Hjälp snälla

[Nellow]

ja, men hag hittar inte den sista den finns inte.. :/

 

[Cecilia]

Klistra in en ny HijackThis-logg då.

 

[Nellow]

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:13:44, on 2009-01-05

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Synaptics\SynTP\SynTPStart.exe

C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

C:\Program Files\DigitalPersona\Bin\DpAgent.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\CalCheck.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\Windows Live\Family Safety\fsui.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

C:\Windows\ehome\ehtray.exe

C:\Users\Nelly\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: avjtaadgncaf Class - {E07B4604-F7E3-EF96-7B86-4A478A2FF1A8} - C:\Program Files\altcmd\altcmd32.dll (file missing)

O3 - Toolbar: Visa Norton-verktygsfältet - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll

O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe

O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [ulead Photo Express Calendar Checker] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"

O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Nelly\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Skicka bild till &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Skicka sida till &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O13 - Gopher Prefix:

O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-3/SmileyCentralFWBInitialSetup1.0.1.0.cab

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Automatisk LiveUpdate-schemaläggare (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe

O23 - Service: Droppix Service - Droppix - C:\Program Files\Common Files\Droppix\DxService.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE

O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Super_DVD_Creator_9.8\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

 

--

End of file - 12743 bytes[/log]

 

 

 

[Cecilia]

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:13:44, on 2009-01-05

 

står det i loggen, det är alltså en logg från igår eftermiddag och inte en ny. Ta bort den loggen och gör ett nytt försök.

 

[Nellow]

aha, det såg jag inte...

 

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:26:28, on 2009-01-06

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\DigitalPersona\Bin\DpAgent.exe

C:\Program Files\Synaptics\SynTP\SynTPStart.exe

C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\CalCheck.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Windows Live\Family Safety\fsui.exe

C:\Windows\System32\rundll32.exe

C:\Windows\ehome\ehtray.exe

C:\Users\Nelly\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Windows Live\Mail\wlmail.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: avjtaadgncaf Class - {E07B4604-F7E3-EF96-7B86-4A478A2FF1A8} - C:\Program Files\altcmd\altcmd32.dll (file missing)

O3 - Toolbar: Visa Norton-verktygsfältet - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll

O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe

O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [ulead Photo Express Calendar Checker] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"

O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Nelly\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Skicka bild till &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Skicka sida till &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O13 - Gopher Prefix:

O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Automatisk LiveUpdate-schemaläggare (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe

O23 - Service: Droppix Service - Droppix - C:\Program Files\Common Files\Droppix\DxService.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE

O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Super_DVD_Creator_9.8\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

 

--

End of file - 11928 bytes[/log]

 

[Cecilia]

Skanna med HijackThis och bocka för:

 

O2 - BHO: avjtaadgncaf Class - {E07B4604-F7E3-EF96-7B86-4A478A2FF1A8} - C:\Program Files\altcmd\altcmd32.dll (file missing)

O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.

cab

 

Avsluta alla andra program.

Tryck Fix checked.

 

Starta om datorn och så en ny HijackThis-logg.

Kommer meddelandet fortfarande?

 

[Nellow]

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:08:19, on 2009-01-06

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Program Files\DigitalPersona\Bin\DpAgent.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Synaptics\SynTP\SynTPStart.exe

C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\CalCheck.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Windows Live\Family Safety\fsui.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\ehome\ehmsas.exe

C:\Users\Nelly\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: avjtaadgncaf Class - {E07B4604-F7E3-EF96-7B86-4A478A2FF1A8} - C:\Program Files\altcmd\altcmd32.dll (file missing)

O3 - Toolbar: Visa Norton-verktygsfältet - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll

O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe

O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [ulead Photo Express Calendar Checker] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"

O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Nelly\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Skicka bild till &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Skicka sida till &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O13 - Gopher Prefix:

O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Automatisk LiveUpdate-schemaläggare (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe

O23 - Service: Droppix Service - Droppix - C:\Program Files\Common Files\Droppix\DxService.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE

O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Super_DVD_Creator_9.8\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

 

--

End of file - 11833 bytes

[/log]

 

 

Nej det har inte försvunnit..

 

[Cecilia]

Hmm, raderna försvann inte ur HijackThis-loggen.

 

Ladda ner OTViewIt till Skrivbordet:

http://oldtimer.geekstogo.com/OTViewIt.exe

 

Stäng alla program.

Kör OTViewIt (i Vista högerklicka och Kör som administratör).

Bocka för Scan all Users.

Välj 30 dagar för File Age om det inte redan är valt.

Tryck på Run Scan och låt programmet köra ostört.

 

När det är klart så skapas två loggfiler på Skrivbordet, OTViewIt.txt och Extras.txt, klistra in båda två i ditt svar (kom ihåg LOG-knappen).

 

[Nellow]

[log]OTViewIt logfile created on: 2009-01-06 14:09:29 - Run 2

OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\Nelly\Hämtade Filer

Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

2.00 Gb Total Physical Memory | 1.95 Gb Available Physical Memory | 97.61% Memory free

4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free

Paging file location(s): ?:\pagefile.sys;

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 288.02 Gb Total Space | 78.07 Gb Free Space | 27.11% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: NELLYSDATOR

Current User Name: Nelly

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

 

========== Processes ==========

 

[2008-01-19 08:33:37 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe

[2008-01-19 08:33:14 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe

[2008-12-04 02:42:00 | 00,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe

[2008-01-19 08:33:22 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe

[2008-10-17 15:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

[2007-09-20 19:02:58 | 00,299,008 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe

[2006-11-02 10:45:37 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe

[2008-11-07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

[2008-08-29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe

[2008-12-08 17:01:58 | 00,533,344 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe

[2007-07-25 07:02:44 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

[2007-10-12 07:34:56 | 00,071,096 | ---- | M] () -- C:\Program Files\Super_DVD_Creator_9.8\NMSAccessU.exe

[2007-09-30 19:34:54 | 00,271,760 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

[2007-09-20 19:12:02 | 00,671,744 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe

[2008-01-19 08:33:08 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe

[2008-01-19 08:33:32 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe

[2007-09-15 09:29:10 | 00,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe

[2007-01-17 14:34:18 | 00,634,880 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

[2007-01-09 11:25:30 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe

[2008-05-27 06:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe

[2007-08-17 14:27:00 | 04,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe

[2006-05-03 00:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

[2007-07-25 07:02:42 | 00,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

[2007-09-19 22:31:34 | 00,202,032 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

[2007-09-04 21:54:20 | 00,554,320 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

[2008-12-17 20:22:52 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe

[2006-12-10 21:52:38 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe

[2007-09-30 19:34:14 | 00,181,544 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe

[2004-01-12 20:40:24 | 00,069,632 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\CalCheck.exe

[2008-11-20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe

[2008-12-08 17:01:58 | 00,453,984 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsui.exe

[2005-09-30 18:22:50 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe

[2008-10-17 15:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

[2006-11-02 10:45:37 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe

[2008-03-28 02:05:00 | 01,045,800 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[2008-01-19 08:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe

[2008-01-19 08:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe

[2007-09-30 19:34:54 | 00,112,016 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

[2008-01-19 08:33:39 | 00,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe

[2008-01-19 08:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe

[2008-01-19 08:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe

[2008-11-25 20:03:04 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Users\Nelly\AppData\Local\Google\Update\GoogleUpdate.exe

[2008-01-19 08:33:33 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe

[2008-01-19 08:33:32 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe

[2008-11-20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe

[2008-03-28 02:06:00 | 00,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

[2007-08-23 13:35:32 | 00,243,064 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

[2007-09-20 02:30:52 | 00,065,536 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

[2009-01-06 12:27:27 | 00,685,568 | ---- | M] () -- C:\Users\Nelly\Hämtade Filer\Jukebox.exe

[2008-01-19 08:33:32 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe

[2008-01-05 12:21:39 | 00,864,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

[2008-05-27 06:18:16 | 00,184,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe

[2009-01-06 13:56:08 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Users\Nelly\Hämtade Filer\OTViewIt.exe

[2008-05-27 06:17:55 | 00,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe

 

========== (O23) Win32 Services ==========

 

File not found -- -- (Apple Mobile Device [Auto | Running])

File not found -- -- (Autodesk Licensing Service [On_Demand | Stopped])

File not found -- -- (Automatic LiveUpdate Scheduler [Auto | Running])

File not found -- -- (Bonjour Service [Auto | Running])

File not found -- -- (CCALib8 [Auto | Running])

File not found -- -- (ccEvtMgr [Auto | Running])

File not found -- -- (ccSetMgr [Auto | Running])

File not found -- -- (CertPropSvc [unknown | Running])

[2008-01-05 12:26:41 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

File not found -- -- (CLTNetCnService [Auto | Running])

File not found -- -- (Com4Qlb [On_Demand | Stopped])

File not found -- -- (comHost [On_Demand | Stopped])

File not found -- -- (DcomLaunch [unknown | Running])

[2008-01-19 08:33:06 | 02,091,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe -- (DFSR [On_Demand | Stopped])

File not found -- -- (DpHost [Auto | Running])

[2008-01-19 08:34:06 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dps.dll -- (DPS [unknown | Running])

File not found -- -- (Droppix Service [On_Demand | Stopped])

[2008-01-19 08:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr [On_Demand | Stopped])

[2006-11-02 13:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])

[2008-01-05 12:21:53 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])

File not found -- -- (fsssvc [Auto | Running])

File not found -- -- (getPlus® Helper [On_Demand | Stopped])

[2008-01-19 08:34:25 | 00,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll -- (gpsvc [unknown | Running])

File not found -- -- (HP Health Check Service [Auto | Running])

File not found -- -- (hpqwmiex [Auto | Running])

File not found -- -- (IAANTMON [Auto | Running])

File not found -- -- (IDriverT [Disabled | Stopped])

File not found -- -- (iPod Service [On_Demand | Running])

File not found -- -- (LiveUpdate [On_Demand | Stopped])

File not found -- -- (LiveUpdate Notice [Auto | Running])

[2008-11-19 19:09:35 | 00,000,000 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [unknown | Stopped])

[2008-01-05 12:21:39 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

File not found -- -- (NMSAccessU [Auto | Running])

[2008-12-04 02:42:00 | 00,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc [Auto | Running])

File not found -- -- (odserv [On_Demand | Stopped])

File not found -- -- (ose [On_Demand | Stopped])

File not found -- -- (QPCapSvc [Auto | Running])

File not found -- -- (QPSched [Auto | Running])

File not found -- -- (RichVideo [Auto | Running])

File not found -- -- (rpcapd [On_Demand | Stopped])

[2008-01-19 08:36:19 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr [unknown | Stopped])

File not found -- -- (Schedule [unknown | Running])

File not found -- -- (SCPolicySvc [unknown | Stopped])

[2008-01-19 08:33:22 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc [Auto | Running])

[2006-11-02 10:45:46 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])

File not found -- -- (Symantec Core LC [On_Demand | Stopped])

[2008-01-19 08:33:33 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect [On_Demand | Stopped])

[2008-01-19 08:33:33 | 00,382,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds [On_Demand | Stopped])

File not found -- -- (WdiServiceHost [unknown | Stopped])

File not found -- -- (WdiSystemHost [unknown | Running])

[2008-05-27 06:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Auto | Running])

 

========== Driver Services ==========

 

[2006-11-02 10:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])

[2006-11-02 10:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])

[2006-11-02 10:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])

[2006-11-02 10:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])

[2006-11-02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])

[2006-11-02 10:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\System32\drivers\aliide.sys -- (aliide [Disabled | Stopped])

[2006-11-02 10:49:59 | 00,054,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp [On_Demand | Stopped])

[2006-11-02 10:49:26 | 00,015,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdide.sys -- (amdide [Disabled | Stopped])

[2006-11-02 09:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7 [Disabled | Stopped])

[2006-11-02 09:30:18 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8 [Disabled | Stopped])

[2006-11-02 10:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys -- (arc [Disabled | Stopped])

[2006-11-02 10:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])

[2007-08-28 23:47:36 | 00,146,560 | ---- | M] (AuthenTec, Inc.) -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV [On_Demand | Running])

[2006-11-02 08:30:53 | 00,464,384 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV [On_Demand | Stopped])

[2008-01-19 06:28:26 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser [On_Demand | Running])

[2006-11-02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])

[2006-11-02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])

[2006-11-02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid [Disabled | Stopped])

[2006-11-02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm [Disabled | Stopped])

[2006-11-02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm [Disabled | Stopped])

[2006-11-02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped])

[2008-08-02 00:34:04 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthenum.sys -- (BthEnum [On_Demand | Running])

[2008-01-19 06:53:38 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM [On_Demand | Running])

[2008-01-19 06:53:44 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthpan.sys -- (BthPan [On_Demand | Running])

[2008-08-02 00:34:04 | 00,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthport.sys -- (BTHPORT [On_Demand | Stopped])

[2008-08-02 00:34:04 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\BTHUSB.SYS -- (BTHUSB [On_Demand | Running])

[2007-09-18 14:12:28 | 00,080,424 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio [On_Demand | Running])

[2007-09-18 14:12:28 | 00,080,936 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt [On_Demand | Running])

[2007-09-18 14:12:28 | 00,016,168 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid [On_Demand | Running])

[2006-11-02 09:55:08 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\circlass.sys -- (circlass [Disabled | Stopped])

[2005-05-09 19:08:40 | 00,033,792 | ---- | M] (Team H2O) -- C:\Windows\System32\drivers\cledx.sys -- (CLEDX [On_Demand | Running])

[2008-01-19 08:42:58 | 00,247,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys -- (CLFS [unknown | Running])

[2006-11-02 10:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])

[2008-07-30 16:42:12 | 00,023,888 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon [On_Demand | Stopped])

[2007-08-08 16:39:56 | 00,036,056 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon [Auto | Running])

[2006-11-02 10:49:43 | 00,022,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk [boot | Running])

[2006-11-02 09:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe [Disabled | Stopped])

[2008-01-19 06:28:20 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC [system | Running])

[2008-01-19 06:49:12 | 00,131,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dot4.sys -- (Dot4 [On_Demand | Stopped])

[2008-01-19 06:49:09 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dot4Prt.sys -- (Dot4Print [On_Demand | Stopped])

[2008-01-19 06:49:10 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dot4usb.sys -- (dot4usb [On_Demand | Stopped])

[2008-08-02 02:01:23 | 00,625,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running])

[2006-11-02 08:30:54 | 00,163,328 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\e100b325.sys -- (E100B [On_Demand | Stopped])

[2006-11-02 08:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])

[2008-01-19 08:42:11 | 00,143,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache [boot | Running])

File not found -- -- (eeCtrl [system | Running])

[2006-11-02 10:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])

File not found -- -- (EraserUtilRebootDrv [On_Demand | Running])

[2008-01-19 06:28:01 | 00,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\exfat.sys -- (exfat [On_Demand | Stopped])

[2008-01-19 08:42:31 | 00,058,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo [boot | Running])

[2008-01-19 06:30:23 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace [On_Demand | Stopped])

[2008-12-08 17:01:52 | 00,055,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr [Auto | Running])

[2006-11-02 10:50:04 | 00,058,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx [On_Demand | Stopped])

[2008-04-17 12:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])

[2006-11-02 08:36:49 | 00,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])

[2008-01-19 05:30:49 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])

[2006-11-02 09:55:22 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth [Disabled | Stopped])

[2006-11-02 09:55:01 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidir.sys -- (HidIr [Disabled | Stopped])

[2006-11-02 10:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs [Disabled | Stopped])

[2007-06-19 01:12:04 | 00,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr [On_Demand | Running])

[2007-07-11 18:30:22 | 00,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid [On_Demand | Running])

[2006-11-02 08:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])

[2006-11-02 08:41:50 | 00,987,648 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV [On_Demand | Stopped])

[2006-10-19 03:10:57 | 01,380,864 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm [On_Demand | Stopped])

[2007-07-13 05:35:02 | 00,305,176 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor [boot | Running])

[2006-11-02 10:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV [Disabled | Stopped])

[2007-08-15 14:27:22 | 00,180,272 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20070823.002\IDSvix86.sys -- (IDSvix86 [system | Running])

[2006-11-02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])

[2007-08-22 19:44:18 | 01,950,552 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])

[2006-11-02 09:42:03 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV [Disabled | Stopped])

[2008-01-19 08:42:35 | 00,181,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt [On_Demand | Running])

[2006-11-02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])

[2006-11-02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])

[2008-01-19 06:49:17 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid [system | Running])

[2008-01-19 06:55:03 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio [Auto | Running])

[2006-11-02 10:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])

[2006-11-02 10:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])

[2006-11-02 10:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])

[2008-01-19 06:30:36 | 00,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys -- (luafv [Auto | Running])

[2006-11-02 10:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\megasas.sys -- (megasas [Disabled | Stopped])

[2007-07-30 15:20:56 | 00,468,736 | ---- | M] (DiBcom) -- C:\Windows\System32\drivers\dvb7700all.sys -- (mod7700 [On_Demand | Stopped])

[2008-01-19 06:52:19 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor [On_Demand | Running])

[2006-11-02 10:50:16 | 00,078,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpio.sys -- (mpio [Disabled | Stopped])

[2008-01-19 06:54:46 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv [On_Demand | Running])

[2006-11-02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x [Disabled | Stopped])

[2008-08-27 02:05:41 | 00,212,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10 [On_Demand | Running])

[2008-01-19 06:28:37 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20 [On_Demand | Running])

[2006-11-02 10:49:44 | 00,023,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys -- (msahci [boot | Running])

[2006-11-02 10:50:17 | 00,080,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm [Disabled | Stopped])

[2008-01-19 08:41:14 | 00,016,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv [boot | Running])

[2008-01-19 08:42:29 | 00,163,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC [On_Demand | Stopped])

[2008-05-20 03:07:31 | 00,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP [On_Demand | Running])

[2008-11-18 10:00:00 | 00,089,104 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090105.049\NAVENG.SYS -- (NAVENG [On_Demand | Running])

[2008-11-18 10:00:00 | 00,876,112 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090105.049\NAVEX15.SYS -- (NAVEX15 [On_Demand | Running])

[2006-11-02 08:30:54 | 01,781,760 | ---- | M] (Intel® Corporation) -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32 [On_Demand | Stopped])

[2007-06-28 16:09:56 | 02,222,080 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32 [On_Demand | Stopped])

[2008-11-17 15:40:22 | 03,668,480 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32 [On_Demand | Running])

[2006-11-02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])

[2007-01-25 18:31:34 | 00,042,000 | ---- | M] (CACE Technologies) -- C:\Windows\System32\drivers\npf.sys -- (NPF [On_Demand | Stopped])

[2008-01-19 06:55:50 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy [system | Running])

[2006-11-02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])

[2008-12-04 02:42:00 | 07,606,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])

[2006-11-02 10:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])

[2006-11-02 10:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])

[2006-11-02 10:50:40 | 00,106,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp [On_Demand | Stopped])

[2006-11-02 10:04:35 | 00,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH [Auto | Running])

[2008-04-05 02:21:42 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched [system | Running])

[2006-11-02 10:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])

[2006-11-02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])

[2008-01-19 06:56:07 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv [On_Demand | Stopped])

[2008-01-19 06:56:43 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp [On_Demand | Running])

[2008-01-19 07:01:09 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD [system | Running])

[2008-01-19 06:53:39 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rfcomm.sys -- (RFCOMM [On_Demand | Running])

[2007-02-24 22:42:22 | 00,039,936 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk [Auto | Running])

[2007-01-24 00:40:20 | 00,042,496 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk [Auto | Running])

[2007-03-22 06:02:04 | 00,037,376 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp [Auto | Running])

[2008-01-19 06:55:03 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr [Auto | Running])

[2007-09-18 00:17:36 | 00,098,816 | ---- | M] (Realtek Corporation ) -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169 [On_Demand | Running])

[2006-11-02 10:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port [Disabled | Stopped])

[2008-01-19 06:32:56 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus [On_Demand | Running])

[2006-11-02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])

[2008-01-19 06:49:16 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse [Disabled | Stopped])

[2008-01-19 06:49:46 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk [On_Demand | Stopped])

[2006-11-02 09:51:40 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc [On_Demand | Stopped])

[2008-01-19 06:49:46 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])

[2006-11-02 10:49:51 | 00,053,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp [On_Demand | Stopped])

[2006-11-02 10:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])

[2006-11-02 10:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])

[2008-01-19 06:55:27 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb [system | Running])

[2007-01-17 14:38:52 | 00,983,936 | ---- | M] (Motorola Inc.) -- C:\Windows\System32\drivers\smserial.sys -- (smserial [On_Demand | Running])

File not found -- -- (SPBBCDrv [system | Running])

[2008-01-19 08:41:30 | 00,021,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys -- (spldr [boot | Running])

[2007-11-30 22:57:12 | 00,279,088 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP [system | Running])

[2007-11-30 22:57:12 | 00,317,616 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL [On_Demand | Stopped])

[2007-11-30 22:57:12 | 00,043,696 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX [system | Running])

[2008-01-19 06:29:15 | 00,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2 [On_Demand | Running])

[2008-01-19 06:29:12 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet [On_Demand | Running])

[2005-08-17 06:45:00 | 00,058,352 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus [On_Demand | Stopped])

[2005-08-17 06:46:20 | 00,008,272 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl [On_Demand | Stopped])

[2005-08-17 06:46:26 | 00,093,872 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm [On_Demand | Stopped])

[2006-11-02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])

[2008-06-13 13:13:38 | 00,013,616 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symdns.sys -- (SYMDNS [On_Demand | Running])

[2008-07-29 19:41:10 | 00,123,952 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent [On_Demand | Running])

[2008-06-13 13:13:38 | 00,096,432 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symfw.sys -- (SYMFW [On_Demand | Running])

[2008-06-13 13:14:02 | 00,024,112 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM [system | Running])

[2008-06-13 13:13:40 | 00,041,008 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symndisv.sys -- (SYMNDISV [On_Demand | Running])

[2008-06-13 13:13:38 | 00,022,320 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symredrv.sys -- (SYMREDRV [On_Demand | Running])

[2008-06-13 13:13:40 | 00,184,240 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symtdi.sys -- (SYMTDI [system | Running])

[2006-11-02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])

[2006-11-02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])

[2008-03-28 02:06:00 | 00,199,472 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])

[2008-01-19 06:56:07 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg [Auto | Running])

[2008-01-19 06:55:58 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx [system | Running])

[2008-01-19 07:01:15 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv [On_Demand | Running])

[2008-01-19 06:55:41 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp [On_Demand | Running])

[2008-01-19 06:55:50 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel [On_Demand | Running])

[2006-11-02 10:49:59 | 00,056,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35 [On_Demand | Stopped])

[2006-11-02 10:50:04 | 00,058,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx [On_Demand | Stopped])

[2006-11-02 10:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])

[2006-11-02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])

[2006-11-02 10:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])

[2008-01-19 06:53:40 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus [On_Demand | Running])

[2008-01-19 06:53:23 | 00,073,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio [On_Demand | Stopped])

[2006-11-02 09:55:09 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir [Disabled | Stopped])

[2008-01-19 06:53:38 | 00,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo [On_Demand | Running])

[2006-11-02 09:53:56 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vgapnp.sys -- (vga [On_Demand | Stopped])

[2006-11-02 09:30:19 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7 [Disabled | Stopped])

[2006-11-02 10:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viaide.sys -- (viaide [Disabled | Stopped])

[2008-01-19 08:42:18 | 00,052,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr [boot | Running])

[2008-01-19 08:43:03 | 00,294,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx [boot | Running])

[2006-11-02 10:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])

[2006-11-02 09:52:52 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen [Disabled | Stopped])

[2006-11-02 10:49:38 | 00,019,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wd.sys -- (Wd [Disabled | Stopped])

[2008-01-19 08:43:27 | 00,503,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000 [boot | Running])

[2006-11-02 08:41:48 | 00,654,336 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf [On_Demand | Stopped])

[2008-01-19 06:32:47 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi [On_Demand | Running])

[2008-01-19 06:56:49 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl [Disabled | Stopped])

File not found -- -- ({22D78859-9CE9-4B77-BF18-AC83E81A9263} [Auto | Running])

 

========== (R ) Internet Explorer ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Page_URL"=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop

"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896

"Default_Secondary_Page_URL"=

"Extensions Off Page"=about:NoAdd-ons

"Local Page"=%SystemRoot%\system32\blank.htm

"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896

"Security Risk Page"=about:SecurityRisk

"Start Page"=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]

"Local Page"=http://www.google.com/

"Local Page Restore"=

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\Windows\system32\blank.htm

"Page_Transitions"=

"Search Page"=http://www.google.com

"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

"Start Page Restore"=http://www.google.se/

"StartPageCache"=

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

"ProxyOverride" = *.local

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\Windows\system32\blank.htm

"Page_Transitions"=

"Search Page"=http://www.google.com

"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

"Start Page Restore"=http://www.google.se/

"StartPageCache"=

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

"ProxyOverride" = *.local

 

========== (O1) Hosts File ==========

 

HOSTS File = (761 bytes) - C:\Windows\System32\drivers\etc\Hosts

First 25 entries...

127.0.0.1 localhost

::1 localhost

 

========== (O2) BHO's ==========

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll File not found

{22BF413B-C6D2-4d91-82A9-A0F997BA588C} (HKLM) -- C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll File not found

{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} (HKLM) -- C:\Program\Windows Live\Family Safety\fssbho.dll File not found

{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} (HKLM) -- C:\Program\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll File not found

{6D53EC84-6AAE-4787-AEEE-F4628F01010C} (HKLM) -- C:\Program\Common Files\Symantec Shared\IDS\IPSBHO.dll File not found

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program\Java\jre6\bin\ssv.dll File not found

{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll File not found

{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program\Java\jre6\bin\jp2ssv.dll File not found

{E07B4604-F7E3-EF96-7B86-4A478A2FF1A8} (HKLM) -- C:\Program Files\altcmd\altcmd32.dll File not found

 

========== (O3) Toolbars ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" (HKLM) -- C:\Program\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll File not found

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" (HKLM) -- C:\Program\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll File not found

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" (HKLM) -- C:\Program\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll File not found

 

========== (O4) Run Keys ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" File not found

"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe File not found

"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" File not found

"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe File not found

"fssui"="C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun File not found

"HP Health Check Scheduler"=[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found

"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe File not found

"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe File not found

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" File not found

"NvCplDaemon"=RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)

"NvMediaCenter"=RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)

"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe File not found

"QlbCtrl"=%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start File not found

"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" File not found

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime File not found

"RtHDVCpl"=RtHDVCpl.exe (Realtek Semiconductor)

"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe File not found

"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" File not found

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe File not found

"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe File not found

"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" File not found

"Ulead Photo Express Calendar Checker"=C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Aim6"= File not found

"ehTray.exe"=C:\Windows\ehome\ehTray.exe (Microsoft Corporation)

"Google Update"="C:\Users\Nelly\AppData\Local\Google\Update\GoogleUpdate.exe" /c File not found

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe File not found

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem File not found

"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem File not found

"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Aim6"= File not found

"ehTray.exe"=C:\Windows\ehome\ehTray.exe (Microsoft Corporation)

"Google Update"="C:\Users\Nelly\AppData\Local\Google\Update\GoogleUpdate.exe" /c File not found

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe File not found

 

========== (O6 & O7) Current Version Policies ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"ConsentPromptBehaviorAdmin"=2

"ConsentPromptBehaviorUser"=1

"EnableInstallerDetection"=1

"EnableLUA"=1

"EnableSecureUIAPaths"=1

"EnableVirtualization"=1

"PromptOnSecureDesktop"=1

"ValidateAdminCodeSignatures"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"scforceoption"=0

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"FilterAdministratorToken"=0

"EnableUIADesktopToggle"=0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats]

"CF_TEXT"=1

"CF_BITMAP"=2

"CF_OEMTEXT"=7

"CF_DIB"=8

"CF_PALETTE"=9

"CF_UNICODETEXT"=13

"CF_DIBV5"=17

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"LogonHoursAction"=2

"DontDisplayLogonHoursWarnings"=1

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"LogonHoursAction"=2

"DontDisplayLogonHoursWarnings"=1

 

========== (O8) IE Context Menu Extensions ==========

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\Office12\EXCEL.EXE File not found

Skicka bild till &Bluetooth-enhet...: C:\Program\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found

Skicka sida till &Bluetooth-enhet...: C:\Program\WIDCOMM\Bluetooth Software\btsendto_ie.htm File not found

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\Office12\EXCEL.EXE File not found

Skicka bild till &Bluetooth-enhet...: C:\Program\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found

Skicka sida till &Bluetooth-enhet...: C:\Program\WIDCOMM\Bluetooth Software\btsendto_ie.htm File not found

 

========== (O9) IE Extensions ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Button: Blogga detta -- %SystemDrive%\Program\Windows Live\Writer\WriterBrowserExtension.dll File not found

{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Menu: &Blogga detta i Windows Live Writer -- %SystemDrive%\Program\Windows Live\Writer\WriterBrowserExtension.dll File not found

{2670000A-7350-4f3c-8081-5663EE0C6C49}: Button: Skicka till OneNote -- %SystemDrive%\Program\Microsoft Office\Office12\ONBttnIE.dll File not found

{2670000A-7350-4f3c-8081-5663EE0C6C49}: Menu: Ski&cka till OneNote -- %SystemDrive%\Program\Microsoft Office\Office12\ONBttnIE.dll File not found

{77BF5300-1474-4EC7-9980-D32B190E9B07}: Button: Skype -- %SystemDrive%\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll File not found

{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Research -- %SystemDrive%\Program\Microsoft Office\Office12\REFIEBAR.DLL File not found

{CCA281CA-C863-46ef-9331-5C8D4460577F}: Button: @btrez.dll,-4015 -- %SystemDrive%\Program\WIDCOMM\Bluetooth Software\btsendto_ie.htm File not found

{CCA281CA-C863-46ef-9331-5C8D4460577F}: Menu: @btrez.dll,-12650 -- %SystemDrive%\Program\WIDCOMM\Bluetooth Software\btsendto_ie.htm File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [@btrez.dll,-4015] -> File not found

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [@btrez.dll,-4015] -> File not found

 

========== (O12) Internet Explorer Plugins ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]

PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s

PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

 

========== (O13) Default Prefixes ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]

""=http://

 

========== (O16) DPF ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]

{17492023-C23A-453E-A040-C7C580BBF700}: http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab -- Windows Genuine Advantage Validation Tool

{6F15128C-E66A-490C-B848-5000B5ABEEAC}: https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab -- HP Download Manager

{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11

{B8BE5E93-A60C-4D26-A2DC-220313175592}: http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab -- MSN Games - Installer

{C3F79A2B-B9B4-4A66-B012-3EE46475B072}: http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab -- MessengerStatsClient Class

{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab -- Java Plug-in 1.6.0_02

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07

{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11

{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object

CabBuilder: http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab -- Reg Error: Key does not exist or could not be opened.

 

========== (O17) DNS Name Servers ==========

 

{582526B8-E56E-410D-9547-A2C996A84F30} (Servers: | Description: )

{A3F96B8C-A756-46F1-A185-AC5C7FA8E5BB} (Servers: | Description: Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0))

{D326AAD4-5CFA-48E2-A849-4173D44037F1} (Servers: | Description: Intel® PRO/Wireless 3945ABG Network Connection)

 

========== HKLM *SecurityProviders* ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]

"SecurityProviders"=credssp.dll

>[2008-01-19 08:33:59 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll

 

========== LSA *Security Packages* ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"Security Packages"=kerberos,msv1_0,schannel,wdigest,tspkg,

>[2008-01-19 08:36:42 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll

 

========== Safeboot Options ==========

 

"AlternateShell"=cmd.exe

 

========== CDRom AutoRun Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 1

 

========== Autorun Files on Drives ==========

 

autoexec.bat [REM Dummy file for NTVDM | ]

[2006-09-18 22:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]

 

========== MountPoints2 ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{15d0abb4-ad95-11dd-b999-0021860f2fc9}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{15d0abb4-ad95-11dd-b999-0021860f2fc9}\Shell\AutoRun\command]

""=F:\LaunchU3.exe -- File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[2009-01-06 12:23:02 | 00,000,000 | ---D | C] -- C:\Program Files\Maxis

[2009-01-05 22:07:28 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\Malwarebytes

[2009-01-05 22:07:27 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2009-01-05 22:07:27 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2009-01-05 22:07:24 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2009-01-05 22:07:23 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2009-01-05 22:07:23 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2009-01-04 22:52:06 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2009-01-03 22:40:15 | 00,000,957 | ---- | C] () -- C:\Users\Public\Desktop\Pixillion Image Converter.lnk

[2009-01-03 22:40:15 | 00,000,000 | ---D | C] -- C:\ProgramData\NCH Software

[2009-01-01 15:48:30 | 01,793,028 | ---- | C] () -- C:\Users\Nelly\Dokumment\hundarna.pptx

[2009-01-01 15:37:30 | 00,000,000 | ---D | C] -- C:\Users\Nelly\Skrivbord\till nn

[2009-01-01 14:37:58 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\Droppix

[2009-01-01 14:24:27 | 00,000,909 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Droppix DVD Maker.lnk

[2009-01-01 14:24:21 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Droppix

[2009-01-01 14:24:21 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Codejock Software

[2009-01-01 14:24:20 | 00,000,000 | R--D | C] -- C:\Users\Nelly\Dokumment\Droppix DVD Maker

[2009-01-01 14:24:20 | 00,000,000 | ---D | C] -- C:\Program Files\Droppix

[2009-01-01 14:23:56 | 00,000,000 | ---D | C] -- C:\ProgramData\Droppix

[2009-01-01 13:45:27 | 00,001,096 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Media Player Classic.lnk

[2009-01-01 01:49:35 | 00,220,491 | ---- | C] () -- C:\Users\Nelly\Dokumment\Namnlös (8).wma

[2009-01-01 01:44:59 | 00,561,731 | ---- | C] () -- C:\Users\Nelly\Dokumment\Namnlös (7).wma

[2009-01-01 01:44:10 | 01,024,201 | ---- | C] () -- C:\Users\Nelly\Dokumment\Namnlös (6).wma

[2008-12-31 16:58:03 | 00,000,000 | ---D | C] -- C:\Users\Nelly\Skrivbord\olympus

[2008-12-30 15:27:32 | 00,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk

[2008-12-30 15:27:18 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe

[2008-12-29 21:39:23 | 00,000,000 | ---D | C] -- C:\ProgramData\NOS

[2008-12-29 21:39:23 | 00,000,000 | ---D | C] -- C:\Program Files\NOS

[2008-12-29 21:19:01 | 00,069,325 | ---- | C] () -- C:\ProgramData\nvModes.dat

[2008-12-29 21:19:01 | 00,069,325 | ---- | C] () -- C:\ProgramData\nvModes.001

[2008-12-29 18:44:06 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\ACD Systems

[2008-12-29 18:44:06 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Local\ACD Systems

[2008-12-29 18:43:28 | 00,002,078 | ---- | C] () -- C:\Users\Public\Desktop\ACDSee for PENTAX 3.0.lnk

[2008-12-29 18:43:07 | 00,000,000 | ---D | C] -- C:\ProgramData\ACD Systems

[2008-12-29 18:43:05 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ACD Systems

[2008-12-29 18:43:05 | 00,000,000 | ---D | C] -- C:\Program Files\ACD Systems

[2008-12-29 18:41:44 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Local\Downloaded Installations

[2008-12-29 12:59:44 | 00,000,000 | ---D | C] -- C:\Users\Nelly\Skrivbord\Anna och Johan

[2008-12-28 00:19:01 | 00,000,000 | ---D | C] -- C:\Users\Nelly\Skrivbord\Nilla

[2008-12-26 12:35:07 | 00,025,214 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Sims2EP1.ico

[2008-12-26 12:34:44 | 00,010,134 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Sims2SP5.ico

[2008-12-26 12:34:25 | 00,010,134 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Sims2SP2.ico

[2008-12-26 12:34:10 | 00,010,134 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Sims2EP4.ico

[2008-12-26 12:33:57 | 00,010,134 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Sims2EP3.ico

[2008-12-26 12:33:46 | 00,010,134 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Sims2.ico

[2008-12-25 10:18:50 | 00,000,000 | ---D | C] -- C:\Users\Nelly\Skrivbord\Amy och Johan

[2008-12-24 23:24:44 | 00,002,209 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 2 IKEA® Heminredning Prylpaket.lnk

[2008-12-24 23:18:04 | 00,001,338 | ---- | C] () -- C:\Users\Public\Desktop\www.thesims3.com.lnk

[2008-12-24 23:18:03 | 00,002,101 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 2 Livet i lägenhet.lnk

[2008-12-24 23:09:25 | 00,002,236 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 2 Herrgård och trädgård Prylpaket.lnk

[2008-12-23 21:41:09 | 00,669,491 | ---- | C] () -- C:\Users\Nelly\Dokumment\Namnlös (5).wma

[2008-12-23 21:39:44 | 00,265,391 | ---- | C] () -- C:\Users\Nelly\Dokumment\Namnlös (4).wma

[2008-12-23 21:39:18 | 00,117,221 | ---- | C] () -- C:\Users\Nelly\Dokumment\Namnlös (3).wma

[2008-12-23 21:38:48 | 00,211,511 | ---- | C] () -- C:\Users\Nelly\Dokumment\Namnlös (2).wma

[2008-12-23 18:40:21 | 00,213,538 | ---- | C] () -- C:\Users\Nelly\Dokumment\Jonte.docx

[2008-12-23 17:38:58 | 00,243,776 | ---- | C] () -- C:\Users\Nelly\Dokumment\Presentation1.pptx

[2008-12-23 16:53:14 | 00,001,017 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Samsung PC Studio 3.lnk

[2008-12-23 16:37:28 | 00,001,975 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Windows Live Messenger.lnk

[2008-12-23 10:31:31 | 00,055,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys

[2008-12-23 10:28:30 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft

[2008-12-22 13:54:18 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\Macrovision

[2008-12-21 11:55:52 | 00,000,000 | ---D | C] -- C:\ProgramData\WEBREG

[2008-12-21 11:36:09 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\Printer Info Cache

[2008-12-21 11:36:08 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\Image Zone Express

[2008-12-21 11:22:31 | 00,000,000 | -H-D | C] -- C:\Config.Msi

[2008-12-21 10:33:17 | 00,016,763 | ---- | C] () -- C:\Users\Nelly\Dokumment\year 3000- jonas brothers.docx

[2008-12-21 10:27:51 | 00,018,194 | ---- | C] () -- C:\Users\Nelly\Dokumment\Play my music- jonas brothers.docx

[2008-12-20 21:49:34 | 00,010,178 | ---- | C] () -- C:\Users\Nelly\Dokumment\a href.docx

[2008-12-20 02:09:37 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive

[2008-12-18 15:56:48 | 03,578,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll

[2008-12-16 22:26:40 | 00,031,232 | ---- | C] () -- C:\Users\Nelly\Dokumment\Rörelse 2.doc

[2008-12-16 17:58:57 | 00,015,128 | ---- | C] () -- C:\Users\Nelly\Dokumment\Rörelse.docx

[2008-12-14 15:49:13 | 01,140,941 | ---- | C] () -- C:\Users\Nelly\Dokumment\Namnlös.wma

[2008-12-12 22:31:14 | 00,010,340 | ---- | C] () -- C:\Users\Nelly\Dokumment\julklappar.docx

[2008-12-12 19:35:00 | 00,000,000 | ---D | C] -- C:\Users\Nelly\Skrivbord\Ny mapp

[2008-12-11 15:45:05 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2008-12-10 19:27:50 | 00,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll

[2008-12-10 19:27:44 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll

[2008-12-10 19:27:43 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll

[2008-12-10 19:27:36 | 06,068,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll

[2008-12-10 19:27:36 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll

[2008-12-10 19:27:35 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll

[2008-12-10 19:27:35 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2008-12-10 19:27:34 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll

[2008-12-10 19:27:34 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2008-12-10 19:27:30 | 02,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe

[2008-12-10 19:27:18 | 11,580,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll

[2008-12-10 19:27:10 | 02,868,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll

[2008-12-10 19:27:09 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL

[2008-12-10 19:27:07 | 00,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll

[2008-12-10 19:27:07 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe

[2008-12-10 17:47:14 | 00,000,000 | ---D | C] -- C:\ProgramData\FirstClass

[2008-12-10 16:09:54 | 00,016,388 | ---- | C] () -- C:\Users\Nelly\Dokumment\Analys av Sandor slash Ida.docx

[2008-12-08 23:06:14 | 00,363,008 | ---- | C] () -- C:\Users\Nelly\Dokumment\Kraft- no arbete.doc

 

========== Files - Modified Within 30 Days ==========

 

[1 C:\Windows\*.tmp files]

[2009-01-06 14:04:56 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2009-01-06 14:04:56 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2009-01-06 13:17:08 | 00,069,325 | ---- | M] () -- C:\ProgramData\nvModes.dat

[2009-01-06 13:17:08 | 00,069,325 | ---- | M] () -- C:\ProgramData\nvModes.001

[2009-01-06 13:17:07 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2009-01-06 12:05:32 | 00,000,464 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (TE).job

[2009-01-06 12:04:57 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2009-01-06 12:04:44 | 32,195,78880 | -HS- | M] () -- C:\hiberfil.sys

[2009-01-06 12:03:52 | 00,000,836 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2009-01-06 12:03:46 | 04,363,830 | -H-- | M] () -- C:\Users\Nelly\AppData\Local\IconCache.db

[2009-01-06 01:15:17 | 00,034,816 | ---- | M] () -- C:\Users\Nelly\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-01-05 22:07:27 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2009-01-04 18:38:22 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2009-01-04 18:38:18 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2009-01-03 22:40:15 | 00,000,957 | ---- | M] () -- C:\Users\Public\Desktop\Pixillion Image Converter.lnk

[2009-01-01 15:48:32 | 01,793,028 | ---- | M] () -- C:\Users\Nelly\Dokumment\hundarna.pptx

[2009-01-01 15:43:33 | 00,002,607 | ---- | M] () -- C:\Users\Nelly\Skrivbord\Microsoft Office PowerPoint 2007.lnk

[2009-01-01 14:24:27 | 00,000,909 | ---- | M] () -- C:\Users\Nelly\Skrivbord\Droppix DVD Maker.lnk

[2009-01-01 01:49:36 | 00,220,491 | ---- | M] () -- C:\Users\Nelly\Dokumment\Namnlös (8).wma

[2009-01-01 01:44:59 | 00,561,731 | ---- | M] () -- C:\Users\Nelly\Dokumment\Namnlös (7).wma

[2009-01-01 01:44:10 | 01,024,201 | ---- | M] () -- C:\Users\Nelly\Dokumment\Namnlös (6).wma

[2008-12-31 17:01:49 | 01,395,246 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2008-12-31 17:01:49 | 00,598,160 | ---- | M] () -- C:\Windows\System32\perfh01D.dat

[2008-12-31 17:01:49 | 00,587,484 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2008-12-31 17:01:49 | 00,117,756 | ---- | M] () -- C:\Windows\System32\perfc01D.dat

[2008-12-31 17:01:49 | 00,101,556 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2008-12-30 15:27:32 | 00,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk

[2008-12-29 21:17:01 | 00,002,413 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2008-12-29 20:52:37 | 00,054,133 | ---- | M] () -- C:\Users\Nelly\AppData\Roaming\nvModes.001

[2008-12-29 18:43:28 | 00,002,078 | ---- | M] () -- C:\Users\Public\Desktop\ACDSee for PENTAX 3.0.lnk

[2008-12-28 17:34:29 | 00,054,133 | ---- | M] () -- C:\Users\Nelly\AppData\Roaming\nvModes.dat

[2008-12-27 22:06:12 | 00,077,824 | -H-- | M] () -- C:\Users\Nelly\Dokumment\photothumb.db

[2008-12-26 02:09:55 | 00,000,680 | ---- | M] () -- C:\Users\Nelly\AppData\Local\d3d9caps.dat

[2008-12-24 23:24:44 | 00,002,209 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 2 IKEA® Heminredning Prylpaket.lnk

[2008-12-24 23:18:04 | 00,001,338 | ---- | M] () -- C:\Users\Public\Desktop\www.thesims3.com.lnk

[2008-12-24 23:18:03 | 00,002,101 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 2 Livet i lägenhet.lnk

[2008-12-24 23:09:25 | 00,002,236 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 2 Herrgård och trädgård Prylpaket.lnk

[2008-12-23 21:41:09 | 00,669,491 | ---- | M] () -- C:\Users\Nelly\Dokumment\Namnlös (5).wma

[2008-12-23 21:39:44 | 00,265,391 | ---- | M] () -- C:\Users\Nelly\Dokumment\Namnlös (4).wma

[2008-12-23 21:39:18 | 00,117,221 | ---- | M] () -- C:\Users\Nelly\Dokumment\Namnlös (3).wma

[2008-12-23 21:38:48 | 00,211,511 | ---- | M] () -- C:\Users\Nelly\Dokumment\Namnlös (2).wma

[2008-12-23 18:03:15 | 00,213,538 | ---- | M] () -- C:\Users\Nelly\Dokumment\Jonte.docx

[2008-12-23 17:50:43 | 00,002,623 | ---- | M] () -- C:\Users\Nelly\Skrivbord\Microsoft Office Word 2007.lnk

[2008-12-23 17:38:59 | 00,243,776 | ---- | M] () -- C:\Users\Nelly\Dokumment\Presentation1.pptx

[2008-12-23 16:37:28 | 00,001,975 | ---- | M] () -- C:\Users\Nelly\Skrivbord\Windows Live Messenger.lnk

[2008-12-23 10:29:32 | 00,000,759 | ---- | M] () -- C:\Users\Nelly\Dokumment\Mina delade mappar.lnk

[2008-12-21 11:54:04 | 00,000,157 | ---- | M] () -- C:\Windows\win.ini

[2008-12-21 10:33:18 | 00,016,763 | ---- | M] () -- C:\Users\Nelly\Dokumment\year 3000- jonas brothers.docx

[2008-12-21 10:27:52 | 00,018,194 | ---- | M] () -- C:\Users\Nelly\Dokumment\Play my music- jonas brothers.docx

[2008-12-20 21:49:35 | 00,010,178 | ---- | M] () -- C:\Users\Nelly\Dokumment\a href.docx

[2008-12-16 22:26:41 | 00,031,232 | ---- | M] () -- C:\Users\Nelly\Dokumment\Rörelse 2.doc

[2008-12-16 22:24:22 | 00,015,128 | ---- | M] () -- C:\Users\Nelly\Dokumment\Rörelse.docx

[2008-12-14 15:49:13 | 01,140,941 | ---- | M] () -- C:\Users\Nelly\Dokumment\Namnlös.wma

[2008-12-12 23:33:20 | 00,010,340 | ---- | M] () -- C:\Users\Nelly\Dokumment\julklappar.docx

[2008-12-12 19:32:10 | 00,001,125 | ---- | M] () -- C:\Users\Nelly\Dokumment\nelly.assarsson@hotmail.com Arkiv med delade mappar.lnk

[2008-12-12 06:52:52 | 03,578,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll

[2008-12-10 22:48:28 | 00,016,388 | ---- | M] () -- C:\Users\Nelly\Dokumment\Analys av Sandor slash Ida.docx

[2008-12-10 00:24:37 | 17,593,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe

[2008-12-08 23:16:25 | 00,363,008 | ---- | M] () -- C:\Users\Nelly\Dokumment\Kraft- no arbete.doc

[2008-12-08 22:39:46 | 00,119,007 | ---- | M] () -- C:\Users\Nelly\Dokumment\Kraft- no arbete.docx

[2008-12-08 17:01:52 | 00,055,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys

< End of report >[/log]

 

 

[log]OTViewIt Extras logfile created on: 2009-01-06 14:09:29 - Run 2

OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\Nelly\Hämtade Filer

Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

2.00 Gb Total Physical Memory | 1.95 Gb Available Physical Memory | 97.61% Memory free

4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free

Paging file location(s): ?:\pagefile.sys;

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 288.02 Gb Total Space | 78.07 Gb Free Space | 27.11% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: NELLYSDATOR

Current User Name: Nelly

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html [@ = htmlfile] -- C:\Program\Internet Explorer\iexplore.exe File not found

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval"=1

"UacDisableNotify"=1

"InternetSettingsDisableNotify"=1

"AutoUpdateDisableNotify"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride"=1

"AntiSpywareOverride"=0

"FirewallOverride"=0

"VistaSp1"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

"DisableNotifications"=0

"EnableFirewall"=0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

========== (O10) Winsock2 Catalogs ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]

NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] -- C:\Windows\System32\nlaapi.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] -- C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000005 [bluetooth-namnområde] -- C:\Windows\System32\wshbth.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000008 [mdnsNSP] -- C:\Program\Bonjour\mdnsNSP.dll File not found

 

========== HKEY_LOCAL_MACHINE Protocol Defaults ==========

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults - Default Protocols

ldap -- 4 = Restricted sites (Not a Default Protocol)

news -- 4 = Restricted sites (Not a Default Protocol)

nntp -- 4 = Restricted sites (Not a Default Protocol)

oecmd -- 4 = Restricted sites (Not a Default Protocol)

snews -- 4 = Restricted sites (Not a Default Protocol)

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

@ivt -- @ivt protocol not assigned

file -- file protocol not assigned

ftp -- ftp protocol not assigned

http -- http protocol not assigned

https -- https protocol not assigned

shell -- shell protocol not assigned

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

@ivt -- @ivt protocol not assigned

file -- file protocol not assigned

ftp -- ftp protocol not assigned

http -- http protocol not assigned

https -- https protocol not assigned

shell -- shell protocol not assigned

 

========== (O18) Protocol Handlers ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

File not found C:\Program\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

File not found C:\Program\Common Files\microsoft shared\Help\hxds.dll (ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} (HKLM) [HxProtocol Class])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

File not found C:\Program\Common Files\microsoft shared\Information Retrieval\msitss.dll (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

File not found C:\Program\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

File not found C:\Program\Common Files\Skype\Skype4COM.dll (skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} (HKLM) [iEProtocolHandler Class])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

File not found C:\Program\Windows Live\Mail\mailcomm.dll (wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} (HKLM) [Windows Live Mail HTML Asynchronous Pluggable Protocol Handler])

 

========== (O18) Protocol Filters ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters

File not found C:\Program\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL text/xml:{807563E5-5146-11D5-A672-00B0D022E945} (HKLM) [Microsoft Office InfoPath XML Mime Filter]

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01521746-02A6-4A72-00BD-A285DF6B80C6}"=The Sims 2 Studentliv

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}"=CyberLink YouCam

"{03D1988F-469F-4843-8E6E-E5FE9D17889D}"=HP Integrated Module with Bluetooth wireless technology 6.0.1.5500

"{082702D5-5DD8-4600-BCE5-48B15174687F}"=HP Doc Viewer

"{0D2E9DCB-9938-475E-B4DD-8851738852FF}"=AIO_Scan

"{11BB336F-0E58-4977-B866-F24FA334616B}"=HP Active Support Library

"{13F2B82E-9F78-4518-826F-2DF37B58AEDD}"=3200

"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}"=Scan

"{179C56A4-F57F-4561-8BBF-F911D26EB435}"=WebReg

"{18D10072035C4515918F7E37EAFAACFC}"=AutoUpdate

"{1A2A15C2-6780-49c1-B296-503230E9DE00}"=The Sims™ 2 Herrgård och trädgård Prylpaket

"{1B1401E5-DEC7-4E6F-8146-16070781AE99}"=Windows Live Movie Maker Beta

"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}"=Adobe Shockwave Player

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}"=DVD Suite

"{205C6BDD-7B73-42DE-8505-9A093F35A238}"=Windows Live Upload Tool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}"=MSVCRT

"{254C37AA-6B72-4300-84F6-98A82419187E}"=Hewlett-Packard Active Check

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java 6 Update 11

"{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}"=HP Help and Support

"{2C1B58D5-6549-472C-86B7-17BE57186628}"=Microsoft Works

"{30BB4D60-81DB-11D5-BB77-00400536ABAC}"=OLYMPUS CAMEDIA Master 4.1

"{31383A1D-FAE6-435A-9DBD-FDB61C7C8EC9}"=Ulead Photo Express 5 SE

"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}"=Component Framework

"{318AB667-3230-41B5-A617-CB3BF748D371}"=iTunes

"{3248F0A8-6813-11D6-A77B-00B0D0160020}"=Java 6 Update 2

"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java 6 Update 7

"{34D2AB40-150D-475D-AE32-BD23FB5EE355}"=HP Quick Launch Buttons 6.30 E1

"{35D24072-C275-484B-B143-C7F45A5C2E2B}"=Samsung PC Studio

"{3672B097-EA69-4BFE-B92F-29AE6D9D2B34}"=Norton Internet Security

"{3EDE9D4A-02A5-4B73-989A-DAB900102044}"=Windows Live Writer

"{3FADAA19-E595-44CA-A072-58B6B0851768}"=Norton Security Scan

"{40BF1E83-20EB-11D8-97C5-0009C5020658}"=Power2Go

"{450063AA-643B-417C-8CF5-405BA3F4EF40}"=Autodesk Design Review 2009

"{45BA6F47-ED29-4ACB-8F40-BBAD4D644EE5}"=AviDecode

"{45D707E9-F3C4-11D9-A373-0050BAE317E1}"=HP QuickPlay 3.6

"{4817189D-1785-4627-A33C-39FD90919300}"=The Sims™ 2 Djurliv

"{49F2B650-2D7B-4F59-B33D-346F63776BD3}"=DocProc

"{4A11206C-4377-49E8-911E-B11548658FF3}"=Revit Architecture 2008

"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}"=Junk Mail filter update

"{4BAA431E-CA4F-430A-B318-BB0BED7BA571}"=Windows Live Family Safety

"{4D49757C-367A-4333-BDB3-68966162B14E}"=HP User Guides 0087

"{4EE3649E-8ED7-49B3-A16F-E7C91199BC25}"=Windows Live Mail

"{55A6283C-638A-4EE0-B491-51118554BDA2}"=Norton Confidential Core

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}"=neroxml

"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}"=Microsoft Office Live Add-in 1.3

"{582D2A53-F426-4C5E-A2E6-43C1AB36B907}"=Safari

"{595A6662-6158-11D4-8F73-0050DA0F6297}"=The Sims Art Studio

"{59F6A514-9813-47A3-948C-8A155460CC2A}"=RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01

"{5B35C417-2649-11D6-83D1-0050FC01225C}"=FirstClass® Client

"{5BF90C8E-159F-495A-B637-08831A74AD58}"=Windows Live Sync

"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}"=Skype™ 3.8

"{62120008-8E1E-4807-860D-A8B48F8552DB}"=Norton Protection Center

"{669D4A35-146B-4314-89F1-1AC3D7B88367}"=Hewlett-Packard Asset Agent for Health Check

"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}"=eSupportQFolder

"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}"=HPProductAssistant

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}"=Windows Media Player Firefox Plugin

"{6B00254E-D47E-4B89-920E-FB98087EA521}_is1"=Koblo Studio beta 0.9 r2654

"{6E17F9751-F056-4335-B718-8AF1B1092AFB}"=The Sims™ 2 IKEA® Heminredning Prylpaket

"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}"=The Sims 2

"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}"=CustomerResearchQFolder

"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable

"{77772678-817F-4401-9301-ED1D01A8DA56}"=SPBBC 32bit

"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}"=Norton AntiVirus

"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}"=Fax

"{7AC15160-A49B-4A89-B181-D4619C025FFF}"=Samsung Samples Installer

"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}"=The Sims 2 Arbetsliv

"{7B63B2922B174135AFC0E1377DD81EC2}"=DivX Codec

"{7DC4A410-9986-4329-9E5D-687B2C42CA39}"=HP QuickTouch 1.00 C4

"{7F362F06-A9A3-440F-8B19-6A01A72723C4}"=AuthenTec Fingerprint Sensor Minimum Install

"{81ED14FD-A608-42C4-BF38-05D224BD7493}"=SymNet

"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}"=The Sims™ 2 H&M® Fashion Prylpaket

"{865DB1C9-D5E4-408B-B37D-9927E605BD2D}"=ESU for Microsoft Vista

"{87E2B986-07E8-477a-93DC-AF0B6758B192}"=DocProcQFolder

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}"=Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista

"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}"=Bonjour

"{8ADFC4160D694100B5B8A22DE9DCABD9}"=DivX Player

"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}"=Choice Guard

"{90120000-0016-041D-0000-0000000FF1CE}"=Microsoft Office Excel MUI (Swedish) 2007

"{90120000-0016-041D-0000-0000000FF1CE}_HOMESTUDENTR_{E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0018-041D-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (Swedish) 2007

"{90120000-0018-041D-0000-0000000FF1CE}_HOMESTUDENTR_{E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001B-041D-0000-0000000FF1CE}"=Microsoft Office Word MUI (Swedish) 2007

"{90120000-001B-041D-0000-0000000FF1CE}_HOMESTUDENTR_{E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0407-0000-0000000FF1CE}"=Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0409-0000-0000000FF1CE}"=Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-040B-0000-0000000FF1CE}"=Microsoft Office Proof (Finnish) 2007

"{90120000-001F-040B-0000-0000000FF1CE}_HOMESTUDENTR_{F14C929B-E0E6-4EB5-8BFD-FC71AAC7D39C}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-041D-0000-0000000FF1CE}"=Microsoft Office Proof (Swedish) 2007

"{90120000-001F-041D-0000-0000000FF1CE}_HOMESTUDENTR_{A8626CEF-CB0A-4BC2-8F51-210A43B6158D}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0020-041D-0000-0000000FF1CE}"=Compatibility Pack för Office 2007-systemet

"{90120000-002C-041D-0000-0000000FF1CE}"=Microsoft Office Proofing (Swedish) 2007

"{90120000-006E-041D-0000-0000000FF1CE}"=Microsoft Office Shared MUI (Swedish) 2007

"{90120000-006E-041D-0000-0000000FF1CE}_HOMESTUDENTR_{C41B2E34-C30E-4989-8A9D-6B0805B33EC1}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-008A-041D-0000-0000000FF1CE}"=Gadget för senaste dokument för Microsoft Office 2007

"{90120000-00A1-041D-0000-0000000FF1CE}"=Microsoft Office OneNote MUI (Swedish) 2007

"{90120000-00A1-041D-0000-0000000FF1CE}_HOMESTUDENTR_{E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}"=Intel® Matrix Storage Manager

"{91120000-002F-0000-0000-0000000FF1CE}"=Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{92022F8E-2E55-4A16-88EB-B4778B35E942}"=ACDSee for PENTAX 3.0

"{924EB80F-C2BB-4B9F-8412-88BBA937393F}"=MobileMe Control Panel

"{93075B89-3295-4877-8BCD-06D9F698AEBC}"=Symantec Real Time Storage Protection Component

"{9331E1EE-FB9F-11D6-ACFF-000082512888}"=Ufd Driver

"{95120000-00AF-041D-0000-0000000FF1CE}"=Microsoft Office PowerPoint Viewer 2007 (Swedish)

"{95120000-00B9-0409-0000-0000000FF1CE}"=Microsoft Application Error Reporting

"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}"=MarketResearch

"{978C25EE-5777-46e4-8988-732C297CBDBD}"=Status

"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}"=HP Easy Setup - Frontend

"{9A346205-EA92-4406-B1AB-50379DA3F057}"=Autodesk DWF Viewer 7

"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}"=Destinations

"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}"=The Sims™ 2 Glitter & Glamour Prylpaket

"{9FAC1E4E-1A46-4805-9BA9-04F7D760D44C}"=Shrek2

"{A0724A7E-F4E7-498e-B3F9-6FB2B909E56E}"=3100_3200_3300_Help

"{A36CD345-625C-4d6c-B3E2-76E1248CB451}"=SolutionCenter

"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}"=Copy

"{A67C4EF9-725D-4C83-A67A-BB7B7DE96CF4}"=Sibelius 5 Demo

"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}"=HP Update

"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}"=DeviceManagementQFolder

"{AC47C0EE-B581-4F3C-96F6-099B2863AC9F}"=Windows Live Photo Gallery

"{AC76BA86-7AD7-1053-7B44-A81300000003}"=Adobe Reader 8.1.3 - Svenska

"{AC76BA86-7AD7-5464-3428-800000000003}"=Spelling Dictionaries Support For Adobe Reader 8

"{B13A7C41581B411290FBC0395694E2A9}"=DivX Converter

"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}"=ccCommon

"{B3B4E8E4-E2A4-11D6-8D31-00105A629F49}"=eMedia Piano and Keyboard Method

"{B6F5B704-06D3-4687-90F3-6195304AD755}"=The Sims™ 2 Livet i lägenhet

"{B7050CBDB2504B34BC2A9CA0A692CC29}"=DivX Web Player

"{BA820A24-704B-428D-9904-71A10DAC1372}"=OLYMPUS Master

"{BBF8FA9C-23D9-4310-9AC7-A3A9AE7EE4D7}"=Backpacker 3

"{BD0E2B92-3814-46F0-893B-4612EA010C7E}"=HP Customer Experience Enhancements

"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}"=BufferChm

"{C1C185CA-C531-49F5-A6FA-B838405A049D}"=Norton Internet Security

"{C4A4722E-79F9-417C-BD72-8D359A090C97}"=Samsung PC Studio

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}"=LabelPrint

"{C716522C-3731-4667-8579-40B098294500}"=Toolbox

"{C7AF7F33-9092-997E-2D29-DE8095863FE3}"=DigitalPersona Personal 3.0.0

"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}"=HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}"=PowerDirector

"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}"=HP Wireless Assistant

"{CF4C44DF-F66D-4F69-8215-EE122A96CA60}"=Windows Live inloggningsassistenten

"{D271DAE0-8D68-4C97-8356-A126D48A1D8C}"=Ulead Photo Explorer 8.0 SE Basic

"{D36DD326-7280-11D8-97C8-000129760CBE}"=PhotoNow!

"{D95AA4F4-9FCF-4BD8-AC07-AB1912A202E2}_is1"=Home Plan Pro version 5.2.12.25

"{E0455AB9-7681-4CB3-9204-16E957A64CB2}"=Windows Live Essentials

"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}"=UnloadSupport

"{E09575B2-498D-4C8B-A9D2-623F78574F29}"=AIO_CDB_Software

"{E0A43EF2-46A5-4de2-916A-C515D8AA1618}"=3100_3200_3300trb

"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}"=Norton AntiVirus Help

"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}"=AIO_CDB_ProductContext

"{E80F62FF-5D3C-4A19-8409-9721F2928206}"=LiveUpdate (Symantec Corporation)

"{EB21A812-671B-4D08-B974-2A347F0D8F70}"=HP Photosmart Essential

"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}"=HPSSupply

"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}"=Samsung PC Studio 3 USB Driver Installer

"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}"=Apple Mobile Device Support

"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}"=AppCore

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}"=Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver

"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}"=32 Bit HP CIO Components Installer

"{F69E83CF-B440-43F8-89E6-6EA80712109B}"=Windows Live Communications Platform

"{F7F3B252-E772-48AA-93EB-7964BC326067}"=MSCU for Microsoft Vista

"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}"=Corel Paint Shop Pro 9

"{F958CA02-BB40-4007-894B-258729456EE4}"=QuickTime

"{FCEA59CC-5A80-4680-9F7F-6E75174E884C}"=Windows Live Messenger

"{FF075778-6E50-47ed-991D-3B07FD4E3250}"=TrayApp

"7-Zip"=7-Zip 4.60 beta

"AC3File"=AC3File (remove only)

"Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin

"Adobe Shockwave Player"=Adobe Shockwave Player 11

"AIM_6"=AIM 6

"AirXonix_is1"=AirXonix version 1.37

"Autodesk Design Review 2009"=Autodesk Design Review 2009

"CAL"=Canon Camera Access Library

"CameraWindowDVC5"=Canon Camera Window DC_DV 5 for ZoomBrowser EX

"CameraWindowDVC6"=Canon Camera Window DC_DV 6 for ZoomBrowser EX

"CameraWindowMC"=Canon Camera Window MC 6 for ZoomBrowser EX

"CANON iMAGE GATEWAY Task"=CANON iMAGE GATEWAY Task

"Canon Internet Library for ZoomBrowser EX"=Canon Internet Library for ZoomBrowser EX

"CSCLIB"=Canon Camera Support Core Library

"Digital Camera Driver"=Digital Camera Driver

"DPP"=Canon Utilities Digital Photo Professional 2.1

"DxDVD_is1"=Droppix DVD Maker 1.5.0

"Elf Bowling The Last Insult_is1"=Elf Bowling The Last Insult

"EOS Utility"=Canon Utilities EOS Utility

"ExpressBurn"=Express Burn

"ExpressRip"=Express Rip

"FaceLift"=FaceLift

"Fairy Words_is1"=Fairy Words

"Fake Progress Bar_is1"=Fake Progress Bar 1.0

"Family Tree Builder"=MyHeritage Family Tree Builder

"Free Sound Recorder_is1"=Free Sound Recorder v7.0.1

"Frosty Games"=Frosty Games

"Garfield Goes to Pieces_is1"=Garfield Goes to Pieces

"GSpot"=GSpot Codec Information Appliance

"Guitar Pro 5_is1"=Guitar Pro 5.2

"Hauppauge MCE2005 Software Encoder"=Hauppauge MCE XP/Vista Software Encoder (2.0.25149)

"HijackThis"=HijackThis 2.0.2

"HOMESTUDENTR"=Microsoft Office Home and Student 2007

"Hospital"=Theme Hospital

"HP Imaging Device Functions"=HP Imaging Device Functions 8.0

"HP Solution Center & Imaging Support Tools"=HP Solution Center 8.0

"HPExtendedCapabilities"=HP Customer Participation Program 8.0

"HPOCR"=HP OCR Software 8.0

"IncrediMail"=IncrediMail

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}"=CyberLink YouCam

"InstallShield_{9FAC1E4E-1A46-4805-9BA9-04F7D760D44C}"=Shrek2

"InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}"=OLYMPUS Master

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}"=PowerDirector

"KLiteCodecPack_is1"=K-Lite Codec Pack 4.2.5 (Standard)

"LimeWire"=LimeWire 4.18.8

"Magentic"=Magentic

"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware

"Mario Forever v 2.16 !"=Mario Forever v 2.16 !

"MixPad"=MixPad

"Monopoly_is1"=Monopoly

"Mozilla Firefox (3.0.5)"=Mozilla Firefox (3.0.5)

"Music MasterWorks v3.94_is1"=Music MasterWorks v3.94

"Need For Extreme 3D_is1"=Need For Extreme 3D

"NSSSetup.{3FADAA19-E595-44CA-A072-58B6B0851768}"=Norton Security Scan (Symantec Corporation)

"NVIDIA Drivers"=NVIDIA Drivers

"Nya Husjournalen"=Nya Husjournalen

"Photo Art Studio_is1"=Photo Art Studio 1.31

"PhotoScape"=PhotoScape

"PhotoStitch"=Canon Utilities PhotoStitch

"Pixillion"=Pixillion Image Converter

"Portrait Professional 8 Trial_is1"=Portrait Professional 8.0 Trial

"PsuedoLiveUpdate"=LiveUpdate (Symantec Corporation)

"RAW Image Task"=Canon RAW Image Task for ZoomBrowser EX

"Realtime Landscaping Pro DEMO"=Realtime Landscaping Pro DEMO

"RemoteCaptureTask"=Canon RemoteCapture Task for ZoomBrowser EX

"SAMSUNG CDMA Modem"=SAMSUNG CDMA Modem Driver Set

"SAMSUNG Mobile USB Modem"=SAMSUNG Mobile USB Modem Software

"SAMSUNG Mobile USB Modem 1.0"=SAMSUNG Mobile USB Modem 1.0 Software

"Skin Creator"=Skin Creator

"SlingMedia.QPSlingPlayer_is1"=QuickPlay SlingPlayer 0.4.4

"SMSERIAL"=Motorola SM56 Data Fax Modem

"Sony Ericsson Themes Creator"=Sony Ericsson Themes Creator 3.27

"Space Skramble_is1"=Space Skramble

"Steinberg Cubase SX v3.1.1.944"=Steinberg Cubase SX v3.1.1.944

"Super DVD Creator_is1"=Super DVD Creator 9.8 Full Version

"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}"=Norton Internet Security (Symantec Corporation)

"SyncroSoft Emu"=SyncroSoft Emu (Remove only)

"Syncrosoft's License Control"=Syncrosoft's License Control

"SynTPDeinstKey"=Synaptics Pointing Device Driver

"Tarzan Actionspel"=Tarzan Actionspel

"Ten Pin Championship Bowling Pro"=Ten Pin Championship Bowling Pro

"TPTEST5_is1"=TPTEST 5.0.2

"WavePad"=WavePad Sound Editor

"WinLiveSuite_Wave3"=Windows Live Essentials

"WinPcapInst"=WinPcap 4.0

"WinRAR archiver"=WinRAR archiver

"Virtual Garden"=Virtual Garden

"VLC media player"=VideoLAN VLC media player 0.8.6a

"WM Recorder 12.1"=WM Recorder 12.1

"Vokabel_is1"=Vokabel 2.31

"ZoomBrowser EX"=Canon Utilities ZoomBrowser EX

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome"=Google Chrome

"SmartDraw 2009"=SmartDraw 2009

"uTorrent"=µTorrent

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome"=Google Chrome

"SmartDraw 2009"=SmartDraw 2009

"uTorrent"=µTorrent

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 2009-01-05 09:11:27 | Computer Name = Nellysdator | Source = Application Error | ID = 1000

Description = Felet uppstod i programmet agent.exe, version 6.1.100.61372, tidsstämpel

0x460c1f45, felet uppstod i modulen ntdll.dll, version 6.0.6001.18000, tidsstämpel

0x4791a7a6, undantagskod 0xc0000005, felförskjutning 0x0005a192, process-ID 0x1210,

programmets starttid 0x01c96f370255f85e.

 

Error - 2009-01-05 09:18:20 | Computer Name = Nellysdator | Source = Application Error | ID = 1000

Description = Felet uppstod i programmet agent.exe, version 6.1.100.61372, tidsstämpel

0x460c1f45, felet uppstod i modulen ntdll.dll, version 6.0.6001.18000, tidsstämpel

0x4791a7a6, undantagskod 0xc0000005, felförskjutning 0x0005a192, process-ID 0x1210,

programmets starttid 0x01c96f3806fd2886.

 

Error - 2009-01-05 09:57:06 | Computer Name = Nellysdator | Source = EventSystem | ID = 4621

Description =

 

Error - 2009-01-05 12:39:07 | Computer Name = Nellysdator | Source = Application Error | ID = 1000

Description = Felet uppstod i programmet agent.exe, version 6.1.100.61372, tidsstämpel

0x460c1f45, felet uppstod i modulen ntdll.dll, version 6.0.6001.18000, tidsstämpel

0x4791a7a6, undantagskod 0xc0000005, felförskjutning 0x0005a192, process-ID 0x4dc,

programmets starttid 0x01c96f540905e3f5.

 

Error - 2009-01-05 17:01:21 | Computer Name = Nellysdator | Source = Application Error | ID = 1000

Description = Felet uppstod i programmet agent.exe, version 6.1.100.61372, tidsstämpel

0x460c1f45, felet uppstod i modulen ntdll.dll, version 6.0.6001.18000, tidsstämpel

0x4791a7a6, undantagskod 0xc0000005, felförskjutning 0x0005a192, process-ID 0xbe0,

programmets starttid 0x01c96f78be52ae10.

 

Error - 2009-01-05 17:26:41 | Computer Name = Nellysdator | Source = Application Error | ID = 1000

Description = Felet uppstod i programmet agent.exe, version 6.1.100.61372, tidsstämpel

0x460c1f45, felet uppstod i modulen ntdll.dll, version 6.0.6001.18000, tidsstämpel

0x4791a7a6, undantagskod 0xc0000005, felförskjutning 0x0005a192, process-ID 0xe10,

programmets starttid 0x01c96f7c49e008c1.

 

Error - 2009-01-05 20:32:55 | Computer Name = Nellysdator | Source = Application Error | ID = 1000

Description = Felet uppstod i programmet agent.exe, version 6.1.100.61372, tidsstämpel

0x460c1f45, felet uppstod i modulen ntdll.dll, version 6.0.6001.18000, tidsstämpel

0x4791a7a6, undantagskod 0xc0000005, felförskjutning 0x0005a192, process-ID 0xb60,

programmets starttid 0x01c96f9643324b72.

 

Error - 2009-01-05 20:43:40 | Computer Name = Nellysdator | Source = Application Error | ID = 1000

Description = Felet uppstod i programmet agent.exe, version 6.1.100.61372, tidsstämpel

0x460c1f45, felet uppstod i modulen ntdll.dll, version 6.0.6001.18000, tidsstämpel

0x4791a7a6, undantagskod 0xc0000005, felförskjutning 0x0005a192, process-ID 0x53c,

programmets starttid 0x01c96f97c6846018.

 

Error - 2009-01-05 20:45:39 | Computer Name = Nellysdator | Source = Application Hang | ID = 1002

Description = Programmet Explorer.EXE, version 6.0.6001.18164, avslutades eftersom

det slutade att samverka med Windows. Ytterligare information kan finnas i problemhistoriken

på kontrollpanelen för Problemrapporter och lösningar. Process-ID: bb0 Starttid:

01c96f97c2c14568 Avslutningstid: 47

 

Error - 2009-01-05 20:52:58 | Computer Name = Nellysdator | Source = Application Error | ID = 1000

Description = Felet uppstod i programmet agent.exe, version 6.1.100.61372, tidsstämpel

0x460c1f45, felet uppstod i modulen ntdll.dll, version 6.0.6001.18000, tidsstämpel

0x4791a7a6, undantagskod 0xc0000005, felförskjutning 0x0005a192, process-ID 0xe94,

programmets starttid 0x01c96f9919b4f4b5.

 

[ DigitalPersona Pro Events ]

Error - 2009-01-05 04:21:40 | Computer Name = Nellysdator | Source = DigitalPersona Pro | ID = 17827075

Description = Agent cannot start. Description: Found other running Agent.

 

Error - 2009-01-05 09:10:40 | Computer Name = Nellysdator | Source = DigitalPersona Pro | ID = 17827075

Description = Agent cannot start. Description: Found other running Agent.

 

Error - 2009-01-05 09:18:00 | Computer Name = Nellysdator | Source = DigitalPersona Pro | ID = 17827075

Description = Agent cannot start. Description: Found other running Agent.

 

Error - 2009-01-05 12:39:02 | Computer Name = Nellysdator | Source = DigitalPersona Pro | ID = 17827075

Description = Agent cannot start. Description: Found other running Agent.

 

Error - 2009-01-05 17:01:22 | Computer Name = Nellysdator | Source = DigitalPersona Pro | ID = 17827075

Description = Agent cannot start. Description: Found other running Agent.

 

Error - 2009-01-05 17:26:45 | Computer Name = Nellysdator | Source = DigitalPersona Pro | ID = 17827075

Description = Agent cannot start. Description: Found other running Agent.

 

Error - 2009-01-05 20:32:49 | Computer Name = Nellysdator | Source = DigitalPersona Pro | ID = 17827075

Description = Agent cannot start. Description: Found other running Agent.

 

Error - 2009-01-05 20:43:59 | Computer Name = Nellysdator | Source = DigitalPersona Pro | ID = 17827075

Description = Agent cannot start. Description: Found other running Agent.

 

Error - 2009-01-05 20:53:37 | Computer Name = Nellysdator | Source = DigitalPersona Pro | ID = 17827075

Description = Agent cannot start. Description: Found other running Agent.

 

Error - 2009-01-06 05:47:51 | Computer Name = Nellysdator | Source = DigitalPersona Pro | ID = 17827075

Description = Agent cannot start. Description: Found other running Agent.

 

[ Media Center Events ]

Error - 2008-11-03 13:42:27 | Computer Name = Nellysdator | Source = ehSched | ID = 5

Description = CResourceMgr::GetEhepgdat Error GetEhepgdatDispatcher 0x80131534

 

Error - 2008-11-08 03:53:52 | Computer Name = Nellysdator | Source = ehSched | ID = 5

Description = CResourceMgr::GetEhepgdat Error GetEhepgdatDispatcher 0x80131534

 

Error - 2008-11-08 03:53:52 | Computer Name = Nellysdator | Source = ehSched | ID = 5

Description = CResourceMgr::GetEhepgdat Error GetEhepgdatDispatcher 0x80040154

 

Error - 2008-11-08 03:53:53 | Computer Name = Nellysdator | Source = ehSched | ID = 5

Description = CResourceMgr::GetEhepgdat Error GetEhepgdatDispatcher 0x80131534

 

Error - 2008-11-08 03:56:35 | Computer Name = Nellysdator | Source = ehSched | ID = 5

Description = CResourceMgr::GetEhepgdat Error GetEhepgdatDispatcher 0x80040154

 

Error - 2008-11-08 03:56:35 | Computer Name = Nellysdator | Source = ehSched | ID = 5

Description = CResourceMgr::GetEhepgdat Error GetEhepgdatDispatcher 0x80131534

 

Error - 2008-11-09 09:28:44 | Computer Name = Nellysdator | Source = ehSched | ID = 5

Description = CResourceMgr::GetEhepgdat Error GetEhepgdatDispatcher 0x80131534

 

Error - 2008-11-09 09:28:44 | Computer Name = Nellysdator | Source = ehSched | ID = 5

Description = CResourceMgr::GetEhepgdat Error GetEhepgdatDispatcher 0x80040154

 

Error - 2008-11-09 09:28:54 | Computer Name = Nellysdator | Source = ehSched | ID = 5

Description = CResourceMgr::GetEhepgdat Error GetEhepgdatDispatcher 0x80040154

 

Error - 2008-11-09 09:28:55 | Computer Name = Nellysdator | Source = ehSched | ID = 5

Description = CResourceMgr::GetEhepgdat Error GetEhepgdatDispatcher 0x80131534

 

[ System Events ]

Error - 2009-01-05 20:44:29 | Computer Name = Nellysdator | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2009-01-05 20:52:26 | Computer Name = Nellysdator | Source = HTTP | ID = 15016

Description =

 

Error - 2009-01-05 20:52:58 | Computer Name = Nellysdator | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2009-01-05 20:52:58 | Computer Name = Nellysdator | Source = Service Control Manager | ID = 7026

Description =

 

Error - 2009-01-06 05:47:21 | Computer Name = Nellysdator | Source = HTTP | ID = 15016

Description =

 

Error - 2009-01-06 05:47:55 | Computer Name = Nellysdator | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2009-01-06 05:47:55 | Computer Name = Nellysdator | Source = Service Control Manager | ID = 7026

Description =

 

Error - 2009-01-06 07:04:57 | Computer Name = Nellysdator | Source = HTTP | ID = 15016

Description =

 

Error - 2009-01-06 07:05:30 | Computer Name = Nellysdator | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2009-01-06 07:05:30 | Computer Name = Nellysdator | Source = Service Control Manager | ID = 7026

Description =

 

 

< End of report >

[/log]

 

[Cecilia]

Det är kanske något med behörigheterna som strular. Gör som jag skrev 11:56 men denna gång så startar du HijackThis genom att högerklicka på programmet och välja Kör som administratör.

 

[Nellow]

nu körde jag som adminisratör... men meddelandet kommer ändå..

 

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:33:28, on 2009-01-06

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Synaptics\SynTP\SynTPStart.exe

C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

C:\Program Files\DigitalPersona\Bin\DpAgent.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\CalCheck.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Windows Live\Family Safety\fsui.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Users\Nelly\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Visa Norton-verktygsfältet - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll

O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe

O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [ulead Photo Express Calendar Checker] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"

O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Nelly\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Skicka bild till &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Skicka sida till &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O13 - Gopher Prefix:

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Automatisk LiveUpdate-schemaläggare (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe

O23 - Service: Droppix Service - Droppix - C:\Program Files\Common Files\Droppix\DxService.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE

O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Super_DVD_Creator_9.8\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

 

--

End of file - 12040 bytes[/log]

 

[Cecilia]

Ja, men nu är i alla fall det som är skadligt borta, vilket åtminstone jag tycker är viktigare.

 

Det finns inget med Macrovision i loggen i alla fall utan det måste vara något program som startas automatiskt och som förväntar sig att det ska kunna uppdatera sig via Macrovision-programmet. Kan du försöka uppskatta när det kan ha börjat, hur länge hade det varit så innan du skrev här 27 december?

 

[Nellow]

Ja det känns jätte skönt att det är det.. tack så jättemycket för hjälpen!

 

ojj, det har varit så jättelänge.. kanske ca. 4mån..

 

[Cecilia]

Okej, det var länge det. När du kör OTViewIt så finns det en inställning för "File Age", där står det normalt 30 dagar men det är ändringsbart. Jag vet att man kan ändra till 90 dagar, men se om man kan ändra till ändå mer så att det täcker in dina 4 månader med marginal, dvs åtminstone 140 dagar. Du behöver inte klistra in Extra-loggen utan det räcker med den andra.

 

[Nellow]

det gick inte mer än 90dagar tillbaka.. när jag klickade på all så kom det upp ett felmeddelande om att det inte gick... men här kommer loggen från 90-dagars OTVievIt..

 

[log]OTViewIt logfile created on: 2009-01-07 11:19:11 - Run 7

OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\Nelly\Hämtade Filer

Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = )

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

2.00 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 86.94% Memory free

4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free

Paging file location(s): ?:\pagefile.sys;

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 288.02 Gb Total Space | 76.32 Gb Free Space | 26.50% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: NELLYSDATOR

Current User Name: Nelly

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 90 Days

 

========== Processes ==========

 

[2008-01-19 08:33:37 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe

[2008-01-19 08:33:14 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe

[2008-12-04 02:42:00 | 00,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe

[2008-01-19 08:33:22 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe

[2008-10-17 15:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

[2007-09-20 19:02:58 | 00,299,008 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe

[2006-11-02 10:45:37 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe

[2008-11-07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

[2008-08-29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe

[2008-12-08 17:01:58 | 00,533,344 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe

[2007-07-25 07:02:44 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

[2007-10-12 07:34:56 | 00,071,096 | ---- | M] () -- C:\Program Files\Super_DVD_Creator_9.8\NMSAccessU.exe

[2007-09-30 19:34:54 | 00,271,760 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

[2007-09-20 19:12:02 | 00,671,744 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe

[2008-01-19 08:33:08 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe

[2007-01-09 11:25:30 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe

[2008-01-19 08:33:32 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe

[2008-05-27 06:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe

[2005-09-30 18:22:50 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe

[2006-05-03 00:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

[2007-09-30 19:34:54 | 00,112,016 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

[2007-09-15 09:29:10 | 00,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe

[2007-01-17 14:34:18 | 00,634,880 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

[2007-08-17 14:27:00 | 04,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe

[2007-07-25 07:02:42 | 00,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

[2007-09-19 22:31:34 | 00,202,032 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

[2007-09-04 21:54:20 | 00,554,320 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

[2008-12-17 20:22:52 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe

[2006-12-10 21:52:38 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe

[2008-10-17 15:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

[2007-09-30 19:34:14 | 00,181,544 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe

[2004-01-12 20:40:24 | 00,069,632 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\CalCheck.exe

[2008-11-20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe

[2008-12-08 17:01:58 | 00,453,984 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsui.exe

[2006-11-02 10:45:37 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe

[2008-03-28 02:05:00 | 01,045,800 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[2008-12-02 22:32:00 | 03,882,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[2008-01-19 08:33:39 | 00,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe

[2008-01-19 08:33:32 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe

[2008-11-20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe

[2008-03-28 02:06:00 | 00,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

[2007-08-23 13:35:32 | 00,243,064 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

[2007-09-20 02:30:52 | 00,065,536 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

[2008-12-02 21:09:52 | 00,027,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe

[2006-11-02 10:45:37 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe

[2007-09-20 19:12:02 | 00,671,744 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe

[2008-01-19 08:33:32 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe

[2008-01-19 08:33:08 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe

[2007-09-15 09:29:10 | 00,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe

[2007-08-17 14:27:00 | 04,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe

[2007-07-25 07:02:42 | 00,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

[2007-09-19 22:31:34 | 00,202,032 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

[2008-12-17 20:22:52 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe

[2006-12-10 21:52:38 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe

[2007-09-30 19:34:14 | 00,181,544 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe

[2004-01-12 20:40:24 | 00,069,632 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\CalCheck.exe

[2008-11-20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe

[2008-12-08 17:01:58 | 00,453,984 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsui.exe

[2006-11-02 10:45:37 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe

[2008-03-28 02:05:00 | 01,045,800 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[2008-01-19 08:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe

[2008-01-19 08:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe

[2008-11-25 20:03:04 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Users\Nelly\AppData\Local\Google\Update\GoogleUpdate.exe

[2008-10-17 15:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

[2008-01-19 08:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe

[2008-01-19 08:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe

[2008-01-19 08:33:33 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe

[2008-03-28 02:06:00 | 00,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

[2008-07-29 19:37:12 | 01,251,720 | ---- | M] () -- C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

[2009-01-06 13:56:08 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Users\Nelly\Hämtade Filer\OTViewIt.exe

 

========== (O23) Win32 Services ==========

 

File not found -- -- (Apple Mobile Device [Auto | Running])

File not found -- -- (Autodesk Licensing Service [On_Demand | Stopped])

File not found -- -- (Automatic LiveUpdate Scheduler [Auto | Running])

File not found -- -- (Bonjour Service [Auto | Running])

File not found -- -- (CCALib8 [Auto | Running])

File not found -- -- (ccEvtMgr [Auto | Running])

File not found -- -- (ccSetMgr [Auto | Running])

File not found -- -- (CertPropSvc [unknown | Running])

[2008-01-05 12:26:41 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

File not found -- -- (CLTNetCnService [Auto | Running])

File not found -- -- (Com4Qlb [On_Demand | Stopped])

File not found -- -- (comHost [On_Demand | Stopped])

File not found -- -- (DcomLaunch [unknown | Running])

[2008-01-19 08:33:06 | 02,091,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe -- (DFSR [On_Demand | Stopped])

File not found -- -- (DpHost [Auto | Running])

[2008-01-19 08:34:06 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dps.dll -- (DPS [unknown | Running])

File not found -- -- (Droppix Service [On_Demand | Stopped])

[2008-01-19 08:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr [On_Demand | Stopped])

[2006-11-02 13:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])

[2008-01-05 12:21:53 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])

File not found -- -- (fsssvc [Auto | Running])

File not found -- -- (getPlus® Helper [On_Demand | Stopped])

[2008-01-19 08:34:25 | 00,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll -- (gpsvc [unknown | Running])

File not found -- -- (HP Health Check Service [Auto | Running])

File not found -- -- (hpqwmiex [Auto | Running])

File not found -- -- (IAANTMON [Auto | Running])

File not found -- -- (IDriverT [Disabled | Stopped])

File not found -- -- (iPod Service [On_Demand | Running])

File not found -- -- (LiveUpdate [On_Demand | Stopped])

File not found -- -- (LiveUpdate Notice [Auto | Running])

[2008-11-19 19:09:35 | 00,000,000 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [unknown | Stopped])

[2008-01-05 12:21:39 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

File not found -- -- (NMSAccessU [Auto | Running])

[2008-12-04 02:42:00 | 00,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc [Auto | Running])

File not found -- -- (odserv [On_Demand | Stopped])

File not found -- -- (ose [On_Demand | Stopped])

File not found -- -- (QPCapSvc [Auto | Running])

File not found -- -- (QPSched [Auto | Running])

File not found -- -- (RichVideo [Auto | Running])

File not found -- -- (rpcapd [On_Demand | Stopped])

[2008-01-19 08:36:19 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr [unknown | Stopped])

File not found -- -- (Schedule [unknown | Running])

File not found -- -- (SCPolicySvc [unknown | Stopped])

[2008-01-19 08:33:22 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc [Auto | Running])

[2006-11-02 10:45:46 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])

File not found -- -- (Symantec Core LC [On_Demand | Running])

[2008-01-19 08:33:33 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect [On_Demand | Stopped])

[2008-01-19 08:33:33 | 00,382,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds [On_Demand | Stopped])

File not found -- -- (WdiServiceHost [unknown | Stopped])

File not found -- -- (WdiSystemHost [unknown | Running])

[2008-05-27 06:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Auto | Running])

 

========== Driver Services ==========

 

[2006-11-02 10:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])

[2006-11-02 10:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])

[2006-11-02 10:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])

[2006-11-02 10:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])

[2006-11-02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])

[2006-11-02 10:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\System32\drivers\aliide.sys -- (aliide [Disabled | Stopped])

[2006-11-02 10:49:59 | 00,054,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp [On_Demand | Stopped])

[2006-11-02 10:49:26 | 00,015,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdide.sys -- (amdide [Disabled | Stopped])

[2006-11-02 09:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7 [Disabled | Stopped])

[2006-11-02 09:30:18 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8 [Disabled | Stopped])

[2006-11-02 10:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys -- (arc [Disabled | Stopped])

[2006-11-02 10:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])

[2007-08-28 23:47:36 | 00,146,560 | ---- | M] (AuthenTec, Inc.) -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV [On_Demand | Running])

[2006-11-02 08:30:53 | 00,464,384 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV [On_Demand | Stopped])

[2008-01-19 06:28:26 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser [On_Demand | Running])

[2006-11-02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])

[2006-11-02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])

[2006-11-02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid [Disabled | Stopped])

[2006-11-02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm [Disabled | Stopped])

[2006-11-02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm [Disabled | Stopped])

[2006-11-02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped])

[2008-08-02 00:34:04 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthenum.sys -- (BthEnum [On_Demand | Running])

[2008-01-19 06:53:38 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM [On_Demand | Running])

[2008-01-19 06:53:44 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthpan.sys -- (BthPan [On_Demand | Running])

[2008-08-02 00:34:04 | 00,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthport.sys -- (BTHPORT [On_Demand | Stopped])

[2008-08-02 00:34:04 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\BTHUSB.SYS -- (BTHUSB [On_Demand | Running])

[2007-09-18 14:12:28 | 00,080,424 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio [On_Demand | Running])

[2007-09-18 14:12:28 | 00,080,936 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt [On_Demand | Running])

[2007-09-18 14:12:28 | 00,016,168 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid [On_Demand | Running])

[2006-11-02 09:55:08 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\circlass.sys -- (circlass [Disabled | Stopped])

[2005-05-09 19:08:40 | 00,033,792 | ---- | M] (Team H2O) -- C:\Windows\System32\drivers\cledx.sys -- (CLEDX [On_Demand | Running])

[2008-01-19 08:42:58 | 00,247,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys -- (CLFS [unknown | Running])

[2006-11-02 10:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])

[2008-07-30 16:42:12 | 00,023,888 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon [On_Demand | Stopped])

[2007-08-08 16:39:56 | 00,036,056 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon [Auto | Running])

[2006-11-02 10:49:43 | 00,022,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk [boot | Running])

[2006-11-02 09:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe [Disabled | Stopped])

[2008-01-19 06:28:20 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC [system | Running])

[2008-01-19 06:49:12 | 00,131,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dot4.sys -- (Dot4 [On_Demand | Stopped])

[2008-01-19 06:49:09 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dot4Prt.sys -- (Dot4Print [On_Demand | Stopped])

[2008-01-19 06:49:10 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dot4usb.sys -- (dot4usb [On_Demand | Stopped])

[2008-08-02 02:01:23 | 00,625,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running])

[2006-11-02 08:30:54 | 00,163,328 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\e100b325.sys -- (E100B [On_Demand | Stopped])

[2006-11-02 08:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])

[2008-01-19 08:42:11 | 00,143,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache [boot | Running])

File not found -- -- (eeCtrl [system | Running])

[2006-11-02 10:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])

File not found -- -- (EraserUtilRebootDrv [On_Demand | Running])

[2008-01-19 06:28:01 | 00,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\exfat.sys -- (exfat [On_Demand | Stopped])

[2008-01-19 08:42:31 | 00,058,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo [boot | Running])

[2008-01-19 06:30:23 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace [On_Demand | Stopped])

[2008-12-08 17:01:52 | 00,055,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr [Auto | Running])

[2006-11-02 10:50:04 | 00,058,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx [On_Demand | Stopped])

[2008-04-17 12:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])

[2006-11-02 08:36:49 | 00,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])

[2008-01-19 05:30:49 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])

[2006-11-02 09:55:22 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth [Disabled | Stopped])

[2006-11-02 09:55:01 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidir.sys -- (HidIr [Disabled | Stopped])

[2006-11-02 10:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs [Disabled | Stopped])

[2007-06-19 01:12:04 | 00,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr [On_Demand | Running])

[2007-07-11 18:30:22 | 00,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid [On_Demand | Running])

[2006-11-02 08:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])

[2006-11-02 08:41:50 | 00,987,648 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV [On_Demand | Stopped])

[2006-10-19 03:10:57 | 01,380,864 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm [On_Demand | Stopped])

[2007-07-13 05:35:02 | 00,305,176 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor [boot | Running])

[2006-11-02 10:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV [Disabled | Stopped])

[2007-08-15 14:27:22 | 00,180,272 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20070823.002\IDSvix86.sys -- (IDSvix86 [system | Running])

[2006-11-02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])

[2007-08-22 19:44:18 | 01,950,552 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])

[2006-11-02 09:42:03 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV [Disabled | Stopped])

[2008-01-19 08:42:35 | 00,181,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt [On_Demand | Running])

[2006-11-02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])

[2006-11-02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])

[2008-01-19 06:49:17 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid [system | Running])

[2008-01-19 06:55:03 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio [Auto | Running])

[2006-11-02 10:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])

[2006-11-02 10:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])

[2006-11-02 10:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])

[2008-01-19 06:30:36 | 00,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys -- (luafv [Auto | Running])

[2006-11-02 10:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\megasas.sys -- (megasas [Disabled | Stopped])

[2007-07-30 15:20:56 | 00,468,736 | ---- | M] (DiBcom) -- C:\Windows\System32\drivers\dvb7700all.sys -- (mod7700 [On_Demand | Stopped])

[2008-01-19 06:52:19 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor [On_Demand | Running])

[2006-11-02 10:50:16 | 00,078,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpio.sys -- (mpio [Disabled | Stopped])

[2008-01-19 06:54:46 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv [On_Demand | Running])

[2006-11-02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x [Disabled | Stopped])

[2008-08-27 02:05:41 | 00,212,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10 [On_Demand | Running])

[2008-01-19 06:28:37 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20 [On_Demand | Running])

[2006-11-02 10:49:44 | 00,023,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys -- (msahci [boot | Running])

[2006-11-02 10:50:17 | 00,080,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm [Disabled | Stopped])

[2008-01-19 08:41:14 | 00,016,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv [boot | Running])

[2008-01-19 08:42:29 | 00,163,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC [On_Demand | Stopped])

[2008-05-20 03:07:31 | 00,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP [On_Demand | Running])

[2008-11-18 10:00:00 | 00,089,104 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090106.052\NAVENG.SYS -- (NAVENG [On_Demand | Running])

[2008-11-18 10:00:00 | 00,876,112 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090106.052\NAVEX15.SYS -- (NAVEX15 [On_Demand | Running])

[2006-11-02 08:30:54 | 01,781,760 | ---- | M] (Intel® Corporation) -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32 [On_Demand | Stopped])

[2007-06-28 16:09:56 | 02,222,080 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32 [On_Demand | Stopped])

[2008-11-17 15:40:22 | 03,668,480 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32 [On_Demand | Running])

[2006-11-02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])

[2007-01-25 18:31:34 | 00,042,000 | ---- | M] (CACE Technologies) -- C:\Windows\System32\drivers\npf.sys -- (NPF [On_Demand | Stopped])

[2008-01-19 06:55:50 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy [system | Running])

[2006-11-02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])

[2008-12-04 02:42:00 | 07,606,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])

[2006-11-02 10:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])

[2006-11-02 10:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])

[2006-11-02 10:50:40 | 00,106,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp [On_Demand | Stopped])

[2006-11-02 10:04:35 | 00,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH [Auto | Running])

[2008-04-05 02:21:42 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched [system | Running])

[2006-11-02 10:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])

[2006-11-02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])

[2008-01-19 06:56:07 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv [On_Demand | Stopped])

[2008-01-19 06:56:43 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp [On_Demand | Running])

[2008-01-19 07:01:09 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD [system | Running])

[2008-01-19 06:53:39 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rfcomm.sys -- (RFCOMM [On_Demand | Running])

[2007-02-24 22:42:22 | 00,039,936 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk [Auto | Running])

[2007-01-24 00:40:20 | 00,042,496 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk [Auto | Running])

[2007-03-22 06:02:04 | 00,037,376 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp [Auto | Running])

[2008-01-19 06:55:03 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr [Auto | Running])

[2007-09-18 00:17:36 | 00,098,816 | ---- | M] (Realtek Corporation ) -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169 [On_Demand | Running])

[2006-11-02 10:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port [Disabled | Stopped])

[2008-01-19 06:32:56 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus [On_Demand | Running])

[2006-11-02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])

[2008-01-19 06:49:16 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse [Disabled | Stopped])

[2008-01-19 06:49:46 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk [On_Demand | Stopped])

[2006-11-02 09:51:40 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc [On_Demand | Stopped])

[2008-01-19 06:49:46 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])

[2006-11-02 10:49:51 | 00,053,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp [On_Demand | Stopped])

[2006-11-02 10:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])

[2006-11-02 10:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])

[2008-01-19 06:55:27 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb [system | Running])

[2007-01-17 14:38:52 | 00,983,936 | ---- | M] (Motorola Inc.) -- C:\Windows\System32\drivers\smserial.sys -- (smserial [On_Demand | Running])

File not found -- -- (SPBBCDrv [system | Running])

[2008-01-19 08:41:30 | 00,021,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys -- (spldr [boot | Running])

[2007-11-30 22:57:12 | 00,279,088 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP [system | Running])

[2007-11-30 22:57:12 | 00,317,616 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL [On_Demand | Stopped])

[2007-11-30 22:57:12 | 00,043,696 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX [system | Running])

[2008-01-19 06:29:15 | 00,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2 [On_Demand | Running])

[2008-01-19 06:29:12 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet [On_Demand | Running])

[2005-08-17 06:45:00 | 00,058,352 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus [On_Demand | Stopped])

[2005-08-17 06:46:20 | 00,008,272 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl [On_Demand | Stopped])

[2005-08-17 06:46:26 | 00,093,872 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm [On_Demand | Stopped])

[2006-11-02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])

[2008-06-13 13:13:38 | 00,013,616 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symdns.sys -- (SYMDNS [On_Demand | Running])

[2008-07-29 19:41:10 | 00,123,952 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent [On_Demand | Running])

[2008-06-13 13:13:38 | 00,096,432 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symfw.sys -- (SYMFW [On_Demand | Running])

[2008-06-13 13:14:02 | 00,024,112 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM [system | Running])

[2008-06-13 13:13:40 | 00,041,008 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symndisv.sys -- (SYMNDISV [On_Demand | Running])

[2008-06-13 13:13:38 | 00,022,320 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symredrv.sys -- (SYMREDRV [On_Demand | Running])

[2008-06-13 13:13:40 | 00,184,240 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symtdi.sys -- (SYMTDI [system | Running])

[2006-11-02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])

[2006-11-02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])

[2008-03-28 02:06:00 | 00,199,472 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])

[2008-01-19 06:56:07 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg [Auto | Running])

[2008-01-19 06:55:58 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx [system | Running])

[2008-01-19 07:01:15 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv [On_Demand | Running])

[2008-01-19 06:55:41 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp [On_Demand | Running])

[2008-01-19 06:55:50 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel [On_Demand | Running])

[2006-11-02 10:49:59 | 00,056,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35 [On_Demand | Stopped])

[2006-11-02 10:50:04 | 00,058,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx [On_Demand | Stopped])

[2006-11-02 10:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])

[2006-11-02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])

[2006-11-02 10:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])

[2008-01-19 06:53:40 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus [On_Demand | Running])

[2008-01-19 06:53:23 | 00,073,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio [On_Demand | Stopped])

[2006-11-02 09:55:09 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir [Disabled | Stopped])

[2008-01-19 06:53:38 | 00,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo [On_Demand | Running])

[2006-11-02 09:53:56 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vgapnp.sys -- (vga [On_Demand | Stopped])

[2006-11-02 09:30:19 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7 [Disabled | Stopped])

[2006-11-02 10:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viaide.sys -- (viaide [Disabled | Stopped])

[2008-01-19 08:42:18 | 00,052,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr [boot | Running])

[2008-01-19 08:43:03 | 00,294,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx [boot | Running])

[2006-11-02 10:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])

[2006-11-02 09:52:52 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen [Disabled | Stopped])

[2006-11-02 10:49:38 | 00,019,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wd.sys -- (Wd [Disabled | Stopped])

[2008-01-19 08:43:27 | 00,503,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000 [boot | Running])

[2006-11-02 08:41:48 | 00,654,336 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf [On_Demand | Stopped])

[2008-01-19 06:32:47 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi [On_Demand | Running])

[2008-01-19 06:56:49 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl [Disabled | Stopped])

File not found -- -- ({22D78859-9CE9-4B77-BF18-AC83E81A9263} [Auto | Running])

 

========== (R ) Internet Explorer ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Page_URL"=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop

"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896

"Default_Secondary_Page_URL"=

"Extensions Off Page"=about:NoAdd-ons

"Local Page"=%SystemRoot%\system32\blank.htm

"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896

"Security Risk Page"=about:SecurityRisk

"Start Page"=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]

"Local Page"=http://www.google.com/

"Local Page Restore"=

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\Windows\system32\blank.htm

"Page_Transitions"=

"Search Page"=http://www.google.com

"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

"Start Page Restore"=http://www.google.se/

"StartPageCache"=

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

"ProxyOverride" = *.local

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\Windows\system32\blank.htm

"Page_Transitions"=

"Search Page"=http://www.google.com

"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

"Start Page Restore"=http://www.google.se/

"StartPageCache"=

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

"ProxyOverride" = *.local

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1006\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Page_URL"=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop

"Local Page"=C:\Windows\system32\blank.htm

"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896

"Start Page"=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1006\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

========== (O1) Hosts File ==========

 

HOSTS File = (761 bytes) - C:\Windows\System32\drivers\etc\Hosts

First 25 entries...

127.0.0.1 localhost

::1 localhost

 

========== (O2) BHO's ==========

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll File not found

{22BF413B-C6D2-4d91-82A9-A0F997BA588C} (HKLM) -- C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll File not found

{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} (HKLM) -- C:\Program\Windows Live\Family Safety\fssbho.dll File not found

{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} (HKLM) -- C:\Program\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll File not found

{6D53EC84-6AAE-4787-AEEE-F4628F01010C} (HKLM) -- C:\Program\Common Files\Symantec Shared\IDS\IPSBHO.dll File not found

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program\Java\jre6\bin\ssv.dll File not found

{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll File not found

{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program\Java\jre6\bin\jp2ssv.dll File not found

 

========== (O3) Toolbars ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" (HKLM) -- C:\Program\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll File not found

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" (HKLM) -- C:\Program\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll File not found

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" (HKLM) -- C:\Program\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll File not found

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" (HKLM) -- C:\Program\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll File not found

 

========== (O4) Run Keys ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" File not found

"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe File not found

"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" File not found

"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe File not found

"fssui"="C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun File not found

"HP Health Check Scheduler"=[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found

"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe File not found

"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe File not found

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" File not found

"NvCplDaemon"=RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)

"NvMediaCenter"=RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)

"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe File not found

"QlbCtrl"=%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start File not found

"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" File not found

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime File not found

"RtHDVCpl"=RtHDVCpl.exe (Realtek Semiconductor)

"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe File not found

"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" File not found

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe File not found

"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe File not found

"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" File not found

"Ulead Photo Express Calendar Checker"=C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Aim6"= File not found

"ehTray.exe"=C:\Windows\ehome\ehTray.exe (Microsoft Corporation)

"Google Update"="C:\Users\Nelly\AppData\Local\Google\Update\GoogleUpdate.exe" /c File not found

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe File not found

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem File not found

"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem File not found

"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Aim6"= File not found

"ehTray.exe"=C:\Windows\ehome\ehTray.exe (Microsoft Corporation)

"Google Update"="C:\Users\Nelly\AppData\Local\Google\Update\GoogleUpdate.exe" /c File not found

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe File not found

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background File not found

"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)

 

========== (O6 & O7) Current Version Policies ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"ConsentPromptBehaviorAdmin"=2

"ConsentPromptBehaviorUser"=1

"EnableInstallerDetection"=1

"EnableLUA"=1

"EnableSecureUIAPaths"=1

"EnableVirtualization"=1

"PromptOnSecureDesktop"=1

"ValidateAdminCodeSignatures"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"scforceoption"=0

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"FilterAdministratorToken"=0

"EnableUIADesktopToggle"=0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats]

"CF_TEXT"=1

"CF_BITMAP"=2

"CF_OEMTEXT"=7

"CF_DIB"=8

"CF_PALETTE"=9

"CF_UNICODETEXT"=13

"CF_DIBV5"=17

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"LogonHoursAction"=2

"DontDisplayLogonHoursWarnings"=1

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"LogonHoursAction"=2

"DontDisplayLogonHoursWarnings"=1

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"LogonHoursAction"=2

"DontDisplayLogonHoursWarnings"=1

 

========== (O8) IE Context Menu Extensions ==========

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\Office12\EXCEL.EXE File not found

Skicka bild till &Bluetooth-enhet...: C:\Program\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found

Skicka sida till &Bluetooth-enhet...: C:\Program\WIDCOMM\Bluetooth Software\btsendto_ie.htm File not found

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\Office12\EXCEL.EXE File not found

Skicka bild till &Bluetooth-enhet...: C:\Program\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found

Skicka sida till &Bluetooth-enhet...: C:\Program\WIDCOMM\Bluetooth Software\btsendto_ie.htm File not found

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1006\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

Skicka bild till &Bluetooth-enhet...: Reg Error: Key does not exist or could not be opened. File not found

Skicka sida till &Bluetooth-enhet...: Reg Error: Key does not exist or could not be opened. File not found

 

========== (O9) IE Extensions ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Button: Blogga detta -- %SystemDrive%\Program\Windows Live\Writer\WriterBrowserExtension.dll File not found

{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Menu: &Blogga detta i Windows Live Writer -- %SystemDrive%\Program\Windows Live\Writer\WriterBrowserExtension.dll File not found

{2670000A-7350-4f3c-8081-5663EE0C6C49}: Button: Skicka till OneNote -- %SystemDrive%\Program\Microsoft Office\Office12\ONBttnIE.dll File not found

{2670000A-7350-4f3c-8081-5663EE0C6C49}: Menu: Ski&cka till OneNote -- %SystemDrive%\Program\Microsoft Office\Office12\ONBttnIE.dll File not found

{77BF5300-1474-4EC7-9980-D32B190E9B07}: Button: Skype -- %SystemDrive%\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll File not found

{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Research -- %SystemDrive%\Program\Microsoft Office\Office12\REFIEBAR.DLL File not found

{CCA281CA-C863-46ef-9331-5C8D4460577F}: Button: @btrez.dll,-4015 -- %SystemDrive%\Program\WIDCOMM\Bluetooth Software\btsendto_ie.htm File not found

{CCA281CA-C863-46ef-9331-5C8D4460577F}: Menu: @btrez.dll,-12650 -- %SystemDrive%\Program\WIDCOMM\Bluetooth Software\btsendto_ie.htm File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [@btrez.dll,-4015] -> File not found

 

[HKEY_USERS\S-1-5-21-181463984-453615335-441962249-1000\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [@btrez.dll,-4015] -> File not found

 

========== (O12) Internet Explorer Plugins ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]

PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s

PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

 

========== (O13) Default Prefixes ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]

""=http://

 

========== (O16) DPF ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]

{17492023-C23A-453E-A040-C7C580BBF700}: http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab -- Windows Genuine Advantage Validation Tool

{6F15128C-E66A-490C-B848-5000B5ABEEAC}: https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab -- HP Download Manager

{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11

{B8BE5E93-A60C-4D26-A2DC-220313175592}: http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab -- MSN Games - Installer

{C3F79A2B-B9B4-4A66-B012-3EE46475B072}: http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab -- MessengerStatsClient Class

{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab -- Java Plug-in 1.6.0_02

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07

{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11

{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object

 

========== (O17) DNS Name Servers ==========

 

{582526B8-E56E-410D-9547-A2C996A84F30} (Servers: | Description: )

{A3F96B8C-A756-46F1-A185-AC5C7FA8E5BB} (Servers: | Description: Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0))

{D326AAD4-5CFA-48E2-A849-4173D44037F1} (Servers: | Description: Intel® PRO/Wireless 3945ABG Network Connection)

 

========== HKLM *SecurityProviders* ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]

"SecurityProviders"=credssp.dll

>[2008-01-19 08:33:59 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll

 

========== LSA *Security Packages* ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"Security Packages"=kerberos,msv1_0,schannel,wdigest,tspkg,

>[2008-01-19 08:36:42 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll

 

========== Safeboot Options ==========

 

"AlternateShell"=cmd.exe

 

========== CDRom AutoRun Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 1

 

========== Autorun Files on Drives ==========

 

autoexec.bat [REM Dummy file for NTVDM | ]

[2006-09-18 22:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]

 

========== MountPoints2 ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{15d0abb4-ad95-11dd-b999-0021860f2fc9}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{15d0abb4-ad95-11dd-b999-0021860f2fc9}\Shell\AutoRun\command]

""=F:\LaunchU3.exe -- File not found

 

========== Files/Folders - Created Within 90 Days ==========

 

[1 C:\Windows\*.tmp files]

[2009-01-06 12:23:02 | 00,000,000 | ---D | C] -- C:\Program Files\Maxis

[2009-01-05 22:07:28 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\Malwarebytes

[2009-01-05 22:07:27 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2009-01-05 22:07:27 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2009-01-05 22:07:24 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2009-01-05 22:07:23 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2009-01-05 22:07:23 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2009-01-04 22:52:06 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2009-01-03 22:40:15 | 00,000,957 | ---- | C] () -- C:\Users\Public\Desktop\Pixillion Image Converter.lnk

[2009-01-03 22:40:15 | 00,000,000 | ---D | C] -- C:\ProgramData\NCH Software

[2009-01-01 15:48:30 | 01,793,028 | ---- | C] () -- C:\Users\Nelly\Dokumment\hundarna.pptx

[2009-01-01 15:37:30 | 00,000,000 | ---D | C] -- C:\Users\Nelly\Skrivbord\till nn

[2009-01-01 14:37:58 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\Droppix

[2009-01-01 14:24:27 | 00,000,909 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Droppix DVD Maker.lnk

[2009-01-01 14:24:21 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Droppix

[2009-01-01 14:24:21 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Codejock Software

[2009-01-01 14:24:20 | 00,000,000 | R--D | C] -- C:\Users\Nelly\Dokumment\Droppix DVD Maker

[2009-01-01 14:24:20 | 00,000,000 | ---D | C] -- C:\Program Files\Droppix

[2009-01-01 14:23:56 | 00,000,000 | ---D | C] -- C:\ProgramData\Droppix

[2009-01-01 13:45:27 | 00,001,096 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Media Player Classic.lnk

[2009-01-01 01:49:35 | 00,220,491 | ---- | C] () -- C:\Users\Nelly\Dokumment\Namnlös (8).wma

[2009-01-01 01:44:59 | 00,561,731 | ---- | C] () -- C:\Users\Nelly\Dokumment\Namnlös (7).wma

[2009-01-01 01:44:10 | 01,024,201 | ---- | C] () -- C:\Users\Nelly\Dokumment\Namnlös (6).wma

[2008-12-31 16:58:03 | 00,000,000 | ---D | C] -- C:\Users\Nelly\Skrivbord\olympus

[2008-12-30 15:27:32 | 00,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk

[2008-12-30 15:27:18 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe

[2008-12-29 21:39:23 | 00,000,000 | ---D | C] -- C:\ProgramData\NOS

[2008-12-29 21:39:23 | 00,000,000 | ---D | C] -- C:\Program Files\NOS

[2008-12-29 21:19:01 | 00,069,325 | ---- | C] () -- C:\ProgramData\nvModes.dat

[2008-12-29 21:19:01 | 00,069,325 | ---- | C] () -- C:\ProgramData\nvModes.001

[2008-12-29 18:44:06 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\ACD Systems

[2008-12-29 18:44:06 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Local\ACD Systems

[2008-12-29 18:43:28 | 00,002,078 | ---- | C] () -- C:\Users\Public\Desktop\ACDSee for PENTAX 3.0.lnk

[2008-12-29 18:43:07 | 00,000,000 | ---D | C] -- C:\ProgramData\ACD Systems

[2008-12-29 18:43:05 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ACD Systems

[2008-12-29 18:43:05 | 00,000,000 | ---D | C] -- C:\Program Files\ACD Systems

[2008-12-29 18:41:44 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Local\Downloaded Installations

[2008-12-29 12:59:44 | 00,000,000 | ---D | C] -- C:\Users\Nelly\Skrivbord\Anna och Johan

[2008-12-28 00:19:01 | 00,000,000 | ---D | C] -- C:\Users\Nelly\Skrivbord\Nilla

[2008-12-26 12:35:07 | 00,025,214 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Sims2EP1.ico

[2008-12-26 12:34:44 | 00,010,134 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Sims2SP5.ico

[2008-12-26 12:34:25 | 00,010,134 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Sims2SP2.ico

[2008-12-26 12:34:10 | 00,010,134 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Sims2EP4.ico

[2008-12-26 12:33:57 | 00,010,134 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Sims2EP3.ico

[2008-12-26 12:33:46 | 00,010,134 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Sims2.ico

[2008-12-25 10:18:50 | 00,000,000 | ---D | C] -- C:\Users\Nelly\Skrivbord\Amy och Johan

[2008-12-24 23:24:44 | 00,002,209 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 2 IKEA® Heminredning Prylpaket.lnk

[2008-12-24 23:18:04 | 00,001,338 | ---- | C] () -- C:\Users\Public\Desktop\www.thesims3.com.lnk

[2008-12-24 23:18:03 | 00,002,101 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 2 Livet i lägenhet.lnk

[2008-12-24 23:09:25 | 00,002,236 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 2 Herrgård och trädgård Prylpaket.lnk

[2008-12-23 21:41:09 | 00,669,491 | ---- | C] () -- C:\Users\Nelly\Dokumment\Namnlös (5).wma

[2008-12-23 21:39:44 | 00,265,391 | ---- | C] () -- C:\Users\Nelly\Dokumment\Namnlös (4).wma

[2008-12-23 21:39:18 | 00,117,221 | ---- | C] () -- C:\Users\Nelly\Dokumment\Namnlös (3).wma

[2008-12-23 21:38:48 | 00,211,511 | ---- | C] () -- C:\Users\Nelly\Dokumment\Namnlös (2).wma

[2008-12-23 18:40:21 | 00,213,538 | ---- | C] () -- C:\Users\Nelly\Dokumment\Jonte.docx

[2008-12-23 17:38:58 | 00,243,776 | ---- | C] () -- C:\Users\Nelly\Dokumment\Presentation1.pptx

[2008-12-23 16:53:14 | 00,001,017 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Samsung PC Studio 3.lnk

[2008-12-23 16:37:28 | 00,001,975 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Windows Live Messenger.lnk

[2008-12-23 10:31:31 | 00,055,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys

[2008-12-23 10:28:30 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft

[2008-12-22 13:54:18 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\Macrovision

[2008-12-21 11:55:52 | 00,000,000 | ---D | C] -- C:\ProgramData\WEBREG

[2008-12-21 11:36:09 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\Printer Info Cache

[2008-12-21 11:36:08 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\Image Zone Express

[2008-12-21 11:22:31 | 00,000,000 | -H-D | C] -- C:\Config.Msi

[2008-12-21 10:33:17 | 00,016,763 | ---- | C] () -- C:\Users\Nelly\Dokumment\year 3000- jonas brothers.docx

[2008-12-21 10:27:51 | 00,018,194 | ---- | C] () -- C:\Users\Nelly\Dokumment\Play my music- jonas brothers.docx

[2008-12-20 21:49:34 | 00,010,178 | ---- | C] () -- C:\Users\Nelly\Dokumment\a href.docx

[2008-12-20 02:09:37 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive

[2008-12-18 15:56:48 | 03,578,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll

[2008-12-16 22:26:40 | 00,031,232 | ---- | C] () -- C:\Users\Nelly\Dokumment\Rörelse 2.doc

[2008-12-16 17:58:57 | 00,015,128 | ---- | C] () -- C:\Users\Nelly\Dokumment\Rörelse.docx

[2008-12-14 15:49:13 | 01,140,941 | ---- | C] () -- C:\Users\Nelly\Dokumment\Namnlös.wma

[2008-12-12 22:31:14 | 00,010,340 | ---- | C] () -- C:\Users\Nelly\Dokumment\julklappar.docx

[2008-12-12 19:35:00 | 00,000,000 | ---D | C] -- C:\Users\Nelly\Skrivbord\Ny mapp

[2008-12-11 15:45:05 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2008-12-10 19:27:50 | 00,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll

[2008-12-10 19:27:44 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll

[2008-12-10 19:27:43 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll

[2008-12-10 19:27:36 | 06,068,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll

[2008-12-10 19:27:36 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll

[2008-12-10 19:27:35 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll

[2008-12-10 19:27:35 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2008-12-10 19:27:34 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll

[2008-12-10 19:27:34 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2008-12-10 19:27:30 | 02,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe

[2008-12-10 19:27:18 | 11,580,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll

[2008-12-10 19:27:10 | 02,868,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll

[2008-12-10 19:27:09 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL

[2008-12-10 19:27:07 | 00,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll

[2008-12-10 19:27:07 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe

[2008-12-10 17:47:14 | 00,000,000 | ---D | C] -- C:\ProgramData\FirstClass

[2008-12-10 16:09:54 | 00,016,388 | ---- | C] () -- C:\Users\Nelly\Dokumment\Analys av Sandor slash Ida.docx

[2008-12-08 23:06:14 | 00,363,008 | ---- | C] () -- C:\Users\Nelly\Dokumment\Kraft- no arbete.doc

[2008-12-07 11:35:17 | 00,119,007 | ---- | C] () -- C:\Users\Nelly\Dokumment\Kraft- no arbete.docx

[2008-12-04 23:04:06 | 00,308,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

[2008-12-04 20:43:52 | 00,000,000 | ---D | C] -- C:\Program Files\Garfield Goes to Pieces

[2008-12-04 20:00:31 | 00,000,000 | ---D | C] -- C:\Buziol Games

[2008-12-04 17:28:19 | 00,000,145 | ---- | C] () -- C:\Users\Nelly\Dokumment\sfvvd.gls

[2008-12-04 02:42:00 | 00,795,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpinst.exe

[2008-12-04 02:42:00 | 00,190,706 | ---- | C] () -- C:\Windows\System32\nvapps.xml

[2008-12-04 02:42:00 | 00,036,836 | ---- | C] () -- C:\Windows\System32\nvwsapps.xml

[2008-12-04 02:42:00 | 00,008,075 | ---- | C] () -- C:\Windows\System32\nvdisp.nvu

[2008-12-02 22:37:20 | 00,049,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sirenacm.dll

[2008-11-27 14:57:38 | 00,010,579 | ---- | C] () -- C:\Users\Nelly\Dokumment\FARMORS CHOKLADBRÖD.docx

[2008-11-27 10:21:26 | 00,287,871 | ---- | C] () -- C:\Users\Nelly\Dokumment\textilarbete 80-talet.docx

[2008-11-26 20:24:42 | 00,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll

[2008-11-26 20:24:40 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll

[2008-11-26 20:24:40 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll

[2008-11-26 20:24:40 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll

[2008-11-26 20:24:38 | 01,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll

[2008-11-26 16:32:19 | 00,017,365 | ---- | C] () -- C:\Users\Nelly\Dokumment\80.docx

[2008-11-25 20:03:51 | 00,000,000 | ---D | C] -- C:\Users\Nelly\Dokumment\Downloads

[2008-11-24 21:40:08 | 00,057,344 | ---- | C] () -- C:\Users\Nelly\Dokumment\The Victoria story äldre version..doc

[2008-11-23 18:43:20 | 00,040,696 | ---- | C] () -- C:\Users\Nelly\Dokumment\The Victoria story.docx

[2008-11-22 17:21:48 | 00,002,413 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2008-11-22 17:21:22 | 00,000,000 | ---D | C] -- C:\Program Files\iPod

[2008-11-22 17:21:19 | 00,000,000 | ---D | C] -- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

[2008-11-22 17:21:19 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes

[2008-11-22 09:52:28 | 00,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson

[2008-11-22 09:52:08 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\GameHouse

[2008-11-22 09:52:05 | 00,000,000 | ---D | C] -- C:\Program Files\GameHouse

[2008-11-22 09:51:19 | 00,000,000 | ---D | C] -- C:\Program Files\Freeze.com

[2008-11-22 09:51:16 | 00,000,000 | ---D | C] -- C:\Program Files\Monopoly

[2008-11-22 09:51:02 | 00,000,000 | ---D | C] -- C:\Program Files\Free Offers from Freeze.com

[2008-11-21 15:26:26 | 00,000,000 | ---D | C] -- C:\Program Files\Elf Bowling The Last Insult

[2008-11-21 15:21:38 | 00,000,000 | ---D | C] -- C:\Program Files\Fairy Words

[2008-11-21 15:14:42 | 00,000,000 | ---D | C] -- C:\Program Files\Space Skramble

[2008-11-21 15:14:28 | 00,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade

[2008-11-20 16:59:46 | 01,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll

[2008-11-20 16:59:46 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe

[2008-11-20 16:59:46 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll

[2008-11-20 16:59:45 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll

[2008-11-20 16:59:20 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll

[2008-11-20 16:59:20 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll

[2008-11-20 16:59:20 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll

[2008-11-20 16:59:11 | 00,162,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll

[2008-11-20 16:59:11 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe

[2008-11-19 20:47:15 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll

[2008-11-19 20:25:43 | 00,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch

[2008-11-19 20:12:11 | 00,012,925 | ---- | C] () -- C:\Users\Nelly\Dokumment\Hur svensk är du.docx

[2008-11-17 21:44:39 | 00,031,232 | ---- | C] () -- C:\Users\Nelly\Dokumment\The face on the milk carton gammal.doc

[2008-11-16 22:11:07 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\HiYo

[2008-11-16 22:10:41 | 00,000,000 | ---D | C] -- C:\Program Files\HiYo

[2008-11-16 22:10:37 | 00,000,000 | ---D | C] -- C:\ProgramData\HiYo

[2008-11-16 22:01:38 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition

[2008-11-16 21:46:21 | 00,000,000 | -HSD | C] -- C:\Program Files\Common Files\WindowsLiveInstaller

[2008-11-16 21:39:33 | 00,000,000 | ---D | C] -- C:\ProgramData\WLInstaller

[2008-11-16 13:25:50 | 00,014,166 | ---- | C] () -- C:\Users\Nelly\Dokumment\The face on the milk carton.docx

[2008-11-15 17:57:38 | 00,001,741 | ---- | C] () -- C:\Users\Nelly\Skrivbord\Sound Recorder.lnk

[2008-11-14 19:30:28 | 00,012,225 | ---- | C] () -- C:\Users\Nelly\Dokumment\Vilka av dessa ord har du använt.docx

[2008-11-14 18:19:05 | 00,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan

[2008-11-12 06:46:55 | 00,212,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys

[2008-11-12 06:46:54 | 01,191,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll

[2008-11-12 06:46:53 | 01,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll

[2008-11-10 21:02:29 | 00,000,000 | ---D | C] -- C:\Program Files\TPTEST5

[2008-11-10 20:13:21 | 00,026,624 | ---- | C] () -- C:\Users\Nelly\Dokumment\dfarbete.doc

[2008-11-10 20:13:10 | 00,010,607 | ---- | C] () -- C:\Users\Nelly\Dokumment\arbete.docx

[2008-11-09 20:23:47 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\Agency9

[2008-11-09 17:16:40 | 00,000,000 | ---D | C] -- C:\ProgramData\IM

[2008-11-09 17:16:39 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Local\IM

[2008-11-09 17:16:39 | 00,000,000 | ---D | C] -- C:\ProgramData\IncrediMail

[2008-11-09 17:16:39 | 00,000,000 | ---D | C] -- C:\Program Files\IncrediMail

[2008-11-09 17:09:32 | 00,750,984 | ---- | C] (IncrediMail LTD.) -- C:\Windows\System32\Magentic Screensaver.scr

[2008-11-09 17:09:30 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Local\Magentic

[2008-11-09 17:09:30 | 00,000,000 | ---D | C] -- C:\Program Files\Magentic

[2008-11-08 22:27:29 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\NCH Software

[2008-11-08 22:15:12 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\SmartDraw

[2008-11-08 22:15:04 | 00,000,464 | ---- | C] () -- C:\Windows\tasks\SDMsgUpdate (TE).job

[2008-11-08 22:03:43 | 00,000,000 | ---D | C] -- C:\Program Files\SmartDraw 2009

[2008-11-08 21:26:03 | 00,338,286 | ---- | C] () -- C:\Windows\Realtime Landscaping Pro DEMO Uninstaller.exe

[2008-11-08 21:26:02 | 00,000,000 | ---D | C] -- C:\Users\Nelly\Dokumment\Realtime Landscaping Pro DEMO

[2008-11-08 21:26:02 | 00,000,000 | ---D | C] -- C:\Program Files\Realtime Landscaping Pro DEMO

[2008-11-08 21:08:01 | 00,086,016 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe

[2008-11-08 21:07:54 | 00,000,000 | ---D | C] -- C:\Program Files\virtual_garden

[2008-11-08 16:23:14 | 00,468,736 | ---- | C] (DiBcom) -- C:\Windows\System32\drivers\dvb7700all.sys

[2008-11-08 16:23:14 | 00,032,256 | ---- | C] (DiBcom SA) -- C:\Windows\System32\drivers\yuanmodbda2.sys

[2008-11-08 14:54:29 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\U3

[2008-11-08 14:14:43 | 00,024,576 | ---- | C] (Ulead Systems, Inc.) -- C:\Windows\System32\UleadPhotoExplorer8_Res.dll

[2008-11-08 14:14:43 | 00,024,576 | ---- | C] (Ulead Systems, Inc.) -- C:\Windows\System32\Ulead Photo Explorer 8.scr

[2008-11-08 14:13:26 | 00,000,000 | ---D | C] -- C:\ProgramData\Ulead Systems

[2008-11-08 14:08:33 | 00,114,688 | ---- | C] () -- C:\Windows\System32\UPSCR.Scr

[2008-11-08 14:08:33 | 00,040,960 | ---- | C] (Ulead Systems, Inc.) -- C:\Windows\System32\Ulead Photo Express ScreenSaver.scr

[2008-11-08 14:08:33 | 00,000,321 | ---- | C] () -- C:\Windows\ulead32.ini

[2008-11-08 14:07:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Ulead Systems

[2008-11-08 14:05:21 | 00,000,000 | ---D | C] -- C:\Program Files\Ulead Systems

[2008-11-08 13:58:24 | 00,055,808 | ---- | C] (NTK) -- C:\Windows\System32\drivers\nvtcam.sys

[2008-11-08 13:58:24 | 00,041,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\VFWWDM.DRV

[2008-11-08 13:58:20 | 00,000,000 | ---D | C] -- C:\Program Files\Digital Camera

[2008-11-07 23:05:20 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\My Karaoke

[2008-11-07 21:56:03 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Local\QuickPlay

[2008-11-03 19:35:44 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Local\FileMaker

[2008-11-02 16:03:23 | 00,000,000 | ---D | C] -- C:\Program Files\7-Zip

[2008-11-02 15:40:14 | 00,000,000 | ---D | C] -- C:\Program Files\home plan software

[2008-11-02 15:01:54 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\Sibelius Software

[2008-11-02 14:58:44 | 00,000,000 | ---D | C] -- C:\Program Files\Fake Progress Bar

[2008-11-02 14:46:25 | 00,000,000 | ---D | C] -- C:\Users\Nelly\Dokumment\Scores

[2008-11-02 14:46:25 | 00,000,000 | ---D | C] -- C:\Program Files\Sibelius Software

[2008-11-02 14:37:29 | 00,000,000 | ---D | C] -- C:\Program Files\Photo Art Studio

[2008-11-02 14:37:05 | 00,000,000 | ---D | C] -- C:\Program Files\NCH Software

[2008-11-02 14:36:57 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\NCH Swift Sound

[2008-11-02 14:36:02 | 00,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound

[2008-11-02 14:35:58 | 00,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound

[2008-11-02 14:23:26 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\Koblo

[2008-11-02 14:23:23 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Koblo

[2008-11-02 14:23:22 | 00,000,000 | ---D | C] -- C:\Program Files\Koblo

[2008-11-02 14:00:13 | 00,000,000 | ---D | C] -- C:\ProgramData\Temp

[2008-11-01 19:58:34 | 00,010,473 | ---- | C] () -- C:\Users\Nelly\Dokumment\to the chat.docx

[2008-10-29 08:09:31 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll

[2008-10-29 08:09:31 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wersvc.dll

[2008-10-29 08:09:30 | 00,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll

[2008-10-28 21:36:51 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\Download Manager

[2008-10-28 20:34:02 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\Mozilla

[2008-10-28 20:34:02 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Local\Mozilla

[2008-10-28 20:33:44 | 00,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2008-10-28 20:33:41 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2008-10-28 18:39:26 | 00,011,252 | ---- | C] () -- C:\Users\Nelly\Dokumment\Packning Stockholm.docx

[2008-10-27 22:46:29 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\acccore

[2008-10-27 22:46:07 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Local\AOL OCP

[2008-10-27 22:46:07 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Local\AOL

[2008-10-27 22:45:51 | 00,000,000 | ---D | C] -- C:\ProgramData\Viewpoint

[2008-10-27 22:45:48 | 00,000,000 | ---D | C] -- C:\ProgramData\acccore

[2008-10-27 22:45:40 | 00,000,000 | ---D | C] -- C:\ProgramData\AOL OCP

[2008-10-27 22:45:40 | 00,000,000 | ---D | C] -- C:\ProgramData\AOL

[2008-10-27 22:45:26 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL

[2008-10-27 22:45:11 | 00,000,000 | ---D | C] -- C:\Program Files\AIM6

[2008-10-27 22:45:08 | 00,000,369 | -H-- | C] () -- C:\IPH.PH

[2008-10-27 14:26:29 | 00,034,902 | ---- | C] () -- C:\Users\Nelly\Dokumment\high school musical 3 bokning =)).docx

[2008-10-27 14:09:28 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\Media Player Classic

[2008-10-27 14:04:22 | 00,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2008-10-27 14:04:21 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2008-10-27 14:04:19 | 00,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack

[2008-10-27 13:57:15 | 00,131,072 | ---- | C] (sunplus) -- C:\Windows\System32\SP5X_32.DLL

[2008-10-27 13:57:15 | 00,000,000 | ---D | C] -- C:\Windows\setup504

[2008-10-27 13:53:37 | 00,000,000 | ---D | C] -- C:\Program Files\GSpot

[2008-10-27 13:25:15 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\DivX

[2008-10-27 11:24:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine

[2008-10-27 11:24:25 | 00,000,000 | ---D | C] -- C:\Program Files\DivX

[2008-10-27 10:46:01 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\Uniblue

[2008-10-27 10:41:10 | 00,000,000 | ---D | C] -- C:\ProgramData\{2840BBCB-9BEC-47F6-BA0F-10D3C34BF151}

[2008-10-26 12:26:21 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll

[2008-10-26 12:26:21 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax

[2008-10-26 12:26:20 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll

[2008-10-26 12:26:20 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax

[2008-10-26 12:26:20 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax

[2008-10-26 10:57:59 | 32,195,78880 | -HS- | C] () -- C:\hiberfil.sys

[2008-10-24 13:36:02 | 00,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll

[2008-10-22 19:40:10 | 00,000,250 | ---- | C] () -- C:\Windows\MyHeritage.INI

[2008-10-22 19:38:11 | 00,000,000 | ---D | C] -- C:\Users\Nelly\Dokumment\MyHeritage

[2008-10-22 19:38:11 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\MyHeritage

[2008-10-22 19:38:11 | 00,000,000 | ---D | C] -- C:\ProgramData\MyHeritage

[2008-10-22 19:38:04 | 00,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll

[2008-10-22 19:38:04 | 00,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmapi32.ocx

[2008-10-22 19:38:04 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\The Complete Genealogy Reporter - FTB

[2008-10-22 19:37:56 | 00,000,000 | ---D | C] -- C:\Program Files\MyHeritage

[2008-10-21 21:22:53 | 00,000,040 | ---- | C] () -- C:\Windows\System32\d3d9prs.dat

[2008-10-21 21:22:32 | 00,000,000 | ---D | C] -- C:\Program Files\GrandBilliards

[2008-10-20 19:07:29 | 00,000,000 | ---D | C] -- C:\Program Files\MyPlayCity.com

[2008-10-20 18:54:43 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\tastyplanet

[2008-10-19 09:57:46 | 00,000,000 | ---D | C] -- C:\Windows\System32\Adobe

[2008-10-18 09:59:22 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\OpenOffice.org

[2008-10-18 09:56:35 | 00,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3

[2008-10-15 15:03:10 | 03,601,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2008-10-15 15:03:10 | 03,549,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2008-10-15 14:56:19 | 02,032,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2008-10-15 14:56:11 | 00,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys

[2008-10-15 14:51:54 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2008-10-14 19:11:43 | 00,000,000 | ---D | C] -- C:\Program Files\PEK's Productions

[2008-10-11 11:56:07 | 00,302,520 | ---- | C] () -- C:\Users\Nelly\Dokumment\roliga saker =).docx

[2008-10-11 10:49:49 | 00,000,680 | ---- | C] () -- C:\Users\Nelly\AppData\Local\d3d9caps.dat

[2008-10-10 21:32:05 | 00,010,978 | ---- | C] () -- C:\Users\Nelly\Dokumment\Agnes -On and on.docx

[2008-10-10 18:08:22 | 00,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2008-10-10 18:08:21 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\skypePM

[2008-10-10 17:45:19 | 00,000,752 | ---- | C] () -- C:\Users\Nelly\Skrivbord\µTorrent.lnk

[2008-10-10 17:45:19 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent

[2008-10-10 17:45:00 | 00,000,000 | ---D | C] -- C:\Users\Nelly\AppData\Roaming\uTorrent

[2008-10-09 19:43:04 | 00,010,715 | ---- | C] () -- C:\Users\Nelly\Dokumment\test.docx

 

========== Files - Modified Within 90 Days ==========

 

[1 C:\Windows\*.tmp files]

[2009-01-07 10:01:30 | 00,069,325 | ---- | M] () -- C:\ProgramData\nvModes.001

[2009-01-07 10:01:02 | 00,000,464 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (TE).job

[2009-01-07 10:00:17 | 00,069,325 | ---- | M] () -- C:\ProgramData\nvModes.dat

[2009-01-07 10:00:16 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2009-01-07 09:51:28 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2009-01-07 09:51:28 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2009-01-07 09:51:27 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2009-01-07 09:51:12 | 32,195,78880 | -HS- | M] () -- C:\hiberfil.sys

[2009-01-07 08:59:56 | 00,000,836 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2009-01-06 23:43:45 | 04,382,360 | -H-- | M] () -- C:\Users\Nelly\AppData\Local\IconCache.db

[2009-01-06 01:15:17 | 00,034,816 | ---- | M] () -- C:\Users\Nelly\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-01-05 22:07:27 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2009-01-04 18:38:22 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2009-01-04 18:38:18 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2009-01-03 22:40:15 | 00,000,957 | ---- | M] () -- C:\Users\Public\Desktop\Pixillion Image Converter.lnk

[2009-01-01 15:48:32 | 01,793,028 | ---- | M] () -- C:\Users\Nelly\Dokumment\hundarna.pptx

[2009-01-01 15:43:33 | 00,002,607 | ---- | M] () -- C:\Users\Nelly\Skrivbord\Microsoft Office PowerPoint 2007.lnk

[2009-01-01 14:24:27 | 00,000,909 | ---- | M] () -- C:\Users\Nelly\Skrivbord\Droppix DVD Maker.lnk

[2009-01-01 01:49:36 | 00,220,491 | ---- | M] () -- C:\Users\Nelly\Dokumment\Namnlös (8).wma

[2009-01-01 01:44:59 | 00,561,731 | ---- | M] () -- C:\Users\Nelly\Dokumment\Namnlös (7).wma

[2009-01-01 01:44:10 | 01,024,201 | ---- | M] () -- C:\Users\Nelly\Dokumment\Namnlös (6).wma

[2008-12-31 17:01:49 | 01,395,246 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2008-12-31 17:01:49 | 00,598,160 | ---- | M] () -- C:\Windows\System32\perfh01D.dat

[2008-12-31 17:01:49 | 00,587,484 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2008-12-31 17:01:49 | 00,117,756 | ---- | M] () -- C:\Windows\System32\perfc01D.dat

[2008-12-31 17:01:49 | 00,101,556 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2008-12-30 15:27:32 | 00,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk

[2008-12-29 21:17:01 | 00,002,413 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2008-12-29 20:52:37 | 00,054,133 | ---- | M] () -- C:\Users\Nelly\AppData\Roaming\nvModes.001

[2008-12-29 18:43:28 | 00,002,078 | ---- | M] () -- C:\Users\Public\Desktop\ACDSee for PENTAX 3.0.lnk

[2008-12-28 17:34:29 | 00,054,133 | ---- | M] () -- C:\Users\Nelly\AppData\Roaming\nvModes.dat

[2008-12-27 22:06:12 | 00,077,824 | -H-- | M] () -- C:\Users\Nelly\Dokumment\photothumb.db

[2008-12-26 02:09:55 | 00,000,680 | ---- | M] () -- C:\Users\Nelly\AppData\Local\d3d9caps.dat

[2008-12-24 23:24:44 | 00,002,209 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 2 IKEA® Heminredning Prylpaket.lnk

[2008-12-24 23:18:04 | 00,001,338 | ---- | M] () -- C:\Users\Public\Desktop\www.thesims3.com.lnk

[2008-12-24 23:18:03 | 00,002,101 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 2 Livet i lägenhet.lnk

[2008-12-24 23:09:25 | 00,002,236 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 2 Herrgård och trädgård Prylpaket.lnk

[2008-12-23 21:41:09 | 00,669,491 | ---- | M] () -- C:\Users\Nelly\Dokumment\Namnlös (5).wma

[2008-12-23 21:39:44 | 00,265,391 | ---- | M] () -- C:\Users\Nelly\Dokumment\Namnlös (4).wma

[2008-12-23 21:39:18 | 00,117,221 | ---- | M] () -- C:\Users\Nelly\Dokumment\Namnlös (3).wma

[2008-12-23 21:38:48 | 00,211,511 | ---- | M] () -- C:\Users\Nelly\Dokumment\Namnlös (2).wma

[2008-12-23 18:03:15 | 00,213,538 | ---- | M] () -- C:\Users\Nelly\Dokumment\Jonte.docx

[2008-12-23 17:50:43 | 00,002,623 | ---- | M] () -- C:\Users\Nelly\Skrivbord\Microsoft Office Word 2007.lnk

[2008-12-23 17:38:59 | 00,243,776 | ---- | M] () -- C:\Users\Nelly\Dokumment\Presentation1.pptx

[2008-12-23 16:37:28 | 00,001,975 | ---- | M] () -- C:\Users\Nelly\Skrivbord\Windows Live Messenger.lnk

[2008-12-23 10:29:32 | 00,000,759 | ---- | M] () -- C:\Users\Nelly\Dokumment\Mina delade mappar.lnk

[2008-12-21 11:54:04 | 00,000,157 | ---- | M] () -- C:\Windows\win.ini

[2008-12-21 10:33:18 | 00,016,763 | ---- | M] () -- C:\Users\Nelly\Dokumment\year 3000- jonas brothers.docx

[2008-12-21 10:27:52 | 00,018,194 | ---- | M] () -- C:\Users\Nelly\Dokumment\Play my music- jonas brothers.docx

[2008-12-20 21:49:35 | 00,010,178 | ---- | M] () -- C:\Users\Nelly\Dokumment\a href.docx

[2008-12-16 22:26:41 | 00,031,232 | ---- | M] () -- C:\Users\Nelly\Dokumment\Rörelse 2.doc

[2008-12-16 22:24:22 | 00,015,128 | ---- | M] () -- C:\Users\Nelly\Dokumment\Rörelse.docx

[2008-12-14 15:49:13 | 01,140,941 | ---- | M] () -- C:\Users\Nelly\Dokumment\Namnlös.wma

[2008-12-12 23:33:20 | 00,010,340 | ---- | M] () -- C:\Users\Nelly\Dokumment\julklappar.docx

[2008-12-12 19:32:10 | 00,001,125 | ---- | M] () -- C:\Users\Nelly\Dokumment\nelly.assarsson@hotmail.com Arkiv med delade mappar.lnk

[2008-12-12 06:52:52 | 03,578,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll

[2008-12-10 22:48:28 | 00,016,388 | ---- | M] () -- C:\Users\Nelly\Dokumment\Analys av Sandor slash Ida.docx

[2008-12-10 00:24:37 | 17,593,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe

[2008-12-08 23:16:25 | 00,363,008 | ---- | M] () -- C:\Users\Nelly\Dokumment\Kraft- no arbete.doc

[2008-12-08 22:39:46 | 00,119,007 | ---- | M] () -- C:\Users\Nelly\Dokumment\Kraft- no arbete.docx

[2008-12-08 17:01:52 | 00,055,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys

[2008-12-04 23:04:06 | 00,308,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

[2008-12-04 17:28:19 | 00,000,145 | ---- | M] () -- C:\Users\Nelly\Dokumment\sfvvd.gls

[2008-12-04 02:42:00 | 00,795,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dpinst.exe

[2008-12-04 02:42:00 | 00,190,706 | ---- | M] () -- C:\Windows\System32\nvapps.xml

[2008-12-04 02:42:00 | 00,036,836 | ---- | M] () -- C:\Windows\System32\nvwsapps.xml

[2008-12-04 02:42:00 | 00,008,075 | ---- | M] () -- C:\Windows\System32\nvdisp.nvu

[2008-12-02 22:37:20 | 00,049,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sirenacm.dll

[2008-11-27 23:55:47 | 00,287,871 | ---- | M] () -- C:\Users\Nelly\Dokumment\textilarbete 80-talet.docx

[2008-11-27 16:03:05 | 00,010,579 | ---- | M] () -- C:\Users\Nelly\Dokumment\FARMORS CHOKLADBRÖD.docx

[2008-11-26 16:32:20 | 00,017,365 | ---- | M] () -- C:\Users\Nelly\Dokumment\80.docx

[2008-11-24 21:40:10 | 00,057,344 | ---- | M] () -- C:\Users\Nelly\Dokumment\The Victoria story äldre version..doc

[2008-11-24 21:39:42 | 00,040,696 | ---- | M] () -- C:\Users\Nelly\Dokumment\The Victoria story.docx

[2008-11-19 20:12:14 | 00,012,925 | ---- | M] () -- C:\Users\Nelly\Dokumment\Hur svensk är du.docx

[2008-11-17 21:44:40 | 00,031,232 | ---- | M] () -- C:\Users\Nelly\Dokumment\The face on the milk carton gammal.doc

[2008-11-17 21:44:06 | 00,014,166 | ---- | M] () -- C:\Users\Nelly\Dokumment\The face on the milk carton.docx

[2008-11-15 17:57:38 | 00,001,741 | ---- | M] () -- C:\Users\Nelly\Skrivbord\Sound Recorder.lnk

[2008-11-15 17:57:38 | 00,000,458 | -HS- | M] () -- C:\Users\Nelly\Skrivbord\desktop.ini

[2008-11-14 19:30:29 | 00,012,225 | ---- | M] () -- C:\Users\Nelly\Dokumment\Vilka av dessa ord har du använt.docx

[2008-11-10 20:13:22 | 00,026,624 | ---- | M] () -- C:\Users\Nelly\Dokumment\dfarbete.doc

[2008-11-10 20:13:11 | 00,010,607 | ---- | M] () -- C:\Users\Nelly\Dokumment\arbete.docx

[2008-11-09 13:31:39 | 00,398,344 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2008-11-08 21:26:03 | 00,338,286 | ---- | M] () -- C:\Windows\Realtime Landscaping Pro DEMO Uninstaller.exe

[2008-11-08 14:15:38 | 00,105,832 | ---- | M] () -- C:\Users\Nelly\AppData\Local\GDIPFONTCACHEV1.DAT

[2008-11-08 14:15:05 | 00,000,321 | ---- | M] () -- C:\Windows\ulead32.ini

[2008-11-06 14:14:25 | 11,580,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll

[2008-11-01 19:58:35 | 00,010,473 | ---- | M] () -- C:\Users\Nelly\Dokumment\to the chat.docx

[2008-11-01 04:44:34 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll

[2008-11-01 02:21:40 | 04,240,384 | ---- | M] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll

[2008-10-29 07:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

[2008-10-28 20:33:44 | 00,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2008-10-28 18:39:27 | 00,011,252 | ---- | M] () -- C:\Users\Nelly\Dokumment\Packning Stockholm.docx

[2008-10-27 22:46:08 | 00,000,369 | -H-- | M] () -- C:\IPH.PH

[2008-10-27 14:26:30 | 00,034,902 | ---- | M] () -- C:\Users\Nelly\Dokumment\high school musical 3 bokning =)).docx

[2008-10-27 14:04:22 | 00,001,096 | ---- | M] () -- C:\Users\Nelly\Skrivbord\Media Player Classic.lnk

[2008-10-22 19:43:27 | 00,000,250 | ---- | M] () -- C:\Windows\MyHeritage.INI

[2008-10-22 04:57:30 | 00,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll

[2008-10-22 02:22:11 | 00,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2008-10-21 21:22:53 | 00,000,040 | ---- | M] () -- C:\Windows\System32\d3d9prs.dat

[2008-10-21 06:25:18 | 00,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll

[2008-10-21 06:25:17 | 01,645,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\connect.dll

[2008-10-16 22:13:38 | 01,809,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll

[2008-10-16 22:12:19 | 00,561,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll

[2008-10-16 22:09:43 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe

[2008-10-16 22:09:43 | 00,043,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll

[2008-10-16 22:08:57 | 00,034,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll

[2008-10-16 21:56:28 | 01,524,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll

[2008-10-16 21:55:59 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll

[2008-10-16 14:08:00 | 00,162,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll

[2008-10-16 13:56:04 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe

[2008-10-16 05:47:35 | 00,827,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll

[2008-10-16 05:47:34 | 01,166,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll

[2008-10-16 05:47:33 | 00,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll

[2008-10-16 05:47:32 | 00,671,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2008-10-16 05:47:30 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2008-10-16 05:47:29 | 06,068,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll

[2008-10-16 05:47:29 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll

[2008-10-11 12:39:31 | 00,302,520 | ---- | M] () -- C:\Users\Nelly\Dokumment\roliga saker =).docx

[2008-10-10 21:32:06 | 00,010,978 | ---- | M] () -- C:\Users\Nelly\Dokumment\Agnes -On and on.docx

[2008-10-10 18:08:22 | 00,000,048 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat

[2008-10-10 17:45:19 | 00,000,752 | ---- | M] () -- C:\Users\Nelly\Skrivbord\µTorrent.lnk

[2008-10-09 19:43:05 | 00,010,715 | ---- | M] () -- C:\Users\Nelly\Dokumment\test.docx

< End of report >

[/log]

 

[Cecilia]

Avinstallera

Java™ 6 Update 2

Java™ 6 Update 7

det är gamla versioner med säkerhetshål.

 

Undrar om det kan vara detta:

[ DigitalPersona Pro Events ]

Error - 2009-01-05 04:21:40 | Computer Name = Nellysdator | Source = DigitalPersona Pro | ID = 17827075

Description = Agent cannot start. Description: Found other running Agent.

verkar vara något program som har med fingeravtryck att göra:

http://www.digitalpersona.com/products/

Är det något du kan installera om?

 

Kontrollpanelen - Administrationsverktyg - Tjänster

Leta upp InstallDriver Table Manager i listan, dubbelklicka och välj Startmetod Inaktiverad.

Så gjorde du förut, men eftersom det inte påverkade så gör nu tvärtom om sätt Startmetod till Manuell.

 

[Nellow]

jag har avinstallerat java update... det är inte det med fingeravtryck det är det jag loggar in med.. och jag har valt en gång till, inaktiverad.. fast det var det redan

 

[Cecilia]

DigitalPersona kanske använder Macrovision för uppdateringar, tänkte jag. Men om du inte tror det så. Då får du nog pröva dig fram:

Start - Kör - msconfig - Autostart

Avbocka några av dessa rader:

O[log]4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [ulead Photo Express Calendar Checker] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"

O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Nelly\AppData\Local\Google\Update\GoogleUpdate.exe" /c[/log]

 

Starta om datorn och se om felmeddelandet är borta.

Om det är borta så sätt tillbaks bockarna för någon av raderna du bockade för och pröva igen och kom fram till vilken rad det är som ger upphov till meddelandet.

Om det fortfarande är kvar så sätt tillbaks alla bockarna och pröva med några andra rader.

 

Meningen var att du skulle ställa tillbaka InstallDriver Table Manager, dvs sätta Startmetod till Manuell.