Just nu i M3-nätverket
Jump to content

HJÄLP... Internet funkar inte!!!!!!!


ExtremeMedia

Recommended Posts

När jag ska starta Internet explorer via skrivbordet får jag följande felmeddelande;”Det går inte att hitta filen c:\program\internet\explorer\ iexplore.exe” ...

 

Ed av moderator Webbläsare

flyttar tråden till Trojaner/Virus forumet

 

 

[inlägget ändrat 2009-01-26 08:56:48 av Monshi]

Link to comment
Share on other sites

Står det möjligen c:\program\internet explorer\iexplore.exe ?

Kan du se om den filen finns i den mappen om du tittar efter i Den här datorn eller Utforskaren?

Hur länge har det varit så här?

Kan du starta Internet Explorer på något annat sätt än via genvägen på Skrivbordet?

Windows XP eller Vista?

 

Link to comment
Share on other sites

den finns och det har varit så i 8 dagar.

Nej kan inte starta Internet Explorer på något vis!

 

Kör Win XP.

 

Link to comment
Share on other sites

Hej! Om du högerklickar på IE iconen och väljer att starta utan tillägg är problemet detsamma då,vilken version av IE har du förresten? Mvh Laston

 

[inlägget ändrat 2009-01-25 00:26:27 av Laston]

Link to comment
Share on other sites

Vad händer när du dubbelklickar på iexplore.exe i mappen c:\program\internet explorer?

Installerade, avinstallerade eller uppdaterade du något strax innan detta problem började? Eller körde du något rensnings- eller städprogram?

Har du installerat, avinstallerat eller uppdaterat något under de här 8 dagarna?

 

Link to comment
Share on other sites

Och med den senaste så menar du IE7 eller IE8 Beta?Har du det sistnämda så förstår jag att du har problem för det är det många som har med denna Betaversion! Ska tydligen vara en rc version på gång i dagarna/Mvh Laston

 

Link to comment
Share on other sites

Det händer inget ting.. Nä fick detta efter att någon hemsida laddade upp massa skit, har sett att det stått något om detta problem på denna sida tidigare där dom använde något som jag inte förstod. MVH Peter

 

Link to comment
Share on other sites

Ahaa, en infekterad dator.

 

Vi kan se vad HijackThis visar till att börja med. Ladda ner från en av länkarna:

http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html

Installera, starta och välj "Do a system scan and save a logfile", kopiera loggen som kommer upp (inget annat).

 

I ditt svar bifogar du HijackThis-loggen på detta sätt:

Tryck på LOG-knappen i Besvara-fönstret

Klistra in loggen

Tryck igen på LOG-knappen

 

Link to comment
Share on other sites

LOGGFILEN nedan:

 

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:52:18, on 2009-01-25

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

c:\Program\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe

C:\WINDOWS\Explorer.EXE

C:\Program\FerrariWallPaper\FerrariWP.exe

C:\Program\Delade filer\Real\Update_OB\realsched.exe

C:\Program\QuickTime\qttask.exe

C:\Program\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

C:\Program\Java\jre6\bin\jusched.exe

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program\Synaptics\SynTP\SynTPLpr.exe

C:\Program\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Microsoft ActiveSync\wcescomm.exe

C:\Program\Windows Live\Messenger\MsnMsgr.Exe

C:\Program\DNA\btdna.exe

C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program\MICROS~3\rapimgr.exe

C:\Program\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Program\Adobe\Illustrator CS\Support Files\Contents\Windows\Illustrator.exe

C:\Program\Windows Live\Messenger\usnsvc.exe

C:\Program\Adobe\Adobe InDesign CS2\InDesign.exe

C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

C:\DOCUME~1\EM-GRU~1\LOKALA~1\Temp\Adobelm_Cleanup.0001

C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE

C:\Program\Adobe\Reader 8.0\Reader\AcroRd32.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.se

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe

O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program\WS_FTP Pro\wsbho2k0.dll

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program\Norton Internet Security\Engine\16.2.0.7\IPSBHO.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: WebFerret - {A58686ED-FC46-44C3-95C6-4A812AB776F1} - C:\Program\FerretSoft\WebFerret\FerretBand.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll

O4 - HKLM\..\Run: [FerrariWallPaper] C:\Program\FerrariWallPaper\FerrariWP.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [synTPLpr] C:\Program\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [schedulingAgent] mstinit.exe /firstlogon

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\Microsoft ActiveSync\wcescomm.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program\DNA\btdna.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: Uppdateringsagent.lnk = ?

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert to existing PDF - res://C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~3\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~3\INetRepl.dll

O9 - Extra 'Tools' menuitem: Skapa mobilfavorit ... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~3\INetRepl.dll

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1164559863312

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Norton 2009 Reset (.norton2009Reset) - Unknown owner - C:\Documents and Settings\All Users\Application Data\Norton\Norton2009Reset.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - c:\Program\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe

O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe

 

--

End of file - 10463 bytes[/log]

 

Link to comment
Share on other sites

Hej! Ser att du har ett fildelningsprogram igång(BitTorrent) Detta ska hållas avstängt tills vi är färdiga! Sen undrar jag om Norton eller Superantispyware har hittat nåt och isånafall vad?

 

Ladda ner OTViewIt till Skrivbordet:

http://oldtimer.geekstogo.com/OTViewIt.exe

 

Stäng alla program.

Kör OTViewIt (i Vista högerklicka och Kör som administratör).

Bocka för Scan all Users.

Välj 30 dagar för File Age om det inte redan är valt.

Tryck på Run Scan och låt programmet köra ostört.

 

När det är klart så skapas två loggfiler på Skrivbordet, OTViewIt.txt och Extras.txt, klistra in båda två i ditt svar (kom ihåg LOG-knappen).

 

 

Link to comment
Share on other sites

Nä men körde Malwarebytes 14 Januari som hittade nedanstående::

 

[log]Malwarebytes' Anti-Malware 1.32

Databasversion: 1653

Windows 5.1.2600 Service Pack 3

 

2009-01-14 23:49:21

mbam-log-2009-01-14 (23-49-21).txt

 

Skanningstyp: Fullständig skanning (C:\|D:\|)

Antal skannade objekt: 182191

Förfluten tid: 1 hour(s), 7 minute(s), 38 second(s)

 

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 5

Infekterade registervärden: 0

Infekterade registerdataposter: 0

Infekterade mappar: 0

Infekterade filer: 3

 

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

 

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

 

Infekterade registernycklar:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9284ac7f-89c2-30a4-b725-4b80d35bc8ab} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{9284ac7f-89c2-30a4-b725-4b80d35bc8ab} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{bbb57427-bb85-3a97-8261-401bdb52e392} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{1fc723fb-d278-376e-8005-d20d6fd8cec3} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9284ac7f-89c2-30a4-b725-4b80d35bc8ab} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

 

Infekterade registervärden:

(Inga illasinnade poster hittades)

 

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

 

Infekterade mappar:

(Inga illasinnade poster hittades)

 

Infekterade filer:

C:\WINDOWS\system32\xwr25146.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\wr25146.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\qdbon.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.[/log]

 

Lagt till LOG-taggar

När du har klistrat in en logg så var vänlig och markera loggen och tryck sedan på LOG-knappen som finns på samma rad som :thumbsdown::thumbsup: i inläggsfönstret.

Cecilia - Moderator för Virus, skadliga program & botemedel

 

[inlägget ändrat 2009-01-25 02:04:52 av Cecilia]

Link to comment
Share on other sites

Ok har du Malwarebytes kvar i datorn så att du kan uppdatera till den senaste programversionen 1.33 och köra en sväng igen,räcker med en snabb scan! Den senaste versionen har nämligen blivit lite vassare på denna typ av infektioner

 

[inlägget ändrat 2009-01-25 02:12:53 av Laston]

Link to comment
Share on other sites

Här kommer dom 2 filerna:

 

[log]OTViewIt logfile created on: 2009-01-25 02:06:13 - Run

OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\EM-GRUPPEN\Skrivbord

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

1.25 Gb Total Physical Memory | 0.89 Gb Available Physical Memory | 71.57% Memory free

2.98 Gb Paging File | 2.66 Gb Available in Paging File | 89.47% Paging File free

Paging file location(s): C:\pagefile.sys 1920 3840;

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 55.90 Gb Total Space | 31.20 Gb Free Space | 55.82% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: ACER-G3388DKE8U

Current User Name: EM-GRUPPEN

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

 

========== Processes ==========

 

[2003-07-29 16:05:38 | 00,135,168 | | M] (WIDCOMM, Inc.) c:\Program\WIDCOMM\Bluetooth Software\bin\btwdins.exe

[2009-01-15 03:39:22 | 00,152,984 | | M] (Sun Microsystems, Inc.) C:\Program\Java\jre6\bin\jqs.exe

[2008-12-12 04:28:26 | 00,115,560 | R- | M] (Symantec Corporation) C:\Program\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe

[2008-12-12 04:28:26 | 00,115,560 | R- | M] (Symantec Corporation) C:\Program\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe

[2004-03-30 10:37:32 | 00,045,056 | | M] (.) C:\Program\FerrariWallPaper\FerrariWP.exe

[2008-03-08 04:12:22 | 00,185,896 | | M] (RealNetworks, Inc.) C:\Program\Delade filer\Real\Update_OB\realsched.exe

[2006-11-24 02:34:54 | 00,098,304 | | M] (Apple Computer, Inc.) C:\Program\QuickTime\qttask.exe

[2008-04-23 02:08:14 | 00,483,328 | | M] (Adobe Systems Inc.) C:\Program\Adobe\Acrobat 7.0\Distillr\acrotray.exe

[2009-01-15 03:39:22 | 00,136,600 | | M] (Sun Microsystems, Inc.) C:\Program\Java\jre6\bin\jusched.exe

[2003-11-19 15:41:02 | 00,088,363 | | M] (Agere Systems) C:\WINDOWS\AGRSMMSG.exe

[2004-01-09 02:54:06 | 00,065,536 | | M] (Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE

[2003-04-18 14:36:22 | 00,110,592 | | M] (Synaptics, Inc.) C:\Program\Synaptics\SynTP\SynTPLpr.exe

[2003-04-18 15:20:58 | 00,610,304 | | M] (Synaptics, Inc.) C:\Program\Synaptics\SynTP\SynTPEnh.exe

[2006-11-13 15:41:18 | 01,289,000 | | M] (Microsoft Corporation) C:\Program\Microsoft ActiveSync\wcescomm.exe

[2008-12-19 21:50:00 | 00,342,848 | | M] (BitTorrent, Inc.) C:\Program\DNA\btdna.exe

[2006-11-13 15:41:08 | 00,199,464 | | M] (Microsoft Corporation) C:\Program\Microsoft ActiveSync\rapimgr.exe

[2008-10-13 11:25:02 | 12,310,864 | | M] (Microsoft Corporation) C:\Program\Microsoft Office\OFFICE11\WINWORD.EXE

[2007-10-18 11:31:54 | 00,098,328 | | M] (Microsoft Corporation) C:\Program\Windows Live\Messenger\usnsvc.exe

[2009-01-25 01:58:26 | 00,422,912 | | M] (OldTimer Tools) C:\Documents and Settings\EM-GRUPPEN\Skrivbord\OTViewIt.exe

 

========== (O23) Win32 Services ==========

 

[2009-01-09 11:47:10 | 00,281,625 | R- | M] () C:\Documents and Settings\All Users\Application Data\Norton\Norton2009Reset.exe (.norton2009Reset [Auto | Stopped])

[2006-11-24 00:47:06 | 00,072,704 | | M] (Adobe Systems) C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe LM Service [On_Demand | Stopped])

[2007-10-24 01:47:22 | 00,033,800 | | M] (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (aspnet_state [On_Demand | Stopped])

[2004-01-27 21:54:58 | 00,397,312 | | M] () C:\WINDOWS\system32\ati2evxx.exe (Ati HotKey Poller [Auto | Stopped])

[2003-07-29 16:05:38 | 00,135,168 | | M] (WIDCOMM, Inc.) c:\Program\WIDCOMM\Bluetooth Software\bin\btwdins.exe (btwdins [Auto | Running])

[2007-10-24 01:47:40 | 00,070,144 | | M] (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

[2009-01-07 14:03:40 | 00,655,624 | | M] (Acresso Software Inc.) C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (FLEXnet Licensing Service [On_Demand | Stopped])

[2007-10-09 12:58:12 | 00,036,864 | | M] (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (FontCache3.0.0.0 [On_Demand | Stopped])

[2004-10-22 03:24:18 | 00,073,728 | | M] (Macrovision Corporation) C:\Program\Delade filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe (IDriverT [On_Demand | Stopped])

[2007-10-11 09:55:10 | 00,864,256 | | M] (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (idsvc [unknown | Stopped])

[2009-01-15 03:39:22 | 00,152,984 | | M] (Sun Microsystems, Inc.) C:\Program\Java\jre6\bin\jqs.exe (JavaQuickStarterService [Auto | Running])

[2007-10-11 09:55:14 | 00,122,880 | | M] (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (NetTcpPortSharing [Disabled | Stopped])

[2008-12-12 04:28:26 | 00,115,560 | R- | M] (Symantec Corporation) C:\Program\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe (Norton Internet Security [Auto | Running])

[2003-07-28 20:28:22 | 00,089,136 | | M] (Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE (ose [On_Demand | Stopped])

[2006-11-15 10:49:34 | 00,912,384 | | M] (Microsoft Corporation) C:\Program\Windows Media Player\wmpnetwk.exe (WMPNetworkSvc [On_Demand | Stopped])

[2007-10-18 11:31:54 | 00,098,328 | | M] (Microsoft Corporation) C:\Program\Windows Live\Messenger\usnsvc.exe (usnjsvc [On_Demand | Running])

 

========== Driver Services ==========

 

[2008-08-14 07:57:42 | 00,074,720 | | M] (Adobe Systems, Inc.) C:\WINDOWS\System32\drivers\adfs.sys (adfs [Auto | Running])

[2003-11-19 15:41:18 | 01,205,292 | | M] (Agere Systems) C:\WINDOWS\system32\drivers\AGRSM.sys (AgereSoftModem [On_Demand | Running])

[2003-12-11 23:54:14 | 00,391,424 | | M] (Sensaura Ltd) C:\WINDOWS\system32\drivers\ALCXSENS.SYS (ALCXSENS [On_Demand | Stopped])

[2004-01-09 23:17:02 | 00,601,100 | | M] (Realtek Semiconductor Corp.) C:\WINDOWS\system32\drivers\ALCXWDM.SYS (ALCXWDM [On_Demand | Stopped])

[2004-05-08 10:22:14 | 00,038,400 | | M] (Microsoft Corporation) C:\WINDOWS\system32\drivers\AmdK8.sys (AmdK8 [system | Running])

[2004-01-27 21:56:58 | 00,669,696 | | M] (ATI Technologies Inc.) C:\WINDOWS\system32\drivers\ati2mtag.sys (ati2mtag [On_Demand | Stopped])

[2003-05-21 18:47:12 | 00,175,360 | | M] (Broadcom Corporation) C:\WINDOWS\system32\drivers\b57xp32.sys (b57w2k [On_Demand | Running])

[2003-07-17 16:40:06 | 00,265,728 | | M] (Broadcom Corporation) C:\WINDOWS\system32\drivers\BCMWL5.SYS (BCM43XX [On_Demand | Running])

[2008-12-12 04:29:18 | 00,255,536 | | M] (Symantec Corporation) C:\WINDOWS\system32\drivers\NIS\1002000.007\BHDrvx86.sys (BHDrvx86 [system | Running])

[2003-07-01 12:19:20 | 00,021,861 | | M] (WIDCOMM, Inc.) C:\WINDOWS\system32\drivers\btaudio.sys (BtAudio [On_Demand | Running])

[2003-07-01 12:20:38 | 00,030,235 | | M] (WIDCOMM, Inc.) C:\WINDOWS\system32\drivers\btport.sys (BTDriver [On_Demand | Running])

[2003-07-29 15:43:44 | 01,257,418 | | M] (WIDCOMM, Inc.) C:\WINDOWS\system32\drivers\btkrnl.sys (BTKRNL [boot | Running])

[2003-07-01 12:29:10 | 00,022,183 | | M] () C:\WINDOWS\system32\drivers\btserial.sys (BTSERIAL [Auto | Running])

[2003-07-01 12:28:46 | 00,222,876 | | M] (WIDCOMM, Inc.) C:\WINDOWS\system32\drivers\btslbcsp.sys (BTSLBCSP [Auto | Running])

[2003-07-01 12:45:02 | 00,146,812 | | M] (WIDCOMM, Inc.) C:\WINDOWS\system32\drivers\btwdndis.sys (BTWDNDIS [On_Demand | Running])

[2003-07-01 12:18:58 | 00,051,848 | | M] (WIDCOMM, Inc.) C:\WINDOWS\system32\drivers\btwusb.sys (BTWUSB [On_Demand | Stopped])

[2009-01-09 11:42:22 | 00,362,544 | | M] (Symantec Corporation) C:\WINDOWS\system32\drivers\NIS\1002000.007\cchpx86.sys (ccHP [system | Running])

[2003-01-16 12:26:52 | 00,016,256 | | M] (Dritek System Inc.) C:\WINDOWS\system32\drivers\DKbFltr.SYS (DKbFltr [On_Demand | Stopped])

[2009-01-09 11:42:22 | 00,371,248 | | M] (Symantec Corporation) C:\Program\Delade filer\Symantec Shared\EENGINE\eeCtrl.sys (eeCtrl [system | Running])

[2004-01-19 16:27:18 | 00,019,153 | R- | M] (FTDI Ltd.) C:\WINDOWS\system32\drivers\ftdibus.sys (FTDIBUS [On_Demand | Stopped])

[2004-01-19 16:27:26 | 00,006,828 | R- | M] (FTDI Ltd.) C:\WINDOWS\system32\drivers\ftlund.sys (FTLUND [On_Demand | Stopped])

[2004-01-19 16:27:32 | 00,050,396 | R- | M] (FTDI Ltd.) C:\WINDOWS\system32\drivers\ftser2k.sys (FTSER2K [On_Demand | Stopped])

[2008-04-17 13:12:54 | 00,015,464 | | M] (GEAR Software Inc.) C:\WINDOWS\system32\drivers\GEARAspiWDM.sys (GEARAspiWDM [On_Demand | Running])

[2009-01-09 11:42:22 | 00,274,808 | | M] (Symantec Corporation) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090115.001\IDSxpx86.sys (IDSxpx86 [system | Running])

[2007-05-28 17:00:22 | 00,010,240 | | M] () C:\WINDOWS\system32\drivers\mdvrmng.sys (mdvrmng [Auto | Running])

[2009-01-21 17:44:10 | 00,089,104 | | M] (Symantec Corporation) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090124.006\naveng.sys (NAVENG [On_Demand | Running])

[2009-01-21 17:44:10 | 00,876,112 | | M] (Symantec Corporation) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090124.006\navex15.sys (NAVEX15 [On_Demand | Running])

[2004-08-04 07:00:50 | 00,028,672 | | M] (National Semiconductor Corporation) C:\WINDOWS\system32\drivers\nscirda.sys (NSCIRDA [On_Demand | Running])

[2004-05-21 09:42:46 | 00,006,912 | | M] (NewTech Infosystems, Inc.) C:\WINDOWS\system32\drivers\NTIDrvr.sys (NTIDrvr [On_Demand | Running])

[2004-08-04 12:00:00 | 00,017,792 | | M] (Parallel Technologies, Inc.) C:\WINDOWS\system32\drivers\ptilink.sys (Ptilink [On_Demand | Running])

[2004-08-04 12:00:00 | 00,005,888 | | M] (Microsoft Corporation) C:\WINDOWS\system32\drivers\rootmdm.sys (ROOTMODEM [On_Demand | Running])

[2008-12-22 11:06:00 | 00,008,944 | | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) C:\Program\SUPERAntiSpyware\sasdifsv.sys (SASDIFSV [system | Running])

[2008-12-22 11:06:02 | 00,007,408 | R- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) C:\Program\SUPERAntiSpyware\SASENUM.SYS (SASENUM [On_Demand | Running])

[2008-12-22 11:05:58 | 00,055,024 | | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) C:\Program\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL [system | Running])

[2006-05-01 12:16:22 | 00,061,600 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\SE2Ebus.sys (SE2Ebus [On_Demand | Stopped])

[2006-05-01 12:17:12 | 00,009,360 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\SE2Emdfl.sys (SE2Emdfl [On_Demand | Stopped])

[2006-05-01 12:17:16 | 00,097,184 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\SE2Emdm.sys (SE2Emdm [On_Demand | Stopped])

[2006-05-01 12:18:04 | 00,088,688 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\SE2Emgmt.sys (SE2Emgmt [On_Demand | Stopped])

[2006-05-01 12:15:50 | 00,018,704 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\se2End5.sys (se2End5 [On_Demand | Stopped])

[2006-05-01 12:18:54 | 00,086,560 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\SE2Eobex.sys (SE2Eobex [On_Demand | Stopped])

[2006-05-01 12:15:44 | 00,090,800 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\se2Eunic.sys (se2Eunic [On_Demand | Stopped])

[2006-11-30 15:58:18 | 00,061,536 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\se44bus.sys (se44bus [On_Demand | Stopped])

[2006-11-30 15:58:24 | 00,009,360 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\se44mdfl.sys (se44mdfl [On_Demand | Stopped])

[2006-11-30 15:58:26 | 00,097,088 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\se44mdm.sys (se44mdm [On_Demand | Stopped])

[2006-11-30 15:58:30 | 00,088,624 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\se44mgmt.sys (se44mgmt [On_Demand | Stopped])

[2006-11-30 15:58:32 | 00,018,704 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\se44nd5.sys (se44nd5 [On_Demand | Stopped])

[2006-11-30 15:58:34 | 00,086,432 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\se44obex.sys (se44obex [On_Demand | Stopped])

[2006-11-30 15:58:42 | 00,090,800 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\se44unic.sys (se44unic [On_Demand | Stopped])

[2004-08-04 12:00:00 | 00,027,440 | | M] () C:\WINDOWS\system32\drivers\secdrv.sys (Secdrv [On_Demand | Stopped])

[2008-12-12 04:29:18 | 00,306,736 | | M] (Symantec Corporation) C:\WINDOWS\system32\drivers\NIS\1002000.007\srtsp.sys (SRTSP [system | Running])

[2008-12-12 04:29:18 | 00,043,696 | | M] (Symantec Corporation) C:\WINDOWS\system32\drivers\NIS\1002000.007\srtspx.sys (SRTSPX [system | Running])

[2008-12-12 04:29:18 | 00,012,976 | | M] (Symantec Corporation) C:\WINDOWS\system32\drivers\NIS\1002000.007\symdns.sys (SYMDNS [On_Demand | Running])

[2008-12-12 04:29:20 | 00,309,296 | | M] (Symantec Corporation) C:\WINDOWS\system32\drivers\NIS\1002000.007\SymEFA.sys (SymEFA [boot | Running])

[2009-01-09 11:42:30 | 00,124,464 | | M] (Symantec Corporation) C:\WINDOWS\system32\drivers\SYMEVENT.SYS (SymEvent [On_Demand | Running])

[2008-12-12 04:29:20 | 00,089,904 | | M] (Symantec Corporation) C:\WINDOWS\system32\drivers\NIS\1002000.007\symfw.sys (SYMFW [On_Demand | Running])

[2008-12-12 04:29:20 | 00,034,608 | | M] (Symantec Corporation) C:\WINDOWS\system32\drivers\NIS\1002000.007\symids.sys (SYMIDS [On_Demand | Running])

[2008-12-12 04:28:28 | 00,036,272 | R- | M] (Symantec Corporation) C:\WINDOWS\system32\drivers\SymIM.sys (SymIM [On_Demand | Stopped])

[2008-12-12 04:28:28 | 00,036,272 | R- | M] (Symantec Corporation) C:\WINDOWS\system32\drivers\SymIM.sys (SymIMMP [On_Demand | Running])

[2008-12-12 04:29:20 | 00,037,424 | | M] (Symantec Corporation) C:\WINDOWS\system32\drivers\NIS\1002000.007\symndis.sys (SYMNDIS [On_Demand | Running])

[2008-12-12 04:29:20 | 00,024,624 | | M] (Symantec Corporation) C:\WINDOWS\system32\drivers\NIS\1002000.007\symredrv.sys (SYMREDRV [On_Demand | Running])

[2008-12-12 04:29:20 | 00,198,192 | | M] (Symantec Corporation) C:\WINDOWS\system32\drivers\NIS\1002000.007\symtdi.sys (SYMTDI [system | Running])

[2003-04-18 14:00:48 | 00,270,288 | | M] (Synaptics, Inc.) C:\WINDOWS\system32\drivers\SynTP.sys (SynTP [On_Demand | Running])

[2004-08-04 07:04:34 | 00,012,672 | | M] (Microsoft Corporation) C:\WINDOWS\system32\drivers\usb8023x.sys (usb_rndisx [On_Demand | Stopped])

[2007-04-13 08:50:30 | 00,083,080 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\zebrbus.sys (zebrbus [On_Demand | Stopped])

[2007-04-13 08:50:30 | 00,062,984 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\zebrceb.sys (zebrceb [On_Demand | Running])

[2007-04-13 08:50:36 | 00,015,112 | R- | M] (MCCI Corporation) C:\WINDOWS\system32\drivers\zebrmdfl.sys (zebrmdfl [On_Demand | Stopped])

[2007-04-13 08:50:38 | 00,108,296 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\zebrmdm.sys (zebrmdm [On_Demand | Stopped])

[2007-04-13 08:50:38 | 00,108,424 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\zebrmdmc.sys (zebrmdmc [On_Demand | Stopped])

[2007-04-13 08:50:42 | 00,090,888 | R- | M] (MCCI) C:\WINDOWS\system32\drivers\zebrsce.sys (zebrsce [On_Demand | Stopped])

 

========== (R ) Internet Explorer ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Default_Secondary_Page_URL"=

"Extensions Off Page"=about:NoAdd-ons

"Local Page"=%SystemRoot%\system32\blank.htm

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Security Risk Page"=about:SecurityRisk

"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]

"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\WINDOWS\system32\blank.htm

"Page_Transitions"=

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Start Page"=http://google.se

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]

"Provider"=

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

"ProxyOverride" = *.local

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-21-1017937101-173008773-135449575-1006\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\WINDOWS\system32\blank.htm

"Page_Transitions"=

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Start Page"=http://google.se

 

[HKEY_USERS\S-1-5-21-1017937101-173008773-135449575-1006\Software\Microsoft\Internet Explorer\SearchURL]

"Provider"=

 

[HKEY_USERS\S-1-5-21-1017937101-173008773-135449575-1006\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-1017937101-173008773-135449575-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

"ProxyOverride" = *.local

 

========== (O1) Hosts File ==========

 

HOSTS File = (710 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

First 25 entries...

127.0.0.1 localhost

 

========== (O2) BHO's ==========

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

{3049C3E9-B461-4BC5-8870-4C09146192CA} (HKLM) C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)

{601ED020-FB6C-11D3-87D8-0050DA59922B} (HKLM) C:\Program\WS_FTP Pro\wsbho2k0.dll (Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421)

{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} (HKLM) C:\Program\Norton Internet Security\Engine\16.2.0.7\CoIEPlg.dll (Symantec Corporation)

{6D53EC84-6AAE-4787-AEEE-F4628F01010C} (HKLM) C:\Program\Norton Internet Security\Engine\16.2.0.7\IPSBHO.dll (Symantec Corporation)

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) C:\Program\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) Reg Error: Key does not exist or could not be opened. File not found

{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

{AE7CD045-E861-484f-8273-0445EE161910} (HKLM) C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) C:\Program\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

 

========== (O3) Toolbars ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" (HKLM) C:\Program\Norton Internet Security\Engine\16.2.0.7\CoIEPlg.dll (Symantec Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{A58686ED-FC46-44C3-95C6-4A812AB776F1}" (HKLM) C:\Program\FerretSoft\WebFerret\FerretBand.dll ()

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]

"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}" (HKLM) Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-21-1017937101-173008773-135449575-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]

"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-21-1017937101-173008773-135449575-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

 

[HKEY_USERS\S-1-5-21-1017937101-173008773-135449575-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}" (HKLM) Reg Error: Key does not exist or could not be opened. File not found

 

========== (O4) Run Keys ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

""= File not found

"Acrobat Assistant 7.0"="C:\Program\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" (Adobe Systems Inc.)

"Adobe Reader Speed Launcher"="C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)

"AdobeCS4ServiceManager"="C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin (Adobe Systems Incorporated)

"AGRSMMSG"=AGRSMMSG.exe (Agere Systems)

"FerrariWallPaper"=C:\Program\FerrariWallPaper\FerrariWP.exe (.)

"QuickTime Task"="C:\Program\QuickTime\qttask.exe" -atboottime (Apple Computer, Inc.)

"SchedulingAgent"=mstinit.exe /firstlogon (Microsoft Corporation)

"SoundMan"=SOUNDMAN.EXE (Realtek Semiconductor Corp.)

"SunJavaUpdateSched"="C:\Program\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)

"SynTPEnh"=C:\Program\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)

"SynTPLpr"=C:\Program\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)

"TkBellExe"="C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BitTorrent DNA"="C:\Program\DNA\btdna.exe" (BitTorrent, Inc.)

"H/PC Connection Agent"="C:\Program\Microsoft ActiveSync\wcescomm.exe" (Microsoft Corporation)

"msnmsgr"="C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)

"SUPERAntiSpyware"=C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

 

[HKEY_USERS\S-1-5-21-1017937101-173008773-135449575-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BitTorrent DNA"="C:\Program\DNA\btdna.exe" (BitTorrent, Inc.)

"H/PC Connection Agent"="C:\Program\Microsoft ActiveSync\wcescomm.exe" (Microsoft Corporation)

"msnmsgr"="C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)

"SUPERAntiSpyware"=C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

 

========== (O4) Startup Folders ==========

 

File not found C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Adobe Acrobat Speed Launcher.lnk =

[2007-11-01 14:33:28 | 00,442,368 | | M] (Birdstep Technology) C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Uppdateringsagent.lnk = C:\Program\3\3Connect\AutoUpdateSrv.exe

 

========== (O6 & O7) Current Version Policies ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=28

"NoRun"=0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"DisableTaskMgr"=0

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

"NoRun"=0

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"DisableTaskMgr"=0

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"DisableTaskMgr"=0

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"DisableTaskMgr"=0

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"DisableTaskMgr"=0

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"DisableTaskMgr"=0

 

[HKEY_USERS\S-1-5-21-1017937101-173008773-135449575-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

"NoRun"=0

 

[HKEY_USERS\S-1-5-21-1017937101-173008773-135449575-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"DisableTaskMgr"=0

 

========== (O8) IE Context Menu Extensions ==========

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]

Convert link target to Adobe PDF: C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 04:18:14 | 00,231,160 | | M] (Adobe Systems Incorporated)

Convert link target to existing PDF: C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 04:18:14 | 00,231,160 | | M] (Adobe Systems Incorporated)

Convert selected links to Adobe PDF: C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 04:18:14 | 00,231,160 | | M] (Adobe Systems Incorporated)

Convert selected links to existing PDF: C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 04:18:14 | 00,231,160 | | M] (Adobe Systems Incorporated)

Convert selection to Adobe PDF: C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 04:18:14 | 00,231,160 | | M] (Adobe Systems Incorporated)

Convert selection to existing PDF: C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 04:18:14 | 00,231,160 | | M] (Adobe Systems Incorporated)

Convert to Adobe PDF: C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 04:18:14 | 00,231,160 | | M] (Adobe Systems Incorporated)

Convert to existing PDF: C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 04:18:14 | 00,231,160 | | M] (Adobe Systems Incorporated)

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\OFFICE11\EXCEL.EXE [2008-10-13 11:29:28 | 10,351,944 | | M] (Microsoft Corporation)

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\OFFICE11\EXCEL.EXE [2008-10-13 11:29:28 | 10,351,944 | | M] (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\OFFICE11\EXCEL.EXE [2008-10-13 11:29:28 | 10,351,944 | | M] (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-21-1017937101-173008773-135449575-1006\Software\Microsoft\Internet Explorer\MenuExt\]

Convert link target to Adobe PDF: C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 04:18:14 | 00,231,160 | | M] (Adobe Systems Incorporated)

Convert link target to existing PDF: C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 04:18:14 | 00,231,160 | | M] (Adobe Systems Incorporated)

Convert selected links to Adobe PDF: C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 04:18:14 | 00,231,160 | | M] (Adobe Systems Incorporated)

Convert selected links to existing PDF: C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 04:18:14 | 00,231,160 | | M] (Adobe Systems Incorporated)

Convert selection to Adobe PDF: C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 04:18:14 | 00,231,160 | | M] (Adobe Systems Incorporated)

Convert selection to existing PDF: C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 04:18:14 | 00,231,160 | | M] (Adobe Systems Incorporated)

Convert to Adobe PDF: C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 04:18:14 | 00,231,160 | | M] (Adobe Systems Incorporated)

Convert to existing PDF: C:\Program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 04:18:14 | 00,231,160 | | M] (Adobe Systems Incorporated)

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\OFFICE11\EXCEL.EXE [2008-10-13 11:29:28 | 10,351,944 | | M] (Microsoft Corporation)

 

========== (O9) IE Extensions ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Button: Blogga detta %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2007-10-26 18:09:54 | 00,154,640 | | M] (Microsoft Corporation)

{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Menu: &Blogga detta i Windows Live Writer %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2007-10-26 18:09:54 | 00,154,640 | | M] (Microsoft Corporation)

{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}: Button: Create Mobile Favorite %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [2006-11-13 15:41:04 | 00,158,504 | | M] (Microsoft Corporation)

{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}: Menu: Skapa mobilfavorit ... %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [2006-11-13 15:41:04 | 00,158,504 | | M] (Microsoft Corporation)

{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Referensinformation %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [2007-04-19 14:10:18 | 00,063,840 | | M] (Microsoft Corporation)

{CCA281CA-C863-46ef-9331-5C8D4460577F}: Button: @btrez.dll,-4015 %ProgramFiles%\WIDCOMM\Bluetooth Software\btsendto_ie.htm [2003-05-29 13:53:08 | 00,002,681 | | M] ()

{CCA281CA-C863-46ef-9331-5C8D4460577F}: Menu: @btrez.dll,-4017 %ProgramFiles%\WIDCOMM\Bluetooth Software\btsendto_ie.htm [2003-05-29 13:53:08 | 00,002,681 | | M] ()

{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 %SystemRoot%\network diagnostic\xpnetdiag.exe [2008-04-13 20:53:32 | 00,558,080 | | M] (Microsoft Corporation)

{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger %ProgramFiles%\Messenger\msmsgs.exe [2008-04-14 18:05:14 | 01,695,232 | | M] (Microsoft Corporation)

{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger %ProgramFiles%\Messenger\msmsgs.exe [2008-04-14 18:05:14 | 01,695,232 | | M] (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [blogga detta] -> [2007-10-26 18:09:54 | 00,154,640 | | M] (Microsoft Corporation)

CmdMapping\\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [Create Mobile Favorite] -> [2006-11-13 15:41:04 | 00,158,504 | | M] (Microsoft Corporation)

CmdMapping\\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [skapa mobilfavorit ...] -> [2006-11-13 15:41:04 | 00,158,504 | | M] (Microsoft Corporation)

CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Referensinformation] -> [2007-04-19 14:10:18 | 00,063,840 | | M] (Microsoft Corporation)

CmdMapping\\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [@btrez.dll,-4015] -> File not found

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008-04-13 20:53:32 | 00,558,080 | | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 18:05:14 | 01,695,232 | | M] (Microsoft Corporation)

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [blogga detta] -> [2007-10-26 18:09:54 | 00,154,640 | | M] (Microsoft Corporation)

CmdMapping\\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [Create Mobile Favorite] -> [2006-11-13 15:41:04 | 00,158,504 | | M] (Microsoft Corporation)

CmdMapping\\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [skapa mobilfavorit ...] -> [2006-11-13 15:41:04 | 00,158,504 | | M] (Microsoft Corporation)

CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Referensinformation] -> [2007-04-19 14:10:18 | 00,063,840 | | M] (Microsoft Corporation)

CmdMapping\\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [@btrez.dll,-4015] -> File not found

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008-04-13 20:53:32 | 00,558,080 | | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 18:05:14 | 01,695,232 | | M] (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [blogga detta] -> [2007-10-26 18:09:54 | 00,154,640 | | M] (Microsoft Corporation)

CmdMapping\\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [Create Mobile Favorite] -> [2006-11-13 15:41:04 | 00,158,504 | | M] (Microsoft Corporation)

CmdMapping\\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [skapa mobilfavorit ...] -> [2006-11-13 15:41:04 | 00,158,504 | | M] (Microsoft Corporation)

CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Referensinformation] -> [2007-04-19 14:10:18 | 00,063,840 | | M] (Microsoft Corporation)

CmdMapping\\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [@btrez.dll,-4015] -> File not found

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008-04-13 20:53:32 | 00,558,080 | | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 18:05:14 | 01,695,232 | | M] (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-1017937101-173008773-135449575-1006\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [blogga detta] -> [2007-10-26 18:09:54 | 00,154,640 | | M] (Microsoft Corporation)

CmdMapping\\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [Create Mobile Favorite] -> [2006-11-13 15:41:04 | 00,158,504 | | M] (Microsoft Corporation)

CmdMapping\\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [skapa mobilfavorit ...] -> [2006-11-13 15:41:04 | 00,158,504 | | M] (Microsoft Corporation)

CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Referensinformation] -> [2007-04-19 14:10:18 | 00,063,840 | | M] (Microsoft Corporation)

CmdMapping\\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [@btrez.dll,-4015] -> File not found

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008-04-13 20:53:32 | 00,558,080 | | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 18:05:14 | 01,695,232 | | M] (Microsoft Corporation)

 

========== (O12) Internet Explorer Plugins ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]

PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s

PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

 

========== (O13) Default Prefixes ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]

""=http://

 

========== (O15) Trusted Sites ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

1 domain(s) and sub-domain(s) not assigned to a zone.

 

========== (O16) DPF ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]

{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}: http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab Office Genuine Advantage Validation Tool

{166B1BCA-3F9C-11CF-8075-444553540000}: http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab Shockwave ActiveX Control

{17492023-C23A-453E-A040-C7C580BBF700}: http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab Windows Genuine Advantage Validation Tool

{4F1E5B1A-2A80-42CA-8532-2D05CB959537}: http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab MSN Photo Upload Tool

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}: http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1164559863312 MUWebControl Class

{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab Java Plug-in 1.6.0_11

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab Reg Error: Key does not exist or could not be opened.

{C7DB51B4-BCF7-4923-8874-7F1A0DC92277}: http://office.microsoft.com/officeupdate/content/opuc4.cab Office Update Installation Engine

{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab Java Plug-in 1.6.0_11

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab Java Plug-in 1.6.0_11

{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Shockwave Flash Object

Microsoft XML Parser for Java: file://C:\WINDOWS\Java\classes\xmldso.cab Reg Error: Key does not exist or could not be opened.

 

========== (O17) DNS Name Servers ==========

 

{1D098439-FCF9-46C6-B5A4-AFE160858786} (Servers: | Description: )

{46749698-AD1A-495D-9DB1-565835F21A04} (Servers: | Description: )

{549B0B16-C198-4D9F-B031-579C3DEB94A2} (Servers: | Description: )

{6347E77F-5A2D-423D-A2C5-40F08639F43A} (Servers: | Description: 1394 Net Adapter)

{68CE18F7-5DFB-4D4A-9087-0A3AC1902F4F} (Servers: | Description: Broadcom NetXtreme Gigabit Ethernet)

{98808A97-44B1-41F5-AA9B-141345A50469} (Servers: | Description: )

{9D15041C-EF86-4C89-AA1E-5A58C5BF2FDE} (Servers: | Description: )

{9DE483ED-AEF3-4039-8535-805C8C99E403} (Servers: | Description: )

{C511A04F-87EB-49D3-B4FA-598E865BD921} (Servers: | Description: WLAN 802.11g mini-PCI Module)

{EBA38B3E-D601-4BF8-830D-BA03444C5C95} (Servers: | Description: )

 

========== (O20) Winlogon Notify Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]

!SASWinLogon: "DllName" = C:\Program\SUPERAntiSpyware\SASWINLO.dll C:\Program\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)

 

========== IFEO "Debugger" Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\]

iexplore.exe:"Debugger" = C:\WINDOWS\system32\klomp.exe File not found

 

========== Shell Execute Hooks ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" (HKLM) C:\Program\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

 

========== Safeboot Options ==========

 

"AlternateShell"=cmd.exe

 

========== CDRom AutoRun Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 1

 

========== Autorun Files on Drives ==========

 

AUTOEXEC.BAT []

[2009-01-24 20:56:45 | 00,000,000 | | M] () C:\AUTOEXEC.BAT [ NTFS ]

 

========== MountPoints2 ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d3b1f30-6dcb-11dd-af96-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d3b1f30-6dcb-11dd-af96-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d3b1f31-6dcb-11dd-af96-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d3b1f31-6dcb-11dd-af96-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{196b5abc-6d2c-11dd-af93-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{196b5abc-6d2c-11dd-af93-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1be8af78-9f88-11dc-adf1-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1be8af78-9f88-11dc-adf1-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e925214-7364-11dd-af9e-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e925214-7364-11dd-af9e-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{217a2b4e-d9a5-11dd-b9ad-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{217a2b4e-d9a5-11dd-b9ad-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{285255d2-7054-11dd-af98-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{285255d2-7054-11dd-af98-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{285255d3-7054-11dd-af98-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{285255d3-7054-11dd-af98-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31381138-8d86-11dd-afe0-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31381138-8d86-11dd-afe0-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31381139-8d86-11dd-afe0-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31381139-8d86-11dd-afe0-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3dd41df7-716b-11dd-af9a-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3dd41df7-716b-11dd-af9a-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{462d6bef-7b43-11db-ab7f-806d6172696f}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{462d6bef-7b43-11db-ab7f-806d6172696f}\Shell\AutoRun\command]

""=E:\setup.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ce4cf76-8bbe-11dd-afdd-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ce4cf76-8bbe-11dd-afdd-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ce4cf77-8bbe-11dd-afdd-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ce4cf77-8bbe-11dd-afdd-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52c4feb2-6886-11dd-af8e-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52c4feb2-6886-11dd-af8e-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52c4feb3-6886-11dd-af8e-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52c4feb3-6886-11dd-af8e-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5caeac3e-7114-11dd-af99-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5caeac3e-7114-11dd-af99-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5caeac3f-7114-11dd-af99-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5caeac3f-7114-11dd-af99-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9f49244a-9b01-11dd-b006-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9f49244a-9b01-11dd-b006-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9f49244b-9b01-11dd-b006-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9f49244b-9b01-11dd-b006-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a016c972-d9a9-11dd-b9ae-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a016c972-d9a9-11dd-b9ae-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b42a7b04-16f2-11dd-aee2-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b42a7b04-16f2-11dd-aee2-000e9b130921}\Shell\AutoRun\command]

""=E:\setup.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bcf8f978-688d-11dd-af8f-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bcf8f978-688d-11dd-af8f-000e9b130921}\Shell\AutoRun\command]

""=E:\AutoRun.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc9cc136-0b7c-11dd-aed6-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc9cc136-0b7c-11dd-aed6-000e9b130921}\Shell\AutoRun\command]

""=E:\LaunchU3.exe File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{def8ae6a-9fe6-11dc-adf4-000e9b130921}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{def8ae6a-9fe6-11dc-adf4-000e9b130921}\Shell\AutoRun\command]

""=H:\AutoRun.exe File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[2 C:\WINDOWS\System32\*.tmp files]

[5 C:\WINDOWS\*.tmp files]

[2009-01-25 02:01:34 | 00,422,912 | | C] (OldTimer Tools) C:\Documents and Settings\EM-GRUPPEN\Skrivbord\OTViewIt.exe

[2009-01-25 00:38:00 | 00,000,000 | -HSD | C] C:\RECYCLER

[2009-01-24 22:33:07 | 00,000,000 | -D | C] C:\Documents and Settings\EM-GRUPPEN\Mina dokument\Updater

[2009-01-24 22:28:48 | 40,390,656 | | C] () C:\Documents and Settings\EM-GRUPPEN\Mina dokument\IGLO Lufttät.indd

[2009-01-24 22:27:47 | 00,000,000 | -D | C] C:\Documents and Settings\EM-GRUPPEN\Mina dokument\X-Gloo

[2009-01-24 22:20:26 | 00,000,604 | | C] () C:\Documents and Settings\EM-GRUPPEN\Mina dokument\Mina delade mappar.lnk

[2009-01-24 22:05:36 | 00,000,000 | -HSD | C] C:\Config.Msi

[2009-01-24 22:03:33 | 00,012,676 | | C] () C:\WINDOWS\System32\wpa.bak

[2009-01-24 21:57:53 | 00,000,000 | -D | C] C:\WINDOWS\Prefetch

[2009-01-24 21:53:30 | 00,156,672 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\winzm.ime

[2009-01-24 21:53:30 | 00,156,672 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\winsp.ime

[2009-01-24 21:53:29 | 00,156,672 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\winpy.ime

[2009-01-24 21:53:29 | 00,065,536 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\winime.ime

[2009-01-24 21:53:28 | 00,079,360 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\winar30.ime

[2009-01-24 21:53:28 | 00,069,120 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\wingb.ime

[2009-01-24 21:53:27 | 00,031,232 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\weitekp9.sys

[2009-01-24 21:53:26 | 00,041,600 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\weitekp9.dll

[2009-01-24 21:53:23 | 00,075,776 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\wam51.dll

[2009-01-24 21:53:23 | 00,053,248 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\wamreg51.dll

[2009-01-24 21:53:23 | 00,009,216 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\wamps51.dll

[2009-01-24 21:53:20 | 00,360,960 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\w3svc.dll

[2009-01-24 21:53:20 | 00,005,632 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\w3svapi.dll

[2009-01-24 21:53:19 | 00,073,728 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\w3ext.dll

[2009-01-24 21:53:19 | 00,048,256 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\w32.dll

[2009-01-24 21:53:19 | 00,004,608 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\w3ctrs51.dll

[2009-01-24 21:53:18 | 00,426,041 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\voicepad.dll

[2009-01-24 21:53:18 | 00,086,073 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\voicesub.dll

[2009-01-24 21:53:04 | 00,076,288 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\uniime.dll

[2009-01-24 21:53:04 | 00,065,024 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\unicdime.ime

[2009-01-24 21:53:03 | 00,103,936 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\uihelper.dll

[2009-01-24 21:53:01 | 00,014,336 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\tsprof.exe

[2009-01-24 21:52:59 | 00,031,232 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\tools.dll

[2009-01-24 21:52:59 | 00,010,240 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\tmigrate.dll

[2009-01-24 21:52:58 | 00,571,392 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\tintlgnt.ime

[2009-01-24 21:52:58 | 00,455,168 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\tintsetp.exe

[2009-01-24 21:52:58 | 00,044,032 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\tintlphr.exe

[2009-01-24 21:52:56 | 00,021,896 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\tdipx.sys

[2009-01-24 21:52:56 | 00,019,464 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\tdspx.sys

[2009-01-24 21:52:55 | 00,013,192 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\tdasync.sys

[2009-01-24 21:52:52 | 00,046,592 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\svcext51.dll

[2009-01-24 21:52:51 | 00,046,592 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\sspifilt.dll

[2009-01-24 21:52:51 | 00,016,896 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\status.dll

[2009-01-24 21:52:50 | 00,045,568 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\ssinc51.dll

[2009-01-24 21:52:49 | 00,101,376 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\srusbusd.dll

[2009-01-24 21:52:44 | 00,143,422 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\softkey.dll

[2009-01-24 21:52:43 | 00,040,448 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\snmpthrd.dll

[2009-01-24 21:52:43 | 00,010,240 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\snmpstup.dll

[2009-01-24 21:52:43 | 00,008,704 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\snmptrap.exe

[2009-01-24 21:52:43 | 00,007,168 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll

[2009-01-24 21:52:42 | 00,358,400 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\snmpincl.dll

[2009-01-24 21:52:42 | 00,259,072 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\snmpcl.dll

[2009-01-24 21:52:42 | 00,188,416 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\snmpsmir.dll

[2009-01-24 21:52:42 | 00,032,256 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\snmp.exe

[2009-01-24 21:52:42 | 00,006,144 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\snmpmib.dll

[2009-01-24 21:52:41 | 00,460,288 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\smtpsvc.dll

[2009-01-24 21:52:41 | 00,012,288 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll

[2009-01-24 21:52:40 | 00,236,544 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\smi2smir.exe

[2009-01-24 21:52:40 | 00,015,872 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\smierrsm.dll

[2009-01-24 21:52:40 | 00,010,752 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\smtpapi.dll

[2009-01-24 21:52:40 | 00,005,632 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\smimsgif.dll

[2009-01-24 21:52:40 | 00,005,632 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\smierrsy.dll

[2009-01-24 21:52:39 | 00,038,912 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\sm9aw.dll

[2009-01-24 21:52:39 | 00,031,744 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\smb6w.dll

[2009-01-24 21:52:39 | 00,031,744 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\sma3w.dll

[2009-01-24 21:52:39 | 00,026,624 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\sm93w.dll

[2009-01-24 21:52:39 | 00,026,624 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\sm92w.dll

[2009-01-24 21:52:39 | 00,026,112 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\sm90w.dll

[2009-01-24 21:52:39 | 00,026,112 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\sm8dw.dll

[2009-01-24 21:52:38 | 00,030,208 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\sm87w.dll

[2009-01-24 21:52:38 | 00,030,208 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\sm81w.dll

[2009-01-24 21:52:38 | 00,029,184 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\sm8cw.dll

[2009-01-24 21:52:38 | 00,026,112 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\sm8aw.dll

[2009-01-24 21:52:38 | 00,026,112 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\sm89w.dll

[2009-01-24 21:52:38 | 00,025,088 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\sm59w.dll

[2009-01-24 21:50:45 | 00,026,112 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\EXCH_seos.dll

[2009-01-24 21:50:44 | 00,057,856 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\EXCH_scripto.dll

[2009-01-24 21:41:40 | 00,053,760 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\pintlcsd.dll

[2009-01-24 21:39:54 | 00,038,912 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll

[2009-01-24 21:39:53 | 00,044,544 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\nsepm.dll

[2009-01-24 21:29:27 | 00,007,680 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\migregdb.exe

[2009-01-24 21:29:26 | 00,092,416 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\mga.sys

[2009-01-24 21:29:25 | 00,085,504 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\metada51.dll

[2009-01-24 21:29:25 | 00,037,888 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\md5filt.dll

[2009-01-24 21:29:25 | 00,026,624 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\mdsync.dll

[2009-01-24 21:29:23 | 00,065,536 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll

[2009-01-24 21:29:21 | 00,022,528 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\lpdsvc.dll

[2009-01-24 21:29:21 | 00,022,016 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\logscrpt.dll

[2009-01-24 21:29:21 | 00,018,944 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\lprmon.dll

[2009-01-24 21:29:21 | 00,013,312 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\lonsint.dll

[2009-01-24 21:29:20 | 00,033,792 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\lmmib2.dll

[2009-01-24 21:29:17 | 01,158,818 | | C] () C:\WINDOWS\System32\dllcache\korwbrkr.lex

[2009-01-24 21:29:16 | 00,070,656 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\korwbrkr.dll

[2009-01-24 21:29:14 | 00,009,216 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\kbdnecat.dll

[2009-01-24 21:29:14 | 00,007,680 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\kbdnecnt.dll

[2009-01-24 21:29:14 | 00,007,168 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\kbdnec95.dll

[2009-01-24 21:29:14 | 00,006,656 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\kbdlk41a.dll

[2009-01-24 21:29:14 | 00,006,144 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\kbdlk41j.dll

[2009-01-24 21:29:13 | 00,007,168 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\kbdibm02.dll

[2009-01-24 21:29:11 | 00,018,432 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\jupiw.dll

[2009-01-24 21:29:11 | 00,006,144 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\kbdax2.dll

[2009-01-24 21:29:11 | 00,006,144 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\kbd106n.dll

[2009-01-24 21:29:11 | 00,006,144 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\kbd101a.dll

[2009-01-24 21:29:11 | 00,006,144 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\kbd101.dll

[2009-01-24 21:29:10 | 00,009,216 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\iwrps.dll

[2009-01-24 21:29:09 | 00,026,624 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\iscomlog.dll

[2009-01-24 21:29:09 | 00,007,168 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\isapips.dll

[2009-01-24 21:29:07 | 00,034,816 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\iprip.dll

[2009-01-24 21:29:06 | 00,008,704 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\infoctrs.dll

[2009-01-24 21:29:05 | 00,257,024 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\infocomm.dll

[2009-01-24 21:29:05 | 00,015,872 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\inetin51.exe

[2009-01-24 21:29:03 | 00,315,452 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\imskf.dll

[2009-01-24 21:17:27 | 00,562,176 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fxsst.dll

[2009-01-24 21:17:27 | 00,011,264 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fxssend.exe

[2009-01-24 21:16:20 | 00,072,192 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fxscom.dll

[2009-01-24 21:13:32 | 00,124,416 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\ftpsv251.dll

[2009-01-24 21:13:32 | 00,007,680 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\ftpctrs2.dll

[2009-01-24 21:13:32 | 00,006,144 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\ftpmib.dll

[2009-01-24 21:11:44 | 00,014,336 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\exstrace.dll

[2009-01-24 21:11:43 | 00,106,496 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\evntagnt.dll

[2009-01-24 21:11:43 | 00,093,184 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\evntwin.exe

[2009-01-24 21:11:43 | 00,025,088 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\evntcmd.exe

[2009-01-24 21:11:40 | 00,057,856 | | C] (SEIKO EPSON CORP.) C:\WINDOWS\System32\dllcache\esuimgd.dll

[2009-01-24 21:11:40 | 00,045,056 | | C] (SEIKO EPSON CORP.) C:\WINDOWS\System32\dllcache\esunid.dll

[2009-01-24 21:11:40 | 00,031,744 | | C] (SEIKO EPSON CORP.) C:\WINDOWS\System32\dllcache\esucmd.dll

[2009-01-24 21:11:40 | 00,025,856 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\et4000.sys

[2009-01-24 21:08:24 | 00,056,320 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\convlog.exe

[2009-01-24 21:00:56 | 00,054,528 | | C] (Philips Semiconductors GmbH) C:\WINDOWS\System32\dllcache\cap7146.sys

[2009-01-24 21:00:55 | 00,218,112 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\c_g18030.dll

[2009-01-24 21:00:55 | 00,006,656 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\c_is2022.dll

[2009-01-24 20:57:54 | 00,029,184 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\asptxn.dll

[2009-01-24 20:57:54 | 00,010,240 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\aspperf.dll

[2009-01-24 20:57:53 | 00,370,176 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\asp51.dll

[2009-01-24 20:57:53 | 00,332,288 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\aqueue.dll

[2009-01-24 20:57:53 | 00,045,056 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll

[2009-01-24 20:57:52 | 00,109,056 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\appconf.dll

[2009-01-24 20:57:51 | 00,019,456 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\agt0804.dll

[2009-01-24 20:57:51 | 00,019,456 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\agt0412.dll

[2009-01-24 20:57:51 | 00,019,456 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\agt0411.dll

[2009-01-24 20:57:50 | 00,019,456 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\agt0404.dll

[2009-01-24 20:57:47 | 00,050,176 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\adrot.dll

[2009-01-24 20:57:47 | 00,005,632 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll

[2009-01-24 20:57:46 | 00,029,696 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\admexs.dll

[2009-01-24 20:57:46 | 00,006,144 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\admxprox.dll

[2009-01-24 20:57:38 | 00,007,168 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\wamregps.dll

[2009-01-24 20:57:37 | 00,032,827 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\tcptest.exe

[2009-01-24 20:57:37 | 00,016,384 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\tcptsat.dll

[2009-01-24 20:57:36 | 00,008,192 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\staxmem.dll

[2009-01-24 20:57:35 | 00,189,440 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\smtpadm.dll

[2009-01-24 20:57:35 | 00,020,536 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\shtml.dll

[2009-01-24 20:57:35 | 00,016,437 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\shtml.exe

[2009-01-24 20:57:30 | 00,077,312 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\logui.ocx

[2009-01-24 20:57:29 | 00,068,608 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\isatq.dll

[2009-01-24 20:57:29 | 00,019,968 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\inetsloc.dll

[2009-01-24 20:57:29 | 00,013,312 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\infoadmn.dll

[2009-01-24 20:57:29 | 00,007,680 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\inetmgr.exe

[2009-01-24 20:57:28 | 00,831,488 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\inetmgr.dll

[2009-01-24 20:57:28 | 00,170,496 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\iisui.dll

[2009-01-24 20:57:28 | 00,133,632 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\iisrtl.dll

[2009-01-24 20:57:28 | 00,030,720 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\iisrstas.exe

[2009-01-24 20:57:27 | 00,068,608 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\iisext51.dll

[2009-01-24 20:57:27 | 00,064,000 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\iismap.dll

[2009-01-24 20:57:27 | 00,020,538 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fpremadm.exe

[2009-01-24 20:57:27 | 00,014,336 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\iisreset.exe

[2009-01-24 20:57:27 | 00,006,144 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\ftpsapi2.dll

[2009-01-24 20:57:27 | 00,005,632 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\iisrstap.dll

[2009-01-24 20:57:26 | 00,598,071 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fpmmc.dll

[2009-01-24 20:57:26 | 00,208,896 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fpmmcsat.dll

[2009-01-24 20:57:26 | 00,188,494 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fpcount.exe

[2009-01-24 20:57:26 | 00,109,328 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fp98swin.exe

[2009-01-24 20:57:26 | 00,020,541 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fpexedll.dll

[2009-01-24 20:57:25 | 00,876,653 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fp4awel.dll

[2009-01-24 20:57:25 | 00,102,509 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fp4atxt.dll

[2009-01-24 20:57:25 | 00,049,212 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fp4awebs.dll

[2009-01-24 20:57:25 | 00,041,020 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fp4avnb.dll

[2009-01-24 20:57:25 | 00,032,826 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fp4avss.dll

[2009-01-24 20:57:25 | 00,014,608 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fp98sadm.exe

[2009-01-24 20:57:24 | 00,184,435 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fp4amsft.dll

[2009-01-24 20:57:24 | 00,147,513 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fp4apws.dll

[2009-01-24 20:57:24 | 00,082,035 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fp4anscp.dll

[2009-01-24 20:57:24 | 00,049,210 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\fp4areg.dll

[2009-01-24 20:57:23 | 00,276,480 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\certwiz.ocx

[2009-01-24 20:57:23 | 00,188,480 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\cfgwiz.exe

[2009-01-24 20:57:23 | 00,076,800 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\cnfgprts.ocx

[2009-01-24 20:57:23 | 00,046,592 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\coadmin.dll

[2009-01-24 20:57:22 | 00,094,720 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\certmap.ocx

[2009-01-24 20:57:22 | 00,020,540 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\author.dll

[2009-01-24 20:57:22 | 00,016,439 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\author.exe

[2009-01-24 20:57:21 | 00,290,816 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\adsiis51.dll

[2009-01-24 20:57:21 | 00,043,520 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\admwprox.dll

[2009-01-24 20:57:21 | 00,016,439 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\admin.exe

[2009-01-24 20:57:20 | 00,020,540 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\admin.dll

[2009-01-24 20:56:45 | 00,000,000 | | C] () C:\CONFIG.SYS

[2009-01-24 20:56:45 | 00,000,000 | | C] () C:\AUTOEXEC.BAT

[2009-01-24 20:54:13 | 00,016,384 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\isignup.exe

[2009-01-24 20:51:13 | 00,020,480 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\inetwiz.exe

[2009-01-24 20:43:19 | 00,153,088 | | C] (Microsoft Corporation) C:\WINDOWS\System32\irftp.exe

[2009-01-24 20:43:19 | 00,087,424 | | C] (Microsoft Corporation) C:\WINDOWS\System32\drivers\irda.sys

[2009-01-24 20:43:19 | 00,027,136 | | C] (Microsoft Corporation) C:\WINDOWS\System32\irmon.dll

[2009-01-24 20:43:19 | 00,008,192 | | C] (Microsoft Corporation) C:\WINDOWS\System32\wshirda.dll

[2009-01-24 20:28:46 | 00,019,584 | | C] (Microsoft Corporation) C:\WINDOWS\System32\drivers\rasirda.sys

[2009-01-24 20:22:50 | 00,000,000 | -D | C] C:\WINDOWS\LastGood.Tmp

[2009-01-24 20:22:44 | 00,024,661 | | C] (Perle Systems Ltd.) C:\WINDOWS\System32\spxcoins.dll

[2009-01-24 20:22:44 | 00,024,661 | | C] (Perle Systems Ltd.) C:\WINDOWS\System32\dllcache\spxcoins.dll

[2009-01-24 20:22:44 | 00,013,312 | | C] (Microsoft Corporation) C:\WINDOWS\System32\irclass.dll

[2009-01-24 20:22:44 | 00,013,312 | | C] (Microsoft Corporation) C:\WINDOWS\System32\dllcache\irclass.dll

[2009-01-24 20:22:26 | 00,141,702 | | C] () C:\WINDOWS\System32\dllcache\netfx.cat

[2009-01-24 20:22:25 | 01,086,058 | | C] () C:\WINDOWS\System32\dllcache\NTPRINT.CAT

[2009-01-24 20:22:25 | 01,013,559 | | C] () C:\WINDOWS\System32\dllcache\SP2.CAT

[2009-01-24 20:22:25 | 00,808,234 | | C] () C:\WINDOWS\System32\dllcache\NT5IIS.CAT

[2009-01-24 20:22:25 | 00,399,670 | | C] () C:\WINDOWS\System32\dllcache\MAPIMIG.CAT

[2009-01-24 20:22:25 | 00,102,826 | | C] () C:\WINDOWS\System32\dllcache\tabletpc.cat

[2009-01-24 20:22:25 | 00,037,509 | | C] () C:\WINDOWS\System32\dllcache\MW770.CAT

[2009-01-24 20:22:25 | 00,031,965 | | C] () C:\WINDOWS\System32\dllcache\mediactr.cat

[2009-01-24 20:22:25 | 00,030,983 | | C] () C:\WINDOWS\System32\dllcache\FP4.CAT

[2009-01-24 20:22:25 | 00,014,043 | | C] () C:\WINDOWS\System32\dllcache\IMS.CAT

[2009-01-24 20:22:25 | 00,009,581 | | C] () C:\WINDOWS\System32\dllcache\MSMSGS.CAT

[2009-01-24 20:22:25 | 00,008,599 | | C] () C:\WINDOWS\System32\dllcache\IASNT4.CAT

[2009-01-24 20:22:25 | 00,007,407 | | C] () C:\WINDOWS\System32\dllcache\OEMBIOS.CAT

[2009-01-24 20:22:25 | 00,007,334 | | C] () C:\WINDOWS\System32\dllcache\wmerrenu.cat

[2009-01-24 20:22:25 | 00,007,245 | | C] () C:\WINDOWS\System32\dllcache\MSTSWEB.CAT

[2009-01-24 20:22:24 | 01,895,804 | | C] () C:\WINDOWS\System32\dllcache\NT5.CAT

[2009-01-24 20:22:24 | 00,620,790 | | C] () C:\WINDOWS\System32\dllcache\NT5INF.CAT

[2009-01-24 19:26:06 | 00,004,444 | | C] () C:\WINDOWS\System32\pid.PNF

[2009-01-24 18:26:18 | 00,000,000 | -D | C] C:\WINDOWS\setup.pss

[2009-01-24 15:45:36 | 00,000,000 | -D | C] C:\Documents and Settings\EM-GRUPPEN\Skrivbord\20090124

[2009-01-24 14:06:42 | 00,000,000 | -D | C] C:\Documents and Settings\EM-GRUPPEN\Mina dokument\20090124

[2009-01-17 14:03:51 | 00,000,000 | -D | C] C:\Documents and Settings\EM-GRUPPEN\Lokala inställningar\Application Data\Symantec

[2009-01-15 00:18:02 | 00,001,586 | | C] () C:\Documents and Settings\EM-GRUPPEN\Skrivbord\HijackThis.lnk

[2009-01-15 00:18:01 | 00,000,000 | -D | C] C:\Program\Trend Micro

[2009-01-14 22:40:43 | 00,000,000 | -D | C] C:\Documents and Settings\EM-GRUPPEN\Application Data\Malwarebytes

[2009-01-14 22:40:41 | 00,000,572 | | C] () C:\Documents and Settings\All Users\Skrivbord\Malwarebytes' Anti-Malware.lnk

[2009-01-14 22:40:40 | 00,015,504 | | C] (Malwarebytes Corporation) C:\WINDOWS\System32\drivers\mbam.sys

[2009-01-14 22:40:38 | 00,038,496 | | C] (Malwarebytes Corporation) C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2009-01-14 22:40:36 | 00,000,000 | -D | C] C:\Program\Malwarebytes' Anti-Malware

 

[2009-01-14 22:40:36 | 00,000,000 | -D | C] C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2009-01-13 21:47:26 | 00,000,644 | | C] () C:\Documents and Settings\All Users\Skrivbord\SUPERAntiSpyware Free Edition.lnk

[2009-01-13 21:46:56 | 00,000,000 | -D | C] C:\Program\Delade filer\Wise Installation Wizard

[2009-01-09 19:55:53 | 01,248,348 | | C] () C:\WINDOWS\System32\drivers\NIS\1002000.007\Cat.DB

[2009-01-09 14:43:50 | 00,309,296 | | C] (Symantec Corporation) C:\WINDOWS\System32\drivers\NIS\1002000.007\SymEFA.sys

[2009-01-09 14:43:50 | 00,198,192 | | C] (Symantec Corporation) C:\WINDOWS\System32\drivers\NIS\1002000.007\symtdi.sys

[2009-01-09 14:43:50 | 00,089,904 | | C] (Symantec Corporation) C:\WINDOWS\System32\drivers\NIS\1002000.007\symfw.sys

[2009-01-09 14:43:50 | 00,040,496 | | C] (Symantec Corporation) C:\WINDOWS\System32\drivers\NIS\1002000.007\symndisv.sys

[2009-01-09 14:43:50 | 00,037,424 | | C] (Symantec Corporation) C:\WINDOWS\System32\drivers\NIS\1002000.007\symndis.sys

[2009-01-09 14:43:50 | 00,034,608 | | C] (Symantec Corporation) C:\WINDOWS\System32\drivers\NIS\1002000.007\symids.sys

[2009-01-09 14:43:50 | 00,024,624 | | C] (Symantec Corporation) C:\WINDOWS\System32\drivers\NIS\1002000.007\symredrv.sys

[2009-01-09 14:43:50 | 00,012,976 | | C] (Symantec Corporation) C:\WINDOWS\System32\drivers\NIS\1002000.007\symdns.sys

[2009-01-09 14:43:50 | 00,010,858 | | C] () C:\WINDOWS\System32\drivers\NIS\1002000.007\SymNet.cat

[2009-01-09 14:43:50 | 00,008,428 | | C] () C:\WINDOWS\System32\drivers\NIS\1002000.007\SymEFA.cat

[2009-01-09 14:43:50 | 00,003,373 | | C] () C:\WINDOWS\System32\drivers\NIS\1002000.007\SymEFA.inf

[2009-01-09 14:43:50 | 00,001,609 | | C] () C:\WINDOWS\System32\drivers\NIS\1002000.007\SymNet.inf

[2009-01-09 14:43:49 | 00,306,736 | | C] (Symantec Corporation) C:\WINDOWS\System32\drivers\NIS\1002000.007\srtsp.sys

[2009-01-09 14:43:49 | 00,255,536 | | C] (Symantec Corporation) C:\WINDOWS\System32\drivers\NIS\1002000.007\BHDrvx86.sys

[2009-01-09 14:43:49 | 00,043,696 | | C] (Symantec Corporation) C:\WINDOWS\System32\drivers\NIS\1002000.007\srtspx.sys

[2009-01-09 14:43:49 | 00,008,390 | | C] () C:\WINDOWS\System32\drivers\NIS\1002000.007\srtspx.cat

[2009-01-09 14:43:49 | 00,008,386 | | C] () C:\WINDOWS\System32\drivers\NIS\1002000.007\srtsp.cat

[2009-01-09 14:43:49 | 00,008,382 | | C] () C:\WINDOWS\System32\drivers\NIS\1002000.007\BHDrvx86.CAT

[2009-01-09 14:43:49 | 00,001,388 | | C] () C:\WINDOWS\System32\drivers\NIS\1002000.007\srtspx.inf

[2009-01-09 14:43:49 | 00,001,382 | | C] () C:\WINDOWS\System32\drivers\NIS\1002000.007\srtsp.inf

[2009-01-09 14:43:49 | 00,000,640 | | C] () C:\WINDOWS\System32\drivers\NIS\1002000.007\BHDrvx86.inf

[2009-01-09 14:43:02 | 00,000,172 | | C] () C:\WINDOWS\System32\drivers\NIS\1002000.007\isolate.ini

[2009-01-09 14:43:02 | 00,000,000 | -D | C] C:\WINDOWS\System32\drivers\NIS\1002000.007

[2009-01-09 11:44:44 | 00,000,000 | -D | C] C:\Documents and Settings\All Users\Application Data\Symantec

[2009-01-09 11:43:08 | 00,036,272 | R- | C] (Symantec Corporation) C:\WINDOWS\System32\drivers\SymIM.sys

[2009-01-09 11:42:29 | 00,124,464 | | C] (Symantec Corporation) C:\WINDOWS\System32\drivers\SYMEVENT.SYS

[2009-01-09 11:42:29 | 00,060,808 | | C] (Symantec Corporation) C:\WINDOWS\System32\S32EVNT1.DLL

[2009-01-09 11:42:29 | 00,010,635 | | C] () C:\WINDOWS\System32\drivers\SYMEVENT.CAT

[2009-01-09 11:42:29 | 00,000,806 | | C] () C:\WINDOWS\System32\drivers\SYMEVENT.INF

[2009-01-09 11:42:29 | 00,000,000 | -D | C] C:\Program\Symantec

[2009-01-09 11:42:29 | 00,000,000 | -D | C] C:\Program\Delade filer\Symantec Shared

[2009-01-09 11:42:22 | 00,001,816 | | C] () C:\Documents and Settings\All Users\Skrivbord\Norton Internet Security.lnk

[2009-01-09 11:42:05 | 00,000,000 | -D | C] C:\WINDOWS\System32\drivers\NIS

[2009-01-09 11:42:03 | 00,000,000 | -D | C] C:\Program\Windows Sidebar

[2009-01-09 11:42:03 | 00,000,000 | -D | C] C:\Program\Norton Internet Security

[2009-01-09 11:38:42 | 00,000,000 | -D | C] C:\Program\MSBuild

[2009-01-09 11:38:38 | 00,000,000 | -D | C] C:\WINDOWS\System32\XPSViewer

[2009-01-09 11:38:34 | 00,000,000 | -D | C] C:\WINDOWS\System32\en-us

[2009-01-09 11:38:33 | 00,000,000 | -D | C] C:\Program\Reference Assemblies

[2009-01-09 11:38:02 | 00,014,048 | | C] (Microsoft Corporation) C:\WINDOWS\System32\spmsg2.dll

[2009-01-09 11:23:58 | 00,000,000 | -D | C] C:\73d4a314f5e7d26af146302d

[2009-01-09 11:00:00 | 00,000,000 | -D | C] C:\Documents and Settings\All Users\Application Data\Norton

[2009-01-09 10:59:54 | 00,000,000 | -D | C] C:\Program\NortonInstaller

[2009-01-09 10:23:33 | 00,000,000 | -D | C] C:\Documents and Settings\All Users\Application Data\NortonInstaller

[2009-01-07 14:03:39 | 00,000,000 | -D | C] C:\Program\Delade filer\Macrovision Shared

[2009-01-07 13:59:05 | 00,073,728 | | C] () C:\WINDOWS\System32\xa59066890.exe

[2009-01-07 13:59:05 | 00,073,728 | | C] () C:\WINDOWS\System32\xa59066687.exe

[2009-01-06 16:49:40 | 00,000,000 | -D | C] C:\Documents and Settings\EM-GRUPPEN\Lokala inställningar\Application Data\ACD Systems

[2009-01-06 16:49:39 | 00,000,000 | -D | C] C:\Documents and Settings\EM-GRUPPEN\Application Data\ACD Systems

[2009-01-06 16:49:02 | 00,002,531 | | C] () C:\Documents and Settings\All Users\Skrivbord\ACDSee Photo Manager 2009.lnk

[2009-01-06 16:48:55 | 00,000,000 | -D | C] C:\Documents and Settings\All Users\Application Data\ACD Systems

[2009-01-06 16:48:46 | 00,000,000 | -D | C] C:\Program\Delade filer\ACD Systems

[2009-01-06 16:48:46 | 00,000,000 | -D | C] C:\Program\ACD Systems

[2009-01-06 16:43:16 | 00,000,000 | -D | C] C:\Documents and Settings\EM-GRUPPEN\Lokala inställningar\Application Data\Downloaded Installations

[2009-01-06 04:06:51 | 00,001,879 | | C] () C:\WINDOWS\System32\%LocalXml%

[2009-01-03 15:46:33 | 00,001,722 | | C] () C:\Documents and Settings\All Users\Skrivbord\Mobile Connect.lnk

[2009-01-02 15:15:39 | 00,000,000 | -D | C] C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files

[2009-01-01 20:13:38 | 00,001,657 | | C] () C:\Documents and Settings\EM-GRUPPEN\Skrivbord\Motocross Madness 2.lnk

[2009-01-01 20:10:40 | 00,000,000 | -D | C] C:\Program\Microsoft Games

[2008-12-29 17:06:28 | 00,000,000 | -D | C] C:\Documents and Settings\All Users\Dokument\microsoft

[2008-12-29 16:50:39 | 00,000,000 | -D | C] C:\Program\Delade filer\Windows Live

[2008-12-28 16:07:10 | 00,267,112 | | C] (Microsoft Corporation) C:\WINDOWS\System32\xactengine2_9.dll

[2008-12-28 16:07:09 | 03,727,720 | | C] (Microsoft Corporation) C:\WINDOWS\System32\d3dx9_35.dll

[2008-12-28 16:07:09 | 01,358,192 | | C] (Microsoft Corporation) C:\WINDOWS\System32\D3DCompiler_35.dll

[2008-12-28 16:07:09 | 00,444,776 | | C] (Microsoft Corporation) C:\WINDOWS\System32\d3dx10_35.dll

[2008-12-28 16:07:07 | 01,124,720 | | C] (Microsoft Corporation) C:\WINDOWS\System32\D3DCompiler_34.dll

[2008-12-28 16:07:07 | 00,443,752 | | C] (Microsoft Corporation) C:\WINDOWS\System32\d3dx10_34.dll

[2008-12-28 16:07:07 | 00,266,088 | | C] (Microsoft Corporation) C:\WINDOWS\System32\xactengine2_8.dll

[2008-12-28 16:07:07 | 00,018,280 | | C] (Microsoft Corporation) C:\WINDOWS\System32\x3daudio1_2.dll

[2008-12-28 16:07:05 | 03,497,832 | | C] (Microsoft Corporation) C:\WINDOWS\System32\d3dx9_34.dll

[2008-12-28 16:07:03 | 00,081,768 | | C] (Microsoft Corporation) C:\WINDOWS\System32\xinput1_3.dll

[2008-12-28 16:06:59 | 00,261,480 | | C] (Microsoft Corporation) C:\WINDOWS\System32\xactengine2_7.dll

[2008-12-28 16:06:54 | 00,443,752 | | C] (Microsoft Corporation) C:\WINDOWS\System32\d3dx10_33.dll

[2008-12-28 16:06:53 | 01,123,696 | | C] (Microsoft Corporation) C:\WINDOWS\System32\D3DCompiler_33.dll

[2008-12-28 16:06:48 | 03,495,784 | | C] (Microsoft Corporation) C:\WINDOWS\System32\d3dx9_33.dll

[2008-12-28 16:06:47 | 00,255,848 | | C] (Microsoft Corporation) C:\WINDOWS\System32\xactengine2_6.dll

[2008-12-28 16:06:47 | 00,251,672 | | C] (Microsoft Corporation) C:\WINDOWS\System32\xactengine2_5.dll

[2008-12-28 16:06:46 | 00,237,848 | | C] (Microsoft Corporation) C:\WINDOWS\System32\xactengine2_4.dll

[2008-12-28 16:06:46 | 00,015,128 | | C] (Microsoft Corporation) C:\WINDOWS\System32\x3daudio1_1.dll

[2008-12-28 16:06:45 | 02,414,360 | | C] (Microsoft Corporation) C:\WINDOWS\System32\d3dx9_31.dll

[2008-12-28 16:06:44 | 00,236,824 | | C] (Microsoft Corporation) C:\WINDOWS\System32\xactengine2_3.dll

[2008-12-28 16:06:44 | 00,062,744 | | C] (Microsoft Corporation) C:\WINDOWS\System32\xinput1_2.dll

[2008-12-28 16:06:43 | 00,230,168 | | C] (Microsoft Corporation) C:\WINDOWS\System32\xactengine2_2.dll

[2008-12-28 16:06:42 | 00,062,672 | | C] (Microsoft Corporation) C:\WINDOWS\System32\xinput1_1.dll

[2008-12-28 16:06:41 | 00,229,584 | | C] (Microsoft Corporation) C:\WINDOWS\System32\xactengine2_1.dll

[2008-12-28 16:06:22 | 02,388,176 | | C] (Microsoft Corporation) C:\WINDOWS\System32\d3dx9_30.dll

[2008-12-28 16:06:19 | 00,230,096 | | C] (Microsoft Corporation) C:\WINDOWS\System32\xactengine2_0.dll

[2008-12-28 16:06:19 | 00,014,032 | | C] (Microsoft Corporation) C:\WINDOWS\System32\x3daudio1_0.dll

[2008-12-28 16:06:18 | 02,332,368 | | C] (Microsoft Corporation) C:\WINDOWS\System32\d3dx9_29.dll

[2008-12-28 16:06:16 | 02,323,664 | | C] (Microsoft Corporation) C:\WINDOWS\System32\d3dx9_28.dll

[2008-12-28 16:06:15 | 00,061,136 | | C] (Microsoft Corporation) C:\WINDOWS\System32\xinput9_1_0.dll

[2008-12-28 16:06:13 | 02,319,568 | | C] (Microsoft Corporation) C:\WINDOWS\System32\d3dx9_27.dll

[2008-12-28 16:06:12 | 02,297,552 | | C] (Microsoft Corporation) C:\WINDOWS\System32\d3dx9_26.dll

[2008-12-28 16:06:11 | 02,337,488 | | C] (Microsoft Corporation) C:\WINDOWS\System32\d3dx9_25.dll

[2008-12-28 16:06:01 | 02,222,800 | | C] (Microsoft Corporation) C:\WINDOWS\System32\d3dx9_24.dll

[2008-12-28 16:00:07 | 00,000,000 | -D | C] C:\Program\City Interactive

[2008-12-26 15:38:12 | 00,000,000 | -D | C] C:\Documents and Settings\EM-GRUPPEN\Mina dokument\CyberLink

 

========== Files - Modified Within 30 Days ==========

 

[2 C:\WINDOWS\System32\*.tmp files]

[5 C:\WINDOWS\*.tmp files]

[2009-01-25 02:05:00 | 00,000,420 | -H | M] () C:\WINDOWS\tasks\User_Feed_Synchronization-{A60964E8-3EA6-4B4E-87B6-22D5A205A846}.job

[2009-01-25 01:58:47 | 40,390,656 | | M] () C:\Documents and Settings\EM-GRUPPEN\Mina dokument\IGLO Lufttät.indd

[2009-01-25 01:58:26 | 00,422,912 | | M] (OldTimer Tools) C:\Documents and Settings\EM-GRUPPEN\Skrivbord\OTViewIt.exe

[2009-01-24 22:20:26 | 00,000,604 | | M] () C:\Documents and Settings\EM-GRUPPEN\Mina dokument\Mina delade mappar.lnk

[2009-01-24 22:03:40 | 00,000,143 | -HS- | M] () C:\Documents and Settings\EM-GRUPPEN\Mina dokument\desktop.ini

[2009-01-24 22:03:39 | 00,012,676 | | M] () C:\WINDOWS\System32\wpa.dbl

[2009-01-24 22:03:31 | 00,012,676 | | M] () C:\WINDOWS\System32\wpa.bak

[2009-01-24 22:02:06 | 01,071,296 | | M] () C:\WINDOWS\System32\PerfStringBackup.INI

[2009-01-24 22:02:06 | 00,449,636 | | M] () C:\WINDOWS\System32\perfh01D.dat

[2009-01-24 22:02:06 | 00,447,638 | | M] () C:\WINDOWS\System32\perfh009.dat

[2009-01-24 22:02:06 | 00,086,252 | | M] () C:\WINDOWS\System32\perfc01D.dat

[2009-01-24 22:02:06 | 00,073,998 | | M] () C:\WINDOWS\System32\perfc009.dat

[2009-01-24 22:01:23 | 02,308,888 | | M] () C:\WINDOWS\System32\FNTCACHE.DAT

[2009-01-24 21:57:53 | 00,000,006 | -H | M] () C:\WINDOWS\tasks\SA.DAT

[2009-01-24 21:57:30 | 00,002,048 | S- | M] () C:\WINDOWS\bootstat.dat

[2009-01-24 21:57:03 | 01,248,348 | | M] () C:\WINDOWS\System32\drivers\NIS\1002000.007\Cat.DB

[2009-01-24 21:56:10 | 00,000,633 | | M] () C:\WINDOWS\System32\$winnt$.inf

[2009-01-24 20:57:04 | 00,316,640 | | M] () C:\WINDOWS\WMSysPr9.prx

[2009-01-24 20:56:46 | 00,000,084 | -HS- | M] () C:\Documents and Settings\All Users\Start-meny\Program\Autostart\desktop.ini

[2009-01-24 20:56:45 | 00,000,000 | | M] () C:\CONFIG.SYS

[2009-01-24 20:56:45 | 00,000,000 | | M] () C:\AUTOEXEC.BAT

[2009-01-24 20:56:40 | 00,023,392 | | M] () C:\WINDOWS\System32\nscompat.tlb

[2009-01-24 20:56:40 | 00,016,832 | | M] () C:\WINDOWS\System32\amcompat.tlb

[2009-01-24 20:56:22 | 00,004,473 | | M] () C:\WINDOWS\ODBCINST.INI

[2009-01-24 20:54:23 | 00,000,668 | | M] () C:\WINDOWS\win.ini

[2009-01-24 20:42:46 | 00,000,211 | -HS- | M] () C:\boot.ini

[2009-01-24 20:25:35 | 00,004,128 | | M] () C:\INFCACHE.1

[2009-01-24 20:22:51 | 00,000,227 | | M] () C:\WINDOWS\system.ini

[2009-01-24 20:22:26 | 00,000,062 | -HS- | M] () C:\Documents and Settings\All Users\Dokument\desktop.ini

[2009-01-24 20:22:26 | 00,000,062 | -HS- | M] () C:\Documents and Settings\All Users\Application Data\desktop.ini

[2009-01-24 19:26:42 | 00,004,444 | | M] () C:\WINDOWS\System32\pid.PNF

[2009-01-24 17:58:26 | 00,034,304 | -HS- | M] () C:\Documents and Settings\All Users\Dokument\Thumbs.db

[2009-01-24 16:06:04 | 05,821,020 | -HS- | M] () C:\Documents and Settings\EM-GRUPPEN\Mina dokument\Thumbs.db

[2009-01-24 16:00:26 | 00,002,531 | | M] () C:\Documents and Settings\All Users\Skrivbord\ACDSee Photo Manager 2009.lnk

[2009-01-24 14:04:46 | 00,001,917 | | M] () C:\WINDOWS\imsins.BAK

[2009-01-20 21:00:00 | 01,526,798 | -HS- | M] () C:\Documents and Settings\EM-GRUPPEN\Skrivbord\Thumbs.db

[2009-01-20 10:57:26 | 00,057,856 | | M] () C:\Documents and Settings\EM-GRUPPEN\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-01-15 00:18:04 | 00,001,586 | | M] () C:\Documents and Settings\EM-GRUPPEN\Skrivbord\HijackThis.lnk

[2009-01-14 22:40:42 | 00,000,572 | | M] () C:\Documents and Settings\All Users\Skrivbord\Malwarebytes' Anti-Malware.lnk

[2009-01-14 16:11:32 | 00,038,496 | | M] (Malwarebytes Corporation) C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2009-01-14 16:11:28 | 00,015,504 | | M] (Malwarebytes Corporation) C:\WINDOWS\System32\drivers\mbam.sys

[2009-01-13 21:47:28 | 00,000,644 | | M] () C:\Documents and Settings\All Users\Skrivbord\SUPERAntiSpyware Free Edition.lnk

[2009-01-10 02:35:28 | 20,853,704 | | M] (Microsoft Corporation) C:\WINDOWS\System32\MRT.exe

[2009-01-09 19:51:04 | 00,001,816 | | M] () C:\Documents and Settings\All Users\Skrivbord\Norton Internet Security.lnk

[2009-01-09 14:43:04 | 00,000,172 | | M] () C:\WINDOWS\System32\drivers\NIS\1002000.007\isolate.ini

[2009-01-09 11:44:32 | 00,058,528 | | M] () C:\Documents and Settings\EM-GRUPPEN\Lokala inställningar\Application Data\GDIPFONTCACHEV1.DAT

[2009-01-09 11:42:30 | 00,124,464 | | M] (Symantec Corporation) C:\WINDOWS\System32\drivers\SYMEVENT.SYS

[2009-01-09 11:42:30 | 00,060,808 | | M] (Symantec Corporation) C:\WINDOWS\System32\S32EVNT1.DLL

[2009-01-09 11:42:30 | 00,010,635 | | M] () C:\WINDOWS\System32\drivers\SYMEVENT.CAT

[2009-01-09 11:42:30 | 00,000,806 | | M] () C:\WINDOWS\System32\drivers\SYMEVENT.INF

[2009-01-09 09:44:42 | 00,000,057 | | M] () C:\WINDOWS\System32\mapisvc.inf

[2009-01-08 23:37:42 | 00,001,879 | | M] () C:\WINDOWS\System32\%LocalXml%

[2009-01-07 13:59:06 | 00,073,728 | | M] () C:\WINDOWS\System32\xa59066890.exe

[2009-01-07 13:59:06 | 00,073,728 | | M] () C:\WINDOWS\System32\xa59066687.exe

[2009-01-03 15:46:34 | 00,001,722 | | M] () C:\Documents and Settings\All Users\Skrivbord\Mobile Connect.lnk

[2009-01-01 20:13:40 | 00,001,657 | | M] () C:\Documents and Settings\EM-GRUPPEN\Skrivbord\Motocross Madness 2.lnk

< End of report >[/log]

 

 

 

Nu kommer nummer 2.......

 

 

[log]OTViewIt Extras logfile created on: 2009-01-25 02:06:13 - Run

OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\EM-GRUPPEN\Skrivbord

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

1.25 Gb Total Physical Memory | 0.89 Gb Available Physical Memory | 71.57% Memory free

2.98 Gb Paging File | 2.66 Gb Available in Paging File | 89.47% Paging File free

Paging file location(s): C:\pagefile.sys 1920 3840;

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 55.90 Gb Total Space | 31.20 Gb Free Space | 55.82% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: ACER-G3388DKE8U

Current User Name: EM-GRUPPEN

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.txt [@ = Reg Error: Value does not exist or could not be read.] Reg Error: Key does not exist or could not be opened. File not found

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"AntiVirusDisableNotify"=0

"FirewallDisableNotify"=1

"UpdatesDisableNotify"=0

"AntiVirusOverride"=0

"FirewallOverride"=0

"FirstRunDisabled"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

"EnableFirewall"=0

"DisableNotifications"=0

"DoNotAllowExceptions"=0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[2004-08-04 13:00:00 | 00,140,800 | | M] (Microsoft Corporation) %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[2008-04-13 20:53:32 | 00,558,080 | | M] (Microsoft Corporation) %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[2006-11-13 15:41:08 | 00,199,464 | | M] (Microsoft Corporation) C:\Program\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

[2006-11-13 15:41:18 | 01,289,000 | | M] (Microsoft Corporation) C:\Program\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

[2006-11-13 15:41:20 | 04,279,080 | | M] (Microsoft Corporation) C:\Program\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

[2007-10-18 11:35:08 | 05,724,184 | | M] (Microsoft Corporation) C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[2007-10-02 17:18:24 | 00,304,488 | | M] (Microsoft Corporation) C:\Program\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

[2004-08-04 13:00:00 | 00,140,800 | | M] (Microsoft Corporation) %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[2008-04-14 18:05:14 | 01,695,232 | | M] (Microsoft Corporation) C:\Program\Messenger\msmsgs.exe:*:Enabled:Windows Messenger

[2008-04-13 20:53:32 | 00,558,080 | | M] (Microsoft Corporation) %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[2006-03-02 11:55:24 | 00,634,947 | | M] (Intuwave Ltd.) C:\Program\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe:*:Disabled:mRouterRuntime

[2008-12-17 13:17:10 | 01,347,360 | | M] (CNET Networks) C:\Program\FerretSoft\WebFerret\WebFerret.exe:*:Enabled:WebFerret 5.0

[2004-08-04 13:00:00 | 00,093,184 | | M] (Microsoft Corporation) C:\Program\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer

[2007-05-02 11:19:34 | 01,589,248 | R- | M] (Popwire AB) C:\Program\Sony Ericsson\Mobile4\Sync Manager\DXP SyncML.exe:*:Enabled:DXP SyncML Module

[2006-11-13 15:41:08 | 00,199,464 | | M] (Microsoft Corporation) C:\Program\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

[2006-11-13 15:41:18 | 01,289,000 | | M] (Microsoft Corporation) C:\Program\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

[2006-11-13 15:41:20 | 04,279,080 | | M] (Microsoft Corporation) C:\Program\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

File not found C:\Program\uTorrent\uTorrent.exe:*:Enabled:µTorrent

File not found C:\Program\DC++\DCPlusPlus.exe:*:Enabled:DC++

File not found C:\Program\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour

File not found C:\Program\Skype\Phone\Skype.exe:*:Enabled:Skype

[2003-05-23 14:15:00 | 00,401,454 | | M] (Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421) C:\Program\WS_FTP Pro\wsftppro.exe:*:Enabled:WS_FTP Pro Application

[2008-12-19 21:50:00 | 00,342,848 | | M] (BitTorrent, Inc.) C:\Program\DNA\btdna.exe:*:Enabled:DNA

File not found C:\Program\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

[2000-05-19 19:23:58 | 01,577,005 | | M] (Rainbow Multimedia Group, Inc) C:\Program\Microsoft Games\Motocross Madness 2\MCM2.EXE:*:Enabled:Microsoft® Motocross Madness 2

[2008-08-14 07:58:34 | 00,611,712 | | M] (Adobe Systems Incorporated) C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4

File not found C:\Documents and Settings\EM-GRUPPEN\Lokala inställningar\Temp\WZSE0.TMP\SymNRT.exe:*:Enabled:Norton Removal Tool

[2007-10-18 11:35:08 | 05,724,184 | | M] (Microsoft Corporation) C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[2007-10-02 17:18:24 | 00,304,488 | | M] (Microsoft Corporation) C:\Program\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

shell shell protocol not assigned

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

shell shell protocol not assigned

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

shell shell protocol not assigned

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

shell shell protocol not assigned

 

========== (O18) Protocol Handlers ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

ipp: [HKLM - No CLSID value]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2005-09-20 12:33:58 | 00,843,984 | | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2007-10-18 11:31:54 | 00,066,072 | | M] (Microsoft Corporation) C:\Program\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

msdaipp: [HKLM - No CLSID value]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2005-09-20 12:33:58 | 00,843,984 | | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2005-09-20 12:33:58 | 00,843,984 | | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2007-10-18 11:31:54 | 00,066,072 | | M] (Microsoft Corporation) C:\Program\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2007-03-14 13:10:22 | 07,255,384 | | M] (Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\Web Components\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2007-05-10 13:45:34 | 08,069,464 | | M] (Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\Web Components\11\OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2008-12-12 04:28:18 | 00,344,944 | R- | M] (Symantec Corporation) C:\Program\Norton Internet Security\Engine\16.2.0.7\CoIEPlg.dll (symres:{AA1061FE-6C41-421f-9344-69640C9732AB} (HKLM) [Reg Error: Value does not exist or could not be read.])

 

========== (O18) Protocol Filters ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters

[2007-04-19 13:57:40 | 00,046,432 | | M] (Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\OFFICE11\MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}"=Adobe Color NA Recommended Settings CS4

"{03CDDD00-BD57-4326-9480-4C74449AF597}"=PhotoStitch

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}"=Adobe Update Manager CS4

"{054EFA56-2AC1-48F4-A883-0AB89874B972}"=Adobe Extension Manager CS4

"{095659A2-739F-4D9A-A916-66C7CAD16F9E}"=Canon Camera WIA Driver

"{098727E1-775A-4450-B573-3F441F1CA243}"=kuler

"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}"=ATI Control Panel

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}"=Adobe Color JA Extra Settings CS4

"{0F723FC1-7606-4867-866C-CE80AD292DAF}"=Adobe CSI CS4

"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}"=Adobe SGM CS4

"{1618734A-3957-4ADD-8199-F973763109A8}"=Adobe Anchor Service CS4

"{16E16F01-2E2D-4248-A42F-76261C147B6C}"=Adobe Drive CS4

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}"=AdobeColorCommonSetRGB

"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}"=Adobe InDesign CS4

"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}"=Adobe InDesign CS4 Icon Handler

"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}"=Google Earth

"{1E76BE75-F256-4BA4-A9A3-F433AD3D2D00}"=Sony Ericsson PC Suite for Smartphones

"{20503DFE-E5B2-491E-B2C5-8BCB5BF5B9E9}"=Windows Live Messenger

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java 6 Update 11

"{2BA00471-0328-3743-93BD-FA813353A783}"=Microsoft .NET Framework 3.0 Service Pack 1

"{2BAF2B96-7560-48B4-87D4-10178DDBE217}"=Adobe InDesign CS4 Application Feature Set Files (Roman)

"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}"=Microsoft .NET Framework 3.5

"{300578F9-9EFF-4B93-9AB1-C0E5707EF463}"=ACDSee Photo Manager 2009

"{350C941d-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}"=PDF Settings CS4

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}"=Adobe XMP Panels CS4

"{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}"=Macromedia Flash MX

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}"=Adobe WinSoft Linguistics Plugin

"{3EAAC5FD-E209-4856-8C49-D4EA40F85032}"=Mobile Connect

"{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}"=Google Earth

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}"=Adobe Service Manager Extension

"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}"=Adobe SING CS4

"{4D826618-59C6-11D4-976E-00C04F8EEB39}"=Macromedia FreeHand 10

"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}"=Adobe Color EU Extra Settings CS4

"{5ADA9741-0570-4096-B5FE-1D55E57537D4}"=Camera Window

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}"=PowerDVD

"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable

"{7689CA7A-1270-425A-9959-EB4CB25EA29A}"=Sony Ericsson PC Suite 1.20.224

"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}"=Adobe InDesign CS4 Common Base Files

"{7F4C8163-F259-49A0-A018-2857A90578BC}"=Adobe InDesign CS2

"{7FBF377B-21EB-381B-BDC4-8935957E7FCF}"=Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - SVE

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}"=Adobe Type Support CS4

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}"=Adobe Bridge CS4

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}"=Suite Shared Configuration CS4

"{8A16A4FC-B43F-46A6-8DB5-C42B145EBFBD}"=Windows Live Writer

"{8B4AB829-DFD3-436D-B808-D9733D76C590}"=Macromedia Dreamweaver MX

"{90110409-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Professional Edition 2003

"{9011041D-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Professional Edition 2003

"{9028041D-6000-11D3-8CFE-0050048383C9}"=Microsoft Office XP Professional med FrontPage

"{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}"=Adobe Illustrator CS

"{930B2432-43D4-11D5-9871-00C04F8EEB39}"=Macromedia Fireworks MX

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}"=Adobe Linguistics CS4

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}"=Adobe CMaps CS4

"{95120000-00B9-0409-0000-0000000FF1CE}"=Microsoft Application Error Reporting

"{99052DB7-9592-4522-A558-5417BBAD48EE}"=Microsoft ActiveSync

"{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}"=

"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}"=Macromedia Extension Manager

"{A899DA1F-D626-401C-8651-F2921E3B4CB3}"=3Connect

"{AC76BA86-1033-0000-7760-000000000002}"=Adobe Acrobat 7.0 Professional

"{AC76BA86-7AD7-1053-7B44-A81300000003}"=Adobe Reader 8.1.3 - Svenska

"{AC76BA86-7AD7-5464-3428-800000000003}"=Spelling Dictionaries Support For Adobe Reader 8

"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}"=Windows Live inloggningsassistenten

"{B29AD377-CC12-490A-A480-1452337C618D}"=Connect

"{B508B3F1-A24A-32C0-B310-85786919EF28}"=Microsoft .NET Framework 2.0 Service Pack 1

"{B651B3EC-1827-4CF5-8398-397B789E3151}"=File Viewer Utility 1.2.1

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}"=Adobe Output Module

"{C151CE54-E7EA-4804-854B-F515368B0798}"=Athlon 64 Processor Driver

"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}"=Canon Utilities ZoomBrowser EX

"{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}"=NTI CD & DVD-Maker

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}"=Adobe Default Language CS4

"{CA1CA5F8-7500-45C5-9D4C-47D13FBC92D2}"=Adobe Setup

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1

"{CB84F0F2-927B-458D-9DC5-87832E3DC653}"=GearDrvs

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}"=Photoshop Camera Raw

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}"=SUPERAntiSpyware Free Edition

"{CF6E4D8E-F6F3-40DF-B6C9-BA379F4E9FA3}"=RemoteCapture 2.7.1

"{E5FCED12-3E77-4C0E-A305-5AEB38A52A70}"=AdobeColorCommonSetCMYK

"{ED14F9FF-12A5-3BB6-A0D9-67B45FB16BF9}"=Microsoft .NET Framework 3.5 Language Pack - sve

"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}"=Adobe Photoshop CS

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}"=Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}"=Adobe Search for Help

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}"=Adobe ExtendScript Toolkit CS4

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}"=Adobe PDF Library Files CS4

"{F997D0C2-CB08-3EE1-AF54-F2BA00CCB819}"=Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - SVE

"{FB08F381-6533-4108-B7DD-039E11FBC27E}"=Realtek AC'97 Audio

"{FC18114B-05A0-11D6-8140-000102E745A6}"=Sony Ericsson PC Suite 3.2.0

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}"=Adobe Fonts All

"{FE90E9E7-A158-4687-8853-DF677A939A61}"=WIDCOMM Bluetooth Software

"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}"=Disc2Phone

"Adobe Acrobat 7.0 Professional"=Adobe Acrobat 7.1.0 Professional

"Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX

"Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}"=Adobe InDesign CS2

"Adobe Shockwave Player"=Adobe Shockwave Player 11

"Adobe SVG Viewer"=Adobe SVG Viewer 3.0

"Adobe_1710d324011afc3e7658e969025f4ba"=Adobe InDesign CS4

"Agere Systems Soft Modem"=Agere Systems AC'97 Modem

"All ATI Software"=ATI - Hjälp för avinstallation av program

"ATI Display Driver"=ATI Display Driver

"DFU Demonstrator"=DFU Demonstrator

"DivXCodec"=DivX 4.12 Codec

"Elecard MPEG 2 Player"=Elecard MPEG 2 Player Version 1.35

"Ferrari 3200"=Ferrari 3200

"FerrariWallPaper"=FerrariWallPaper (remove only)

"FTDICOMM"=SEMC DSS SyncStation Driver

"HijackThis"=HijackThis 2.0.2

"Huawei Modems"=Huawei Modems

"Indeo® Software"=Indeo® Software

"InstallShield_{03CDDD00-BD57-4326-9480-4C74449AF597}"=Canon Utilities PhotoStitch 3.1

"InstallShield_{095659A2-739F-4D9A-A916-66C7CAD16F9E}"=Canon EOS 10D WIA Driver

"InstallShield_{5ADA9741-0570-4096-B5FE-1D55E57537D4}"=Canon Camera Window for ZoomBrowser EX

"InstallShield_{B651B3EC-1827-4CF5-8398-397B789E3151}"=Canon Utilities File Viewer Utility 1.2

"InstallShield_{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}"=NTI CD & DVD-Maker Gold

"InstallShield_{CF6E4D8E-F6F3-40DF-B6C9-BA379F4E9FA3}"=Canon Utilities RemoteCapture 2.7

"LManager"=Launch Manager

"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware

"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5"=Microsoft .NET Framework 3.5

"Microsoft .NET Framework 3.5 Language Pack - sve"=Språkpaket för Microsoft .NET Framework 3.5 - Swedish

"Motocross Madness 2"=Microsoft Motocross Madness 2

"mRouterRuntime"=

"NimoCorp"=Nimo Codecs Pack v4.33 (Remove Only)

"NIS"=Norton Internet Security

"PhotoRecord"=Canon PhotoRecord

"QuickTime"=QuickTime

"RealPlayer 6.0"=RealPlayer

"Sony Ericsson"=Sony Ericsson Symbian 9 Drivers

"SynTPDeinstKey"=Synaptics Pointing Device Driver

"WebFerret"=WebFerret

"Windows Media Format Runtime"=Windows Media Format 11 runtime

"Windows Media Player"=Windows Media Player 11

"Windows Mobile Device Handbook"=Handbok för Windows Mobile®-enheter

"WinRAR archiver"=WinRAR

"VLC media player"=VideoLAN VLC media player 0.8.6f

"WMFDist11"=Windows Media Format 11 runtime

"wmp11"=Windows Media Player 11

"WS_FTP Pro"=Ipswitch WS_FTP Pro

"XpsEPSC"=XML Paper Specification Shared Components Pack 1.0

"XPSEPSCLP"=XML Paper Specification Shared Components Language Pack 1.0

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"BitTorrent DNA"=DNA

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-1017937101-173008773-135449575-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"BitTorrent DNA"=DNA

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 2009-01-09 06:13:36 | Computer Name = ACER-G3388DKE8U | Source = Application Error | ID = 1004

Description = Felaktigt program NPFMNTOR.EXE, version 11.0.16.2, felaktig modul

kernel32.dll, version 5.1.2600.5512, felaktig adress 0x00012aeb.

 

Error - 2009-01-09 09:11:49 | Computer Name = ACER-G3388DKE8U | Source = CardSpace 3.0.0.0 | ID = 327949

Description = The Windows CardSpace service is too busy to process this request.

Användaren har för många utestående begäranden. Additional Information: vid System.Environment.GetStackTrace(Exception

e, Boolean needFileInfo) vid System.Environment.get_StackTrace() vid Microsoft.InfoCards.Diagnostics.InfoCardTrace.BuildMessage(InfoCardBaseException

ie) vid Microsoft.InfoCards.Diagnostics.InfoCardTrace.TraceAndLogException(Exception

e) vid Microsoft.InfoCards.Diagnostics.InfoCardTrace.ThrowHelperError(Exception

e) vid Microsoft.InfoCards.UIAgentMonitor.AddNewClient(UIAgentMonitorHandle handle)

 

vid Microsoft.InfoCards.UIAgentMonitorHandle.CreateAgent(Int32 callerPid, WindowsIdentity

callerIdentity, Int32 tsSessionId) vid Microsoft.InfoCards.RequestFactory.CreateClientRequestInstance(UIAgentMonitorHandle

monitorHandle, String reqName, IntPtr rpcHandle, Stream inStream, Stream outStream)

 

vid Microsoft.InfoCards.RequestFactory.ProcessNewRequest(Int32 parentRequestHandle,

IntPtr rpcHandle, IntPtr inArgs, IntPtr& outArgs)

 

Error - 2009-01-24 14:18:14 | Computer Name = ACER-G3388DKE8U | Source = SENS | ID = 0

Description =

 

Error - 2009-01-24 14:18:47 | Computer Name = ACER-G3388DKE8U | Source = PerfNet | ID = 2004

Description = Det gick inte att öppna tjänsten Server. Prestandadata för tjänsten

Server kommer inte att returneras. Den returnerade felkoden anges av DWORD-värde

0.

 

Error - 2009-01-24 14:29:19 | Computer Name = ACER-G3388DKE8U | Source = Windows Product Activation | ID = 1009

Description = Du har inte aktiverat Windows i tid. Du måste kontakta en kundtjänstansvarig

via telefon för att aktivera Windows.

 

Error - 2009-01-24 14:31:44 | Computer Name = ACER-G3388DKE8U | Source = Windows Product Activation | ID = 1009

Description = Du har inte aktiverat Windows i tid. Du måste kontakta en kundtjänstansvarig

via telefon för att aktivera Windows.

 

Error - 2009-01-24 14:42:12 | Computer Name = ACER-G3388DKE8U | Source = SENS | ID = 0

Description =

 

Error - 2009-01-24 14:42:58 | Computer Name = ACER-G3388DKE8U | Source = PerfNet | ID = 2004

Description = Det gick inte att öppna tjänsten Server. Prestandadata för tjänsten

Server kommer inte att returneras. Den returnerade felkoden anges av DWORD-värde

0.

 

Error - 2009-01-24 14:45:06 | Computer Name = ACER-G3388DKE8U | Source = Windows Product Activation | ID = 1009

Description = Du har inte aktiverat Windows i tid. Du måste kontakta en kundtjänstansvarig

via telefon för att aktivera Windows.

 

Error - 2009-01-24 15:55:39 | Computer Name = ACER-G3388DKE8U | Source = VSS | ID = 4101

Description = Fel i tjänsten Volume Shadow Copy: Det går inte att hämta mängden

Applications från COM+-katalogen [0x80040154].

 

[ System Events ]

Error - 2009-01-24 14:44:36 | Computer Name = ACER-G3388DKE8U | Source = Rasman | ID = 20063

Description = Det gick inte att starta Anslutningshanteraren för fjärråtkomst (RAS)

eftersom det inte gick att initiera PPP (Point to Point Protocol). Det går inte

att hitta den angivna modulen.

 

Error - 2009-01-24 14:44:37 | Computer Name = ACER-G3388DKE8U | Source = Rasman | ID = 20063

Description = Det gick inte att starta Anslutningshanteraren för fjärråtkomst (RAS)

eftersom det inte gick att initiera PPP (Point to Point Protocol). Det går inte

att hitta den angivna modulen.

 

Error - 2009-01-24 14:44:38 | Computer Name = ACER-G3388DKE8U | Source = Rasman | ID = 20063

Description = Det gick inte att starta Anslutningshanteraren för fjärråtkomst (RAS)

eftersom det inte gick att initiera PPP (Point to Point Protocol). Det går inte

att hitta den angivna modulen.

 

Error - 2009-01-24 14:44:39 | Computer Name = ACER-G3388DKE8U | Source = Rasman | ID = 20063

Description = Det gick inte att starta Anslutningshanteraren för fjärråtkomst (RAS)

eftersom det inte gick att initiera PPP (Point to Point Protocol). Det går inte

att hitta den angivna modulen.

 

Error - 2009-01-24 16:25:32 | Computer Name = ACER-G3388DKE8U | Source = Cdrom | ID = 262151

Description = Det finns ett felaktigt block på enhet \Device\CdRom0.

 

Error - 2009-01-24 16:43:36 | Computer Name = ACER-G3388DKE8U | Source = Cdrom | ID = 262151

Description = Det finns ett felaktigt block på enhet \Device\CdRom0.

 

Error - 2009-01-24 16:56:10 | Computer Name = ACER-G3388DKE8U | Source = Setup | ID = 60055

Description = Några mindre allvarliga fel uppstod under installationen. Mer information

finns i filen setuperr.log i Windows-mappe

 

Error - 2009-01-24 16:59:29 | Computer Name = ACER-G3388DKE8U | Source = Service Control Manager | ID = 7009

Description = En timeout (30000 ms) inträffade vid väntan på att tjänsten Norton

2009 Reset ska ansluta.

 

Error - 2009-01-24 16:59:29 | Computer Name = ACER-G3388DKE8U | Source = Service Control Manager | ID = 7000

Description = Tjänsten Norton 2009 Reset kunde inte startas på grund av följande

fel: %%1053

 

Error - 2009-01-24 16:59:29 | Computer Name = ACER-G3388DKE8U | Source = Service Control Manager | ID = 7000

Description = Tjänsten Help and Support kunde inte startas på grund av följande

fel: %%1083

 

 

< End of report >[/log]

 

Lagt till LOG-taggar

När du har klistrat in en logg så var vänlig och markera loggen och tryck sedan på LOG-knappen som finns på samma rad som :thumbsdown::thumbsup: i inläggsfönstret.

Cecilia - Moderator för Virus, skadliga program & botemedel

 

[inlägget ändrat 2009-01-25 02:25:04 av Cecilia]

Link to comment
Share on other sites

Hej! Tack då vet jag! Surfa till http://www.virustotal.com (fungerar bäst med Internet Explorer) klistra in ett av följande filnamn i rutan, tryck på Skicka Fil och vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in resultatet från de olika antivirusprogrammen (inte Övrig information) här. Upprepa med nästa filnamn.

C:\WINDOWS\System32\xa59066890.exe

C:\WINDOWS\System32\xa59066687.exe

 

Sen vill jag att du gör detta!!

Ladda ner ComboFix till Skrivbordet:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

Stäng av alla program du ser inklusive antivirusprogram och antispionprogram men lämna brandväggen på.

Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html

Kör ComboFix och följ anvisningarna som visas.

Om det kommer upp en fråga om du vill installera återställningskonsolen så svara ja.

 

VIKTIGT! Klicka inte på ComboFix-fönstret med musen när den körs annars kan den hänga upp sig.

 

När den är färdig så ska en logg komma upp, bifoga den till ditt svar. Kontrollera att antivirusprogram mm är igång innan du ansluter till internet.

 

I ditt svar bifogar du ComboFix-loggen på detta sätt:

Tryck på LOG-knappen i Besvara-fönstret

Klistra in loggen

Tryck igen på LOG-knappen

 

Om du får problem med att komma ut på internet:

Kontrollpanelen - Nätverksanslutningar

högerklicka på din internetanslutning och välj Reparera och/eller starta om datorn.

 

Varning! ComboFix förhindrar automatisk körning av CD, disketter och USB-enheter för att göra det lättare att rensa datorn och skydda datorn mot infektioner i framtiden. Det kan bli problem t ex om datorn har internet via ett USB-modem eller USB-nätverkskort. Säg då till i stället för att köra ComboFix.

 

 

[inlägget ändrat 2009-01-25 03:19:37 av Laston]

Link to comment
Share on other sites

Här kommer loggen...............

 

 

 

[log]ComboFix 09-01-21.04 - EM-GRUPPEN 2009-01-25 3:41:33.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1053.18.1278.800 [GMT 1:00]

Körs från: c:\documents and settings\EM-GRUPPEN\Skrivbord\ComboFix.exe

AV: Norton Internet Security *On-access scanning disabled* (Updated)

FW: Norton Internet Security *enabled*

FW: Telia Antivirus 6.15 *disabled*

* Skapade en ny återställningspunkt

.

 

(((((((((((((((((((((((( Filer Skapade från 2008-12-25 till 2009-01-25 ))))))))))))))))))))))))))))))

.

 

2009-01-24 22:03 . 2009-01-24 22:03 12,676 a c:\windows\system32\wpa.bak

2009-01-24 21:59 . 2009-01-24 21:59 <KAT> d c:\windows\system32\config\systemprofile\Skrivbord

2009-01-24 21:52 . 2004-08-04 13:00 571,392 ac- c:\windows\system32\dllcache\tintlgnt.ime

2009-01-24 21:50 . 2001-09-06 20:33 57,856 ac- c:\windows\system32\dllcache\EXCH_scripto.dll

2009-01-24 21:50 . 2001-09-06 20:33 26,112 ac- c:\windows\system32\dllcache\EXCH_seos.dll

2009-01-24 21:41 . 2004-08-04 13:00 53,760 ac- c:\windows\system32\dllcache\pintlcsd.dll

2009-01-24 21:39 . 2004-08-04 13:00 44,544 ac- c:\windows\system32\dllcache\nsepm.dll

2009-01-24 21:39 . 2001-09-06 20:33 38,912 ac- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll

2009-01-24 21:17 . 2004-08-04 13:00 562,176 ac- c:\windows\system32\dllcache\fxsst.dll

2009-01-24 21:17 . 2004-08-04 13:00 11,264 ac- c:\windows\system32\dllcache\fxssend.exe

2009-01-24 21:16 . 2004-08-04 13:00 72,192 ac- c:\windows\system32\dllcache\fxscom.dll

2009-01-24 21:13 . 2004-08-04 13:00 124,416 ac- c:\windows\system32\dllcache\ftpsv251.dll

2009-01-24 21:13 . 2004-08-04 13:00 7,680 ac- c:\windows\system32\dllcache\ftpctrs2.dll

2009-01-24 21:13 . 2004-08-04 13:00 6,144 ac- c:\windows\system32\dllcache\ftpmib.dll

2009-01-24 21:11 . 2004-08-04 13:00 106,496 ac- c:\windows\system32\dllcache\evntagnt.dll

2009-01-24 21:11 . 2004-08-04 13:00 93,184 ac- c:\windows\system32\dllcache\evntwin.exe

2009-01-24 21:11 . 2004-08-04 13:00 57,856 ac- c:\windows\system32\dllcache\esuimgd.dll

2009-01-24 21:11 . 2004-08-04 13:00 45,056 ac- c:\windows\system32\dllcache\esunid.dll

2009-01-24 21:11 . 2004-08-04 13:00 31,744 ac- c:\windows\system32\dllcache\esucmd.dll

2009-01-24 21:11 . 2004-08-04 13:00 25,856 ac- c:\windows\system32\dllcache\et4000.sys

2009-01-24 21:11 . 2004-08-04 13:00 25,088 ac- c:\windows\system32\dllcache\evntcmd.exe

2009-01-24 21:11 . 2004-08-04 13:00 14,336 ac- c:\windows\system32\dllcache\exstrace.dll

2009-01-24 21:08 . 2004-08-04 13:00 56,320 ac- c:\windows\system32\dllcache\convlog.exe

2009-01-24 20:59 . 2004-08-04 13:00 189,986 ac- c:\windows\system32\dllcache\c_1361.nls

2009-01-24 20:59 . 2004-08-04 13:00 180,258 ac- c:\windows\system32\dllcache\c_20000.nls

2009-01-24 20:59 . 2004-08-04 13:00 66,082 ac- c:\windows\system32\dllcache\c_1149.nls

2009-01-24 20:59 . 2004-08-04 13:00 66,082 ac- c:\windows\system32\dllcache\c_1148.nls

2009-01-24 20:59 . 2004-08-04 13:00 66,082 ac- c:\windows\system32\dllcache\c_1147.nls

2009-01-24 20:59 . 2004-08-04 13:00 66,082 ac- c:\windows\system32\dllcache\c_1146.nls

2009-01-24 20:59 . 2004-08-04 13:00 66,082 ac- c:\windows\system32\dllcache\c_1145.nls

2009-01-24 20:54 . 2004-08-04 13:00 16,384 ac- c:\windows\system32\dllcache\isignup.exe

2009-01-24 20:54 . 2009-01-24 20:54 749 -rah- c:\windows\WindowsShell.Manifest

2009-01-24 20:54 . 2009-01-24 20:54 749 -rah- c:\windows\system32\wuaucpl.cpl.manifest

2009-01-24 20:54 . 2009-01-24 20:54 749 -rah- c:\windows\system32\sapi.cpl.manifest

2009-01-24 20:54 . 2009-01-24 20:54 749 -rah- c:\windows\system32\nwc.cpl.manifest

2009-01-24 20:54 . 2009-01-24 20:54 749 -rah- c:\windows\system32\ncpa.cpl.manifest

2009-01-24 20:54 . 2009-01-24 20:54 488 -rah- c:\windows\system32\logonui.exe.manifest

2009-01-24 20:51 . 2004-08-04 13:00 20,480 ac- c:\windows\system32\dllcache\inetwiz.exe

2009-01-24 20:43 . 2004-08-04 09:34 153,088 a c:\windows\system32\irftp.exe

2009-01-24 20:43 . 2004-08-04 07:00 87,424 a c:\windows\system32\drivers\irda.sys

2009-01-24 20:43 . 2004-08-04 09:33 27,136 a c:\windows\system32\irmon.dll

2009-01-24 20:43 . 2004-08-04 09:34 8,192 a c:\windows\system32\wshirda.dll

2009-01-24 20:28 . 2001-08-17 21:51 19,584 a c:\windows\system32\drivers\rasirda.sys

2009-01-24 19:26 . 2009-01-24 19:26 4,444 a c:\windows\system32\pid.PNF

2009-01-15 03:39 . 2009-01-15 03:39 73,728 a c:\windows\system32\javacpl.cpl

2009-01-15 00:18 . 2009-01-15 00:18 <KAT> d c:\program\Trend Micro

2009-01-14 22:40 . 2009-01-14 22:40 <KAT> d c:\program\Malwarebytes' Anti-Malware

2009-01-14 22:40 . 2009-01-14 22:40 <KAT> d c:\documents and settings\EM-GRUPPEN\Application Data\Malwarebytes

2009-01-14 22:40 . 2009-01-14 22:40 <KAT> d c:\documents and settings\All Users\Application Data\Malwarebytes

2009-01-14 22:40 . 2009-01-14 16:11 38,496 a c:\windows\system32\drivers\mbamswissarmy.sys

2009-01-14 22:40 . 2009-01-14 16:11 15,504 a c:\windows\system32\drivers\mbam.sys

2009-01-13 21:46 . 2009-01-13 21:46 <KAT> d c:\program\Delade filer\Wise Installation Wizard

2009-01-09 11:44 . 2009-01-09 11:44 <KAT> d c:\documents and settings\All Users\Application Data\Symantec

2009-01-09 11:43 . 2008-12-12 04:28 36,272 -ra c:\windows\system32\drivers\SymIM.sys

2009-01-09 11:42 . 2009-01-09 11:42 <KAT> d c:\windows\system32\drivers\NIS

2009-01-09 11:42 . 2009-01-09 11:42 <KAT> d c:\program\Windows Sidebar

2009-01-09 11:42 . 2009-01-09 11:42 <KAT> d c:\program\Symantec

2009-01-09 11:42 . 2009-01-09 11:42 <KAT> d c:\program\Norton Internet Security

2009-01-09 11:42 . 2009-01-09 11:42 <KAT> d c:\program\Delade filer\Symantec Shared

2009-01-09 11:42 . 2009-01-09 11:42 124,464 a c:\windows\system32\drivers\SYMEVENT.SYS

2009-01-09 11:42 . 2009-01-09 11:42 60,808 a c:\windows\system32\S32EVNT1.DLL

2009-01-09 11:42 . 2009-01-09 11:42 10,635 a c:\windows\system32\drivers\SYMEVENT.CAT

2009-01-09 11:42 . 2009-01-09 11:42 806 a c:\windows\system32\drivers\SYMEVENT.INF

2009-01-09 11:38 . 2009-01-09 11:38 <KAT> d c:\windows\system32\XPSViewer

2009-01-09 11:38 . 2009-01-09 11:38 <KAT> d c:\program\Reference Assemblies

2009-01-09 11:38 . 2009-01-09 11:38 <KAT> d c:\program\MSBuild

2009-01-09 11:38 . 2006-06-29 13:07 14,048 a c:\windows\system32\spmsg2.dll

2009-01-09 11:23 . 2009-01-09 11:24 <KAT> d C:\73d4a314f5e7d26af146302d

2009-01-09 11:00 . 2009-01-09 11:00 <KAT> d c:\documents and settings\All Users\Application Data\Norton

2009-01-09 10:59 . 2009-01-09 10:59 <KAT> d c:\program\NortonInstaller

2009-01-09 10:23 . 2009-01-09 10:23 <KAT> d c:\documents and settings\All Users\Application Data\NortonInstaller

2009-01-07 14:03 . 2009-01-07 14:03 <KAT> d c:\program\Delade filer\Macrovision Shared

2009-01-07 13:59 . 2009-01-07 13:59 73,728 a c:\windows\system32\xa59066890.exe

2009-01-07 13:59 . 2009-01-07 13:59 73,728 a c:\windows\system32\xa59066687.exe

2009-01-06 16:49 . 2009-01-06 16:49 <KAT> d c:\documents and settings\EM-GRUPPEN\Application Data\ACD Systems

2009-01-06 16:48 . 2009-01-06 16:48 <KAT> d c:\program\Delade filer\ACD Systems

2009-01-06 16:48 . 2009-01-06 16:48 <KAT> d c:\program\ACD Systems

2009-01-06 16:48 . 2009-01-06 16:48 <KAT> d c:\documents and settings\All Users\Application Data\ACD Systems

2009-01-06 04:06 . 2009-01-08 23:37 1,879 a c:\windows\system32\%LocalXml%

2009-01-02 15:15 . 2009-01-02 15:15 <KAT> d c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files

2008-12-29 16:50 . 2008-12-29 16:50 <KAT> d c:\program\Delade filer\Windows Live

2008-12-28 16:07 . 2007-07-19 18:14 3,727,720 a c:\windows\system32\d3dx9_35.dll

2008-12-28 16:07 . 2007-05-16 16:45 3,497,832 a c:\windows\system32\d3dx9_34.dll

2008-12-28 16:07 . 2007-07-19 18:14 1,358,192 a c:\windows\system32\D3DCompiler_35.dll

2008-12-28 16:07 . 2007-05-16 16:45 1,124,720 a c:\windows\system32\D3DCompiler_34.dll

2008-12-28 16:07 . 2007-07-19 18:14 444,776 a c:\windows\system32\d3dx10_35.dll

2008-12-28 16:07 . 2007-05-16 16:45 443,752 a c:\windows\system32\d3dx10_34.dll

2008-12-28 16:07 . 2007-07-20 00:57 267,112 a c:\windows\system32\xactengine2_9.dll

2008-12-28 16:07 . 2007-06-20 20:46 266,088 a c:\windows\system32\xactengine2_8.dll

2008-12-28 16:07 . 2007-04-04 18:53 81,768 a c:\windows\system32\xinput1_3.dll

2008-12-28 16:07 . 2007-07-20 00:54 18,280 a c:\windows\system32\x3daudio1_2.dll

2008-12-28 16:00 . 2008-12-28 16:00 <KAT> d c:\program\City Interactive

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-01-25 02:35 - d-w c:\documents and settings\EM-GRUPPEN\Application Data\DNA

2009-01-25 02:07 - d-w c:\program\Canon

2009-01-24 21:04 - d-w c:\program\DNA

2009-01-15 02:39 410,984 a-w c:\windows\system32\deploytk.dll

2008-12-17 12:17 17,920 a-w c:\windows\WebFerretUninstall.exe

2008-12-08 20:24 - d-w c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com

2008-12-08 20:23 - d-w c:\program\SUPERAntiSpyware

2008-12-08 20:23 - d-w c:\documents and settings\EM-GRUPPEN\Application Data\SUPERAntiSpyware.com

2003-03-25 12:18 13,077,640 a-r c:\windows\system32\config\systemprofile\mpsetup.exe

2003-03-25 12:18 13,077,640 a-r c:\documents and settings\Default User\mpsetup.exe

2003-03-25 12:18 13,077,640 a-r c:\documents and settings\Administratör\mpsetup.exe

2003-03-25 12:18 13,077,640 a-r c:\documents and settings\Administratör\mpsetup.exe

.

 

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* Tomma poster & legitima standardposter visas inte.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

"H/PC Connection Agent"="c:\program\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]

"msnmsgr"="c:\program\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

"BitTorrent DNA"="c:\program\DNA\btdna.exe" [2008-12-19 342848]

"SUPERAntiSpyware"="c:\program\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-01-21 1830128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TkBellExe"="c:\program\Delade filer\Real\Update_OB\realsched.exe" [2008-03-08 185896]

"QuickTime Task"="c:\program\QuickTime\qttask.exe" [2006-11-24 98304]

"Acrobat Assistant 7.0"="c:\program\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]

"Adobe Reader Speed Launcher"="c:\program\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"AdobeCS4ServiceManager"="c:\program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]

"SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe" [2009-01-15 136600]

"SynTPLpr"="c:\program\Synaptics\SynTP\SynTPLpr.exe" [2003-04-18 110592]

"SynTPEnh"="c:\program\Synaptics\SynTP\SynTPEnh.exe" [2003-04-18 610304]

"AGRSMMSG"="AGRSMMSG.exe" [2003-11-19 c:\windows\AGRSMMSG.exe]

"SoundMan"="SOUNDMAN.EXE" [2004-01-09 c:\windows\SOUNDMAN.EXE]

"SchedulingAgent"="mstinit.exe" [2004-08-04 c:\windows\system32\mstinit.exe]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-04 15360]

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2008-12-22 11:05 356352 c:\program\SUPERAntiSpyware\SASWINLO.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.DIV3"= DivXc32.dll

"vidc.DIV4"= DivXc32f.dll

"msacm.divxa32"= DivXa32.acm

"VIDC.ACDV"= ACDV.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iexplore.exe]

"Debugger"=c:\windows\system32\klomp.exe

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Program^Autostart^Adobe Acrobat Speed Launcher.lnk]

path=c:\documents and settings\All Users\Start-meny\Program\Autostart\Adobe Acrobat Speed Launcher.lnk

backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Program^Autostart^Adobe Gamma Loader.lnk]

path=c:\documents and settings\All Users\Start-meny\Program\Autostart\Adobe Gamma Loader.lnk

backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Program^Autostart^Microsoft Office.lnk]

path=c:\documents and settings\All Users\Start-meny\Program\Autostart\Microsoft Office.lnk

backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Program^Autostart^Phone Connection Monitor.lnk]

path=c:\documents and settings\All Users\Start-meny\Program\Autostart\Phone Connection Monitor.lnk

backup=c:\windows\pss\Phone Connection Monitor.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Program^Autostart^Telenor Mobilt Bredband.lnk]

path=c:\documents and settings\All Users\Start-meny\Program\Autostart\Telenor Mobilt Bredband.lnk

backup=c:\windows\pss\Telenor Mobilt Bredband.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program\\Intuwave Ltd\\Shared\\mRouterRunTime\\mRouterRuntime.exe"=

"c:\\Program\\Sony Ericsson\\Mobile4\\Sync Manager\\DXP SyncML.exe"=

"c:\program\Microsoft ActiveSync\rapimgr.exe"= c:\program\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"c:\program\Microsoft ActiveSync\wcescomm.exe"= c:\program\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"c:\program\Microsoft ActiveSync\WCESMgr.exe"= c:\program\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"c:\\Program\\WS_FTP Pro\\wsftppro.exe"=

"c:\\Program\\DNA\\btdna.exe"=

"c:\\Program\\Delade filer\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

"c:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program\\Windows Live\\Messenger\\livecall.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"5353:TCP"= 5353:TCP:Adobe CSI CS4

 

R0 SymEFA;Symantec Extended File Attributes;\SystemRoot\\SystemRoot\System32\Drivers\NIS\1002000.007\SYMEFA.SYS > \SystemRoot\\SystemRoot\System32\Drivers\NIS\1002000.007\SYMEFA.SYS [?]

R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1002000.007\BHDrvx86.sys [2009-01-09 255536]

R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1002000.007\cchpx86.sys [2009-01-09 362544]

R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090115.001\IDSxpx86.sys [2009-01-16 274808]

R1 SASDIFSV;SASDIFSV;c:\program\SUPERAntiSpyware\sasdifsv.sys [2008-12-22 8944]

R1 SASKUTIL;SASKUTIL;c:\program\SUPERAntiSpyware\SASKUTIL.SYS [2008-12-22 55024]

R3 SASENUM;SASENUM;c:\program\SUPERAntiSpyware\SASENUM.SYS [2008-12-22 7408]

R4 mdvrmng;Mobile IP Route Manager;c:\windows\system32\drivers\mdvrmng.sys [2008-08-22 10240]

R4 Norton Internet Security;Norton Internet Security;c:\program\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe [2009-01-09 115560]

S3 FTLUND;Lundinova Filter Driver;c:\windows\system32\drivers\ftlund.sys [2006-11-24 6828]

S3 QuarticsWP;QuarticsWP_Display_Driver;c:\windows\system32\DRIVERS\QuarticsWP.sys > c:\windows\system32\DRIVERS\QuarticsWP.sys [?]

S3 QuarticsWPMirror;QuarticsWPMirror_Display_Driver;c:\windows\system32\DRIVERS\QuarticsWPMirror.sys > c:\windows\system32\DRIVERS\QuarticsWPMirror.sys [?]

S4 .norton2009Reset;Norton 2009 Reset;c:\documents and settings\All Users\Application Data\Norton\Norton2009Reset.exe [2009-01-09 281625]

 

- Övriga tjänster/drivrutiner i minnet -

 

*NewlyCreated* - MSISERVER

*NewlyCreated* - USNJSVC

*NewlyCreated* - WMIAPSRV

*NewlyCreated* - WUAUSERV

*Deregistered* - EraserUtilDrvI7

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0d3b1f30-6dcb-11dd-af96-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0d3b1f31-6dcb-11dd-af96-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{196b5abc-6d2c-11dd-af93-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1be8af78-9f88-11dc-adf1-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e925214-7364-11dd-af9e-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{217a2b4e-d9a5-11dd-b9ad-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{285255d2-7054-11dd-af98-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{285255d3-7054-11dd-af98-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{31381138-8d86-11dd-afe0-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{31381139-8d86-11dd-afe0-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3dd41df7-716b-11dd-af9a-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{462d6bef-7b43-11db-ab7f-806d6172696f}]

\Shell\AutoRun\command - E:\setup.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ce4cf76-8bbe-11dd-afdd-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ce4cf77-8bbe-11dd-afdd-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52c4feb2-6886-11dd-af8e-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52c4feb3-6886-11dd-af8e-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5caeac3e-7114-11dd-af99-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5caeac3f-7114-11dd-af99-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9f49244a-9b01-11dd-b006-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9f49244b-9b01-11dd-b006-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a016c972-d9a9-11dd-b9ae-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b42a7b04-16f2-11dd-aee2-000e9b130921}]

\Shell\AutoRun\command - E:\setup.exe AUTORUN=1

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bcf8f978-688d-11dd-af8f-000e9b130921}]

\Shell\AutoRun\command - E:\AutoRun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dc9cc136-0b7c-11dd-aed6-000e9b130921}]

\Shell\AutoRun\command - E:\LaunchU3.exe -a

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{def8ae6a-9fe6-11dc-adf4-000e9b130921}]

\Shell\AutoRun\command - H:\AutoRun.exe

.

Innehållet i mappen 'Schemalagda aktiviteter':

 

2008-07-20 c:\windows\Tasks\TASK20080720130119.job

- c:\program\WS_FTP Pro\wsftppro.exe [2003-05-23 14:15]

 

2008-07-20 c:\windows\Tasks\TASK20080720132711.job

- c:\program\WS_FTP Pro\wsftppro.exe [2003-05-23 14:15]

 

2008-07-20 c:\windows\Tasks\TASK20080720133004.job

- c:\program\WS_FTP Pro\wsftppro.exe [2003-05-23 14:15]

 

2009-01-25 c:\windows\Tasks\User_Feed_Synchronization-{A60964E8-3EA6-4B4E-87B6-22D5A205A846}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 18:36]

.

.

- Extra genomsökning -

.

uStart Page = hxxp://google.se

uInternet Settings,ProxyOverride = *.local

IE: Convert link target to Adobe PDF - c:\program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - c:\program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - c:\program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - c:\program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - c:\program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - c:\program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - c:\program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert to existing PDF - c:\program\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: E&xportera till Microsoft Excel - c:\program\MICROS~2\OFFICE11\EXCEL.EXE/3000

Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program\Norton Internet Security\Engine\16.2.0.7\CoIEPlg.dll

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-01-25 03:43:11

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

 

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Norton Internet Security]

"ImagePath"="\"c:\program\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program\Norton Internet Security\Engine\16.2.0.7\diMaster.dll\" /prefetch:1"

.

- LÅSTA REGISTERNYCKLAR -

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•6~*]

"D140110900063D11C8EF10054038389C"="C?\\WINDOWS\\System32\\FM20ENU.DLL"

.

- DLLer som "laddats" under processer som körs -

 

- - - - - - - > 'winlogon.exe'(1484)

c:\program\SUPERAntiSpyware\SASWINLO.dll

c:\program\Delade filer\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

.

Sluttid: 2009-01-25 3:44:33

ComboFix-quarantined-files.txt 2009-01-25 02:44:28

 

Före genomsökningen: 34 592 251 904 byte ledigt

Efter genomsökningen: 34,755,391,488 byte ledigt

 

WindowsXP-KB310994-SP2-Pro-BootDisk-SVE.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /noexecute=optin

 

326 - E O F - 2009-01-15 03:08:23[/log]

 

Lagt till LOG-taggar

När du har klistrat in en logg så var vänlig och markera loggen och tryck sedan på LOG-knappen som finns på samma rad som :thumbsdown::thumbsup: i inläggsfönstret.

Cecilia - Moderator för Virus, skadliga program & botemedel

 

[inlägget ändrat 2009-01-25 09:50:01 av Cecilia]

Link to comment
Share on other sites

Hej!Jag ser att ditt fildelningsprogram forfarande är igång,detta skall stängas av under rensningsprocessen!! Denna toolbar skall avinstalleras i lägg till/ta bort program(Är känd för att ställa till problem)

O3 - Toolbar: WebFerret - {A58686ED-FC46-44C3-95C6-4A812AB776F1} - C:\Program\FerretSoft\WebFerret\FerretBand.dll

Kom på att det kan bli svårt att scanna filerna med IE när den inte funkar så har du nån annan webläsare tex Mozilla Firefox som du kan använda(den brukar oftast fungera) Fungerar ditt Norton som det ska med uppdateringar o så??

Mvh Laston

 

Link to comment
Share on other sites

Har tagit bort båda programmen, tyvärr har jag ingen annan webbläsare och Norton funkar som det ska.....

 

Link to comment
Share on other sites

Ok bra att du tog bort dessa program! Men kan du installera Mozilla Firefox då,vi skulle behöva få koll på vad dessa filer är för nåt?Eller vilken webläsare använder du för att posta här och ta hem rensningsprogrammen med?Mvh Laston

 

Link to comment
Share on other sites

Ok vad bra,återkom med resultatet från scanningen av dessa filer! Är lite undrande till att allt fungerar,så du har inget problem med office,fungerar tjänsten hjälp och support,och framför allt får du inget felmeddelande om att ditt operativsystem inte är aktiverat?? Mvh Laston

 

[inlägget ändrat 2009-01-25 13:57:19 av Laston]

Link to comment
Share on other sites

Om du går till sidan virustotal och klistrar in sökvägen till dessa filer som kommer dom att scannas med alla dessa Antivirusprogram sen får du ett resultat som du klistrar in här

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...