 3356 Netlogon (ff1805d5daf41625af5282750d4a3700) C:\WINDOWS\system32\lsass.exe 12:03:25.0500 3356 Netlogon - ok 12:03:25.0562 3356 Netman (7f791c1c9d3fec5d3f519c9db19465d3) C:\WINDOWS\System32\netman.dll 12:03:25.0562 3356 Netman - ok 12:03:25.0718 3356 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 12:03:25.0734 3356 NetTcpPortSharing - ok 12:03:25.0781 3356 Nla (d080a76f42dfe1e7af0c069ae5bad8fc) C:\WINDOWS\System32\mswsock.dll 12:03:25.0781 3356 Nla - ok 12:03:25.0796 3356 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 12:03:25.0796 3356 Npfs - ok 12:03:25.0828 3356 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 12:03:25.0828 3356 Ntfs - ok 12:03:25.0843 3356 NtLmSsp (ff1805d5daf41625af5282750d4a3700) C:\WINDOWS\system32\lsass.exe 12:03:25.0843 3356 NtLmSsp - ok 12:03:25.0890 3356 NtmsSvc (5fd9f539baf23288d131f1b709a62807) C:\WINDOWS\system32\ntmssvc.dll 12:03:25.0906 3356 NtmsSvc - ok 12:03:25.0921 3356 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 12:03:25.0921 3356 Null - ok 12:03:26.0078 3356 nv (449220e13e94b64ebfdc788e97ec9222) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 12:03:26.0250 3356 nv - ok 12:03:26.0328 3356 nvatabus (75562456aa672bb5fe56d3c64c6d1c7d) C:\WINDOWS\system32\drivers\nvatabus.sys 12:03:26.0343 3356 nvatabus - ok 12:03:26.0375 3356 nvraid (1d4781a5957300dc81b91161b45704bb) C:\WINDOWS\system32\drivers\nvraid.sys 12:03:26.0375 3356 nvraid - ok 12:03:26.0437 3356 NVSvc (2f7cd9d1bb1948da19cf51e76550fd68) C:\WINDOWS\system32\nvsvc32.exe 12:03:26.0437 3356 NVSvc - ok 12:03:26.0468 3356 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 12:03:26.0468 3356 NwlnkFlt - ok 12:03:26.0484 3356 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 12:03:26.0484 3356 NwlnkFwd - ok 12:03:26.0531 3356 Parport (19e28ed86e7244d76fda792c2810188e) C:\WINDOWS\system32\DRIVERS\parport.sys 12:03:26.0531 3356 Parport - ok 12:03:26.0656 3356 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 12:03:26.0656 3356 PartMgr - ok 12:03:26.0687 3356 ParVdm (5cf71e14a108c492c1fb07543d579af5) C:\WINDOWS\system32\drivers\ParVdm.sys 12:03:26.0687 3356 ParVdm - ok 12:03:26.0703 3356 PCI (8a185f0112cf5b42ff1aaff31b8b3091) C:\WINDOWS\system32\DRIVERS\pci.sys 12:03:26.0703 3356 PCI - ok 12:03:26.0718 3356 PCIDump - ok 12:03:26.0734 3356 PCIIde (239de4275ee40fdf9912761467025244) C:\WINDOWS\system32\DRIVERS\pciide.sys 12:03:26.0734 3356 PCIIde - ok 12:03:26.0781 3356 Pcmcia (904053aa6e251c77cf85371ce644cfd7) C:\WINDOWS\system32\drivers\Pcmcia.sys 12:03:26.0781 3356 Pcmcia - ok 12:03:26.0781 3356 PDCOMP - ok 12:03:26.0796 3356 PDFRAME - ok 12:03:26.0812 3356 PDRELI - ok 12:03:26.0812 3356 PDRFRAME - ok 12:03:26.0953 3356 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 12:03:26.0953 3356 perc2 - ok 12:03:27.0015 3356 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 12:03:27.0015 3356 perc2hib - ok 12:03:27.0078 3356 PlugPlay (8870b0c4a094c1ce80cea6f85fa38ff2) C:\WINDOWS\system32\services.exe 12:03:27.0078 3356 PlugPlay - ok 12:03:27.0140 3356 PolicyAgent (ff1805d5daf41625af5282750d4a3700) C:\WINDOWS\system32\lsass.exe 12:03:27.0140 3356 PolicyAgent - ok 12:03:27.0187 3356 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 12:03:27.0187 3356 PptpMiniport - ok 12:03:27.0203 3356 Processor (992e4b2a91e6a2f3d21de89b9273353a) C:\WINDOWS\system32\DRIVERS\processr.sys 12:03:27.0203 3356 Processor - ok 12:03:27.0359 3356 ProtectedStorage (ff1805d5daf41625af5282750d4a3700) C:\WINDOWS\system32\lsass.exe 12:03:27.0359 3356 ProtectedStorage - ok 12:03:27.0375 3356 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 12:03:27.0375 3356 PSched - ok 12:03:27.0390 3356 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 12:03:27.0390 3356 Ptilink - ok 12:03:27.0406 3356 PxHelp20 (7c81ae3c9b82ba2da437ed4d31bc56cf) C:\WINDOWS\system32\Drivers\PxHelp20.sys 12:03:27.0406 3356 PxHelp20 - ok 12:03:27.0421 3356 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 12:03:27.0421 3356 ql1080 - ok 12:03:27.0437 3356 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 12:03:27.0437 3356 Ql10wnt - ok 12:03:27.0453 3356 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 12:03:27.0453 3356 ql12160 - ok 12:03:27.0468 3356 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 12:03:27.0484 3356 ql1240 - ok 12:03:27.0500 3356 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 12:03:27.0500 3356 ql1280 - ok 12:03:27.0531 3356 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 12:03:27.0531 3356 RasAcd - ok 12:03:27.0578 3356 RasAuto (15d787dffce46cfc4c7f567095ce8323) C:\WINDOWS\System32\rasauto.dll 12:03:27.0578 3356 RasAuto - ok 12:03:27.0671 3356 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 12:03:27.0671 3356 Rasl2tp - ok 12:03:27.0734 3356 RasMan (1e86de6b0df33953cf9ce449dd6e8442) C:\WINDOWS\System32\rasmans.dll 12:03:27.0734 3356 RasMan - ok 12:03:27.0750 3356 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 12:03:27.0750 3356 RasPppoe - ok 12:03:27.0765 3356 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 12:03:27.0765 3356 Raspti - ok 12:03:27.0781 3356 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 12:03:27.0781 3356 Rdbss - ok 12:03:27.0796 3356 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 12:03:27.0796 3356 RDPCDD - ok 12:03:27.0843 3356 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 12:03:27.0843 3356 rdpdr - ok 12:03:27.0875 3356 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys 12:03:27.0875 3356 RDPWD - ok 12:03:27.0906 3356 RDSessMgr (fe7c16fa5cbc560579c9728534fbaf6f) C:\WINDOWS\system32\sessmgr.exe 12:03:27.0906 3356 RDSessMgr - ok 12:03:27.0953 3356 redbook (97130d37842819fa39fd5f1e90a5d676) C:\WINDOWS\system32\DRIVERS\redbook.sys 12:03:27.0953 3356 redbook - ok 12:03:28.0015 3356 RemoteAccess (fcd42d82c6f5e0e1506eca01d692dde7) C:\WINDOWS\System32\mprdim.dll 12:03:28.0015 3356 RemoteAccess - ok 12:03:28.0062 3356 RemoteRegistry (66bc81fea0c86632255b696a69ba9827) C:\WINDOWS\system32\regsvc.dll 12:03:28.0062 3356 RemoteRegistry - ok 12:03:28.0093 3356 RpcLocator (2cfb81b412a5d3cbd55cefaccb5e2cee) C:\WINDOWS\system32\locator.exe 12:03:28.0109 3356 RpcLocator - ok 12:03:28.0171 3356 RpcSs (87dadc3f6e6cd5aaeb913e19cbff922c) C:\WINDOWS\system32\rpcss.dll 12:03:28.0171 3356 RpcSs - ok 12:03:28.0312 3356 RSVP (72407e48f912ed57213ae474b8a6798b) C:\WINDOWS\system32\rsvp.exe 12:03:28.0359 3356 RSVP - ok 12:03:28.0359 3356 SamSs (ff1805d5daf41625af5282750d4a3700) C:\WINDOWS\system32\lsass.exe 12:03:28.0359 3356 SamSs - ok 12:03:28.0390 3356 SCardSvr (d339f34d824a7d42ff4d61f1d9d06029) C:\WINDOWS\System32\SCardSvr.exe 12:03:28.0390 3356 SCardSvr - ok 12:03:28.0468 3356 Schedule (c7dc69a9d8c9ab2fbca3238c989d598f) C:\WINDOWS\system32\schedsvc.dll 12:03:28.0468 3356 Schedule - ok 12:03:28.0531 3356 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 12:03:28.0531 3356 Secdrv - ok 12:03:28.0562 3356 seclogon (ed70eb06f13062366b126b1c7475c127) C:\WINDOWS\System32\seclogon.dll 12:03:28.0562 3356 seclogon - ok 12:03:28.0578 3356 SENS (ea7b436a948c875dc94c6062fcbbc2d9) C:\WINDOWS\system32\sens.dll 12:03:28.0578 3356 SENS - ok 12:03:28.0593 3356 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 12:03:28.0671 3356 serenum - ok 12:03:28.0703 3356 Serial (f7d35464062edc08909e568bcd8ae77d) C:\WINDOWS\system32\DRIVERS\serial.sys 12:03:28.0703 3356 Serial - ok 12:03:28.0734 3356 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 12:03:28.0734 3356 Sfloppy - ok 12:03:28.0796 3356 SharedAccess (30e1a46734bdf836c8770949c86b42a4) C:\WINDOWS\System32\ipnathlp.dll 12:03:28.0796 3356 SharedAccess - ok 12:03:28.0859 3356 ShellHWDetection (c5684b98920f9ba98d6a33701ca816e6) C:\WINDOWS\System32\shsvcs.dll 12:03:28.0859 3356 ShellHWDetection - ok 12:03:28.0859 3356 Simbad - ok 12:03:28.0921 3356 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys 12:03:28.0921 3356 sisagp - ok 12:03:28.0968 3356 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 12:03:28.0968 3356 SLIP - ok 12:03:29.0046 3356 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys 12:03:29.0046 3356 Sparrow - ok 12:03:29.0078 3356 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 12:03:29.0078 3356 splitter - ok 12:03:29.0109 3356 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe 12:03:29.0109 3356 Spooler - ok 12:03:29.0140 3356 sr (1193ef00869f6367367e6e7cb96be325) C:\WINDOWS\system32\DRIVERS\sr.sys 12:03:29.0140 3356 sr - ok 12:03:29.0187 3356 srservice (25edb60132f9d82cb1b7961c1d0d13f2) C:\WINDOWS\system32\srsvc.dll 12:03:29.0187 3356 srservice - ok 12:03:29.0203 3356 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 12:03:29.0203 3356 Srv - ok 12:03:29.0390 3356 SSDPSRV (53ffc29dc150e0107f28f0a622ff8d1a) C:\WINDOWS\System32\ssdpsrv.dll 12:03:29.0390 3356 SSDPSRV - ok 12:03:29.0500 3356 STHDA (8990440e4b2a7ca5a56a1833b03741fd) C:\WINDOWS\system32\drivers\sthda.sys 12:03:29.0687 3356 STHDA - ok 12:03:29.0750 3356 stisvc (5835d4ad35905215e1059a973b022ea1) C:\WINDOWS\system32\wiaservc.dll 12:03:29.0750 3356 stisvc - ok 12:03:29.0796 3356 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 12:03:29.0796 3356 streamip - ok 12:03:29.0828 3356 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 12:03:29.0828 3356 swenum - ok 12:03:29.0843 3356 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 12:03:29.0843 3356 swmidi - ok 12:03:29.0843 3356 SwPrv - ok 12:03:29.0890 3356 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 12:03:29.0890 3356 symc810 - ok 12:03:29.0921 3356 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 12:03:29.0921 3356 symc8xx - ok 12:03:29.0984 3356 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 12:03:29.0984 3356 sym_hi - ok 12:03:30.0000 3356 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 12:03:30.0000 3356 sym_u3 - ok 12:03:30.0062 3356 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 12:03:30.0062 3356 sysaudio - ok 12:03:30.0109 3356 SysmonLog (71a08eec00a703445a2cbc0e91ef0952) C:\WINDOWS\system32\smlogsvc.exe 12:03:30.0109 3356 SysmonLog - ok 12:03:30.0156 3356 TapiSrv (18261106524f7a93ceceacdc03a5b989) C:\WINDOWS\System32\tapisrv.dll 12:03:30.0171 3356 TapiSrv - ok 12:03:30.0296 3356 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 12:03:30.0328 3356 Tcpip - ok 12:03:30.0359 3356 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 12:03:30.0359 3356 TDPIPE - ok 12:03:30.0359 3356 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 12:03:30.0359 3356 TDTCP - ok 12:03:30.0406 3356 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 12:03:30.0406 3356 TermDD - ok 12:03:30.0468 3356 TermService (f89c53d455420df4d66e45842fb3a46e) C:\WINDOWS\System32\termsrv.dll 12:03:30.0468 3356 TermService - ok 12:03:30.0531 3356 Themes (c5684b98920f9ba98d6a33701ca816e6) C:\WINDOWS\System32\shsvcs.dll 12:03:30.0531 3356 Themes - ok 12:03:30.0578 3356 TlntSvr (cc4c1aae22088304c715ac9d26f2d4c1) C:\WINDOWS\system32\tlntsvr.exe 12:03:30.0593 3356 TlntSvr - ok 12:03:30.0671 3356 TosIde (67b0bb00b577d37e54497e5fdfcaadc0) C:\WINDOWS\system32\DRIVERS\toside.sys 12:03:30.0671 3356 TosIde - ok 12:03:30.0734 3356 TrkWks (548867e040cb81a82b5df09d074f95f8) C:\WINDOWS\system32\trkwks.dll 12:03:30.0734 3356 TrkWks - ok 12:03:30.0765 3356 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 12:03:30.0765 3356 Udfs - ok 12:03:30.0828 3356 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys 12:03:30.0843 3356 ultra - ok 12:03:30.0859 3356 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 12:03:30.0875 3356 Update - ok 12:03:30.0906 3356 upnphost (b1222a2302480d56a32c5343150bb16d) C:\WINDOWS\System32\upnphost.dll 12:03:30.0906 3356 upnphost - ok 12:03:30.0937 3356 UPS (7b07af3d4545ad6fee34b5f2eb247c8f) C:\WINDOWS\System32\ups.exe 12:03:30.0937 3356 UPS - ok 12:03:30.0984 3356 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 12:03:30.0984 3356 usbaudio - ok 12:03:31.0046 3356 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 12:03:31.0046 3356 usbccgp - ok 12:03:31.0109 3356 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 12:03:31.0109 3356 usbehci - ok 12:03:31.0125 3356 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 12:03:31.0125 3356 usbhub - ok 12:03:31.0187 3356 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 12:03:31.0187 3356 usbohci - ok 12:03:31.0203 3356 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 12:03:31.0203 3356 usbprint - ok 12:03:31.0406 3356 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 12:03:31.0421 3356 usbscan - ok 12:03:31.0484 3356 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 12:03:31.0484 3356 USBSTOR - ok 12:03:31.0515 3356 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 12:03:31.0515 3356 usbuhci - ok 12:03:31.0562 3356 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys 12:03:31.0562 3356 usbvideo - ok 12:03:31.0578 3356 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 12:03:31.0578 3356 VgaSave - ok 12:03:31.0843 3356 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys 12:03:31.0843 3356 viaagp - ok 12:03:31.0859 3356 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 12:03:31.0859 3356 ViaIde - ok 12:03:31.0906 3356 VolSnap (57187ec04878147e1f4f2d9224b12205) C:\WINDOWS\system32\drivers\VolSnap.sys 12:03:31.0906 3356 VolSnap - ok 12:03:31.0953 3356 VSS (940950dc9e34b05986bbbb1d1a33b74f) C:\WINDOWS\System32\vssvc.exe 12:03:31.0968 3356 VSS - ok 12:03:32.0015 3356 w32time (4bf06a1dcd6a91c482e79340fee527ca) C:\WINDOWS\system32\w32time.dll 12:03:32.0015 3356 w32time - ok 12:03:32.0031 3356 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 12:03:32.0031 3356 Wanarp - ok 12:03:32.0046 3356 WDICA - ok 12:03:32.0062 3356 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 12:03:32.0062 3356 wdmaud - ok 12:03:32.0125 3356 WebClient (e6dfcadf5089a68ecd288e9a803a892c) C:\WINDOWS\System32\webclnt.dll 12:03:32.0125 3356 WebClient - ok 12:03:32.0500 3356 winmgmt (cf4e2a27495f7ea6b3128d9a731b3716) C:\WINDOWS\system32\wbem\WMIsvc.dll 12:03:32.0500 3356 winmgmt - ok 12:03:32.0546 3356 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll 12:03:32.0546 3356 WmdmPmSN - ok 12:03:32.0718 3356 Wmi (b5ff0001533be01dfbd995d7a60a7daa) C:\WINDOWS\System32\advapi32.dll 12:03:32.0734 3356 Wmi - ok 12:03:32.0765 3356 WmiApSrv (9bfadc02a9e27bfdff59e61302f92517) C:\WINDOWS\system32\wbem\wmiapsrv.exe 12:03:32.0765 3356 WmiApSrv - ok 12:03:32.0921 3356 WMPNetworkSvc (de188dd69ca74b1512adc5a7639523b2) C:\Program\Windows Media Player\WMPNetwk.exe 12:03:32.0984 3356 WMPNetworkSvc - ok 12:03:33.0000 3356 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 12:03:33.0015 3356 WpdUsb - ok 12:03:33.0031 3356 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 12:03:33.0031 3356 WS2IFSL - ok 12:03:33.0078 3356 wscsvc (4ac32513fa47c8219448269bf895fc34) C:\WINDOWS\system32\wscsvc.dll 12:03:33.0078 3356 wscsvc - ok 12:03:33.0156 3356 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 12:03:33.0156 3356 WSTCODEC - ok 12:03:33.0203 3356 wuauserv (4ceaf29d35c2608c6463e80574ddca10) C:\WINDOWS\system32\wuauserv.dll 12:03:33.0234 3356 wuauserv - ok 12:03:33.0375 3356 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 12:03:33.0375 3356 WudfPf - ok 12:03:33.0421 3356 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 12:03:33.0421 3356 WudfRd - ok 12:03:33.0468 3356 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll 12:03:33.0468 3356 WudfSvc - ok 12:03:33.0546 3356 WZCSVC (5ec7d7f83640a921b5c616d9650520fd) C:\WINDOWS\System32\wzcsvc.dll 12:03:33.0546 3356 WZCSVC - ok 12:03:33.0578 3356 xmlprov (5b3d475aa8629320686fbffbe67ab492) C:\WINDOWS\System32\xmlprov.dll 12:03:33.0671 3356 xmlprov - ok 12:03:33.0687 3356 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0 12:03:33.0718 3356 \Device\Harddisk0\DR0 - ok 12:03:33.0750 3356 Boot (0x1200) (754c7788f69201c4f6e3187c1f3b5663) \Device\Harddisk0\DR0\Partition0 12:03:33.0750 3356 \Device\Harddisk0\DR0\Partition0 - ok 12:03:33.0750 3356 ============================================================ 12:03:33.0750 3356 Scan finished 12:03:33.0750 3356 ============================================================ 12:03:33.0765 3152 Detected object count: 0 12:03:33.0765 3152 Actual detected object count: 0 12:05:16.0359 1948 Deinitialize success Forts. med flera loggar i nästa meddelande! ************************************************ Extras.Txt
  15. PS till mitt föregående inlägg. Såg inte först att det kom en till rapport från Rouge Killer, här är den: RogueKiller V7.3.2 [03/20/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User: Lasse [Admin rights] Mode: Remove -- Date: 04/12/2012 00:00:43 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 1 ¤¤¤ [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD3200KS-75PFB0 +++++ --- User --- [MBR] 4348e09fee40e38d252d9f87916e56bd [bSP] 1b486c1b99d0b6decee8c12fef50bc43 : MBR Code unknown Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 54 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 112455 | Size: 302112 Mo 2 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 618839865 | Size: 3074 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt
×
×
  • Skapa nytt...