Just nu i M3-nätverket
Jump to content

alla dessa jävla virus. inget tangetbord!!


konstig-knäppjök

Recommended Posts

konstig-knäppjök

jag kan inte använda mitt tangentbord, HJÄLP!!

jag gissar att det är virus för jag har testat o "det trådlösa"

hittar det o batterierna är det inte. jag vet även att jag lyckats

få virus i datorn igår när jag letade efter ett bra gratis program att

titta på dvd-filmer i. jag hittade ett program som hette "cliprex" som genast satte några virus verket. hjälp!!

(jag använde skärmtangentbordet för att skriva detta).

 

Link to comment
Share on other sites

Vi kan se om HijackThis visar något till att börja med. Ladda ner från en av länkarna:

http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html

Installera, starta och välj "Do a system scan and save a logfile", kopiera loggen som kommer upp (inget annat).

 

I ditt svar bifogar du HijackThis-loggen på detta sätt:

Tryck på LOG-knappen i Besvara-fönstret

Klistra in loggen

Tryck igen på LOG-knappen

 

Link to comment
Share on other sites

konstig-knäppjök

har redan, här:

 

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:04:45, on 2008-12-20

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program\Alwil Software\Avast4\aswUpdSv.exe

C:\Program\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program\TortoiseSVN\bin\TSVNCache.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\Program\ALWILS~1\Avast4\ashDisp.exe

C:\Program\Delade filer\InstallShield\UpdateService\isuspm.exe

D:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Apache Software Foundation\Apache2.2\bin\httpd.exe

C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe

C:\Program\Apache Software Foundation\Apache2.2\bin\httpd.exe

C:\Program\iolo\common\lib\ioloServiceManager.exe

C:\Program\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Windows Live\Messenger\usnsvc.exe

C:\Program\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\osk.exe

C:\WINDOWS\system32\MSSWCHX.EXE

C:\Program\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [Microsoft Windows Sound] svrhost.exe

O4 - HKLM\..\Run: [avast!] C:\Program\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [iSUSPM] "C:\Program\Delade filer\InstallShield\UpdateService\isuspm.exe" -scheduler

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\RunServices: [Microsoft Windows Sound] svrhost.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Append to Existing PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apache2.2 - Apache Software Foundation - C:\Program\Apache Software Foundation\Apache2.2\bin\httpd.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program\iolo\common\lib\ioloServiceManager.exe

O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program\iolo\common\lib\ioloServiceManager.exe

O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe

 

--

End of file - 6376 bytes[/log]

 

 

Link to comment
Share on other sites

Ladda ner SDFix till Skrivbordet:

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

Dubbelklicka på SDFix.exe och en ny mapp skapas, C:\SDFix.

 

Starta om datorn i felsäkert läge (tryck F8 upprepade gånger under uppstarten och välj felsäkert läge i menyn).

 

Öppna den nya mappen C:\SDFix och dubbelklicka på RunThis.bat för att starta programmet.

Tryck OK och senare Y följt av Enter för att fortsätta.

Det arbetar ett tag och när det är klart så kommer det upp en fråga om du vill starta om datorn.

Tryck på godtycklig tangent för att omstarten ska påbörjas.

Datorn kommer att ta lång tid på sig under uppstarten eftersom programmet kommer att gå igång och fixa till en massa.

När det är klart visas Finished.

Tryck på valfri tangent för att avsluta programmet.

 

Om SDFix inte startar automatiskt efter omstarten av datorn så startar du Runthis.bat som förut men trycker F i stället för Y.

 

Om loggen inte kommer upp automatiskt så öppna mappen SDFix och öppna filen Report.txt i Anteckningar.

Klistra in innehållet i loggen i ditt svar här.

Skapa en ny HijackThis-logg också och klistra in här.

 

Link to comment
Share on other sites

konstig-knäppjök

lite krångligt utan t-bordet men det gick ändå, här:

 

[log]SDFix: Version 1.240

Run by Hem PC on 2008-12-20 at 13:37

 

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\SDFix

 

Checking Services :

 

 

Restoring Default Security Values

Restoring Default Hosts File

 

Rebooting

 

 

Checking Files :

 

Trojan Files Found:

 

C:\Documents and Settings\Hem PC\Lokala inst„llningar\Temp\ubi21.tmp.exe - Deleted

C:\Documents and Settings\Hem PC\Favoriter\Cheap Pharmacy Online.url - Deleted

C:\Documents and Settings\Hem PC\Favoriter\VIP Casino.url - Deleted

C:\WINDOWS\system32\c.ico - Deleted

C:\WINDOWS\system32\m.ico - Deleted

C:\WINDOWS\system32\s.ico - Deleted

C:\Documents and Settings\Hem PC\Favoriter\Search Online.url - Deleted

C:\DOCUME~1\HEMPC~1\LOKALA~1\Temp\removalfile.bat - Deleted

C:\WINDOWS\admintxt.txt - Deleted

C:\WINDOWS\k.txt - Deleted

 

 

 

 

 

Removing Temp Files

 

ADS Check :

 

 

 

Final Check :

 

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-12-20 13:56:09

Windows 5.1.2600 Service Pack 3 NTFS

 

scanning hidden processes ...

 

scanning hidden services & system hive ...

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]

"s1"=dword:2df9c43f

"s2"=dword:110480d0

"h0"=dword:00000002

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000001

"ujdew"=hex:64,49,69,42,9a,be,f6,ac,1c,ac,bf,9f,7c,df,c6,08,af,75,58,71,7f,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000000

"khjeh"=hex:d8,13,15,b5,ab,34,64,f0,79,6d,6d,9e,65,a7,cb,3f,39,45,2f,6b,70,..

"p0"="C:\Program\DAEMON Tools Lite\"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]

"khjeh"=hex:b0,72,bf,1a,a4,9e,9e,69,1d,d3,0f,8b,1e,e5,a3,aa,63,f4,4a,26,73,..

"a0"=hex:20,01,00,00,63,77,6b,e9,69,47,d6,35,d7,ae,da,a6,95,d0,6a,4f,c5,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]

"khjeh"=hex:21,c2,bb,83,ce,f5,00,2a,4e,fc,9e,22,bc,df,17,87,5d,f0,7e,83,3e,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]

"khjeh"=hex:fb,0d,62,36,04,c7,14,88,7d,c9,b1,e0,4d,f2,70,4e,a5,e6,75,9d,f6,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]

"khjeh"=hex:fc,4f,d6,dd,7c,54,10,92,db,44,bb,cf,0e,b6,98,d4,45,90,ce,48,44,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]

"khjeh"=hex:68,88,8c,13,56,ec,e4,cf,ec,47,7e,ea,c0,94,65,5f,34,17,0a,c9,f7,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000001

"ujdew"=hex:64,49,69,42,9a,be,f6,ac,1c,ac,bf,9f,7c,df,c6,08,af,75,58,71,7f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000000

"khjeh"=hex:d8,13,15,b5,ab,34,64,f0,79,6d,6d,9e,65,a7,cb,3f,39,45,2f,6b,70,..

"p0"="C:\Program\DAEMON Tools Lite\"

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]

"khjeh"=hex:b0,72,bf,1a,a4,9e,9e,69,1d,d3,0f,8b,1e,e5,a3,aa,63,f4,4a,26,73,..

"a0"=hex:20,01,00,00,63,77,6b,e9,69,47,d6,35,d7,ae,da,a6,95,d0,6a,4f,c5,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]

"khjeh"=hex:d9,c4,f4,d8,92,98,5d,d3,67,d9,ea,f2,42,9b,88,f2,19,22,4a,77,a4,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]

"khjeh"=hex:39,96,65,1c,a2,cd,ac,cd,2d,f9,ee,f4,a7,60,03,fc,80,a7,e6,a4,36,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]

"khjeh"=hex:fc,4f,d6,dd,7c,54,10,92,db,44,bb,cf,0e,b6,98,d4,45,90,ce,48,44,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]

"khjeh"=hex:68,88,8c,13,56,ec,e4,cf,ec,47,7e,ea,c0,94,65,5f,34,17,0a,c9,f7,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000001

"ujdew"=hex:64,49,69,42,9a,be,f6,ac,1c,ac,bf,9f,7c,df,c6,08,af,75,58,71,7f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000000

"khjeh"=hex:d8,13,15,b5,ab,34,64,f0,79,6d,6d,9e,65,a7,cb,3f,39,45,2f,6b,70,..

"p0"="C:\Program\DAEMON Tools Lite\"

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]

"khjeh"=hex:b0,72,bf,1a,a4,9e,9e,69,1d,d3,0f,8b,1e,e5,a3,aa,63,f4,4a,26,73,..

"a0"=hex:20,01,00,00,63,77,6b,e9,69,47,d6,35,d7,ae,da,a6,95,d0,6a,4f,c5,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]

"khjeh"=hex:21,c2,bb,83,ce,f5,00,2a,4e,fc,9e,22,bc,df,17,87,5d,f0,7e,83,3e,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]

"khjeh"=hex:fb,0d,62,36,04,c7,14,88,7d,c9,b1,e0,4d,f2,70,4e,a5,e6,75,9d,f6,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]

"khjeh"=hex:fc,4f,d6,dd,7c,54,10,92,db,44,bb,cf,0e,b6,98,d4,45,90,ce,48,44,..

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]

"khjeh"=hex:68,88,8c,13,56,ec,e4,cf,ec,47,7e,ea,c0,94,65,5f,34,17,0a,c9,f7,..

 

scanning hidden registry entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden processes: 0

hidden services: 0

hidden files: 0

 

 

Remaining Services :

 

 

 

 

Authorized Application Key Export:

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8-server"

"C:\\Program\\Atari\\Deer Hunter 2005\\DH2005.exe"="C:\\Program\\Atari\\Deer Hunter 2005\\DH2005.exe:*:Enabled:DH2005"

"C:\\Program\\GameSpy Arcade\\Aphex.exe"="C:\\Program\\GameSpy Arcade\\Aphex.exe:*:Enabled:GameSpy Arcade"

"C:\\Program\\3DO\\Heroes of Might and Magic IV\\HEROES4S.EXE"="C:\\Program\\3DO\\Heroes of Might and Magic IV\\HEROES4S.EXE:*:Enabled:Heroes of Might and Magic© IV: Winds of WarT"

"C:\\Program\\3DO\\Heroes of Might and Magic IV\\heroes4.exe"="C:\\Program\\3DO\\Heroes of Might and Magic IV\\heroes4.exe:*:Enabled:Heroes of Might and Magic© IV: Winds of WarT"

"D:\\Program\\3DO\\Heroes of might and magic V\\bin\\H5_Game.exe"="D:\\Program\\3DO\\Heroes of might and magic V\\bin\\H5_Game.exe:*:Enabled:Heroes of Might and Magic V"

"C:\\Program\\Steam\\steamapps\\enemyarcher\\source sdk base\\hl2.exe"="C:\\Program\\Steam\\steamapps\\enemyarcher\\source sdk base\\hl2.exe:*:Enabled:hl2"

"C:\\Program\\Mozilla Firefox\\firefox.exe"="C:\\Program\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"

"D:\\Program\\Activision\\EF2\\EF2.exe"="D:\\Program\\Activision\\EF2\\EF2.exe:*:Enabled:Elite Force II"

"C:\\Program\\Autodesk\\Backburner\\monitor.exe"="C:\\Program\\Autodesk\\Backburner\\monitor.exe:*:Enabled:backburner 2.3 monitor"

"C:\\Program\\Autodesk\\Backburner\\manager.exe"="C:\\Program\\Autodesk\\Backburner\\manager.exe:*:Enabled:backburner 2.3 manager"

"C:\\Program\\Autodesk\\Backburner\\server.exe"="C:\\Program\\Autodesk\\Backburner\\server.exe:*:Enabled:backburner 2.3 server"

"C:\\Program\\Azureus\\Azureus.exe"="C:\\Program\\Azureus\\Azureus.exe:*:Enabled:Azureus"

"C:\\Program\\Xfire\\xfire.exe"="C:\\Program\\Xfire\\xfire.exe:*:Enabled:Xfire"

"C:\\Program\\Steam\\steamapps\\enemyarcher\\garrysmod\\hl2.exe"="C:\\Program\\Steam\\steamapps\\enemyarcher\\garrysmod\\hl2.exe:*:Enabled:hl2"

"C:\\Documents and Settings\\Hem PC\\Skrivbord\\WoW-BurningCrusade-enGB-Installer-downloader.exe"="C:\\Documents and Settings\\Hem PC\\Skrivbord\\WoW-BurningCrusade-enGB-Installer-downloader.exe:*:Enabled:Blizzard Downloader"

"C:\\Program\\Electric Rain\\Swift 3D\\Version 5.00\\Program\\Swift3D.exe"="C:\\Program\\Electric Rain\\Swift 3D\\Version 5.00\\Program\\Swift3D.exe:*:Enabled:Swift 3D"

"C:\\Program\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"="C:\\Program\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe:*:Enabled:Veoh Web Player "

"C:\\Program\\Steam\\steamapps\\enemyarcher\\diprip warm up\\hl2.exe"="C:\\Program\\Steam\\steamapps\\enemyarcher\\diprip warm up\\hl2.exe:*:Enabled:hl2"

"C:\\Program\\Steam\\steamapps\\enemyarcher\\zombie panic! source\\hl2.exe"="C:\\Program\\Steam\\steamapps\\enemyarcher\\zombie panic! source\\hl2.exe:*:Enabled:hl2"

"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"

"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"

"C:\\Program\\Defcon\\defcon.exe"="C:\\Program\\Defcon\\defcon.exe:*:Enabled:Defcon"

"C:\\Program\\Steam\\steamapps\\enemyarcher\\counter-strike source\\hl2.exe"="C:\\Program\\Steam\\steamapps\\enemyarcher\\counter-strike source\\hl2.exe:*:Enabled:hl2"

"C:\\Program\\Autodesk\\3ds Max 2009\\3dsmax.exe"="C:\\Program\\Autodesk\\3ds Max 2009\\3dsmax.exe:*:Enabled:Autodesk 3ds Max 2009 32-bit"

"C:\\Program\\Steam\\steamapps\\enemyarcher\\half-life blue shift\\hl.exe"="C:\\Program\\Steam\\steamapps\\enemyarcher\\half-life blue shift\\hl.exe:*:Enabled:Half-Life Launcher"

"C:\\Program\\Steam\\steamapps\\enemyarcher\\team fortress classic\\hl.exe"="C:\\Program\\Steam\\steamapps\\enemyarcher\\team fortress classic\\hl.exe:*:Enabled:Half-Life Launcher"

"C:\\Program\\Steam\\steamapps\\enemyarcher\\opposing force\\hl.exe"="C:\\Program\\Steam\\steamapps\\enemyarcher\\opposing force\\hl.exe:*:Enabled:Half-Life Launcher"

"D:\\Program\\Adobe\\Adobe Flash CS3\\Flash.exe"="D:\\Program\\Adobe\\Adobe Flash CS3\\Flash.exe:*:Enabled:Adobe Flash CS3"

"D:\\Program\\UBISOFT\\Tom Clancy's Splinter Cell Chaos Theory\\System\\splintercell3.exe"="D:\\Program\\UBISOFT\\Tom Clancy's Splinter Cell Chaos Theory\\System\\splintercell3.exe:*:Enabled:splintercell3"

"C:\\Program\\Ubisoft\\Splinter Cell Pandora Tomorrow\\pandora.exe"="C:\\Program\\Ubisoft\\Splinter Cell Pandora Tomorrow\\pandora.exe:*:Enabled:pandora"

"C:\\Program\\Ubisoft\\Splinter Cell Pandora Tomorrow\\online\\System\\shadowstrike_static_retail.exe"="C:\\Program\\Ubisoft\\Splinter Cell Pandora Tomorrow\\online\\System\\shadowstrike_static_retail.exe:*:Enabled:shadowstrike_static_retail"

"C:\\Program\\Ubisoft\\Splinter Cell Pandora Tomorrow\\online\\System\\shadowstrike_static_retail.ex"="C:\\Program\\Ubisoft\\Splinter Cell Pandora Tomorrow\\online\\System\\shadowstrike_static_retail.ex:*:Enabled:shadowstrike_static_retail"

"C:\\Program\\InterVideo\\DVD8\\WinDVD.exe"="C:\\Program\\InterVideo\\DVD8\\WinDVD.exe:*:Enabled:WinDVD"

"D:\\Program\\Ubisoft\\Tom Clancy's Splinter Cell Double Agent\\SCDA-Offline\\System\\SplinterCell4.exe"="D:\\Program\\Ubisoft\\Tom Clancy's Splinter Cell Double Agent\\SCDA-Offline\\System\\SplinterCell4.exe:*:Enabled:SplinterCell4"

"C:\\Program\\Unreal Tournament 3\\Binaries\\UT3.exe"="C:\\Program\\Unreal Tournament 3\\Binaries\\UT3.exe:*:Enabled:UT3"

"C:\\Program\\Aspyr\\Guitar Hero III\\GH3.exe"="C:\\Program\\Aspyr\\Guitar Hero III\\GH3.exe:*:Enabled:Guitar Hero III"

"D:\\Program\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"="D:\\Program\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\\Program\\Windows Live\\Messenger\\livecall.exe"="C:\\Program\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\\Documents and Settings\\Hem PC\\Skrivbord\\tillf\\Van Buren\\F3.exe"="C:\\Documents and Settings\\Hem PC\\Skrivbord\\tillf\\Van Buren\\F3.exe:*:Enabled:F3"

"C:\\Program\\Skype\\Phone\\Skype.exe"="C:\\Program\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

"c:\\program\\relevantknowledge\\rlvknlg.exe"="c:\\program\\relevantknowledge\\rlvknlg.exe:*:Enabled:rlvknlg.exe"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\\Program\\Windows Live\\Messenger\\livecall.exe"="C:\\Program\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

 

Remaining Files :

 

 

File Backups: - C:\SDFix\backups\backups.zip

 

Files with Hidden Attributes :

 

Fri 21 Nov 2008 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"

Sat 30 Aug 2008 660,425 A..HR --- "C:\Program\AudioSurf\Audiosurf\library.zip"

Sun 12 Oct 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"

Tue 9 Dec 2008 165,232 A..H. --- "C:\Documents and Settings\Hem PC\Application Data\Microsoft\Virtual PC\VPCKeyboard.dll"

Fri 19 Dec 2008 4,579 ...HR --- "C:\Documents and Settings\Hem PC\Application Data\SecuROM\UserData\securom_v7_01.bak"

 

Finished![/log]

 

och så hjt-loggen:

 

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:05:45, on 2008-12-20

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program\Alwil Software\Avast4\aswUpdSv.exe

C:\Program\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Apache Software Foundation\Apache2.2\bin\httpd.exe

C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe

C:\Program\Apache Software Foundation\Apache2.2\bin\httpd.exe

C:\Program\iolo\common\lib\ioloServiceManager.exe

C:\Program\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Alwil Software\Avast4\ashWebSv.exe

C:\Program\TortoiseSVN\bin\TSVNCache.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\Program\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Delade filer\InstallShield\UpdateService\isuspm.exe

D:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe

D:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Windows Live\Messenger\MsnMsgr.Exe

C:\WINDOWS\system32\osk.exe

C:\WINDOWS\system32\MSSWCHX.EXE

C:\Program\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [avast!] C:\Program\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [iSUSPM] "C:\Program\Delade filer\InstallShield\UpdateService\isuspm.exe" -scheduler

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Append to Existing PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apache2.2 - Apache Software Foundation - C:\Program\Apache Software Foundation\Apache2.2\bin\httpd.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program\iolo\common\lib\ioloServiceManager.exe

O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program\iolo\common\lib\ioloServiceManager.exe

O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe

 

--

End of file - 6341 bytes[/log]

 

Link to comment
Share on other sites

Det här finns tillåtet i Windows-brandväggen:

"c:\\program\\relevantknowledge\\rlvknlg.exe"="c:\\program\\

relevantknowledge\\rlvknlg.exe:*:Enabled:rlvknlg.exe"

Läs om det på http://www.mywot.com/sv/scorecard/relevantknowledge.com

Finns programmet kvar i datorn? Ta bort i så fall och i vilket fall som helst så ta bort det från tillåtna program i Windows-brandväggen.

 

Fungerade tangentbordet när du behövde trycka på F8 för att komma till felsäkert läge?

 

Ladda ner OTViewIt till Skrivbordet:

http://oldtimer.geekstogo.com/OTViewIt.exe

 

Stäng alla program.

Kör OTViewIt (i Vista högerklicka och Kör som administratör).

Bocka för Scan all Users.

Välj 30 dagar för File Age om det inte redan är valt.

Tryck på Run Scan och låt programmet köra ostört.

 

När det är klart så skapas två loggfiler på Skrivbordet, OTViewIt.txt och Extras.txt, klistra in båda två i ditt svar (kom ihåg LOG-knappen).

 

Link to comment
Share on other sites

konstig-knäppjök

här:

 

[log]OTViewIt logfile created on: 2008-12-20 14:25:33 - Run 2

OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\Hem PC\Skrivbord

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

1023,29 Mb Total Physical Memory | 507,82 Mb Available Physical Memory | 49,63% Memory free

3,35 Gb Paging File | 2,90 Gb Available in Paging File | 86,72% Paging File free

Paging file location(s): C:\pagefile.sys 2500 3072;

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 149,05 Gb Total Space | 15,91 Gb Free Space | 10,67% Space Free | Partition Type: NTFS

Drive D: | 149,05 Gb Total Space | 11,15 Gb Free Space | 7,48% Space Free | Partition Type: NTFS

Drive E: | 3,61 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: OSKAR

Current User Name: Hem PC

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

 

========== Processes ==========

 

[2007-05-18 02:49:14 | 00,479,232 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe

[2007-05-18 02:49:14 | 00,479,232 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe

[2008-11-26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\aswUpdSv.exe

[2008-11-26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashServ.exe

[2008-06-13 03:05:04 | 00,024,635 | ---- | M] (Apache Software Foundation) -- C:\Program\Apache Software Foundation\Apache2.2\bin\httpd.exe

[2008-10-12 01:26:12 | 00,079,360 | ---- | M] (Autodesk) -- C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe

[2008-06-13 03:05:04 | 00,024,635 | ---- | M] (Apache Software Foundation) -- C:\Program\Apache Software Foundation\Apache2.2\bin\httpd.exe

[2008-08-15 15:46:00 | 00,596,328 | ---- | M] () -- C:\Program\iolo\Common\Lib\ioloServiceManager.exe

[2008-03-09 23:04:52 | 00,065,536 | ---- | M] () -- C:\Program\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe

[2008-11-26 18:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashWebSv.exe

[2008-08-30 21:01:38 | 00,577,024 | ---- | M] (http://tortoisesvn.net) -- C:\Program\TortoiseSVN\bin\TSVNCache.exe

[2006-07-21 16:14:36 | 00,086,016 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE

[2006-05-04 16:26:36 | 02,808,832 | R--- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE

[2008-11-26 18:18:51 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashDisp.exe

[2006-03-20 17:34:50 | 00,213,936 | ---- | M] (Macrovision Corporation) -- C:\Program\Delade filer\InstallShield\UpdateService\ISUSPM.exe

[2008-06-11 21:43:26 | 00,640,376 | ---- | M] (Adobe Systems Inc.) -- D:\Program\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

[2007-10-18 10:35:08 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\msnmsgr.exe

[2008-04-14 17:05:16 | 00,216,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\osk.exe

[2004-08-04 13:00:00 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msswchx.exe

[2008-12-20 00:56:31 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program\Mozilla Firefox\firefox.exe

[2008-04-14 17:05:04 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dumprep.exe

[2008-12-20 14:24:46 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hem PC\Skrivbord\OTViewIt.exe

 

========== (O23) Win32 Services ==========

 

[2008-08-01 20:12:29 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])

[2008-06-13 03:05:04 | 00,024,635 | ---- | M] (Apache Software Foundation) -- C:\Program\Apache Software Foundation\Apache2.2\bin\httpd.exe -- (Apache2.2 [Auto | Running])

[2007-10-24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])

[2008-11-26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])

[2007-05-18 02:49:14 | 00,479,232 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])

[2007-05-17 20:05:00 | 00,520,192 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])

[2008-10-12 01:26:12 | 00,079,360 | ---- | M] (Autodesk) -- C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service [Auto | Running])

[2008-11-26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])

[2008-11-26 18:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Stopped])

[2008-11-26 18:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])

[2007-07-24 14:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program\Bonjour\mDNSResponder.exe -- (Bonjour Service [Disabled | Stopped])

[2007-10-24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

[2007-05-02 08:13:00 | 00,150,584 | ---- | M] (Norman ASA) -- C:\Norman\npm\bin\elogsvc.exe -- (eLoggerSvc6 [Disabled | Stopped])

[2008-10-11 21:34:42 | 00,651,720 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [Disabled | Stopped])

[2006-10-20 20:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])

[2004-10-22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program\Delade filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])

[2006-10-30 02:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped])

[2008-08-15 15:46:00 | 00,596,328 | ---- | M] () -- C:\Program\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList [Auto | Running])

[2008-08-15 15:46:00 | 00,596,328 | ---- | M] () -- C:\Program\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService [Auto | Running])

[2008-07-30 09:47:48 | 00,532,264 | ---- | M] (Apple Inc.) -- C:\Program\iPod\bin\iPodService.exe -- (iPod Service [Disabled | Stopped])

[2007-01-04 19:48:52 | 00,112,152 | R--- | M] (InterVideo) -- C:\Program\Delade filer\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr [Disabled | Stopped])

[2008-03-09 23:04:52 | 00,065,536 | ---- | M] () -- C:\Program\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe -- (mi-raysat_3dsMax2009_32 [Auto | Running])

[2006-10-30 02:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

[2007-03-16 10:28:26 | 00,150,584 | ---- | M] () -- C:\Norman\npm\bin\Njeeves.exe -- (Norman NJeeves [Disabled | Stopped])

[2007-03-26 11:31:12 | 00,322,616 | ---- | M] (Norman ASA) -- C:\Norman\npm\bin\Zanda.exe -- (Norman ZANDA [Disabled | Stopped])

[2003-07-28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])

[2007-10-18 10:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])

[2006-11-15 09:49:34 | 00,912,384 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

 

========== Driver Services ==========

 

[2008-11-26 18:15:35 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [system | Running])

[2008-11-26 18:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk [Auto | Running])

[2008-11-26 18:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])

[2008-11-26 18:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])

[2008-11-26 18:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [system | Running])

[2008-11-26 18:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [system | Running])

[2007-05-18 02:57:34 | 02,164,736 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running])

[2006-07-06 20:43:58 | 00,168,576 | R--- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinavt2.sys -- (ATIAVAIW [On_Demand | Stopped])

[2008-05-22 20:39:57 | 00,278,728 | ---- | M] () -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt [Auto | Running])

File not found -- -- (catchme [On_Demand | Running])

[2005-11-25 16:43:48 | 00,031,896 | ---- | M] (DemoForge, LLC) -- C:\WINDOWS\system32\drivers\dfmirage.sys -- (dfmirage [On_Demand | Running])

[1998-07-10 03:31:00 | 00,007,328 | ---- | M] () -- C:\WINDOWS\system32\drivers\ds1410d.sys -- (DS1410D [Auto | Stopped])

[2008-01-29 11:01:28 | 00,016,168 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])

[2006-11-22 09:01:48 | 00,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock [Auto | Running])

[2008-07-29 00:28:14 | 00,047,616 | ---- | M] (Aladdin Knowledge Systems) -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt [Auto | Running])

[2004-10-27 14:21:30 | 00,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService [On_Demand | Stopped])

[2008-04-13 17:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])

[2003-11-13 18:19:48 | 00,210,304 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2 [On_Demand | Running])

[2003-11-13 18:17:00 | 01,042,816 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP [On_Demand | Running])

[2006-11-03 09:32:30 | 04,394,496 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])

[2008-10-10 14:27:02 | 00,162,432 | ---- | M] () -- C:\WINDOWS\system32\drivers\ithsgt.sys -- (ithsgt [Auto | Running])

[2008-04-14 16:41:34 | 00,014,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [system | Stopped])

[2008-10-10 14:27:01 | 00,012,032 | ---- | M] () -- C:\WINDOWS\system32\drivers\lilsgt.sys -- (lilsgt [Auto | Running])

[2008-05-22 20:39:57 | 00,025,416 | ---- | M] () -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt [Auto | Running])

[2004-01-16 14:21:48 | 00,012,970 | R--- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])

[2008-04-13 19:46:22 | 00,015,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE [On_Demand | Stopped])

[2008-06-22 21:12:02 | 00,042,512 | ---- | M] (CACE Technologies) -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF [On_Demand | Stopped])

[2004-08-04 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])

[2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])

[2006-07-11 19:31:02 | 00,084,096 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp [On_Demand | Running])

[2004-08-03 23:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139 [On_Demand | Stopped])

[2008-07-07 08:40:49 | 00,056,108 | ---- | M] (PowerISO Computing, Inc.) -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu [system | Running])

[2007-11-13 11:25:56 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])

[2001-06-21 20:39:02 | 00,073,728 | ---- | M] (Rainbow Technologies, Inc.) -- C:\WINDOWS\system32\drivers\SENTINEL.SYS -- (Sentinel [Auto | Running])

[2005-06-20 08:12:00 | 00,215,040 | R--- | M] (SiS Corporation) -- C:\WINDOWS\system32\drivers\sis163u.sys -- (SIS163u [On_Demand | Running])

[2001-06-21 20:39:02 | 00,020,032 | R--- | M] (Rainbow Technologies Inc.) -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS -- (Sntnlusb [On_Demand | Stopped])

[2008-05-22 17:06:15 | 00,717,296 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [boot | Running])

[2007-02-18 00:15:34 | 00,232,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\VMM.sys -- (vmm [system | Running])

[2007-01-29 06:20:34 | 00,059,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\VMNetSrv.sys -- (VPCNetS2 [On_Demand | Running])

[2003-11-13 18:18:36 | 00,679,808 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf [On_Demand | Running])

[2006-06-01 14:15:20 | 00,509,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\xnacc.sys -- (xnacc [On_Demand | Stopped])

[2001-01-22 14:23:36 | 00,006,080 | ---- | M] (Zeal SoftStudio) -- C:\WINDOWS\system32\zntport.sys -- (zntport [Auto | Running])

 

========== (R ) Internet Explorer ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]

"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=\blank.htm

"Search Page"=http://www.msn.com/access/allinone.asp

"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]

"provider"=

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=\blank.htm

"Search Page"=http://www.msn.com/access/allinone.asp

"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\Software\Microsoft\Internet Explorer\SearchURL]

"provider"=

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

========== (O1) Hosts File ==========

 

HOSTS File = (686 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

First 25 entries...

127.0.0.1 localhost

 

========== (O2) BHO's ==========

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)

{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

 

========== (O3) Toolbars ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC}" (HKLM) -- C:\Program\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]

"{07AA283A-43D7-4CBE-A064-32A21112D94D}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]

"{07AA283A-43D7-4CBE-A064-32A21112D94D}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

 

========== (O4) Run Keys ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Acrobat Assistant 8.0"="D:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" (Adobe Systems Inc.)

"Adobe Acrobat Speed Launcher"="D:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" (Adobe Systems Incorporated)

"AlcWzrd"=ALCWZRD.EXE (RealTek Semicoductor Corp.)

"avast!"=C:\Program\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)

"ISUSPM"="C:\Program\Delade filer\InstallShield\UpdateService\isuspm.exe" -scheduler (Macrovision Corporation)

"SoundMan"=SOUNDMAN.EXE (Realtek Semiconductor Corp.)

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsnMsgr"="C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsnMsgr"="C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)

 

========== (O4) Startup Folders ==========

 

[1999-11-04 14:06:48 | 00,113,664 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

 

========== (O6 & O7) Current Version Policies ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=91 00 00 00 [binary data]

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=91 00 00 00 [binary data]

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

========== (O8) IE Context Menu Extensions ==========

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]

Append Link Target to Existing PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

Append to Existing PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

Convert Link Target to Adobe PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

Convert link target to existing PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

Convert to Adobe PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\OFFICE11\EXCEL.EXE [2008-10-13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]

Add to AMV Convert Tool...: C:\Program\MP3 Player Utilities 4.00\AMVConverter\grab.html [2006-02-16 09:37:38 | 00,000,890 | ---- | M] ()

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\OFFICE11\EXCEL.EXE [2008-10-13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)

MediaManager tool grab multimedia file: C:\Program\MP3 Player Utilities 4.00\MediaManager\grab.html [2006-02-15 08:30:44 | 00,000,890 | ---- | M] ()

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]

Add to AMV Convert Tool...: C:\Program\MP3 Player Utilities 4.00\AMVConverter\grab.html [2006-02-16 09:37:38 | 00,000,890 | ---- | M] ()

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\OFFICE11\EXCEL.EXE [2008-10-13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)

MediaManager tool grab multimedia file: C:\Program\MP3 Player Utilities 4.00\MediaManager\grab.html [2006-02-15 08:30:44 | 00,000,890 | ---- | M] ()

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]

Add to AMV Convert Tool...: Reg Error: Key does not exist or could not be opened. File not found

E&xportera till Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

MediaManager tool grab multimedia file: Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]

Add to AMV Convert Tool...: Reg Error: Key does not exist or could not be opened. File not found

E&xportera till Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

MediaManager tool grab multimedia file: Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\Software\Microsoft\Internet Explorer\MenuExt\]

Append Link Target to Existing PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

Append to Existing PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

Convert Link Target to Adobe PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

Convert link target to existing PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

Convert to Adobe PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\OFFICE11\EXCEL.EXE [2008-10-13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)

 

========== (O9) IE Extensions ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Referensinformation -- %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [2007-04-19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)

{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008-04-13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)

{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008-04-14 17:05:13 | 01,695,232 | ---- | M] (Microsoft Corporation)

{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008-04-14 17:05:13 | 01,695,232 | ---- | M] (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found

CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Referensinformation] -> [2007-04-19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008-04-13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 17:05:13 | 01,695,232 | ---- | M] (Microsoft Corporation)

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found

CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Referensinformation] -> [2007-04-19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008-04-13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 17:05:13 | 01,695,232 | ---- | M] (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found

CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Referensinformation] -> [2007-04-19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008-04-13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 17:05:13 | 01,695,232 | ---- | M] (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found

CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Referensinformation] -> [2007-04-19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008-04-13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 17:05:13 | 01,695,232 | ---- | M] (Microsoft Corporation)

 

========== (O12) Internet Explorer Plugins ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]

PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s

PluginsPageFriendlyName: "" = Microsoft ActiveX-galleri

 

========== (O13) Default Prefixes ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]

""=http://

 

========== (O15) Trusted Sites ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

1 domain(s) and sub-domain(s) not assigned to a zone.

 

========== (O16) DPF ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]

{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab -- Reg Error: Key does not exist or could not be opened.

{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}: http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab -- Java Plug-in 1.5.0

{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab -- Java Plug-in 1.6.0_05

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07

 

========== (O17) DNS Name Servers ==========

 

{78DE93C5-D530-45B2-83FA-AAFFA1DD8C30} (Servers: | Description: Fujitsu Siemens Computers WLAN 802.11b/g D1705/D1706)

{7BB47BEE-5807-4A33-8356-8BA9039732CE} (Servers: | Description: )

{A3CEBD50-3168-4B21-AA96-9D96AD558586} (Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC)

{C0CA295B-46A4-455B-9BAE-1CD58D4A3F28} (Servers: | Description: 1394 Net Adapter)

 

========== (O20) Winlogon Notify Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]

AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)

 

========== Shell Execute Hooks ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{7BC6B793-BBAA-4EED-9E56-8CBFA6F5BB03}" (HKLM) -- C:\WINDOWS\system32\ljJccAtt.dll File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{7FC793E3-2599-4E31-9806-1E7BFF68F894}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

========== LSA *Authentication Packages* ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"Authentication Packages"=msv1_0,C:\WINDOWS\system32\mlJYrstr,

>File not found --

 

========== Safeboot Options ==========

 

"AlternateShell"=cmd.exe

 

========== CDRom AutoRun Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 1

 

========== Autorun Files on Drives ==========

 

Autodesk []

[2008-10-12 01:01:29 | 00,000,000 | ---D | M] -- C:\Autodesk -- [ NTFS ]

 

AUTOEXEC.BAT []

[2007-06-01 08:24:57 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

 

AUTOEXEC.BAT []

[2007-05-31 15:28:49 | 00,000,000 | ---- | M] () -- D:\AUTOEXEC.BAT -- [ NTFS ]

 

========== MountPoints2 ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{620fa4d1-2819-11dd-9827-003005b24535}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{620fa4d1-2819-11dd-9827-003005b24535}\Shell\AutoRun\command]

""=L:\setup.exe -- File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{902feaec-b890-11dd-9926-003005b24535}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{902feaec-b890-11dd-9926-003005b24535}\Shell\AutoRun\command]

""=L:\laucher.exe -- File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[6 C:\WINDOWS\System32\*.tmp files]

[4 C:\WINDOWS\*.tmp files]

[2008-12-20 14:24:45 | 00,423,424 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Hem PC\Skrivbord\OTViewIt.exe

[2008-12-20 13:35:37 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll

[2008-12-20 13:27:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT

[2008-12-20 13:22:54 | 00,000,105 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\eforum01.url

[2008-12-20 13:19:37 | 00,000,000 | ---D | C] -- C:\SDFix

[2008-12-20 13:19:24 | 01,529,241 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\SDFix.exe

[2008-12-20 12:00:27 | 00,000,000 | -H-- | C] () -- C:\Documents and Settings\Hem PC\Mina dokument\Default.rdp

[2008-12-19 23:28:13 | 00,000,000 | ---D | C] -- C:\Program\RelevantKnowledge

[2008-12-19 23:27:53 | 00,000,000 | ---D | C] -- C:\Program\Cliprex DVD Player Professional

[2008-12-14 00:08:15 | 00,004,074 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\Porcupine Tree - fear of a blank planet bass tab.nfo

[2008-12-12 23:11:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Application Data\Stop_Motion_Pro_Projects

[2008-12-12 23:06:43 | 00,000,691 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\Stop Motion Pro v4.lnk

[2008-12-12 23:06:42 | 00,000,000 | ---D | C] -- C:\Program\StopMotionPro4

[2008-12-12 22:33:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Mina dokument\Pivot Figure

[2008-12-12 14:40:12 | 00,000,708 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\VLC media player.lnk

[2008-12-11 17:51:10 | 00,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Pivot Stickfigure Animator.lnk

[2008-12-11 17:51:08 | 00,000,000 | ---D | C] -- C:\Program\Pivot Stickfigure Animator

[2008-12-09 22:14:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Mina dokument\My Virtual Machines

[2008-12-09 21:42:14 | 00,000,000 | ---D | C] -- C:\Program\Microsoft Virtual PC

[2008-12-06 23:23:47 | 00,001,624 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\DOSBox 0.72.lnk

[2008-12-06 23:23:47 | 00,000,000 | ---D | C] -- C:\Program\DOSBox-0.72

[2008-12-06 23:21:39 | 00,000,000 | ---D | C] -- C:\ARENA

[2008-12-06 23:06:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Mina dokument\F3

[2008-12-06 20:28:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Mina dokument\Rockstar Games

[2008-12-06 20:15:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokument\microsoft

[2008-12-06 19:57:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2008-12-06 19:49:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\sv-se

[2008-12-06 19:49:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\sv

[2008-12-06 19:49:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits

[2008-12-06 19:49:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas

[2008-12-06 19:47:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles

[2008-12-06 19:45:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic

[2008-12-06 19:40:35 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$

[2008-12-06 19:40:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\EHome

[2008-12-06 19:23:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\Rockstar Games

[2008-12-06 18:19:01 | 00,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll

[2008-12-06 18:16:36 | 00,000,000 | ---D | C] -- C:\Program\Microsoft Games for Windows - LIVE

[2008-12-06 17:50:24 | 00,000,723 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Rockstar Games Social Club.lnk

[2008-12-06 01:49:40 | 00,000,000 | ---D | C] -- C:\Program\TagRename

[2008-12-05 21:16:01 | 00,001,614 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\Daggerfall XP.lnk

[2008-12-01 20:44:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Mina dokument\My Music

[2008-11-29 21:29:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Mina dokument\Altova

[2008-11-29 21:26:37 | 00,000,000 | ---D | C] -- C:\Program\Delade filer\Altova

[2008-11-29 21:26:37 | 00,000,000 | ---D | C] -- C:\Program\Altova

[2008-11-29 21:26:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Altova

[2008-11-29 21:25:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations

[2008-11-28 15:21:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\Roblox

[2008-11-28 15:20:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\RobloxVersions

[2008-11-28 15:20:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\RobloxDownloads

[2008-11-28 15:20:50 | 00,381,544 | ---- | C] (Roblox Corporation) -- C:\Documents and Settings\Hem PC\Skrivbord\Roblox.exe

[2008-11-26 17:22:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\Fallout3

[2008-11-26 17:12:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Fallout3

[2008-11-26 17:09:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive

[2008-11-25 18:33:05 | 21,116,611 | ---- | C] (Aspyr Media, Inc) -- C:\Documents and Settings\Hem PC\Skrivbord\GH3_PC_1.3_Patch.exe

[2008-11-24 17:51:41 | 00,000,936 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\Ultimate Vice City.lnk

[2008-11-24 15:56:55 | 37,901,698 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\ultimatevicecity2.exe

[2008-11-24 15:46:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Skrivbord\nvc

[2008-11-23 19:18:35 | 00,000,000 | ---D | C] -- C:\FJBeta files

[2008-11-23 17:52:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\EIDOS

[2008-11-23 17:20:55 | 00,000,000 | ---D | C] -- C:\Program\Eidos

[2008-11-23 17:20:07 | 01,627,412 | -HS- | C] () -- C:\WINDOWS\System32\isrbaclb.ini

[2008-11-23 17:19:09 | 00,376,407 | -HS- | C] () -- C:\WINDOWS\System32\rtsrYJlm.ini2

[2008-11-23 17:19:08 | 00,376,407 | -HS- | C] () -- C:\WINDOWS\System32\rtsrYJlm.ini

[2008-11-23 14:46:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Application Data\Blender Foundation

[2008-11-23 14:46:47 | 00,001,722 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Blender.lnk

[2008-11-23 14:46:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blender Foundation

[2008-11-23 14:46:24 | 00,000,000 | ---D | C] -- C:\Program\Blender Foundation

[2008-11-22 15:07:58 | 27,996,672 | ---- | C] () -- C:\Documents and Settings\Hem PC\Mina dokument\output.avi

[2008-11-21 22:47:56 | 00,524,288 | ---- | C] (DivX Inc.) -- C:\WINDOWS\System32\DivXsm.exe

[2008-11-21 22:47:56 | 00,004,816 | ---- | C] () -- C:\WINDOWS\System32\divxsm.tlb

[2008-11-21 22:47:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2008-11-21 22:46:10 | 01,044,480 | ---- | C] (The OpenSSL Project, http://www.openssl.org/'>http://www.openssl.org/'>http://www.openssl.org/'>http://www.openssl.org/) -- C:\WINDOWS\System32\libdivx.dll

[2008-11-21 22:46:10 | 00,200,704 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\ssldivx.dll

[2008-11-21 22:45:16 | 00,196,608 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dtu100.dll

[2008-11-21 22:45:16 | 00,081,920 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll

[2008-11-21 22:45:12 | 00,593,920 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpuGUI11.dll

[2008-11-21 22:45:12 | 00,344,064 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpus11.dll

[2008-11-21 22:45:12 | 00,294,912 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpu11.dll

[2008-11-21 22:45:12 | 00,294,912 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpu10.dll

[2008-11-21 22:45:12 | 00,057,344 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpv11.dll

[2008-11-21 22:45:12 | 00,053,248 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpuGUI10.dll

[2008-11-21 22:45:08 | 00,823,296 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0c.dll

[2008-11-21 22:45:08 | 00,823,296 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx07.dll

[2008-11-21 22:45:08 | 00,815,104 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0a.dll

[2008-11-21 22:45:08 | 00,802,816 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx11.dll

[2008-11-21 22:45:06 | 00,684,032 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivX.dll

[2008-11-21 22:45:00 | 00,729,088 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divxdec.ax

[2008-11-21 22:45:00 | 00,352,401 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\DivXMedia.ax

[2008-11-21 22:44:38 | 00,161,096 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivXCodecVersionChecker.exe

[2008-11-21 22:44:16 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll

[2008-11-21 14:28:14 | 00,001,787 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\Sweet Little Piano 32.lnk

[2008-11-21 14:28:14 | 00,000,000 | ---D | C] -- C:\Program\Roni Music

[2008-11-20 23:06:16 | 00,001,634 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\Collab.lnk

[2008-11-20 23:06:12 | 00,000,802 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\ASIO4ALL v2 Instruction Manual.lnk

[2008-11-20 23:06:12 | 00,000,692 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\ASIO4ALL v2 Off-Line Settings.lnk

[2008-11-20 23:06:12 | 00,000,000 | ---D | C] -- C:\Program\ASIO4ALL v2

[2008-11-20 23:05:49 | 00,225,280 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS\System32\rewire.dll

[2008-11-20 23:05:46 | 00,000,781 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\FL Studio 8.lnk

[2008-11-20 23:04:29 | 00,000,000 | ---D | C] -- C:\Program\Outsim

[2008-11-20 23:02:05 | 00,000,000 | ---D | C] -- C:\Program\Image-Line

[2008-11-20 21:25:26 | 00,113,684 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\Fasten,,, msn ljud.mp3

 

========== Files - Modified Within 30 Days ==========

 

[6 C:\WINDOWS\System32\*.tmp files]

[4 C:\WINDOWS\*.tmp files]

[2008-12-20 14:24:46 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hem PC\Skrivbord\OTViewIt.exe

[2008-12-20 13:49:45 | 00,002,670 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2008-12-20 13:48:59 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2008-12-20 13:48:21 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2008-12-20 13:48:16 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2008-12-20 13:37:45 | 00,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS

[2008-12-20 13:35:38 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll

[2008-12-20 13:23:11 | 00,000,105 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\eforum01.url

[2008-12-20 13:19:33 | 01,529,241 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\SDFix.exe

[2008-12-20 12:59:13 | 00,000,650 | ---- | M] () -- C:\Documents and Settings\Hem PC\Mina dokument\Mina delade mappar.lnk

[2008-12-20 12:00:27 | 00,000,000 | -H-- | M] () -- C:\Documents and Settings\Hem PC\Mina dokument\Default.rdp

[2008-12-20 00:57:25 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2008-12-18 21:37:49 | 00,098,304 | ---- | M] () -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008-12-14 00:08:15 | 00,004,074 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\Porcupine Tree - fear of a blank planet bass tab.nfo

[2008-12-13 01:45:43 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2008-12-13 01:45:28 | 00,000,727 | ---- | M] () -- C:\WINDOWS\win.ini

[2008-12-12 23:06:43 | 00,000,691 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\Stop Motion Pro v4.lnk

[2008-12-12 18:03:18 | 03,088,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll

[2008-12-12 18:03:18 | 03,088,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll

[2008-12-12 14:40:12 | 00,000,708 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\VLC media player.lnk

[2008-12-11 17:51:10 | 00,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Pivot Stickfigure Animator.lnk

[2008-12-10 00:24:37 | 17,593,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

[2008-12-09 21:44:06 | 00,445,472 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat

[2008-12-09 21:44:06 | 00,442,434 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2008-12-09 21:44:06 | 00,084,014 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat

[2008-12-09 21:44:05 | 01,054,330 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2008-12-09 21:44:05 | 00,072,118 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2008-12-07 01:37:21 | 03,710,242 | -H-- | M] () -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\IconCache.db

[2008-12-06 23:23:47 | 00,001,624 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\DOSBox 0.72.lnk

[2008-12-06 19:59:29 | 00,024,312 | ---- | M] () -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\GDIPFONTCACHEV1.DAT

[2008-12-06 19:58:59 | 00,000,078 | -HS- | M] () -- C:\Documents and Settings\Hem PC\Mina dokument\desktop.ini

[2008-12-06 19:58:07 | 01,425,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2008-12-06 19:45:00 | 00,250,560 | RHS- | M] () -- C:\ntldr

[2008-12-06 17:50:24 | 00,000,723 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Rockstar Games Social Club.lnk

[2008-12-05 18:17:36 | 00,001,614 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\Daggerfall XP.lnk

[2008-12-01 20:08:02 | 00,043,520 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt03.dll

[2008-11-28 15:20:51 | 00,381,544 | ---- | M] (Roblox Corporation) -- C:\Documents and Settings\Hem PC\Skrivbord\Roblox.exe

[2008-11-26 18:21:30 | 01,236,208 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe

[2008-11-26 18:18:25 | 00,093,296 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2008-11-26 18:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2008-11-26 18:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2008-11-26 18:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2008-11-26 18:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2008-11-26 18:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2008-11-26 18:15:35 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2008-11-26 18:15:10 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr

[2008-11-26 15:58:32 | 00,376,407 | -HS- | M] () -- C:\WINDOWS\System32\rtsrYJlm.ini

[2008-11-26 15:56:21 | 00,376,407 | -HS- | M] () -- C:\WINDOWS\System32\rtsrYJlm.ini2

[2008-11-25 18:33:48 | 21,116,611 | ---- | M] (Aspyr Media, Inc) -- C:\Documents and Settings\Hem PC\Skrivbord\GH3_PC_1.3_Patch.exe

[2008-11-24 22:14:24 | 00,000,936 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\Ultimate Vice City.lnk

[2008-11-24 17:47:21 | 37,901,698 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\ultimatevicecity2.exe

[2008-11-23 17:20:11 | 01,627,412 | -HS- | M] () -- C:\WINDOWS\System32\isrbaclb.ini

[2008-11-23 14:46:47 | 00,001,722 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Blender.lnk

[2008-11-22 15:50:57 | 00,000,023 | ---- | M] () -- C:\WINDOWS\BlendSettings.ini

[2008-11-22 15:15:06 | 27,996,672 | ---- | M] () -- C:\Documents and Settings\Hem PC\Mina dokument\output.avi

[2008-11-21 22:47:56 | 00,524,288 | ---- | M] (DivX Inc.) -- C:\WINDOWS\System32\DivXsm.exe

[2008-11-21 22:47:56 | 00,004,816 | ---- | M] () -- C:\WINDOWS\System32\divxsm.tlb

[2008-11-21 22:47:52 | 03,596,288 | ---- | M] () -- C:\WINDOWS\System32\qt-dx331.dll

[2008-11-21 22:46:10 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\libdivx.dll

[2008-11-21 22:46:10 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\ssldivx.dll

[2008-11-21 22:45:16 | 00,196,608 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\dtu100.dll

[2008-11-21 22:45:16 | 00,081,920 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll

[2008-11-21 22:45:12 | 00,593,920 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpuGUI11.dll

[2008-11-21 22:45:12 | 00,344,064 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpus11.dll

[2008-11-21 22:45:12 | 00,294,912 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpu11.dll

[2008-11-21 22:45:12 | 00,294,912 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpu10.dll

[2008-11-21 22:45:12 | 00,057,344 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpv11.dll

[2008-11-21 22:45:12 | 00,053,248 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpuGUI10.dll

[2008-11-21 22:45:08 | 00,823,296 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0c.dll

[2008-11-21 22:45:08 | 00,823,296 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx07.dll

[2008-11-21 22:45:08 | 00,815,104 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0a.dll

[2008-11-21 22:45:08 | 00,802,816 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx11.dll

[2008-11-21 22:45:06 | 00,684,032 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivX.dll

[2008-11-21 22:45:00 | 00,729,088 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divxdec.ax

[2008-11-21 22:45:00 | 00,352,401 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\DivXMedia.ax

[2008-11-21 22:44:38 | 00,161,096 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivXCodecVersionChecker.exe

[2008-11-21 22:44:16 | 00,012,288 | ---- | M] () -- C:\WINDOWS\System32\DivXWMPExtType.dll

[2008-11-21 18:37:51 | 00,001,625 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Adobe Acrobat 9 Pro Extended.lnk

[2008-11-21 14:28:14 | 00,001,787 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\Sweet Little Piano 32.lnk

[2008-11-20 23:06:16 | 00,001,634 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\Collab.lnk

[2008-11-20 23:06:12 | 00,000,802 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\ASIO4ALL v2 Instruction Manual.lnk

[2008-11-20 23:06:12 | 00,000,692 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\ASIO4ALL v2 Off-Line Settings.lnk

[2008-11-20 23:05:47 | 00,000,781 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\FL Studio 8.lnk

[2008-11-20 22:23:17 | 00,000,121 | ---- | M] () -- C:\WINDOWS\System32\MASHTWTY.SYS

[2008-11-20 21:25:27 | 00,113,684 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\Fasten,,, msn ljud.mp3

< End of report >

[/log]

 

och "extras":

[log]OTViewIt Extras logfile created on: 2008-12-20 14:25:33 - Run 2

OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\Hem PC\Skrivbord

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

1023,29 Mb Total Physical Memory | 507,82 Mb Available Physical Memory | 49,63% Memory free

3,35 Gb Paging File | 2,90 Gb Available in Paging File | 86,72% Paging File free

Paging file location(s): C:\pagefile.sys 2500 3072;

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 149,05 Gb Total Space | 15,91 Gb Free Space | 10,67% Space Free | Partition Type: NTFS

Drive D: | 149,05 Gb Total Space | 11,15 Gb Free Space | 7,48% Space Free | Partition Type: NTFS

Drive E: | 3,61 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: OSKAR

Current User Name: Hem PC

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled"=1

"AntiVirusDisableNotify"=0

"FirewallDisableNotify"=0

"UpdatesDisableNotify"=0

"AntiVirusOverride"=0

"FirewallOverride"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

"EnableFirewall"=1

"DoNotAllowExceptions"=0

"DisableNotifications"=0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[2008-04-14 17:05:18 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[2008-04-13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[2007-10-18 10:35:08 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[2007-10-02 16:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

[2008-04-14 17:05:18 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[2008-04-14 17:05:04 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8-server

File not found -- C:\Program\Atari\Deer Hunter 2005\DH2005.exe:*:Enabled:DH2005

[2004-09-20 11:38:32 | 04,157,495 | ---- | M] (GameSpy Industries, Inc.) -- C:\Program\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade

[2003-06-25 19:51:22 | 06,885,376 | ---- | M] (The 3DO Company) -- C:\Program\3DO\Heroes of Might and Magic IV\HEROES4S.EXE:*:Enabled:Heroes of Might and Magic® IV: Winds of War™

[2002-12-24 11:11:10 | 06,885,376 | ---- | M] (The 3DO Company) -- C:\Program\3DO\Heroes of Might and Magic IV\heroes4.exe:*:Enabled:Heroes of Might and Magic® IV: Winds of War™

[2006-05-10 00:47:09 | 22,036,480 | ---- | M] () -- D:\Program\3DO\Heroes of might and magic V\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V

[2008-08-02 20:12:42 | 00,106,496 | ---- | M] () -- C:\Program\Steam\steamapps\enemyarcher\source sdk base\hl2.exe:*:Enabled:hl2

[2008-12-20 00:56:31 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program\Mozilla Firefox\firefox.exe:*:Enabled:Firefox

File not found -- D:\Program\Activision\EF2\EF2.exe:*:Enabled:Elite Force II

[2006-09-06 02:39:14 | 00,425,984 | ---- | M] (Autodesk, Inc.) -- C:\Program\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor

[2006-09-06 02:39:10 | 00,110,592 | ---- | M] (Autodesk, Inc.) -- C:\Program\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager

[2006-09-06 02:39:12 | 00,110,592 | ---- | M] (Autodesk, Inc.) -- C:\Program\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server

[2008-10-10 02:00:50 | 00,199,608 | ---- | M] (Vuze Inc.) -- C:\Program\Azureus\Azureus.exe:*:Enabled:Azureus

File not found -- C:\Program\Xfire\xfire.exe:*:Enabled:Xfire

[2008-10-24 23:50:18 | 00,098,304 | ---- | M] () -- C:\Program\Steam\steamapps\enemyarcher\garrysmod\hl2.exe:*:Enabled:hl2

File not found -- C:\Documents and Settings\Hem PC\Skrivbord\WoW-BurningCrusade-enGB-Installer-downloader.exe:*:Enabled:Blizzard Downloader

[2008-03-28 16:32:46 | 07,536,640 | ---- | M] (Electric Rain, Inc.) -- C:\Program\Electric Rain\Swift 3D\Version 5.00\Program\Swift3D.exe:*:Enabled:Swift 3D

[2008-09-28 05:53:06 | 03,497,208 | ---- | M] (Veoh Networks) -- C:\Program\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player

[2008-10-05 18:53:13 | 00,098,304 | ---- | M] () -- C:\Program\Steam\steamapps\enemyarcher\diprip warm up\hl2.exe:*:Enabled:hl2

[2008-10-07 16:17:25 | 00,098,304 | ---- | M] () -- C:\Program\Steam\steamapps\enemyarcher\zombie panic! source\hl2.exe:*:Enabled:hl2

File not found -- C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA

File not found -- C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB

[2006-09-29 22:02:04 | 01,298,944 | ---- | M] (Introversion Software) -- C:\Program\Defcon\defcon.exe:*:Enabled:Defcon

[2008-10-11 16:48:05 | 00,106,496 | ---- | M] () -- C:\Program\Steam\steamapps\enemyarcher\counter-strike source\hl2.exe:*:Enabled:hl2

[2008-03-10 00:22:52 | 07,299,072 | ---- | M] (Autodesk, Inc.) -- C:\Program\Autodesk\3ds Max 2009\3dsmax.exe:*:Enabled:Autodesk 3ds Max 2009 32-bit

[2008-10-25 14:39:22 | 00,086,077 | ---- | M] (Valve) -- C:\Program\Steam\steamapps\enemyarcher\half-life blue shift\hl.exe:*:Enabled:Half-Life Launcher

[2008-10-24 13:28:05 | 00,086,077 | ---- | M] (Valve) -- C:\Program\Steam\steamapps\enemyarcher\team fortress classic\hl.exe:*:Enabled:Half-Life Launcher

[2008-10-24 13:44:46 | 00,086,077 | ---- | M] (Valve) -- C:\Program\Steam\steamapps\enemyarcher\opposing force\hl.exe:*:Enabled:Half-Life Launcher

[2007-03-21 07:40:34 | 18,847,920 | ---- | M] (Adobe Systems Incorporated.) -- D:\Program\Adobe\Adobe Flash CS3\Flash.exe:*:Enabled:Adobe Flash CS3

File not found -- D:\Program\UBISOFT\Tom Clancy's Splinter Cell Chaos Theory\System\splintercell3.exe:*:Enabled:splintercell3

File not found -- C:\Program\Ubisoft\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled:pandora

File not found -- C:\Program\Ubisoft\Splinter Cell Pandora Tomorrow\online\System\shadowstrike_static_retail.exe:*:Enabled:shadowstrike_static_retail

"C:\Program\Ubisoft\Splinter Cell Pandora Tomorrow\online\System\shadowstrike_static_retail.ex"=C:\Program\Ubisoft\Splinter Cell Pandora Tomorrow\online\System\shadowstrike_static_retail.ex:*:Enabled:shadowstrike_static_retail

[2007-03-20 13:38:02 | 00,726,552 | ---- | M] (InterVideo Inc.) -- C:\Program\InterVideo\DVD8\WinDVD.exe:*:Enabled:WinDVD

[2006-10-21 16:55:32 | 00,339,968 | ---- | M] () -- D:\Program\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4

File not found -- C:\Program\Unreal Tournament 3\Binaries\UT3.exe:*:Enabled:UT3

[2008-05-07 14:37:42 | 11,824,128 | ---- | M] (Aspyr Media, Inc.) -- C:\Program\Aspyr\Guitar Hero III\GH3.exe:*:Enabled:Guitar Hero III

[2008-12-13 16:58:25 | 00,306,088 | ---- | M] (Take-Two Interactive Software, Inc.) -- D:\Program\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club

[2008-04-13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[2007-10-18 10:35:08 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[2007-10-02 16:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[2003-12-09 12:23:00 | 03,194,880 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\tillf\Van Buren\F3.exe:*:Enabled:F3

[2008-08-12 17:19:02 | 21,741,864 | R--- | M] (Skype Technologies S.A.) -- C:\Program\Skype\Phone\Skype.exe:*:Enabled:Skype

 

========== (O10) Winsock2 Catalogs ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]

NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -- C:\Program\Bonjour\mdnsNSP.dll (Apple Inc.)

 

========== (O18) Protocol Handlers ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

ipp: [HKLM - No CLSID value]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2005-09-20 11:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2007-10-18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

msdaipp: [HKLM - No CLSID value]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2005-09-20 11:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2005-09-20 11:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2007-10-18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2007-05-10 12:45:34 | 08,069,464 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\Web Components\11\OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2008-08-12 17:19:02 | 01,942,864 | R--- | M] (Skype Technologies) C:\Program\Delade filer\Skype\Skype4COM.dll (skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} (HKLM) [iEProtocolHandler Class])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2007-10-23 11:14:52 | 00,858,136 | ---- | M] (Microsoft Corporation) C:\Program\Windows Live\Mail\mailcomm.dll (wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} (HKLM) [Windows Live Mail HTML Asynchronous Pluggable Protocol Handler])

 

========== (O18) Protocol Filters ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters

[2007-04-19 12:57:40 | 00,046,432 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\OFFICE11\MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{011D0235-589D-4B60-B952-3507C7E8D8D8}"=Multiple Image Resizer .NET

"{0224CACC-994D-45F8-B973-D65056EA9C2F}"=Adobe XMP DVA Panels CS3

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}"=Steam

"{04AF207D-9A77-465A-8B76-991F6AB66245}"=Adobe Help Viewer CS3

"{06F80017-8F98-4C94-B868-52358569FC32}"=Command & Conquer Generals

"{08B32819-6EEF-4057-AEDA-5AB681A36A23}"=Adobe Bridge Start Meeting

"{08B3869E-D282-424C-9AFC-870E04A4BA14}"=Rockstar Games Social Club

"{08CA9554-B5FE-4313-938F-D4A417B81175}"=QuickTime

"{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}"=SimCity™ Societies

"{0CB3C535-1171-4A20-B549-E2CB5DEB9723}"=MySQL Connector/ODBC 3.51

"{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}"=Guitar Hero III

"{11E88997-2B15-4889-B6B8-90460C68D820}}_is1"=Icon Constructor 3

"{127E1DA1-2223-4970-8068-655389516AAA}"=Adobe Flash CS3

"{14C87AA7-08E6-419F-A165-998EBE5023D7}"=Oblivion - Knights of the Nine

"{15014839-85AF-439E-9C3C-A93BB74957B1}"=FPS Creator Model Pack - 11

"{15095BF3-A3D7-4DDF-B193-3A496881E003}"=Microsoft .NET Framework 3.0

"{16D919E6-F019-4E15-BFBE-4A85EF19DA57}"=Oblivion - Spell Tomes

"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}"=Adobe WinSoft Linguistics Plugin

"{18D10072035C4515918F7E37EAFAACFC}"=AutoUpdate

"{1A2A15C2-6780-49c1-B296-503230E9DE00}"=The Sims™ 2 Herrgård och trädgård Prylpaket

"{2023D8DE-CD8E-4958-B831-9DB3166D1B07}"=Swift 3D v5.00

"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}"=InterVideo WinDVD 8

"{20503DFE-E5B2-491E-B2C5-8BCB5BF5B9E9}"=Windows Live Messenger

"{21A127AE-2DAF-40B7-8374-34C3E629521C}"=Far Cry (Patch 1.3)

"{23D683DD-93C6-48E6-B84E-78B57778F126}"=Oblivion - Construction Set

"{23F79416-CAD1-41BF-99A3-040F6C814AAA}"=NVIDIA Photoshop Plug-ins

"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}"=Adobe ExtendScript Toolkit 2

"{24EB39DB-B958-413D-818E-C0875101C96B}"=FPS Creator Model Pack - 10

"{2F2E3D62-8B8C-448F-8900-451325E50948}"=Oblivion - Wizard's Tower

"{3248F0A8-6813-11D6-A77B-00B0D0150000}"=J2SE Runtime Environment 5.0

"{3248F0A8-6813-11D6-A77B-00B0D0160050}"=Java 6 Update 5

"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java 6 Update 7

"{350C941d-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP

"{35758CBD-B141-416D-AE42-BE487C73A8DD}"=PD Media Converter

"{35CB6715-41F8-4F99-8881-6FC75BF054B0}"=Oblivion

"{3ABEBD00-299D-4DCA-967F-B912163AB5EA}"=Oblivion - Horse Armor Pack

"{3B78E403-D116-4C56-9D1E-4C245AFC82D9}"=FPS Creator Model Pack - 2

"{3D347E6D-5A03-4342-B5BA-6A771885F379}"=Backburner

"{3DE0053C-FD9A-483E-B7C9-B06E4392206E}"=iTunes

"{444E3FAE-DC6D-498B-BF98-6B6B61CA46D9}"=FPS Creator Model Pack - 9

"{44863FE1-AE61-4C81-9BF6-FBC467785D32}"=Taito Legends

"{45235788-142C-44BE-8A4D-DDE9A84492E5}"=AGEIA PhysX v7.09.13

"{4817189D-1785-4627-A33C-39FD90919300}"=The Sims™ 2 Djurliv

"{485ACF57-F364-440A-8496-E1E81C8FA1AA}"=Adobe Premiere Pro CS3 Third Party Content

"{491DD792-AD81-429C-9EB4-86DD3D22E333}"=Windows Communication Foundation

"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}"=Microsoft Games for Windows - LIVE

"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}"=Grand Theft Auto Vice City

"{4F4BB48A-7F05-4CB8-B8F4-81581DC51090}"=FPS Creator Model Pack - 4

"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}"=Adobe Premiere Pro CS3 Functional Content

"{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}"=Oblivion - Vile Lair

"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}"=Adobe Audition 3.0

"{54793AA1-5001-42F4-ABB6-C364617C6078}"=Adobe Linguistics CS3

"{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1"=iolo technologies' System Mechanic

"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}"=Adobe Premiere Pro CS3

"{5C648FDB-0138-4619-B66E-230EF53E8E2C}"=The Sims™ 2 Tonårsprylar Prylpaket

"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}"=Skype™ 3.8

"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}"=PlayNC Launcher

"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}"=Adobe Setup

"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}"=The Sims™ 2 Kök & badrum Heminredning Prylpaket

"{667A1F4B-BFFA-4CF0-8C0B-6ED397370BCB}"=Immortal Cities: Children of the Nile

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update

"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}"=Adobe Fonts All

"{6C70ACE2-6EF2-4F8D-8C4A-78198AA979DD}"=Maya 2008 Documentation (en_US)

"{6D3A42EA-DFD9-4E8A-A9DC-3DE9B162BEDD}"=Sony Vegas Movie Studio 8.0

"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}"=Adobe Color Common Settings

"{6E17F9751-F056-4335-B718-8AF1B1092AFB}"=The Sims™ 2 IKEA® Heminredning Prylpaket

"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}"=Adobe Asset Services CS3

"{71E13F8B-365D-4FCF-BA69-9209FAF9D680}"=FPS Creator Model Pack - 5

"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable

"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}"=RollerCoaster Tycoon 2

"{73B5D990-04EA-4751-B10F-5534770B91F2}"=Adobe Color EU Recommended Settings

"{74C8BF56-6618-49AA-98BA-862223900CBF}"=Norman Internet Control

"{7664A2EF-34F5-42D2-8FD8-4FEF0047A929}"=Windows Live Mail

"{7784A172-61F1-445E-8368-601607E0DD22}"=MP3 Player Utilities 4.00

"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}"=The Sims 2 Arbetsliv

"{7B63B2922B174135AFC0E1377DD81EC2}"=DivX Codec

"{7C833363-F177-4600-BDF6-B2BA872550FE}"=Blitz3D

"{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}"=3dsmax ancillary install

"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}"=Windows Workflow Foundation

"{85262A06-2D8C-4BC1-B6ED-5A705D09CFFC}"=Apache HTTP Server 2.2.9

"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}"=The Sims™ 2 Fritid

"{888DD888-82BE-4D85-BCB2-2E042CD3E844}"=Tom Clancy's Splinter Cell Chaos Theory

"{8922F418-1066-4FED-AF92-278EAF8DE5B2}"=TortoiseSVN 1.5.3.13783 (32 bit)

"{89661B04-C646-4412-B6D3-5E19F02F1F37}"=EAX4 Unified Redist

"{8A7CAA24-7B23-410B-A7C3-F994B0944160}"=Microsoft Virtual PC 2007

"{8ADFC4160D694100B5B8A22DE9DCABD9}"=DivX Player

"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}"=Adobe Device Central CS3

"{8DE292EC-FA26-4526-BFEB-3EE820E97005}"=OpenOffice.org Installer 1.0

"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}"=SWAT 4

"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}"=Adobe Type Support

"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}"=The Sims 2 University

"{9012041D-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Standard Edition 2003

"{90176341-0A8B-4CCC-A78D-F862228A6B95}"=Adobe Anchor Service CS3

"{907B4640-266B-4A21-92FB-CD1A86CD0F63}"=RollerCoaster Tycoon 3 Platinum

"{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}"=Camera RAW Plug-In for EPSON Creativity Suite

"{9523158E-3FBA-5FB0-762A-A2BFD2E8434F}"=BIONICLE Heroes

"{974C4B12-4D02-4879-85E0-61C95CC63E9E}"=Fallout 3

"{992A2DB1-4ABC-4738-BD71-045C5FFE00D1}"=Microsoft .NET Framework 1.1 Swedish Language Pack

"{9A346205-EA92-4406-B1AB-50379DA3F057}"=Autodesk DWF Viewer 7

"{9B0F9788-3141-4009-846E-52E59843E963}"=SimCity™ Societies

"{9B233020-3352-4F7A-B9E8-B97BEC682539}"=Adobe Flash Video Encoder

"{9C244239-ED8E-40f1-937F-51C706CD2160}"=The Sims™ 2 Deluxe

"{9C9824D9-9000-4373-A6A5-D0E5D4831394}"=Adobe Bridge CS3

"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}"=SPORE™

"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}"=Adobe CMaps

"{A34337A1-30AE-4260-B508-2C0697C711F3}_is1"=Frets on Fire MFH-Alarian Mod v2.940

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}"=Microsoft Visual C++ 2005 Redistributable

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}"=Google Update

"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}"=PDF Settings

"{AC76BA86-1033-F400-7761-000000000004}"=Adobe Acrobat 9 Pro Extended - English, Français, Deutsch

"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}"=Adobe Acrobat 9 Pro Extended - English, Français, Deutsch

"{AC76BA86-7AD7-1053-7B44-A81200000003}"=Adobe Reader 8.1.2 - Svenska

"{AED21179-5EBE-4737-94B0-37BFFDF8DA66}"=Benge's Animated Sprite Pack For FPS Creator

"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}"=Windows Live inloggningsassistenten

"{AFEA5739-4FFC-4304-BF1E-BAE4772CF54D}"=FPS Creator Model Pack

"{B13A7C41581B411290FBC0395694E2A9}"=DivX Converter

"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}"=Adobe Camera Raw 4.0

"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}"=Adobe Setup

"{B508B3F1-A24A-32C0-B310-85786919EF28}"=Microsoft .NET Framework 2.0 Service Pack 1

"{B6F5B704-06D3-4687-90F3-6195304AD755}"=The Sims™ 2 Livet i lägenhet

"{B7050CBDB2504B34BC2A9CA0A692CC29}"=DivX Web Player

"{B7666229-351B-47D9-AA6F-DF777CF04BBF}"=Caesar IV

"{B91E4360-298A-4306-9E95-9AD91A0952A1}"=FPS Creator

"{B975F4A1-63B6-11D4-BFEC-005004AF2D32}"=Monopoly Tycoon

"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}"=Adobe Default Language CS3

"{BAF78226-3200-4DB4-BE33-4D922A799840}"=Windows Presentation Foundation

"{BB81360F-041C-4CF7-B15E-71380D154244}"=Adobe Setup

"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}"=Adobe Flash Player 9 ActiveX

"{BDB48672-B567-4A4B-989E-0A7C2E220B6F}"=FPS Creator Model Pack - 16

"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}"=Pivot Stickfigure Animator

"{C033BF6E-9D82-4E0B-A46E-ABC746D6F431}"=Autodesk DirectConnect 2.0

"{C51C9169-0D09-4D7F-A8E8-0E6D21D80721}"=Altova XMLSpy® 2008 rel. 2 sp2 Enterprise Edition

"{C5E5084B-3149-4E76-ACF9-9412A7D10342}"=Endless Ages

"{C8C8387B-A98B-44E8-807A-1A9B7F51FFDA}"=Blaze Media Pro

"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}"=Safari

"{CAD1691A-FA24-4B95-9009-3257B8440ECC}"=Tom Clancy's Splinter Cell Double Agent

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1

"{CC38C3D1-0359-4308-9DB8-194F8D92B2B6}"=PD Media Converter

"{d08d9f98-1c78-4704-87e6-368b0023d831}"=RelevantKnowledge

"{D0DFF92A-492E-4C40-B862-A74A173C25C5}"=Adobe Version Cue CS3 Client

"{D1C7BB12-BE01-11DC-AAC9-EEBA55D89593}"=SimCity™ Societies Destinations

"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}"=Adobe PDF Library Files

"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}"=Adobe XMP Panels CS3

"{DD362256-A7A2-4524-9457-213DDC2AFC2A}"=Adobe After Effects 7.0

"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}"=Adobe Color JA Extra Settings

"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}"=The Sims 2 Seasons

"{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}"=Prince of Persia T2T

"{E47BA573-BBC4-40C1-8A7D-B25F2F2B0DAE}"=Far Cry (Patch 1.32)

"{E6342632-BA22-4FE2-A32E-E664684AD659}"=FPS Creator Model Pack - 3

"{E69AE897-9E0B-485C-8552-7841F48D42D8}"=Adobe Update Manager CS3

"{EC425CFC-EE78-4A91-AA25-3BFA65B75364}"=Oblivion - Orrery

"{EE8592F6-FC2B-4AFD-B527-109D127C039F}"=Far Cry (Patch 1.31)

"{EF295F5C-7B57-47AA-8889-6B3E8E214E89}"=Oblivion - Mehrunes Razor

"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}"=Adobe Photoshop CS

"{F07B9FCF-02F5-4205-B88C-13C8A747806B}"=Adobe Setup

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver

"{F65A3F51-9BF7-475F-9E34-D1EBB91F8FCF}"=Firmware Utility

"{F6D05799-9659-48CD-8B8A-1AC424A572A9}"=FPS Creator Model Pack - 7

"{F964E0BB-3AD6-4188-B985-453037BE8FFD}"=FPS Creator Model Pack - 6

"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}"=Microsoft Games for Windows - LIVE Redistributable

"{FDD8070F-E3B9-0409-822C-CCFE5E82C14D}"=Autodesk 3ds Max 2009 32-bit

"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}"=Adobe Color NA Extra Settings

"{FFFFFD17-B460-41EB-93F1-C48ABAD63828}"=Oblivion - Thieves Den

"7-Zip"=7-Zip 4.57

"Adobe After Effects 7.0"=Adobe After Effects 7.0

"Adobe Audition 3.0"=Adobe Audition 3.0

"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX

"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin

"Adobe_32fdd767b4383606e8168e834af5d90"=Adobe Premiere Pro CS3

"Adobe_3e054d2218e7aa282c2369d939e58ff"=Adobe ExtendScript Toolkit 2

"Adobe_6c8e2cb4fd241c55406016127a6ab2e"=Adobe Color Common Settings

"Adobe_733ba5a8c93b3744f432cf39a12ee09"=Adobe Flash CS3 Professional

"All To MP3 Converter_is1"=All To MP3 Converter 2.15

"AllToAVI"=AllToAVI v4 r5394

"ASIO4ALL"=ASIO4ALL

"AstroSynthesis_is1"=AstroSynthesis v2.01b TRIAL

"ATI Display Driver"=ATI Display Driver

"AudioConverter Studio_is1"=AudioConverter Studio 5.9

"AutoRun Pro Enterprise_is1"=AutoRun Pro Enterprise version 8.0

"avast!"=avast! Antivirus

"Blaze Audio VoiceSFX Trial_is1"=Blaze Audio VoiceSFX Trial

"Blaze Media Pro"=Blaze Media Pro

"Blender"=Blender (remove only)

"Bridge Building Game"=Bridge Building Game

"BTmod"=Oblivion - BTmod 2.20

"Cheat Engine 5.4_is1"=Cheat Engine 5.4

"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1"=SoftV92 Data Fax Modem with SmartCP

"Collab"=Collab

"Darwinia"=Darwinia

"DC++"=DC++ 0.698

"DDS Converter 2.1"=DDS Converter 2.1

"Defcon_is1"=Defcon

"Dev-C++"=Dev-C++ 5 beta 9 release (4.9.9.2)

"Diablo II"=Diablo II

"EarthsimChannel"=Earthsim

"Easy GIF Animator Pro_is1"=Easy GIF Animator 4.8 Pro

"Easy GIF Animator_is1"=Easy GIF Animator 4.8

"Easy Icon Maker"=Easy Icon Maker

"Exact Audio Copy"=Exact Audio Copy 0.99pb4

"FBX Plugin 2009.0 for Max 2009"=FBX Plugin 2009.0 for Max 2009

"File Writer output plugin"=File Writer output plugin for WinAMP 2 v1.21 (remove only)

"FL Studio 8"=FL Studio 8

"FLAC"=FLAC 1.2.1b (remove only)

"Font Creator Program_is1"=Font Creator Program 4.1

"Fraps"=Fraps (remove only)

"Frets on Fire"=Frets On Fire

"Gadwin PrintScreen"=Gadwin PrintScreen

"GIF Animator"=Microsoft GIF Animator

"GLOBEtrotter FLEXid Drivers"=GLOBEtrotter FLEXid Drivers

"GLtron_is1"=GLtron version 0.70

"GSpot"=GSpot Codec Information Appliance

"Guild Wars"=Guild Wars

"Guitar Pro 5_is1"=Guitar Pro 5.2

"Heroes of Might and Magic IV"=Heroes of Might and Magic® IV: Winds of War

"HijackThis"=HijackThis 2.0.2

"IcoFX_is1"=IcoFX 1.6

"IL Download Manager"=IL Download Manager

"ImageToAVI_is1"=ImageToAVI 1.0.0.5

"Install Creator Pro"=Install Creator Pro

"InstallShield_{011D0235-589D-4B60-B952-3507C7E8D8D8}"=Multiple Image Resizer .NET

"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}"=Command & Conquer Generals

"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}"=InterVideo WinDVD 8

"InstallShield_{667A1F4B-BFFA-4CF0-8C0B-6ED397370BCB}"=Immortal Cities: Children of the Nile

"InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}"=SWAT 4

"LastFM_is1"=Last.fm 1.5.2.38918

"Leadwerks Engine Evaluation Kit_is1"=Leadwerks Engine Evaluation Kit

"MAGIX music maker 2005 deLuxe"=MAGIX music maker 2005 deLuxe

"Messenger Plus! Live"=Messenger Plus! Live

"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.0"=Microsoft .NET Framework 3.0

"MilkShape 3D 1.7.10"=MilkShape 3D 1.7.10

"MiniLyrics"=Minilyrics(remove only)

"Mirage Driver_is1"=Mirage Driver 1.1

"Mozilla Firefox (3.0.5)"=Mozilla Firefox (3.0.5)

"MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP

"Nature Illusion Studio"=Nature Illusion Studio

"NeroMultiInstaller!UninstallKey"=Nero Suite

"NewBlue Cartoonr for Premiere"=NewBlue Cartoonr for Premiere

"NIF Utilities for 3ds Max_is1"=NIF Utilities 3.0.10 for 3ds Max

"NifSkope"=NifSkope (remove only)

"NoAdware 5.0_is1"=NoAdware v5.0

"Oblivion mod manager_is1"=Oblivion mod manager 1.1.9

"OpenAL"=OpenAL

"Piranha Panic Demo"=Piranha Panic Demo

"PoiZone"=PoiZone

"Pontifex Demo_is1"=Pontifex Demo 10.19.01

"Postal 2"=Postal 2

"PowerISO"=PowerISO

"Rainbow Sentinel Driver"=Sentinel System Driver

"Return to Castle Wolfenstein"=Return to Castle Wolfenstein

"SiS163u"=Fujitsu Siemens Computers WLAN 802.11b/g D1705/D1706

"Skulltag"=Skulltag

"Steam App 130"=Half-Life: Blue Shift

"Steam App 17500"=Zombie Panic! Source

"Steam App 17530"=D.I.P.R.I.P. Warm Up

"Steam App 215"=Source SDK Base

"Steam App 3482"=Peggle Deluxe Demo

"Steam App 3483"=Peggle Extreme

"Steam App 4000"=Garry's Mod

"Steam App 50"=Opposing Force

"Steam App 70"=Half-Life

"Stop Motion Pro v4_is1"=Stop Motion Pro v4

"StreamPlug"=StreamPlug Player

"Super Screen Recorder_is1"=Super Screen Recorder 2.3

"Sweet Little Piano 32"=Sweet Little Piano 32 (remove only)

"Tag&Rename_is1"=Tag&Rename 3.4.6

"Texporter_max9_x86"=Texporter v3.5.18.9_x86

"Texture Maker_is1"=Texture Maker 3.03

"Toxic Biohazard"=Toxic Biohazard

"Uplink"=Uplink

"UT2004"=Unreal Tournament 2004

"Veoh Web Player Beta"=Veoh Web Player Beta

"WIC"=Windows Imaging Component

"Video to GIF Converter_is1"=Video to GIF Converter 3.0

"Winamp"=Winamp

"Windows Live OneCare safety scanner"=Windows Live OneCare safety scanner

"Windows Media Format Runtime"=Windows Media Format 11 runtime

"Windows Media Player"=Windows Media Player 11

"Windows XP Service Pack"=Windows XP Service Pack 3

"WinRAR archiver"=WinRAR archiver

"VLC media player"=VLC media player 0.9.8a

"WMFDist11"=Windows Media Format 11 runtime

"wmp11"=Windows Media Player 11

"World of Warcraft"=World of Warcraft

"Wudf01000"=Microsoft User-Mode Driver Framework Feature Pack 1.0

"Vuze"=Vuze

"Xbox_360_CC_Driver"=Xbox 360 Controller for Windows

"XiphQT"=Xiph QuickTime Components

"XpsEPSC"=XML Paper Specification Shared Components Pack 1.0

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{373B1718-8CC5-4567-8EE2-9033AD08A680}"=Roblox for Hem PC

"The Elder Scrolls II: Daggerfall WinXP"=The Elder Scrolls II: Daggerfall WinXP

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{373B1718-8CC5-4567-8EE2-9033AD08A680}"=Roblox for Hem PC

"The Elder Scrolls II: Daggerfall WinXP"=The Elder Scrolls II: Daggerfall WinXP

 

========== Last 10 Event Log Errors ==========

 

[ Antivirus Events ]

Error - 2008-08-23 16:20:17 | Computer Name = OSKAR | Source = avast! | ID = 33554522

Description = Error in library avUInt: ActiveSkin not installed or not registered

properly.

 

Error - 2008-08-23 16:20:52 | Computer Name = OSKAR | Source = avast! | ID = 33554522

Description = Error in library avUInt: ActiveSkin not installed or not registered

properly.

 

Error - 2008-08-23 16:21:54 | Computer Name = OSKAR | Source = avast! | ID = 33554522

Description = Error in library avUInt: ActiveSkin not installed or not registered

properly.

 

Error - 2008-08-23 16:21:56 | Computer Name = OSKAR | Source = avast! | ID = 33554522

Description = Error in library avUInt: ActiveSkin not installed or not registered

properly.

 

Error - 2008-08-23 16:22:07 | Computer Name = OSKAR | Source = avast! | ID = 33554522

Description = Error in library avUInt: ActiveSkin not installed or not registered

properly.

 

Error - 2008-08-23 16:22:37 | Computer Name = OSKAR | Source = avast! | ID = 33554522

Description = Error in library avUInt: ActiveSkin not installed or not registered

properly.

 

Error - 2008-08-28 13:27:30 | Computer Name = OSKAR | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

P:\DCIM\100SSCAM\SSA54995.JPG failed, 0000001E.

 

Error - 2008-09-23 04:46:07 | Computer Name = OSKAR | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\DOCUMENTS AND SETTINGS\HEM PC\LOKALA INSTäLLNINGAR\APPLICATION DATA\MICROSOFT\WINDOWS

LIVE CONTACTS\OSKAR_KRISTENSSON@HOTMAIL.COM\REAL\CONTACTCOLL.CACHE failed, 00000005.

 

 

Error - 2008-09-23 04:46:07 | Computer Name = OSKAR | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\DOCUMENTS AND SETTINGS\HEM PC\LOKALA INSTäLLNINGAR\APPLICATION DATA\MICROSOFT\WINDOWS

LIVE CONTACTS\OSKAR_KRISTENSSON@HOTMAIL.COM\REAL\MEMBERS.STG failed, 00000005.

 

 

Error - 2008-09-23 04:46:07 | Computer Name = OSKAR | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

C:\DOCUMENTS AND SETTINGS\HEM PC\CONTACTS\OSKAR_KRISTENSSON@HOTMAIL.COM\CONTACTCOLL.CACHE

failed, 00000005.

 

[ Application Events ]

Error - 2008-11-30 16:42:12 | Computer Name = OSKAR | Source = Application Hang | ID = 1002

Description = Stoppat program wmplayer.exe, version 11.0.5721.5145, stoppad modul

hungapp, version 0.0.0.0, stoppad adress 0x00000000.

 

Error - 2008-11-30 19:20:50 | Computer Name = OSKAR | Source = Apache Service | ID = 3299

Description = The Apache service named reported the following error: >>> httpd.exe:

Could not reliably determine the server's fully qualified domain name, using 192.168.0.120

for ServerName .

 

Error - 2008-12-01 12:25:37 | Computer Name = OSKAR | Source = Apache Service | ID = 3299

Description = The Apache service named reported the following error: >>> httpd.exe:

Could not reliably determine the server's fully qualified domain name, using 192.168.0.120

for ServerName .

 

Error - 2008-12-02 10:31:44 | Computer Name = OSKAR | Source = Apache Service | ID = 3299

Description = The Apache service named reported the following error: >>> httpd.exe:

Could not reliably determine the server's fully qualified domain name, using 192.168.0.120

for ServerName .

 

Error - 2008-12-02 18:39:08 | Computer Name = OSKAR | Source = Application Error | ID = 1000

Description = Felaktigt program fallout3.exe, version 1.0.0.12, felaktig modul ntdll.dll,

version 5.1.2600.2180, felaktig adress 0x00018fea.

 

Error - 2008-12-03 13:39:44 | Computer Name = OSKAR | Source = Apache Service | ID = 3299

Description = The Apache service named reported the following error: >>> httpd.exe:

Could not reliably determine the server's fully qualified domain name, using 192.168.0.120

for ServerName .

 

Error - 2008-12-03 18:37:15 | Computer Name = OSKAR | Source = Application Error | ID = 1000

Description = Felaktigt program fallout3.exe, version 1.0.0.12, felaktig modul ntdll.dll,

version 5.1.2600.2180, felaktig adress 0x00018fea.

 

Error - 2008-12-04 11:22:14 | Computer Name = OSKAR | Source = Apache Service | ID = 3299

Description = The Apache service named reported the following error: >>> httpd.exe:

Could not reliably determine the server's fully qualified domain name, using 192.168.0.120

for ServerName .

 

Error - 2008-12-05 08:57:20 | Computer Name = OSKAR | Source = Apache Service | ID = 3299

Description = The Apache service named reported the following error: >>> httpd.exe:

Could not reliably determine the server's fully qualified domain name, using 192.168.0.120

for ServerName .

 

Error - 2008-12-05 11:16:03 | Computer Name = OSKAR | Source = Application Error | ID = 1000

Description = Felaktigt program fallout3.exe, version 1.0.0.12, felaktig modul fallout3.exe,

version 1.0.0.12, felaktig adress 0x006d9558.

 

[ System Events ]

Error - 2008-12-20 08:26:15 | Computer Name = OSKAR | Source = DCOM | ID = 10005

Description = DCOM fick felet %1084 vid försök att starta tjänsten StiSvc med argumenten

för att köra servern: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

 

Error - 2008-12-20 08:26:18 | Computer Name = OSKAR | Source = Service Control Manager | ID = 7001

Description = Tjänsten DHCP Client är beroende av tjänsten NetBios over Tcpip. Den

sistnämnda kunde inte starta på grund av följande fel: %%31

 

Error - 2008-12-20 08:26:18 | Computer Name = OSKAR | Source = Service Control Manager | ID = 7001

Description = Tjänsten DNS Client är beroende av tjänsten TCP/IP Protocol Driver.

Den sistnämnda kunde inte starta på grund av följande fel: %%31

 

Error - 2008-12-20 08:26:18 | Computer Name = OSKAR | Source = Service Control Manager | ID = 7001

Description = Tjänsten TCP/IP NetBIOS Helper är beroende av tjänsten AFD. Den sistnämnda

kunde inte starta på grund av följande fel: %%31

 

Error - 2008-12-20 08:26:18 | Computer Name = OSKAR | Source = Service Control Manager | ID = 7001

Description = Tjänsten Apache2.2 är beroende av tjänsten AFD. Den sistnämnda kunde

inte starta på grund av följande fel: %%31

 

Error - 2008-12-20 08:26:18 | Computer Name = OSKAR | Source = Service Control Manager | ID = 7001

Description = Tjänsten IPSEC Services är beroende av tjänsten IPSEC driver. Den

sistnämnda kunde inte starta på grund av följande fel: %%31

 

Error - 2008-12-20 08:26:18 | Computer Name = OSKAR | Source = Service Control Manager | ID = 7026

Description = Följande start- eller systemstartdrivrutin(er) avbröts på grund av

fel under start: Aavmker4 AFD aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd

Rdbss

SCDEmu

Tcpip

vmm

 

Error - 2008-12-20 08:46:57 | Computer Name = OSKAR | Source = DCOM | ID = 10005

Description = DCOM fick felet %1084 vid försök att starta tjänsten EventSystem med

argumenten för att köra servern: {1BE1F766-5536-11D1-B726-00C04FB926AF}

 

Error - 2008-12-20 08:48:58 | Computer Name = OSKAR | Source = Service Control Manager | ID = 7000

Description = Tjänsten DS1410D kunde inte startas på grund av följande fel: %%20

 

Error - 2008-12-20 08:48:58 | Computer Name = OSKAR | Source = Service Control Manager | ID = 7000

Description = Tjänsten npkcrypt kunde inte startas på grund av följande fel: %%2

 

 

< End of report >

[/log]

 

Link to comment
Share on other sites

Ladda ner Malwarebytes Anti-Malware (MBAM) från en av dessa länkar:

http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

http://projects.securitywonks.net/projects/details.php?file=158

Dubbelklicka på mbam-setup för att installera programmet.

 

[log]Se till i slutet av installationen att det är bockar för:

Uppdatera Malwarebytes' Anti-Malware

Starta Malwarebytes' Anti-Malware

Tryck på Slutför

Om det finns någon uppdatering så kommer den att laddas ner och installeras.

 

När programmet startar så välj "Utför snabb skanning" och tryck på Skanna.

Skanningen tar ett tag.

När den är klar så tryck på OK och sedan "Visa resultat".

Bocka för allt och tryck sedan Ta bort markerade.

När borttagningen är klar så öppnar Anteckningar med en logg.

 

Eventuellt så kommer det upp en begäran om att starta om datorn (Restart). I så fall gör det.

Om det blir ett felmeddelande Error loading... efter omstarten så starta om datorn än en gång.

Om programmet inte kommer igång efter omstarten så starta det.

 

Om loggen inte kommer upp själv i Anteckningar så hittar du loggen på fliken Loggar i MBAM.

Kopiera loggen och klistra in den i ditt svar tillsammans med en ny OTViewIt-logg (inte extra-loggen).[/log]

 

Link to comment
Share on other sites

konstig-knäppjök

ok, här:

 

[log]Malwarebytes' Anti-Malware 1.31

Databasversion: 1525

Windows 5.1.2600 Service Pack 3

 

2008-12-20 15:02:34

mbam-log-2008-12-20 (15-02-34).txt

 

Skanningstyp: Snabb skanning

Antal skannade objekt: 52830

Förfluten tid: 4 minute(s), 24 second(s)

 

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 11

Infekterade registervärden: 3

Infekterade registerdataposter: 1

Infekterade mappar: 1

Infekterade filer: 5

 

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

 

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

 

Infekterade registernycklar:

HKEY_CLASSES_ROOT\ffddffdd (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\fffccd.bho (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{2230e4d5-369d-4cb6-87c0-186362305c56} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{db608aae-630e-4705-b1a2-b0b0f5dae6cf} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7bc6b793-bbaa-4eed-9e56-8cbfa6f5bb03} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{56d182b7-c06b-4a37-85f3-a7c018def8a7} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7fc793e3-2599-4e31-9806-1e7bff68f894} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.

 

Infekterade registervärden:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{7fc793e3-2599-4e31-9806-1e7bff68f894} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{7bc6b793-bbaa-4eed-9e56-8cbfa6f5bb03} (Trojan.Vundo) -> Quarantined and deleted successfully.

 

Infekterade registerdataposter:

HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully.

 

Infekterade mappar:

C:\Program\RelevantKnowledge (Spyware.Marketscore) -> Quarantined and deleted successfully.

 

Infekterade filer:

C:\Program\RelevantKnowledge\rlls.dll (Spyware.Marketscore) -> Quarantined and deleted successfully.

C:\Program\RelevantKnowledge\rloci.bin (Spyware.Marketscore) -> Quarantined and deleted successfully.

C:\Program\RelevantKnowledge\rlservice.exe (Spyware.Marketscore) -> Quarantined and deleted successfully.

C:\Program\RelevantKnowledge\rlvknlg.exe (Spyware.Marketscore) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.

[/log]

 

[log]OTViewIt logfile created on: 2008-12-20 15:10:16 - Run 3

OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\Hem PC\Skrivbord

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

1023,29 Mb Total Physical Memory | 522,83 Mb Available Physical Memory | 51,09% Memory free

3,35 Gb Paging File | 2,91 Gb Available in Paging File | 86,81% Paging File free

Paging file location(s): C:\pagefile.sys 2500 3072;

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 149,05 Gb Total Space | 15,91 Gb Free Space | 10,67% Space Free | Partition Type: NTFS

Drive D: | 149,05 Gb Total Space | 11,15 Gb Free Space | 7,48% Space Free | Partition Type: NTFS

Drive E: | 3,61 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: OSKAR

Current User Name: Hem PC

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

 

========== Processes ==========

 

[2007-05-18 02:49:14 | 00,479,232 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe

[2007-05-18 02:49:14 | 00,479,232 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe

[2008-11-26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\aswUpdSv.exe

[2008-11-26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashServ.exe

[2008-08-30 21:01:38 | 00,577,024 | ---- | M] (http://tortoisesvn.net) -- C:\Program\TortoiseSVN\bin\TSVNCache.exe

[2006-07-21 16:14:36 | 00,086,016 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE

[2006-05-04 16:26:36 | 02,808,832 | R--- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE

[2008-11-26 18:18:51 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashDisp.exe

[2006-03-20 17:34:50 | 00,213,936 | ---- | M] (Macrovision Corporation) -- C:\Program\Delade filer\InstallShield\UpdateService\ISUSPM.exe

[2008-06-11 21:43:26 | 00,640,376 | ---- | M] (Adobe Systems Inc.) -- D:\Program\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

[2007-10-18 10:35:08 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\msnmsgr.exe

[2008-04-14 17:05:16 | 00,216,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\osk.exe

[2008-06-13 03:05:04 | 00,024,635 | ---- | M] (Apache Software Foundation) -- C:\Program\Apache Software Foundation\Apache2.2\bin\httpd.exe

[2008-10-12 01:26:12 | 00,079,360 | ---- | M] (Autodesk) -- C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe

[2004-08-04 13:00:00 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msswchx.exe

[2008-08-15 15:46:00 | 00,596,328 | ---- | M] () -- C:\Program\iolo\Common\Lib\ioloServiceManager.exe

[2008-06-13 03:05:04 | 00,024,635 | ---- | M] (Apache Software Foundation) -- C:\Program\Apache Software Foundation\Apache2.2\bin\httpd.exe

[2008-03-09 23:04:52 | 00,065,536 | ---- | M] () -- C:\Program\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe

[2008-11-26 18:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashWebSv.exe

[2008-10-16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe

[2008-12-20 00:56:31 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program\Mozilla Firefox\firefox.exe

[2008-12-03 19:52:32 | 01,265,296 | ---- | M] (Malwarebytes Corporation) -- C:\Program\Malwarebytes' Anti-Malware\mbam.exe

[2008-12-20 14:24:46 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hem PC\Skrivbord\OTViewIt.exe

 

========== (O23) Win32 Services ==========

 

[2008-08-01 20:12:29 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])

[2008-06-13 03:05:04 | 00,024,635 | ---- | M] (Apache Software Foundation) -- C:\Program\Apache Software Foundation\Apache2.2\bin\httpd.exe -- (Apache2.2 [Auto | Running])

[2007-10-24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])

[2008-11-26 18:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])

[2007-05-18 02:49:14 | 00,479,232 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])

[2007-05-17 20:05:00 | 00,520,192 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])

[2008-10-12 01:26:12 | 00,079,360 | ---- | M] (Autodesk) -- C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service [Auto | Running])

[2008-11-26 18:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])

[2008-11-26 18:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Stopped])

[2008-11-26 18:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])

[2007-07-24 14:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program\Bonjour\mDNSResponder.exe -- (Bonjour Service [Disabled | Stopped])

[2007-10-24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

[2007-05-02 08:13:00 | 00,150,584 | ---- | M] (Norman ASA) -- C:\Norman\npm\bin\elogsvc.exe -- (eLoggerSvc6 [Disabled | Stopped])

[2008-10-11 21:34:42 | 00,651,720 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [Disabled | Stopped])

[2006-10-20 20:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])

[2004-10-22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program\Delade filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])

[2006-10-30 02:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped])

[2008-08-15 15:46:00 | 00,596,328 | ---- | M] () -- C:\Program\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList [Auto | Running])

[2008-08-15 15:46:00 | 00,596,328 | ---- | M] () -- C:\Program\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService [Auto | Running])

[2008-07-30 09:47:48 | 00,532,264 | ---- | M] (Apple Inc.) -- C:\Program\iPod\bin\iPodService.exe -- (iPod Service [Disabled | Stopped])

[2007-01-04 19:48:52 | 00,112,152 | R--- | M] (InterVideo) -- C:\Program\Delade filer\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr [Disabled | Stopped])

[2008-03-09 23:04:52 | 00,065,536 | ---- | M] () -- C:\Program\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe -- (mi-raysat_3dsMax2009_32 [Auto | Running])

[2006-10-30 02:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

[2007-03-16 10:28:26 | 00,150,584 | ---- | M] () -- C:\Norman\npm\bin\Njeeves.exe -- (Norman NJeeves [Disabled | Stopped])

[2007-03-26 11:31:12 | 00,322,616 | ---- | M] (Norman ASA) -- C:\Norman\npm\bin\Zanda.exe -- (Norman ZANDA [Disabled | Stopped])

[2003-07-28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])

[2007-10-18 10:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])

[2006-11-15 09:49:34 | 00,912,384 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

 

========== Driver Services ==========

 

[2008-11-26 18:15:35 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [system | Running])

[2008-11-26 18:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk [Auto | Running])

[2008-11-26 18:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])

[2008-11-26 18:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])

[2008-11-26 18:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [system | Running])

[2008-11-26 18:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [system | Running])

[2007-05-18 02:57:34 | 02,164,736 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running])

[2006-07-06 20:43:58 | 00,168,576 | R--- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinavt2.sys -- (ATIAVAIW [On_Demand | Stopped])

[2008-05-22 20:39:57 | 00,278,728 | ---- | M] () -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt [Auto | Running])

[2005-11-25 16:43:48 | 00,031,896 | ---- | M] (DemoForge, LLC) -- C:\WINDOWS\system32\drivers\dfmirage.sys -- (dfmirage [On_Demand | Running])

[1998-07-10 03:31:00 | 00,007,328 | ---- | M] () -- C:\WINDOWS\system32\drivers\ds1410d.sys -- (DS1410D [Auto | Stopped])

[2008-01-29 11:01:28 | 00,016,168 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])

[2006-11-22 09:01:48 | 00,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock [Auto | Running])

[2008-07-29 00:28:14 | 00,047,616 | ---- | M] (Aladdin Knowledge Systems) -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt [Auto | Running])

[2004-10-27 14:21:30 | 00,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService [On_Demand | Stopped])

[2008-04-13 17:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])

[2003-11-13 18:19:48 | 00,210,304 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2 [On_Demand | Running])

[2003-11-13 18:17:00 | 01,042,816 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP [On_Demand | Running])

[2006-11-03 09:32:30 | 04,394,496 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])

[2008-10-10 14:27:02 | 00,162,432 | ---- | M] () -- C:\WINDOWS\system32\drivers\ithsgt.sys -- (ithsgt [Auto | Running])

[2008-04-14 16:41:34 | 00,014,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [system | Stopped])

[2008-10-10 14:27:01 | 00,012,032 | ---- | M] () -- C:\WINDOWS\system32\drivers\lilsgt.sys -- (lilsgt [Auto | Running])

[2008-05-22 20:39:57 | 00,025,416 | ---- | M] () -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt [Auto | Running])

[2004-01-16 14:21:48 | 00,012,970 | R--- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])

[2008-04-13 19:46:22 | 00,015,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE [On_Demand | Stopped])

[2008-06-22 21:12:02 | 00,042,512 | ---- | M] (CACE Technologies) -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF [On_Demand | Stopped])

[2004-08-04 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])

[2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])

[2006-07-11 19:31:02 | 00,084,096 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp [On_Demand | Running])

[2004-08-03 23:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139 [On_Demand | Stopped])

[2008-07-07 08:40:49 | 00,056,108 | ---- | M] (PowerISO Computing, Inc.) -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu [system | Running])

[2007-11-13 11:25:56 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])

[2001-06-21 20:39:02 | 00,073,728 | ---- | M] (Rainbow Technologies, Inc.) -- C:\WINDOWS\system32\drivers\SENTINEL.SYS -- (Sentinel [Auto | Running])

[2005-06-20 08:12:00 | 00,215,040 | R--- | M] (SiS Corporation) -- C:\WINDOWS\system32\drivers\sis163u.sys -- (SIS163u [On_Demand | Running])

[2001-06-21 20:39:02 | 00,020,032 | R--- | M] (Rainbow Technologies Inc.) -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS -- (Sntnlusb [On_Demand | Stopped])

[2008-05-22 17:06:15 | 00,717,296 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [boot | Running])

[2007-02-18 00:15:34 | 00,232,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\VMM.sys -- (vmm [system | Running])

[2007-01-29 06:20:34 | 00,059,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\VMNetSrv.sys -- (VPCNetS2 [On_Demand | Running])

[2003-11-13 18:18:36 | 00,679,808 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf [On_Demand | Running])

[2006-06-01 14:15:20 | 00,509,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\xnacc.sys -- (xnacc [On_Demand | Stopped])

[2001-01-22 14:23:36 | 00,006,080 | ---- | M] (Zeal SoftStudio) -- C:\WINDOWS\system32\zntport.sys -- (zntport [Auto | Running])

 

========== (R ) Internet Explorer ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]

"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=\blank.htm

"Search Page"=http://www.msn.com/access/allinone.asp

"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]

"provider"=

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=\blank.htm

"Search Page"=http://www.msn.com/access/allinone.asp

"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\Software\Microsoft\Internet Explorer\SearchURL]

"provider"=

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

========== (O1) Hosts File ==========

 

HOSTS File = (686 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

First 25 entries...

127.0.0.1 localhost

 

========== (O2) BHO's ==========

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)

{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

 

========== (O3) Toolbars ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC}" (HKLM) -- C:\Program\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

 

========== (O4) Run Keys ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Acrobat Assistant 8.0"="D:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" (Adobe Systems Inc.)

"Adobe Acrobat Speed Launcher"="D:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" (Adobe Systems Incorporated)

"AlcWzrd"=ALCWZRD.EXE (RealTek Semicoductor Corp.)

"avast!"=C:\Program\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)

"ISUSPM"="C:\Program\Delade filer\InstallShield\UpdateService\isuspm.exe" -scheduler (Macrovision Corporation)

"SoundMan"=SOUNDMAN.EXE (Realtek Semiconductor Corp.)

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsnMsgr"="C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsnMsgr"="C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)

 

========== (O4) Startup Folders ==========

 

[1999-11-04 14:06:48 | 00,113,664 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

 

========== (O6 & O7) Current Version Policies ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=91 00 00 00 [binary data]

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=91 00 00 00 [binary data]

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

========== (O8) IE Context Menu Extensions ==========

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]

Append Link Target to Existing PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

Append to Existing PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

Convert Link Target to Adobe PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

Convert link target to existing PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

Convert to Adobe PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\OFFICE11\EXCEL.EXE [2008-10-13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]

Add to AMV Convert Tool...: C:\Program\MP3 Player Utilities 4.00\AMVConverter\grab.html [2006-02-16 09:37:38 | 00,000,890 | ---- | M] ()

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\OFFICE11\EXCEL.EXE [2008-10-13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)

MediaManager tool grab multimedia file: C:\Program\MP3 Player Utilities 4.00\MediaManager\grab.html [2006-02-15 08:30:44 | 00,000,890 | ---- | M] ()

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]

Add to AMV Convert Tool...: C:\Program\MP3 Player Utilities 4.00\AMVConverter\grab.html [2006-02-16 09:37:38 | 00,000,890 | ---- | M] ()

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\OFFICE11\EXCEL.EXE [2008-10-13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)

MediaManager tool grab multimedia file: C:\Program\MP3 Player Utilities 4.00\MediaManager\grab.html [2006-02-15 08:30:44 | 00,000,890 | ---- | M] ()

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]

Add to AMV Convert Tool...: Reg Error: Key does not exist or could not be opened. File not found

E&xportera till Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

MediaManager tool grab multimedia file: Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]

Add to AMV Convert Tool...: Reg Error: Key does not exist or could not be opened. File not found

E&xportera till Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

MediaManager tool grab multimedia file: Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\Software\Microsoft\Internet Explorer\MenuExt\]

Append Link Target to Existing PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

Append to Existing PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

Convert Link Target to Adobe PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

Convert link target to existing PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

Convert to Adobe PDF: C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\OFFICE11\EXCEL.EXE [2008-10-13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)

 

========== (O9) IE Extensions ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Referensinformation -- %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [2007-04-19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)

{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008-04-13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)

{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008-04-14 17:05:13 | 01,695,232 | ---- | M] (Microsoft Corporation)

{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008-04-14 17:05:13 | 01,695,232 | ---- | M] (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found

CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Referensinformation] -> [2007-04-19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008-04-13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 17:05:13 | 01,695,232 | ---- | M] (Microsoft Corporation)

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found

CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Referensinformation] -> [2007-04-19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008-04-13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 17:05:13 | 01,695,232 | ---- | M] (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found

CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Referensinformation] -> [2007-04-19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008-04-13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 17:05:13 | 01,695,232 | ---- | M] (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-1659004503-920026266-839522115-1005\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found

CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Referensinformation] -> [2007-04-19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008-04-13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 17:05:13 | 01,695,232 | ---- | M] (Microsoft Corporation)

 

========== (O12) Internet Explorer Plugins ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]

PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s

PluginsPageFriendlyName: "" = Microsoft ActiveX-galleri

 

========== (O13) Default Prefixes ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]

""=http://

 

========== (O15) Trusted Sites ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

1 domain(s) and sub-domain(s) not assigned to a zone.

 

========== (O16) DPF ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]

{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab -- Reg Error: Key does not exist or could not be opened.

{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}: http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab -- Java Plug-in 1.5.0

{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab -- Java Plug-in 1.6.0_05

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07

 

========== (O17) DNS Name Servers ==========

 

{78DE93C5-D530-45B2-83FA-AAFFA1DD8C30} (Servers: | Description: Fujitsu Siemens Computers WLAN 802.11b/g D1705/D1706)

{7BB47BEE-5807-4A33-8356-8BA9039732CE} (Servers: | Description: )

{A3CEBD50-3168-4B21-AA96-9D96AD558586} (Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC)

{C0CA295B-46A4-455B-9BAE-1CD58D4A3F28} (Servers: | Description: 1394 Net Adapter)

 

========== (O20) Winlogon Notify Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]

AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)

 

========== LSA *Authentication Packages* ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"Authentication Packages"=msv1_0,C:\WINDOWS\system32\mlJYrstr,

>File not found --

 

========== Safeboot Options ==========

 

"AlternateShell"=cmd.exe

 

========== CDRom AutoRun Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 1

 

========== Autorun Files on Drives ==========

 

Autodesk []

[2008-10-12 01:01:29 | 00,000,000 | ---D | M] -- C:\Autodesk -- [ NTFS ]

 

AUTOEXEC.BAT []

[2007-06-01 08:24:57 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

 

AUTOEXEC.BAT []

[2007-05-31 15:28:49 | 00,000,000 | ---- | M] () -- D:\AUTOEXEC.BAT -- [ NTFS ]

 

========== MountPoints2 ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{620fa4d1-2819-11dd-9827-003005b24535}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{620fa4d1-2819-11dd-9827-003005b24535}\Shell\AutoRun\command]

""=L:\setup.exe -- File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{902feaec-b890-11dd-9926-003005b24535}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{902feaec-b890-11dd-9926-003005b24535}\Shell\AutoRun\command]

""=L:\laucher.exe -- File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[5 C:\WINDOWS\System32\*.tmp files]

[4 C:\WINDOWS\*.tmp files]

[2008-12-20 14:55:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Application Data\Malwarebytes

[2008-12-20 14:55:33 | 00,000,697 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes' Anti-Malware.lnk

[2008-12-20 14:55:32 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2008-12-20 14:55:30 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2008-12-20 14:55:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2008-12-20 14:55:28 | 00,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware

[2008-12-20 14:54:29 | 02,539,400 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Hem PC\Skrivbord\mbam-setup.exe

[2008-12-20 14:24:45 | 00,423,424 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Hem PC\Skrivbord\OTViewIt.exe

[2008-12-20 13:35:37 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll

[2008-12-20 13:27:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT

[2008-12-20 13:22:54 | 00,000,105 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\eforum01.url

[2008-12-20 13:19:37 | 00,000,000 | ---D | C] -- C:\SDFix

[2008-12-20 13:19:24 | 01,529,241 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\SDFix.exe

[2008-12-20 12:00:27 | 00,000,000 | -H-- | C] () -- C:\Documents and Settings\Hem PC\Mina dokument\Default.rdp

[2008-12-19 23:27:53 | 00,000,000 | ---D | C] -- C:\Program\Cliprex DVD Player Professional

[2008-12-14 00:08:15 | 00,004,074 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\Porcupine Tree - fear of a blank planet bass tab.nfo

[2008-12-12 23:11:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Application Data\Stop_Motion_Pro_Projects

[2008-12-12 23:06:43 | 00,000,691 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\Stop Motion Pro v4.lnk

[2008-12-12 23:06:42 | 00,000,000 | ---D | C] -- C:\Program\StopMotionPro4

[2008-12-12 22:33:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Mina dokument\Pivot Figure

[2008-12-12 14:40:12 | 00,000,708 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\VLC media player.lnk

[2008-12-11 17:51:10 | 00,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Pivot Stickfigure Animator.lnk

[2008-12-11 17:51:08 | 00,000,000 | ---D | C] -- C:\Program\Pivot Stickfigure Animator

[2008-12-09 22:14:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Mina dokument\My Virtual Machines

[2008-12-09 21:42:14 | 00,000,000 | ---D | C] -- C:\Program\Microsoft Virtual PC

[2008-12-06 23:23:47 | 00,001,624 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\DOSBox 0.72.lnk

[2008-12-06 23:23:47 | 00,000,000 | ---D | C] -- C:\Program\DOSBox-0.72

[2008-12-06 23:21:39 | 00,000,000 | ---D | C] -- C:\ARENA

[2008-12-06 23:06:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Mina dokument\F3

[2008-12-06 20:28:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Mina dokument\Rockstar Games

[2008-12-06 20:15:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokument\microsoft

[2008-12-06 19:57:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2008-12-06 19:49:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\sv-se

[2008-12-06 19:49:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\sv

[2008-12-06 19:49:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits

[2008-12-06 19:49:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas

[2008-12-06 19:47:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles

[2008-12-06 19:45:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic

[2008-12-06 19:40:35 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$

[2008-12-06 19:40:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\EHome

[2008-12-06 19:23:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\Rockstar Games

[2008-12-06 18:19:01 | 00,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll

[2008-12-06 18:16:36 | 00,000,000 | ---D | C] -- C:\Program\Microsoft Games for Windows - LIVE

[2008-12-06 17:50:24 | 00,000,723 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Rockstar Games Social Club.lnk

[2008-12-06 01:49:40 | 00,000,000 | ---D | C] -- C:\Program\TagRename

[2008-12-05 21:16:01 | 00,001,614 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\Daggerfall XP.lnk

[2008-12-01 20:44:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Mina dokument\My Music

[2008-11-29 21:29:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Mina dokument\Altova

[2008-11-29 21:26:37 | 00,000,000 | ---D | C] -- C:\Program\Delade filer\Altova

[2008-11-29 21:26:37 | 00,000,000 | ---D | C] -- C:\Program\Altova

[2008-11-29 21:26:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Altova

[2008-11-29 21:25:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations

[2008-11-28 15:21:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\Roblox

[2008-11-28 15:20:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\RobloxVersions

[2008-11-28 15:20:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\RobloxDownloads

[2008-11-28 15:20:50 | 00,381,544 | ---- | C] (Roblox Corporation) -- C:\Documents and Settings\Hem PC\Skrivbord\Roblox.exe

[2008-11-26 17:22:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\Fallout3

[2008-11-26 17:12:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Fallout3

[2008-11-26 17:09:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive

[2008-11-25 18:33:05 | 21,116,611 | ---- | C] (Aspyr Media, Inc) -- C:\Documents and Settings\Hem PC\Skrivbord\GH3_PC_1.3_Patch.exe

[2008-11-24 17:51:41 | 00,000,936 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\Ultimate Vice City.lnk

[2008-11-24 15:56:55 | 37,901,698 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\ultimatevicecity2.exe

[2008-11-24 15:46:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Skrivbord\nvc

[2008-11-23 19:18:35 | 00,000,000 | ---D | C] -- C:\FJBeta files

[2008-11-23 17:52:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\EIDOS

[2008-11-23 17:20:55 | 00,000,000 | ---D | C] -- C:\Program\Eidos

[2008-11-23 17:20:07 | 01,627,412 | -HS- | C] () -- C:\WINDOWS\System32\isrbaclb.ini

[2008-11-23 17:19:09 | 00,376,407 | -HS- | C] () -- C:\WINDOWS\System32\rtsrYJlm.ini2

[2008-11-23 17:19:08 | 00,376,407 | -HS- | C] () -- C:\WINDOWS\System32\rtsrYJlm.ini

[2008-11-23 14:46:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hem PC\Application Data\Blender Foundation

[2008-11-23 14:46:47 | 00,001,722 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Blender.lnk

[2008-11-23 14:46:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blender Foundation

[2008-11-23 14:46:24 | 00,000,000 | ---D | C] -- C:\Program\Blender Foundation

[2008-11-22 15:07:58 | 27,996,672 | ---- | C] () -- C:\Documents and Settings\Hem PC\Mina dokument\output.avi

[2008-11-21 22:47:56 | 00,524,288 | ---- | C] (DivX Inc.) -- C:\WINDOWS\System32\DivXsm.exe

[2008-11-21 22:47:56 | 00,004,816 | ---- | C] () -- C:\WINDOWS\System32\divxsm.tlb

[2008-11-21 22:47:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2008-11-21 22:46:10 | 01,044,480 | ---- | C] (The OpenSSL Project, http://www.openssl.org/'>http://www.openssl.org/'>http://www.openssl.org/'>http://www.openssl.org/) -- C:\WINDOWS\System32\libdivx.dll

[2008-11-21 22:46:10 | 00,200,704 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\ssldivx.dll

[2008-11-21 22:45:16 | 00,196,608 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dtu100.dll

[2008-11-21 22:45:16 | 00,081,920 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll

[2008-11-21 22:45:12 | 00,593,920 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpuGUI11.dll

[2008-11-21 22:45:12 | 00,344,064 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpus11.dll

[2008-11-21 22:45:12 | 00,294,912 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpu11.dll

[2008-11-21 22:45:12 | 00,294,912 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpu10.dll

[2008-11-21 22:45:12 | 00,057,344 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpv11.dll

[2008-11-21 22:45:12 | 00,053,248 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpuGUI10.dll

[2008-11-21 22:45:08 | 00,823,296 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0c.dll

[2008-11-21 22:45:08 | 00,823,296 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx07.dll

[2008-11-21 22:45:08 | 00,815,104 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0a.dll

[2008-11-21 22:45:08 | 00,802,816 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx11.dll

[2008-11-21 22:45:06 | 00,684,032 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivX.dll

[2008-11-21 22:45:00 | 00,729,088 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divxdec.ax

[2008-11-21 22:45:00 | 00,352,401 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\DivXMedia.ax

[2008-11-21 22:44:38 | 00,161,096 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivXCodecVersionChecker.exe

[2008-11-21 22:44:16 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll

[2008-11-21 14:28:14 | 00,001,787 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\Sweet Little Piano 32.lnk

[2008-11-21 14:28:14 | 00,000,000 | ---D | C] -- C:\Program\Roni Music

[2008-11-20 23:06:16 | 00,001,634 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\Collab.lnk

[2008-11-20 23:06:12 | 00,000,802 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\ASIO4ALL v2 Instruction Manual.lnk

[2008-11-20 23:06:12 | 00,000,692 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\ASIO4ALL v2 Off-Line Settings.lnk

[2008-11-20 23:06:12 | 00,000,000 | ---D | C] -- C:\Program\ASIO4ALL v2

[2008-11-20 23:05:49 | 00,225,280 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS\System32\rewire.dll

[2008-11-20 23:05:46 | 00,000,781 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\FL Studio 8.lnk

[2008-11-20 23:04:29 | 00,000,000 | ---D | C] -- C:\Program\Outsim

[2008-11-20 23:02:05 | 00,000,000 | ---D | C] -- C:\Program\Image-Line

[2008-11-20 21:25:26 | 00,113,684 | ---- | C] () -- C:\Documents and Settings\Hem PC\Skrivbord\Fasten,,, msn ljud.mp3

 

========== Files - Modified Within 30 Days ==========

 

[5 C:\WINDOWS\System32\*.tmp files]

[4 C:\WINDOWS\*.tmp files]

[2008-12-20 15:05:15 | 00,002,670 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2008-12-20 15:05:07 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2008-12-20 15:04:27 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2008-12-20 15:04:22 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2008-12-20 14:55:33 | 00,000,697 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes' Anti-Malware.lnk

[2008-12-20 14:54:49 | 02,539,400 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Hem PC\Skrivbord\mbam-setup.exe

[2008-12-20 14:24:46 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hem PC\Skrivbord\OTViewIt.exe

[2008-12-20 13:37:45 | 00,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS

[2008-12-20 13:35:38 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll

[2008-12-20 13:23:11 | 00,000,105 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\eforum01.url

[2008-12-20 13:19:33 | 01,529,241 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\SDFix.exe

[2008-12-20 12:59:13 | 00,000,650 | ---- | M] () -- C:\Documents and Settings\Hem PC\Mina dokument\Mina delade mappar.lnk

[2008-12-20 12:00:27 | 00,000,000 | -H-- | M] () -- C:\Documents and Settings\Hem PC\Mina dokument\Default.rdp

[2008-12-20 00:57:25 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2008-12-18 21:37:49 | 00,098,304 | ---- | M] () -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008-12-14 00:08:15 | 00,004,074 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\Porcupine Tree - fear of a blank planet bass tab.nfo

[2008-12-13 01:45:43 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2008-12-13 01:45:28 | 00,000,727 | ---- | M] () -- C:\WINDOWS\win.ini

[2008-12-12 23:06:43 | 00,000,691 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\Stop Motion Pro v4.lnk

[2008-12-12 18:03:18 | 03,088,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll

[2008-12-12 18:03:18 | 03,088,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll

[2008-12-12 14:40:12 | 00,000,708 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\VLC media player.lnk

[2008-12-11 17:51:10 | 00,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Pivot Stickfigure Animator.lnk

[2008-12-10 00:24:37 | 17,593,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

[2008-12-09 21:44:06 | 00,445,472 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat

[2008-12-09 21:44:06 | 00,442,434 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2008-12-09 21:44:06 | 00,084,014 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat

[2008-12-09 21:44:05 | 01,054,330 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2008-12-09 21:44:05 | 00,072,118 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2008-12-07 01:37:21 | 03,710,242 | -H-- | M] () -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\IconCache.db

[2008-12-06 23:23:47 | 00,001,624 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\DOSBox 0.72.lnk

[2008-12-06 19:59:29 | 00,024,312 | ---- | M] () -- C:\Documents and Settings\Hem PC\Lokala inställningar\Application Data\GDIPFONTCACHEV1.DAT

[2008-12-06 19:58:59 | 00,000,078 | -HS- | M] () -- C:\Documents and Settings\Hem PC\Mina dokument\desktop.ini

[2008-12-06 19:58:07 | 01,425,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2008-12-06 19:45:00 | 00,250,560 | RHS- | M] () -- C:\ntldr

[2008-12-06 17:50:24 | 00,000,723 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Rockstar Games Social Club.lnk

[2008-12-05 18:17:36 | 00,001,614 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\Daggerfall XP.lnk

[2008-12-03 19:52:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2008-12-03 19:52:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2008-12-01 20:08:02 | 00,043,520 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt03.dll

[2008-11-28 15:20:51 | 00,381,544 | ---- | M] (Roblox Corporation) -- C:\Documents and Settings\Hem PC\Skrivbord\Roblox.exe

[2008-11-26 18:21:30 | 01,236,208 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe

[2008-11-26 18:18:25 | 00,093,296 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2008-11-26 18:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2008-11-26 18:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2008-11-26 18:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2008-11-26 18:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2008-11-26 18:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2008-11-26 18:15:35 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2008-11-26 18:15:10 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr

[2008-11-26 15:58:32 | 00,376,407 | -HS- | M] () -- C:\WINDOWS\System32\rtsrYJlm.ini

[2008-11-26 15:56:21 | 00,376,407 | -HS- | M] () -- C:\WINDOWS\System32\rtsrYJlm.ini2

[2008-11-25 18:33:48 | 21,116,611 | ---- | M] (Aspyr Media, Inc) -- C:\Documents and Settings\Hem PC\Skrivbord\GH3_PC_1.3_Patch.exe

[2008-11-24 22:14:24 | 00,000,936 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\Ultimate Vice City.lnk

[2008-11-24 17:47:21 | 37,901,698 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\ultimatevicecity2.exe

[2008-11-23 17:20:11 | 01,627,412 | -HS- | M] () -- C:\WINDOWS\System32\isrbaclb.ini

[2008-11-23 14:46:47 | 00,001,722 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Blender.lnk

[2008-11-22 15:50:57 | 00,000,023 | ---- | M] () -- C:\WINDOWS\BlendSettings.ini

[2008-11-22 15:15:06 | 27,996,672 | ---- | M] () -- C:\Documents and Settings\Hem PC\Mina dokument\output.avi

[2008-11-21 22:47:56 | 00,524,288 | ---- | M] (DivX Inc.) -- C:\WINDOWS\System32\DivXsm.exe

[2008-11-21 22:47:56 | 00,004,816 | ---- | M] () -- C:\WINDOWS\System32\divxsm.tlb

[2008-11-21 22:47:52 | 03,596,288 | ---- | M] () -- C:\WINDOWS\System32\qt-dx331.dll

[2008-11-21 22:46:10 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\libdivx.dll

[2008-11-21 22:46:10 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\ssldivx.dll

[2008-11-21 22:45:16 | 00,196,608 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\dtu100.dll

[2008-11-21 22:45:16 | 00,081,920 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll

[2008-11-21 22:45:12 | 00,593,920 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpuGUI11.dll

[2008-11-21 22:45:12 | 00,344,064 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpus11.dll

[2008-11-21 22:45:12 | 00,294,912 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpu11.dll

[2008-11-21 22:45:12 | 00,294,912 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpu10.dll

[2008-11-21 22:45:12 | 00,057,344 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpv11.dll

[2008-11-21 22:45:12 | 00,053,248 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\dpuGUI10.dll

[2008-11-21 22:45:08 | 00,823,296 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0c.dll

[2008-11-21 22:45:08 | 00,823,296 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx07.dll

[2008-11-21 22:45:08 | 00,815,104 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0a.dll

[2008-11-21 22:45:08 | 00,802,816 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx11.dll

[2008-11-21 22:45:06 | 00,684,032 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivX.dll

[2008-11-21 22:45:00 | 00,729,088 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divxdec.ax

[2008-11-21 22:45:00 | 00,352,401 | ---- | M] (DivXNetworks) -- C:\WINDOWS\System32\DivXMedia.ax

[2008-11-21 22:44:38 | 00,161,096 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivXCodecVersionChecker.exe

[2008-11-21 22:44:16 | 00,012,288 | ---- | M] () -- C:\WINDOWS\System32\DivXWMPExtType.dll

[2008-11-21 18:37:51 | 00,001,625 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Adobe Acrobat 9 Pro Extended.lnk

[2008-11-21 14:28:14 | 00,001,787 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\Sweet Little Piano 32.lnk

[2008-11-20 23:06:16 | 00,001,634 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\Collab.lnk

[2008-11-20 23:06:12 | 00,000,802 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\ASIO4ALL v2 Instruction Manual.lnk

[2008-11-20 23:06:12 | 00,000,692 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\ASIO4ALL v2 Off-Line Settings.lnk

[2008-11-20 23:05:47 | 00,000,781 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\FL Studio 8.lnk

[2008-11-20 22:23:17 | 00,000,121 | ---- | M] () -- C:\WINDOWS\System32\MASHTWTY.SYS

[2008-11-20 21:25:27 | 00,113,684 | ---- | M] () -- C:\Documents and Settings\Hem PC\Skrivbord\Fasten,,, msn ljud.mp3

< End of report >

[/log]

 

Link to comment
Share on other sites

Det är flera gamla Java-versioner med säkerhetshål i datorn. Jag rekommenderar dig att installera en ny från http://www.java.com/sv/ och därefter avinstallera alla Java/J2SE/JRE utom den senaste i Kontrollpanelen - Lägg till eller ta bort program (inga webbläsare igång).

 

Har du använt registereditorn regedit någon gång?

 

Ta bort mappen C:\Program\Cliprex DVD Player Professional

 

Starta om datorn.

Hur är det med tangentbordet nu?

 

Link to comment
Share on other sites

konstig-knäppjök

jag ska ta bort cliprex men vi (pappa o jag) testade o kolla runt lite och vi tror att tangentbordet helt enkelt har gått sönder så vi tog fram ett annat, lite äldre, tangentbord.

Tack för hjälpen!

 

Link to comment
Share on other sites

Jo, jag misstänkte att det var fel på tangentbordet så det var därför jag frågade om du hade kunnat trycka F8 på tangentbordet.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.×
×
  • Create New...