Just nu i M3-nätverket
Gå till innehåll

tammy

Medlem
  • Antal inlägg

    68
  • Gick med

  • Senaste besök

Om tammy

  • Medlemstitel
    Användare
  • Födelsedag 1978-10-10

Profil

  • Kön
    Kvinna
  • Ort
    Lund
  1. tammy

    Spara sökord

    gå till verktyg på menyraden: Verktyg Internetalternativ ¨på sidan -Innehåll- komplettera automaiskt, där väljer du inställningar. Sen ser du bara till att kryssa i det som du vill ha.
  2. Om datorn bara är 1,5 år så kan du kontakta tillverkaren eller försäljaren och berätta om ditt problem. Du har säkert ett tillverkningsnummer på din dator som du kan använda vid kommunikation med dem. Det är ju så att när det stjäls laptops på arbetsplatser, skolor och i bilar så är det inte meningen att tjuven bara skall kunna logga in hur som helst och därför har man ju ett lösenord.
  3. Efter ett halvårs seg dator fick jag formattera om och efter det får jag inte längre funktionerna vila, eller viloläge att fungera. Har funkat hur bra som helst innan och nu när jag väljer vila så släcks datorn ner och går sen bara igång med startknappen och då blir det en ny omstart som tar tid varje gång - kan ju inte låta datorn vara igång 24/7 heller för den blir ju varm så vila-alternativet var ju bra.... Någon?
  4. här har du fraser och liknande: http://www.yuni.com/library/latin.html och här kan du skriva meningar på engelska och få översatta till latin: http://www.latinphrasetranslation.com/translators/latin_to_english Lycka till.
  5. har inte angett sin status

  6. Hej igen! Nej, det har blivit helt hopplöst, datorn hänger sig ett par gånger i timmen och jag upptäckte att jag har 1GB som kund hos comhem så jag har lagrat det jag vill spara där och tänker starta om igen. Är det något jag ska tänka på eller är det bara att köra vista-skivan igen? tack för hjälpen innan. ps: läste en tråd om att alla dessa cc-cleaner och liknande inte är bra för man gör hål i registret och jag har ju använt många liknande program så nästa gång kanske jag ska försöka behålla vistaprogrammet intakt. detta är en fråga?
  7. glömde: 2010-07-07 22:25 . 2010-07-07 23:18 -------- d-----w- c:\program files\Zynga Vad är det som plötsligt har dykt upp i datorn? Det är en grej på Facebook som heter Farmville och som man kan lägga upp på datorn och köra direkt, jag försökte det men det gick inte så jag tog bort det igen. Om jag nu drar saker till D - är det något jag skall tänka på, vad skall man inte flytta till exempel?
  8. Har tagit bort det rekommenderade och har kastat en del i data D: det jag inte ville kasta har jag skickat till en sajt som jag är med i och som har emailfunktion - lägger det där så länge.... det som är kvar i D är nu bara: filmapp recycle, filmapp 519a0051421f28ec2508, samt div Fil. växlingsfilen...jag följde olika steg och har försökt hitta sidan där jag utgick ifrån. Men nu när jag öppnar datorn så går allt jättesnabbt helt annorlunda - vet fortfarande inte var huvudproblemet låg. eftersom jag inte hade virus, kan olika små faktorer samverka? Måste iallafall köpa ett externt minne för det verkar inte ok att bara dra saker från c till d även om det är jättelätt.
  9. glömde: jag var inne och petade på det som heter växlingsfil också och det kanske jag inte borde gjort, men det känns ok idag och alternativet var ju att formattera om hela datorn så det experimentet var ok tyckte jag.
  10. Nej, två dagar senare blev det riktigt kasst, datorn hängde sig gång på gång och jag körde alt, contr, del - och jag körde avstängning med knapp och blev helt trött på det. Gick ut och googlade om seg dator och dator som hänger sig. Såg också att jag hade knappt något minne alls, C: använt 34,3 GB ledigt 2,11 GB - D: 111 MB använt och 50,7 GB ledigt. Jag gjorde kanske en dum grej men jag drog ett par grejor jag aldrig använder som inte är datorns eller Windows utan egna grejor till D från C och det gick bra, men det var bara 3 smågrejor. Ser att på lokal disk F: finns använt 100 MB och 14,5 GB ledigt. Konstigt att man inte kan ha allt på ett ställe så att man inte får dåligt med minneskapacitet, men jag kan för lite om sånt. Jag körde en combofix och den rensade 3 poster om jag har förstått det rätt, jag körde också en återställning tillbaka till innan Stopzilla installerades. här är combofixen: ComboFix 10-07-07.02 - timmjann 2010-07-08 12:35:31.1.1 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.766.248 [GMT 2:00] Körs från: c:\users\timmjann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XE54H1GC\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: AVG Anti-Spyware *enabled* (Outdated) {48F2E28D-ED66-4646-9C11-B3055B0AF604} SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Andra raderingar )))))))))))))))))))))))))))))))))))))))))))))))) . c:\acer\Empowering Technology\eRecovery\Autorun\SW1\TVtuner\Liteon\Resources\_desktop.ini c:\drv\TVtuner\Liteon\Resources\_desktop.ini c:\users\timmjann\AppData\Roaming\Microsoft\Windows\Cookies\timmjann@www.managerzone[2].txt . (((((((((((((((((((((((( Filer Skapade från 2010-06-08 till 2010-07-08 )))))))))))))))))))))))))))))) . 2010-07-08 10:52 . 2010-07-08 10:53 -------- d-----w- c:\users\timmjann\AppData\Local\temp 2010-07-08 10:52 . 2010-07-08 10:52 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-07-07 22:25 . 2010-07-07 23:18 -------- d-----w- c:\program files\Zynga 2010-07-02 23:25 . 2010-07-02 23:25 200704 ---ha-w- C:\SZKGFS.dat 2010-07-02 23:21 . 2010-07-05 10:23 -------- d-----w- c:\programdata\SITEguard 2010-07-02 23:16 . 2010-07-05 10:21 -------- d-----w- c:\program files\Common Files\iS3 2010-07-01 18:28 . 2010-07-01 18:28 -------- d-----w- c:\users\timmjann\AppData\Roaming\AVG9 2010-06-29 16:36 . 2010-06-29 16:36 242896 ----a-w- c:\programdata\avg9\update\backup\avgtdix.sys 2010-06-29 16:35 . 2010-06-29 16:35 74760 ----a-w- c:\programdata\avg9\update\backup\UniversalDD.sys 2010-06-29 16:35 . 2010-06-29 16:35 30216 ----a-w- c:\programdata\avg9\update\backup\AVGIDSFilter.sys 2010-06-29 16:35 . 2010-06-29 16:35 29512 ----a-w- c:\programdata\avg9\update\backup\avgmfx86.sys 2010-06-29 16:35 . 2010-06-29 16:35 27144 ----a-w- c:\programdata\avg9\update\backup\AVGIDSShim.sys 2010-06-29 16:35 . 2010-06-29 16:35 25096 ----a-w- c:\programdata\avg9\update\backup\AVGIDSvx.sys 2010-06-29 16:35 . 2010-06-29 16:35 122376 ----a-w- c:\programdata\avg9\update\backup\AVGIDSDriver.sys 2010-06-29 16:35 . 2010-06-29 16:35 216200 ----a-w- c:\programdata\avg9\update\backup\avgldx86.sys 2010-06-29 16:33 . 2010-06-29 16:33 12536 ----a-w- c:\windows\system32\avgrsstx.dll 2010-06-29 16:27 . 2010-06-29 16:27 1038688 ----a-w- c:\programdata\avg9\update\backup\avgupd.exe 2010-06-29 16:27 . 2010-06-29 16:27 624920 ----a-w- c:\programdata\avg9\update\backup\avgiproxy.exe 2010-06-29 16:27 . 2010-06-29 16:27 1690464 ----a-w- c:\programdata\avg9\update\backup\avgupd.dll 2010-06-29 16:27 . 2010-06-29 16:27 813336 ----a-w- c:\programdata\avg9\update\backup\avginet.dll 2010-06-29 11:59 . 2010-06-29 11:59 -------- d-----w- C:\$AVG 2010-06-29 11:51 . 2010-07-08 00:27 -------- d-----w- c:\programdata\avg9 2010-06-29 11:13 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll 2010-06-29 11:10 . 2010-06-29 11:10 -------- d-----w- c:\program files\Microsoft Silverlight 2010-06-27 22:40 . 2010-06-27 22:40 -------- d-----w- c:\program files\Trend Micro 2010-06-24 01:01 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-06-24 01:01 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll 2010-06-24 01:01 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll 2010-06-24 01:01 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2010-06-24 01:01 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll 2010-06-23 22:59 . 2010-04-16 16:43 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2010-06-23 22:59 . 2010-04-16 14:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2010-06-21 18:33 . 2010-06-21 18:33 -------- d-----w- C:\progs 2010-06-18 09:02 . 2010-06-18 09:00 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-06-16 16:27 . 2010-06-16 16:27 -------- d-----w- c:\program files\Microsoft Sync Framework 2010-06-16 16:26 . 2010-06-16 16:26 -------- d-----w- c:\program files\Microsoft 2010-06-16 16:00 . 2010-06-16 16:00 -------- d-----w- c:\program files\Common Files\Windows Live 2010-06-15 22:19 . 2010-06-15 22:19 -------- d-----w- c:\users\timmjann\AppData\Roaming\Malwarebytes 2010-06-15 22:19 . 2010-06-15 22:19 -------- d-----w- c:\programdata\Malwarebytes 2010-06-15 22:19 . 2010-06-28 21:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-06-15 13:25 . 2010-05-26 14:47 289792 ----a-w- c:\windows\system32\atmfd.dll 2010-06-15 13:25 . 2010-05-26 17:06 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-06-15 13:23 . 2010-05-01 14:13 2037248 ----a-w- c:\windows\system32\win32k.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-07-07 23:34 . 2009-08-08 20:47 -------- d-----w- c:\programdata\NOS 2010-07-07 20:55 . 2009-05-01 22:32 28124 ----a-w- c:\programdata\nvModes.dat 2010-06-29 16:33 . 2009-02-05 14:50 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-06-29 16:33 . 2009-01-01 22:38 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-06-29 16:29 . 2009-01-01 22:38 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-06-29 11:52 . 2009-01-01 16:06 -------- d-----w- c:\program files\AVG 2010-06-28 21:28 . 2008-02-01 21:02 606 ----a-w- c:\users\timmjann\AppData\Roaming\wklnhst.dat 2010-06-28 17:52 . 2009-11-28 22:03 -------- d-----w- c:\programdata\Fighters 2010-06-27 22:08 . 2010-05-12 16:22 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor 2010-06-16 16:29 . 2008-01-02 22:01 -------- d-----w- c:\program files\Windows Live 2010-06-16 16:28 . 2008-01-26 23:32 -------- d-----w- c:\program files\Windows Live Toolbar 2010-06-15 23:40 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-06-15 22:05 . 2007-07-27 18:46 -------- d-----w- c:\programdata\Microsoft Help 2010-06-09 10:18 . 2010-02-06 22:04 -------- d-----w- c:\program files\Common Files\PC Tools 2010-06-07 10:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Microsoft Games 2010-05-26 19:13 . 2010-04-26 19:48 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-05-26 19:12 . 2010-05-26 19:12 -------- d-----w- c:\program files\Java 2010-05-26 18:51 . 2007-10-28 13:54 -------- d-----w- c:\program files\Common Files\Java 2010-05-21 12:14 . 2009-10-06 09:16 221568 ------w- c:\windows\system32\MpSigStub.exe 2010-05-18 09:49 . 2010-05-18 09:48 -------- d-----w- c:\program files\Common Files\Adobe 2010-05-17 19:45 . 2010-05-17 19:45 680 ----a-w- c:\users\timmjann\AppData\Local\d3d9caps.dat 2010-05-17 09:32 . 2010-05-17 09:32 90112 ----a-w- c:\users\timmjann\AppData\Roaming\Agency9\3DMapsK1\3DMapsK1\natives\32\DXPlugin.dll 2010-05-17 09:32 . 2010-05-17 09:32 69632 ----a-w- c:\users\timmjann\AppData\Roaming\Agency9\3DMapsK1\3DMapsK1\natives\32\SystemInfo.dll 2010-05-17 09:32 . 2010-05-17 09:32 6656 ----a-w- c:\users\timmjann\AppData\Roaming\Agency9\3DMapsK1\3DMapsK1\natives\32\NativeDiskfree.dll 2010-05-17 09:32 . 2010-05-17 09:32 61440 ----a-w- c:\users\timmjann\AppData\Roaming\Agency9\3DMapsK1\3DMapsK1\natives\32\NativeUnzip.dll 2010-05-17 09:32 . 2010-05-17 09:32 59904 ----a-w- c:\users\timmjann\AppData\Roaming\Agency9\3DMapsK1\3DMapsK1\natives\32\zlib1.dll 2010-05-17 09:32 . 2010-05-17 09:32 57344 ----a-w- c:\users\timmjann\AppData\Roaming\Agency9\3DMapsK1\3DMapsK1\natives\32\DXT.dll 2010-05-17 09:32 . 2010-05-17 09:32 315392 ----a-w- c:\users\timmjann\AppData\Roaming\Agency9\3DMapsK1\3DMapsK1\natives\32\jogl.dll 2010-05-17 09:32 . 2010-05-17 09:32 20480 ----a-w- c:\users\timmjann\AppData\Roaming\Agency9\3DMapsK1\3DMapsK1\natives\32\jogl_awt.dll 2010-05-17 09:32 . 2010-05-17 09:32 20480 ----a-w- c:\users\timmjann\AppData\Roaming\Agency9\3DMapsK1\3DMapsK1\natives\32\gluegen-rt.dll 2010-05-17 09:32 . 2010-05-17 09:32 155648 ----a-w- c:\users\timmjann\AppData\Roaming\Agency9\3DMapsK1\3DMapsK1\natives\32\NativeJpegDecoder.dll 2010-05-17 09:32 . 2010-05-17 09:32 -------- d-----w- c:\users\timmjann\AppData\Roaming\Agency9 2010-05-12 16:37 . 2008-03-03 20:20 -------- d-----w- c:\program files\Windows Live Safety Center 2010-05-12 15:38 . 2010-04-08 23:00 -------- d-----w- c:\program files\Lavasoft 2010-05-06 23:07 . 2010-04-08 23:31 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-05-04 05:59 . 2010-06-15 13:24 916480 ----a-w- c:\windows\system32\wininet.dll 2010-05-04 05:55 . 2010-06-15 13:24 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-05-04 05:55 . 2010-06-15 13:24 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-05-04 04:31 . 2010-06-15 13:24 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-05-01 15:21 . 2010-05-01 15:21 1925088 ----a-w- c:\users\timmjann\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe 2010-04-23 14:13 . 2010-05-26 09:12 2048 ----a-w- c:\windows\system32\tzres.dll 2010-04-16 16:43 . 2010-06-23 22:59 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll 2010-04-16 16:43 . 2010-06-23 22:59 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll 2010-04-16 16:43 . 2010-06-23 22:59 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll 2010-04-16 16:43 . 2010-06-23 22:59 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll 2010-04-12 08:36 . 2010-04-12 08:36 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys . (((((((((((((((((((((((((((((((((( Startpunkter i registret ))))))))))))))))))))))))))))))))))))))))))))))) . . *Not* Tomma poster & legitima standardposter visas inte. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150595.exe" [2009-03-19 460216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184] "RtHDVCpl"="RtHDVCpl.exe" [2007-05-18 4468736] "eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-06-11 1286144] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-06-27 752136] "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-06-06 159744] "Skytel"="Skytel.exe" [2007-05-18 1826816] "QuickTime Task"="c:\users\timmjann\Desktop\L I S MAPP\qttask.exe" [2006-05-31 282624] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-29 2065760] c:\users\timmjann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Inneh†llsf”rteckning i OneNote.onetoc2 [2009-12-25 3656] Sk„rmurklipp och start f”r OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-7-27 535336] Personal.lnk - c:\program files\Personal\bin\Personal.exe [2009-12-10 939920] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiSpywareOverride"=dword:00000001 "VistaSp2"=hex(:97,20,27,bf,e5,00,ca,01 R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-07-01 1352832] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-06-18 64288] S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2010-06-29 216400] S1 AvgTdiX;AVG Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2010-06-29 243024] S2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-06-29 921440] S2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-06-29 308136] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-05-16 32256] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Innehållet i mappen 'Schemalagda aktiviteter': 2010-07-08 c:\windows\Tasks\User_Feed_Synchronization-{60953392-EE62-4739-BBAE-35E412CC012B}.job - c:\windows\system32\msfeedssync.exe [2010-06-15 04:30] . . ------- Extra genomsökning ------- . uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uStart Page = hxxp://www.liverpoolfc.tv/ Trusted Zone: liverpoolfc.tv\www Trusted Zone: managerzone.com\www Trusted Zone: managerzone.se\www FF - ProfilePath - c:\users\timmjann\AppData\Roaming\Mozilla\Firefox\Profiles\rc8d79md.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2307307&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Liverpoolfctv Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.liverpoolfc.tv/ FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll FF - component: c:\users\timmjann\AppData\Roaming\Mozilla\Firefox\Profiles\rc8d79md.default\extensions\{127d5117-dcc8-4856-8288-9baa89e57c21}\components\FFExternalAlert.dll FF - component: c:\users\timmjann\AppData\Roaming\Mozilla\Firefox\Profiles\rc8d79md.default\extensions\{127d5117-dcc8-4856-8288-9baa89e57c21}\components\RadioWMPCore.dll FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\Personal\bin\np_prsnl.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICY ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); . - - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - - HKU-Default-Run-Acer Tour Reminder - c:\acer\AcerTour\Reminder.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-07-08 12:53 Windows 6.0.6002 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LÅSTA REGISTERNYCKLAR --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Sluttid: 2010-07-08 12:59:32 ComboFix-quarantined-files.txt 2010-07-08 10:59 Före genomsökningen: 2 503 655 424 byte ledigt Efter genomsökningen: 2 531 500 032 byte ledigt - - End Of File - - 3264A3839F8E10C91EA90CF3E13C18BB Detta med hängningen är borta iallafall..... Tack för er hjälp.
  11. glömde: Om jag lägger in den fria AVG9, gör jag det bara? eller tar jag bort den andra först? conduit.xml har jag inte tagit bort, skall jag det?
  12. OTL logfile created on: 2010-07-05 12:29:09 - Run 2 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\timmjann\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd 766,00 Mb Total Physical Memory | 157,00 Mb Available Physical Memory | 21,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 50,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 36,50 Gb Total Space | 2,77 Gb Free Space | 7,59% Space Free | Partition Type: NTFS Drive D: | 50,89 Gb Total Space | 50,79 Gb Free Space | 99,80% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 14,64 Gb Total Space | 14,55 Gb Free Space | 99,33% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: TIMMJANN-DATOR Current User Name: timmjann Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\timmjann\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\avgfws9.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\avgam.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\Personal\bin\Personal.exe (Technology Nexus AB) PRC - C:\Program\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.) PRC - C:\Program\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Program\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Users\timmjann\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.) PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.) PRC - C:\Program\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.) PRC - C:\Acer\Mobility Center\MobilityService.exe () PRC - C:\Users\timmjann\Desktop\L I S MAPP\qttask.exe (Apple Computer, Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\timmjann\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (CLTNetCnService) -- File not found SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) SRV - (avgfws9) -- C:\Program Files\AVG\AVG9\avgfws9.exe (AVG Technologies CZ, s.r.o.) SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.) SRV - (WinDefend) -- C:\Program\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.) SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe () ========== Driver Services (SafeList) ========== DRV - (AvgTdiX) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgMfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AVGIDSErHrvtx) -- C:\Windows\System32\Drivers\AVGIDSvx.sys (AVG Technologies CZ, s.r.o. ) DRV - (AVGIDSShimvtx) -- C:\Program\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. ) DRV - (AVGIDSFiltervtx) -- C:\Program\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. ) DRV - (AVGIDSDrivervtx) -- C:\Program\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. ) DRV - (AvgLdx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgRkx86) -- C:\Windows\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgfwfd) -- C:\Windows\System32\drivers\avgfwd6x.sys (AVG Technologies CZ, s.r.o.) DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation) DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.) DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.) DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.) DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys () DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.) DRV - (DritekPortIO) -- C:\Program\Launch Manager\DPortIO.sys (Dritek System Inc.) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sv.intl.acer.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.liverpoolfc.tv/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "Liverpoolfctv Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://www.google.com"'>http://www.google.com" FF - prefs.js..browser.search.selectedEngine: "Liverpoolfctv Customized Web Search" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "http://www.google.com" FF - prefs.js..extensions.enabledItems: {127d5117-dcc8-4856-8288-9baa89e57c21}:2.5.8.99 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.825 FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010-06-30 01:54:40 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-20 12:52:46 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-01 23:52:02 | 000,000,000 | ---D | M] [2008-07-11 23:39:12 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\mozilla\Extensions [2010-07-02 01:07:40 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\mozilla\Firefox\Profiles\rc8d79md.default\extensions [2010-04-20 12:55:59 | 000,000,000 | ---D | M] (Liverpoolfctv Toolbar) -- C:\Users\timmjann\AppData\Roaming\mozilla\Firefox\Profiles\rc8d79md.default\extensions\{127d5117-dcc8-4856-8288-9baa89e57c21} [2010-05-01 17:20:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\timmjann\AppData\Roaming\mozilla\Firefox\Profiles\rc8d79md.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-03-31 16:53:44 | 000,000,929 | ---- | M] () -- C:\Users\timmjann\AppData\Roaming\Mozilla\FireFox\Profiles\rc8d79md.default\searchplugins\conduit.xml [2010-05-26 21:15:48 | 000,000,000 | ---D | M] -- C:\Program\Mozilla Firefox\extensions [2010-05-26 21:15:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-05-26 21:13:30 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Mozilla Firefox\plugins\npdeployJava1.dll [2010-04-01 19:42:59 | 000,001,470 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\allaannonser-sv-SE.xml [2010-04-01 19:42:59 | 000,002,670 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\prisjakt-sv-SE.xml [2010-04-01 19:42:59 | 000,000,948 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\tyda-sv-SE.xml [2010-04-01 19:42:59 | 000,001,174 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\wikipedia-sv-SE.xml [2010-04-01 19:42:59 | 000,000,951 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\yahoo-sv-SE.xml O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.) O2 - BHO: (Windows Live inloggningshjälpen) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O4 - HKLM..\Run: [AVG9_TRAY] C:\Program\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink) O4 - HKLM..\Run: [LManager] C:\Program\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [QuickTime Task] C:\Users\timmjann\Desktop\L I S MAPP\qttask.exe (Apple Computer, Inc.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.) O4 - Startup: C:\Users\timmjann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Innehållsförteckning i OneNote.onetoc2 () O4 - Startup: C:\Users\timmjann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skärmurklipp och start för OneNote 2007.lnk = C:\Program\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present O9 - Extra Button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O15 - HKCU\..Trusted Domains: liverpoolfc.tv ([www] http in Tillförlitliga platser) O15 - HKCU\..Trusted Domains: managerzone.com ([www] * in Tillförlitliga platser) O15 - HKCU\..Trusted Domains: managerzone.com ([www] https in Tillförlitliga platser) O15 - HKCU\..Trusted Domains: managerzone.se ([www] http in Tillförlitliga platser) O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab (Windows Live OneCare safety scanner control) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.150.193.150 83.255.245.11 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\timmjann\AppData\Roaming\Microsoft\Windows Photo Gallery\Skrivbordsunderlägg från Windows Fotogalleri.jpg O24 - Desktop BackupWallPaper: C:\Users\timmjann\AppData\Roaming\Microsoft\Windows Photo Gallery\Skrivbordsunderlägg från Windows Fotogalleri.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found ========== Files/Folders - Created Within 30 Days ========== [2010-07-04 14:56:45 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\timmjann\Desktop\OTL.exe [2010-07-03 09:45:38 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010-07-03 01:21:11 | 000,000,000 | ---D | C] -- C:\ProgramData\SITEguard [2010-07-03 01:16:24 | 000,000,000 | ---D | C] -- C:\Program\Common Files\iS3 [2010-07-01 20:28:38 | 000,000,000 | ---D | C] -- C:\Users\timmjann\AppData\Roaming\AVG9 [2010-06-29 18:33:41 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll [2010-06-29 13:59:33 | 000,000,000 | -H-D | C] -- C:\$AVG [2010-06-29 13:58:37 | 000,025,168 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSvx.sys [2010-06-29 13:58:36 | 000,052,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys [2010-06-29 13:53:52 | 000,024,856 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgfwd6x.sys [2010-06-29 13:51:46 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9 [2010-06-29 13:16:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell [2010-06-29 13:13:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll [2010-06-29 13:12:55 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe [2010-06-29 13:12:55 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe [2010-06-29 13:12:55 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe [2010-06-29 13:12:50 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll [2010-06-29 13:12:50 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll [2010-06-29 13:12:27 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll [2010-06-29 13:12:27 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe [2010-06-29 13:12:27 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll [2010-06-29 13:12:27 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll [2010-06-29 13:12:27 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll [2010-06-29 13:12:07 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll [2010-06-29 13:12:07 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe [2010-06-29 13:12:07 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll [2010-06-29 13:12:07 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll [2010-06-29 13:12:07 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll [2010-06-29 13:10:37 | 000,000,000 | ---D | C] -- C:\Program\Microsoft Silverlight [2010-06-28 00:40:34 | 000,000,000 | ---D | C] -- C:\Program\Trend Micro [2010-06-24 03:01:53 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010-06-24 03:01:53 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010-06-24 03:01:53 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2010-06-24 00:59:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2010-06-24 00:59:52 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2010-06-21 20:33:51 | 000,000,000 | ---D | C] -- C:\progs [2010-06-18 11:02:50 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys [2010-06-16 18:27:41 | 000,000,000 | ---D | C] -- C:\Program\Microsoft Sync Framework [2010-06-16 18:26:06 | 000,000,000 | ---D | C] -- C:\Program\Microsoft [2010-06-16 18:00:30 | 000,000,000 | ---D | C] -- C:\Program\Common Files\Windows Live [2010-06-16 00:19:39 | 000,000,000 | ---D | C] -- C:\Users\timmjann\AppData\Roaming\Malwarebytes [2010-06-16 00:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010-06-16 00:19:04 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware [2010-06-16 00:16:48 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\timmjann\Desktop\mbam-setup.exe [2010-06-15 15:25:13 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010-06-15 15:25:11 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010-06-15 15:24:37 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010-06-15 15:24:13 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010-06-15 15:24:13 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010-06-15 15:24:13 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010-06-15 15:24:11 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010-06-15 15:24:11 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010-06-15 15:24:10 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010-06-15 15:24:09 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010-06-15 15:24:09 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010-06-15 15:24:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010-06-15 15:24:09 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010-06-15 15:24:09 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010-06-15 15:24:08 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010-06-15 15:24:08 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010-06-15 15:24:08 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010-06-15 15:24:08 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010-06-15 15:23:51 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys ========== Files - Modified Within 30 Days ========== [2010-07-05 12:29:16 | 004,456,448 | -HS- | M] () -- C:\Users\timmjann\ntuser.dat [2010-07-05 12:19:19 | 000,028,124 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010-07-05 12:19:15 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010-07-05 12:19:15 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010-07-05 12:19:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-07-05 01:44:40 | 000,000,209 | ---- | M] () -- C:\Users\timmjann\Desktop\Spel - Icakuriren.url [2010-07-05 01:29:28 | 000,028,124 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010-07-04 23:50:31 | 061,649,149 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2010-07-04 23:34:38 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{60953392-EE62-4739-BBAE-35E412CC012B}.job [2010-07-04 22:40:55 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\SLOW-PCfighter.job [2010-07-04 22:40:44 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job [2010-07-04 22:40:43 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-07-04 22:39:30 | 000,524,288 | -HS- | M] () -- C:\Users\timmjann\ntuser.dat{3a4e2211-785b-11df-bd20-001b384c8a3e}.TMContainer00000000000000000001.regtrans-ms [2010-07-04 22:39:30 | 000,065,536 | -HS- | M] () -- C:\Users\timmjann\ntuser.dat{3a4e2211-785b-11df-bd20-001b384c8a3e}.TM.blf [2010-07-04 22:38:07 | 002,680,669 | -H-- | M] () -- C:\Users\timmjann\AppData\Local\IconCache.db [2010-07-04 15:27:23 | 000,000,236 | ---- | M] () -- C:\Users\timmjann\Desktop\Systemåterställning alt uppdatering - Eforum - Tips, hjälp och support om datorer och it.url [2010-07-04 14:56:51 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\timmjann\Desktop\OTL.exe [2010-07-04 14:05:02 | 000,000,279 | ---- | M] () -- C:\Users\timmjann\Desktop\download.cnet.com-AVG-Anti-Virus-Free-Edition-3000-2239_4-10320142.htmlpart=dl-10044820&subj=dl&tag=button&cdlPid=11014801.url [2010-07-04 14:05:02 | 000,000,000 | ---- | M] () -- C:\Users\timmjann\Desktop\AVG Anti-Virus Free Edition - Reviews and free AVG Anti-Virus Free Edition downloads at Download.com.url [2010-07-03 16:51:20 | 000,000,488 | ---- | M] () -- C:\Windows\System32\drivers\kgpcpy.cfg [2010-07-03 01:25:37 | 000,200,704 | -H-- | M] () -- C:\SZKGFS.dat [2010-07-03 01:23:57 | 000,000,241 | ---- | M] () -- C:\Users\timmjann\Desktop\download.cnet.com-AVG-Anti-Virus-Free-Edition-3000-2239_4-10320142.htmltag=mncol;pop.url [2010-06-29 18:33:47 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys [2010-06-29 18:33:41 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys [2010-06-29 18:33:41 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll [2010-06-29 18:32:06 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSvx.sys [2010-06-29 18:29:39 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys [2010-06-29 13:58:49 | 000,001,651 | ---- | M] () -- C:\Users\Public\Desktop\AVG 9.0.lnk [2010-06-29 13:58:36 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys [2010-06-29 13:57:42 | 000,599,358 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavifw.avm [2010-06-29 13:57:41 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm [2010-06-29 13:53:52 | 000,024,856 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgfwd6x.sys [2010-06-28 23:59:28 | 000,297,584 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010-06-28 23:28:56 | 000,000,606 | ---- | M] () -- C:\Users\timmjann\AppData\Roaming\wklnhst.dat [2010-06-22 22:54:17 | 000,000,620 | ---- | M] () -- C:\Users\timmjann\Desktop\Click - genväg.lnk [2010-06-18 11:07:41 | 000,029,696 | ---- | M] () -- C:\Users\timmjann\Documents\Mötesanteckningar från möte med Drottningstdens stödgrupp 100618.doc [2010-06-18 11:00:35 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe [2010-06-18 11:00:24 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys [2010-06-16 01:42:16 | 000,524,288 | -HS- | M] () -- C:\Users\timmjann\ntuser.dat{3a4e2211-785b-11df-bd20-001b384c8a3e}.TMContainer00000000000000000002.regtrans-ms [2010-06-16 00:18:43 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\timmjann\Desktop\mbam-setup.exe [2010-06-15 14:56:41 | 004,456,448 | -HS- | M] () -- C:\Users\timmjann\ntuser.dat_previous [2010-06-15 14:56:39 | 000,524,288 | -HS- | M] () -- C:\Users\timmjann\ntuser.dat{bb2a3092-b7c2-11de-9b85-001b384c8a3e}.TMContainer00000000000000000001.regtrans-ms [2010-06-15 14:56:39 | 000,065,536 | -HS- | M] () -- C:\Users\timmjann\ntuser.dat{bb2a3092-b7c2-11de-9b85-001b384c8a3e}.TM.blf [2010-06-09 22:01:49 | 000,000,221 | ---- | M] () -- C:\Users\timmjann\Application Data\Microsoft\Internet Explorer\Quick Launch\ManagerZone - Gratis Sportmanagerspel (2).url [2010-06-09 17:45:49 | 000,000,221 | ---- | M] () -- C:\Users\timmjann\Documents\ManagerZone - Gratis Sportmanagerspel (2).url [2010-06-07 15:52:38 | 000,000,180 | ---- | M] () -- C:\Users\timmjann\Application Data\Microsoft\Internet Explorer\Quick Launch\Enter Liverpoolfc.tv .url ========== Files Created - No Company Name ========== [2010-07-04 15:27:23 | 000,000,236 | ---- | C] () -- C:\Users\timmjann\Desktop\Systemåterställning alt uppdatering - Eforum - Tips, hjälp och support om datorer och it.url [2010-07-04 14:05:02 | 000,000,279 | ---- | C] () -- C:\Users\timmjann\Desktop\download.cnet.com-AVG-Anti-Virus-Free-Edition-3000-2239_4-10320142.htmlpart=dl-10044820&subj=dl&tag=button&cdlPid=11014801.url [2010-07-04 14:05:02 | 000,000,000 | ---- | C] () -- C:\Users\timmjann\Desktop\AVG Anti-Virus Free Edition - Reviews and free AVG Anti-Virus Free Edition downloads at Download.com.url [2010-07-03 16:51:03 | 000,000,488 | ---- | C] () -- C:\Windows\System32\drivers\kgpcpy.cfg [2010-07-03 01:25:37 | 000,200,704 | -H-- | C] () -- C:\SZKGFS.dat [2010-07-02 01:58:41 | 000,000,241 | ---- | C] () -- C:\Users\timmjann\Desktop\download.cnet.com-AVG-Anti-Virus-Free-Edition-3000-2239_4-10320142.htmltag=mncol;pop.url [2010-06-29 13:58:49 | 000,001,651 | ---- | C] () -- C:\Users\Public\Desktop\AVG 9.0.lnk [2010-06-29 13:12:13 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs [2010-06-29 13:12:13 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl [2010-06-29 13:12:12 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml [2010-06-22 22:54:17 | 000,000,620 | ---- | C] () -- C:\Users\timmjann\Desktop\Click - genväg.lnk [2010-06-18 11:07:36 | 000,029,696 | ---- | C] () -- C:\Users\timmjann\Documents\Mötesanteckningar från möte med Drottningstdens stödgrupp 100618.doc [2010-06-15 19:44:55 | 000,524,288 | -HS- | C] () -- C:\Users\timmjann\ntuser.dat{3a4e2211-785b-11df-bd20-001b384c8a3e}.TMContainer00000000000000000002.regtrans-ms [2010-06-15 19:44:55 | 000,524,288 | -HS- | C] () -- C:\Users\timmjann\ntuser.dat{3a4e2211-785b-11df-bd20-001b384c8a3e}.TMContainer00000000000000000001.regtrans-ms [2010-06-15 19:44:55 | 000,065,536 | -HS- | C] () -- C:\Users\timmjann\ntuser.dat{3a4e2211-785b-11df-bd20-001b384c8a3e}.TM.blf [2010-06-09 22:01:49 | 000,000,221 | ---- | C] () -- C:\Users\timmjann\Application Data\Microsoft\Internet Explorer\Quick Launch\ManagerZone - Gratis Sportmanagerspel (2).url [2010-06-09 22:01:06 | 000,000,221 | ---- | C] () -- C:\Users\timmjann\Documents\ManagerZone - Gratis Sportmanagerspel (2).url [2009-08-03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.DLL [2009-07-09 23:13:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2008-08-26 11:12:22 | 000,213,072 | ---- | C] () -- C:\Windows\System32\DNLEng.dll [2007-10-23 09:47:52 | 000,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI [2007-10-23 09:47:51 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI [2007-07-28 06:49:56 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll [2007-07-28 03:39:53 | 000,000,117 | ---- | C] () -- C:\Windows\Alaunch.ini [2007-07-27 20:38:26 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys [2007-07-27 20:38:26 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys [2007-07-27 19:12:21 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2007-07-27 19:09:12 | 000,000,775 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2001-12-26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001-09-03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001-07-30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001-07-23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll ========== LOP Check ========== [2010-05-17 11:32:39 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Agency9 [2010-07-01 20:28:38 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\AVG9 [2009-07-30 23:28:24 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Goodsol [2008-01-29 00:51:01 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Grisoft [2009-12-16 22:57:24 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\IObit [2010-02-24 01:49:09 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\NoteTab Light [2009-12-15 22:47:54 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\NoteTab Pro [2007-12-22 23:12:33 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Opera [2007-10-28 13:59:33 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\PeerNetworking [2009-02-27 12:40:45 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Personal [2008-02-18 16:43:54 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Pogo Games [2009-11-10 00:19:50 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\SPAMfighter [2008-02-02 21:36:33 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Template [2009-11-17 01:43:32 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Uniblue [2008-11-22 22:46:54 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Windows Live Writer [2010-07-04 22:39:01 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010-07-04 22:40:55 | 000,000,446 | ---- | M] () -- C:\Windows\Tasks\SLOW-PCfighter.job [2010-07-04 22:40:44 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job [2010-07-04 23:34:38 | 000,000,426 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{60953392-EE62-4739-BBAE-35E412CC012B}.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 815 bytes -> C:\Users\timmjann\Desktop\Attached message.eml:OECustomProperty @Alternate Data Stream - 771 bytes -> C:\Users\timmjann\Documents\Attached message.eml:OECustomProperty < End of report > ________________________________________________________________________________ peppar, peppar, emailen öppnades på ett par sek och det är längesedan....
  13. Tack för hjälpen kanske jag skall börja med: _______________________________________________________________________ öppna mappen: C:\SZKGFS.dat kontrollera om det finns det några filer i mappen, om inte, så ta bort mappen. i denna filen fanns enbart info från OTL som jag gjorde tidigare idag...har inte tagit bort något _______________________________________________________________________________________________________________________ öppna mappen: C:\ProgramData\TEMP kontrollera om det finns det några filer i mappen, om inte, så ta bort mappen. mappen tom, tog bort den ________________________________________________________________________________________ öppna mappen: C:\ProgramData\TEMP:225C4FFC kontrollera om det finns det några filer i mappen, om inte, så ta bort mappen. 79,1 kB (81 082 byte) OTL ej tagit bort ännu ______________________________________________________________________________ öppna mappen: C:\Program\Common Files\iS3 kontrollera om det finns det några filer i mappen, om inte, så ta bort mappen. innehöll dessa: C:\Program\Common Files\iS3\Anti-Spyware Fil-98db9820-e35d-49db-af14-f579088a3a4d 97,5kB C:\Program\Common Files\iS3\Anti-Spyware-sgdfull.rsf-sgdfull.rsf 277kB skall dessa bort? ______________________________________________________________________________ öppna mappen: C:\ProgramData\STOPzilla! kontrollera om det finns det några filer i mappen, om inte, så ta bort mappen. 7 filer, 1 mapp 2,15 MB (2 255 636 byte) ej tagit bort ännu ____________________________________________________________________________ öppna mappen: C:\ProgramData\SITEguard kontrollera om det finns det några filer i mappen, om inte, så ta bort mappen. Data Base File (.db) 15,0 kB (15 360 byte) ej tagit bort ännu ____________________________________________________________________________ öppna mappen: C:\Users\timmjann\AppData\Roaming\Mozilla\FireFox\Profiles\rc8d79md.default\searchplugins\conduit.xml ta bort, conduit.xml först: för att skydda datorn förhindrar I E att den här webbsidan kör script eller ActiveX-kontroller som skulle kunna få tillgång till datorn. Klicka här om du vill se alternativ.... - <SearchPlugin xmlns="http://www.mozilla.org/2006/browser/search/"> <ShortName>Liverpoolfctv Customized Web Search</ShortName> <Description>Liverpoolfctv Customized Web Search</Description> <InputEncoding>UTF-8</InputEncoding> <Image width="16" height="16">data:image/x-icon;base64,R0lGODlhEAAQALMPAP///2t7huz+//39/ap7Fvb29vT09O7u7sXFxb29vXZWEcPDw+zs7Lq6usbGxgAAACH5BAEAAA8ALAAAAAAQABAAAARa8IVJa5Ug671nHtXAAR4onEIgdmpwuu+aTYULvwVr2Ghq6DdU4KehIYIBRK6oOiwqDQJBVjogEtiEQrryAAYFg5ix2E5JgdHXaQal1QM2ofaGWx01iWU/eUQAADs=</Image> <Url type="text/html" method="GET" template="http://search.conduit.com/ResultsExt.aspx?ctid=CT2307307&SearchSource=3&q={searchTerms}" /> <Url type="application/x-suggestions+json" template="http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}" /> <SearchForm>http://search.conduit.com/ResultsExt.aspx?ctid=CT2307307&SearchSource=3&q=</SearchForm> </SearchPlugin> Om du hittar filer i mapparna återkom med deras innehåller, men de borde vara tomma. ____________________________________________________________________________________________________________________________________ Öppna Firefox, och Inställningar, fliken Allmänt, byt ut startsidan till http://www.google.com Öppna Firefox, skriv about:config i adressfältet, tryck Enter, besvara frågan, som följer med Ja Leta reda på raden som lyder: browser.search.defaulturl: "http://search.conduit.com, byt SearchConduit till http://www.google.com Töm papperskorgen, starta om datorn, och tala om hur det verkar nu. förstod inte om jag skulle kasta även om det låg saker i mapparna, eller om det bara var om de var helt tomma....... Mvh Mats H ---------------------------------------------------------------------- Tråden hittar du här: //eforum.idg.se/index.php?showtopic=221066&view=getnewpost Om du i din kontrollpanel på sajten har angett att du vill få e-post direkt när någon har svarat, så kommer du få brev varje gång det skrivs ett svar. Alternativt, så skickas bara ett brev per besök och ämnesbevakning. Detta är för att begränsa antalet mail som skickas till din inkorg. Avsluta bevakning: ------------------ Du kan avsluta bevakningen när du vill genom att logga in på din Kontrollpanel och klicka på fliken "Forum" och därefter på "Hantera bevakade ämnen".
  14. OTL logfile created on: 2010-07-04 14:58:15 - Run 1 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\timmjann\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd 766,00 Mb Total Physical Memory | 160,00 Mb Available Physical Memory | 21,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 43,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 36,50 Gb Total Space | 3,55 Gb Free Space | 9,74% Space Free | Partition Type: NTFS Drive D: | 50,89 Gb Total Space | 50,79 Gb Free Space | 99,80% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 14,64 Gb Total Space | 14,55 Gb Free Space | 99,33% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: TIMMJANN-DATOR Current User Name: timmjann Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\timmjann\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) PRC - C:\Program\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\avgfws9.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program\AVG\AVG9\avgam.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10h_ActiveX.exe (Adobe Systems, Inc.) PRC - C:\Program\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) PRC - C:\Program\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Program\Personal\bin\Personal.exe (Technology Nexus AB) PRC - C:\Program\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.) PRC - C:\Program\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Program\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Program\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Users\timmjann\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.) PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.) PRC - C:\Program\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.) PRC - C:\Acer\Mobility Center\MobilityService.exe () PRC - C:\Users\timmjann\Desktop\L I S MAPP\qttask.exe (Apple Computer, Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\timmjann\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (CLTNetCnService) -- File not found SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) SRV - (avgfws9) -- C:\Program Files\AVG\AVG9\avgfws9.exe (AVG Technologies CZ, s.r.o.) SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.) SRV - (WinDefend) -- C:\Program\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.) SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe () ========== Driver Services (SafeList) ========== DRV - (szkgfs) -- File not found DRV - (szkg5) -- File not found DRV - (AvgTdiX) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgMfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AVGIDSErHrvtx) -- C:\Windows\System32\Drivers\AVGIDSvx.sys (AVG Technologies CZ, s.r.o. ) DRV - (AVGIDSShimvtx) -- C:\Program\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. ) DRV - (AVGIDSFiltervtx) -- C:\Program\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. ) DRV - (AVGIDSDrivervtx) -- C:\Program\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. ) DRV - (AvgLdx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgRkx86) -- C:\Windows\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgfwfd) -- C:\Windows\System32\drivers\avgfwd6x.sys (AVG Technologies CZ, s.r.o.) DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation) DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.) DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.) DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.) DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys () DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.) DRV - (DritekPortIO) -- C:\Program\Launch Manager\DPortIO.sys (Dritek System Inc.) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sv.intl.acer.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.liverpoolfc.tv/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "Liverpoolfctv Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2307307&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "Liverpoolfctv Customized Web Search" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "http://www.liverpoolfc.tv/" FF - prefs.js..extensions.enabledItems: {127d5117-dcc8-4856-8288-9baa89e57c21}:2.5.8.99 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.825 FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010-06-30 01:54:40 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-20 12:52:46 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-01 23:52:02 | 000,000,000 | ---D | M] [2008-07-11 23:39:12 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\mozilla\Extensions [2010-07-02 01:07:40 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\mozilla\Firefox\Profiles\rc8d79md.default\extensions [2010-04-20 12:55:59 | 000,000,000 | ---D | M] (Liverpoolfctv Toolbar) -- C:\Users\timmjann\AppData\Roaming\mozilla\Firefox\Profiles\rc8d79md.default\extensions\{127d5117-dcc8-4856-8288-9baa89e57c21} [2010-05-01 17:20:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\timmjann\AppData\Roaming\mozilla\Firefox\Profiles\rc8d79md.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-03-31 16:53:44 | 000,000,929 | ---- | M] () -- C:\Users\timmjann\AppData\Roaming\Mozilla\FireFox\Profiles\rc8d79md.default\searchplugins\conduit.xml [2010-05-26 21:15:48 | 000,000,000 | ---D | M] -- C:\Program\Mozilla Firefox\extensions [2010-05-26 21:15:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-05-26 21:13:30 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Mozilla Firefox\plugins\npdeployJava1.dll [2010-04-01 19:42:59 | 000,001,470 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\allaannonser-sv-SE.xml [2010-04-01 19:42:59 | 000,002,670 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\prisjakt-sv-SE.xml [2010-04-01 19:42:59 | 000,000,948 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\tyda-sv-SE.xml [2010-04-01 19:42:59 | 000,001,174 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\wikipedia-sv-SE.xml [2010-04-01 19:42:59 | 000,000,951 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\yahoo-sv-SE.xml O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.) O2 - BHO: (Windows Live inloggningshjälpen) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O4 - HKLM..\Run: [AVG9_TRAY] C:\Program\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink) O4 - HKLM..\Run: [LManager] C:\Program\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [QuickTime Task] C:\Users\timmjann\Desktop\L I S MAPP\qttask.exe (Apple Computer, Inc.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.) O4 - Startup: C:\Users\timmjann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Innehållsförteckning i OneNote.onetoc2 () O4 - Startup: C:\Users\timmjann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skärmurklipp och start för OneNote 2007.lnk = C:\Program\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present O9 - Extra Button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O15 - HKCU\..Trusted Domains: liverpoolfc.tv ([www] http in Tillförlitliga platser) O15 - HKCU\..Trusted Domains: managerzone.com ([www] * in Tillförlitliga platser) O15 - HKCU\..Trusted Domains: managerzone.com ([www] https in Tillförlitliga platser) O15 - HKCU\..Trusted Domains: managerzone.se ([www] http in Tillförlitliga platser) O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab (Windows Live OneCare safety scanner control) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.150.193.150 83.255.245.11 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\timmjann\AppData\Roaming\Microsoft\Windows Photo Gallery\Skrivbordsunderlägg från Windows Fotogalleri.jpg O24 - Desktop BackupWallPaper: C:\Users\timmjann\AppData\Roaming\Microsoft\Windows Photo Gallery\Skrivbordsunderlägg från Windows Fotogalleri.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found ========== Files/Folders - Created Within 30 Days ========== [2010-07-04 14:56:45 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\timmjann\Desktop\OTL.exe [2010-07-03 09:45:38 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010-07-03 01:21:11 | 000,000,000 | ---D | C] -- C:\ProgramData\SITEguard [2010-07-03 01:16:24 | 000,000,000 | ---D | C] -- C:\Program\Common Files\iS3 [2010-07-03 01:16:06 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla! [2010-07-01 20:28:38 | 000,000,000 | ---D | C] -- C:\Users\timmjann\AppData\Roaming\AVG9 [2010-06-29 18:33:41 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll [2010-06-29 13:59:33 | 000,000,000 | -H-D | C] -- C:\$AVG [2010-06-29 13:58:37 | 000,025,168 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSvx.sys [2010-06-29 13:58:36 | 000,052,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys [2010-06-29 13:53:52 | 000,024,856 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgfwd6x.sys [2010-06-29 13:51:46 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9 [2010-06-29 13:16:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell [2010-06-29 13:13:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll [2010-06-29 13:12:55 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe [2010-06-29 13:12:55 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe [2010-06-29 13:12:55 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe [2010-06-29 13:12:50 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll [2010-06-29 13:12:50 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll [2010-06-29 13:12:27 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll [2010-06-29 13:12:27 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe [2010-06-29 13:12:27 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll [2010-06-29 13:12:27 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll [2010-06-29 13:12:27 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll [2010-06-29 13:12:07 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll [2010-06-29 13:12:07 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe [2010-06-29 13:12:07 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll [2010-06-29 13:12:07 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll [2010-06-29 13:12:07 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll [2010-06-29 13:10:37 | 000,000,000 | ---D | C] -- C:\Program\Microsoft Silverlight [2010-06-28 00:40:34 | 000,000,000 | ---D | C] -- C:\Program\Trend Micro [2010-06-24 03:01:53 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010-06-24 03:01:53 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010-06-24 03:01:53 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2010-06-24 00:59:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2010-06-24 00:59:52 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2010-06-21 20:33:51 | 000,000,000 | ---D | C] -- C:\progs [2010-06-18 11:02:50 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys [2010-06-16 18:27:41 | 000,000,000 | ---D | C] -- C:\Program\Microsoft Sync Framework [2010-06-16 18:26:06 | 000,000,000 | ---D | C] -- C:\Program\Microsoft [2010-06-16 18:00:30 | 000,000,000 | ---D | C] -- C:\Program\Common Files\Windows Live [2010-06-16 00:19:39 | 000,000,000 | ---D | C] -- C:\Users\timmjann\AppData\Roaming\Malwarebytes [2010-06-16 00:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010-06-16 00:19:04 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware [2010-06-16 00:16:48 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\timmjann\Desktop\mbam-setup.exe [2010-06-15 15:25:13 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010-06-15 15:25:11 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010-06-15 15:24:37 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010-06-15 15:24:13 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010-06-15 15:24:13 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010-06-15 15:24:13 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010-06-15 15:24:11 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010-06-15 15:24:11 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010-06-15 15:24:10 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010-06-15 15:24:09 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010-06-15 15:24:09 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010-06-15 15:24:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010-06-15 15:24:09 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010-06-15 15:24:09 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010-06-15 15:24:08 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010-06-15 15:24:08 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010-06-15 15:24:08 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010-06-15 15:24:08 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010-06-15 15:23:51 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys ========== Files - Modified Within 30 Days ========== [2010-07-04 15:08:13 | 004,456,448 | -HS- | M] () -- C:\Users\timmjann\ntuser.dat [2010-07-04 14:56:51 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\timmjann\Desktop\OTL.exe [2010-07-04 14:52:19 | 000,028,124 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010-07-04 14:52:19 | 000,028,124 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010-07-04 14:52:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-07-04 14:05:02 | 000,000,279 | ---- | M] () -- C:\Users\timmjann\Desktop\download.cnet.com-AVG-Anti-Virus-Free-Edition-3000-2239_4-10320142.htmlpart=dl-10044820&subj=dl&tag=button&cdlPid=11014801.url [2010-07-04 14:05:02 | 000,000,000 | ---- | M] () -- C:\Users\timmjann\Desktop\AVG Anti-Virus Free Edition - Reviews and free AVG Anti-Virus Free Edition downloads at Download.com.url [2010-07-04 13:55:36 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010-07-04 13:55:36 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010-07-04 13:12:22 | 061,640,879 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2010-07-04 11:59:44 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{60953392-EE62-4739-BBAE-35E412CC012B}.job [2010-07-03 16:51:20 | 000,000,488 | ---- | M] () -- C:\Windows\System32\drivers\kgpcpy.cfg [2010-07-03 16:47:26 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\SLOW-PCfighter.job [2010-07-03 16:47:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-07-03 15:05:29 | 000,524,288 | -HS- | M] () -- C:\Users\timmjann\ntuser.dat{3a4e2211-785b-11df-bd20-001b384c8a3e}.TMContainer00000000000000000001.regtrans-ms [2010-07-03 15:05:29 | 000,065,536 | -HS- | M] () -- C:\Users\timmjann\ntuser.dat{3a4e2211-785b-11df-bd20-001b384c8a3e}.TM.blf [2010-07-03 15:02:50 | 002,683,823 | -H-- | M] () -- C:\Users\timmjann\AppData\Local\IconCache.db [2010-07-03 01:25:37 | 000,200,704 | -H-- | M] () -- C:\SZKGFS.dat [2010-07-03 01:23:57 | 000,000,241 | ---- | M] () -- C:\Users\timmjann\Desktop\download.cnet.com-AVG-Anti-Virus-Free-Edition-3000-2239_4-10320142.htmltag=mncol;pop.url [2010-06-29 18:33:47 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys [2010-06-29 18:33:41 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys [2010-06-29 18:33:41 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll [2010-06-29 18:32:06 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSvx.sys [2010-06-29 18:29:39 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys [2010-06-29 13:58:49 | 000,001,651 | ---- | M] () -- C:\Users\Public\Desktop\AVG 9.0.lnk [2010-06-29 13:58:36 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys [2010-06-29 13:57:42 | 000,599,358 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavifw.avm [2010-06-29 13:57:41 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm [2010-06-29 13:53:52 | 000,024,856 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgfwd6x.sys [2010-06-28 23:59:28 | 000,297,584 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010-06-28 23:28:56 | 000,000,606 | ---- | M] () -- C:\Users\timmjann\AppData\Roaming\wklnhst.dat [2010-06-28 00:45:58 | 000,007,927 | ---- | M] () -- C:\Users\timmjann\Desktop\hijackthis2 [2010-06-26 23:21:01 | 000,000,209 | ---- | M] () -- C:\Users\timmjann\Desktop\Spel - Icakuriren.url [2010-06-22 22:54:17 | 000,000,620 | ---- | M] () -- C:\Users\timmjann\Desktop\Click - genväg.lnk [2010-06-20 22:00:00 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job [2010-06-18 11:07:41 | 000,029,696 | ---- | M] () -- C:\Users\timmjann\Documents\Mötesanteckningar från möte med Drottningstdens stödgrupp 100618.doc [2010-06-18 11:00:35 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe [2010-06-18 11:00:24 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys [2010-06-16 01:42:16 | 000,524,288 | -HS- | M] () -- C:\Users\timmjann\ntuser.dat{3a4e2211-785b-11df-bd20-001b384c8a3e}.TMContainer00000000000000000002.regtrans-ms [2010-06-16 00:18:43 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\timmjann\Desktop\mbam-setup.exe [2010-06-15 14:56:41 | 004,456,448 | -HS- | M] () -- C:\Users\timmjann\ntuser.dat_previous [2010-06-15 14:56:39 | 000,524,288 | -HS- | M] () -- C:\Users\timmjann\ntuser.dat{bb2a3092-b7c2-11de-9b85-001b384c8a3e}.TMContainer00000000000000000001.regtrans-ms [2010-06-15 14:56:39 | 000,065,536 | -HS- | M] () -- C:\Users\timmjann\ntuser.dat{bb2a3092-b7c2-11de-9b85-001b384c8a3e}.TM.blf [2010-06-09 22:01:49 | 000,000,221 | ---- | M] () -- C:\Users\timmjann\Application Data\Microsoft\Internet Explorer\Quick Launch\ManagerZone - Gratis Sportmanagerspel (2).url [2010-06-09 17:45:49 | 000,000,221 | ---- | M] () -- C:\Users\timmjann\Documents\ManagerZone - Gratis Sportmanagerspel (2).url [2010-06-07 15:52:38 | 000,000,180 | ---- | M] () -- C:\Users\timmjann\Application Data\Microsoft\Internet Explorer\Quick Launch\Enter Liverpoolfc.tv .url ========== Files Created - No Company Name ========== [2010-07-04 14:05:02 | 000,000,279 | ---- | C] () -- C:\Users\timmjann\Desktop\download.cnet.com-AVG-Anti-Virus-Free-Edition-3000-2239_4-10320142.htmlpart=dl-10044820&subj=dl&tag=button&cdlPid=11014801.url [2010-07-04 14:05:02 | 000,000,000 | ---- | C] () -- C:\Users\timmjann\Desktop\AVG Anti-Virus Free Edition - Reviews and free AVG Anti-Virus Free Edition downloads at Download.com.url [2010-07-03 16:51:03 | 000,000,488 | ---- | C] () -- C:\Windows\System32\drivers\kgpcpy.cfg [2010-07-03 01:25:37 | 000,200,704 | -H-- | C] () -- C:\SZKGFS.dat [2010-07-02 01:58:41 | 000,000,241 | ---- | C] () -- C:\Users\timmjann\Desktop\download.cnet.com-AVG-Anti-Virus-Free-Edition-3000-2239_4-10320142.htmltag=mncol;pop.url [2010-06-29 13:58:49 | 000,001,651 | ---- | C] () -- C:\Users\Public\Desktop\AVG 9.0.lnk [2010-06-29 13:12:13 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs [2010-06-29 13:12:13 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl [2010-06-29 13:12:12 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml [2010-06-28 00:45:58 | 000,007,927 | ---- | C] () -- C:\Users\timmjann\Desktop\hijackthis2 [2010-06-22 22:54:17 | 000,000,620 | ---- | C] () -- C:\Users\timmjann\Desktop\Click - genväg.lnk [2010-06-18 11:07:36 | 000,029,696 | ---- | C] () -- C:\Users\timmjann\Documents\Mötesanteckningar från möte med Drottningstdens stödgrupp 100618.doc [2010-06-15 19:44:55 | 000,524,288 | -HS- | C] () -- C:\Users\timmjann\ntuser.dat{3a4e2211-785b-11df-bd20-001b384c8a3e}.TMContainer00000000000000000002.regtrans-ms [2010-06-15 19:44:55 | 000,524,288 | -HS- | C] () -- C:\Users\timmjann\ntuser.dat{3a4e2211-785b-11df-bd20-001b384c8a3e}.TMContainer00000000000000000001.regtrans-ms [2010-06-15 19:44:55 | 000,065,536 | -HS- | C] () -- C:\Users\timmjann\ntuser.dat{3a4e2211-785b-11df-bd20-001b384c8a3e}.TM.blf [2010-06-09 22:01:49 | 000,000,221 | ---- | C] () -- C:\Users\timmjann\Application Data\Microsoft\Internet Explorer\Quick Launch\ManagerZone - Gratis Sportmanagerspel (2).url [2010-06-09 22:01:06 | 000,000,221 | ---- | C] () -- C:\Users\timmjann\Documents\ManagerZone - Gratis Sportmanagerspel (2).url [2010-06-05 08:09:47 | 000,014,061 | ---- | C] () -- C:\Users\timmjann\Application Data\Microsoft\Internet Explorer\Quick Launch\FooterLogo[1].png [2010-06-05 08:06:39 | 000,000,180 | ---- | C] () -- C:\Users\timmjann\Application Data\Microsoft\Internet Explorer\Quick Launch\Enter Liverpoolfc.tv .url [2009-08-03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.DLL [2009-07-09 23:13:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2008-08-26 11:12:22 | 000,213,072 | ---- | C] () -- C:\Windows\System32\DNLEng.dll [2007-10-23 09:47:52 | 000,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI [2007-10-23 09:47:51 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI [2007-07-28 06:49:56 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll [2007-07-28 03:39:53 | 000,000,117 | ---- | C] () -- C:\Windows\Alaunch.ini [2007-07-27 20:38:26 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys [2007-07-27 20:38:26 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys [2007-07-27 19:12:21 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2007-07-27 19:09:12 | 000,000,775 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2001-12-26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001-09-03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001-07-30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001-07-23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll ========== LOP Check ========== [2010-05-17 11:32:39 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Agency9 [2010-07-01 20:28:38 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\AVG9 [2009-07-30 23:28:24 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Goodsol [2008-01-29 00:51:01 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Grisoft [2009-12-16 22:57:24 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\IObit [2010-02-24 01:49:09 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\NoteTab Light [2009-12-15 22:47:54 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\NoteTab Pro [2007-12-22 23:12:33 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Opera [2007-10-28 13:59:33 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\PeerNetworking [2009-02-27 12:40:45 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Personal [2008-02-18 16:43:54 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Pogo Games [2009-11-10 00:19:50 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\SPAMfighter [2008-02-02 21:36:33 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Template [2009-11-17 01:43:32 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Uniblue [2008-11-22 22:46:54 | 000,000,000 | ---D | M] -- C:\Users\timmjann\AppData\Roaming\Windows Live Writer [2010-07-03 15:04:47 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010-07-03 16:47:26 | 000,000,446 | ---- | M] () -- C:\Windows\Tasks\SLOW-PCfighter.job [2010-06-20 22:00:00 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job [2010-07-04 11:59:44 | 000,000,426 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{60953392-EE62-4739-BBAE-35E412CC012B}.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 815 bytes -> C:\Users\timmjann\Desktop\Attached message.eml:OECustomProperty @Alternate Data Stream - 771 bytes -> C:\Users\timmjann\Documents\Attached message.eml:OECustomProperty @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:225C4FFC @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:9E22BBE8 @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:A8ADE5D8 @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:CFE0B346 @Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:981884E7 < End of report >
  15. Tack. Detta kom upp nu (med röd text) när jag kör AVG- jag har den schemalagd varje söndag middag -: The file is signed with a broken digital signature, issued by Microsoft Corporation C:\Acer\Empowering Technologi\eRecovery\Autorun\SW3CDMaker\WMFDist.exe
×
×
  • Skapa nytt...