Jag har fått virus W32.Myzor.FK@yf, kan någon hjälpa mig?

[KAR1NS]

Ok, OTMoveIT loggfilen:

[log]========== SERVICES/DRIVERS ==========

Unable to stop service 6EB156CCD506E37A .

Error: Unable to interpret <:Folders> in the current context!

Error: Unable to interpret <C:\Windows\System32\6EB156CCD506E37A> in the current context!

========== FILES ==========

File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.

File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.

 

OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12072008_162557

 

Files moved on Reboot...

File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.

File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.

[/log]

 

Ny OTViewIt log:

 

[log]OTViewIt logfile created on: 2008-12-07 16:37:57 - Run 6

OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Users\Karin

Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6000.16757)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

1,87 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 63,18% Memory free

3,98 Gb Paging File | 3,19 Gb Available in Paging File | 80,31% Paging File free

Paging file location(s): ?:\pagefile.sys;

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 92,21 Gb Total Space | 16,64 Gb Free Space | 18,04% Space Free | Partition Type: NTFS

Drive D: | 45,12 Gb Total Space | 31,99 Gb Free Space | 70,89% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: KARINS-DATOR

Current User Name: Karin

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

 

========== Processes ==========

 

[2007-11-03 15:11:38 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe

[2006-11-02 10:45:21 | 00,210,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe

[2007-02-02 14:59:54 | 00,565,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe

[2007-11-03 14:51:03 | 02,605,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe

[2007-02-02 14:59:54 | 00,565,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe

[2008-08-31 10:49:46 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

[2006-12-08 19:52:04 | 00,204,800 | ---- | M] (Fujitsu Siemens Computers) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe

[2006-11-02 13:34:46 | 00,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe

[2008-07-29 20:11:17 | 00,287,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgrsx.exe

[2006-11-02 10:45:48 | 00,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe

[2007-11-03 14:53:16 | 00,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe

[2006-11-02 10:45:48 | 00,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe

[2008-08-31 10:49:45 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgemc.exe

[2007-11-03 14:03:10 | 01,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

[2007-04-10 15:01:32 | 04,431,872 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe

[2006-11-22 17:31:26 | 00,630,784 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

[2008-11-27 10:37:24 | 01,261,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe

[2008-06-10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

[2006-09-29 18:57:30 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

[2006-11-02 13:35:32 | 00,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe

[2008-06-30 19:23:49 | 00,171,448 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[2006-11-02 10:45:50 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe

[2006-11-02 10:46:00 | 00,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe

[2006-11-02 13:35:32 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe

[2006-09-29 18:57:36 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

[2006-11-02 10:44:59 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe

[2008-12-07 16:32:07 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Users\Karin\OTViewIt.exe

 

========== (O23) Win32 Services ==========

 

[2007-02-02 14:59:54 | 00,565,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility [Auto | Running])

File not found -- -- (avg8emc [Auto | Running])

File not found -- -- (avg8wd [Auto | Running])

File not found -- -- (CertPropSvc [unknown | Stopped])

[2006-11-02 07:34:11 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

File not found -- -- (DcomLaunch [unknown | Running])

[2006-11-02 13:36:25 | 02,089,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe -- (DFSR [On_Demand | Stopped])

[2007-11-03 15:27:25 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dps.dll -- (DPS [unknown | Running])

[2007-11-03 15:32:21 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr [On_Demand | Stopped])

[2006-11-02 13:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])

[2006-11-02 13:36:00 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])

[2007-11-03 15:05:52 | 00,568,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll -- (gpsvc [unknown | Running])

File not found -- -- (gusvc [On_Demand | Stopped])

[2006-11-02 14:04:14 | 00,000,000 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [unknown | Stopped])

[2006-11-02 13:36:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

File not found -- -- (NMIndexingService [On_Demand | Stopped])

File not found -- -- (odserv [On_Demand | Stopped])

File not found -- -- (ose [On_Demand | Stopped])

[2006-11-02 10:46:12 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr [unknown | Stopped])

File not found -- -- (Schedule [unknown | Running])

File not found -- -- (SCPolicySvc [unknown | Stopped])

[2007-11-03 14:51:03 | 02,605,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc [Auto | Running])

[2006-11-02 10:45:46 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])

[2006-12-08 19:52:04 | 00,204,800 | ---- | M] (Fujitsu Siemens Computers) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler [Auto | Running])

[2006-11-02 10:45:50 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect [On_Demand | Stopped])

File not found -- -- (usnjsvc [On_Demand | Stopped])

[2006-11-02 10:45:50 | 00,392,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds [On_Demand | Stopped])

File not found -- -- (WdiServiceHost [unknown | Stopped])

File not found -- -- (WdiSystemHost [unknown | Running])

File not found -- -- (WLSetupSvc [On_Demand | Stopped])

[2006-11-02 13:34:46 | 00,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Auto | Running])

 

========== Driver Services ==========

 

[2008-12-03 19:59:11 | 00,000,000 | -HSD | M] -- C:\Windows\System32\6EB156CCD506E37A -- (6EB156CCD506E37A [Auto | Running])

[2006-11-02 10:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])

[2006-11-02 10:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])

[2006-11-02 10:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])

[2006-11-02 10:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])

[2006-11-02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])

[2007-11-03 15:51:55 | 00,017,592 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\System32\drivers\aliide.sys -- (aliide [Disabled | Stopped])

[2007-11-03 15:21:31 | 00,057,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp [On_Demand | Stopped])

[2007-11-03 15:51:56 | 00,018,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdide.sys -- (amdide [Disabled | Stopped])

[2006-11-02 09:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7 [Disabled | Stopped])

[2006-11-02 09:30:18 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8 [On_Demand | Running])

[2006-11-02 10:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys -- (arc [Disabled | Stopped])

[2006-11-02 10:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])

[2007-02-01 10:55:10 | 00,690,176 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys -- (athr [On_Demand | Running])

[2008-08-31 10:49:45 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86 [system | Running])

[2008-07-29 20:11:20 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86 [system | Running])

[2008-07-29 20:11:28 | 00,069,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgwfpx.sys -- (AvgWfpX [On_Demand | Running])

[2006-11-02 09:31:12 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser [On_Demand | Running])

[2006-11-02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])

[2006-11-02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])

[2006-11-02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid [Disabled | Stopped])

[2006-11-02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm [Disabled | Stopped])

[2006-11-02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm [Disabled | Stopped])

[2006-11-02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped])

[2006-11-02 09:55:23 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM [Disabled | Stopped])

[2006-11-02 09:55:08 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\circlass.sys -- (circlass [Disabled | Stopped])

[2008-06-30 18:34:10 | 00,224,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys -- (CLFS [unknown | Running])

[2007-11-03 15:51:55 | 00,019,128 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])

[2006-11-02 10:49:43 | 00,022,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk [boot | Running])

[2006-11-02 09:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe [Disabled | Stopped])

[2006-11-02 09:31:04 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC [system | Running])

[2007-11-03 15:42:07 | 00,621,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running])

[2006-11-02 08:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])

[2007-11-03 15:47:20 | 00,135,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache [boot | Running])

[2006-11-02 10:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])

[2006-11-02 10:49:58 | 00,056,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo [boot | Running])

[2006-11-02 09:32:55 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace [On_Demand | Stopped])

[2006-11-02 10:50:04 | 00,058,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx [On_Demand | Stopped])

[2006-11-02 08:36:49 | 00,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])

[2007-11-03 15:18:24 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])

[2006-11-02 09:55:22 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth [Disabled | Stopped])

[2006-11-02 09:55:01 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidir.sys -- (HidIr [Disabled | Stopped])

[2006-11-02 10:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs [Disabled | Stopped])

[2007-08-08 11:07:42 | 00,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard [On_Demand | Stopped])

[2007-07-12 15:35:02 | 00,305,176 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor [Disabled | Stopped])

[2006-11-02 10:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV [Disabled | Stopped])

[2006-11-02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])

[2007-04-10 18:05:38 | 01,764,960 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])

[2006-11-02 09:42:03 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV [Disabled | Stopped])

[2006-11-02 10:51:12 | 00,168,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt [On_Demand | Running])

[2006-11-02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])

[2006-11-02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])

[2007-06-13 22:47:12 | 00,048,256 | ---- | M] (JMicron Technology Corp.) -- C:\Windows\System32\drivers\jraid.sys -- (JRAID [Disabled | Stopped])

[2007-11-03 15:48:41 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid [Disabled | Stopped])

[2006-11-02 09:56:49 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio [Auto | Running])

[2006-11-02 10:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])

[2006-11-02 10:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])

[2006-11-02 10:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])

[2006-11-02 09:33:07 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys -- (luafv [Auto | Running])

[2006-11-02 10:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\megasas.sys -- (megasas [Disabled | Stopped])

[2008-06-30 18:39:02 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor [On_Demand | Running])

[2006-11-02 10:50:16 | 00,078,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpio.sys -- (mpio [Disabled | Stopped])

[2007-11-03 15:12:01 | 00,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv [On_Demand | Running])

[2006-11-02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x [Disabled | Stopped])

[2008-08-27 01:48:36 | 00,211,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10 [On_Demand | Running])

[2008-06-30 18:24:14 | 00,058,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20 [On_Demand | Running])

[2007-11-03 15:51:55 | 00,028,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys -- (msahci [Disabled | Stopped])

[2006-11-02 10:50:17 | 00,080,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm [Disabled | Stopped])

[2007-11-03 15:21:30 | 00,016,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv [boot | Running])

[2006-11-02 10:51:09 | 00,160,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC [On_Demand | Stopped])

[2007-11-03 15:09:01 | 00,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP [On_Demand | Running])

[2006-11-02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])

[2006-11-02 09:57:30 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy [system | Running])

[2006-11-02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])

[2006-11-02 10:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid [boot | Running])

[2007-07-02 16:37:10 | 00,131,616 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32 [Disabled | Stopped])

[2006-11-02 10:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])

[2007-07-02 16:37:08 | 00,110,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32 [Disabled | Stopped])

[2007-11-03 15:21:30 | 00,109,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp [On_Demand | Stopped])

[2008-06-19 17:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys -- (pavboot [boot | Running])

[2006-11-02 10:04:35 | 00,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH [Auto | Running])

[2007-11-03 15:27:27 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched [system | Running])

[2006-11-02 10:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])

[2006-11-02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])

[2006-11-02 13:34:31 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv [On_Demand | Stopped])

[2007-02-02 15:09:42 | 02,385,920 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys -- (R300 [On_Demand | Running])

[2006-11-02 10:02:01 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD [system | Running])

[2006-11-02 09:56:49 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr [Auto | Running])

[2007-01-15 22:28:20 | 00,070,144 | ---- | M] (Realtek Corporation) -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169 [On_Demand | Running])

[2007-12-10 14:22:14 | 00,083,880 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017bus.sys -- (s3017bus [On_Demand | Stopped])

[2007-12-10 14:22:18 | 00,015,016 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017mdfl.sys -- (s3017mdfl [On_Demand | Stopped])

[2007-12-10 14:22:18 | 00,110,632 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017mdm.sys -- (s3017mdm [On_Demand | Stopped])

[2007-12-10 14:22:20 | 00,104,616 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017mgmt.sys -- (s3017mgmt [On_Demand | Stopped])

[2007-12-10 14:22:20 | 00,025,512 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017nd5.sys -- (s3017nd5 [On_Demand | Stopped])

[2007-12-10 14:22:22 | 00,100,648 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017obex.sys -- (s3017obex [On_Demand | Stopped])

[2007-12-10 14:22:22 | 00,110,120 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017unic.sys -- (s3017unic [On_Demand | Stopped])

[2006-11-02 10:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port [Disabled | Stopped])

[2006-11-02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])

[2008-06-30 18:34:08 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse [Disabled | Stopped])

[2007-11-03 15:40:43 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk [Disabled | Stopped])

[2007-11-03 15:40:43 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc [On_Demand | Stopped])

[2007-11-03 15:40:43 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])

[2007-11-03 15:21:29 | 00,055,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp [On_Demand | Stopped])

[2006-11-02 10:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])

[2006-11-02 10:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])

[2007-11-03 14:14:47 | 00,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb [system | Running])

[2006-11-22 17:35:00 | 00,982,272 | ---- | M] (Motorola Inc.) -- C:\Windows\System32\drivers\smserial.sys -- (smserial [On_Demand | Running])

[2006-11-02 10:49:35 | 00,018,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys -- (spldr [boot | Running])

[2008-06-30 18:24:14 | 00,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2 [On_Demand | Running])

[2008-06-30 18:24:14 | 00,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet [On_Demand | Running])

[2006-11-02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])

[2006-11-02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])

[2006-11-02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])

[2006-11-02 09:57:47 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg [Auto | Running])

[2007-11-03 15:20:50 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx [system | Running])

[2006-11-02 10:02:07 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv [On_Demand | Stopped])

[2007-11-03 15:11:59 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp [On_Demand | Running])

[2007-11-03 15:12:00 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel [On_Demand | Running])

[2006-11-02 10:49:59 | 00,056,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35 [On_Demand | Stopped])

[2007-11-03 15:21:30 | 00,061,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx [On_Demand | Stopped])

[2006-11-02 10:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])

[2006-11-02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])

[2006-11-02 10:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])

[2007-11-03 15:09:22 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus [On_Demand | Running])

[2006-11-02 09:55:09 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir [Disabled | Stopped])

[2006-11-02 09:53:56 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vgapnp.sys -- (vga [On_Demand | Stopped])

[2006-11-02 09:30:19 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7 [Disabled | Stopped])

[2007-11-03 15:51:56 | 00,020,152 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viaide.sys -- (viaide [Disabled | Stopped])

[2006-11-08 14:23:52 | 00,102,912 | ---- | M] (VIA Technologies inc,.ltd) -- C:\Windows\System32\drivers\viamraid.sys -- (viamraid [Disabled | Stopped])

[2007-11-03 15:21:30 | 00,052,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr [boot | Running])

[2006-11-02 10:51:30 | 00,290,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx [boot | Running])

[2006-11-02 10:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid [boot | Running])

[2006-11-02 09:52:52 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen [Disabled | Stopped])

[2006-11-02 10:49:38 | 00,019,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wd.sys -- (Wd [Disabled | Stopped])

[2008-06-30 18:34:08 | 00,495,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000 [boot | Running])

[2007-11-03 15:50:56 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi [Disabled | Stopped])

[2006-11-02 09:58:26 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl [Disabled | Stopped])

 

========== (R ) Internet Explorer ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157

"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896

"Default_Secondary_Page_URL"=

"Extensions Off Page"=about:NoAdd-ons

"Local Page"=%SystemRoot%\system32\blank.htm

"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896

"Security Risk Page"=about:SecurityRisk

"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}" (HKLM) -- C:\Program\Winamp Toolbar\winamptb.dll File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\Windows\system32\blank.htm

"Search Page"=http://www.google.com

"Start Page"=about:blank

"StartPageCache"=

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}" (HKLM) -- C:\Program\Winamp Toolbar\winamptb.dll File not found

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-3649726366-2639818933-518027415-1000\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\Windows\system32\blank.htm

"Search Page"=http://www.google.com

"Start Page"=about:blank

"StartPageCache"=

 

[HKEY_USERS\S-1-5-21-3649726366-2639818933-518027415-1000\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}" (HKLM) -- C:\Program\Winamp Toolbar\winamptb.dll File not found

 

[HKEY_USERS\S-1-5-21-3649726366-2639818933-518027415-1000\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-3649726366-2639818933-518027415-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

========== (O1) Hosts File ==========

 

HOSTS File = (761 bytes) - C:\Windows\System32\drivers\etc\Hosts

First 25 entries...

127.0.0.1 localhost

::1 localhost

 

========== (O2) BHO's ==========

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll File not found

{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} (HKLM) -- C:\Program\Winamp Toolbar\winamptb.dll File not found

{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} (HKLM) -- C:\Program\AVG\AVG8\avgssie.dll File not found

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program\Java\jre1.6.0_07\bin\ssv.dll File not found

{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll File not found

{AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- c:\Program\Google\GoogleToolbar2.dll File not found

{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (HKLM) -- C:\Program\Windows Live Toolbar\msntb.dll File not found

 

========== (O3) Toolbars ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- c:\Program\Google\GoogleToolbar2.dll File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- C:\Program\Windows Live Toolbar\msntb.dll File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}" (HKLM) -- C:\Program\Winamp Toolbar\winamptb.dll File not found

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program\Google\GoogleToolbar2.dll File not found

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- C:\Program\Windows Live Toolbar\msntb.dll File not found

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}" (HKLM) -- C:\Program\Winamp Toolbar\winamptb.dll File not found

 

[HKEY_USERS\S-1-5-21-3649726366-2639818933-518027415-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program\Google\GoogleToolbar2.dll File not found

 

[HKEY_USERS\S-1-5-21-3649726366-2639818933-518027415-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- C:\Program\Windows Live Toolbar\msntb.dll File not found

 

[HKEY_USERS\S-1-5-21-3649726366-2639818933-518027415-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}" (HKLM) -- C:\Program\Winamp Toolbar\winamptb.dll File not found

 

========== (O4) Run Keys ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" File not found

"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe File not found

"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe File not found

"recinfo"=RecInfo.exe File not found

"recinfo630"=c:\RecInfo\RecInfo.exe ()

"RtHDVCpl"=RtHDVCpl.exe (Realtek Semiconductor)

"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe File not found

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" File not found

"WinampAgent"="C:\Program Files\Winamp\winampa.exe" File not found

"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

""= File not found

"ehTray.exe"=C:\Windows\ehome\ehTray.exe (Microsoft Corporation)

"fsc-reg"=C:\ProgramData\fsc-reg\fscreg.exe 20081201 (Fujitsu Siemens Computers)

"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background File not found

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun File not found

"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon File not found

"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe File not found

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe File not found

"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem File not found

"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem File not found

"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-3649726366-2639818933-518027415-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

""= File not found

"ehTray.exe"=C:\Windows\ehome\ehTray.exe (Microsoft Corporation)

"fsc-reg"=C:\ProgramData\fsc-reg\fscreg.exe 20081201 (Fujitsu Siemens Computers)

"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background File not found

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun File not found

"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon File not found

"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe File not found

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe File not found

"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)

 

========== (O6 & O7) Current Version Policies ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"ConsentPromptBehaviorAdmin"=2

"ConsentPromptBehaviorUser"=1

"EnableInstallerDetection"=1

"EnableLUA"=1

"EnableSecureUIAPaths"=1

"EnableVirtualization"=1

"PromptOnSecureDesktop"=1

"ValidateAdminCodeSignatures"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"scforceoption"=0

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"FilterAdministratorToken"=0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats]

"CF_TEXT"=1

"CF_BITMAP"=2

"CF_OEMTEXT"=7

"CF_DIB"=8

"CF_PALETTE"=9

"CF_UNICODETEXT"=13

"CF_DIBV5"=17

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-21-3649726366-2639818933-518027415-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

========== (O8) IE Context Menu Extensions ==========

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]

&Winamp Search: C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html [2008-03-19 23:21:40 | 00,000,748 | ---- | M] ()

&Windows Live Search: C:\Program\Windows Live Toolbar\msntb.dll File not found

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\Office12\EXCEL.EXE File not found

 

[HKEY_USERS\S-1-5-21-3649726366-2639818933-518027415-1000\Software\Microsoft\Internet Explorer\MenuExt\]

&Winamp Search: C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html [2008-03-19 23:21:40 | 00,000,748 | ---- | M] ()

&Windows Live Search: C:\Program\Windows Live Toolbar\msntb.dll File not found

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\Office12\EXCEL.EXE File not found

 

========== (O9) IE Extensions ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun Java-konsol -- %SystemDrive%\Program\Java\jre1.6.0_07\bin\npjpi160_07.dll File not found

{2670000A-7350-4f3c-8081-5663EE0C6C49}: Button: Skicka till OneNote -- %SystemDrive%\Program\Microsoft Office\Office12\ONBttnIE.dll File not found

{2670000A-7350-4f3c-8081-5663EE0C6C49}: Menu: Ski&cka till OneNote -- %SystemDrive%\Program\Microsoft Office\Office12\ONBttnIE.dll File not found

{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Research -- %SystemDrive%\Program\Microsoft Office\Office12\REFIEBAR.DLL File not found

 

========== (O12) Internet Explorer Plugins ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]

PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s

PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

 

========== (O13) Default Prefixes ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]

""=http://

 

========== (O15) Trusted Sites ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

2 domain(s) and sub-domain(s) not assigned to a zone.

 

[HKEY_USERS\S-1-5-21-3649726366-2639818933-518027415-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

2 domain(s) and sub-domain(s) not assigned to a zone.

 

========== (O16) DPF ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]

{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07

{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object

 

========== (O17) DNS Name Servers ==========

 

{51779A28-0EAB-4735-A9B8-D8B696FE7AF4} (Servers: | Description: Sony Ericsson Device 3017 USB Ethernet Emulation (NDIS 5))

{A0167B27-407D-4468-A8D6-9AC52D50C0E2} (Servers: | Description: Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0))

{BCE38CED-9B9D-420F-BDFB-ECE774217468} (Servers: | Description: Atheros AR5007EG Wireless Network Adapter)

 

========== (O20) AppInit_DLLs ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_Dlls"=avgrsstx.dll

>[2008-07-29 20:11:31 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll

 

========== HKLM *SecurityProviders* ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]

"SecurityProviders"=credssp.dll

>[2006-11-02 10:46:03 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll

 

========== LSA *Security Packages* ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"Security Packages"=kerberos,msv1_0,schannel,wdigest,tspkg,

>[2006-11-02 10:46:13 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll

 

========== Safeboot Options ==========

 

"AlternateShell"=cmd.exe

 

========== CDRom AutoRun Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 1

 

========== Autorun Files on Drives ==========

 

autoexec.bat [REM Dummy file for NTVDM | ]

[2006-09-18 22:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]

 

========== MountPoints2 ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{67a65da9-6892-11dd-9432-00030d815e4c}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{67a65da9-6892-11dd-9432-00030d815e4c}\Shell\AutoRun\command]

""=G:\LaunchU3.exe -- File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79987f81-5d9d-11dd-9a25-00030d815e4c}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79987f81-5d9d-11dd-9a25-00030d815e4c}\Shell\AutoRun\command]

""=F:\AutoRun.exe -- File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79987f83-5d9d-11dd-9a25-00030d815e4c}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79987f83-5d9d-11dd-9a25-00030d815e4c}\Shell\AutoRun\command]

""=F:\AutoRun.exe -- File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dd66e010-58d4-11dd-a7a4-00030d815e4c}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dd66e010-58d4-11dd-a7a4-00030d815e4c}\Shell\AutoRun\command]

""=F:\AutoRun.exe -- File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dd66e028-58d4-11dd-a7a4-00030d815e4c}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dd66e028-58d4-11dd-a7a4-00030d815e4c}\Shell\AutoRun\command]

""=F:\AutoRun.exe -- File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[2008-12-07 16:25:57 | 00,000,000 | ---D | C] -- C:\_OTMoveIt

[2008-12-07 16:17:31 | 03,080,499 | -H-- | C] () -- C:\Users\Karin\AppData\Local\IconCache.db

[2008-12-07 15:09:55 | 00,423,424 | ---- | C] (OldTimer Tools) -- C:\Users\Karin\Desktop\OTViewIt.exe.part

[2008-12-07 13:34:43 | 20,112,83456 | -HS- | C] () -- C:\hiberfil.sys

[2008-12-07 12:21:49 | 00,001,763 | ---- | C] () -- C:\Users\Karin\Desktop\DVD Decrypter.lnk

[2008-12-07 12:21:49 | 00,000,000 | ---D | C] -- C:\Program Files\DVD Decrypter

[2008-12-04 11:01:21 | 00,199,680 | ---- | C] () -- C:\Users\Karin\Desktop\DirLook.exe

[2008-12-03 22:16:09 | 00,003,132 | ---- | C] () -- C:\Windows\System32\tmp.reg

[2008-12-03 22:15:49 | 00,087,552 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\VACFix.exe

[2008-12-03 22:15:49 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\o4Patch.exe

[2008-12-03 22:15:49 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.C.exe

[2008-12-03 22:15:49 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\404Fix.exe

[2008-12-03 22:15:46 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.exe

[2008-12-03 22:15:46 | 00,025,600 | ---- | C] () -- C:\Windows\System32\WS2Fix.exe

[2008-12-03 22:15:45 | 00,289,144 | ---- | C] (S!Ri) -- C:\Windows\System32\VCCLSID.exe

[2008-12-03 22:15:42 | 00,079,360 | ---- | C] (SteelWerX) -- C:\Windows\System32\swxcacls.exe

[2008-12-03 22:15:40 | 00,288,417 | ---- | C] (S!Ri) -- C:\Windows\System32\SrchSTS.exe

[2008-12-03 22:15:40 | 00,135,168 | ---- | C] (SteelWerX) -- C:\Windows\System32\swreg.exe

[2008-12-03 22:15:40 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\System32\Process.exe

[2008-12-03 22:15:40 | 00,051,200 | ---- | C] () -- C:\Windows\System32\dumphive.exe

[2008-12-03 22:15:40 | 00,040,960 | ---- | C] () -- C:\Windows\System32\swsc.exe

[2008-12-03 21:04:45 | 01,582,379 | ---- | C] () -- C:\Users\Karin\Desktop\SmitfraudFix.exe

[2008-12-03 20:59:42 | 00,000,000 | ---D | C] -- C:\Users\Karin\Desktop\SmitfraudFix

[2008-12-03 20:34:30 | 00,000,139 | ---- | C] () -- C:\Users\Karin\Desktop\eforum.url

[2008-12-03 19:36:36 | 00,000,000 | ---D | C] -- C:\Users\Karin\AppData\Roaming\Malwarebytes

[2008-12-03 19:36:34 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2008-12-03 19:36:34 | 00,000,824 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2008-12-03 19:36:32 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2008-12-03 19:36:31 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2008-12-03 19:36:30 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2008-12-03 18:20:05 | 00,001,880 | ---- | C] () -- C:\Users\Karin\Desktop\HijackThis.lnk

[2008-12-03 18:20:02 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2008-12-03 17:03:15 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys

[2008-12-03 17:02:17 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security

[2008-12-02 21:58:29 | 00,000,000 | ---D | C] -- C:\Users\Karin\AppData\Roaming\Mozilla

[2008-12-02 21:58:29 | 00,000,000 | ---D | C] -- C:\Users\Karin\AppData\Local\Mozilla

[2008-12-02 21:57:10 | 00,001,730 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2008-12-02 21:57:02 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2008-12-02 21:27:05 | 00,000,136 | ---- | C] () -- C:\Users\Karin\Documents\My Documents.url

[2008-12-02 21:26:42 | 00,000,000 | -HSD | C] -- C:\Windows\System32\6EB156CCD506E37A

[2008-11-26 15:03:32 | 00,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll

[2008-11-26 15:03:32 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll

[2008-11-26 15:03:32 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll

[2008-11-26 15:03:29 | 00,712,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll

[2008-11-26 15:03:29 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll

[2008-11-26 15:03:29 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll

[2008-11-26 15:03:26 | 01,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll

[2008-11-21 18:20:37 | 00,000,000 | ---D | C] -- C:\ProgramData\Last.fm

[2008-11-21 18:19:25 | 00,000,000 | ---D | C] -- C:\Users\Karin\AppData\Local\Last.fm

[2008-11-21 18:19:24 | 00,000,739 | ---- | C] () -- C:\Users\Public\Desktop\Last.fm.lnk

[2008-11-21 18:19:21 | 00,000,000 | ---D | C] -- C:\Program Files\Last.fm

[2008-11-21 17:24:28 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll

[2008-11-21 17:24:28 | 01,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll

[2008-11-21 17:24:28 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe

[2008-11-21 17:24:28 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll

[2008-11-21 17:23:59 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll

[2008-11-21 17:23:59 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll

[2008-11-21 17:23:59 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll

[2008-11-21 17:23:46 | 00,162,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll

[2008-11-21 17:23:46 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe

[2008-11-13 17:34:40 | 00,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys

[2008-11-13 17:34:36 | 01,194,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll

[2008-11-13 17:34:36 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll

[2008-11-13 17:34:31 | 01,341,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll

[2008-11-13 17:34:31 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll

[2008-11-08 17:05:06 | 00,000,000 | ---D | C] -- C:\Users\Karin\AppData\Local\Sony Ericsson

[2008-11-08 17:03:46 | 00,000,000 | ---D | C] -- C:\Program Files\Avanquest update

[2008-11-08 16:25:33 | 00,001,891 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Suite 3.2.lnk

[2008-11-08 16:25:26 | 00,110,120 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017unic.sys

[2008-11-08 16:25:26 | 00,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017whnt.sys

[2008-11-08 16:25:26 | 00,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017wh.sys

[2008-11-08 16:25:25 | 00,110,632 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017mdm.sys

[2008-11-08 16:25:25 | 00,104,616 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017mgmt.sys

[2008-11-08 16:25:25 | 00,100,648 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017obex.sys

[2008-11-08 16:25:25 | 00,083,880 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017bus.sys

[2008-11-08 16:25:25 | 00,025,512 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017nd5.sys

[2008-11-08 16:25:25 | 00,015,016 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017mdfl.sys

[2008-11-08 16:25:25 | 00,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017cmnt.sys

[2008-11-08 16:25:25 | 00,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017cm.sys

[2008-11-08 16:25:25 | 00,010,792 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s3017cr.sys

[2008-11-08 16:24:59 | 00,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson

[2008-11-08 16:24:59 | 00,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson

[2008-11-08 16:24:24 | 00,000,000 | ---D | C] -- C:\Users\Karin\AppData\Roaming\InstallShield

 

========== Files - Modified Within 30 Days ==========

 

[2008-12-07 16:31:49 | 01,258,162 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2008-12-07 16:31:49 | 00,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2008-12-07 16:31:49 | 00,472,414 | ---- | M] () -- C:\Windows\System32\perfh01D.dat

[2008-12-07 16:31:49 | 00,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2008-12-07 16:31:49 | 00,081,514 | ---- | M] () -- C:\Windows\System32\perfc01D.dat

[2008-12-07 16:27:23 | 00,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2008-12-07 16:27:23 | 00,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2008-12-07 16:27:19 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2008-12-07 16:27:11 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2008-12-07 16:27:04 | 20,112,83456 | -HS- | M] () -- C:\hiberfil.sys

[2008-12-07 16:17:31 | 03,080,499 | -H-- | M] () -- C:\Users\Karin\AppData\Local\IconCache.db

[2008-12-07 15:59:00 | 00,000,254 | ---- | M] () -- C:\Windows\tasks\Kontrollera uppdateringar för Windows Live Toolbar.job

[2008-12-07 15:10:01 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Users\Karin\Desktop\OTViewIt.exe.part

[2008-12-07 14:38:48 | 00,055,296 | ---- | M] () -- C:\Users\Karin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008-12-07 14:33:03 | 00,000,536 | ---- | M] () -- C:\Users\Karin\Documents\Mina delade mappar.lnk

[2008-12-07 12:35:11 | 30,650,695 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm

[2008-12-07 12:21:49 | 00,001,763 | ---- | M] () -- C:\Users\Karin\Desktop\DVD Decrypter.lnk

[2008-12-06 15:15:05 | 00,086,440 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg

[2008-12-04 11:01:22 | 00,199,680 | ---- | M] () -- C:\Users\Karin\Desktop\DirLook.exe

[2008-12-03 22:16:09 | 00,003,132 | ---- | M] () -- C:\Windows\System32\tmp.reg

[2008-12-03 21:04:59 | 01,582,379 | ---- | M] () -- C:\Users\Karin\Desktop\SmitfraudFix.exe

[2008-12-03 20:34:43 | 00,000,139 | ---- | M] () -- C:\Users\Karin\Desktop\eforum.url

[2008-12-03 19:36:34 | 00,000,824 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2008-12-03 18:20:05 | 00,001,880 | ---- | M] () -- C:\Users\Karin\Desktop\HijackThis.lnk

[2008-12-02 21:57:10 | 00,001,730 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2008-12-02 21:27:05 | 00,000,136 | ---- | M] () -- C:\Users\Karin\Documents\My Documents.url

[2008-11-29 17:58:21 | 00,082,944 | ---- | M] (S!Ri.URZ) -- C:\Windows\System32\o4Patch.exe

[2008-11-29 17:58:21 | 00,082,944 | ---- | M] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.C.exe

[2008-11-21 18:19:24 | 00,000,739 | ---- | M] () -- C:\Users\Public\Desktop\Last.fm.lnk

[2008-11-15 14:27:38 | 00,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Suite 3.2.lnk

[2008-11-08 18:52:01 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf

[2008-11-07 20:19:57 | 00,334,743 | ---- | M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg

< End of report >

[/log]

 

Ny Extras log:

 

[log]OTViewIt Extras logfile created on: 2008-12-07 16:37:57 - Run 6

OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Users\Karin

Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6000.16757)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

1,87 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 63,18% Memory free

3,98 Gb Paging File | 3,19 Gb Available in Paging File | 80,31% Paging File free

Paging file location(s): ?:\pagefile.sys;

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 92,21 Gb Total Space | 16,64 Gb Free Space | 18,04% Space Free | Partition Type: NTFS

Drive D: | 45,12 Gb Total Space | 31,99 Gb Free Space | 70,89% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: KARINS-DATOR

Current User Name: Karin

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html [@ = htmlfile] -- C:\Program\Internet Explorer\iexplore.exe File not found

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride"=1

"AntiSpywareOverride"=0

"FirewallOverride"=0

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

"DisableNotifications"=0

"EnableFirewall"=1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

========== (O10) Winsock2 Catalogs ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]

NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] -- C:\Windows\System32\nlaapi.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\napinsp.dll,-1000] -- C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000005 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000006 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

 

========== HKEY_LOCAL_MACHINE Protocol Defaults ==========

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults - Default Protocols

ldap -- 4 = Restricted sites (Not a Default Protocol)

news -- 4 = Restricted sites (Not a Default Protocol)

nntp -- 4 = Restricted sites (Not a Default Protocol)

oecmd -- 4 = Restricted sites (Not a Default Protocol)

snews -- 4 = Restricted sites (Not a Default Protocol)

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

@ivt -- @ivt protocol not assigned

file -- file protocol not assigned

ftp -- ftp protocol not assigned

http -- http protocol not assigned

https -- https protocol not assigned

shell -- shell protocol not assigned

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

@ivt -- @ivt protocol not assigned

file -- file protocol not assigned

ftp -- ftp protocol not assigned

http -- http protocol not assigned

https -- https protocol not assigned

shell -- shell protocol not assigned

 

========== (O18) Protocol Handlers ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

File not found C:\Program\AVG\AVG8\avgpp.dll (linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} (HKLM) [XPLPPFilter Class])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

File not found C:\Program\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

File not found C:\Program\Common Files\microsoft shared\Help\hxds.dll (ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} (HKLM) [HxProtocol Class])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

File not found c:\Program\Common Files\microsoft shared\Information Retrieval\msitss.dll (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

File not found C:\Program\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

 

========== (O18) Protocol Filters ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters

File not found C:\Program\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL text/xml:{807563E5-5146-11D5-A672-00B0D022E945} (HKLM) [Microsoft Office InfoPath XML Mime Filter]

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{028741EB-70F5-BF63-EB23-480A7C48F096}"=CCC Help German

"{0343FEB6-43EA-0608-CF1F-6B4D20784AA8}"=Catalyst Control Center Localization Italian

"{03B5882D-D9DB-B950-CBE1-D03DDBFFF458}"=CCC Help Chinese Traditional

"{1B3A67B0-F54D-2F98-763C-B8E309135C38}"=Catalyst Control Center Localization Swedish

"{1F9B00FC-AD74-A45C-3E73-83CF895E9CD0}"=Catalyst Control Center Localization Spanish

"{20503DFE-E5B2-491E-B2C5-8BCB5BF5B9E9}"=Windows Live Messenger

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=Google Toolbar for Internet Explorer

"{29F482A1-9828-5830-1F96-798E75CB90EB}"=CCC Help French

"{2B541619-4920-A88A-AEB6-C4E76672B726}"=ccc-utility

"{2C1B58D5-6549-472C-86B7-17BE57186628}"=Microsoft Works

"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}"=Sony Ericsson PC Suite 3.209.00

"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java 6 Update 7

"{32AFDE70-6890-478B-BC92-8F3C76B8A77B}"=Branding

"{37AF3415-B43F-FB0B-124B-4B207657DF66}"=Catalyst Control Center Localization Japanese

"{3E5D1BD1-3451-15A7-D5EB-FB4C1C713C33}"=Catalyst Control Center Localization Chinese Standard

"{3EAAC5FD-E209-4856-8C49-D4EA40F85032}"=Tele2 Mobile Connect

"{3FB83D9B-35B3-44E2-639B-6839332BBB29}"=Catalyst Control Center Localization Portuguese

"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}"=ATI Catalyst Install Manager

"{45EA1531-5226-4FC4-9341-8D0C8CEC502F}"=Windows Live Toolbar

"{48FD4CEC-7ED7-5220-2032-E780075764E4}"=CCC Help Japanese

"{587601F9-A917-AE27-263A-0854BE106BE9}"=Catalyst Control Center Localization German

"{625309B9-9853-B259-CA17-DA4838E2D7C6}"=Catalyst Control Center Localization Dutch

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}"=Activation Assistant for the 2007 Microsoft Office suites

"{66E98E51-BFF9-5922-1316-7AF58170CA54}"=Catalyst Control Center Graphics Light

"{71C97813-ADFC-AA48-D24F-17E6CD41B413}"=Skins

"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable

"{74EF2D1D-D3A6-3A56-1DD7-56A338BADD29}"=CCC Help Chinese Standard

"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}"=Avanquest update

"{787AD427-7FEB-A87C-4C2E-C95610EF345B}"=Catalyst Control Center Core Implementation

"{81CD6232-10F5-4832-B3DA-1B88B1571053}"=Nero 7 Essentials

"{8535028B-D4EE-B929-97A0-354013AE5D94}"=Catalyst Control Center Localization Korean

"{8DE292EC-FA26-4526-BFEB-3EE820E97005}"=OpenOffice.org Installer 1.0

"{90120000-0016-041D-0000-0000000FF1CE}"=Microsoft Office Excel MUI (Swedish) 2007

"{90120000-0016-041D-0000-0000000FF1CE}_HOMESTUDENTR_{E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0018-041D-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (Swedish) 2007

"{90120000-0018-041D-0000-0000000FF1CE}_HOMESTUDENTR_{E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001B-041D-0000-0000000FF1CE}"=Microsoft Office Word MUI (Swedish) 2007

"{90120000-001B-041D-0000-0000000FF1CE}_HOMESTUDENTR_{E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0407-0000-0000000FF1CE}"=Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0409-0000-0000000FF1CE}"=Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-040B-0000-0000000FF1CE}"=Microsoft Office Proof (Finnish) 2007

"{90120000-001F-040B-0000-0000000FF1CE}_HOMESTUDENTR_{F14C929B-E0E6-4EB5-8BFD-FC71AAC7D39C}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-041D-0000-0000000FF1CE}"=Microsoft Office Proof (Swedish) 2007

"{90120000-001F-041D-0000-0000000FF1CE}_HOMESTUDENTR_{A8626CEF-CB0A-4BC2-8F51-210A43B6158D}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0020-041D-0000-0000000FF1CE}"=Compatibility Pack för Office 2007-systemet

"{90120000-002C-041D-0000-0000000FF1CE}"=Microsoft Office Proofing (Swedish) 2007

"{90120000-006E-041D-0000-0000000FF1CE}"=Microsoft Office Shared MUI (Swedish) 2007

"{90120000-006E-041D-0000-0000000FF1CE}_HOMESTUDENTR_{C41B2E34-C30E-4989-8A9D-6B0805B33EC1}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-00A1-041D-0000-0000000FF1CE}"=Microsoft Office OneNote MUI (Swedish) 2007

"{90120000-00A1-041D-0000-0000000FF1CE}_HOMESTUDENTR_{E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{91120000-002F-0000-0000-0000000FF1CE}"=Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{9279B0F3-C831-7C50-9F07-73B1219322B6}"=Catalyst Control Center Localization Chinese Traditional

"{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}"=FirstSteps Diagnostics

"{94E89EFD-5841-17EA-4F69-37A5DA58A735}"=CCC Help Spanish

"{95120000-00AF-041D-0000-0000000FF1CE}"=Microsoft Office PowerPoint Viewer 2007 (Swedish)

"{9A983135-BB9F-6E62-F282-AD76BB9551FE}"=CCC Help English

"{9AE73DF3-2349-A626-AE42-7959D7583E2B}"=Catalyst Control Center Graphics Full Existing

"{A603BB91-F08F-025F-4158-E897DC29D037}"=Catalyst Control Center Localization French

"{AA27D595-32F0-97EB-BC94-1ED22E7444A8}"=CCC Help Portuguese

"{AC76BA86-7AD7-1053-7B44-A81200000003}"=Adobe Reader 8.1.2 - Svenska

"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}"=Windows Live inloggningsassistenten

"{BAA6BD76-9B5A-4ED3-98BE-0127E8F14541}"=Windows Live Photo Gallery

"{C61E8F12-31F1-C2E6-DC0C-505CBF2BEE57}"=ccc-core-static

"{CCC67B82-CD80-9C07-4C4A-D5B9C7137399}"=CCC Help Italian

"{D2B49278-3321-FFBA-0F7C-127878A9CB5D}"=CCC Help Dutch

"{D723FE60-F9EC-D688-0274-7BF2FF96E80A}"=Catalyst Control Center Graphics Full New

"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}"=Google Toolbar for Internet Explorer

"{E17F76BE-50E9-4E7C-ADF6-6D8F44A9C6F3}"=Windows Live installer

"{E1FA2D24-5633-83B3-3C72-FB3749DAF724}"=CCC Help Swedish

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver

"{F5E23357-CDCE-0246-677C-8097DAA6F8C5}"=CCC Help Korean

"{FA2B72B1-B29E-57FB-5AFB-74734AC3442E}"=Catalyst Control Center Graphics Previews Vista

"Activation Assistant for the 2007 Microsoft Office suites"=Activation Assistant for the 2007 Microsoft Office suites

"ActiveScan 2.0"=Panda ActiveScan 2.0

"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX

"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin

"ATI Uninstaller"=ATI Uninstaller

"AVG8Uninstall"=AVG Free 8.0

"DJ Music Mixer"=DJ Music Mixer

"DVD Decrypter"=DVD Decrypter (Remove Only)

"eMusic Promotion"=eMusic - 50 Free MP3 offer

"Free RAR Extract Frog 1.00"=Free RAR Extract Frog 1.00

"HijackThis"=HijackThis 2.0.2

"HOMESTUDENTR"=Microsoft Office Home and Student 2007

"LastFM_is1"=Last.fm 1.5.2.38918

"LimeWire"=LimeWire 4.18.3

"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware

"Mozilla Firefox (3.0.4)"=Mozilla Firefox (3.0.4)

"SMSERIAL"=Motorola SM56 Data Fax Modem

"Winamp"=Winamp

"Winamp Toolbar"=Winamp Toolbar for Internet Explorer

"Winamp Toolbar for Firefox"=Winamp Toolbar for Firefox

"Windows Live Toolbar"=Windows Live Toolbar

"WinRAR archiver"=WinRAR archiver

"VLC media player"=VideoLAN VLC media player 0.8.6h

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"uTorrent"=µTorrent

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-3649726366-2639818933-518027415-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"uTorrent"=µTorrent

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 2008-12-06 10:13:28 | Computer Name = Karins-dator | Source = WerSvc | ID = 5007

Description =

 

Error - 2008-12-07 07:06:09 | Computer Name = Karins-dator | Source = WerSvc | ID = 5007

Description =

 

Error - 2008-12-07 08:27:37 | Computer Name = Karins-dator | Source = EventSystem | ID = 4621

Description =

 

Error - 2008-12-07 08:29:39 | Computer Name = Karins-dator | Source = EventSystem | ID = 4609

Description =

 

Error - 2008-12-07 08:35:02 | Computer Name = Karins-dator | Source = WerSvc | ID = 5007

Description =

 

Error - 2008-12-07 11:18:55 | Computer Name = Karins-dator | Source = WerSvc | ID = 5007

Description =

 

Error - 2008-12-07 11:26:05 | Computer Name = Karins-dator | Source = EventSystem | ID = 4621

Description =

 

Error - 2008-12-07 11:27:23 | Computer Name = Karins-dator | Source = WerSvc | ID = 5007

Description =

 

Error - 2008-12-07 11:28:07 | Computer Name = Karins-dator | Source = Application Error | ID = 1000

Description = Felet uppstod i programmet sidebar.exe, version 6.0.6000.16615, tidsstämpel

0x4764fba1, felet uppstod i modulen unknown, version 0.0.0.0, tidsstämpel 0x00000000,

undantagskod 0xc0000005, felförskjutning 0x001c8020, process-ID 0x884, programmets

starttid 0x01c9588054f89b2b.

 

Error - 2008-12-07 11:34:20 | Computer Name = Karins-dator | Source = Application Hang | ID = 1002

Description = Programmet OTViewIt.exe, version 1.0.20.1, avslutades eftersom det

slutade att samverka med Windows. Ytterligare information kan finnas i problemhistoriken

på kontrollpanelen för Problemrapporter och lösningar. Process-ID: c90 Starttid:

01c95880f90dac0b Avslutningstid: 0

 

[ System Events ]

Error - 2008-12-07 08:30:18 | Computer Name = Karins-dator | Source = Service Control Manager | ID = 7026

Description =

 

Error - 2008-12-07 08:30:18 | Computer Name = Karins-dator | Source = Service Control Manager | ID = 7001

Description =

 

Error - 2008-12-07 08:30:18 | Computer Name = Karins-dator | Source = Service Control Manager | ID = 7001

Description =

 

Error - 2008-12-07 08:30:18 | Computer Name = Karins-dator | Source = Service Control Manager | ID = 7001

Description =

 

Error - 2008-12-07 08:30:25 | Computer Name = Karins-dator | Source = Service Control Manager | ID = 7001

Description =

 

Error - 2008-12-07 11:17:34 | Computer Name = Karins-dator | Source = DCOM | ID = 10010

Description =

 

Error - 2008-12-07 11:26:05 | Computer Name = Karins-dator | Source = DCOM | ID = 10010

Description =

 

Error - 2008-12-07 11:26:48 | Computer Name = Karins-dator | Source = ACPI | ID = 327686

Description = IRQARB: ACPI BIOS har inte någon IRQ för enheten i PCI-fack 4, funktion

0. Kontakta återförsäljaren för teknisk support.

 

Error - 2008-12-07 11:26:48 | Computer Name = Karins-dator | Source = ACPI | ID = 327686

Description = IRQARB: ACPI BIOS har inte någon IRQ för enheten i PCI-fack 7, funktion

0. Kontakta återförsäljaren för teknisk support.

 

Error - 2008-12-07 11:26:49 | Computer Name = Karins-dator | Source = ACPI | ID = 327686

Description = IRQARB: ACPI BIOS har inte någon IRQ för enheten i PCI-fack 6, funktion

0. Kontakta återförsäljaren för teknisk support.

 

 

< End of report >[/log]

 

[Cecilia]

Gick inte så bra. Ladda ner Avenger på Skrivbordet och packa upp filen där:

http://swandog46.geekstogo.com/avenger2/download.php

 

Kopiera in följande i Anteckningar:

Drivers to delete:
6EB156CCD506E37A

Folders to delete:
C:\Windows\System32\6EB156CCD506E37A

Files to delete:
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

Kontrollera att varje filnamn står på endast en rad och inte har delats upp på två rader.

Starta Avenger.

I den stora rutan så klistrar du in texten som finns i Anteckningar.

Bocka i rutan Scan for rootkits om den inte redan är ibockad.

Tryck på Execute för att starta det.

Datorn startar nu om (kanske två gånger).

Efter en liten stund så kommer loggen (C:\avenger.txt) upp, klistra in den här.

 

[KAR1NS]

Jag gjorde som du skrev. Datorn startade om och jag fick välja att göra en form av systemreparation. sedan startade datorn om igen, denna gång normalt. Men mappen som jag "extractat" Avenger i var borta och om jag extractade det igen och gick in i open logfile så fanns det ingen registrerad. När jag startade Avenger kom det upp en varning om att nyligen installerade program kunde försvinna när datorn startades om, men det vore ju knepigt om programmet tog bort sig själv.

 

(hängde inte riktigt med på varför jag skulle kopiera in "koden" du gav mig i anteckningar, eller alltså vilka anteckningar jag skulle kopiera in den i..har det betydelse för hur resultatet blev nu kanske?)

 

tack för all hjälp!

 

[Cecilia]

Gick det inte att starta datorn normalt efter att du körde Avenger? Vad hände då?

 

Det finns ett Windowsprogram som heter Anteckningar. Det kan vara bra att klistra in i Anteckningar och därifrån klistra in i Avenger därför att då är man säker på att det inte följer med någon formateringsinformation från forumet.

 

[KAR1NS]

Ah (då gjorde jag rätt med anteckningarna, så de blev rätt iaf)

 

Jo när jag hade kört avenger så startade datorn om, och det kom upp ett meddelande (alldeles i början av omstarten) som sa att Windows inte kunde starta normalt för att det fanns, skadade eller saknades vissa filer. Därmed fick jag ett val att antingen starta en systemreparation som reparerade felen och gjorde att jag kunde starta Windows normalt (detta valet rekommenderades) ,eller att starta windows normalt.. jag vågade inte chansa, så jag körde reparations-alternativet. Ska jag göra om det hela och välja: starta widows normalt istället?

 

[Cecilia]

Nej, gör inte om det nu. Jag ska prata med några andra och så återkommer jag senare.

 

[KAR1NS]

Åkej! låter kanon!

 

[Cecilia]

Ladda ner Gmer till Skrivbordet från en av dessa sidor:

http://www.gmer.net/

http://www.majorgeeks.com/GMER_d5198.html

Packa upp filen till Skrivbordet.

 

Dubbelklicka på programmet gmer.exe för att starta det.

Välj fliken rootkit, kontrollera att allt är förbockat till höger utom Show All. Tryck på Scan.

Tryck på Copy och klistra sedan in resultatet i ditt svar.

 

[KAR1NS]

här kommer Gmer loggen:

 

[log]GMER 1.0.14.14536 - http://www.gmer.net

Rootkit scan 2008-12-07 22:23:28

Windows 6.0.6000

 

 

---- Kernel code sections - GMER 1.0.14 ----

 

? C:\Windows\system32\6EB156CCD506E37A\6EB156CCD506E37A Åtkomst nekad.

 

---- User code sections - GMER 1.0.14 ----

 

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2300] kernel32.dll!SetUnhandledExceptionFilter 759FD187 5 Bytes JMP 0056DBBD C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Windows Live Messenger/Microsoft Corporation)

.text C:\Users\Karin\Desktop\gmer\gmer.exe[2520] ntdll.dll!NtCreateFile + 3 7716F417 2 Bytes [ EE, FA ]

.text C:\Program Files\Internet Explorer\iexplore.exe[3724] USER32.dll!DialogBoxIndirectParamW 76EA147A 5 Bytes JMP 6EFB179F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3724] USER32.dll!MessageBoxExA 76EB5683 5 Bytes JMP 6EFB16E6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3724] USER32.dll!DialogBoxParamA 76EB6537 5 Bytes JMP 6EFB1764 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3724] USER32.dll!MessageBoxIndirectW 76EBF12B 5 Bytes JMP 6EE416B6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3724] USER32.dll!DialogBoxParamW 76EC1217 5 Bytes JMP 6EE1F301 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3724] USER32.dll!DialogBoxIndirectParamA 76EE296F 5 Bytes JMP 6EFB17DA C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3724] USER32.dll!MessageBoxIndirectA 76EEFA9F 5 Bytes JMP 6EFB1720 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3724] USER32.dll!MessageBoxExW 76EEFB99 5 Bytes JMP 6EFB16AC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3724] SHELL32.dll!DAD_ShowDragImage + CC 7623E958 4 Bytes [ 01, 0C, 8C, 6D ]

.text C:\Program Files\Internet Explorer\iexplore.exe[3724] SHELL32.dll!DAD_ShowDragImage + D4 7623E960 8 Bytes [ 0F, 0B, 8C, 6D, 8F, 32, 8B, ... ]

 

---- User IAT/EAT - GMER 1.0.14 ----

 

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [10001CD0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10001C60] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [10001C80] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [10001CD0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10001C60] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [10001C80] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10001C60] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [10001CD0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [10001C80] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10001C60] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [10001C80] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [10001CD0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [10001C80] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10001C60] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!SetWindowLongA] [1002B4A0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!AdjustWindowRectEx] [1002B410] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!AdjustWindowRect] [1002B480] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [10001C80] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [10001CD0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10001C60] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!SetWindowLongA] [1002B4A0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [10001CD0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [10001C80] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10001C60] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [10001C80] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [10001CD0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [10001C60] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\WININET.dll [uSER32.dll!SetWindowLongA] [1002B4A0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [10001C60] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] [10001CD0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryW] [10001C80] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10001C60] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10001C60] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [10001C80] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [10001C80] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [10001C60] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [10001C60] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2324] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [10001CD0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6D8AD4D7] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6D8AD03C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6D8AB641] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6D8AD1C1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6D8ABCBB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6D8AF1D3] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6D8AC2A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6D8AD4D7] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [6D8AB641] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [6D8ADDF0] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [6D8AC2A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6D8AF43D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6D8B0D38] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6D8AFBC9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6D8B0291] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6D8AD03C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6D8AF1D3] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6D8ABCBB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6D8AB0B4] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6D8AD1C1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6D8AA910] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [6D8BDB43] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW] [6D8BE4AD] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [6D8BCBD1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] [6D8BD7A7] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] [6D8BCED9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [6D8BC659] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey] [6D8BCD3D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6D8AD1C1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6D8AE0F1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6D8AB0B4] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6D8AA910] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6D8AA7B9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6D8AC2A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6D8AD4D7] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6D8A8CF2] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6D8ABCBB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6D8B0291] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6D8AFBC9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6D8AF1D3] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6D8A8A99] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6D8A8BC4] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6D8ABB72] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6D8AFF2E] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6D8AFB56] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6D8B0D38] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6D8AEF48] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6D8A896E] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6D8AD03C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!WinHelpW] [6D8ACF05] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!WinHelpA] [6D8ACDCE] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey] [6D8BCD3D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [6D8BC4D1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA] [6D8BCD90] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA] [6D8BD947] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [6D8BCA59] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [6D8BC659] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [6D8BCBD1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW] [6D8BE19D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] [6D8BD46B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] [6D8BD7A7] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] [6D8BCED9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW] [6D8BDB43] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW] [6D8BE4AD] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW] [6D8BDEA9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA] [6D8BE015] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA] [6D8BE325] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA] [6D8BDD3F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] [6D8BD607] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6D8AA400] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW] [6D8AFBC9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6D8AE0F1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6D8AA682] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6D8AAE32] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6D8AB0B4] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6D8ABFC3] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6D8AB641] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6D8A969E] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6D8AD4D7] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6D8ADDF0] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW] [6D8B0291] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose] [6D8B0D38] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6D8A9300] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA] [6D8A896E] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW] [6D8AF1D3] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6D8AA178] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6D8AA910] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RemoveDirectoryW] [6D8AEA70] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW] [6D8AE499] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [6D8AC2A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [6D8A8CF2] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW] [6D8A8A99] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6D8ADE15] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW] [6D8A943F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6D8AD1C1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [6D8ABCBB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW] [6D8A8F5F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6D8AD03C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW] [6D8A91CF] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6D8AF43D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!LoadImageW] [6D8AC52B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!WinHelpW] [6D8ACF05] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!PrivateExtractIconsW] [6D8ACA20] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExW] [6D8BCBD1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyExW] [6D8BC659] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegEnumKeyW] [6D8BDEA9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegEnumValueW] [6D8BE4AD] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] [6D8BCED9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [6D8BDB43] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryInfoKeyA] [6D8BD947] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegEnumKeyExW] [6D8BE19D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueW] [6D8BD173] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] [6D8BD7A7] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] [6D8BD46B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyW] [6D8BC91D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyW] [6D8BC391] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] [6D8BD607] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExA] [6D8BCA59] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCloseKey] [6D8BCD3D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6D8B9194] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindClose] [6D8B0D38] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] [6D8B0291] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6D8AD4D7] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SearchPathW] [6D8AF1D3] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [6D8AC2A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetShortPathNameW] [6D8A943F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [6D8A8F5F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [6D8ABCBB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6D8AD1C1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [6D8A8A99] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6D8AD03C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueW] [6D8BD173] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] [6D8BD2C3] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumKeyExW] [6D8BE19D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumValueW] [6D8BE4AD] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumKeyA] [6D8BDD3F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyA] [6D8BCD90] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [6D8BDB43] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryInfoKeyA] [6D8BD947] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] [6D8BD46B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumKeyW] [6D8BDEA9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegCloseKey] [6D8BCD3D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] [6D8BD7A7] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExW] [6D8BCBD1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] [6D8BCED9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegCreateKeyExW] [6D8BC659] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] [6D8BD607] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExA] [6D8BCA59] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHRegGetValueW] [6D8B5CE6] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHRegGetValueA] [6D8B5C88] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathUnExpandEnvStringsA] [6D8B4D7E] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHDeleteKeyA] [6D8B5098] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHDeleteValueW] [6D8B5188] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathCreateFromUrlW] [6D8B408B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHGetValueA] [6D8B5340] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHSetValueA] [6D8B6188] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHGetValueW] [6D8B539B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!SHSetValueW] [6D8B61E3] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3724] @ C:\Windows\system32\WININET.dll [sHLWAPI.dll!PathCombineW] [6D8B3FE4] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

 

---- Services - GMER 1.0.14 ----

 

Service C:\??\C:\Windows\system32\6EB156CCD506E37A\6EB156CCD506E37A (*** hidden *** ) [AUTO] 6EB156CCD506E37A <-- ROOTKIT !!!

 

---- Registry - GMER 1.0.14 ----

 

Reg HKLM\SYSTEM\CurrentControlSet\Services\6EB156CCD506E37A@Type 1

Reg HKLM\SYSTEM\CurrentControlSet\Services\6EB156CCD506E37A@Start 2

Reg HKLM\SYSTEM\CurrentControlSet\Services\6EB156CCD506E37A@ErrorControl 0

Reg HKLM\SYSTEM\CurrentControlSet\Services\6EB156CCD506E37A@ImagePath \??\C:\Windows\system32\6EB156CCD506E37A\6EB156CCD506E37A

Reg HKLM\SYSTEM\ControlSet002\Services\6EB156CCD506E37A@Type 1

Reg HKLM\SYSTEM\ControlSet002\Services\6EB156CCD506E37A@Start 2

Reg HKLM\SYSTEM\ControlSet002\Services\6EB156CCD506E37A@ErrorControl 0

Reg HKLM\SYSTEM\ControlSet002\Services\6EB156CCD506E37A@ImagePath \??\C:\Windows\system32\6EB156CCD506E37A\6EB156CCD506E37A

 

---- EOF - GMER 1.0.14 ----

[/log]

 

[Cecilia]

Jag vet inte om det här fungerar men du kan ju återställa om det går fel.

Skapa en systemåterställningspunkt först i Start - Program - Tillbehör - Systemverktyg - Systemåterställning, så du kan backa till den med hjälp av CDn du skapade förut.

 

Starta Gmer genom att högerklicka på den och välja Kör som administratör och skanna precis som förut. När resultatet kommer upp så högerklickar du på den rad som motsvarar:

Service C:\??\C:\Windows\system32\6EB156CCD506E37A\6EB156CCD506E37A (*** hidden *** ) [AUTO] 6EB156CCD506E37A <-- ROOTKIT !!!

och väljer något med Delete.

Starta om datorn.

Skanna med Gmer igen på samma sätt och klistra in det nya resultatet.

 

[KAR1NS]

Ursäkta mitt sena svar igen, jag har inte haft tillgång till internet på några dagar. Det börjar bli lite komplicerat för mig nu.. är inte så bra på datorer..så jag ska försöka få hjälp av en kompis som har lite bättre koll än mig. Men ska prova att göra så som du beskrev. Det kanske tar några dagar innan jag får tag i honom. Har börjat få varningar om "threat detected" av mitt virusprogram nu igen...så nåt skit finns ju kvar på datorn, antagligen de filerna som vi misstänker. tack för all hjälp!

 

[Cecilia]

Du behöver inte be om ursäkt, du bestämmer när du vill svara.

 

Men jag tror inte att det är så svårt att följa anvisningarna i mitt förra inlägg, fråga om det är något du inte förstår.

 

[KAR1NS]

Åkej jag gör ett försök!

Jag har skapat en systemåterställningspunkt. Men jag förstår inte riktigt hur det fungerar sen, alltså hur jag använder den.. men det tar vi kanske då. jag har iallafall skapat en=) MEN..nu blev det problem med skivan jag bränt.. har gjort två försök/2 skivor att bränna den.. det är ju en isofil. brände skivan med dvd decrypter. När jag sätter i skivan i datorn vill jag ju att den ska öppna sig som en isofil ska göra, men den lägger sig i utforskaren som ett gäng filer.. en liten vlc-fil som inte spelas upp och en massa andra småfiler. vad har jag gjort för fel med skivan? eller kanske.. hur får jag den att öppna sig så att jag kan använda den?

 

Säg att jag kör Gmer och att datorn/windows inte startar som normalt efteråt, exakt hur kommer det se ut när den startas om? ska jag välja nåt speciellt startalternativ. Vet inte riktigt hur det funkar med systemåterställngar. om jag ska vara ärlig=)

 

[KAR1NS]

förtydligande av mig:

alltså jag vet ju vad en systemåterställing är och vad den gör.. men jag har inte nån direkt koll på hur man utför den och hur man går till väga med den.

 

[Cecilia]

För att starta datorn från skivan så måste du nog ändra i BIOS-inställningarna så att CDn kommer före hårddisken i startordning. På första skärmbilden efter man har slagit på datorn så brukar det finnas en text, t ex Press Del to Enter Setup eller Boot Order = F12. Det ska du göra så ändra Boot order/priority/sequence (står olika i olika datorer) så att CDn kommer före hårddisken.

 

Pröva om du kan få datorn att starta från skivan.

 

[KAR1NS]

Ska jag prova det nu direkt för att kolla om skivan ens fungerar, eller som en del i uppstarten efter att jag kört Gmer-scanen?

 

[Cecilia]

Prova det nu, så vet du att det funkar om det behövs och du ser hur det ser ut på skivan.

 

[KAR1NS]

jo jag hamnade i en sådan meny när j

jag tryckte F12 vid uppstart.

Det fanns fyra alternativ, eller delar i boot menyn. såhär:

1. ALL USB KEY

2. ALL USB HDD

3. IDE CD TSSTcorpCDDVDWTS..(etc)

4. IDE HDD: WDC WD1600BEVS..(etc)

 

Jag gick in i options där och då kunde man flytta de olika rubrikerna upp eller ner i ordning, i den ordning man ville att det skulle startas. Jag visste inte om jag skulle sätta CD längt upp på listan, så jag flyttade den så att den var före hårddisken. När jag var färdig såg listan ut:

 

1. ALL USB KEY

2. IDE CD TSSTcorpCDDVDWTS..(etc)

3. ALL USB HDD

4. IDE HDD: WDC WD1600BEVS..(etc)

 

Men när jag satte i skivan efter att jag loggat in i datorn öppnar den sig fortfarande i utforskaren som en mapp med filer. vilken ordning gäller?

 

[Cecilia]

Ha skivan i och så startar du om datorn.

 

[KAR1NS]

ja CD:n funkar som den ska. Kom till en meny med olika repair-alternativ.

Gissar att det är "system repair" jag ska in i sen om inte datorn skulle fungera normalt efter scanen med Gmer. (Och att det är där jag hittar min systemåterställningspunkt)

 

Är det bara att köra Gmer-scanen nu då, som du angivit i det tidigare meddelandet?

 

[Cecilia]

Nu var det ett tag sedan jag provade min sådan skiva så jag kommer inte ihåg de olika alternativen, men om det finns något med Restore så är det nog det.

 

Ta ut skivan, den ska bara användas om datorn/Windows inte startar ordentligt.

 

Då kör du Gmer som jag skrev 7 december 2008 23:47.

 

[KAR1NS]

jag gjorde en scan med Gmer.. det kom upp en rödmarkerad rad som heter nästan så som du skrev fast såhär:

Sevice C:\\Windows\system32\6EB156CCD506E37A\6EB156CCD506E37A (***hidden***)

det finns tyvärr ingenstans man kan välja delete eller något sådant alternativ.

vad gör jag nu?

 

[KAR1NS]

förlåt.. jag är för snabb med mina inlägg. Om jag högerklickar på filnamnet om är rödmarkerat kan jag välja delete service eller disable service, är det detta jag sak göra? e så rädd att jag sabbar nåt =)

 

[Cecilia]

Ta det lugnt så är det mindre risk att något oönskat händer.

Välj Disable service

 

[KAR1NS]

så fort jag väljer disable service så stängs Gmer ner..det händer varje gång, har testat några gånger. Det kommer upp nån text om att Gmer måste avslutas och så stängs programmet ner. Filnamnet vi vill ha bort finns kvar efteråt.

Ska jag välja delete service istället?