Just nu i M3-nätverket
Gå till innehåll
kopparn

Update

Rekommendera Poster

ny hijack[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:34:38, on 2008-12-03

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\Kitco\Kcast\Kcast.exe

C:\Program Files\Personal\bin\Personal.exe

C:\Windows\system32\igfxext.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\system32\igfxsrvc.exe

C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE

C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE

C:\Users\pappa\AppData\Local\Temp\RtkBtMnt.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Internet Explorer\ieuser.exe

C:\Windows\system32\conime.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Windows\system32\SearchFilterHost.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://user.tninet.se/~rmd498m/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sv.intl.acer.yahoo.com'>http://sv.intl.acer.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://sv.intl.acer.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O1 - Hosts: ::1 localhost

O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [KITCO] C:\Program Files\Kitco\Kcast\Kcast

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')

O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'Default user')

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O4 - Global Startup: Personal.lnk = C:\Program Files\Personal\bin\Personal.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll

O9 - Extra button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\Microgaming\Poker\ladbrokesMPP\MPPoker.exe

O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe

O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:\Microgaming\Poker\nordicbetMPP\MPPoker.exe

O13 - Gopher Prefix:

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldsv-se.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://mppv2flash3.valueactive.com/Unibet/FlashAX.cab

O20 - AppInit_DLLs: eNetHook.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe

O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

--

End of file - 7916 bytes

[/log]

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

2008-12-02 18:39 --------- d-----w c:\users\pappa\AppData\Roaming\RegClean

Verkar inte vara något bra program:

http://www.siteadvisor.com/sites/regclean.com

Du måste vara försiktigare med vad du installerar, det verkar som det innehåller något som kan stjäla lösenord. Avinstallera och se till att mapparna är borta.

 

"KITCO"="c:\program files\Kitco\Kcast\Kcast" [X]

Är det avinstallerat? Ta då bort dess mappar också:

2008-10-29 08:00 --------- d-----w c:\program files\Kitco

 

Har online-skanningarna visat något?

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Det är en gammal Java-version med säkerhetshål i datorn. Jag rekommenderar dig att installera en ny från http://www.java.com/sv/ och därefter avinstallera alla Java/J2SE/JRE utom den senaste i Kontrollpanelen - Lägg till eller ta bort program (inga webbläsare igång).

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Den enda onlinescanning som gick att genomföra var med Trendmicro, o det visade inga konstigheter.

Försökte köra med defender nu oxå, men det blev felkod där: 0x8024419

När jag försöker köra de andra onlinescanningsprogrammen kommer. "sidan kan inte visas upp"

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Det är kanske för kort tid med en månad som ComboFix kollar.

Ladda ner OTViewIt till Skrivbordet:

http://oldtimer.geekstogo.com/OTViewIt.exe

 

Stäng alla program.

Kör OTViewIt (i Vista högerklicka och Kör som administratör).

Bocka för Scan all Users.

Välj 70 dagar för File Age.

Tryck på Run Scan och låt programmet köra ostört.

 

När det är klart så skapas två loggfiler på Skrivbordet, OTViewIt.txt och Extras.txt, klistra in båda två i ditt svar.

 

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

De två på skrivbordet komm[log]OTViewIt Extras logfile created on: 2008-12-05 22:24:33 - Run 3

OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Users\pappa\Desktop

Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

501,44 Mb Total Physical Memory | 74,62 Mb Available Physical Memory | 14,88% Memory free

1,46 Gb Paging File | 0,37 Gb Available in Paging File | 25,49% Paging File free

Paging file location(s): ?:\pagefile.sys;

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 34,67 Gb Total Space | 15,80 Gb Free Space | 45,58% Space Free | Partition Type: NTFS

Drive D: | 30,09 Gb Total Space | 30,00 Gb Free Space | 99,70% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: PAPPA-DATOR

Current User Name: pappa

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 90 Days

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url [@ = InternetShortcut] C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval"=1

"UacDisableNotify"=1

"InternetSettingsDisableNotify"=1

"AutoUpdateDisableNotify"=1

"FirewallDisableNotify"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride"=0

"AntiSpywareOverride"=0

"FirewallOverride"=0

"VistaSp1"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

"EnableFirewall"=1

"DisableNotifications"=0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

File not found C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu

File not found C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption

File not found C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption

 

========== (O10) Winsock2 Catalogs ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]

NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] C:\Windows\System32\nlaapi.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

 

========== HKEY_LOCAL_MACHINE Protocol Defaults ==========

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults - Default Protocols

ldap 4 = Restricted sites (Not a Default Protocol)

news 4 = Restricted sites (Not a Default Protocol)

nntp 4 = Restricted sites (Not a Default Protocol)

oecmd 4 = Restricted sites (Not a Default Protocol)

snews 4 = Restricted sites (Not a Default Protocol)

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

@ivt @ivt protocol not assigned

file file protocol not assigned

ftp ftp protocol not assigned

http http protocol not assigned

https https protocol not assigned

shell shell protocol not assigned

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

@ivt @ivt protocol not assigned

file file protocol not assigned

ftp ftp protocol not assigned

http http protocol not assigned

https https protocol not assigned

shell shell protocol not assigned

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{11316260-6666-467B-AC34-183FCB5D4335}"=Acer Mobility Center Plug-In

"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}"=Acer eLock Management

"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}"=NTI CD & DVD-Maker

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=Google Toolbar for Internet Explorer

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java 6 Update 11

"{58E5844B-7CE2-413D-83D1-99294BF6C74F}"=Acer ePower Management

"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}"=TerraTec Home Cinema

"{64A32253-A906-4AEB-B6A7-A90512B68D87}"=VersionTracker Pro Windows

"{67ADE9AF-5CD9-4089-8825-55DE4B366799}"=NTI Backup NOW! 4.7

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}"=PowerDVD

"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}"=NTI Shadow

"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable

"{7635D07D-B727-496F-94CA-8AC60E0C40CE}"=Microsoft Report Viewer Redistributable 2005

"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}"=Acer ScreenSaver

"{87F6173E-66E9-4188-9BC9-AD81610ABEE4}"=Microsoft SQL Server Native Client

"{88410D8F-8529-492B-B556-2394A29B811B}"=Broadcom Driver v4.102.15.63_Foxconn Installation Program

"{885DE773-CC47-4B94-97A3-C692C9AF1B05}"=Hjälpfiler för installation av Microsoft SQL Server (engelska)

"{8DE292EC-FA26-4526-BFEB-3EE820E97005}"=OpenOffice.org Installer 1.0

"{94389919-B0AA-4882-9BE8-9F0B004ECA35}"=Acer Tour

"{AB6097D9-D722-4987-BD9E-A076E2848EE2}"=Acer Empowering Technology

"{AC76BA86-7AD7-1053-7B44-A81300000003}"=Adobe Reader 8.1.3 - Svenska

"{BF839132-BD43-4056-ACBF-4377F4A88E2A}"=Acer ePresentation Management

"{C06554A1-2C1E-4D20-B613-EE62C79927CC}"=Acer eNet Management

"{C0CE77E6-3CB9-4C81-8B10-A47E3D716010}"=Microsoft SQL Server VSS-skrivare

"{CE386A4E-D0DA-4208-8235-BCE43275C694}"=LightScribe 1.4.142.1

"{CE65A9A0-9686-45C6-9098-3C9543A412F0}"=Acer eSettings Management

"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}"=Broadcom Gigabit Integrated Controller

"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}"=Full Tilt Poker

"{DB780B85-B4B5-4864-A49C-9B706B169C93}"=TIPCI

"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}"=Google Toolbar for Internet Explorer

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver

"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}"=Windows Live OneCare safety scanner

"Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX

"Adobe Shockwave Player"=Adobe Shockwave Player

"avast!"=avast! Antivirus

"Bet24"=BET24 (remove only)

"Betsson"=Betsson (remove only)

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118"=HDAUDIO Soft Data Fax Modem with SmartCP

"EsetOnlineScanner"=ESET Online Scanner

"GridVista"=Acer GridVista

"HDMI"=Intel® Graphics Media Accelerator Driver

 

"HijackThis"=HijackThis 2.0.2

"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}"=NTI CD & DVD-Maker

"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}"=Texas Instruments PCIxx21/x515/xx12 drivers.

"Kcast_Beta_1.0"=Kcast Beta 2.0.0

"Ladbrokes Poker"=Ladbrokes Poker

"LManager"=Launch Manager

"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware

"Microsoft Report Viewer Redistributable 2005"=Microsoft Report Viewer Redistributable 2005

"NordicBet Poker"=NordicBet Poker

"Personal"=Personal 4.5.4

"SpywareBlaster_is1"=SpywareBlaster 4.0

"SynTPDeinstKey"=Synaptics Pointing Device Driver

"Unibet Poker"=Unibet Poker

"Windows Live OneCare safety scanner"=Windows Live OneCare safety scanner

"Ving Resebevakaren"=Ving Resebevakaren 1.0

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 2008-08-03 15:17:57 | Computer Name = pappa-dator | Source = Windows Search Service | ID = 3013

Description =

 

Error - 2008-08-03 15:17:57 | Computer Name = pappa-dator | Source = Windows Search Service | ID = 3013

Description =

 

Error - 2008-08-03 15:17:57 | Computer Name = pappa-dator | Source = Windows Search Service | ID = 3013

Description =

 

Error - 2008-08-03 15:17:57 | Computer Name = pappa-dator | Source = Windows Search Service | ID = 3013

Description =

 

Error - 2008-08-03 15:17:57 | Computer Name = pappa-dator | Source = Windows Search Service | ID = 3013

Description =

 

Error - 2008-08-03 15:17:57 | Computer Name = pappa-dator | Source = Windows Search Service | ID = 3013

Description =

 

Error - 2008-08-03 15:17:57 | Computer Name = pappa-dator | Source = Windows Search Service | ID = 3013

Description =

 

Error - 2008-08-04 12:53:57 | Computer Name = pappa-dator | Source = Application Error | ID = 1000

Description = Felet uppstod i programmet CinergyDvr.exe, version 5.78.0.557, tidsstämpel

0x482abe6a, felet uppstod i modulen unknown, version 0.0.0.0, tidsstämpel 0x00000000,

undantagskod 0xc0000005, felförskjutning 0x00000000, process-ID 0xdec, programmets

starttid 0x01c8f6526cf8a868.

 

Error - 2008-08-05 12:56:35 | Computer Name = pappa-dator | Source = Application Error | ID = 1000

Description = Felet uppstod i programmet CinergyDvr.exe, version 5.78.0.557, tidsstämpel

0x482abe6a, felet uppstod i modulen psisrndr.ax, version 6.6.6001.18000, tidsstämpel

0x4791a742, undantagskod 0xc0000005, felförskjutning 0x00006975, process-ID 0xc00,

programmets starttid 0x01c8f71bee27da88.

 

Error - 2008-08-05 13:01:16 | Computer Name = pappa-dator | Source = Application Error | ID = 1000

Description = Felet uppstod i programmet CinergyDvr.exe, version 5.78.0.557, tidsstämpel

0x482abe6a, felet uppstod i modulen psisrndr.ax, version 6.6.6001.18000, tidsstämpel

0x4791a742, undantagskod 0xc0000005, felförskjutning 0x00006975, process-ID 0xddc,

programmets starttid 0x01c8f71c993d00d8.

 

[ System Events ]

Error - 2008-05-28 01:15:36 | Computer Name = pappa-dator | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2008-05-28 01:21:10 | Computer Name = pappa-dator | Source = Service Control Manager | ID = 7043

Description =

 

Error - 2008-05-28 09:58:02 | Computer Name = pappa-dator | Source = HTTP | ID = 15016

Description =

 

Error - 2008-05-28 09:58:57 | Computer Name = pappa-dator | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2008-05-28 11:05:50 | Computer Name = pappa-dator | Source = DCOM | ID = 10010

Description =

 

Error - 2008-05-28 11:08:23 | Computer Name = pappa-dator | Source = HTTP | ID = 15016

Description =

 

Error - 2008-05-28 11:08:51 | Computer Name = pappa-dator | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2008-05-28 16:01:27 | Computer Name = pappa-dator | Source = DCOM | ID = 10010

Description =

 

Error - 2008-05-29 00:48:53 | Computer Name = pappa-dator | Source = HTTP | ID = 15016

Description =

 

Error - 2008-05-29 00:49:46 | Computer Name = pappa-dator | Source = Service Control Manager | ID = 7000

Description =

 

 

< End of report >

er med nästa[/log]

Rättat till LOG-taggarna

Cecilia - Moderator för Virus, skadliga program & botemedel

 

[inlägget ändrat 2008-12-06 00:19:32 av Cecilia]

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

[log]OTViewIt logfile created on: 2008-12-05 22:24:33 - Run 3

OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Users\pappa\Desktop

Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

501,44 Mb Total Physical Memory | 74,62 Mb Available Physical Memory | 14,88% Memory free

1,46 Gb Paging File | 0,37 Gb Available in Paging File | 25,49% Paging File free

Paging file location(s): ?:\pagefile.sys;

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 34,67 Gb Total Space | 15,80 Gb Free Space | 45,58% Space Free | Partition Type: NTFS

Drive D: | 30,09 Gb Total Space | 30,00 Gb Free Space | 99,70% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: PAPPA-DATOR

Current User Name: pappa

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 90 Days

 

========== Processes ==========

 

[2008-01-18 22:33:38 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe

[2008-01-18 22:33:16 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe

[2008-01-18 22:33:24 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe

[2008-11-26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\aswUpdSv.exe

[2008-11-26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashServ.exe

[2008-01-18 22:33:34 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe

[2008-01-18 22:33:10 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe

[2007-03-14 10:52:30 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe

[2007-04-17 19:36:34 | 00,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe

[2007-01-17 10:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program\Common Files\LightScribe\LSSrvc.exe

[2006-11-24 12:57:54 | 00,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe

[2007-04-03 07:07:38 | 00,272,024 | ---- | M] () -- C:\Program\CyberLink\Shared Files\RichVideo.exe

[2008-05-27 06:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe

[2006-11-29 01:44:58 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe

[2007-02-13 06:26:50 | 00,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

[2007-04-24 17:40:54 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe

[2007-04-24 15:48:22 | 00,163,840 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

[2008-01-18 22:33:40 | 00,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe

[2008-01-18 22:33:34 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe

[2008-11-26 18:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashMaiSv.exe

[2008-11-26 18:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashWebSv.exe

[2008-01-18 22:33:34 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe

[2007-03-24 04:04:54 | 04,423,680 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe

[2006-10-23 20:00:36 | 00,815,104 | ---- | M] (Synaptics, Inc.) -- C:\Program\Synaptics\SynTP\SynTPEnh.exe

[2008-01-18 22:33:40 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Media Player\wmpnscfg.exe

[2008-01-18 22:33:40 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Media Player\wmpnetwk.exe

[2007-05-22 23:37:04 | 00,850,704 | ---- | M] (Dritek System Inc.) -- C:\Program\Launch Manager\LManager.exe

[2008-02-11 19:13:12 | 00,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe

[2008-02-11 19:13:02 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe

[2008-02-11 19:13:08 | 00,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe

[2008-11-26 18:18:51 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashDisp.exe

[2007-03-14 21:01:30 | 00,071,216 | ---- | M] (Cyberlink Corp.) -- C:\Program\CyberLink\PowerDVD\PDVDServ.exe

[2005-06-28 01:22:27 | 00,552,997 | ---- | M] (Kitco Metals Inc.) -- C:\Program\Kitco\Kcast\Kcast.exe

[2008-02-11 19:13:06 | 00,170,520 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe

[2008-02-11 19:13:10 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe

[2008-08-06 19:18:52 | 00,722,464 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exe

[2008-05-06 20:06:26 | 02,162,688 | ---- | M] (CNET TechTracker) -- C:\Program\TechTracker\VersionTracker Pro\VersionTrackerPro.exe

[2008-02-11 19:13:10 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe

[2008-12-05 17:36:32 | 00,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\pappa\AppData\Local\Temp\RtkBtMnt.exe

[2007-04-17 19:36:36 | 00,749,568 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNMTray.exe

[2007-04-26 16:00:02 | 00,507,904 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

[2007-02-09 06:35:54 | 00,397,312 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe

[2008-01-18 22:33:40 | 00,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe

[2008-01-18 22:33:14 | 00,299,520 | ---- | M] (Microsoft Corporation) -- C:\Program\Internet Explorer\ieuser.exe

[2008-07-19 06:10:40 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe

[2008-01-18 22:33:06 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe

[2008-01-18 22:38:40 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Defender\MSASCui.exe

[2008-12-05 19:02:30 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Java\jre6\bin\jusched.exe

[2008-01-18 22:33:14 | 00,625,664 | ---- | M] (Microsoft Corporation) -- C:\Program\Internet Explorer\iexplore.exe

[2008-01-18 22:33:14 | 00,625,664 | ---- | M] (Microsoft Corporation) -- C:\Program\Internet Explorer\iexplore.exe

[2008-01-18 22:33:34 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe

[2008-10-05 04:16:26 | 00,235,936 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10a.exe

[2008-11-10 17:09:17 | 05,451,776 | ---- | M] () -- C:\Program\Betsson\BetssonPoker.exe

[2008-12-05 21:39:27 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Users\pappa\Desktop\OTViewIt.exe

 

========== (O23) Win32 Services ==========

 

[2008-11-26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])

[2008-11-26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])

[2008-11-26 18:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])

[2008-11-26 18:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])

File not found -- -- (CertPropSvc [unknown | Stopped])

[2008-01-05 02:26:42 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

File not found -- -- (CLTNetCnService [Auto | Stopped])

File not found -- -- (DcomLaunch [unknown | Running])

[2008-01-18 22:33:08 | 02,091,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe -- (DFSR [On_Demand | Stopped])

[2008-01-18 22:34:08 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dps.dll -- (DPS [unknown | Running])

[2007-03-14 10:52:30 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService [Auto | Running])

[2007-04-17 19:36:34 | 00,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service [Auto | Running])

[2007-02-13 06:26:50 | 00,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService [Auto | Running])

[2007-04-24 17:40:54 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService [Auto | Running])

[2008-01-05 02:21:54 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])

[2008-01-18 22:34:26 | 00,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll -- (gpsvc [unknown | Running])

[2008-08-07 16:35:20 | 00,138,168 | ---- | M] (Google) -- C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])

[2007-01-17 10:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])

[2006-11-24 12:57:54 | 00,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService [Auto | Running])

[2006-11-02 14:01:50 | 00,000,000 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [unknown | Stopped])

[2008-01-05 02:21:40 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

[2007-04-03 07:07:38 | 00,272,024 | ---- | M] () -- C:\Program\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])

[2008-01-18 22:36:18 | 00,547,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll -- (RpcSs [unknown | Running])

[2008-01-18 22:36:20 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr [unknown | Running])

File not found -- -- (Schedule [unknown | Running])

File not found -- -- (SCPolicySvc [unknown | Stopped])

[2008-01-18 22:33:24 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc [Auto | Running])

[2006-11-02 10:45:46 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])

[2006-04-14 09:04:54 | 00,087,840 | ---- | M] (Microsoft Corporation) -- C:\Program\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter [On_Demand | Stopped])

[2008-01-18 22:33:34 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect [On_Demand | Stopped])

[2008-01-18 22:33:34 | 00,382,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds [On_Demand | Stopped])

File not found -- -- (WdiServiceHost [unknown | Stopped])

File not found -- -- (WdiSystemHost [unknown | Running])

[2007-04-24 15:48:22 | 00,163,840 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService [Auto | Running])

[2008-01-18 22:33:40 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Auto | Running])

[2008-05-27 06:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Auto | Running])

[2006-11-29 01:44:58 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService [Auto | Running])

 

========== Driver Services ==========

 

[2006-11-02 10:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])

[2006-11-02 10:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])

[2006-11-02 10:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])

[2006-11-02 10:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])

[2006-11-20 06:57:00 | 00,283,776 | ---- | M] (AfaTech ) -- C:\Windows\System32\drivers\AF15BDA.sys -- (AF15BDA [On_Demand | Stopped])

[2006-11-02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])

[2006-11-02 10:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\System32\drivers\aliide.sys -- (aliide [Disabled | Stopped])

[2006-11-02 10:49:59 | 00,054,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp [On_Demand | Stopped])

[2006-11-02 10:49:26 | 00,015,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdide.sys -- (amdide [Disabled | Stopped])

[2006-11-02 09:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7 [Disabled | Stopped])

[2006-11-02 09:30:18 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8 [Disabled | Stopped])

[2006-11-02 10:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys -- (arc [Disabled | Stopped])

[2006-11-02 10:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])

[2008-11-26 18:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk [Auto | Running])

[2008-11-26 18:17:15 | 00,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt [Auto | Running])

[2008-11-26 18:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr [system | Running])

[2008-11-26 18:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP [system | Running])

[2008-11-26 18:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi [system | Running])

[2007-02-08 14:03:20 | 00,179,712 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x [On_Demand | Running])

[2006-12-19 21:18:28 | 00,534,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV [On_Demand | Stopped])

[2006-12-19 21:18:28 | 00,534,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX [On_Demand | Running])

[2008-01-18 20:28:28 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser [On_Demand | Running])

[2006-11-02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])

[2006-11-02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])

[2006-11-02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid [Disabled | Stopped])

[2006-11-02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm [Disabled | Stopped])

[2006-11-02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm [Disabled | Stopped])

[2006-11-02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped])

[2006-11-02 09:55:23 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM [Disabled | Stopped])

[2006-11-02 09:55:08 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\circlass.sys -- (circlass [Disabled | Stopped])

[2008-01-18 22:43:00 | 00,247,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys -- (CLFS [unknown | Running])

[2006-11-02 10:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])

[2006-11-02 10:49:43 | 00,022,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk [boot | Running])

[2006-11-02 09:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe [Disabled | Stopped])

[2008-01-18 20:28:22 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC [system | Running])

[2006-11-03 06:29:38 | 00,021,264 | ---- | M] (Dritek System Inc.) -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr [On_Demand | Running])

[2008-08-02 02:01:23 | 00,625,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running])

[2006-11-02 08:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])

[2008-01-18 22:42:12 | 00,143,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache [boot | Running])

[2006-11-02 10:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])

[2008-01-18 20:28:02 | 00,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\exfat.sys -- (exfat [On_Demand | Stopped])

[2008-01-18 22:42:32 | 00,058,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo [boot | Running])

[2008-01-18 20:30:24 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace [On_Demand | Stopped])

[2006-11-02 10:50:04 | 00,058,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx [On_Demand | Stopped])

[2006-11-02 08:36:49 | 00,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])

[2008-01-18 19:30:50 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])

[2006-11-02 09:55:22 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth [Disabled | Stopped])

[2006-11-02 09:55:01 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidir.sys -- (HidIr [Disabled | Stopped])

[2006-11-02 10:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs [Disabled | Stopped])

[2006-11-02 08:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])

[2006-12-22 20:50:24 | 00,985,600 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])

[2006-12-22 20:49:04 | 00,207,360 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])

[2008-02-11 18:36:10 | 02,302,976 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm [On_Demand | Stopped])

[2007-03-21 12:58:56 | 00,304,920 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor [boot | Running])

[2006-11-02 10:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV [Disabled | Stopped])

[2008-02-11 18:36:10 | 02,302,976 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx [On_Demand | Running])

[2006-11-02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])

[2006-12-07 18:12:02 | 00,076,584 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15 [Auto | Running])

[2007-03-27 04:18:18 | 01,761,696 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])

[2006-11-02 09:42:03 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV [Disabled | Stopped])

[2008-01-18 22:42:36 | 00,181,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt [On_Demand | Running])

[2006-11-02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])

[2006-11-02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])

[2006-11-02 09:51:12 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid [Disabled | Stopped])

[2008-01-18 20:55:04 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio [Auto | Running])

[2006-11-02 10:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])

[2006-11-02 10:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])

[2006-11-02 10:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])

[2008-01-18 20:30:38 | 00,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys -- (luafv [Auto | Running])

[2006-06-19 23:26:58 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])

[2006-11-02 10:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\megasas.sys -- (megasas [Disabled | Stopped])

[2008-01-18 20:52:20 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor [On_Demand | Running])

[2006-11-02 10:50:16 | 00,078,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpio.sys -- (mpio [Disabled | Stopped])

[2008-01-18 20:54:48 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv [On_Demand | Running])

[2006-11-02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x [Disabled | Stopped])

[2008-05-08 20:21:56 | 00,211,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10 [On_Demand | Running])

[2008-01-18 20:28:38 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20 [On_Demand | Running])

[2006-11-02 10:49:44 | 00,023,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys -- (msahci [Disabled | Stopped])

[2006-11-02 10:50:17 | 00,080,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm [Disabled | Stopped])

[2008-01-18 22:41:16 | 00,016,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv [boot | Running])

[2008-01-18 22:42:30 | 00,163,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC [On_Demand | Stopped])

[2008-05-20 03:07:31 | 00,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP [On_Demand | Running])

[2006-11-02 08:30:54 | 01,781,760 | ---- | M] (Intel® Corporation) -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32 [On_Demand | Stopped])

[2006-11-02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])

[2008-01-18 20:55:52 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy [system | Running])

[2007-04-23 10:36:34 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])

[2006-11-02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])

[2006-11-02 08:30:56 | 00,429,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD [On_Demand | Stopped])

[2006-11-02 10:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])

[2006-11-02 10:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])

[2006-11-02 10:50:40 | 00,106,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp [On_Demand | Stopped])

[2006-11-02 10:04:35 | 00,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH [Auto | Running])

[2008-04-05 02:21:42 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched [system | Running])

[2006-11-02 10:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])

[2006-11-02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])

[2008-01-18 20:56:08 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv [On_Demand | Stopped])

[2008-01-18 20:56:44 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp [On_Demand | Running])

[2008-01-18 21:01:10 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD [system | Running])

[2008-01-18 20:55:04 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr [Auto | Running])

[2006-11-02 10:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port [Disabled | Stopped])

[2008-01-18 20:32:58 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus [On_Demand | Running])

[2006-11-02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])

[2008-01-18 20:49:18 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse [Disabled | Stopped])

[2006-11-02 09:51:38 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk [Disabled | Stopped])

[2006-11-02 09:51:40 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc [On_Demand | Stopped])

[2006-11-02 09:51:40 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])

[2006-11-02 10:49:51 | 00,053,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp [On_Demand | Stopped])

[2006-11-02 10:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])

[2006-11-02 10:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])

[2008-01-18 20:55:28 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb [system | Running])

[2008-01-18 22:41:32 | 00,021,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys -- (spldr [boot | Running])

[2008-01-18 20:29:16 | 00,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2 [On_Demand | Running])

[2008-01-18 20:29:14 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet [On_Demand | Running])

[2006-11-02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])

[2006-11-02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])

[2006-11-02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])

[2006-10-23 20:17:32 | 00,179,896 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])

[2008-01-18 20:56:08 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg [Auto | Running])

[2007-10-30 07:45:20 | 00,024,064 | ---- | M] (Todos Data System AB) -- C:\Windows\System32\drivers\nordecr.sys -- (TdsNordecr [On_Demand | Stopped])

[2008-01-18 20:56:00 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx [system | Running])

[2007-01-24 23:44:06 | 00,290,304 | ---- | M] (Texas Instruments) -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21 [On_Demand | Running])

[2008-01-18 21:01:16 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv [On_Demand | Stopped])

[2008-01-18 20:55:42 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp [On_Demand | Running])

[2008-01-18 20:55:52 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel [On_Demand | Running])

[2006-11-02 10:49:59 | 00,056,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35 [On_Demand | Stopped])

[2006-11-02 10:50:04 | 00,058,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx [On_Demand | Stopped])

[2006-11-02 10:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])

[2006-11-02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])

[2006-11-02 10:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])

[2008-01-18 20:53:42 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus [On_Demand | Running])

[2006-11-02 09:55:09 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir [Disabled | Stopped])

[2006-11-02 09:55:20 | 00,132,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo [On_Demand | Stopped])

[2006-11-02 09:53:56 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vgapnp.sys -- (vga [On_Demand | Stopped])

[2006-11-02 09:30:19 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7 [Disabled | Stopped])

[2006-11-02 10:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viaide.sys -- (viaide [Disabled | Stopped])

[2008-01-18 22:42:20 | 00,052,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr [boot | Running])

[2008-01-18 22:43:04 | 00,294,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx [boot | Running])

[2006-11-02 10:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])

[2006-11-02 09:52:52 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen [Disabled | Stopped])

[2006-11-02 10:49:38 | 00,019,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wd.sys -- (Wd [Disabled | Stopped])

[2008-01-18 22:43:28 | 00,503,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000 [boot | Running])

[2006-12-22 20:48:54 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf [On_Demand | Running])

[2008-01-18 20:32:48 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi [On_Demand | Running])

[2008-01-18 20:56:50 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl [Disabled | Stopped])

[2006-11-29 01:44:52 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio [Auto | Running])

[2008-08-22 13:44:26 | 00,083,200 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\zebrbus.sys -- (zebrbus [On_Demand | Stopped])

[2008-08-22 13:44:26 | 00,109,568 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\zebrmdm.sys -- (zebrmdm [On_Demand | Stopped])

[2006-11-02 16:51:58 | 00,013,560 | ---- | M] (Cyberlink Corp.) -- C:\Program\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B} [Auto | Running])

 

========== (R ) Internet Explorer ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157

"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896

"Default_Secondary_Page_URL"=

"Extensions Off Page"=about:NoAdd-ons

"Local Page"=%SystemRoot%\system32\blank.htm

"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896

"Security Risk Page"=about:SecurityRisk

"Start Page"=http://sv.intl.acer.yahoo.com

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]

"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\Windows\system32\blank.htm

"Page_Transitions"=

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"SearchMigratedDefaultName"=Yahoo! Search

"SearchMigratedDefaultURL"=http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

"Start Page"=http://user.tninet.se/~rmd498m/

"StartPageCache"=

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]

""=http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

"ProxyOverride" = <local>

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Secondary Start Pages"=

"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Secondary Start Pages"=

"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-943041516-4001286664-2263957336-1003\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\Windows\system32\blank.htm

"Page_Transitions"=

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"SearchMigratedDefaultName"=Yahoo! Search

"SearchMigratedDefaultURL"=http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

"Start Page"=http://user.tninet.se/~rmd498m/

"StartPageCache"=

 

[HKEY_USERS\S-1-5-21-943041516-4001286664-2263957336-1003\Software\Microsoft\Internet Explorer\SearchURL]

""=http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com

 

[HKEY_USERS\S-1-5-21-943041516-4001286664-2263957336-1003\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-943041516-4001286664-2263957336-1003\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-21-943041516-4001286664-2263957336-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

"ProxyOverride" = <local>

 

========== (O1) Hosts File ==========

 

HOSTS File = (761 bytes) - C:\Windows\System32\drivers\etc\Hosts

First 25 entries...

127.0.0.1 localhost

::1 localhost

 

========== (O2) BHO's ==========

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

{AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- c:\Program\Google\GoogleToolbar2.dll (Google Inc.)

{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

 

========== (O3) Toolbars ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- c:\Program\Google\GoogleToolbar2.dll (Google Inc.)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{AD6E6555-FB2C-47D4-8339-3E2965509877}" (HKLM) -- C:\Program\TerraTec\TerraTec Home Cinema\THCDeskBand.dll (TerraTec Electronic GmbH)

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]

"{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program\Google\GoogleToolbar2.dll (Google Inc.)

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program\Google\GoogleToolbar2.dll (Google Inc.)

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program\Google\GoogleToolbar2.dll (Google Inc.)

 

[HKEY_USERS\S-1-5-21-943041516-4001286664-2263957336-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]

"{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-21-943041516-4001286664-2263957336-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program\Google\GoogleToolbar2.dll (Google Inc.)

 

========== (O4) Run Keys ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe (Acer Inc.)

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)

"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe (Intel Corporation)

"IgfxTray"=C:\Windows\system32\igfxtray.exe (Intel Corporation)

"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" ()

"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe (Dritek System Inc.)

"Persistence"=C:\Windows\system32\igfxpers.exe (Intel Corporation)

"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" (Cyberlink Corp.)

"RtHDVCpl"=RtHDVCpl.exe (Realtek Semiconductor)

"Skytel"=Skytel.exe (Realtek Semiconductor Corp.)

"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)

"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe (Acer Inc.)

"KITCO"=C:\Program Files\Kitco\Kcast\Kcast (Kitco Metals Inc.)

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.)

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.)

 

[HKEY_USERS\S-1-5-21-943041516-4001286664-2263957336-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe (Acer Inc.)

"KITCO"=C:\Program Files\Kitco\Kcast\Kcast (Kitco Metals Inc.)

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)

 

========== (O6 & O7) Current Version Policies ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDrives"=0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"ConsentPromptBehaviorAdmin"=2

"ConsentPromptBehaviorUser"=1

"EnableInstallerDetection"=1

"EnableLUA"=1

"EnableSecureUIAPaths"=1

"EnableVirtualization"=1

"PromptOnSecureDesktop"=1

"ValidateAdminCodeSignatures"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"scforceoption"=0

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"FilterAdministratorToken"=0

"EnableUIADesktopToggle"=0

"DisableRegistryTools"=0

"HideLegacyLogonScripts"=0

"HideLogoffScripts"=0

"RunLogonScriptSync"=1

"RunStartupScriptSync"=0

"HideStartupScripts"=0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats]

"CF_TEXT"=1

"CF_BITMAP"=2

"CF_OEMTEXT"=7

"CF_DIB"=8

"CF_PALETTE"=9

"CF_UNICODETEXT"=13

"CF_DIBV5"=17

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDrives"=0

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"HideLegacyLogonScripts"=0

"HideLogoffScripts"=0

"HideStartupScripts"=0

"RunLogonScriptSync"=1

"RunStartupScriptSync"=0

 

[HKEY_USERS\S-1-5-21-943041516-4001286664-2263957336-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDrives"=0

 

[HKEY_USERS\S-1-5-21-943041516-4001286664-2263957336-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"HideLegacyLogonScripts"=0

"HideLogoffScripts"=0

"HideStartupScripts"=0

"RunLogonScriptSync"=1

"RunStartupScriptSync"=0

 

========== (O8) IE Context Menu Extensions ==========

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: Reg Error: Value does not exist or could not be read. File not found

 

[HKEY_USERS\S-1-5-21-943041516-4001286664-2263957336-1003\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: Reg Error: Value does not exist or could not be read. File not found

 

========== (O9) IE Extensions ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

{C2A80015-C447-4dc4-82DD-AED83D6ED57E}: Button: Ladbrokes Poker -- %SystemDrive%\Microgaming\Poker\ladbrokesMPP\MPPoker.exe [2008-05-08 09:52:56 | 00,018,432 | ---- | M] (Microgaming)

{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97}: Button: Unibet Poker -- %SystemDrive%\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe [2008-08-28 20:28:05 | 00,013,312 | ---- | M] (Microgaming)

{E6073F93-9541-4be4-9800-109D378EB99B}: Button: NordicBet Poker -- %SystemDrive%\Microgaming\Poker\nordicbetMPP\MPPoker.exe [2008-08-22 21:53:14 | 00,013,312 | ---- | M] (Microgaming)

 

========== (O12) Internet Explorer Plugins ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]

PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s

PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

 

========== (O13) Default Prefixes ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]

""=http://

 

========== (O15) Trusted Sites ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

26 domain(s) and sub-domain(s) not assigned to a zone.

 

[HKEY_USERS\S-1-5-21-943041516-4001286664-2263957336-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

26 domain(s) and sub-domain(s) not assigned to a zone.

 

========== (O16) DPF ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]

{166B1BCA-3F9C-11CF-8075-444553540000}: http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab -- Shockwave ActiveX Control

{3860DD98-0549-4D50-AA72-5D17D200EE10}: http://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab -- Windows Live OneCare safety scanner control

{56762DEC-6B0D-4AB4-A8AD-989993B5D08B}: http://www.eset.eu/OnlineScanner.cab -- OnlineScanner Control

{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab -- Reg Error: Key does not exist or could not be opened.

{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11

 

========== (O17) DNS Name Servers ==========

 

{755D45CE-A02C-4C3A-83F0-6269B4A58376} (Servers: | Description: Broadcom 802.11g Nätverksadapter)

{B0D43B3F-9712-486C-B086-8ACCB691CEA6} (Servers: | Description: Broadcom NetLink Gigabit Ethernet)

 

========== (O20) AppInit_DLLs ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_Dlls"=eNetHook.dll

>[2007-04-17 19:36:34 | 00,090,112 | ---- | M] (acer) -- C:\Windows\System32\eNetHook.dll

 

========== (O20) Winlogon Notify Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]

igfxcui: "DllName" = igfxdev.dll -- C:\Windows\System32\igfxdev.dll (Intel Corporation)

 

========== HKLM *SecurityProviders* ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]

"SecurityProviders"=credssp.dll

>[2008-01-18 22:34:00 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll

 

========== LSA *Security Packages* ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"Security Packages"=kerberos,msv1_0,schannel,wdigest,tspkg,

>[2008-01-18 22:36:44 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll

 

========== Safeboot Options ==========

 

"AlternateShell"=cmd.exe

 

========== CDRom AutoRun Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 1

 

========== Autorun Files on Drives ==========

 

autoexec.bat [REM Dummy file for NTVDM | ]

[2006-09-18 22:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]

 

========== Files/Folders - Created Within 90 Days ==========

 

[2008-12-05 21:40:29 | 00,000,000 | ---D | C] -- C:\inetpub

[2008-12-05 21:38:57 | 00,422,400 | ---- | C] (OldTimer Tools) -- C:\Users\pappa\Desktop\OTViewIt.exe

[2008-12-05 17:33:33 | 52,450,0992 | -HS- | C] () -- C:\hiberfil.sys

[2008-12-05 17:15:23 | 00,000,000 | ---D | C] -- C:\Windows\temp

[2008-12-05 17:09:01 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT

[2008-12-05 07:47:11 | 66,644,872 | ---- | C] (Trend Micro Inc.) -- C:\Users\Public\Desktop\TrendMicro_TIS_17.00_en-US_32-bit.exe

[2008-12-04 19:08:48 | 00,000,000 | ---D | C] -- C:\Program Files\EsetOnlineScanner

[2008-12-04 19:00:04 | 00,000,680 | ---- | C] () -- C:\Users\pappa\AppData\Local\d3d9caps.dat

[2008-12-04 08:14:00 | 00,000,000 | ---D | C] -- C:\Windows\pss

[2008-12-03 19:22:55 | 00,000,000 | ---D | C] -- C:\Users\pappa\AppData\Roaming\Malwarebytes

[2008-12-03 19:22:44 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2008-12-03 19:22:44 | 00,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2008-12-03 19:22:41 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2008-12-03 19:22:40 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2008-12-03 19:22:39 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2008-12-03 19:19:10 | 00,000,000 | ---D | C] -- C:\Users\pappa\AppData\Roaming\VersionTracker Pro

[2008-12-03 19:16:08 | 00,001,900 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VersionTrackerPro.lnk

[2008-12-03 19:16:08 | 00,001,888 | ---- | C] () -- C:\Users\Public\Desktop\VersionTracker Pro.lnk

[2008-12-03 19:16:04 | 00,000,000 | ---D | C] -- C:\Program Files\TechTracker

[2008-12-03 17:58:47 | 00,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files

[2008-12-03 17:34:00 | 00,001,878 | ---- | C] () -- C:\Users\pappa\Desktop\HijackThis.lnk

[2008-12-03 17:33:59 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2008-12-02 19:37:45 | 00,000,386 | ---- | C] () -- C:\Windows\tasks\RegClean Scheduled Scan.job

[2008-12-02 19:37:36 | 00,000,000 | ---D | C] -- C:\Users\pappa\AppData\Roaming\RegClean

[2008-12-01 08:46:33 | 00,000,144 | ---- | C] () -- C:\Users\pappa\Desktop\Klicka för att öppna filen eller höger-klicka, välj 'Spara som' för att spara filen.url

[2008-11-21 10:41:28 | 00,000,113 | ---- | C] () -- C:\Users\pappa\Desktop\.url

[2008-11-20 22:47:56 | 00,000,110 | ---- | C] () -- C:\Users\pappa\Desktop\Kitco.com.url

[2008-11-13 19:59:12 | 00,000,231 | ---- | C] () -- C:\Users\pappa\Desktop\chart.url

[2008-11-08 19:19:02 | 00,000,000 | ---D | C] -- C:\Users\pappa\Desktop\POKER

[2008-11-07 17:16:11 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe

[2008-11-07 15:59:41 | 00,000,156 | ---- | C] () -- C:\Users\pappa\Desktop\Markets.url

[2008-10-31 09:45:42 | 00,000,175 | ---- | C] () -- C:\Users\pappa\Desktop\VCW Nordnet Börsforum i DagensPs.url

[2008-10-30 20:26:26 | 00,000,129 | ---- | C] () -- C:\Users\pappa\Desktop\Tänkvärda citat och dikter.url

[2008-10-30 16:43:21 | 00,000,144 | ---- | C] () -- C:\Users\pappa\Desktop\fraagor_och_svar.htm#strength.url

[2008-10-30 08:29:07 | 00,000,191 | ---- | C] () -- C:\Users\pappa\Desktop\www.e24.se.url

[2008-10-29 21:55:48 | 00,000,114 | ---- | C] () -- C:\Users\pappa\Desktop\finance.yahoo.com.url

[2008-10-29 17:42:56 | 00,000,116 | ---- | C] () -- C:\Users\pappa\Desktop\www.slopedcurve.com.url

[2008-10-29 09:00:35 | 00,000,000 | ---D | C] -- C:\Windows\APPLICATION DATA

[2008-10-29 09:00:32 | 00,724,992 | ---- | C] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe

[2008-10-29 09:00:29 | 00,000,000 | ---D | C] -- C:\Program Files\Kitco

[2008-10-29 08:59:49 | 00,000,000 | ---D | C] -- C:\Windows\Kcast

[2008-10-26 13:24:22 | 00,000,000 | ---D | C] -- C:\Users\pappa\Desktop\FINANS

[2008-10-24 04:28:18 | 00,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll

[2008-10-16 06:26:50 | 02,032,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2008-10-16 06:26:41 | 00,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys

[2008-10-16 06:26:30 | 03,601,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2008-10-16 06:26:29 | 03,549,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2008-10-16 06:26:17 | 03,578,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll

[2008-10-16 06:26:14 | 06,068,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll

[2008-10-16 06:26:12 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll

[2008-10-16 06:26:11 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll

[2008-10-16 06:26:10 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll

[2008-10-16 06:26:06 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2008-10-16 06:26:02 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2008-10-16 06:25:59 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2008-10-08 08:26:05 | 00,000,000 | ---D | C] -- C:\Windows\System32\Adobe

[2008-10-06 07:27:15 | 00,000,000 | ---D | C] -- C:\Program Files\Full Tilt Poker

[2008-09-24 17:44:39 | 00,000,000 | ---D | C] -- C:\Program Files\Betsson

[2008-09-10 09:54:08 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll

[2008-09-10 09:54:01 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll

[2008-09-10 09:53:54 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll

[2008-09-10 09:53:43 | 00,565,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\emdmgmt.dll

[2008-09-10 09:53:42 | 00,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys

[2008-09-10 09:53:41 | 00,625,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys

[2008-09-10 09:53:40 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll

[2008-09-10 09:53:39 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys

[2008-09-10 09:53:39 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll

 

========== Files - Modified Within 90 Days ==========

 

[2008-12-05 21:42:26 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2008-12-05 21:42:26 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2008-12-05 21:41:24 | 00,628,782 | ---- | M] () -- C:\Windows\System32\perfh01D.dat

[2008-12-05 21:41:23 | 01,499,916 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2008-12-05 21:41:23 | 00,126,500 | ---- | M] () -- C:\Windows\System32\perfc01D.dat

[2008-12-05 21:41:19 | 00,615,238 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2008-12-05 21:41:19 | 00,108,612 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2008-12-05 21:39:27 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Users\pappa\Desktop\OTViewIt.exe

[2008-12-05 21:38:54 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

[2008-12-05 17:33:49 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2008-12-05 17:33:37 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2008-12-05 17:33:33 | 52,450,0992 | -HS- | M] () -- C:\hiberfil.sys

[2008-12-05 17:13:52 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini

[2008-12-05 07:48:59 | 66,644,872 | ---- | M] (Trend Micro Inc.) -- C:\Users\Public\Desktop\TrendMicro_TIS_17.00_en-US_32-bit.exe

[2008-12-04 19:00:04 | 00,000,680 | ---- | M] () -- C:\Users\pappa\AppData\Local\d3d9caps.dat

[2008-12-04 03:30:00 | 00,000,386 | ---- | M] () -- C:\Windows\tasks\RegClean Scheduled Scan.job

[2008-12-03 19:22:44 | 00,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2008-12-03 19:16:08 | 00,001,900 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VersionTrackerPro.lnk

[2008-12-03 19:16:08 | 00,001,888 | ---- | M] () -- C:\Users\Public\Desktop\VersionTracker Pro.lnk

[2008-12-03 17:34:00 | 00,001,878 | ---- | M] () -- C:\Users\pappa\Desktop\HijackThis.lnk

[2008-12-01 08:46:33 | 00,000,144 | ---- | M] () -- C:\Users\pappa\Desktop\Klicka för att öppna filen eller höger-klicka, välj 'Spara som' för att spara filen.url

[2008-11-26 18:21:30 | 01,236,208 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe

[2008-11-26 18:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys

[2008-11-26 18:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2008-11-26 18:17:15 | 00,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2008-11-26 18:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2008-11-26 18:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2008-11-26 18:15:10 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr

[2008-11-25 18:20:59 | 00,000,191 | ---- | M] () -- C:\Users\pappa\Desktop\www.e24.se.url

[2008-11-21 10:41:28 | 00,000,113 | ---- | M] () -- C:\Users\pappa\Desktop\.url

[2008-11-20 22:47:56 | 00,000,110 | ---- | M] () -- C:\Users\pappa\Desktop\Kitco.com.url

[2008-11-13 19:59:12 | 00,000,231 | ---- | M] () -- C:\Users\pappa\Desktop\chart.url

[2008-11-07 15:59:41 | 00,000,156 | ---- | M] () -- C:\Users\pappa\Desktop\Markets.url

[2008-10-31 09:45:42 | 00,000,175 | ---- | M] () -- C:\Users\pappa\Desktop\VCW Nordnet Börsforum i DagensPs.url

[2008-10-30 20:26:26 | 00,000,129 | ---- | M] () -- C:\Users\pappa\Desktop\Tänkvärda citat och dikter.url

[2008-10-30 16:43:21 | 00,000,144 | ---- | M] () -- C:\Users\pappa\Desktop\fraagor_och_svar.htm#strength.url

[2008-10-29 21:55:48 | 00,000,114 | ---- | M] () -- C:\Users\pappa\Desktop\finance.yahoo.com.url

[2008-10-29 17:42:56 | 00,000,116 | ---- | M] () -- C:\Users\pappa\Desktop\www.slopedcurve.com.url

[2008-10-29 08:59:44 | 00,724,992 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe

[2008-10-22 16:10:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2008-10-22 16:10:22 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2008-10-16 16:56:17 | 00,366,648 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2008-10-16 05:47:33 | 00,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll

[2008-10-07 20:19:40 | 16,721,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe

[2008-10-02 04:49:19 | 01,166,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll

[2008-10-02 04:49:19 | 00,827,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll

[2008-10-02 04:49:16 | 00,671,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2008-10-02 04:49:15 | 03,578,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll

[2008-10-02 04:49:14 | 06,068,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll

[2008-10-02 04:49:14 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll

[2008-10-02 04:49:14 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2008-10-02 02:32:38 | 01,383,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2008-09-18 06:09:10 | 03,601,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2008-09-18 06:09:09 | 03,549,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2008-09-18 03:16:28 | 02,032,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

< End of report >

[/log]

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

[log]OTViewIt Extras logfile created on: 2008-12-05 22:24:33 - Run 3

OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Users\pappa\Desktop

Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

501,44 Mb Total Physical Memory | 74,62 Mb Available Physical Memory | 14,88% Memory free

1,46 Gb Paging File | 0,37 Gb Available in Paging File | 25,49% Paging File free

Paging file location(s): ?:\pagefile.sys;

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 34,67 Gb Total Space | 15,80 Gb Free Space | 45,58% Space Free | Partition Type: NTFS

Drive D: | 30,09 Gb Total Space | 30,00 Gb Free Space | 99,70% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: PAPPA-DATOR

Current User Name: pappa

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 90 Days

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval"=1

"UacDisableNotify"=1

"InternetSettingsDisableNotify"=1

"AutoUpdateDisableNotify"=1

"FirewallDisableNotify"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride"=0

"AntiSpywareOverride"=0

"FirewallOverride"=0

"VistaSp1"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

"EnableFirewall"=1

"DisableNotifications"=0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

File not found -- C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu

File not found -- C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption

File not found -- C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption

 

========== (O10) Winsock2 Catalogs ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]

NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] -- C:\Windows\System32\nlaapi.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] -- C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

 

========== HKEY_LOCAL_MACHINE Protocol Defaults ==========

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults - Default Protocols

ldap -- 4 = Restricted sites (Not a Default Protocol)

news -- 4 = Restricted sites (Not a Default Protocol)

nntp -- 4 = Restricted sites (Not a Default Protocol)

oecmd -- 4 = Restricted sites (Not a Default Protocol)

snews -- 4 = Restricted sites (Not a Default Protocol)

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

@ivt -- @ivt protocol not assigned

file -- file protocol not assigned

ftp -- ftp protocol not assigned

http -- http protocol not assigned

https -- https protocol not assigned

shell -- shell protocol not assigned

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

@ivt -- @ivt protocol not assigned

file -- file protocol not assigned

ftp -- ftp protocol not assigned

http -- http protocol not assigned

https -- https protocol not assigned

shell -- shell protocol not assigned

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{11316260-6666-467B-AC34-183FCB5D4335}"=Acer Mobility Center Plug-In

"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}"=Acer eLock Management

"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}"=NTI CD & DVD-Maker

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=Google Toolbar for Internet Explorer

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java 6 Update 11

"{58E5844B-7CE2-413D-83D1-99294BF6C74F}"=Acer ePower Management

"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}"=TerraTec Home Cinema

"{64A32253-A906-4AEB-B6A7-A90512B68D87}"=VersionTracker Pro Windows

"{67ADE9AF-5CD9-4089-8825-55DE4B366799}"=NTI Backup NOW! 4.7

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}"=PowerDVD

"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}"=NTI Shadow

"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable

"{7635D07D-B727-496F-94CA-8AC60E0C40CE}"=Microsoft Report Viewer Redistributable 2005

"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}"=Acer ScreenSaver

"{87F6173E-66E9-4188-9BC9-AD81610ABEE4}"=Microsoft SQL Server Native Client

"{88410D8F-8529-492B-B556-2394A29B811B}"=Broadcom Driver v4.102.15.63_Foxconn Installation Program

"{885DE773-CC47-4B94-97A3-C692C9AF1B05}"=Hjälpfiler för installation av Microsoft SQL Server (engelska)

"{8DE292EC-FA26-4526-BFEB-3EE820E97005}"=OpenOffice.org Installer 1.0

"{94389919-B0AA-4882-9BE8-9F0B004ECA35}"=Acer Tour

"{AB6097D9-D722-4987-BD9E-A076E2848EE2}"=Acer Empowering Technology

"{AC76BA86-7AD7-1053-7B44-A81300000003}"=Adobe Reader 8.1.3 - Svenska

"{BF839132-BD43-4056-ACBF-4377F4A88E2A}"=Acer ePresentation Management

"{C06554A1-2C1E-4D20-B613-EE62C79927CC}"=Acer eNet Management

"{C0CE77E6-3CB9-4C81-8B10-A47E3D716010}"=Microsoft SQL Server VSS-skrivare

"{CE386A4E-D0DA-4208-8235-BCE43275C694}"=LightScribe 1.4.142.1

"{CE65A9A0-9686-45C6-9098-3C9543A412F0}"=Acer eSettings Management

"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}"=Broadcom Gigabit Integrated Controller

"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}"=Full Tilt Poker

"{DB780B85-B4B5-4864-A49C-9B706B169C93}"=TIPCI

"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}"=Google Toolbar for Internet Explorer

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver

"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}"=Windows Live OneCare safety scanner

"Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX

"Adobe Shockwave Player"=Adobe Shockwave Player

"avast!"=avast! Antivirus

"Bet24"=BET24 (remove only)

"Betsson"=Betsson (remove only)

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118"=HDAUDIO Soft Data Fax Modem with SmartCP

"EsetOnlineScanner"=ESET Online Scanner

"GridVista"=Acer GridVista

"HDMI"=Intel® Graphics Media Accelerator Driver

"HijackThis"=HijackThis 2.0.2

"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}"=NTI CD & DVD-Maker

"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}"=Texas Instruments PCIxx21/x515/xx12 drivers.

"Kcast_Beta_1.0"=Kcast Beta 2.0.0

"Ladbrokes Poker"=Ladbrokes Poker

"LManager"=Launch Manager

"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware

"Microsoft Report Viewer Redistributable 2005"=Microsoft Report Viewer Redistributable 2005

"NordicBet Poker"=NordicBet Poker

"Personal"=Personal 4.5.4

"SpywareBlaster_is1"=SpywareBlaster 4.0

"SynTPDeinstKey"=Synaptics Pointing Device Driver

"Unibet Poker"=Unibet Poker

"Windows Live OneCare safety scanner"=Windows Live OneCare safety scanner

"Ving Resebevakaren"=Ving Resebevakaren 1.0

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 2008-08-03 15:17:57 | Computer Name = pappa-dator | Source = Windows Search Service | ID = 3013

Description =

 

Error - 2008-08-03 15:17:57 | Computer Name = pappa-dator | Source = Windows Search Service | ID = 3013

Description =

 

Error - 2008-08-03 15:17:57 | Computer Name = pappa-dator | Source = Windows Search Service | ID = 3013

Description =

 

Error - 2008-08-03 15:17:57 | Computer Name = pappa-dator | Source = Windows Search Service | ID = 3013

Description =

 

Error - 2008-08-03 15:17:57 | Computer Name = pappa-dator | Source = Windows Search Service | ID = 3013

Description =

 

Error - 2008-08-03 15:17:57 | Computer Name = pappa-dator | Source = Windows Search Service | ID = 3013

Description =

 

Error - 2008-08-03 15:17:57 | Computer Name = pappa-dator | Source = Windows Search Service | ID = 3013

Description =

 

Error - 2008-08-04 12:53:57 | Computer Name = pappa-dator | Source = Application Error | ID = 1000

Description = Felet uppstod i programmet CinergyDvr.exe, version 5.78.0.557, tidsstämpel

0x482abe6a, felet uppstod i modulen unknown, version 0.0.0.0, tidsstämpel 0x00000000,

undantagskod 0xc0000005, felförskjutning 0x00000000, process-ID 0xdec, programmets

starttid 0x01c8f6526cf8a868.

 

Error - 2008-08-05 12:56:35 | Computer Name = pappa-dator | Source = Application Error | ID = 1000

Description = Felet uppstod i programmet CinergyDvr.exe, version 5.78.0.557, tidsstämpel

0x482abe6a, felet uppstod i modulen psisrndr.ax, version 6.6.6001.18000, tidsstämpel

0x4791a742, undantagskod 0xc0000005, felförskjutning 0x00006975, process-ID 0xc00,

programmets starttid 0x01c8f71bee27da88.

 

Error - 2008-08-05 13:01:16 | Computer Name = pappa-dator | Source = Application Error | ID = 1000

Description = Felet uppstod i programmet CinergyDvr.exe, version 5.78.0.557, tidsstämpel

0x482abe6a, felet uppstod i modulen psisrndr.ax, version 6.6.6001.18000, tidsstämpel

0x4791a742, undantagskod 0xc0000005, felförskjutning 0x00006975, process-ID 0xddc,

programmets starttid 0x01c8f71c993d00d8.

 

[ System Events ]

Error - 2008-05-28 01:15:36 | Computer Name = pappa-dator | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2008-05-28 01:21:10 | Computer Name = pappa-dator | Source = Service Control Manager | ID = 7043

Description =

 

Error - 2008-05-28 09:58:02 | Computer Name = pappa-dator | Source = HTTP | ID = 15016

Description =

 

Error - 2008-05-28 09:58:57 | Computer Name = pappa-dator | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2008-05-28 11:05:50 | Computer Name = pappa-dator | Source = DCOM | ID = 10010

Description =

 

Error - 2008-05-28 11:08:23 | Computer Name = pappa-dator | Source = HTTP | ID = 15016

Description =

 

Error - 2008-05-28 11:08:51 | Computer Name = pappa-dator | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2008-05-28 16:01:27 | Computer Name = pappa-dator | Source = DCOM | ID = 10010

Description =

 

Error - 2008-05-29 00:48:53 | Computer Name = pappa-dator | Source = HTTP | ID = 15016

Description =

 

Error - 2008-05-29 00:49:46 | Computer Name = pappa-dator | Source = Service Control Manager | ID = 7000

Description =

 

 

< End of report >

[/log]

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

När man tittar i loggboken så ser man att det är en del fel o händelser, men jag vet inte hur man åtgärdar det

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Clean-knappen har jag för mig är för att städa bort programmet och loggfiler.

 

Vad är Kitco/Kcast, VersionTracker Pro och TechTracker för program? Har du haft dem länge? Vad ska de göra för nytta?

 

Det ser ut som att Kitco/Kcast kom in 2008-10-29. Var det då du började få problem?

2008-10-16 ser det ut att ha blivit en del Windows-uppdateringar.

 

Ta bort:

C:\Windows\tasks\RegClean Scheduled Scan.job

C:\Users\pappa\AppData\Roaming\RegClean

 

Vad finns i mappen C:\Windows\APPLICATION DATA ?

 

Surfa till http://www.virustotal.com klistra in C:\Windows\iun6002.exe i rutan, tryck på Skicka Fil och vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in resultatet från de olika antivirusprogrammen (inte Övrig information) här.

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Kitco är ett litet pr som uppdaterar ädelmetallkurser

Tracker har jag nyligen installerat den visar vad för nåt som finns på datorn, men är egentligen inget jag behöver ha installerat

Jo det var i oct som problemen med uppdateringen började

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Surfa till http://www.virustotal.com klistra in C:\Windows\iun6002.exe i rutan, tryck på Skicka Fil och vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in resultatet från de olika antivirusprogrammen (inte Övrig information) här skrev du.

 

Hur lång tid ska det ta, den har sökt på filen 1 timme nu, måste ha blivit nåt fel, eller? Ska tillägga att jag arbetar i felsäkert läge nu.

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

[log]Scan taken on 06 Dec 2008 13:07:27 (GMT)

A-Squared Found nothing

AntiVir Found nothing

ArcaVir Found nothing

Avast Found nothing

AVG Antivirus Found nothing

BitDefender Found nothing

ClamAV Found nothing

CPsecure Found nothing

Dr.Web Found nothing

F-Prot Antivirus Found nothing

F-Secure Anti-Virus Found nothing

G DATA Found nothing

Ikarus Found nothing

Kaspersky Anti-Virus Found nothing

NOD32 Found nothing

Norman Virus Control Found nothing

Panda Antivirus Found nothing

Sophos Antivirus Found nothing

VirusBuster Found nothing

VBA32 Found nothing

 

[/log]

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Det var ju bra.

 

Det enda som går att se som installerades i slutet av oktober är det här Kitco. Om det var min dator så skulle jag se om det hjälpte att avinstallera det och ta bort allt som kom in med den installationen:

[2008-10-29 09:00:35 | 00,000,000 | ---D | C] -- C:\Windows\APPLICATION DATA

[2008-10-29 09:00:32 | 00,724,992 | ---- | C] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe

[2008-10-29 09:00:29 | 00,000,000 | ---D | C] -- C:\Program Files\Kitco

[2008-10-29 08:59:49 | 00,000,000 | ---D | C] -- C:\Windows\Kcast

 

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Vad finns i mappen C:\Windows\APPLICATION DATA ?

Den är tom

Ta bort den då.

 

[2008-10-29 09:00:32 | 00,724,992 | ---- | C] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe

Indigo Rose är företaget som står bakom filen C:\Windows\iun6002.exe

 

Någon förbättring med datorn?

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Går ej att ta bort,den tomma mappen måste ha tllstånd?

 

 

 

 

C:\Windows\iun6002.exe

Ska även den här exe-filen bort?

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Starta Utforskaren eller Datorn genom att högerklicka på den och välja Kör som administratör och se om det går bättre med borttagningen då.

 

C:\Windows\iun6002.exe ska bort, lägg den i Papperskorgen.

 

[inlägget ändrat 2008-12-06 18:41:27 av Cecilia]

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

C:\Windows\APPLICATION DATA ?

Går inte som administratör heller, finns inte Windows står det sök en annan väg. Men tom är den iaf

 

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Skapa ett konto eller logga in för att kommentera

Du måste vara medlem för att kunna kommentera

Skapa ett konto

Skapa ett nytt konto på vårt forum. Det är lätt!

Registrera ett nytt konto

Logga in

Redan medlem? Logga in här.

Logga in nu



×
×
  • Skapa nytt...