Just nu i M3-nätverket
Jump to content

datorn krånglar


Mbror

Recommended Posts

Hej, jag är helt ny på Eforum och skulle behöva lite hjlp med min dator som krånglar. den är riktigt seg mot vad den var förut. Seg både vad gäller uppstart, att jobba med och internet.

 

Jag har läst alla inlägg jag kunnat hitta och följt alla råd som finns. Laddat ner olika program och ändrat inställningar osv. men den är inte alls som den var förut.

 

JAg har nyss laddat ner HIJackThis och med hjälp av andra inlägg försökt tyda den loggen med blandad framgång. LYckades hitta en del probelm men troligen långt från allt.

 

Skulle med andra ord i första hand behöva hjälp med att kolla den om det är någon som har tid. Vore väldigt tacksam för all hjälp jag kan få då jag behöver datorn i tipp topp i jobbet.

 

Tack på förhand!

 

Martin[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:46:48, on 2008-12-16

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

 

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe

C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

C:\Program\Delade filer\Symantec Shared\ccProxy.exe

C:\Program\Delade filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe

C:\Program\Delade filer\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Windows\Explorer.EXE

C:\Program\Lavasoft\Ad-Aware\aawservice.exe

C:\Windows\system32\spoolsv.exe

C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Windows\system32\crypserv.exe

C:\Program\Iomega\System32\AppServices.exe

C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe

C:\Program\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\Windows\System32\nvsvc32.exe

C:\Windows\system32\PnkBstrA.exe

C:\Program\Analog Devices\SoundMAX\SMAgent.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\wuauclt.exe

C:\Program\COMPAQ\Easy Access Button Support\StartEAK.exe

C:\Program\Analog Devices\SoundMAX\Smtray.exe

C:\Program\Analog Devices\SoundMAX\DrvLsnr.exe

C:\Program\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.EXE

C:\Program\QuickTime\qttask.exe

C:\Program\Compaq\Easy Access Button Support\CPQEADM.EXE

C:\Compaq\EAKDRV\EAUSBKBD.EXE

C:\Windows\system32\PuXpMan.exe

C:\Program\Compaq\EASYAC~1\BttnServ.exe

C:\Program\Delade filer\Symantec Shared\ccApp.exe

C:\Program\Java\jre1.6.0_05\bin\jusched.exe

C:\Program\MSN Messenger\msnmsgr.exe

C:\Program\OLYMPUS\DeviceDetector\DevDtct2.exe

C:\Program\Personal\bin\Personal.exe

C:\Program\Delade filer\Symantec Shared\Security Console\NSCSRVCE.EXE

C:\Windows\system32\ctfmon.exe

C:\Program\AsmwSoft\Free Asmw PC-Optimizer\asmwreg.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.kth.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/041D/bl8.asp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [igfxTray] C:\Windows\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

O4 - HKLM\..\Run: [CPQEASYACC] C:\Program\COMPAQ\Easy Access Button Support\StartEAK.exe

O4 - HKLM\..\Run: [smapp] C:\Program\Analog Devices\SoundMAX\Smtray.exe

O4 - HKLM\..\Run: [DrvLsnr] C:\Program\Analog Devices\SoundMAX\DrvLsnr.exe

O4 - HKLM\..\Run: [WCOLOREAL] C:\Program\COMPAQ\Coloreal\coloreal.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [iamapp] rundll32.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program\Delade filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program\Delade filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program\Delade filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\Windows\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\Windows\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\Windows\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: PowerReg Scheduler V3.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Device Detector 3.lnk = C:\Program\OLYMPUS\DeviceDetector\DevDtct2.exe

O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: Parbet Poker - {47C7E27E-BD99-48d1-8D09-C7BD4981602A} - C:\Program\parbetMPP\MPPoker.exe

O9 - Extra button: MultiPoker - {641F4F4E-6C91-4159-869E-9F5CE6F0F64E} - C:\Windows\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: MultiPoker - {641F4F4E-6C91-4159-869E-9F5CE6F0F64E} - C:\Windows\System32\shdocvw.dll

O9 - Extra button: Poker.com - {6FDD5236-C9F0-49ef-935D-385F5E21991A} - C:\Program\Poker.com\poker.exe

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: bet365 Poker - {B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD} - C:\Program\bet365MPP\MPPoker.exe

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe

O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra button: Poker.com - {6FDD5236-C9F0-49ef-935D-385F5E21991A} - C:\Documents and Settings\All Users\Start-meny\Program\Poker.com\Poker.com.lnk (HKCU)

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab

O16 - DPF: {11111111-1111-1111-1111-111111111111} - file://c:\info6_s.cab

O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab

O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1170628560593

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab

O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab

O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Automatisk LiveUpdate-schemaläggare - Symantec Corporation - C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program\Norton Internet Security\ccPwdSvc.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program\Norton Internet Security\comHost.exe

O23 - Service: Crypkey License - Unknown owner - C:\Windows\SYSTEM32\crypserv.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe

O23 - Service: Iomega App Services - Iomega Corporation - C:\Program\Iomega\System32\AppServices.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: Norton AntiVirus Auto Protect-tjänst (navapsvc) - Symantec Corporation - C:\Program\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: Norton Internet Security Service (NISSERV) - Unknown owner - C:\Program\Norton Internet Security\NISSERV.EXE (file missing)

O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\Windows\System32\NMSSvc.exe

O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\Security Console\NSCSRVCE.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\System32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Norton Internet Security Proxy Service (SymProxySvc) - Unknown owner - C:\Program\Norton Internet Security\SymProxySvc.exe (file missing)

 

--

End of file - 13774 bytes

[/log]

 

Link to comment
Share on other sites

Vad är det för årsmodell av Norton?

 

Det är en gammal Java-version med säkerhetshål i datorn. Jag rekommenderar dig att installera en ny från http://www.java.com/sv/ och därefter avinstallera alla Java/J2SE/JRE utom den senaste i Kontrollpanelen - Lägg till eller ta bort program (inga webbläsare igång).

Förvånande då du har uppdateringsprogrammet igång.

 

Surfa till http://www.virustotal.com klistra in följande filnamn i rutan, tryck på Skicka Fil och vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in resultatet från de olika antivirusprogrammen (inte Övrig information) här.

c:\info6_s.cab

 

Vad för rader har du fixat med HijackThis?

 

Har något antivirusprogram eller antispionprogram hittat något skadligt? Vad i så fall och i vilka filer och mappar?

 

Link to comment
Share on other sites

vad gäller java har jag nu installerat den nya men har flera olika att välja på i lägg till/ta bort program:

 

"J2SE Runtime Environment 5.0 Update 5"

"Java 6 Update 11"

"Java 6 Update 2"

"Java 6 Update 5"

 

vilka av dessa ska bort?

 

 

När jag klistrar in c:\info6_s.cab och skickar den på virustotal kommer en ny sida upp med meddelandet:

"0 bytes size received / Se ha recibido un archivo vacio"

 

Har jag gjort något fel eller är det något som inte fungerar?

Med HijackThis kollade jag egentligen bara ifall det var något som laddats ner som verkade dåligt men där hittade jag inget. jag kollade också vilka program som startades automtiskt när datorn startades och gick in i systemkonfiguration och tog bort några som jag inte behövde. kollade först vad allting var mha. sidan på internet som heter något med bleep (kommer inte på adressen just nu)

 

jag har använt mig av olika spyware, malware och sådana program som tex. superantispyware, malwarebytes anti malware, adaware, spybot och har även kört norton antivirus. (vet helt ärligt inte vilken årgång det är. chansar på 2008 då det står att jag har 250 dagar kvar på min ett års prenumeration.hur kollar man detta?) den har inte hittat några virus utan mer sådan tracking och spy/malware. kan inte säga exakt var det låg eller vad det var. vet inte hur man kollar upp det.

 

tack så mkt för att du är så hjälpsam. Sovdags nu men jag är på det igen imorn om jag fått ett svar här :D

 

Martin

 

[inlägget ändrat 2008-12-17 00:30:04 av Mbror]

Link to comment
Share on other sites

"Java™ 6 Update 11" är den du just installerade, så ta bort de andra.

 

chansar på 2008 då det står att jag har 250 dagar kvar på min ett års prenumeration
Det kan vara äldre också, men som jag har förstått nu så ska man kunna uppgradera till en nyare årsmodell gratis så länge man betalar en prenumeration och 2009 är kraftigt förbättrad när det gäller hur mycket den lastar ner datorn.

 

I MBAM så hittar man gamla loggar på fliken Loggar.

I SUPERAntiSpyware så trycker man Preferences - Statistics/Logs.

 

Ladda ner OTViewIt till Skrivbordet:

http://oldtimer.geekstogo.com/OTViewIt.exe

 

Stäng alla program.

Kör OTViewIt (i Vista högerklicka och Kör som administratör).

Bocka för Scan all Users.

Välj 30 dagar för File Age om det inte redan är valt.

Tryck på Run Scan och låt programmet köra ostört.

 

När det är klart så skapas två loggfiler på Skrivbordet, OTViewIt.txt och Extras.txt.

I ditt svar bifogar du loggarna på detta sätt:

Tryck på LOG-knappen i Besvara-fönstret

Klistra in loggen

Tryck igen på LOG-knappen

 

Link to comment
Share on other sites

hej, har inte hunnit kolla upp om jag kan få norton 2009 men alla loggar kommer här.

 

[log]SUPERAntiSpyware Scan Log

http://www.superantispyware.com'>http://www.superantispyware.com

 

Generated 12/16/2008 at 05:30 PM

 

Application Version : 4.23.1006

 

Core Rules Database Version : 3676

Trace Rules Database Version: 1655

 

Scan type : Quick Scan

Total Scan Time : 00:49:42

 

Memory items scanned : 614

Memory threats detected : 0

Registry items scanned : 634

Registry threats detected : 11

File items scanned : 12931

File threats detected : 37

 

Unclassified.Unknown Origin

HKCR\PROTOCOLS\Filter\text/html

HKCR\PROTOCOLS\Filter\text/html#CLSID

 

Adware.Tracking Cookie

C:\Documents and Settings\Administratör\Cookies\administratör@www.dirtypornzone[2].txt

C:\Documents and Settings\Administratör\Cookies\administratör@doubleclick[2].txt

C:\Documents and Settings\Administratör\Cookies\administratör@www.nichedporn[1].txt

C:\Documents and Settings\Administratör\Cookies\administratör@server.iad.liveperson[2].txt

C:\Documents and Settings\Administratör\Cookies\administratör@ad.yieldmanager[1].txt

C:\Documents and Settings\Administratör\Cookies\administratör@revsci[2].txt

C:\Documents and Settings\Administratör\Cookies\administratör@www.dirtypornzone[4].txt

C:\Documents and Settings\Administratör\Cookies\administratör@server.iad.liveperson[3].txt

C:\Documents and Settings\Administratör\Cookies\administratör@pornhost[2].txt

C:\Documents and Settings\Administratör\Cookies\administratör@atdmt[1].txt

C:\Documents and Settings\Administratör\Cookies\administratör@stat.blogorama[1].txt

C:\Documents and Settings\Administratör\Cookies\administratör@tribalfusion[1].txt

C:\Documents and Settings\Administratör\Cookies\administratör@adtech[1].txt

C:\Documents and Settings\Administratör\Cookies\administratör@megaporn[2].txt

C:\Documents and Settings\Administratör\Cookies\administratör@youramateurporn[1].txt

C:\Documents and Settings\Administratör\Cookies\administratör@imrworldwide[2].txt

C:\Documents and Settings\Administratör\Cookies\administratör@indextools[2].txt

C:\Documents and Settings\Administratör\Cookies\administratör@ads.bridgetrack[2].txt

C:\Documents and Settings\Administratör\Cookies\administratör@toplist[1].txt

C:\Documents and Settings\Administratör\Cookies\administratör@dirtypornzone[2].txt

C:\Documents and Settings\Administratör\Cookies\administratör@www.dirtypornzone[1].txt

C:\Documents and Settings\Administratör\Cookies\administratör@track.adform[3].txt

 

Adware.ZToolbar

C:\Windows\system32\azebar.xml

C:\Windows\Downloaded Program Files\azesearch.inf

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D7BF3304-138B-4DD5-86EE-491BB6A2286C}

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D7BF3304-138B-4DD5-86EE-491BB6A2286C}#SystemComponent

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D7BF3304-138B-4DD5-86EE-491BB6A2286C}#Installer

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D7BF3304-138B-4DD5-86EE-491BB6A2286C}\Contains

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D7BF3304-138B-4DD5-86EE-491BB6A2286C}\DownloadInformation

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D7BF3304-138B-4DD5-86EE-491BB6A2286C}\DownloadInformation#CODEBASE

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D7BF3304-138B-4DD5-86EE-491BB6A2286C}\DownloadInformation#INF

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D7BF3304-138B-4DD5-86EE-491BB6A2286C}\InstalledVersion

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D7BF3304-138B-4DD5-86EE-491BB6A2286C}\InstalledVersion#LastModified

 

Registry Cleaner Trial

C:\Documents and Settings\Administratör\Application Data\Registry Cleaner\Backups\2006-12-05,22-55 35 846.zip

C:\Documents and Settings\Administratör\Application Data\Registry Cleaner\Backups\2006-12-05,22-57 08 596.zip

C:\Documents and Settings\Administratör\Application Data\Registry Cleaner\Backups

C:\Documents and Settings\Administratör\Application Data\Registry Cleaner\Regclean.ini

C:\Documents and Settings\Administratör\Application Data\Registry Cleaner

 

Browser Hijacker.Favorites

C:\Documents and Settings\Administratör\Favoriter\Favorites\Music and Movies

C:\Documents and Settings\Administratör\Favoriter\Favorites\Spyware Removers

C:\Documents and Settings\Administratör\Favoriter\Favorites\Spyware Removers\ADWare Bazooka.url

C:\Documents and Settings\Administratör\Favoriter\Favorites\Spyware Removers\Adware Punisher.url

C:\Documents and Settings\Administratör\Favoriter\Favorites\Spyware Removers\HIT Virus.url

C:\Documents and Settings\Administratör\Favoriter\Favorites\Spyware Removers\The Spy Guard Site.url

C:\Documents and Settings\Administratör\Favoriter\Pharmacy

 

Browser Hijacker.Liporn

C:\WINDOWS\FORM.JS

[/log]

 

 

[log]SUPERAntiSpyware Scan Log

http://www.superantispyware.com

 

Generated 12/16/2008 at 08:08 PM

 

Application Version : 4.23.1006

 

Core Rules Database Version : 3676

Trace Rules Database Version: 1655

 

Scan type : Complete Scan

Total Scan Time : 01:33:24

 

Memory items scanned : 494

Memory threats detected : 0

Registry items scanned : 8214

Registry threats detected : 0

File items scanned : 37397

File threats detected : 23

 

Adware.Tracking Cookie

C:\Documents and Settings\Administratör\Cookies\administratör@doubleclick[1].txt

C:\Documents and Settings\Administratör\Cookies\administratör@adtech[1].txt

C:\Documents and Settings\Administratör\Cookies\administratör@track.adform[3].txt

C:\Documents and Settings\Administratör\Cookies\administratör@bs.serving-sys[1].txt

C:\Documents and Settings\Administratör\Cookies\administratör@ero-advertising[2].txt

C:\Documents and Settings\Administratör\Cookies\administratör@toplist[2].txt

C:\Documents and Settings\Administratör\Cookies\administratör@msnportal.112.2o7[1].txt

C:\Documents and Settings\Administratör\Cookies\administratör@sifomedia.na[2].txt

C:\Documents and Settings\Administratör\Cookies\administratör@advertising[1].txt

C:\Documents and Settings\Administratör\Cookies\administratör@www.dirtypornzone[3].txt

C:\Documents and Settings\Administratör\Cookies\administratör@www.dirtypornzone[5].txt

C:\Documents and Settings\Administratör\Cookies\administratör@www.goldporn[2].txt

C:\Documents and Settings\Administratör\Cookies\administratör@www.goldporn[1].txt

C:\Documents and Settings\Administratör\Cookies\administratör@xmissyporn[1].txt

C:\Documents and Settings\Administratör\Cookies\administratör@adultadworld[2].txt

C:\Documents and Settings\Administratör\Cookies\administratör@track.adform[2].txt

 

Registry Cleaner Trial

C:\Documents and Settings\Administratör\Application Data\Registry Cleaner\Backups\2006-12-05,22-55 35 846.zip

C:\Documents and Settings\Administratör\Application Data\Registry Cleaner\Backups\2006-12-05,22-57 08 596.zip

C:\Documents and Settings\Administratör\Application Data\Registry Cleaner\Backups

C:\Documents and Settings\Administratör\Application Data\Registry Cleaner\Regclean.ini

C:\Documents and Settings\Administratör\Application Data\Registry Cleaner

 

Adware.RX Toolbar

C:\PROGRAM\RXTOOLBAR\RXTOOLBAR.DLL

C:\PROGRAM\RXTOOLBAR\SFCONT.DLL

[/log]

 

 

[log]Malwarebytes' Anti-Malware 1.31

Databasversion: 1508

Windows 5.1.2600 Service Pack 2

 

2008-12-16 22:17:02

mbam-log-2008-12-16 (22-17-02).txt

 

Skanningstyp: Snabb skanning

Antal skannade objekt: 57217

Förfluten tid: 6 minute(s), 46 second(s)

 

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 3

Infekterade registervärden: 0

Infekterade registerdataposter: 0

Infekterade mappar: 4

Infekterade filer: 18

 

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

 

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

 

Infekterade registernycklar:

HKEY_CLASSES_ROOT\rxtoolbar.tbinfo (Adware.RXToolbar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\rxtoolbar.tbinfo.1 (Adware.RXToolbar) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\RX ToolBar (Adware.RXToolbar) -> Quarantined and deleted successfully.

 

Infekterade registervärden:

(Inga illasinnade poster hittades)

 

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

 

Infekterade mappar:

C:\Program\RXToolBar (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\Cache (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\graphics (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\HTML (Adware.RXToolbar) -> Quarantined and deleted successfully.

 

Infekterade filer:

C:\Program\RXToolBar\CacheCatalog.rx (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\rx.xml (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\rxtoolbar.cfg (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\rxwebsearches.xsl (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\sfcont.bin (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\yahoo.xsl (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\Cache\CTwww_oru_se_ (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\graphics\additional.gif (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\graphics\additional_active.gif (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\graphics\background.jpg (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\graphics\blue_hr_horz.GIF (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\graphics\gray_hr_horz.GIF (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\graphics\thumbtack.gif (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\graphics\thumbtack_active.gif (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\graphics\thumbtack_click.gif (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\HTML\content.htm (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\RXToolBar\HTML\main.htm (Adware.RXToolbar) -> Quarantined and deleted successfully.

C:\Program\SETUP.EXE (Rogue.Installer) -> Quarantined and deleted successfully.

[/log]

 

 

[log]OTViewIt logfile created on: 2008-12-17 09:26:53 - Run 2

OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\Administratör\Lokala inställningar\Temporary Internet Files\Content.IE5\522AQPEP

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.11)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

1023,48 Mb Total Physical Memory | 515,32 Mb Available Physical Memory | 50,35% Memory free

1,27 Gb Paging File | 0,78 Gb Available in Paging File | 61,51% Paging File free

Paging file location(s): C:\pagefile.sys 372 744;

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program

Drive C: | 37,27 Gb Total Space | 6,88 Gb Free Space | 18,46% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: CPQ74852556225

Current User Name: Administratör

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

 

========== Processes ==========

 

[2008-03-07 22:01:30 | 00,169,320 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\CCSETMGR.EXE

[2008-03-07 22:01:28 | 00,191,848 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\CCEVTMGR.EXE

[2007-09-13 05:47:38 | 00,202,088 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\CCPROXY.EXE

[2008-01-29 16:38:32 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

[2007-10-01 14:50:08 | 00,214,408 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe

[2005-11-03 20:06:22 | 01,160,848 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\SPBBC\SPBBCSvc.exe

[2008-04-13 13:10:00 | 01,251,720 | ---- | M] () -- C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe

[2008-10-21 09:04:08 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program\Lavasoft\Ad-Aware\aawservice.exe

[2006-02-28 11:07:56 | 00,100,032 | ---- | M] (Symantec Corporation) -- C:\Program\Symantec\LiveUpdate\AluSchedulerSvc.exe

[1997-04-09 16:04:50 | 00,050,176 | ---- | M] () -- C:\WINDOWS\system32\Crypserv.exe

[2002-07-31 13:15:18 | 00,073,728 | ---- | M] (Iomega Corporation) -- C:\Program\Iomega\System32\AppServices.exe

[2008-12-17 00:12:07 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Java\jre6\bin\jqs.exe

[2003-06-20 08:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe

[2007-05-28 11:00:24 | 00,139,888 | ---- | M] (Symantec Corporation) -- C:\Program\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE

[2002-03-04 09:35:26 | 01,118,208 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\NMSSvc.Exe

[2004-08-25 10:14:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe

[2007-04-07 17:45:57 | 00,063,040 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe

[2002-07-15 15:36:54 | 00,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program\Analog Devices\SoundMAX\SMAgent.exe

[2001-12-14 14:01:24 | 00,032,768 | ---- | M] (Compaq Computer Corporation) -- C:\Program\COMPAQ\Easy Access Button Support\STARTEAK.exe

[2002-06-26 16:36:58 | 00,090,112 | ---- | M] (Analog Devices, Inc.) -- C:\Program\Analog Devices\SoundMAX\SMTray.exe

[2002-04-20 03:25:16 | 00,069,632 | ---- | M] (adi) -- C:\Program\Analog Devices\SoundMAX\DrvLsnr.exe

[2004-11-29 20:30:15 | 00,098,304 | ---- | M] (Apple Computer, Inc.) -- C:\Program\QuickTime\qttask.exe

[2008-03-07 22:01:28 | 00,053,096 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\CCAPP.EXE

[2002-04-30 15:23:10 | 00,212,992 | ---- | M] () -- C:\Program\COMPAQ\Easy Access Button Support\CpqEAKSystemTray.exe

[2002-04-13 20:29:58 | 00,438,272 | ---- | M] (Compaq Computer Corporation) -- C:\Program\COMPAQ\Easy Access Button Support\CPQEADM.exe

[2002-07-24 15:47:04 | 00,090,112 | ---- | M] (Compaq) -- C:\Compaq\eakdrv\EAUSBKBD.exe

[2007-01-19 11:55:22 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program\MSN Messenger\msnmsgr.exe

[2001-03-23 11:34:10 | 00,122,880 | ---- | M] (Compaq Computer Corporation) -- C:\Program\COMPAQ\Easy Access Button Support\BttnServ.exe

[2005-03-11 16:17:08 | 00,114,688 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program\OLYMPUS\DeviceDetector\DevDtct2.exe

[2007-04-16 12:38:03 | 00,722,728 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exe

[2006-12-15 17:41:50 | 00,750,720 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\Security Console\NSCSRVCE.EXE

[2008-10-15 08:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\Program\Internet Explorer\iexplore.exe

[2008-10-15 08:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\Program\Internet Explorer\iexplore.exe

[2008-10-16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe

[2008-12-17 00:12:07 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Java\jre6\bin\jusched.exe

[2004-10-13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program\Messenger\msmsgs.exe

[2008-12-17 09:26:49 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administratör\Lokala inställningar\Temporary Internet Files\Content.IE5\522AQPEP\OTViewIt[1].exe

 

========== (O23) Win32 Services ==========

 

[2008-10-21 09:04:08 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])

[2007-03-04 22:19:34 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])

[2007-10-24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])

[2006-02-28 11:07:56 | 00,100,032 | ---- | M] (Symantec Corporation) -- C:\Program\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatisk LiveUpdate-schemaläggare [Auto | Running])

[2008-03-07 22:01:28 | 00,191,848 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\CCEVTMGR.EXE -- (ccEvtMgr [Auto | Running])

[2006-02-03 18:29:36 | 00,072,328 | ---- | M] (Symantec Corporation) -- C:\Program\Norton Internet Security\CCPWDSVC.EXE -- (ccISPwdSvc [On_Demand | Stopped])

[2007-09-13 05:47:38 | 00,202,088 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\CCPROXY.EXE -- (ccProxy [Auto | Running])

[2008-03-07 22:01:30 | 00,169,320 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\CCSETMGR.EXE -- (ccSetMgr [Auto | Running])

[2007-10-24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

[2007-02-01 16:20:46 | 00,045,696 | ---- | M] (Symantec Corporation) -- C:\Program\Norton Internet Security\COMHOST.EXE -- (comHost [On_Demand | Stopped])

[1997-04-09 16:04:50 | 00,050,176 | ---- | M] () -- C:\WINDOWS\system32\Crypserv.exe -- (Crypkey License [Auto | Running])

[2005-11-17 13:18:52 | 01,527,900 | ---- | M] (MAGIX®) -- C:\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance [On_Demand | Stopped])

File not found -- -- (Iomega Activity Disk2 [Disabled | Stopped])

[2002-07-31 13:15:18 | 00,073,728 | ---- | M] (Iomega Corporation) -- C:\Program\Iomega\System32\AppServices.exe -- (Iomega App Services [Auto | Running])

[2008-12-17 00:12:07 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])

[2006-02-28 11:07:56 | 02,041,536 | ---- | M] (Symantec Corporation) -- C:\Program\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate [On_Demand | Stopped])

[2008-01-29 16:38:32 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service [Auto | Running])

[2003-06-20 08:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe -- (MDM [Auto | Running])

[2007-05-28 11:00:24 | 00,139,888 | ---- | M] (Symantec Corporation) -- C:\Program\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE -- (navapsvc [Auto | Running])

File not found -- -- (NISSERV [Auto | Stopped])

[2002-03-04 09:35:26 | 01,118,208 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\NMSSvc.Exe -- (NMSSvc [Auto | Running])

[2006-12-15 17:41:50 | 00,750,720 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\Security Console\NSCSRVCE.EXE -- (NSCService [On_Demand | Running])

[2004-08-25 10:14:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])

[2003-07-28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])

[2007-04-07 17:45:57 | 00,063,040 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])

[2007-04-08 21:19:03 | 00,099,904 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe -- (PnkBstrB [On_Demand | Stopped])

[2005-12-19 20:41:56 | 00,198,416 | ---- | M] (Symantec Corporation) -- C:\Program\Norton Internet Security\Norton AntiVirus\SAVScan.exe -- (SAVScan [On_Demand | Stopped])

[2007-10-01 14:50:08 | 00,214,408 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe -- (SNDSrvc [Auto | Running])

[2002-07-15 15:36:54 | 00,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default) [Auto | Running])

[2005-11-03 20:06:22 | 01,160,848 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc [Auto | Running])

[2008-04-13 13:10:00 | 01,251,720 | ---- | M] () -- C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC [Auto | Running])

File not found -- -- (SymProxySvc [Auto | Stopped])

[2007-01-19 11:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])

[2006-11-15 09:49:34 | 00,912,384 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

 

========== Driver Services ==========

 

[2004-08-04 07:10:10 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\61883.sys -- (61883 [On_Demand | Stopped])

[2001-08-17 21:20:04 | 00,096,256 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc [On_Demand | Stopped])

[2002-08-22 10:57:02 | 00,098,752 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio [On_Demand | Running])

[2002-07-17 07:05:10 | 00,016,512 | ---- | M] (Adaptec) -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32 [Auto | Running])

[2006-11-10 14:08:50 | 00,024,064 | ---- | M] () -- C:\WINDOWS\system32\drivers\ATITool.sys -- (ATITool [system | Stopped])

[2004-08-04 07:10:10 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc [On_Demand | Stopped])

[2004-08-04 08:09:58 | 00,013,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\avcstrm.sys -- (AVCSTRM [On_Demand | Stopped])

[2001-08-17 20:28:04 | 00,067,167 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2 [On_Demand | Stopped])

[2004-03-08 11:55:50 | 00,013,567 | ---- | M] (B.H.A Corporation) -- C:\Windows\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv [system | Running])

[2002-04-30 05:53:08 | 00,139,776 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B [On_Demand | Running])

[2001-12-28 07:55:46 | 00,024,035 | ---- | M] (Compaq Computer Corp.) -- C:\WINDOWS\system32\drivers\eaps2kbd.sys -- (eaps2kbd [On_Demand | Running])

[1999-10-29 08:35:08 | 00,024,348 | ---- | M] (Compaq Computer Corporation) -- C:\WINDOWS\system32\drivers\EAWDMFD.SYS -- (EAWDMFD [system | Running])

[2008-09-02 09:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl [system | Running])

[2008-09-02 09:00:00 | 00,099,376 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv [On_Demand | Running])

[2001-08-17 20:28:06 | 00,289,887 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback [Auto | Running])

[2001-08-17 20:28:06 | 00,115,807 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks [Auto | Running])

[2004-08-04 07:08:29 | 00,059,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gckernel.sys -- (GcKernel [On_Demand | Stopped])

[2003-09-23 08:42:34 | 00,007,296 | ---- | M] (GARMIN Corp.) -- C:\WINDOWS\system32\drivers\grmnusb.sys -- (grmnusb [On_Demand | Stopped])

[2007-04-10 20:59:50 | 00,457,216 | ---- | M] (Aladdin Knowledge Systems) -- C:\WINDOWS\system32\drivers\hardlock.sys -- (hardlock [Auto | Running])

[2007-04-10 20:59:42 | 00,047,616 | ---- | M] (Aladdin Knowledge Systems) -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt [Auto | Running])

[2001-08-17 22:02:50 | 00,002,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\HIDSwvd.sys -- (HIDSwvd [On_Demand | Stopped])

[2004-08-04 06:41:46 | 00,220,032 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys -- (HSFHWBS2 [On_Demand | Running])

[2004-08-04 06:41:54 | 01,041,536 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys -- (HSF_DP [On_Demand | Running])

[2001-08-17 20:28:10 | 00,542,879 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft [On_Demand | Stopped])

[2004-08-04 06:29:36 | 00,161,020 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x [On_Demand | Stopped])

[2004-08-04 06:29:37 | 00,012,415 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\wadv01nt.sys -- (iAimFP0 [On_Demand | Stopped])

[2004-08-04 06:29:37 | 00,012,127 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\wadv02nt.sys -- (iAimFP1 [On_Demand | Stopped])

[2004-08-04 06:29:37 | 00,011,775 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\wadv05nt.sys -- (iAimFP2 [On_Demand | Stopped])

[2004-08-04 06:29:47 | 00,012,063 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\wsiintxx.sys -- (iAimFP3 [On_Demand | Stopped])

[2004-08-04 06:29:49 | 00,019,455 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\wvchntxx.sys -- (iAimFP4 [On_Demand | Stopped])

[2004-08-04 06:29:41 | 00,029,311 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\watv01nt.sys -- (iAimTV0 [On_Demand | Stopped])

[2004-08-04 06:29:42 | 00,019,551 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\watv02nt.sys -- (iAimTV1 [On_Demand | Stopped])

[2004-08-04 06:29:43 | 00,033,599 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\watv04nt.sys -- (iAimTV3 [On_Demand | Stopped])

[2004-08-04 06:29:45 | 00,023,615 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\wch7xxnt.sys -- (iAimTV4 [On_Demand | Stopped])

[2002-05-22 05:42:54 | 00,078,045 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm [On_Demand | Stopped])

[2002-07-31 13:15:18 | 00,030,258 | ---- | M] (Iomega Corporation) -- C:\WINDOWS\system32\drivers\IomDisk.sys -- (iomdisk [boot | Running])

[2001-08-17 20:28:08 | 00,391,199 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56 [Auto | Running])

[2004-08-04 09:18:46 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [system | Stopped])

[2005-06-02 19:28:38 | 00,171,008 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus [On_Demand | Running])

[2004-08-04 06:41:55 | 00,011,868 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])

[2004-08-04 07:09:58 | 00,051,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV [On_Demand | Stopped])

[2004-08-04 08:09:58 | 00,049,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mstape.sys -- (MSTAPE [On_Demand | Stopped])

[2008-11-20 10:00:00 | 00,089,104 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\VirusDefs\20081216.003\NAVENG.SYS -- (NAVENG [On_Demand | Running])

[2008-11-20 10:00:00 | 00,876,112 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\VirusDefs\20081216.003\NAVEX15.SYS -- (NAVEX15 [On_Demand | Running])

[1997-04-09 15:31:22 | 00,020,768 | ---- | M] () -- C:\WINDOWS\system32\Ckldrv.sys -- (NetworkX [system | Running])

[2004-08-25 10:14:00 | 02,975,136 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])

[2005-02-09 11:59:00 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI [system | Running])

[2003-08-11 10:07:46 | 00,014,604 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])

[2007-04-08 21:19:13 | 00,022,584 | ---- | M] () -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK [On_Demand | Stopped])

[2004-03-09 10:45:49 | 00,077,184 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06 [system | Running])

[2004-03-09 11:18:09 | 00,065,504 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02 [boot | Running])

[2001-08-17 20:49:58 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])

[2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [boot | Running])

[2001-08-17 20:28:10 | 00,057,471 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample [On_Demand | Stopped])

[2008-12-04 13:50:04 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV [system | Running])

[2008-12-04 13:50:06 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])

[2008-12-04 13:50:02 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL [system | Running])

[2005-12-19 20:41:56 | 00,337,592 | ---- | M] (Symantec Corporation) -- C:\Program\Norton Internet Security\Norton AntiVirus\savrt.sys -- (SAVRT [system | Running])

[2005-12-19 20:41:58 | 00,054,968 | ---- | M] (Symantec Corporation) -- C:\Program\Norton Internet Security\Norton AntiVirus\Savrtpel.sys -- (SAVRTPEL [Auto | Running])

[2004-08-04 06:59:56 | 00,043,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sbp2port.sys -- (sbp2port [boot | Running])

[2008-01-20 08:07:58 | 00,033,292 | ---- | M] (PowerISO Computing, Inc.) -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu [system | Running])

[2007-11-13 11:25:56 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [Auto | Running])

[2003-12-01 16:20:52 | 00,004,832 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01 [boot | Running])

[2002-08-23 13:46:22 | 00,549,672 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm [On_Demand | Running])

[2001-08-17 20:28:06 | 00,199,711 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax [Auto | Running])

[2005-11-03 20:06:22 | 00,389,776 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv [system | Running])

[2007-02-05 20:55:37 | 00,646,392 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [boot | Running])

[2002-10-22 12:58:06 | 00,040,448 | R--- | M] (Susteen Inc.) -- C:\WINDOWS\system32\drivers\SUSCOM.SYS -- (SUSCOM [On_Demand | Stopped])

[2001-08-17 21:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\drivers\symc810.sys -- (symc810 [Disabled | Stopped])

[2001-08-17 21:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\symc8xx.sys -- (symc8xx [Disabled | Stopped])

[2007-10-01 14:48:56 | 00,012,680 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symdns.sys -- (SYMDNS [On_Demand | Running])

[2008-06-02 07:44:27 | 00,123,952 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent [On_Demand | Running])

[2007-10-01 14:49:04 | 00,098,184 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symfw.sys -- (SYMFW [On_Demand | Running])

[2007-10-01 14:49:16 | 00,031,624 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symids.sys -- (SYMIDS [On_Demand | Running])

[2008-09-12 08:33:21 | 00,250,224 | ---- | M] (Symantec Corporation) -- C:\Program\Delade filer\Symantec Shared\SymcData\idsdefs\20081213.001\SymIDSCo.sys -- (SYMIDSCO [On_Demand | Running])

[2006-12-11 14:26:55 | 00,010,344 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd [Auto | Running])

[2007-10-01 14:49:10 | 00,028,040 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symndis.sys -- (SYMNDIS [On_Demand | Running])

[2007-10-01 14:49:20 | 00,023,944 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symredrv.sys -- (SYMREDRV [On_Demand | Running])

[2007-10-01 14:49:26 | 00,189,320 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symtdi.sys -- (SYMTDI [system | Running])

[2001-08-17 21:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\sym_hi.sys -- (sym_hi [Disabled | Stopped])

[2001-08-17 20:28:12 | 00,050,751 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones [Auto | Running])

[2004-08-04 07:07:56 | 00,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio [On_Demand | Stopped])

[2001-08-17 20:28:12 | 00,488,383 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124 [Auto | Running])

[2003-12-15 17:22:00 | 00,038,448 | ---- | M] (OLYMPUS OPTICAL CO.,LTD.) -- C:\WINDOWS\system32\drivers\VNUSB.sys -- (VNUSB [On_Demand | Stopped])

[2006-02-20 17:59:27 | 00,058,288 | R--- | M] (MCCI) -- C:\WINDOWS\system32\drivers\w810bus.sys -- (w810bus [On_Demand | Stopped])

[2004-08-04 06:41:48 | 00,685,056 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\hsfcxts2.sys -- (winachsf [On_Demand | Running])

[2004-04-14 10:08:00 | 00,010,144 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum [On_Demand | Running])

[2004-04-14 10:08:00 | 00,021,280 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter [On_Demand | Stopped])

[2004-04-14 10:08:00 | 00,005,600 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid [On_Demand | Stopped])

[2004-04-14 10:08:00 | 00,044,064 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore [On_Demand | Running])

[2002-05-22 05:43:56 | 00,090,336 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmsbw.sys -- ({6080A529-897E-4629-A488-ABA0C29B635E} [system | Stopped])

[2002-05-22 05:44:06 | 00,069,504 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmkchw.sys -- ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91} [On_Demand | Stopped])

[2002-03-04 09:35:42 | 00,009,868 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\NMSCFG.SYS -- (NMSCFG [On_Demand | Running])

 

========== (R ) Internet Explorer ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157

"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896

"Default_Secondary_Page_URL"=

"Extensions Off Page"=about:NoAdd-ons

"Local Page"=%SystemRoot%\system32\blank.htm

"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896

"Security Risk Page"=about:SecurityRisk

"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]

"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Page_Transitions"=

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Start Page"=http://www.kth.se/

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Start Page"=http://securityresponse.symantec.com/avcenter/fix_homepage

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Start Page"=http://securityresponse.symantec.com/avcenter/fix_homepage

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Start Page"=http://securityresponse.symantec.com/avcenter/fix_homepage

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Start Page"=http://securityresponse.symantec.com/avcenter/fix_homepage

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-21-3723271197-516116760-269536213-500\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Page_Transitions"=

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Start Page"=http://www.kth.se/

 

[HKEY_USERS\S-1-5-21-3723271197-516116760-269536213-500\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-3723271197-516116760-269536213-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

========== (O1) Hosts File ==========

 

Hosts file not found

 

========== (O2) BHO's ==========

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

{9ECB9560-04F9-4bbc-943D-298DDF1699E1} (HKLM) -- C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)

{A8F38D8D-E480-4D52-B7A2-731BB6995FDD} (HKLM) -- C:\Program\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)

{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

 

========== (O3) Toolbars ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7}" (HKLM) -- C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{C4069E3A-68F1-403E-B40E-20066696354B}" (HKLM) -- C:\Program\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" (HKLM) -- C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{C4069E3A-68F1-403E-B40E-20066696354B}" (HKLM) -- C:\Program\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-21-3723271197-516116760-269536213-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" (HKLM) -- C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)

 

[HKEY_USERS\S-1-5-21-3723271197-516116760-269536213-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{C4069E3A-68F1-403E-B40E-20066696354B}" (HKLM) -- C:\Program\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)

 

========== (O4) Run Keys ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CanonSolutionMenu"=C:\Program\Canon\SolutionMenu\CNSLMAIN.exe /logon (CANON INC.)

"ccApp"="C:\Program\Delade filer\Symantec Shared\ccApp.exe" (Symantec Corporation)

"CPQEASYACC"=C:\Program\COMPAQ\Easy Access Button Support\StartEAK.exe (Compaq Computer Corporation)

"DrvLsnr"=C:\Program\Analog Devices\SoundMAX\DrvLsnr.exe (adi)

"HotKeysCmds"=C:\Windows\System32\hkcmd.exe (Intel Corporation)

"iamapp"=rundll32.exe (Microsoft Corporation)

"IgfxTray"=C:\Windows\System32\igfxtray.exe (Intel Corporation)

"NvCplDaemon"=RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartup (NVIDIA Corporation)

"nwiz"=nwiz.exe /install (NVIDIA Corporation)

"NvMediaCenter"=RUNDLL32.EXE C:\Windows\System32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)

"QuickTime Task"="C:\Program\QuickTime\qttask.exe" -atboottime (Apple Computer, Inc.)

"Smapp"=C:\Program\Analog Devices\SoundMAX\Smtray.exe (Analog Devices, Inc.)

"SSBkgdUpdate"="C:\Program\Delade filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot (Nuance Communications, Inc.)

"SunJavaUpdateSched"=C:\Program\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

"Symantec PIF AlertEng"="C:\Program\Delade filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program\Delade filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" (Symantec Corporation)

"WCOLOREAL"=C:\Program\COMPAQ\Coloreal\coloreal.exe ()

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="C:\Program\MSN Messenger\msnmsgr.exe" /background (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-3723271197-516116760-269536213-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="C:\Program\MSN Messenger\msnmsgr.exe" /background (Microsoft Corporation)

 

========== (O4) RunOnce Keys ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe (Adobe Systems, Inc.)

 

[HKEY_USERS\S-1-5-21-3723271197-516116760-269536213-500\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe (Adobe Systems, Inc.)

 

========== (O4) Startup Folders ==========

 

[2004-08-30 06:46:52 | 00,225,280 | ---- | M] (Leader Technologies) -- C:\Documents and Settings\Administratör\Start-meny\Program\Autostart\PowerReg Scheduler V3.exe

[2005-09-23 22:05:26 | 00,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

[2005-03-11 16:17:08 | 00,114,688 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Device Detector 3.lnk = C:\Program\OLYMPUS\DeviceDetector\DevDtct2.exe

[2007-04-16 12:38:03 | 00,722,728 | ---- | M] (Technology Nexus AB) -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Personal.lnk = C:\Program\Personal\bin\Personal.exe

 

========== (O6 & O7) Current Version Policies ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

"nousernameinstartmenu"=0

"nosimplestartmenu"=0

"nostartmenumfuprogramslist"=0

"nostartmenumoreprograms"=0

"nochangestartmenu"=0

"norecentdochistory"=0

"maxrecentdocs"=0

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-21-3723271197-516116760-269536213-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

"nousernameinstartmenu"=0

"nosimplestartmenu"=0

"nostartmenumfuprogramslist"=0

"nostartmenumoreprograms"=0

"nochangestartmenu"=0

"norecentdochistory"=0

"maxrecentdocs"=0

 

========== (O8) IE Context Menu Extensions ==========

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\Office10\EXCEL.EXE [2008-10-28 16:07:58 | 09,362,248 | ---- | M] (Microsoft Corporation)

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\Office10\EXCEL.EXE [2008-10-28 16:07:58 | 09,362,248 | ---- | M] (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\Office10\EXCEL.EXE [2008-10-28 16:07:58 | 09,362,248 | ---- | M] (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-21-3723271197-516116760-269536213-500\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\Office10\EXCEL.EXE [2008-10-28 16:07:58 | 09,362,248 | ---- | M] (Microsoft Corporation)

 

========== (O9) IE Extensions ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun Java-konsol -- %ProgramFiles%\Java\jre6\bin\npjpi160_11.dll [2008-12-17 00:12:09 | 00,132,504 | ---- | M] (Sun Microsystems, Inc.)

{47C7E27E-BD99-48d1-8D09-C7BD4981602A}: Button: Parbet Poker -- %ProgramFiles%\parbetMPP\MPPoker.exe [2005-02-21 13:49:46 | 00,049,213 | ---- | M] (Microgaming)

{641F4F4E-6C91-4159-869E-9F5CE6F0F64E}: Button: MultiPoker -- File not found

{641F4F4E-6C91-4159-869E-9F5CE6F0F64E}: Menu: MultiPoker -- File not found

{6FDD5236-C9F0-49ef-935D-385F5E21991A}: Button: Poker.com -- %ProgramFiles%\Poker.com\Poker.exe [2007-12-12 14:28:33 | 00,499,718 | ---- | M] ()

{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Referensinformation -- %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [2007-04-19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)

{B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD}: Button: bet365 Poker -- %ProgramFiles%\bet365MPP\MPPoker.exe [2007-03-24 18:09:00 | 00,049,252 | ---- | M] (Microgaming)

{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}: Button: PartyPoker.com -- %ProgramFiles%\PartyGaming\PartyPoker\RunApp.exe [2006-08-21 14:22:00 | 00,110,592 | ---- | M] ()

{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}: Menu: PartyPoker.com -- %ProgramFiles%\PartyGaming\PartyPoker\RunApp.exe [2006-08-21 14:22:00 | 00,110,592 | ---- | M] ()

{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97}: Button: Unibet Poker -- %SystemDrive%\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe [2007-12-06 11:06:13 | 00,049,252 | ---- | M] (Microgaming)

{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2006-10-10 13:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation)

{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004-10-13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)

{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004-10-13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

{6FDD5236-C9F0-49ef-935D-385F5E21991A}\\ButtonText [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

{6FDD5236-C9F0-49ef-935D-385F5E21991A}\\Exec [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

{6FDD5236-C9F0-49ef-935D-385F5E21991A}\\HotIcon [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

{6FDD5236-C9F0-49ef-935D-385F5E21991A}\\Icon [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003-02-28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)

CmdMapping\\{3852AC86-965F-4abe-A75F-3DCB7E81A4B2} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

CmdMapping\\{47C7E27E-BD99-48d1-8D09-C7BD4981602A} [HKLM] -> %ProgramFiles%\parbetMPP\MPPoker.exe [Parbet Poker] -> [2005-02-21 13:49:46 | 00,049,213 | ---- | M] (Microgaming)

CmdMapping\\{641F4F4E-6C91-4159-869E-9F5CE6F0F64E} [HKLM] -> [MultiPoker] -> File not found

CmdMapping\\{6FDD5236-C9F0-49ef-935D-385F5E21991A} [HKLM] -> %ProgramFiles%\Poker.com\Poker.exe [Poker.com] -> [2007-12-12 14:28:33 | 00,499,718 | ---- | M] ()

CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Referensinformation] -> [2007-04-19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)

CmdMapping\\{B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD} [HKLM] -> %ProgramFiles%\bet365MPP\MPPoker.exe [bet365 Poker] -> [2007-03-24 18:09:00 | 00,049,252 | ---- | M] (Microgaming)

CmdMapping\\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} [HKLM] -> %ProgramFiles%\PartyGaming\PartyPoker\RunApp.exe [PartyPoker.com] -> [2006-08-21 14:22:00 | 00,110,592 | ---- | M] ()

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2006-10-10 13:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004-10-13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{47C7E27E-BD99-48d1-8D09-C7BD4981602A} [HKLM] -> %ProgramFiles%\parbetMPP\MPPoker.exe [Parbet Poker] -> [2005-02-21 13:49:46 | 00,049,213 | ---- | M] (Microgaming)

CmdMapping\\{641F4F4E-6C91-4159-869E-9F5CE6F0F64E} [HKLM] -> [MultiPoker] -> File not found

CmdMapping\\{6FDD5236-C9F0-49ef-935D-385F5E21991A} [HKLM] -> %ProgramFiles%\Poker.com\Poker.exe [Poker.com] -> [2007-12-12 14:28:33 | 00,499,718 | ---- | M] ()

CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Referensinformation] -> [2007-04-19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)

CmdMapping\\{B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD} [HKLM] -> %ProgramFiles%\bet365MPP\MPPoker.exe [bet365 Poker] -> [2007-03-24 18:09:00 | 00,049,252 | ---- | M] (Microgaming)

CmdMapping\\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} [HKLM] -> %ProgramFiles%\PartyGaming\PartyPoker\RunApp.exe [PartyPoker.com] -> [2006-08-21 14:22:00 | 00,110,592 | ---- | M] ()

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004-10-13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{47C7E27E-BD99-48d1-8D09-C7BD4981602A} [HKLM] -> %ProgramFiles%\parbetMPP\MPPoker.exe [Parbet Poker] -> [2005-02-21 13:49:46 | 00,049,213 | ---- | M] (Microgaming)

CmdMapping\\{641F4F4E-6C91-4159-869E-9F5CE6F0F64E} [HKLM] -> [MultiPoker] -> File not found

CmdMapping\\{6FDD5236-C9F0-49ef-935D-385F5E21991A} [HKLM] -> %ProgramFiles%\Poker.com\Poker.exe [Poker.com] -> [2007-12-12 14:28:33 | 00,499,718 | ---- | M] ()

CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Referensinformation] -> [2007-04-19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)

CmdMapping\\{B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD} [HKLM] -> %ProgramFiles%\bet365MPP\MPPoker.exe [bet365 Poker] -> [2007-03-24 18:09:00 | 00,049,252 | ---- | M] (Microgaming)

CmdMapping\\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} [HKLM] -> %ProgramFiles%\PartyGaming\PartyPoker\RunApp.exe [PartyPoker.com] -> [2006-08-21 14:22:00 | 00,110,592 | ---- | M] ()

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004-10-13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-3723271197-516116760-269536213-500\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

{6FDD5236-C9F0-49ef-935D-385F5E21991A}\\ButtonText [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

{6FDD5236-C9F0-49ef-935D-385F5E21991A}\\Exec [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

{6FDD5236-C9F0-49ef-935D-385F5E21991A}\\HotIcon [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

{6FDD5236-C9F0-49ef-935D-385F5E21991A}\\Icon [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003-02-28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)

CmdMapping\\{3852AC86-965F-4abe-A75F-3DCB7E81A4B2} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

CmdMapping\\{47C7E27E-BD99-48d1-8D09-C7BD4981602A} [HKLM] -> %ProgramFiles%\parbetMPP\MPPoker.exe [Parbet Poker] -> [2005-02-21 13:49:46 | 00,049,213 | ---- | M] (Microgaming)

CmdMapping\\{641F4F4E-6C91-4159-869E-9F5CE6F0F64E} [HKLM] -> [MultiPoker] -> File not found

CmdMapping\\{6FDD5236-C9F0-49ef-935D-385F5E21991A} [HKLM] -> %ProgramFiles%\Poker.com\Poker.exe [Poker.com] -> [2007-12-12 14:28:33 | 00,499,718 | ---- | M] ()

CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Referensinformation] -> [2007-04-19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)

CmdMapping\\{B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD} [HKLM] -> %ProgramFiles%\bet365MPP\MPPoker.exe [bet365 Poker] -> [2007-03-24 18:09:00 | 00,049,252 | ---- | M] (Microgaming)

CmdMapping\\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} [HKLM] -> %ProgramFiles%\PartyGaming\PartyPoker\RunApp.exe [PartyPoker.com] -> [2006-08-21 14:22:00 | 00,110,592 | ---- | M] ()

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2006-10-10 13:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004-10-13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)

 

========== (O12) Internet Explorer Plugins ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]

PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s

PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

 

========== (O13) Default Prefixes ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]

""=http://

 

========== (O15) Trusted Sites ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

1 domain(s) and sub-domain(s) not assigned to a zone.

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

: msn in My Computer

1559 domain(s) and sub-domain(s) not assigned to a zone.

 

[HKEY_USERS\S-1-5-21-3723271197-516116760-269536213-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

: msn in My Computer

1559 domain(s) and sub-domain(s) not assigned to a zone.

 

========== (O16) DPF ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]

{00B71CFB-6864-4346-A978-C0A14556272C}: http://messenger.zone.msn.com/binary/msgrchkr.cab -- Checkers Class

{0CCA191D-13A6-4E29-B746-314DEE697D83}: http://upload.facebook.com/controls/FacebookPhotoUploader5.cab -- Facebook Photo Uploader 5

{11111111-1111-1111-1111-111111111111}: file://c:\info6_s.cab -- Reg Error: Key does not exist or could not be opened.

{166B1BCA-3F9C-11CF-8075-444553540000}: http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab -- Shockwave ActiveX Control

{17492023-C23A-453E-A040-C7C580BBF700}: http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab -- Windows Genuine Advantage Validation Tool

{1D6711C8-7154-40BB-8380-3DEA45B69CBF}: -- Reg Error: Key does not exist or could not be opened.

{215B8138-A3CF-44C5-803F-8226143CFC0A}: http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab -- Trend Micro ActiveX Scan Agent 6.6

{2917297F-F02B-4B9D-81DF-494B6333150B}: http://messenger.zone.msn.com/binary/MineSweeper.cab -- Minesweeper Flags Class

{5C6698D9-7BE4-4122-8EC5-291D84DBD4A0}: http://upload.facebook.com/controls/FacebookPhotoUploader3.cab -- Facebook Photo Uploader 4 Control

{5F8469B4-B055-49DD-83F7-62B522420ECC}: http://upload.facebook.com/controls/FacebookPhotoUploader.cab -- Facebook Photo Uploader Control

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}: http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1170628560593 -- MUWebControl Class

{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11

{8E0D4DE5-3180-4024-A327-4DFAD1796A8D}: http://messenger.zone.msn.com/binary/MessengerStatsClient.cab -- MessengerStatsClient Class

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab -- Reg Error: Key does not exist or could not be opened.

{9F1C11AA-197B-4942-BA54-47A8489BB47F}: http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37886.4313657407 -- Reg Error: Key does not exist or could not be opened.

{A8F2B9BD-A6A0-486A-9744-18920D898429}: http://www.sibelius.com/download/software/win/ActiveXPlugin.cab -- ScorchPlugin Class

{B38870E4-7ECB-40DA-8C6A-595F0A5519FF}: http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab -- MsnMessengerSetupDownloadControl Class

{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11

{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object

{F6BF0D00-0B2A-4A75-BF7B-F385591623AF}: http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab -- Solitaire Showdown Class

Microsoft XML Parser for Java: file://C:\Windows\Java\classes\xmldso.cab -- Reg Error: Key does not exist or could not be opened.

 

========== (O17) DNS Name Servers ==========

 

{524314EE-4722-4257-9CF8-C4B1D9D15CBA} (Servers: | Description: 1394 Net Adapter)

{80A680BB-2F14-4212-974F-9C1BFCA43E38} (Servers: | Description: Intel® PRO/100 VE Network Connection)

{FEC11061-158E-4FA9-A911-C147280D3881} (Servers: | Description: )

 

========== (O20) Winlogon Notify Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]

!SASWinLogon: "DllName" = C:\Program\SUPERAntiSpyware\SASWINLO.dll -- C:\Program\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)

igfxcui: "DllName" = igfxsrvc.dll -- C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)

 

========== Shell Execute Hooks ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" (HKLM) -- C:\Program\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

 

========== Safeboot Options ==========

 

"AlternateShell"=cmd.exe

 

========== CDRom AutoRun Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 0

 

========== Autorun Files on Drives ==========

 

AUTOEXEC.BAT [sET PATH=C:\Program\Pinnacle\Shared Files;C:\Program\Pinnacle\Shared Files\Filter | ]

[2007-06-04 20:40:52 | 00,000,083 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

 

 

========== MountPoints2 ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{da171ec8-5299-11d9-aef9-000bcd065b77}\Shell\play\command]

""=c:\program files\InterActual\InterActual Player\iPlayer.exe -- [2002-04-09 14:31:44 | 00,786,432 | ---- | M] (InterActual Technologies, Inc.)

"MPlayer2.BAK"=C:\Program\InterVideo\WinDVD\WinDVD.exe -- [2002-07-30 20:05:34 | 02,220,032 | ---- | M] (InterVideo Inc.)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2008-12-16 22:18:33 | 00,001,684 | ---- | C] () -- C:\Documents and Settings\Administratör\Mallar\Skrivbord\HijackThis.lnk

[2008-12-16 22:18:32 | 00,000,000 | ---D | C] -- C:\Program\Trend Micro

[2008-12-16 22:05:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Application Data\Malwarebytes

[2008-12-16 22:04:56 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2008-12-16 22:04:56 | 00,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes' Anti-Malware.lnk

[2008-12-16 22:04:53 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2008-12-16 22:04:52 | 00,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware

[2008-12-16 22:04:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2008-12-16 17:50:15 | 00,000,524 | ---- | C] () -- C:\Windows\tasks\Norton AntiVirus - Kör Norton QuickScan - Administratör.job

[2008-12-16 17:50:09 | 00,000,526 | ---- | C] () -- C:\Windows\tasks\Norton AntiVirus - Sök igenom datorn - Administratör.job

[2008-12-16 17:12:19 | 00,000,000 | ---D | C] -- C:\Downloads

[2008-12-16 17:12:19 | 00,000,000 | ---D | C] -- C:\Bases

[2008-12-16 17:10:21 | 00,000,000 | ---D | C] -- C:\Kaspersky

[2008-12-16 16:42:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2008-12-16 16:42:36 | 00,000,000 | ---D | C] -- C:\Program\SpywareBlaster

[2008-12-16 16:29:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

[2008-12-16 16:28:29 | 00,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\SUPERAntiSpyware Free Edition.lnk

[2008-12-16 16:28:25 | 00,000,000 | ---D | C] -- C:\Program\SUPERAntiSpyware

[2008-12-16 16:28:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Application Data\SUPERAntiSpyware.com

[2008-12-16 15:12:52 | 00,000,895 | ---- | C] () -- C:\Documents and Settings\Administratör\Mallar\Skrivbord\Spybot - Search & Destroy.lnk

[2008-12-16 15:12:42 | 00,000,000 | ---D | C] -- C:\Program\Spybot - Search & Destroy

[2008-12-16 15:12:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

[2008-12-01 10:29:03 | 00,072,560 | ---- | C] () -- C:\Documents and Settings\Administratör\Mallar\Skrivbord\lägenheten2.dwg

[2008-12-01 10:20:17 | 00,051,767 | ---- | C] () -- C:\Documents and Settings\Administratör\Mallar\Skrivbord\lägenhete..pappa.dwg

[2008-11-29 15:56:26 | 00,043,723 | ---- | C] () -- C:\Documents and Settings\Administratör\Mallar\Skrivbord\lägenheten.dwg

[2008-11-17 14:04:36 | 00,065,836 | ---- | C] () -- C:\Documents and Settings\Administratör\Mallar\Skrivbord\sep-nu.pdf

 

========== Files - Modified Within 30 Days ==========

 

[1 C:\Windows\System32\*.tmp files]

[1 C:\Windows\*.tmp files]

[2008-12-17 08:22:52 | 00,004,626 | ---- | M] () -- C:\Windows\System32\nvapps.xml

[2008-12-17 08:22:34 | 00,001,158 | ---- | M] () -- C:\Windows\System32\wpa.dbl

[2008-12-17 08:21:35 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2008-12-17 08:20:50 | 00,002,048 | --S- | M] () -- C:\Windows\bootstat.dat

[2008-12-17 08:20:38 | 10,732,70784 | -HS- | M] () -- C:\hiberfil.sys

[2008-12-16 23:08:02 | 00,000,881 | ---- | M] () -- C:\Windows\win.ini

[2008-12-16 23:08:02 | 00,000,264 | ---- | M] () -- C:\Windows\System.ini

[2008-12-16 23:08:02 | 00,000,194 | -HS- | M] () -- C:\boot.ini

[2008-12-16 22:18:33 | 00,001,684 | ---- | M] () -- C:\Documents and Settings\Administratör\Mallar\Skrivbord\HijackThis.lnk

[2008-12-16 22:04:56 | 00,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes' Anti-Malware.lnk

[2008-12-16 18:09:44 | 00,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini

[2008-12-16 17:50:15 | 00,000,524 | ---- | M] () -- C:\Windows\tasks\Norton AntiVirus - Kör Norton QuickScan - Administratör.job

[2008-12-16 17:50:09 | 00,000,526 | ---- | M] () -- C:\Windows\tasks\Norton AntiVirus - Sök igenom datorn - Administratör.job

[2008-12-16 17:11:52 | 00,243,200 | ---- | M] () -- C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008-12-16 16:28:29 | 00,000,736 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\SUPERAntiSpyware Free Edition.lnk

[2008-12-16 16:05:26 | 00,000,215 | ---- | M] () -- C:\Windows\wininit.ini

[2008-12-16 15:12:52 | 00,000,895 | ---- | M] () -- C:\Documents and Settings\Administratör\Mallar\Skrivbord\Spybot - Search & Destroy.lnk

[2008-12-13 11:32:35 | 00,000,618 | ---- | M] () -- C:\Documents and Settings\Administratör\Mina dokument\Mina delade mappar.lnk

[2008-12-13 01:54:55 | 00,001,393 | ---- | M] () -- C:\Windows\imsins.BAK

[2008-12-10 00:24:37 | 17,593,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRT.exe

[2008-12-09 15:18:02 | 00,072,560 | ---- | M] () -- C:\Documents and Settings\Administratör\Mallar\Skrivbord\lägenheten2.dwg

[2008-12-09 15:10:06 | 00,059,595 | ---- | M] () -- C:\acadminidump.dmp

[2008-12-03 19:52:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2008-12-03 19:52:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2008-12-01 10:20:17 | 00,051,767 | ---- | M] () -- C:\Documents and Settings\Administratör\Mallar\Skrivbord\lägenhete..pappa.dwg

[2008-12-01 10:00:43 | 00,043,723 | ---- | M] () -- C:\Documents and Settings\Administratör\Mallar\Skrivbord\lägenheten.dwg

[2008-11-17 14:04:36 | 00,065,836 | ---- | M] () -- C:\Documents and Settings\Administratör\Mallar\Skrivbord\sep-nu.pdf

< End of report >

[/log]

 

 

[log]OTViewIt Extras logfile created on: 2008-12-17 09:26:53 - Run 2

OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\Administratör\Lokala inställningar\Temporary Internet Files\Content.IE5\522AQPEP

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.11)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

1023,48 Mb Total Physical Memory | 515,32 Mb Available Physical Memory | 50,35% Memory free

1,27 Gb Paging File | 0,78 Gb Available in Paging File | 61,51% Paging File free

Paging file location(s): C:\pagefile.sys 372 744;

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program

Drive C: | 37,27 Gb Total Space | 6,88 Gb Free Space | 18,46% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: CPQ74852556225

Current User Name: Administratör

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"AntiVirusDisableNotify"=1

"FirewallDisableNotify"=1

"UpdatesDisableNotify"=0

"AntiVirusOverride"=0

"FirewallOverride"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

"EnableFirewall"=0

"DoNotAllowExceptions"=0

"DisableNotifications"=0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[2004-08-04 09:34:42 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[2006-10-10 13:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

File not found -- C:\Program\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)

[2007-01-19 11:55:22 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

[2004-08-04 09:34:42 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[2008-08-31 11:24:03 | 00,342,848 | ---- | M] (BitTorrent, Inc.) -- C:\Program\DNA\btdna.exe:*:Enabled:DNA

[2007-01-19 11:55:22 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0

[2008-05-05 10:32:24 | 00,219,952 | ---- | M] () -- C:\Program\uTorrent\uTorrent.exe:*:Enabled:µTorrent

[2008-04-29 18:51:26 | 00,587,568 | ---- | M] () -- C:\Program\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

[2006-10-10 13:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

File not found -- C:\Program\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

shell -- shell protocol not assigned

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

shell -- shell protocol not assigned

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

shell -- shell protocol not assigned

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

shell -- shell protocol not assigned

 

========== (O18) Protocol Handlers ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

ipp: [HKLM - No CLSID value]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2005-09-20 11:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2007-01-19 12:53:24 | 00,063,344 | ---- | M] (Microsoft Corporation) C:\Program\MSN Messenger\msgrapp.8.1.0178.00.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

msdaipp: [HKLM - No CLSID value]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2005-09-20 11:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2005-09-20 11:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2000-04-19 17:47:36 | 00,520,117 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\Information Retrieval\MSITSS.DLL (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2007-01-19 12:53:24 | 00,063,344 | ---- | M] (Microsoft Corporation) C:\Program\MSN Messenger\msgrapp.8.1.0178.00.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2008-01-24 15:22:56 | 07,255,384 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\Web Components\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])

 

========== (O18) Protocol Filters ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters

[2007-04-19 12:57:40 | 00,046,432 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\OFFICE11\MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01A4AEDE-F219-49A2-B855-16A016EAF9A4}"=Intel® PROSet II

"{0369E93A-46CE-4417-BFC2-4841F2C847F2}"=Compaq Help and Support Center

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2412"=CanoScan LiDE 90

"{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}"=ccCommon

"{12E2B9E9-05B1-407d-B0FD-B5F350535125}"=Norton Internet Security

"{16480125-0428-4097-9A2A-74464004D169}"=EOS Capture 1.3

"{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}"=ImageMixer VCD/DVD2 for OLYMPUS

"{218BBBE3-FE63-4BB2-81A8-7435575A84FA}"=PhotoStitch

"{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}"=Windows Live Sign-in Assistant

"{236BB7C4-4419-42FD-041D-1E257A25E34D}"=Adobe Photoshop CS2

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java 6 Update 11

"{28291BD5-92D2-4685-82DC-CCA925C53CCA}"=RemoteCapture Task 1.1

"{2AABA840-1F82-11D5-B3FA-0050BA013CD3}"=iCD CoolBeLa (Swedish)

"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}"=SymNet

"{2E55A582-4FFE-4FF2-8D4D-E7D275FF89BD}"=Windows Live Messenger

"{2EBF25F1-F8A2-40EA-92BE-931C142A44E2}"=CC_ccProxyExt

"{2F81FBFC-9A37-431F-9050-14B55485DF5A}"=Internet Library

"{306758A0-8944-4BB6-AD81-6E1777F7F235}"=Jet-Audio

"{30738666-9805-4926-A78F-91DA33B6C437}"=ccPxyCore

"{30BB4D60-81DB-11D5-BB77-00400536ABAC}"=OLYMPUS CAMEDIA Master 4.1

"{350C97BC-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP

"{3675CF90-85D3-4DC2-85C9-C169BBCD2B2D}"=Sony Ericsson OCS

"{383E52C3-8B0F-4A65-9442-853E3EF69D46}"=Isover Energi 2

"{3B29A786-5803-4E9E-9B58-3014A5B4E519}"=Norton AntiSpam

"{42ABF3F2-2C5E-43FA-BBFF-58E4295F23CA}"=Iomega Automatic Backup

"{435E53AF-B62B-4094-AE12-F6ECF0BF3CE4}"=CM4

"{4781569D-5404-1F26-4B2B-6DF444441031}"=Nero 7 Premium

"{48185814-A224-447a-81DA-71BD20580E1B}"=Norton Internet Security

"{49FC50FC-F965-40D9-89B4-CBFF80941SVE}"=Windows Movie Maker 2.0

"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}"=SmartSound Quicktracks Plugin

"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}"=VBA (2627.01)

"{5662C158-CA24-4228-BF6C-596FADA08682}"=Camera Support Core Library

"{5677563D-0CB1-485F-9E18-C5025306BB3F}"=Norton AntiSpam

"{5783F2D7-0209-0409-0000-0060B0CE6BBA}"=AutoCAD LT 2004

"{5E3CFCA6-C95A-47CB-A822-7FA80D423AF2}"=MapSource

"{6009DE23-1C94-4C90-9415-215A3C5A85BD}"=JetShell for iAUDIO 4

"{60E5B847-2353-4AE3-829E-685937EDDC40}"=Sony Ericsson File Manager

"{6E65247F-58F9-41CA-BE69-0316F7907170}"=Disc2Phone

"{71D03DD3-C6D9-4503-A1CC-FBA576F6CFE3}"=Norton Internet Security

"{77772678-817F-4401-9301-ED1D01A8DA56}"=SPBBC

"{786C5747-1437-443D-B06E-79A00FE45110}"=Adobe Stock Photos 1.0

"{789CF5F1-3326-4B7B-9D01-31047E0F5651}"=Canon Utilities Digital Photo Professional 1.6.1

"{7AA828F3-BD67-495E-9742-BD9C3F196E78}"=PC Suite

"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}"=Text-To-Speech-Runtime

"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}"=Call of Duty® 2 Patch 1.3

"{7B847C9D-6758-45E6-B598-3BD8F43EAE9E}"=Camera Window DS

"{82A5BF38-8461-4A5C-B2C9-24F5256D92A6}"=Norton Protection Center

"{838F0053-8744-4B63-8819-CC44C06308AC}"=Visualizer Photo Resize

"{85309D89-7BE9-4094-BB17-24999C6118FC}"=ArcSoft PhotoStudio 5.5

"{8A708DD8-A5E6-11D4-A706-000629E95E20}"=Intel® 845G Chipset Graphics Driver Software

"{8EDBA74D-0686-4C99-BFDD-F894678E5102}"=Adobe Common File Installer

"{90120000-0020-041D-0000-0000000FF1CE}"=Compatibility Pack for the 2007 Office system

"{9019041D-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Publisher 2003

"{9028041D-6000-11D3-8CFE-0050048383C9}"=Microsoft Office XP Professional med FrontPage

"{93539D60-1817-11D1-9504-00805F26A89C}"=Easy Access Button Support

"{9A346205-EA92-4406-B1AB-50379DA3F057}"=Autodesk DWF Viewer 7

"{9CA061E5-8A29-4316-B00E-EBC6A2BBB7E0}"=SystemTips

"{A0F34E4E-25F0-4B68-AE8F-EF0C15CB1FED}"=RAW Image Task 2.0

"{A0F584A7-B0C2-4D90-9580-15456B9CF63C}"=MapSource - Trip & Waypoint Manager v2

"{A70D14C6-FF2C-4B8E-A643-7E74EC607614}"=Camera Window DVC

"{A93C9E60-29B6-49da-BA21-F70AC6AADE20}"=Norton Internet Security

"{AC76BA86-7AD7-1053-7B44-A70900000002}"=Adobe Reader 7.0.9 - Svenska

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1"=Spybot - Search & Destroy

"{B508B3F1-A24A-32C0-B310-85786919EF28}"=Microsoft .NET Framework 2.0 Service Pack 1

"{B74D4E10-6884-0000-0000-000000000101}"=Adobe Bridge 1.0

"{B7C61755-DB48-4003-948F-3D34DB8EAF69}"=MSRedist

"{B9242864-2841-4ADE-86E0-8F90F91B04DD}"=Logitech Gaming Software

"{BA820A24-704B-428D-9904-71A10DAC1372}"=OLYMPUS Master

"{BDE90251-93EB-4F6A-89D8-086E2D91DC56}"=Coloreal

"{C1939820-A945-11D4-86F6-0001031E5712}"=InterVideo WinDVD

"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}"=Canon ZoomBrowser EX

"{C4868E88-F5B5-4E45-9592-C7062BD97441}"=Symantec Technical Support Web Controls

"{C4B76E93-3FC2-4E90-81EE-EE62948CFB03}"=Sony Ericsson Mobile Phone Monitor

"{C6F5B6CF-609C-428E-876F-CA83176C021B}"=Norton AntiVirus 2006

"{C7340571-7773-4A8C-9EBC-4E4243B38C76}"=Microsoft XML Parser

"{C8E4455F-0F70-4DA2-A9F9-2D56C80E10AD}"=Sibelius Scorch (ActiveX Only)

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1

"{CDBFA706-AF55-11D8-8E28-00E018769C7C}"=Registry Cleaner

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}"=SUPERAntiSpyware Free Edition

"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}"=Presto! PageManager 7.15.16

"{DA2D4D11-1811-4A24-B719-BF9F048C6106}"=Windows XP Creativity Fun Packs - Windows Movie Maker 2

"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}"=LiveUpdate Notice (Symantec Corporation)

"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}"=Ad-Aware

"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}"=ScanSoft OmniPage SE 4

"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}"=Norton Internet Security

"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}"=Norton Internet Security

"{E73534D5-CC93-4C63-9072-5A9734255C74}"=Camera Window MC

"{E85FA9A1-C241-4698-893B-DD99509B8DB0}"=Norton WMI Update

"{E9787678-551D-4478-9682-DBB587257110}"=Adobe Help Center 1.0

"{EC8923CA-D7F5-46E4-98BB-E083E6E1C40D}"=Kazaa 3.2.7

"{ED9A325D-9622-4FD0-A731-73D23C6265F3}"=CapMan

"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}"=Pinnacle Instant DVD Recorder

"{F0A37341-D692-11D4-A984-009027EC0A9C}"=SoundMAX

"{F5346614-B7C4-4E94-826A-E2363155233D}"=EasyCleaner

"{F64306A5-4C32-41bb-B153-53986527FAB4}"=Norton WMI Update

"{FB91E774-867B-4567-ACE7-8144EF036068}"=Olympus Digital Wave Player

"Active Disk"=Active Disk

"Adobe Acrobat 5.0"=Adobe Acrobat 5.0

"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX

"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-041D-1E257A25E34D}"=Adobe Photoshop CS2

"Adobe Shockwave Player"=Adobe Shockwave Player

"Advanced WindowsCare V2 Personal_is1"=Advanced WindowsCare Personal

"Ashampoo PowerUp XP Platinum"=Ashampoo PowerUp XP Platinum

"Ashampoo WinOptimizer 2007"=Ashampoo WinOptimizer 2007

"Autodesk Express Viewer"=Autodesk Express Viewer

"bet365poker"=bet365poker

"Bibble Pro"=Bibble Pro

"Bullzip PDF Printer_is1"=Bullzip PDF Printer 3.0.0.352

"Camtasia"=Camtasia

"CANONBJ_Deinstall_CNMCP3q.DLL"=Canon S750

"CanonSolutionMenu"=Canon Utilities Solution Menu

"CCleaner"=CCleaner (remove only)

"CDex"=CDex extraction audio

"COMSOL33a"=COMSOL 3.3a

"DC++"=DC++ 0.699

"Diino_is1"=Diino 4.1.1

"DivX Codec"=DivX 5.0.3 Bundle

"DivX Player"=DivX Player

"DivX Pro Codec Adware"=DivX Pro Codec Adware

"Easy-PhotoPrint"=Canon Utilities Easy-PhotoPrint

"EAX Unified"=EAX Unified

"Expekt_is1"=Expekt Poker

"Firebird SQL Server FL"=Firebird SQL Server - MAGIX Edition (FL)

"FL Studio 6"=FL Studio 6

"Free Asmw PC-Optimizer"=Free Asmw PC-Optimizer

"Free Ram Optimizer XP_is1"=Free Ram Optimizer XP 1.0

"GearDrivers"=GearDrivers

"GPL Ghostscript 8.60"=GPL Ghostscript 8.60

"GPL Ghostscript Fonts"=GPL Ghostscript Fonts

"HijackThis"=HijackThis 2.0.2

"Icy Tower_is1"=Icy Tower v1.2 (11kHz)

"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs

"ie7"=Windows Internet Explorer 7

"ImgBurn"=ImgBurn

"InstallShield_{16480125-0428-4097-9A2A-74464004D169}"=Canon Utilities EOS Capture 1.3

"InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA}"=Canon Utilities PhotoStitch 3.1

"InstallShield_{28291BD5-92D2-4685-82DC-CCA925C53CCA}"=Canon RemoteCapture Task for ZoomBrowser EX

"InstallShield_{2F81FBFC-9A37-431F-9050-14B55485DF5A}"=Canon Internet Library for ZoomBrowser EX

"InstallShield_{42ABF3F2-2C5E-43FA-BBFF-58E4295F23CA}"=Iomega Automatic Backup

"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}"=SmartSound Quicktracks Plugin

"InstallShield_{5662C158-CA24-4228-BF6C-596FADA08682}"=Canon Camera Support Core Library

"InstallShield_{789CF5F1-3326-4B7B-9D01-31047E0F5651}"=Canon Utilities Digital Photo Professional 1.6.1

"InstallShield_{7B847C9D-6758-45E6-B598-3BD8F43EAE9E}"=Canon Camera Window DS for ZoomBrowser EX

"InstallShield_{A0F34E4E-25F0-4B68-AE8F-EF0C15CB1FED}"=Canon RAW Image Task for ZoomBrowser EX

"InstallShield_{A0F584A7-B0C2-4D90-9580-15456B9CF63C}"=MapSource - Trip & Waypoint Manager v2

"InstallShield_{A70D14C6-FF2C-4B8E-A643-7E74EC607614}"=Canon Camera Window DVC for ZoomBrowser EX

"InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}"=OLYMPUS Master

"InstallShield_{E73534D5-CC93-4C63-9072-5A9734255C74}"=Canon Camera Window for ZoomBrowser EX

"InterActual Player"=InterActual Player

"IomegaWare"=IomegaWare

"Jardinains!"=Jardinains!

"LimeWire"=LimeWire 4.14.10

"LiveUpdate"=LiveUpdate 3.0 (Symantec Corporation)

"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware

"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1

"MP Navigator EX 1.0"=Canon MP Navigator EX 1.0

"MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP

"Nationalencyklopedin"=Nationalencyklopedin

"Native Instruments FM7"=Native Instruments FM7

"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs

"Novation V-Station v1.20-H2O"=Novation V-Station v1.20-H2O

"NVIDIA Drivers"=NVIDIA Drivers

"Parbet Poker"=Parbet Poker

"PartyPoker"=PartyPoker

"Personal"=Personal 4.5.2

"PhotoRecord"=Canon PhotoRecord

"PokerStars"=PokerStars

"Power Tab Editor 1.7"=Power Tab Editor 1.7

"PowerISO"=PowerISO

"PROSet"=Intel® PRO Ethernet Adapter and Software

"QuickTime"=QuickTime

"RealPlayer 6.0"=RealPlayer

"ReFX Vanguard VSTi v1.03 Retail"=ReFX Vanguard VSTi v1.03 Retail

"RgcAudio z3ta Plus DXi VSTi v1.41"=RgcAudio z3ta Plus DXi VSTi v1.41

"Sierra Utilities"=Sierra Utilities

"SpywareBlaster_is1"=SpywareBlaster 4.1

"ST6UNST #1"=TIPKINST

"Svenska Spels Poker"=Svenska Spels Poker

"SymSetup.{A93C9E60-29B6-49da-BA21-F70AC6AADE20}"=Norton Internet Security 2006 (Symantec Corporation)

"Telia Supportassistent_is1"=Telia Supportassistent

"TweakNow RegCleaner Standard_is1"=TweakNow RegCleaner Standard

"Unibet Poker"=Unibet Poker

"Winamp"=Winamp

"Windows Media Format Runtime"=Windows Media Format 11 runtime

"Windows Media Player"=Windows Media Player 11

"Windows XP Service Pack"=Windows XP Service Pack 2

"WinRAR archiver"=WinRAR archiver

"WinSpeedUp_is1"=WinSpeedUp 2.52

"Virtual DJ - Atomix Productions"=Virtual DJ - Atomix Productions

"VLC media player"=VideoLAN VLC media player 0.8.6f

"WMFDist11"=Windows Media Format 11 runtime

"wmp11"=Windows Media Player 11

"Wudf01000"=Microsoft User-Mode Driver Framework Feature Pack 1.0

"Xvid_is1"=Xvid 1.1.3 final uninstall

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"BitTorrent"=BitTorrent

"BitTorrent DNA"=DNA

"uTorrent"=µTorrent

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-3723271197-516116760-269536213-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"BitTorrent"=BitTorrent

"BitTorrent DNA"=DNA

"uTorrent"=µTorrent

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 2008-12-16 03:43:10 | Computer Name = CPQ74852556225 | Source = nview_info | ID = 11141121

Description =

 

Error - 2008-12-16 03:43:10 | Computer Name = CPQ74852556225 | Source = nview_info | ID = 11141121

Description =

 

Error - 2008-12-16 03:43:10 | Computer Name = CPQ74852556225 | Source = nview_info | ID = 11141121

Description =

 

Error - 2008-12-16 03:43:10 | Computer Name = CPQ74852556225 | Source = nview_info | ID = 11141121

Description =

 

Error - 2008-12-16 03:43:10 | Computer Name = CPQ74852556225 | Source = nview_info | ID = 11141121

Description =

 

Error - 2008-12-16 03:43:10 | Computer Name = CPQ74852556225 | Source = nview_info | ID = 11141121

Description =

 

Error - 2008-12-16 03:46:05 | Computer Name = CPQ74852556225 | Source = Automatic LiveUpdate Scheduler | ID = 101

Description = Informationsnivå: error Internetanslutning hittades inte.

 

Error - 2008-12-16 03:46:28 | Computer Name = CPQ74852556225 | Source = Application Hang | ID = 1002

Description = Stoppat program realplay.exe, version 11.0.0.446, stoppad modul hungapp,

version 0.0.0.0, stoppad adress 0x00000000.

 

Error - 2008-12-16 10:08:20 | Computer Name = CPQ74852556225 | Source = Application Error | ID = 1000

Description = Felaktigt program iexplore.exe, version 7.0.6000.16762, felaktig modul

housecall_activex.dll, version 6.51.0.1028, felaktig adress 0x0008c443.

 

Error - 2008-12-17 04:26:40 | Computer Name = CPQ74852556225 | Source = Application Hang | ID = 1002

Description = Stoppat program OTViewIt[1].exe, version 1.0.20.1, stoppad modul hungapp,

version 0.0.0.0, stoppad adress 0x00000000.

 

[ System Events ]

Error - 2008-12-17 03:26:57 | Computer Name = CPQ74852556225 | Source = SideBySide | ID = 16842784

Description = Det beroende paketet Microsoft.VC80.MFC kan inte hittas. Senaste fel:

Det refererade paketet är inte installerat på datorn. .

 

Error - 2008-12-17 03:26:57 | Computer Name = CPQ74852556225 | Source = SideBySide | ID = 16842811

Description = Resolve Partial Assembly misslyckades för Microsoft.VC80.MFC. Felmeddelande:

Det refererade paketet är inte installerat på datorn. .

 

Error - 2008-12-17 03:26:57 | Computer Name = CPQ74852556225 | Source = SideBySide | ID = 16842811

Description = Generate Activation Context misslyckades för C:\Windows\system32\AcSignIcon.dll.

Felmeddelande:

Åtgärden har slutförts. .

 

Error - 2008-12-17 04:06:38 | Computer Name = CPQ74852556225 | Source = Print | ID = 6161

Description =

 

Error - 2008-12-17 04:19:05 | Computer Name = CPQ74852556225 | Source = SideBySide | ID = 16842784

Description = Det beroende paketet Microsoft.VC80.MFC kan inte hittas. Senaste fel:

Det refererade paketet är inte installerat på datorn. .

 

Error - 2008-12-17 04:19:05 | Computer Name = CPQ74852556225 | Source = SideBySide | ID = 16842811

Description = Resolve Partial Assembly misslyckades för Microsoft.VC80.MFC. Felmeddelande:

Det refererade paketet är inte installerat på datorn. .

 

Error - 2008-12-17 04:19:05 | Computer Name = CPQ74852556225 | Source = SideBySide | ID = 16842811

Description = Generate Activation Context misslyckades för C:\Windows\system32\AcSignIcon.dll.

Felmeddelande:

Åtgärden har slutförts. .

 

Error - 2008-12-17 04:21:49 | Computer Name = CPQ74852556225 | Source = SideBySide | ID = 16842784

Description = Det beroende paketet Microsoft.VC80.MFC kan inte hittas. Senaste fel:

Det refererade paketet är inte installerat på datorn. .

 

Error - 2008-12-17 04:21:49 | Computer Name = CPQ74852556225 | Source = SideBySide | ID = 16842811

Description = Resolve Partial Assembly misslyckades för Microsoft.VC80.MFC. Felmeddelande:

Det refererade paketet är inte installerat på datorn. .

 

Error - 2008-12-17 04:21:49 | Computer Name = CPQ74852556225 | Source = SideBySide | ID = 16842811

Description = Generate Activation Context misslyckades för C:\Windows\system32\AcSignIcon.dll.

Felmeddelande:

Åtgärden har slutförts. .

 

 

< End of report >

[/log]

 

 

Det blev mycket att kolla igen, hoppas det inte är alltför betungande. ser du något konstigt i loggarna?

 

Mvh Martin

 

Link to comment
Share on other sites

har kollat norton nu. har inte kunnat hitta att man får uppdatera gratis om man har en prenumeration. var har du hittat det någonstans?

 

Ett nytt problem också är att det blir kryss på många bilder som ska visas på internet. på nortons hemsida skulle två bilder visa gränssnitt för två olika versioner men det var bara sånna där röda kryss istället. vad beror det på?

 

Mvh Martin

 

Link to comment
Share on other sites

Enligt OTViewIt-loggen så har det inte tillkommit något väsentligt under sista månaden förutom HijackThis, SUPERAntiSpyware och liknande.

 

Det ser ut som att SUPERAntiSpyware har försökt ta bort Registry Cleaner, men den finns fortfarande kvar i Kontrollpanelen - Lägg till eller ta bort program. Ta bort den därifrån. Även Kazaa finns där och det är ju ökänt för att sprida skadliga program så den ska ju också tas bort.

 

Link to comment
Share on other sites

registry cleaner är borttagen. kazaa äör avinstallerat sedan länge men ligger av någon anledning kvar i lägg till/ta bort program och går inte att ta bort därifrån.

 

problemet med att bilder på hemsidor blir röda kryss. vad kan det bero på?

 

mvh martin

 

Link to comment
Share on other sites

kazaa äör avinstallerat sedan länge men ligger av någon anledning kvar i lägg till/ta bort program och går inte att ta bort därifrån.
CCleaner brukar kunna ta bort sådana rester och jag har för mig att jag såg att du hade det.

 

problemet med att bilder på hemsidor blir röda kryss. vad kan det bero på?
Vet inte, någon säkerhetsinställning kanske i webbläsaren eller i Norton.

 

Skanna med HijackThis och bocka för:

 

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O16 - DPF: {11111111-1111-1111-1111-111111111111} - file://c:\info6_s.cab

O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -

 

Avsluta alla andra program.

Tryck Fix checked.

 

Starta om datorn.

 

Link to comment
Share on other sites

 

Hej Enligt länken nedan skall gratis uppdatering till 2009 års version kunna ske genom att installera motsvarande 15 dagars testversion .Har ej testat.

 

Nog är det underligt att man ej informerar på hemsidan.

 

//eforum.idg.se/viewmsg.asp?EntriesId=1100645#11045

 

 

LARSAS

 

 

Link to comment
Share on other sites

nu har jag nya norton installerat, jag har fixat raderna i hijackthis och tagit bort kazaa med ccleaner. datorn fungerar mycket bättre nu. kanske inte helt optimalt men iaf mycket bättre. jag tackar så hemskt mycket för hjälpen!

 

Martin

 

Link to comment
Share on other sites

Tack för poängen! :)

 

Här finns lite tips till en seg dator:

http://www.castlecops.com/t175258-Slow_Computer_Check_here_first_it_may_not_be_malware.html

 

Här kan du läsa mina vanliga råd för en säkrare dator, men det är så klart viktigt att man använder sitt förnuft också.

http://ceblstockholm.googlepages.com/home

 

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.×
×
  • Create New...