Problem med nätverk och många fel meddelanden när datorn startas misstänker att det kan vara virus...

[XerxesTitanos]

Hej =)

 

Jag visste inte vart jag skulle skriva det här men jag misstänker att ett virus eller flera har attackerat min dator...

i vilketfall:

 

Det började igår med att datorn startade om sig 2 gånger utan att jag gjort något (utom att spela ett spel), sedan bombarderades jag nästa gång när datorn startades av flera fel meddelanden om att det antingen är något fel på någon fil eller att den inte går att hittas, bl.a en fil som heter gvlw.exe försöker startas hela tiden, vad det nu är...

 

Under natten lät jag virus söka datorn men det hängde sig...

 

Idag så ändrades inloggnings menyn ifrån den "normala" på XP Professional till något som liknar Win98, sen ändras Aktivitetsfältet till Klassisk ifrån den "normala" blå med görn startknapp.

Jag kan inte koppla mig till husets nätverk så jag kommer inte åt internet via min dator (enligt msns felsök så har jag "felaktig IP adress"), jag kan inte starta windows Hjälp- och supportcenter och inte heller några musikfiler...

 

Är det någon som har en idé om vad man skulle kunna göra?

(förutom att formatera om datorn eller liknande...)

Tack på förhand =D

 

[Cecilia]

Tyvärr så tyder det ju på att din dator har drabbats väldigt hårt och det kan vara en virut-infektion som ändrar i alla körbara filer i datorn. Det går inte att laga/fixa en virut-infekterad dator utan då är det ominstallation som gäller. Men vi kan kolla lite för att undersöka om så är fallet.

 

Vad har du för antivirusprogram?

Om du bara söker igenom t ex Windows-mappen med antivirusprogrammet, går det utan att det hänger sig? Hittar antivirusprogrammet något då? I så fall vilka filer/mappar är infekterade och med vad?

 

[XerxesTitanos]

Tack för svaret =)

 

Jag har Norton antivirus (det var det som följde med datorn)

och har försökt söka igenom windows-mappen men den fastnade och ville inte fortsätta...

Den hittade dock 3 virus:

 

Downloader:

-1 fil: C:\windows\system32\config\systemprofile\lokala inställningar\temporary internet files\content.ie5\zfiks3qm\drm3[1].txt

-1 webbläsar-cache

HELT ÅTGÄRDAD

 

Trojan.Horse:

-1 fil: [tpszxyd.sys] inuti [c:\windows\temp\vrt212.tmp]

Borttagning misslyckades

Kunde inte utföra annan åtgärd

 

Trojan.Horse:

-1 fil: [tpszxyd.sys] inuti [c:\windows\temp\vrt212.tmp]

Borttagning misslyckades

Kunde inte utföra annan åtgärd

 

[Cecilia]

Okej, i alla fall de fallen tyder inte på virut-infektion.

 

Ladda ner DDS till Skrivbordet.

http://download.bleepingcomputer.com/sUBs/dds.scr

 

Starta programmet (i Vista högerklicka och Kör som administratör).

Tryck Yes/Ja på frågan om Optional Scan.

 

I ditt svar bifogar du de två loggarna DSS.txt och Attach.txt i ditt svar på detta sätt:

Tryck på LOG-knappen i Besvara-fönstret

Klistra in loggen

Tryck igen på LOG-knappen nappen i Besvara-fönstret´

Upprepa med nästa logg.

 

[XerxesTitanos]

DDS verkar inte fungera

Den startar och det kommer upp ett kommandotolk fönster där det står lite om DDS

sen kommer ett meddelande: "Det gõr inte att hitta kommandofilen"

 

[Cecilia]

Då prövar vi med ett annat program då. Ladda ner OTListIt till Skrivbordet.

http://oldtimer.geekstogo.com/OTListIt2.exe

Stäng alla program.

Kör OTListIt (i Vista högerklicka och Kör som administratör).

Under Output högt upp så välj Minimal Output.

Bocka för LOP Check och Purity Check.

Tryck på Run Scan och låt programmet köra ostört.

 

När det är klart så skapas två loggfiler på Skrivbordet, OTListIt .txt och Extras.txt. I ditt svar bifogar du de två loggarna DSS.txt och Attach.txt i ditt svar på detta sätt:

Tryck på LOG-knappen i Besvara-fönstret

Klistra in loggen

Tryck igen på LOG-knappen nappen i Besvara-fönstret´

Upprepa med nästa logg.

 

[XerxesTitanos]

Ok

här kommer loggarna:

 

OTListIt:

 

[log]

OTListIt logfile created on: 2009-04-03 16:41:40 - Run 1

OTListIt2 by OldTimer - Version 2.0.9.1 Folder = C:\Documents and Settings\Daniel\Skrivbord

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

2,00 Gb Total Physical Memory | 1,20 Gb Available Physical Memory | 60,13% Memory free

3,85 Gb Paging File | 3,23 Gb Available in Paging File | 83,95% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092;

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 298,09 Gb Total Space | 85,34 Gb Free Space | 28,63% Space Free | Partition Type: NTFS

Drive D: | 298,08 Gb Total Space | 42,18 Gb Free Space | 14,15% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

Drive F: | 6,67 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Drive M: | 3,74 Gb Total Space | 2,92 Gb Free Space | 78,13% Space Free | Partition Type: FAT32

 

Computer Name: DANIELSDATOR

Current User Name: Daniel

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Output = Minimal

File Age = 30 Days

Company Name Whitelist: On

 

========== Processes (SafeList) ==========

 

PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)

PRC - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe (Symantec Corporation)

PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)

PRC - C:\Program\Delade filer\Symantec Shared\AppCore\AppSvc32.exe (Symantec Corporation)

PRC - C:\WINDOWS\system32\brss01a.exe (brother Industries Ltd)

PRC - C:\WINDOWS\ATKKBService.exe (ASUSTeK COMPUTER INC.)

PRC - C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)

PRC - C:\WINDOWS\system32\CTsvcCDA.exe (Creative Technology Ltd)

PRC - C:\Program\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)

PRC - C:\Program\Delade filer\LightScribe\LSSrvc.exe (Hewlett-Packard Company)

PRC - C:\WINDOWS\system32\mstd.exe (Microsoft Corporation)

PRC - C:\Nexon\Mabinogi\npkcmsvc.exe (INCA Internet Co., Ltd.)

PRC - C:\WINDOWS\system32\PnkBstrA.exe ()

PRC - C:\WINDOWS\system32\UAService7.exe ()

PRC - C:\Program\Wireless-N PCI Adapter\WLService.exe (GEMTEKS)

PRC - C:\Program\Wireless-N PCI Adapter\WMP300N.exe (Linksys)

PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)

PRC - C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

PRC - C:\Program\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

PRC - C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe ()

PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)

PRC - C:\Documents and Settings\Daniel\Skrivbord\OTListIt2.exe (OldTimer Tools)

 

========== Win32 Services (SafeList) ==========

 

SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)

SRV - (Akamai [Auto | Running]) -- c:\program\delade filer\akamai\rswin_3497.dll ()

SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)

SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)

SRV - (ATI Smart [Auto | Stopped]) -- C:\WINDOWS\system32\ati2sgag.exe ()

SRV - (ATKKeyboardService [Auto | Running]) -- C:\WINDOWS\ATKKBService.exe (ASUSTeK COMPUTER INC.)

SRV - (Automatisk LiveUpdate-schemaläggare [Auto | Running]) -- C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)

SRV - (Bonjour Service [Auto | Stopped]) -- C:\Program\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)

SRV - (Brother XP spl Service [Auto | Stopped]) -- C:\WINDOWS\system32\brsvc01a.exe (brother Industries Ltd)

SRV - (ccEvtMgr [Auto | Running]) -- C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe (Symantec Corporation)

SRV - (ccSetMgr [Auto | Running]) -- C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe (Symantec Corporation)

SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (CLTNetCnService [Auto | Running]) -- C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe (Symantec Corporation)

SRV - (comHost [On_Demand | Stopped]) -- C:\Program\Delade filer\Symantec Shared\VAScanner\comHost.exe (Symantec Corporation)

SRV - (Creative Service for CDROM Access [Auto | Running]) -- C:\WINDOWS\system32\CTsvcCDA.exe (Creative Technology Ltd)

SRV - (defaultlib [Auto | Stopped]) -- C:\WINDOWS\system32\ffo16901524.dll ()

SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)

SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)

SRV - (gusvc [On_Demand | Stopped]) -- C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)

SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

SRV - (ias [Auto | Stopped]) -- C:\WINDOWS\system32\Iasv32.dll ()

SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (idsvc [unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)

SRV - (ISPwdSvc [On_Demand | Stopped]) -- C:\Program\Norton Internet Security\isPwdSvc.exe (Symantec Corporation)

SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)

SRV - (LightScribeService [Auto | Running]) -- C:\Program\Delade filer\LightScribe\LSSrvc.exe (Hewlett-Packard Company)

SRV - (LiveUpdate [On_Demand | Stopped]) -- C:\Program\Symantec\LiveUpdate\LuComServer_3_1.EXE (Symantec Corporation)

SRV - (LiveUpdate Notice Ex [Auto | Running]) -- C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe (Symantec Corporation)

SRV - (LiveUpdate Notice Service [Auto | Stopped]) -- C:\Program\Delade filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)

SRV - (mstd [Auto | Running]) -- C:\WINDOWS\system32\mstd.exe (Microsoft Corporation)

SRV - (mwmpupdate [Auto | Stopped]) -- C:\Program\Windows Media Player\wmplayer_up.exe ()

SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)

SRV - (NOD32krn [Auto | Stopped]) -- File not found

SRV - (npkcmsvc [Auto | Running]) -- C:\Nexon\Mabinogi\npkcmsvc.exe (INCA Internet Co., Ltd.)

SRV - (ose [On_Demand | Stopped]) -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (PnkBstrA [Auto | Running]) -- C:\WINDOWS\system32\PnkBstrA.exe ()

SRV - (softyinforwow1 [Auto | Stopped]) -- C:\WINDOWS\system32\w14427171734.dll ()

SRV - (StarWindServiceAE [Auto | Stopped]) -- C:\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)

SRV - (Symantec Core LC [On_Demand | Running]) -- C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe ()

SRV - (SymAppCore [Auto | Running]) -- C:\Program\Delade filer\Symantec Shared\AppCore\AppSvc32.exe (Symantec Corporation)

SRV - (UserAccess7 [Auto | Running]) -- C:\WINDOWS\system32\UAService7.exe ()

SRV - (WMP300NSvc [Auto | Running]) -- File not found

SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

SRV - (EraserSvc10910 [Auto | Stopped]) -- C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe (Symantec Corporation)

 

========== Driver Services (SafeList) ==========

 

DRV - (AegisP [Auto | Stopped]) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys (Meetinghouse Data Communications)

DRV - (AMON [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\amon.sys (Eset )

DRV - (AR5416 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ar5416.sys (Atheros Communications, Inc.)

DRV - (Aspi32 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)

DRV - (asuskbnt [system | Running]) -- C:\WINDOWS\system32\drivers\atkkbnt.sys (ASUSTeK COMPUTER INC.)

DRV - (at1394 [On_Demand | Stopped]) -- C:\WINDOWS\system32\at1394.sys ()

DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)

DRV - (ATIAVAIW [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\atinavt2.sys (ATI Technologies Inc.)

DRV - (cpuz128 [On_Demand | Stopped]) -- C:\Program\PC Wizard 2008\pcwiz32.sys (Windows ® 2000 DDK provider)

DRV - (EagleNT [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\EagleNT.sys ()

DRV - (eeCtrl [system | Running]) -- C:\Program\Delade filer\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)

DRV - (EIO [Auto | Running]) -- C:\WINDOWS\system32\drivers\EIO.sys (ASUSTeK Computer Inc.)

DRV - (EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program\Delade filer\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)

DRV - (giveio [boot | Running]) -- C:\WINDOWS\system32\giveio.sys ()

DRV - (hamachi [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\hamachi.sys (LogMeIn, Inc.)

DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)

DRV - (hSONYPVh [On_Demand | Stopped]) -- C:\Documents and Settings\Daniel\Lokala inställningar\temp\hsonypvh.sys ()

DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)

DRV - (JGOGO [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys (JMicron )

DRV - (JRAID [boot | Running]) -- C:\WINDOWS\system32\DRIVERS\jraid.sys (JMicron Technology Corp.)

DRV - (LVUSBSta [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)

DRV - (mcdbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\mcdbus.sys (MagicISO, Inc.)

DRV - (MPE [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\MPE.sys (Microsoft Corporation)

DRV - (NAVENG [On_Demand | Running]) -- C:\Program\Delade filer\Symantec Shared\VirusDefs\20090401.003\NAVENG.SYS (Symantec Corporation)

DRV - (NAVEX15 [On_Demand | Running]) -- C:\Program\Delade filer\Symantec Shared\VirusDefs\20090401.003\NAVEX15.SYS (Symantec Corporation)

DRV - (NPPTNT2 [system | Running]) -- C:\WINDOWS\system32\npptNT2.sys (INCA Internet Co., Ltd.)

DRV - (PID_PEPI [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\LV302V32.SYS (Logitech Inc.)

DRV - (prodrv06 [system | Running]) -- C:\WINDOWS\System32\drivers\prodrv06.sys (Protection Technology)

DRV - (prohlp02 [boot | Running]) -- C:\WINDOWS\System32\drivers\prohlp02.sys (Protection Technology)

DRV - (prosync1 [boot | Running]) -- C:\WINDOWS\System32\drivers\prosync1.sys (Protection Technology)

DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)

DRV - (RTL8023xp [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys (Realtek Semiconductor Corporation )

DRV - (rtl8139 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)

DRV - (SCDEmu [system | Running]) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)

DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)

DRV - (sfdrv01 [boot | Running]) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))

DRV - (sfhlp01 [boot | Running]) -- C:\WINDOWS\System32\drivers\sfhlp01.sys (Protection Technology)

DRV - (sfhlp02 [boot | Running]) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))

DRV - (sfsync02 [boot | Running]) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)

DRV - (sfsync03 [boot | Running]) -- C:\WINDOWS\System32\drivers\sfsync03.sys (Protection Technology)

DRV - (sfsync04 [boot | Running]) -- C:\WINDOWS\System32\drivers\sfsync04.sys (Protection Technology (StarForce))

DRV - (sfvfs02 [boot | Running]) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology)

DRV - (SPBBCDrv [On_Demand | Stopped]) -- C:\Program\Delade filer\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)

DRV - (speedfan [boot | Running]) -- C:\WINDOWS\system32\speedfan.sys (Windows ® 2000 DDK provider)

DRV - (SRTSP [system | Running]) -- C:\WINDOWS\System32\Drivers\SRTSP.SYS (Symantec Corporation)

DRV - (SRTSPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SRTSPL.SYS (Symantec Corporation)

DRV - (SRTSPX [system | Running]) -- C:\WINDOWS\System32\Drivers\SRTSPX.SYS (Symantec Corporation)

DRV - (SSHDRV76 [system | Running]) -- C:\WINDOWS\system32\drivers\SSHDRV76.sys ()

DRV - (SYMDNS [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS (Symantec Corporation)

DRV - (SymEvent [On_Demand | Running]) -- C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Corporation)

DRV - (SYMFW [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMFW.SYS (Symantec Corporation)

DRV - (SYMIDS [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS (Symantec Corporation)

DRV - (SYMIDSCO [On_Demand | Stopped]) -- C:\Program\Delade filer\Symantec Shared\SymcData\idsdefs\20090325.001\SymIDSCo.sys (Symantec Corporation)

DRV - (SYMNDIS [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS (Symantec Corporation)

DRV - (SYMREDRV [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)

DRV - (SYMTDI [system | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)

DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)

DRV - (vmm [system | Running]) -- C:\WINDOWS\system32\Drivers\vmm.sys (Microsoft Corporation)

DRV - (VPCNetS2 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys (Microsoft Corporation)

DRV - ({09BB444F-B2E2-4009-BAF2-7B727681223E} [Auto | Running]) -- D:\Extras\VMLaunch\BuddyVM.sys (Interlex Inc.)

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"

FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.7.0088

FF - prefs.js..extensions.enabledItems: {3A5895BC-4A77-42DE-8B36-CF61E22799BC}:1.0

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.6

 

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\PROGRAM\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009-01-07 16:09:47 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: C:\PROGRAM\MOZILLA FIREFOX\COMPONENTS [2009-02-06 17:54:05 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: C:\PROGRAM\MOZILLA FIREFOX\PLUGINS [2009-03-25 18:41:09 | 00,000,000 | ---D | M]

 

[2009-02-06 17:54:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\mozilla\Extensions

[2009-02-06 17:54:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2009-02-06 17:54:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\mozilla\Firefox\Profiles\qc8o4bew.default\extensions

[2009-03-25 21:25:07 | 00,000,523 | ---- | M] () -- C:\Documents and Settings\Daniel\Application Data\Mozilla\FireFox\Profiles\qc8o4bew.default\searchplugins\daemon-search.xml

[2009-03-25 21:25:11 | 00,000,000 | ---D | M] -- C:\Program\mozilla firefox\extensions

[2009-03-31 21:29:51 | 00,000,000 | ---D | M] -- C:\Program\mozilla firefox\extensions\{3A5895BC-4A77-42DE-8B36-CF61E22799BC}

[2009-02-06 17:53:48 | 00,000,000 | ---D | M] -- C:\Program\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2009-01-20 11:25:47 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program\mozilla firefox\components\browserdirprovider.dll

[2009-01-20 11:25:47 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program\mozilla firefox\components\brwsrcmp.dll

[2008-02-25 20:45:26 | 00,001,470 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\allaannonser-sv-SE.xml

[2008-03-08 11:35:22 | 00,001,534 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\creativecommons.xml

[2008-04-16 06:08:20 | 00,001,706 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\google.xml

[2008-02-25 20:45:26 | 00,002,670 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\prisjakt-sv-SE.xml

[2008-02-25 20:45:26 | 00,000,948 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\tyda-sv-SE.xml

[2008-03-29 11:50:28 | 00,001,174 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\wikipedia-sv-SE.xml

[2006-09-15 19:15:52 | 00,000,647 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\yahoo-sv-SE.xml

 

O1 HOSTS File: (750 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 virustotal.com

O1 - Hosts: 127.0.0.1 www.virustotal.com

O1 - Hosts: 127.0.0.1 virustotal

O1 - Hosts: 127.0.0.1 virscan.com

O1 - Hosts: 127.0.0.1 www.virscan.com

O1 - Hosts: 127.0.0.1 virscan

O1 - Hosts: 127.0.0.1 http://virscan.com

O1 - Hosts: 127.0.0.1 virustotal

O1 - Hosts: 127.0.0.1 virscan

O1 - Hosts: 127.0.0.1 http://virusscan.jotti.org/

O1 - Hosts: 127.0.0.1 virusscan.jotti.org/

O1 - Hosts: 127.0.0.1 www.virusscan.jotti.org/

O1 - Hosts: 127.0.0.1 scanner.novirusthanks.org/

O1 - Hosts: 127.0.0.1 http://scanner.novirusthanks.org/

O1 - Hosts: 127.0.0.1 www.scanner.novirusthanks.org/

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program\Delade filer\Symantec Shared\coShared\Browser\1.0\NppBho.dll (Symantec Corporation)

O2 - BHO: (IeCatch5 Class) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program\FlashGet\jccatch.dll (FlashGet)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Windows Live inloggningshjälpen) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program\Google\Google Toolbar\GoogleToolbar.dll ()

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)

O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar.dll ()

O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKLM\..\Toolbar: (Visa Norton-verktygsfältet) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program\Delade filer\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program\FlashGet\fgiebar.dll (Amaze Soft)

O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program\DAEMON Tools Toolbar\DTToolbar.dll ()

O4 - HKLM..\Run: [10320] C:\gvlw.exe ()

O4 - HKCU..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\0DD5A.exe.exe ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\2FB12.exe.exe ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\36D0D.exe.exe ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\ABE51.exe.exe ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\C9BAA.exe.exe ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\E7EA4.exe.exe ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\kill.bat ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\MagicDisc.lnk = C:\Program\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat063446.bat ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat132641.bat ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat132642.bat ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat170542.bat ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat181136.bat ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat193240.bat ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat201033.bat ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat202103.bat ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat205340.bat ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat205703.bat ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat212302.bat ()

O4 - Startup: C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat220748.bat ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0

O9 - Extra Button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program\FlashGet\flashget.exe (FlashGet.com)

O9 - Extra 'Tools' menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program\FlashGet\flashget.exe (FlashGet.com)

O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Daniel\Start-meny\Program\IMVU\Run IMVU.lnk File not found

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\imon.dll (Eset )

O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} http://support.f-secure.com/ols/fscax.cab (F-Secure Online Scanner 3.1)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab'>http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)

O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} http://www.symantec.com/techsupp/activedata/nprdtinf.cab (AxProdInfoCtl Class)

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://by107fd.bay107.hotmail.msn.com/resources/MsnPUpld.cab (MSN Photo Upload Tool)

O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} http://play.battlefield-heroes.com/static/updater/BFHUpdater_4.0.14.0.cab (Battlefield Heroes Updater)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)

O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} http://ares.netgame.com/download/mglaunch_USAv1002.cab (MGLaunch_USAv1001 Class)

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} http://acs.pandasoftware.com/activescan/as5free/asinst.cab (ActiveScan Installer Class)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10)

O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)

O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\Delade filer\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Min aktuella startsida) - About:Home

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]

O32 - Autorun File - D:\Autorun [2008-07-09 15:41:33 | 00,000,000 | ---D | M] - [ NTFS ]

O33 - MountPoints2\{38246010-8b89-11db-80e8-806d6172696f}\Shell - "" = AutoRun

O33 - MountPoints2\{38246010-8b89-11db-80e8-806d6172696f}\Shell\AutoRun\command - "" = D:\setup.exe -- File not found

O33 - MountPoints2\{55a835b6-a8e0-11dc-9014-001617d4e029}\Shell - "" = AutoRun

O33 - MountPoints2\{55a835b6-a8e0-11dc-9014-001617d4e029}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found

O33 - MountPoints2\{b45f0fb3-1977-11de-90da-001617d4e029}\Shell - "" = AutoRun

O33 - MountPoints2\{b45f0fb3-1977-11de-90da-001617d4e029}\Shell\AutoRun\command - "" = H:\Autorun.exe -- File not found

O33 - MountPoints2\{badf9eba-bba2-11db-8f3e-001617d4e029}\Shell - "" = AutoRun

O33 - MountPoints2\{badf9eba-bba2-11db-8f3e-001617d4e029}\Shell\AutoRun\command - "" = F:\Autorun.exe -- File not found

O33 - MountPoints2\{bbac4a06-eefd-11dd-90c3-001617d4e029}\Shell - "" = AutoRun

O33 - MountPoints2\{bbac4a06-eefd-11dd-90c3-001617d4e029}\Shell\autorun\command - "" = F:\LaunchU3.exe -- File not found

O33 - MountPoints2\F\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell\autorun\command - "" = F:\LaunchU3.exe -- File not found

O33 - MountPoints2\H\Shell - "" = AutoRun

O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\startup.exe -- File not found

O34 - HKLM BootExecute: (autocheck msln) - File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[38 C:\*.tmp files]

[16 C:\WINDOWS\System32\*.tmp files]

[8 C:\WINDOWS\*.tmp files]

[2009-04-03 16:40:28 | 00,519,168 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Daniel\Skrivbord\OTListIt2.exe

[2009-04-03 16:10:23 | 00,360,002 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\dds.scr

[2009-04-03 13:44:27 | 00,046,640 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\msln.exe

[2009-04-03 13:26:42 | 00,000,128 | -HS- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat132642.bat

[2009-04-03 13:26:41 | 00,000,128 | -HS- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat132641.bat

[2009-04-02 20:57:56 | 73,349,9392 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\KNOPPIX_V3.6-2004-08-16-EN.iso

[2009-04-02 19:32:40 | 00,000,128 | -HS- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat193240.bat

[2009-04-02 19:23:32 | 00,000,000 | ---D | C] -- C:\Program\thriXXX

[2009-04-02 19:23:29 | 00,000,000 | ---D | C] -- C:\Program\Hentai Quest

[2009-04-02 17:05:42 | 00,000,128 | -HS- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat170542.bat

[2009-04-01 21:23:02 | 00,000,128 | -HS- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat212302.bat

[2009-04-01 21:20:03 | 00,000,000 | ---D | C] -- C:\46ca7fb28900ac36d9cb170b300dad

[2009-04-01 21:02:59 | 00,000,000 | ---D | C] -- C:\4a5313de7c0731580ef3ae

[2009-04-01 20:57:03 | 00,000,128 | -HS- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat205703.bat

[2009-04-01 20:53:40 | 00,000,128 | -HS- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat205340.bat

[2009-04-01 20:51:31 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\ovfsth.sys

[2009-04-01 20:48:25 | 00,137,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\eaglent.sys

[2009-04-01 20:44:27 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\w14427171734.dll

[2009-04-01 20:44:24 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\ffo16901524.dll

[2009-04-01 20:36:57 | 00,000,000 | -H-D | C] -- C:\Program\FX Uninstall Information

[2009-04-01 20:21:03 | 00,000,128 | -HS- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat202103.bat

[2009-04-01 20:10:33 | 00,000,128 | -HS- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat201033.bat

[2009-04-01 18:25:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tages

[2009-04-01 18:22:12 | 00,000,000 | ---D | C] -- C:\2398773bae1af48dcee5e4b1

[2009-04-01 18:21:52 | 10,246,088 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Daniel\Skrivbord\windows-kb890830-v2.8.exe

[2009-04-01 18:11:36 | 00,000,128 | -HS- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat181136.bat

[2009-04-01 18:06:54 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\ffo45209353.dll

[2009-04-01 18:06:49 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\w1649448031.dll

[2009-04-01 18:06:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3361

[2009-04-01 18:02:13 | 00,018,432 | ---- | C] () -- C:\WINDOWS\System32\ovfsthardhsbpsxmoirrfyyewqvfhmvmpfvrlt.dll

[2009-04-01 18:02:12 | 00,429,758 | ---- | C] () -- C:\WINDOWS\System32\ovfsthdoyxjxdqbwulkypujxuwkmwvhkltpkqo.db

[2009-04-01 08:29:05 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\w1294125468.dll

[2009-04-01 06:34:46 | 00,000,128 | -HS- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat063446.bat

[2009-04-01 06:31:38 | 00,097,134 | ---- | C] () -- C:\WINDOWS\System32\drivers\6087391f.sys

[2009-04-01 05:27:46 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\w12746125781.dll

[2009-04-01 05:27:46 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\ffo12617146.dll

[2009-04-01 01:08:05 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\w185135984.dll

[2009-04-01 01:08:02 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\ffo1333902.dll

[2009-03-31 23:40:44 | 00,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll

[2009-03-31 23:40:04 | 00,001,539 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\DAEMON Tools Pro.lnk

[2009-03-31 22:07:48 | 00,000,128 | -HS- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat220748.bat

[2009-03-31 22:07:48 | 00,000,042 | -HS- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\kill.bat

[2009-03-31 22:04:27 | 00,034,816 | ---- | C] () -- C:\gvlw.exe

[2009-03-31 22:04:27 | 00,034,816 | ---- | C] () -- C:\gvlw.ex_

[2009-03-31 21:44:37 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\ffo14379637.dll

[2009-03-31 21:44:36 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\w314436143203.dll

[2009-03-31 21:39:26 | 00,249,856 | -HS- | C] () -- C:\WINDOWS\System32\_itmp_247.exe

[2009-03-31 21:39:13 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\ffo18389382813.dll

[2009-03-31 21:38:03 | 00,000,007 | ---- | C] () -- C:\WINDOWS\_id.dat

[2009-03-31 21:37:59 | 00,000,130 | ---- | C] () -- C:\WINDOWS\adobe.bat

[2009-03-31 21:37:02 | 00,182,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndis.sys

[2009-03-31 21:35:34 | 00,114,158 | ---- | C] () -- C:\WINDOWS\System32\drivers\2650897.sys

[2009-03-31 21:35:24 | 00,046,080 | ---- | C] () -- C:\pnfwaps.exe

[2009-03-31 21:35:02 | 00,000,002 | ---- | C] () -- C:\-856433192

[2009-03-31 21:33:15 | 00,110,592 | -HS- | C] ( ) -- C:\WINDOWS\CA7B4.exe

[2009-03-31 21:31:03 | 00,000,043 | ---- | C] () -- C:\WINDOWS\System32\ovfsthsbgashpqiujndwronbxittshpfujmjmr.dat

[2009-03-31 21:29:51 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ovfsthonsigduqpvmrmqnprwsluxpecmrttxxq.dll

[2009-03-31 21:29:51 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\ovfsthkeydyuunldfscoawhrnsnsifosyapfnn.dll

[2009-03-31 21:29:51 | 00,017,408 | ---- | C] () -- C:\WINDOWS\System32\ovfsthnfnintadvfmjkyrtxrjbcbcsmycktedl.dll

[2009-03-31 21:29:51 | 00,015,914 | ---- | C] () -- C:\WINDOWS\System32\ovfsthbhdcyyqfhrkcwvuqhgasyhwprokqoplj.dat

[2009-03-31 21:25:40 | 00,000,480 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\Jazz Jackrabbit 2.lnk

[2009-03-31 21:25:40 | 00,000,468 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\Jazz Creation Station.lnk

[2009-03-31 21:25:35 | 00,000,000 | ---D | C] -- C:\Jazz2

[2009-03-31 20:08:08 | 17,780,736 | ---- | C] ("Best Way" Corp) -- C:\mow.exe

[2009-03-31 20:08:08 | 16,908,288 | ---- | C] ("Best Way" Corp) -- C:\mow_editor.exe

[2009-03-31 19:57:03 | 00,000,505 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\Men of War.lnk

[2009-03-31 19:54:22 | 00,000,000 | --SD | C] -- C:\Men of War

[2009-03-30 21:17:26 | 00,098,304 | -HS- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\E7EA4.exe.exe

[2009-03-30 21:17:26 | 00,098,304 | -HS- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\C9BAA.exe.exe

[2009-03-30 21:17:26 | 00,098,304 | -HS- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\2FB12.exe.exe

[2009-03-30 21:17:26 | 00,098,304 | -HS- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\0DD5A.exe.exe

[2009-03-30 21:17:26 | 00,098,304 | ---- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\ABE51.exe.exe

[2009-03-30 21:17:26 | 00,098,304 | ---- | C] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\36D0D.exe.exe

[2009-03-30 17:40:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Mina dokument\gothic3

[2009-03-30 17:36:16 | 02,648,064 | ---- | C] (Pluto 13 GmbH) -- C:\Gothic3.exe

[2009-03-30 17:26:08 | 00,627,401 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\GOTHIC3.vc6

[2009-03-30 17:26:08 | 00,001,579 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\abra.nfo

[2009-03-30 17:21:53 | 00,264,431 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\rzr-gctr.zip

[2009-03-30 17:18:52 | 00,001,423 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Launch Gothic III.lnk

[2009-03-30 17:08:55 | 00,000,000 | ---D | C] -- C:\Gothic III

[2009-03-29 21:29:19 | 00,001,449 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\MegaTrainer XL.lnk

[2009-03-29 21:29:19 | 00,001,416 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\MTXL-Guide.lnk

[2009-03-29 21:29:19 | 00,001,382 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\MTXL-Information.lnk

[2009-03-29 21:29:18 | 00,000,000 | ---D | C] -- C:\MegaTrainer XL

[2009-03-29 21:16:08 | 00,000,506 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\Spotify.lnk

[2009-03-29 21:16:07 | 00,000,000 | ---D | C] -- C:\Spotify

[2009-03-29 21:15:37 | 02,629,248 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\Spotify Installer.exe

[2009-03-29 20:54:15 | 00,000,721 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Oblivion.lnk

[2009-03-29 19:45:18 | 00,001,446 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Rome - Total War - Alexander add-on.lnk

[2009-03-29 19:38:34 | 10,079,876 | ---- | C] (The Creative Assembly Ltd) -- C:\RomeTW.exe

[2009-03-29 19:36:44 | 00,000,222 | ---- | C] () -- C:\WINDOWS\RomeTW.ini

[2009-03-27 20:08:26 | 59,227,935 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\rome_total_war_patch_1-6.zip

[2009-03-27 19:48:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Skrivbord\rome_total_war_patch_1-5

[2009-03-27 19:47:54 | 28,829,892 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\rome_total_war_patch_1-5.zip

[2009-03-27 19:18:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Skrivbord\rome_totalwar_patch_1-3

[2009-03-27 18:36:10 | 10,652,5099 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\rome_totalwar_patch_1-3.zip

[2009-03-25 21:39:33 | 00,000,000 | ---D | C] -- C:\DAEMON Tools Pro

[2009-03-25 21:31:47 | 00,000,000 | ---D | C] -- C:\Program\DAEMON Tools Pro

[2009-03-25 21:31:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

[2009-03-25 21:26:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Application Data\DAEMON Tools Pro

[2009-03-25 21:26:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Application Data\DAEMON Tools

[2009-03-25 21:25:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite

[2009-03-25 21:25:08 | 00,000,000 | ---D | C] -- C:\Program\DAEMON Tools Toolbar

[2009-03-25 21:24:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Application Data\DAEMON Tools Lite

[2009-03-25 21:07:25 | 00,000,000 | ---D | C] -- C:\Alcohol 120

[2009-03-25 20:53:11 | 00,034,944 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\A.C.I.D_v1.0.8111.rar

[2009-03-25 20:48:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\8AAB4176A747493AA42CB63CFADFD8E3.TMP

[2009-03-25 20:20:20 | 00,002,146 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\NS-WNTD_SR-poseden.rar

[2009-03-25 20:20:20 | 00,001,368 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\NS-WNTD_SR-poseden.nfo

[2009-03-25 20:13:25 | 00,000,408 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\Wanted_Cheat_Codes.rar

[2009-03-25 08:32:59 | 04,074,400 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\Call on me.mp3

[2009-03-24 23:39:56 | 06,503,761 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\battlefield-heroes-theme.mp3

[2009-03-24 23:39:25 | 03,868,110 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\battlefield-heroes-intro.mp3

[2009-03-22 11:00:04 | 00,000,526 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\nwn2.lnk

[2009-03-22 09:33:28 | 00,414,606 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\rzr-drakensang.zip

[2009-03-21 19:53:52 | 00,000,000 | ---D | C] -- C:\Neverwinter Nights 2

[2009-03-21 19:52:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Lokala inställningar\Application Data\NWN2 Toolset

[2009-03-21 19:49:59 | 00,011,239 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\asx-nwn2soz.nfo

[2009-03-21 19:49:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Skrivbord\For_nwn2main_amdxp

[2009-03-21 19:49:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Skrivbord\For_nwn2main

[2009-03-20 22:40:34 | 00,000,606 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Neverwinter Nights 2 storm of zehir.lnk

[2009-03-20 22:18:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Mina dokument\Neverwinter Nights 2

[2009-03-20 21:59:50 | 00,000,637 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\pwz.nfo

[2009-03-20 21:59:44 | 00,094,208 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\pwz-nwn7.exe

[2009-03-20 18:27:37 | 00,001,514 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\Eternal Silence.lnk

[2009-03-20 15:06:06 | 00,000,848 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\DOW2 cheat.lnk

[2009-03-20 14:43:58 | 03,587,805 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\Rammstein Sehnsucht krussidull.mp3

[2009-03-20 14:31:55 | 02,900,712 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\Rammstein Sehnsucht fast.mp3

[2009-03-20 14:10:05 | 01,961,108 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\Rammstein Sehnsucht.mp3

[2009-03-20 13:49:50 | 00,034,304 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\cm-ff8tr.exe

[2009-03-20 07:08:02 | 02,603,930 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\snoop dogg feat the doors - riders on the storm,Carros sonho.mp3

[2009-03-20 06:47:39 | 00,011,701 | -HS- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\AlbumArt_{D7832926-9A1E-4F70-A1FF-060A498E1CCF}_Large.jpg

[2009-03-20 06:47:39 | 00,003,056 | -HS- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\AlbumArt_{D7832926-9A1E-4F70-A1FF-060A498E1CCF}_Small.jpg

[2009-03-19 22:47:01 | 00,190,463 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\040722_Hmm.jpg

[2009-03-19 21:35:35 | 07,421,875 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\Film Alpha.wmv

[2009-03-19 20:31:36 | 01,941,302 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\Coldplay - Viva La Vida.mp3

[2009-03-19 07:31:24 | 12,214,176 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\WoW-3.0.8.9506-to-3.0.9.9551-enGB-patch.exe

[2009-03-19 07:26:00 | 58,667,407 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\3.0.3.9183-to-3.0.8.9464-enGB-patch.zip

[2009-03-18 20:37:56 | 06,352,680 | ---- | C] () -- C:\WINDOWS\System32\xa17385500.exe

[2009-03-18 20:37:54 | 06,352,680 | ---- | C] () -- C:\WINDOWS\System32\xa17383546.exe

[2009-03-18 20:37:34 | 06,352,680 | ---- | C] () -- C:\WINDOWS\System32\xa17363265.exe

[2009-03-18 20:37:34 | 06,352,680 | ---- | C] () -- C:\WINDOWS\System32\xa17362812.exe

[2009-03-18 19:16:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Application Data\The Creative Assembly

[2009-03-18 19:11:14 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll

[2009-03-18 19:11:14 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll

[2009-03-18 19:11:13 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll

[2009-03-18 19:11:12 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll

[2009-03-18 19:11:12 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll

[2009-03-18 19:11:12 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll

[2009-03-18 19:11:11 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll

[2009-03-18 19:05:32 | 78,701,330 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\Viewpoint

[2009-03-18 18:52:10 | 00,002,440 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\Ny(tt) OpenDocument-text.odt

[2009-03-18 18:39:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Skrivbord\New music

[2009-03-18 17:28:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Mina dokument\Battlefield Heroes

[2009-03-18 17:19:03 | 00,037,769 | ---- | C] () -- C:\Documents and Settings\Daniel\Skrivbord\Empire_Total_War_Special_Forces_Edition-Razor1911.torrent

[2009-03-18 16:26:30 | 00,000,000 | ---D | C] -- C:\Program\Microsoft SQL Server Compact Edition

[2009-03-18 16:24:59 | 00,000,000 | ---D | C] -- C:\Program\Microsoft

[2009-03-18 16:24:39 | 00,000,000 | ---D | C] -- C:\Program\Windows Live SkyDrive

[2009-03-18 16:18:38 | 00,000,000 | ---D | C] -- C:\Program\Delade filer\Windows Live

 

========== Files - Modified Within 30 Days ==========

 

[38 C:\*.tmp files]

[16 C:\WINDOWS\System32\*.tmp files]

[8 C:\WINDOWS\*.tmp files]

[2009-04-03 16:42:56 | 00,114,158 | ---- | M] () -- C:\WINDOWS\System32\drivers\2650897.sys

[2009-04-03 16:42:56 | 00,097,134 | ---- | M] () -- C:\WINDOWS\System32\drivers\6087391f.sys

[2009-04-03 16:42:30 | 00,182,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndis.sys

[2009-04-03 16:40:02 | 00,519,168 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Daniel\Skrivbord\OTListIt2.exe

[2009-04-03 16:10:23 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2009-04-03 16:07:22 | 00,360,002 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\dds.scr

[2009-04-03 15:34:01 | 00,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2009-04-03 13:44:28 | 00,046,640 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\msln.exe

[2009-04-03 13:26:42 | 00,000,128 | -HS- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat132642.bat

[2009-04-03 13:26:42 | 00,000,128 | -HS- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat132641.bat

[2009-04-03 13:23:05 | 00,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009-04-03 13:21:19 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2009-04-03 13:21:13 | 00,055,160 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap

[2009-04-02 20:42:56 | 73,349,9392 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\KNOPPIX_V3.6-2004-08-16-EN.iso

[2009-04-02 19:32:40 | 00,000,128 | -HS- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat193240.bat

[2009-04-02 19:07:02 | 06,291,456 | -H-- | M] () -- C:\Documents and Settings\Daniel\Lokala inställningar\Application Data\IconCache.db

[2009-04-02 17:21:21 | 00,000,294 | RHS- | M] () -- C:\boot.ini

[2009-04-02 17:05:42 | 00,000,128 | -HS- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat170542.bat

[2009-04-02 17:02:05 | 00,000,130 | ---- | M] () -- C:\WINDOWS\adobe.bat

[2009-04-02 16:58:53 | 00,034,816 | ---- | M] () -- C:\gvlw.exe

[2009-04-01 21:23:02 | 00,000,128 | -HS- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat212302.bat

[2009-04-01 20:57:03 | 00,000,128 | -HS- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat205703.bat

[2009-04-01 20:53:40 | 00,000,128 | -HS- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat205340.bat

[2009-04-01 20:51:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\ovfsth.sys

[2009-04-01 20:50:02 | 00,110,592 | -HS- | M] ( ) -- C:\WINDOWS\CA7B4.exe

[2009-04-01 20:48:25 | 00,137,344 | ---- | M] () -- C:\WINDOWS\System32\drivers\eaglent.sys

[2009-04-01 20:44:27 | 00,081,920 | ---- | M] () -- C:\WINDOWS\System32\w14427171734.dll

[2009-04-01 20:44:24 | 00,065,536 | ---- | M] () -- C:\WINDOWS\System32\ffo16901524.dll

[2009-04-01 20:44:20 | 00,069,632 | ---- | M] () -- C:\WINDOWS\System32\mdm32.exe

[2009-04-01 20:44:15 | 00,015,914 | ---- | M] () -- C:\WINDOWS\System32\ovfsthbhdcyyqfhrkcwvuqhgasyhwprokqoplj.dat

[2009-04-01 20:44:14 | 00,000,043 | ---- | M] () -- C:\WINDOWS\System32\ovfsthsbgashpqiujndwronbxittshpfujmjmr.dat

[2009-04-01 20:43:58 | 00,034,816 | ---- | M] () -- C:\gvlw.ex_

[2009-04-01 20:21:03 | 00,000,128 | -HS- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat202103.bat

[2009-04-01 20:17:57 | 00,046,080 | ---- | M] () -- C:\pnfwaps.exe

[2009-04-01 20:17:56 | 00,000,002 | ---- | M] () -- C:\-856433192

[2009-04-01 20:10:33 | 00,000,128 | -HS- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat201033.bat

[2009-04-01 20:04:35 | 00,000,023 | ---- | M] () -- C:\WINDOWS\BlendSettings.ini

[2009-04-01 18:22:06 | 10,246,088 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Daniel\Skrivbord\windows-kb890830-v2.8.exe

[2009-04-01 18:11:36 | 00,000,128 | -HS- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat181136.bat

[2009-04-01 18:06:54 | 00,065,536 | ---- | M] () -- C:\WINDOWS\System32\ffo45209353.dll

[2009-04-01 18:06:49 | 00,081,920 | ---- | M] () -- C:\WINDOWS\System32\w1649448031.dll

[2009-04-01 18:02:13 | 00,429,758 | ---- | M] () -- C:\WINDOWS\System32\ovfsthdoyxjxdqbwulkypujxuwkmwvhkltpkqo.db

[2009-04-01 18:02:13 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\ovfsthardhsbpsxmoirrfyyewqvfhmvmpfvrlt.dll

[2009-04-01 08:29:05 | 00,081,920 | ---- | M] () -- C:\WINDOWS\System32\w1294125468.dll

[2009-04-01 06:34:46 | 00,000,128 | -HS- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat063446.bat

[2009-04-01 05:27:46 | 00,081,920 | ---- | M] () -- C:\WINDOWS\System32\w12746125781.dll

[2009-04-01 05:27:46 | 00,065,536 | ---- | M] () -- C:\WINDOWS\System32\ffo12617146.dll

[2009-04-01 01:20:30 | 00,000,007 | ---- | M] () -- C:\WINDOWS\_id.dat

[2009-04-01 01:08:05 | 00,081,920 | ---- | M] () -- C:\WINDOWS\System32\w185135984.dll

[2009-04-01 01:08:02 | 00,065,536 | ---- | M] () -- C:\WINDOWS\System32\ffo1333902.dll

[2009-03-31 23:40:50 | 00,009,728 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll

[2009-03-31 23:40:04 | 00,001,539 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\DAEMON Tools Pro.lnk

[2009-03-31 22:07:48 | 00,000,128 | -HS- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\mel.bat220748.bat

[2009-03-31 22:07:48 | 00,000,042 | -HS- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\kill.bat

[2009-03-31 21:44:37 | 00,065,536 | ---- | M] () -- C:\WINDOWS\System32\ffo14379637.dll

[2009-03-31 21:44:36 | 00,081,920 | ---- | M] () -- C:\WINDOWS\System32\w314436143203.dll

[2009-03-31 21:39:32 | 00,249,856 | -HS- | M] () -- C:\WINDOWS\System32\_itmp_247.exe

[2009-03-31 21:39:13 | 00,065,536 | ---- | M] () -- C:\WINDOWS\System32\ffo18389382813.dll

[2009-03-31 21:29:51 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ovfsthonsigduqpvmrmqnprwsluxpecmrttxxq.dll

[2009-03-31 21:29:51 | 00,019,968 | ---- | M] () -- C:\WINDOWS\System32\ovfsthkeydyuunldfscoawhrnsnsifosyapfnn.dll

[2009-03-31 21:29:51 | 00,017,408 | ---- | M] () -- C:\WINDOWS\System32\ovfsthnfnintadvfmjkyrtxrjbcbcsmycktedl.dll

[2009-03-31 21:25:40 | 00,000,480 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\Jazz Jackrabbit 2.lnk

[2009-03-31 21:25:40 | 00,000,468 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\Jazz Creation Station.lnk

[2009-03-31 19:57:03 | 00,000,505 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\Men of War.lnk

[2009-03-30 21:17:26 | 00,098,304 | -HS- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\E7EA4.exe.exe

[2009-03-30 21:17:26 | 00,098,304 | -HS- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\C9BAA.exe.exe

[2009-03-30 21:17:26 | 00,098,304 | -HS- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\2FB12.exe.exe

[2009-03-30 21:17:26 | 00,098,304 | -HS- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\0DD5A.exe.exe

[2009-03-30 21:17:26 | 00,098,304 | ---- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\ABE51.exe.exe

[2009-03-30 21:17:26 | 00,098,304 | ---- | M] () -- C:\Documents and Settings\Daniel\Start-meny\Program\Autostart\36D0D.exe.exe

[2009-03-30 20:09:36 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2009-03-30 20:04:59 | 00,187,392 | ---- | M] () -- C:\Documents and Settings\Daniel\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-03-30 17:21:54 | 00,264,431 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\rzr-gctr.zip

[2009-03-30 17:18:52 | 00,001,423 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Launch Gothic III.lnk

[2009-03-29 21:29:19 | 00,001,449 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\MegaTrainer XL.lnk

[2009-03-29 21:29:19 | 00,001,416 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\MTXL-Guide.lnk

[2009-03-29 21:29:19 | 00,001,382 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\MTXL-Information.lnk

[2009-03-29 21:16:08 | 00,000,506 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\Spotify.lnk

[2009-03-29 21:15:42 | 02,629,248 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\Spotify Installer.exe

[2009-03-29 20:54:15 | 00,000,721 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Oblivion.lnk

[2009-03-29 19:48:12 | 10,652,5099 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\rome_totalwar_patch_1-3.zip

[2009-03-29 19:45:18 | 00,001,446 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Rome - Total War - Alexander add-on.lnk

[2009-03-29 19:36:44 | 00,000,222 | ---- | M] () -- C:\WINDOWS\RomeTW.ini

[2009-03-29 19:04:57 | 59,227,935 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\rome_total_war_patch_1-6.zip

[2009-03-29 19:03:31 | 28,829,892 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\rome_total_war_patch_1-5.zip

[2009-03-29 18:41:45 | 01,053,358 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2009-03-29 18:41:45 | 00,445,080 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat

[2009-03-29 18:41:45 | 00,441,994 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2009-03-29 18:41:45 | 00,084,108 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat

[2009-03-29 18:41:45 | 00,072,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2009-03-29 18:35:20 | 01,441,688 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2009-03-28 12:53:53 | 00,000,576 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Sök igenom datorn - Daniel.job

[2009-03-27 17:57:39 | 00,028,600 | ---- | M] () -- C:\Documents and Settings\Daniel\Lokala inställningar\Application Data\GDIPFONTCACHEV1.DAT

[2009-03-25 20:53:12 | 00,034,944 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\A.C.I.D_v1.0.8111.rar

[2009-03-25 20:13:51 | 00,000,408 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\Wanted_Cheat_Codes.rar

[2009-03-25 19:53:31 | 00,001,368 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\NS-WNTD_SR-poseden.nfo

[2009-03-25 19:49:02 | 00,002,146 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\NS-WNTD_SR-poseden.rar

[2009-03-25 08:33:09 | 04,074,400 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\Call on me.mp3

[2009-03-24 23:54:21 | 03,868,110 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\battlefield-heroes-intro.mp3

[2009-03-24 23:47:07 | 06,503,761 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\battlefield-heroes-theme.mp3

[2009-03-22 11:01:22 | 00,000,606 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Neverwinter Nights 2 storm of zehir.lnk

[2009-03-22 11:00:04 | 00,000,526 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\nwn2.lnk

[2009-03-22 09:33:28 | 00,414,606 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\rzr-drakensang.zip

[2009-03-22 02:52:50 | 01,961,108 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\Rammstein Sehnsucht.mp3

[2009-03-21 11:39:13 | 02,603,930 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\snoop dogg feat the doors - riders on the storm,Carros sonho.mp3

[2009-03-20 18:27:37 | 00,001,514 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\Eternal Silence.lnk

[2009-03-20 15:06:22 | 00,000,848 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\DOW2 cheat.lnk

[2009-03-20 14:59:09 | 03,587,805 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\Rammstein Sehnsucht krussidull.mp3

[2009-03-20 14:32:14 | 02,900,712 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\Rammstein Sehnsucht fast.mp3

[2009-03-20 06:48:09 | 01,941,302 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\Coldplay - Viva La Vida.mp3

[2009-03-20 06:47:39 | 00,011,701 | -HS- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\Folder.jpg

[2009-03-20 06:47:39 | 00,011,701 | -HS- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\AlbumArt_{D7832926-9A1E-4F70-A1FF-060A498E1CCF}_Large.jpg

[2009-03-20 06:47:39 | 00,000,365 | -HS- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\desktop.ini

[2009-03-20 06:47:38 | 00,003,056 | -HS- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\AlbumArtSmall.jpg

[2009-03-20 06:47:38 | 00,003,056 | -HS- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\AlbumArt_{D7832926-9A1E-4F70-A1FF-060A498E1CCF}_Small.jpg

[2009-03-19 22:46:55 | 00,190,463 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\040722_Hmm.jpg

[2009-03-19 21:35:52 | 07,421,875 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\Film Alpha.wmv

[2009-03-19 07:33:01 | 12,214,176 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\WoW-3.0.8.9506-to-3.0.9.9551-enGB-patch.exe

[2009-03-19 07:26:15 | 58,667,407 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\3.0.3.9183-to-3.0.8.9464-enGB-patch.zip

[2009-03-18 20:37:56 | 06,352,680 | ---- | M] () -- C:\WINDOWS\System32\xa17385500.exe

[2009-03-18 20:37:56 | 06,352,680 | ---- | M] () -- C:\WINDOWS\System32\xa17383546.exe

[2009-03-18 20:37:34 | 06,352,680 | ---- | M] () -- C:\WINDOWS\System32\xa17363265.exe

[2009-03-18 20:37:34 | 06,352,680 | ---- | M] () -- C:\WINDOWS\System32\xa17362812.exe

[2009-03-18 20:26:38 | 78,701,330 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\Viewpoint

[2009-03-18 18:52:10 | 00,002,440 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\Ny(tt) OpenDocument-text.odt

[2009-03-18 17:19:05 | 00,037,769 | ---- | M] () -- C:\Documents and Settings\Daniel\Skrivbord\Empire_Total_War_Special_Forces_Edition-Razor1911.torrent

[2009-03-18 16:25:59 | 00,000,934 | ---- | M] () -- C:\Documents and Settings\Daniel\Mina dokument\Mina delade mappar.lnk

 

========== LOP Check ==========

 

[2009-04-01 18:25:48 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data

[2008-10-17 13:33:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy

[2008-07-09 13:18:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Activision

[2009-02-04 23:49:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe

[2008-08-16 14:55:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems

[2007-02-28 21:01:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3

[2007-10-17 16:23:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3 YPack Trial

[2006-12-14 17:28:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead

[2008-01-28 23:59:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple

[2008-02-08 17:07:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer

[2008-10-27 08:02:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATI

[2008-04-22 21:57:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU

[2008-12-01 08:40:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard

[2009-03-25 21:25:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite

[2009-03-25 21:31:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

[2008-07-10 09:33:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink

[2007-10-20 11:33:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Firefly Studios

[2008-04-07 19:59:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet

[2008-04-13 22:56:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games

[2008-07-02 23:20:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Frozen Codebase LLC

[2009-02-17 19:52:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google

[2009-01-11 19:37:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\id Software

[2007-06-06 22:05:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield

[2008-11-11 16:43:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Isotx

[2007-06-27 20:12:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macromedia

[2009-02-06 18:02:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2009-03-18 16:24:45 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft

[2008-06-17 00:09:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo

[2009-01-06 12:59:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies

[2008-09-01 19:13:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS

[2007-12-02 19:31:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Outspark

[2008-03-06 19:01:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Protexis

[2008-11-11 21:06:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Raize

[2007-12-21 16:02:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype

[2009-02-02 23:16:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony

[2008-08-13 22:23:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec

[2009-04-01 18:27:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tages

[2009-02-23 00:02:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2008-05-14 17:49:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia

[2005-02-25 15:20:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft

[2005-02-24 21:58:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\wanted

[2007-05-23 23:16:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

[2008-03-07 17:20:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller

[2005-02-25 16:30:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data

[2007-05-27 22:38:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\.BitTornado

[2007-05-23 23:22:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\{FBDA53F5-763E-4114-A576-612E9769C133}

[2008-01-06 19:46:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\3DFA

[2008-07-09 13:18:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Activision

[2008-08-16 15:28:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Adobe

[2007-08-28 20:52:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\AdobeUM

[2007-05-10 00:25:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Ahead

[2008-01-31 22:15:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Apple Computer

[2008-04-20 19:48:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\ATI

[2008-04-22 21:57:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\AVSMedia

[2009-04-01 01:04:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Azureus

[2007-08-04 14:50:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\bang

[2007-09-13 22:12:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Bioshock

[2008-03-14 16:54:58 | 00,000,000 | R--D | M] -- C:\Documents and Settings\Daniel\Application Data\Brother

[2007-08-19 21:14:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Command & Conquer 3 Tiberium Wars

[2007-03-01 21:11:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Command & Conquer 3 Tiberium Wars Demo

[2008-04-08 16:45:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Creative

[2007-08-05 07:12:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\CrystalApp

[2007-08-05 07:12:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\CrystalSpace

[2009-03-31 23:42:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\DAEMON Tools

[2009-03-25 21:24:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\DAEMON Tools Lite

[2009-03-31 23:41:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\DAEMON Tools Pro

[2008-07-07 13:12:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Disney Interactive Studios

[2008-04-29 20:38:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Dreamlords

[2007-06-19 21:03:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Eidos

[2008-04-13 22:56:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Flood Light Games

[2007-11-27 17:12:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\fretsonfire

[2007-06-10 17:23:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Gearbox Software

[2007-09-14 16:35:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\GetRightToGo

[2007-06-11 22:41:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Google

[2009-01-16 19:37:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Hamachi

[2007-01-08 20:47:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Help

[2007-10-26 13:36:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\ICAClient

[2009-01-11 20:11:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\id Software

[2006-12-14 16:47:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Identities

[2008-05-05 18:50:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\IGN_DLM

[2007-05-02 18:52:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\IMVU

[2007-05-11 13:36:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\InstallShield

[2009-02-02 10:34:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\InstallShield Installation Information

[2007-11-02 21:05:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Leadertech

[2008-09-01 20:44:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\LEGO Company

[2009-01-04 19:07:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Lionhead Studios

[2008-04-07 20:02:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Macromedia

[2009-02-06 18:02:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Malwarebytes

[2005-02-25 13:48:25 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Daniel\Application Data\Microsoft

[2007-12-20 19:35:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Microsoft Games

[2008-04-08 16:01:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Mina Ringarnas herre™ - Häxkungens tid™-filer

[2007-09-18 19:21:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\mIRC

[2008-04-06 12:13:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Mount&Blade

[2009-02-06 17:54:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Mozilla

[2009-01-06 23:01:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\muvee Technologies

[2007-04-11 20:06:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\My Battle for Middle-earth Files

[2008-06-06 09:22:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\My Games

[2009-03-18 18:53:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\OpenOffice.org2

[2009-04-01 07:29:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Petroglyph

[2008-05-28 19:06:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\PlaneShift

[2008-11-06 22:26:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Red Alert 3

[2008-11-10 19:58:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\SecondLife

[2006-12-26 16:53:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\SecuROM

[2008-02-28 18:07:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\SEGA

[2007-05-23 23:22:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Seven Zip

[2008-12-05 14:42:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Sierra Entertainment

[2008-06-06 09:34:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Skype

[2008-05-30 14:58:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Soldat

[2008-06-07 23:18:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\SoundSpectrum

[2008-09-08 19:46:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\SPORE

[2009-04-01 19:20:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Spotify

[2007-02-09 13:33:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Sun

[2008-10-12 19:03:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\teamspeak2

[2009-03-23 21:40:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\The Creative Assembly

[2009-02-06 17:53:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\U3

[2007-06-19 13:19:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\ubi.com

[2005-02-25 16:30:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Ubisoft

[2009-01-13 20:18:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\UFOAI

[2009-03-18 17:27:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\uTorrent

[2008-03-06 13:31:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\WeGame

[2008-06-10 11:12:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Ventrilo

[2007-02-02 16:20:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\WinRAR

[2008-01-23 17:34:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\vlc

[2008-04-30 23:59:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Wormux

[2006-12-30 12:12:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Xfire

[2009-04-03 15:34:01 | 00,000,272 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

[2004-08-04 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini

[2009-03-28 12:53:53 | 00,000,576 | ---- | M] () -- C:\WINDOWS\Tasks\Norton Internet Security - Sök igenom datorn - Daniel.job

[2009-04-03 16:10:23 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

 

========== Purity Check ==========

 

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:322EAACD

@Alternate Data Stream - 523 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF

@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7F4E393D

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2E224648

@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6B6F397B

< End of report >

[/log]

 

Och

Extras:

 

[log]

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 1

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List

"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"3857:TCP" = 3857:TCP:*:Enabled:Akamai NetSession Interface

"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

"3712:TCP" = 3712:TCP:*:Enabled:Akamai NetSession Interface

"2277:TCP" = 2277:TCP:*:Enabled:Akamai NetSession Interface

"3997:TCP" = 3997:TCP:*:Enabled:Akamai NetSession Interface

"4552:TCP" = 4552:TCP:*:Enabled:Akamai NetSession Interface

"1070:TCP" = 1070:TCP:*:Enabled:Akamai NetSession Interface

"1177:TCP" = 1177:TCP:*:Enabled:Akamai NetSession Interface

"3236:TCP" = 3236:TCP:*:Enabled:Akamai NetSession Interface

"2888:TCP" = 2888:TCP:*:Enabled:Akamai NetSession Interface

"1032:TCP" = 1032:TCP:*:Enabled:Akamai NetSession Interface

"4323:TCP" = 4323:TCP:*:Enabled:Akamai NetSession Interface

"3317:TCP" = 3317:TCP:*:Enabled:Akamai NetSession Interface

"3342:TCP" = 3342:TCP:*:Enabled:Akamai NetSession Interface

"1166:TCP" = 1166:TCP:*:Enabled:Akamai NetSession Interface

"4862:TCP" = 4862:TCP:*:Enabled:Akamai NetSession Interface

"1074:TCP" = 1074:TCP:*:Enabled:Akamai NetSession Interface

"1237:TCP" = 1237:TCP:*:Enabled:Akamai NetSession Interface

"3411:TCP" = 3411:TCP:*:Enabled:Akamai NetSession Interface

"4581:TCP" = 4581:TCP:*:Enabled:Akamai NetSession Interface

"1409:TCP" = 1409:TCP:*:Enabled:Akamai NetSession Interface

"4305:TCP" = 4305:TCP:*:Enabled:Akamai NetSession Interface

"3233:TCP" = 3233:TCP:*:Enabled:Akamai NetSession Interface

"2211:TCP" = 2211:TCP:*:Enabled:Akamai NetSession Interface

"4217:TCP" = 4217:TCP:*:Enabled:Akamai NetSession Interface

"4427:TCP" = 4427:TCP:*:Enabled:Akamai NetSession Interface

"2007:TCP" = 2007:TCP:*:Enabled:Akamai NetSession Interface

"4145:TCP" = 4145:TCP:*:Enabled:Akamai NetSession Interface

"4303:TCP" = 4303:TCP:*:Enabled:Akamai NetSession Interface

"1562:TCP" = 1562:TCP:*:Enabled:Akamai NetSession Interface

"2700:TCP" = 2700:TCP:*:Enabled:Akamai NetSession Interface

"2357:TCP" = 2357:TCP:*:Enabled:Akamai NetSession Interface

"3618:TCP" = 3618:TCP:*:Enabled:Akamai NetSession Interface

"2827:TCP" = 2827:TCP:*:Enabled:Akamai NetSession Interface

"3208:TCP" = 3208:TCP:*:Enabled:Akamai NetSession Interface

"4316:TCP" = 4316:TCP:*:Enabled:Akamai NetSession Interface

"1564:TCP" = 1564:TCP:*:Enabled:Akamai NetSession Interface

"1699:TCP" = 1699:TCP:*:Enabled:Akamai NetSession Interface

"2573:TCP" = 2573:TCP:*:Enabled:Akamai NetSession Interface

"2317:TCP" = 2317:TCP:*:Enabled:Akamai NetSession Interface

"3779:TCP" = 3779:TCP:*:Enabled:Akamai NetSession Interface

"4953:TCP" = 4953:TCP:*:Enabled:Akamai NetSession Interface

"4969:TCP" = 4969:TCP:*:Enabled:Akamai NetSession Interface

"1792:TCP" = 1792:TCP:*:Enabled:Akamai NetSession Interface

"3111:TCP" = 3111:TCP:*:Enabled:Akamai NetSession Interface

"1268:TCP" = 1268:TCP:*:Enabled:Akamai NetSession Interface

"3150:TCP" = 3150:TCP:*:Enabled:Akamai NetSession Interface

"1346:TCP" = 1346:TCP:*:Enabled:Akamai NetSession Interface

"2668:TCP" = 2668:TCP:*:Enabled:Akamai NetSession Interface

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

C:\Program\Minions of Mirth\bin\MinionsOfMirth.exe:*:Enabled:MinionsOfMirth File not found

D:\Minions of Mirth\bin\MinionsOfMirth.exe:*:Enabled:MinionsOfMirth ()

C:\Program\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync (Microsoft Corporation)

C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)

C:\Program\Windows Media Player\wmplayer_up.exe:*:Enabled:Windows Media Player Update ()

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

D:\Minions of Mirth\bin\MinionsOfMirth.exe:*:Enabled:MinionsOfMirth ()

C:\Program\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Computer, Inc.)

C:\Spotify\spotify.exe:*:Enabled:Spotify (Spotify AB)

D:\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701 (Related Designs Software GmbH)

C:\Program\Steam\steamapps\common\oddworld abes exoddus demo\Exoddus.exe:*:Enabled:Oddworld: Abe's Exoddus Demo (Oddworld Inhabitants, Inc.)

C:\Program\Steam\steamapps\common\oddworld abes oddysee demo\AbeDemo.exe:*:Enabled:Oddworld: Abe's Oddysee Demo (Oddworld Inhabitants, Inc.)

C:\Program\Steam\steamapps\common\empire total war demo\Empire.exe:*:Enabled:Empire: Total War Demo (The Creative Assembly Ltd)

C:\Program\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync (Microsoft Corporation)

C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)

C:\Program\utorrent\utorrent.exe:*:Enabled:µTorrent (BitTorrent, Inc.)

C:\Program\Steam\steamapps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead ()

D:\Neverwinter Nights 2\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main (Obsidian Entertainment, Inc.)

D:\Neverwinter Nights 2\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD (Obsidian Entertainment, Inc.)

D:\Neverwinter Nights 2\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater (Obsidian Entertainment, Inc.)

D:\Neverwinter Nights 2\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server (Obsidian Entertainment, Inc.)

C:\Tom Clancy's EndWar\Binaries\EndWar.exe:*:Enabled:Tom Clancy's EndWar File not found

C:\Tom Clancy's EndWar\Tom Clancy's EndWar Launcher.exe:*:Enabled:Tom Clancy's EndWar Launcher File not found

D:\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X File not found

D:\Tom Clancy's H.A.W.X\HAWX_dx10.exe:*:Enabled:Tom Clancy's H.A.W.X File not found

D:\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9 (Ubisoft)

D:\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10 (Ubisoft)

D:\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update (Ubisoft)

C:\Program\Windows Media Player\wmplayer_up.exe:*:Enabled:Windows Media Player Update ()

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser

"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3

"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III

"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2

"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3

"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center

"{0691B876-15B2-451B-AEA4-5653E40899C4}" = Windows Presentation Foundation Language Pack (SVE)

"{08AB56DB-F5B6-4477-A2FD-38398F06C378}" = Microsoft .NET Framework 3.0 Swedish Language Pack

"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting

"{0A61A86F-283F-4058-8D1E-112DB755E3F0}" = ModToaster

"{0B72CE26-FD54-4AC9-9CF0-1D0FD5C39D75}" = GameSpy Comrade

"{0D37123D-F2EC-4540-AD28-3EB9BA6BE038}" = SymNet

"{0E93710D-31E5-477C-8A4B-5032B484BE74}" = Windows Live inloggningsassistenten

"{10209B87-55D6-493E-A30A-12A265AA324E}" = TQ Defiler

"{103B6835-DCA0-413F-A99E-ECAD6622726E}" = Aliens versus Predator 2: Primal Hunt

"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up

"{1246FF64-3035-4A92-8FE6-A968275495EB}" = Sony Vegas Pro 8.0

"{137D91E1-2347-4EAC-BB0B-CC06C6B92A52}_is1" = Men of War (Remove Only)

"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0

"{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4

"{17014473-0098-4DF0-827D-7D582697C78C}" = Microsoft .NET Framework 2.0 Language Pack - SVE

"{183E23A5-4A42-497E-A573-B7102096F108}" = 5.56mm Full Metal Jacket (v0.95)

"{1998BD34-1AAB-4169-ACFF-67342E2AF9B4}" = Gothic III Release Update

"{20533183-D42D-4261-A125-956736FBEA8C}" = Dawn of War - Soulstorm

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{222E9214-74B7-49AB-B6D0-4CCA7744CDE3}" = The Guild II

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{22F358CE-610B-A033-0D36-4FADA6E8F67A}" = Skins

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{236BB7C4-4419-42FD-041D-1E257A25E34D}" = Adobe Photoshop CS2

"{255F566C-3F57-15AD-2CA5-E7EA41F9904F}" = Catalyst Control Center Graphics Full Existing

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 11

"{2792F12C-3515-4D69-8083-B557AF35F06F}" = LightScribe 1.4.89.1

"{2806ECD7-D23E-45D7-A918-D6E5EA1C4D8E}" = S.W.I.N.E.

"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8

"{2C294A0B-DF22-4023-B168-8C7645B10019}" = Adobe Setup

"{30B51CF9-B419-496B-9C8F-D9D245C74DCE}" = Symantec Real Time Storage Protection Component

"{311F799A-FCE9-4D9E-B5D2-CBB8859B40BB}" = Microsoft XNA Framework Redistributable 1.0 Refresh

"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver

"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10

"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java 6 Update 4

"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5

"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7

"{350C941d-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion

"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JRAID

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon

"{3EDE9D4A-02A5-4B73-989A-DAB900102044}" = Windows Live Writer

"{3EF79591-BF16-4CF8-8FF0-D8AD968228B1}" = Aliens vs. Predator 2

"{420DADC7-0E52-48F2-81EE-7BCF663815E0}" = Windows Live Essentials

"{4287A29F-EA4C-24E4-4AAE-3E6CDC9C965A}" = CCC Help English

"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer

"{475881C0-51A3-4B27-BED8-B8DA26657095}" = Windows Live Photo Gallery

"{47836B39-2465-4F39-9D7E-52F70A1C3D72}" = Axis & Allies

"{47E235BB-2CB0-4D8D-A95C-A2F723691173}" = Guard Shield

"{48185814-A224-447a-81DA-71BD20580E1B}" = Norton Internet Security

"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component

"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation

"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE

"{4B215C29-1A3E-4736-92AA-10C83FA56EB9}" = Adobe After Effects CS3 Presets

"{4D5D6C88-0291-4B9D-881D-5674C431D4A2}" = Quake Live Internet Explorer Plugin

"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update

"{4EE3649E-8ED7-49B3-A16F-E7C91199BC25}" = Windows Live Mail

"{4FC9CA38-CB85-44E4-A8D0-AC5607E39AFE}" = GameShadow

"{4FEEDAA3-0D0C-7584-63F2-0F216D3426C9}" = ccc-core-preinstall

"{5435FF3C-48CF-4B34-85E1-2C95673EB254}" = Dawn of War - Soulstorm

"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3

"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager

"{56C64E81-FC93-4cb9-9EBF-953662950D3B}_is1" = Delete Virtual-Mate Launcher

"{584267B8-0BB0-4D18-9FFA-726576619E9A}" = Doom 3

"{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}" = RGSS-RTP Standard

"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security

"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.2

"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = PlayNC Launcher

"{6010D25D-4BBE-4AD8-AABC-B1C4D63C739B}" = WorldGate Client

"{6592FDEC-2C1A-413A-9985-25FEC2F0848D}" = Star Wars Empire at War Forces of Corruption

"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package

"{6A5887F9-F17E-4905-B577-7956BF866C88}" = Callipygian2.9

"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All

"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files

"{6C1804BC-094F-431A-BEA5-37A837958029}" = Rome - Total War - Alexander

"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{71D4305B-56E6-4971-A799-FB7678A1D1A5}" = ASUS ATI Driver

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit

"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0

"{793C456F-EB0A-4164-BE77-B6D901F2C7E3}" = Windows Workflow Foundation SV Language Pack

"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation

"{7F34A21F-2DEB-4598-BB19-611D6BD24271}" = Managed DirectX (0901)

"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3

"{80AE66E6-E9FA-0CAC-C9F1-4E5A144886F0}" = Catalyst Control Center Graphics Full New

"{81935798-5D0C-4892-832E-630E6CC07EAF}" = Morrowind

"{81C42533-F5A8-46CE-9013-ECF783A4CBD4}" = NVIDIA PhysX

"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus

"{83F12F73-D52E-40C0-93B1-463C311C4E17}" = Dawn Of War

"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles

"{85DAFBE2-75DE-436A-BD77-5902FF47F8DF}" = Windows Live Sync

"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist

"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007

"{8A884756-1BE9-4E39-9BFD-9BA3E79B61D9}_is1" = UninstallBlitz

"{8AC01A0D-42B6-4A55-AD7A-A545A7AE5364}" = Enclave

"{8AF3FB06-BDA3-42A3-995C-308812D2F094}" = Adobe After Effects CS3

"{8B596C56-002B-4F1D-823D-508C0C5CAE63}" = Uskaarj

"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder

"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed

"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3

"{8D6EC7D6-E71D-8743-1396-591F4195F347}" = Catalyst Control Center Graphics Light

"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes

"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support

"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer

"{8FD697DD-C94F-22BE-6EFD-AA4CA7CF2B33}" = ccc-core-static

"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard

"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3

"{90840409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003

"{9312191B-30A5-44E1-8D8D-6936FE06CDE8}" = Wanted: Weapons of Fate

"{94CD4CB0-C0D4-4DAD-A40C-F55AF63BD7A6}" = Reborn

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6

"{9862B19F-4CAD-4EED-920F-2F378D84393F}" = ATI Parental Control & Encoder

"{992A2DB1-4ABC-4738-BD71-045C5FFE00D1}" = Microsoft .NET Framework 1.1 Swedish Language Pack

"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center

"{9a25302d-30c0-39d9-bd6f-21e6ec160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B34CAC6-738F-4A20-B428-A115C3E3474C}" = RPGXP

"{9BE2669E-2BD8-4164-A8B5-C904C864B403}" = WA Update v3.50 beta2

"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3

"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A202BDBA-753F-41B9-B649-CFB0B45FC03E}" = Star Wars Galactic Battlegrounds

"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701

"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps

"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

"{A5D65411-8E73-4C85-AD80-9FE8B7391CF9}" = Rome Total War - patch 1.3

"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War

"{A673437A-5D2A-41BE-94F3-EB876634825A}" = The Holy Sword 1.5

"{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money

"{AA20E409-BDB4-439B-B75B-D5B193546779}" = Linksys Wireless-N PCI Adapter

"{AC76BA86-7AD7-1053-7B44-A90000000001}" = Adobe Reader 9 - Svenska

"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com

"{B17E235C-7A3B-4482-B650-21FFDE1D452E}" = Empire Earth III

"{B38C3184-F573-CDC2-9452-FA9C576AB010}" = ccc-utility

"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0

"{B46E38DB-F929-4EA6-BBB1-BE9873A0F1F4}" = muvee Reveal

"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1

"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser

"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0

"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update

"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist

"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3

"{BA63612E-0458-416A-ADCD-B2349194F20F}" = Creative ZEN Nano Plus

"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation

"{BBBDA3FF-9F8D-4B0C-9214-0F6224D43111}" = Megaman X5

"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator

"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5

"{BF476E33-ED16-4C5A-8DFB-ABCA8A47AD61}" = Windows Communication Foundation Language Pack - SVE

"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime

"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2

"{C5AA6819-DE1F-4AA3-AFFE-F5E322513B25}" = OpenOffice.org 2.4

"{C8C8387B-A98B-44E8-807A-1A9B7F51FFDA}" = Blaze Media Pro

"{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}" = AVIVO Codecs

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE7CB214-DB11-4B5D-A6AF-3B4ED47C68B7}" = Microsoft Game Studios Common Redistributables Pack 1

"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client

"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files

"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component

"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings

"{DB6901C6-E8B7-F5F0-F0C6-9028AFCD5A74}" = Catalyst Control Center Graphics Previews Common

"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)

"{DD8408E9-9421-484F-979D-DB6361E3E828}" = Dawn Of War - Winter Assault

"{E068CD0F-E631-17E7-9A01-05C2B2B54C84}" = Catalyst Control Center Core Implementation

"{E1728B5A-CBC9-4597-B1F8-A4BF368357E6}" = Far West - Demo

"{E33DB5A9-9BD7-4707-B968-3333DFEBE705}" = Transcend T.sonic 850 Multimedia Converter

"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security

"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security

"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3

"{E786AFE8-8F48-4595-A439-58C7052F65D2}" = Launchpad

"{E9787678-551D-4478-9682-DBB587257110}" = Adobe Help Center 1.0

"{EBC0E8C0-63AC-11D4-BEF2-00A0C9E0B324}" = StarTopia

"{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}" = Battlefield 2142

"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3

"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager

"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F20C1251-1D0A-4944-B2AE-678581B33B19}" = Neverwinter Nights 2

"{F4626226-8B04-4A09-A1E1-C5D1DA52D7E5}" = SW-Empire At War Mod Manager

"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV

"{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding

"{FCA8799F-D83A-11D5-986D-00500443CF9F}" = Far West

"{FCEA59CC-5A80-4680-9F7F-6E75174E884C}" = Windows Live Messenger

"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable

"{FF39FC01-819B-42E4-AE49-1968AF12DDD4}" = Dawn of War - Dark Crusade

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"{FF70923C-8A51-47F4-A7E9-893C6D54EB68}" = TES Construction Set

"12345_is1" = WeGame Client Public Beta 1.0.5

"396FD00A58F61D595A7B26211A4715A3E27622E0" = Windows-drivrutinspaket - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)

"3D Flash Animator 4.9.7.9" = 3D Flash Animator 4.9.7.9

"3DSexVilla2-051.001" = thriXXX 3DSexVilla2-051.001

"Adobe Acrobat Reader 3.0" = Adobe Acrobat Reader 3.0

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player Plugin

"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-041D-1E257A25E34D}" = Adobe Photoshop CS2

"Adobe Shockwave Player" = Adobe Shockwave Player 11

"Adobe_b7dd24a87e82dcf8af8876fd727b7cf" = Adobe After Effects CS3

"Age of Chivalry" = Age of Chivalry 1.1.1

"Age of Empires Gold 1.0" = Microsoft Age of Empires Gold

"AGEIA PhysX v2.3.3" = AGEIA PhysX v2.3.3

"AGEIA PhysX v2.4.4" = AGEIA PhysX v2.4.4

"Aimersoft Video Converter_is1" = Aimersoft Video Converter(Build 1.0.20)

"All ATI Software" = ATI - Software Uninstall Utility

"American Conquest" = American Conquest

"American Conquest - Divided Nation" = American Conquest - Divided Nation

"American Conquest Fight Back" = American Conquest Fight Back

"ArtMoney SE_is1" = ArtMoney SE v7.29

"ATI Display Driver" = ATI Display Driver

"Audacity_is1" = Audacity 1.2.6

"AudibleManager" = AudibleManager

"Audiosurf_is1" = Audiosurf Beta

"AutoGK" = Auto Gordian Knot 2.45

"AviSynth" = AviSynth 2.5

"AVS DVDMenu Editor_is1" = AVS DVDMenu Editor 1.2.1.19

"AVS Video Tools 5_is1" = AVS Video Tools 5.6

"Battle Mages - Sign of Darkness Demo_is1" = Battle Mages - Sign of Darkness Demo

"Battlecraft Vietnam1.2" = Battlecraft Vietnam

"Beyond the Red Line 1.0" = Beyond the Red Line

"Bink and Smacker" = Bink and Smacker

"Cannon Fodder_is1" = Cannon Fodder

"CCleaner" = CCleaner (remove only)

"Claw" = Claw

"Cossacks 2 - Demo" = Cossacks 2 - Demo

"Cossacks II" = Cossacks II

"CrosuS" = CrosuS

"DAEMON Tools Toolbar" = DAEMON Tools Toolbar

"Dark Omen" = Dark Omen

"D-Day Normandy_is1" = D-Day Normandy 4.1

"Defcon_is1" = Defcon

"DesertCombat" = DesertCombat 0.7

"Deus Ex" = Deus Ex

"Diablo II" = Diablo II

"Dolphin" = Dolphin 1.3 beta

"DOW RDN Tools_is1" = DOW RDN Tools

"Droid Crisis_is1" = Droid Crisis 1.0

"Dune 2000" = Dune 2000

"DVD Audio Ripper 4" = DVD Audio Ripper 4

"DVD Shrink_is1" = DVD Shrink 3.2

"Emperor" = Emperor: Battle For Dune

"EW : Cossacks" = EW : Cossacks

"Fallout 3: Operation Anchorage™" = Fallout 3: Operation Anchorage™

"FINAL FANTASY VIII" = FINAL FANTASY VIII

"FlashGet(JetCar)" = FlashGet(JetCar)

"Fortress Forever" = Fortress Forever 2.1

"Fraps" = Fraps (remove only)

"Freelancer Battle for Mankind" = Freelancer Battle for Mankind 2.2

"Game Maker 7.0" = Game Maker 7.0

"GameSpy Arcade" = GameSpy Arcade

"GCFScape_is1" = GCFScape 1.4.0

"gtkmm" = gtkmm Runtime Environment 2.10

"Hamachi" = Hamachi 1.0.3.0

"HenrySinclair" = HenrySinclair

"HentaII-026.003" = HentaII-026.003

"Heroes of Might and Magic® III" = Heroes of Might and Magic® III Complete

"HijackThis" = HijackThis 2.0.2

"I was an Atomic Mutant" = I was an Atomic Mutant

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"InstallShield_{0C5D0DC4-F5D3-46F9-AE2E-E45C99B4A6B6}" = Enemy Territory - QUAKE Wars 1.1 Patch

"InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}" = Quake 4

"InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War

"InstallShield_{B547451E-9D40-411C-9A18-05A2D997B225}" = Enemy Territory - QUAKE Wars Beta 1.1 Patch

"InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines

"InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3

"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager

"InterActual Player" = InterActual Player

"Jailbreak Source_is1" = Jailbreak Source v0.4

"Jazz Jackrabbit 2" = Jazz Jackrabbit 2

"Larva Mortus" = Larva Mortus 1.02

"Launcher" = Outspark Launcher

"Legends of Might and Magic" = Legends of Might and Magic

"LHTTSGED" = L&H TTS3000 Deutsch

"Lights of the Warp" = Lights of the Warp

"LiveUpdate" = LiveUpdate 3.1 (Symantec Corporation)

"Lux Delux_is1" = Lux Delux 5.62

"Magic ISO Maker v5.3 (build 0229)" = Magic ISO Maker v5.3 (build 0229)

"MagicDisc 2.7.105" = MagicDisc 2.7.105

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"MechCommander Desperate Measures UnInstall" = MechCommander Desperate Measures

"MechCommander Mission Editor" = MechCommander Mission Editor

"MechCommander2 1.0" = Microsoft MechCommander 2

"MegaTrainer XL_is1" = MegaTrainer XL V1.5.5.5-Beta

"MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Web Client for Win32

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 2.0 Language Pack - SVE" = Microsoft .NET Framework 2.0 Language Pack - SVE

"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0

"Microsoft .NET Framework 3.0 Swedish Language Pack" = Microsoft .NET Framework 3.0 Swedish Language Pack

"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package

"Miles Sound Tools" = Miles Sound Tools

"MinionsOfMirth" = Minions of Mirth (remove only)

"mIRC" = mIRC

"Mozilla Firefox (3.0.6)" = Mozilla Firefox (3.0.6)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"NeroMultiInstaller!UninstallKey" = Nero Suite

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"NOD32" = NOD32 Antivirus

"OggDS" = Direct Show Ogg Vorbis Filter (remove only)

"OpenAL" = OpenAL

"Panda ActiveScan" = Panda ActiveScan

"PC Wizard 2008_is1" = PC Wizard 2008.1.82

"Perfect Uninstaller_is1" = Perfect Uninstaller v6.2.5

"Pixel Land Blast" = Pixel Land Blast

"Plan of Attack" = Plan of Attack

"Porrasturvat - Stair Dismount" = Porrasturvat - Stair Dismount

"Postal 2 Demo" = Postal 2 Demo

"PowerISO" = PowerISO

"PunkBusterSvc" = PunkBuster Services

"Real Lives" = Real Lives

"Red Alert - A Path Beyond" = Red Alert: A Path Beyond - Beta

"Rites of War" = Rites of War

"RobinHood" = Robin Hood and The King's Ransom

"SecondLife" = SecondLife (remove only)

"SeeMePlayMe Client" = SeeMePlayMe Client

"Seven Kingdoms Demo" = Seven Kingdoms Demo

"Shockwave" = Shockwave

"SimDeveloper - Amateur Antics" = SimDeveloper - Amateur Antics

"SpecOps 2 US Army Green Berets MPlayer Demo" = SpecOps 2 US Army Green Berets MPlayer Demo

"SpeedFan" = SpeedFan (remove only)

"Spotify" = Spotify

"Spring" = Spring 0.78.1.1

"Star Wolves - Playable Demo_is1" = Star Wolves - Playable Demo

"Steam App 10620" = Empire: Total War Demo

"Steam App 15620" = Warhammer 40,000: Dawn of War II

"Steam App 15720" = Oddworld: Abe's Exoddus Demo

"Steam App 15730" = Oddworld: Abe's Oddysee Demo

"Steam App 17500" = Zombie Panic! Source

"Steam App 17520" = Synergy

"Steam App 17550" = Eternal Silence

"Steam App 211" = Source SDK

"Steam App 215" = Source SDK Base

"Steam App 218" = Source SDK Base - Orange Box

"Steam App 320" = Half-Life 2: Deathmatch

"Steam App 440" = Team Fortress 2

"Steam App 500" = Left 4 Dead

"Steel Legion DC_is1" = Steel Legion DC 1.0.0

"SvenCoop" = Sven Co-op 3.0

"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)

"synfig" = Synfig Core

"synfigstudio" = Synfig Studio

"SysInfo" = Creative System Information

"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2

"thriXXX WebLaunch" = thriXXX WebLaunch

"TibEd2" = TibEd 2

"TibEdNSIS" = TibEd 1.7

"Tremulous" = Tremulous 1.1.0

"TTRU Mod DC" = TTRU Mod DC

"TubeTilla" = TubeTilla

"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine

"UEAW v3.2.2" = UEAW v3.2.2

"UFO:Alien Invasion" = UFO:AI 2.2.1

"UFO2000 Beta" = UFO2000 Beta

"UT2004" = Unreal Tournament 2004

"Wacky Wanted Posters" = Wacky Wanted Posters

"War of the Ring" = War of the Ring

"Warcraft II BNE" = Warcraft II BNE

"Warhammer 40,000: Chaos Gate" = Warhammer 40,000: Chaos Gate

"Warhammer 40,000: Chaos Gate Demo" = Warhammer 40,000: Chaos Gate Demo

"WChat" = Westwood Online

"Weekday Warrior" = Weekday Warrior

"VentriloMIX" = VentriloMIX

"Westward" = Westward (remove only)

"wgick" = Favorit

"WhiteCap" = WhiteCap

"WIC" = Windows Imaging Component

"WinAce Archiver" = WinAce Archiver

"WinAVI Video Converter_is1" = WinAVI Video Converter

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = WinRAR

"VLC media player" = VideoLAN VLC media player 0.8.6d

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"WMV9_VCM" = Microsoft Windows Media Video 9 VCM

"VobSub" = VobSub v2.23 (Remove Only)

"WOLAPI" = Westwood Shared Internet Components

"World of Warcraft" = World of Warcraft

"Wrath of the Lich King Beta" = Wrath of the Lich King Beta

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"X Plugin Manager" = X Plugin Manager 2.12

"X3 Bonus Package_is1" = X3 Bonus Package 3.1.05

"X3-FactoryComplexCalculator2.0.0.2_is1" = X3 Factory Complex Calculator v2.0.0.2

"X3-MapViewer1.2.2.6_is1" = X3 Map Viewer v1.2.2.6

"X3-ModelViewer1.1.0.0_is1" = X3 Model Viewer v1.1.0.0

"X3-Reunion2.0.02UK_is1" = X3: Reunion v2.0.02

"Xbox_360_CC_Driver" = Xbox 360 Controller for Windows

"Xfire" = Xfire (remove only)

"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)

"Xvid_is1" = Xvid 1.1.2 final uninstall

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = Roblox for Daniel

"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3

"Blaze Media Pro" = Blaze Media Pro

"Diablo II" = Diablo II

"GATES TO AESGAARD - Episode 1" = GATES TO AESGAARD - Episode 1

"Gtk+ Runtime Environment" = Gtk+ Runtime Environment 2.10.11-1

"Hentai Quest" = Hentai Quest

"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software

"InstallShield_{E786AFE8-8F48-4595-A439-58C7052F65D2}" = Launchpad

"Killing Floor" = Killing Floor

"New LEGO Digital Designer" = LEGO Digital Designer

"Plastic Mod v.1.0" = Plastic Mod v.1.0

"uTorrent" = µTorrent

"Warcraft III" = Warcraft III: All Products

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 2009-04-03 07:22:24 | Computer Name = DANIELSDATOR | Source = Userenv | ID = 1041

Description = Det går inte att läsa {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} från

registerposten DllName Detta kommer inte att läsas in. Problemet beror antagligen

på fel i registret.

 

Error - 2009-04-03 07:23:07 | Computer Name = DANIELSDATOR | Source = Application Error | ID = 1004

Description = Felaktigt program svchost.exe, version 0.0.0.0, felaktig modul unknown,

version 0.0.0.0, felaktig adress 0x00000000.

 

Error - 2009-04-03 07:35:40 | Computer Name = DANIELSDATOR | Source = Application Error | ID = 1000

Description = Felaktigt program , version 0.0.0.0, felaktig modul unknown, version

0.0.0.0, felaktig adress 0x00000000.

 

Error - 2009-04-03 09:06:44 | Computer Name = DANIELSDATOR | Source = Userenv | ID = 1041

Description = Det går inte att läsa {7B849a69-220F-451E-B3FE-2CB811AF94AE} från

registerposten DllName Detta kommer inte att läsas in. Problemet beror antagligen

på fel i registret.

 

Error - 2009-04-03 09:06:44 | Computer Name = DANIELSDATOR | Source = Userenv | ID = 1041

Description = Det går inte att läsa {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} från

registerposten DllName Detta kommer inte att läsas in. Problemet beror antagligen

på fel i registret.

 

Error - 2009-04-03 09:21:25 | Computer Name = DANIELSDATOR | Source = Userenv | ID = 1041

Description = Det går inte att läsa {7B849a69-220F-451E-B3FE-2CB811AF94AE} från

registerposten DllName Detta kommer inte att läsas in. Problemet beror antagligen

på fel i registret.

 

Error - 2009-04-03 09:21:25 | Computer Name = DANIELSDATOR | Source = Userenv | ID = 1041

Description = Det går inte att läsa {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} från

registerposten DllName Detta kommer inte att läsas in. Problemet beror antagligen

på fel i registret.

 

Error - 2009-04-03 10:09:25 | Computer Name = DANIELSDATOR | Source = Application Error | ID = 1000

Description = Felaktigt program BRSVC01A.EXE, version 1.0.0.3, felaktig modul unknown,

version 0.0.0.0, felaktig adress 0x0012e897.

 

Error - 2009-04-03 10:10:26 | Computer Name = DANIELSDATOR | Source = Application Error | ID = 1004

Description = Felaktigt program StarWindServiceAE.exe, version 3.2.0.1319, felaktig

modul ntdll.dll, version 5.1.2600.5512, felaktig adress 0x00005d44.

 

Error - 2009-04-03 10:10:28 | Computer Name = DANIELSDATOR | Source = Application Error | ID = 1004

Description = Felaktigt program svchost.exe, version 0.0.0.0, felaktig modul unknown,

version 0.0.0.0, felaktig adress 0x00000000.

 

[ System Events ]

Error - 2009-04-02 03:38:07 | Computer Name = DANIELSDATOR | Source = Service Control Manager | ID = 7000

Description = Tjänsten IPSEC driver kunde inte startas på grund av följande fel:

%%2001

 

Error - 2009-04-02 11:01:19 | Computer Name = DANIELSDATOR | Source = Workstation | ID = 5727

Description = Det gick inte att läsa in drivrutinen MRxSmb.

 

Error - 2009-04-02 11:49:19 | Computer Name = DANIELSDATOR | Source = Service Control Manager | ID = 7000

Description = Tjänsten IPSEC driver kunde inte startas på grund av följande fel:

%%2001

 

Error - 2009-04-02 11:59:14 | Computer Name = DANIELSDATOR | Source = Service Control Manager | ID = 7000

Description = Tjänsten IPSEC driver kunde inte startas på grund av följande fel:

%%2

 

Error - 2009-04-02 12:55:09 | Computer Name = DANIELSDATOR | Source = Service Control Manager | ID = 7000

Description = Tjänsten IPSEC driver kunde inte startas på grund av följande fel:

%%2

 

Error - 2009-04-02 12:55:09 | Computer Name = DANIELSDATOR | Source = Service Control Manager | ID = 7001

Description = Tjänsten TCP/IP Protocol Driver är beroende av tjänsten IPSEC driver.

Den sistnämnda kunde inte starta på grund av följande fel: %%2

 

Error - 2009-04-02 12:57:11 | Computer Name = DANIELSDATOR | Source = Service Control Manager | ID = 7000

Description = Tjänsten IPSEC driver kunde inte startas på grund av följande fel:

%%2

 

Error - 2009-04-02 14:39:50 | Computer Name = DANIELSDATOR | Source = Service Control Manager | ID = 7000

Description = Tjänsten IPSEC driver kunde inte startas på grund av följande fel:

%%2

 

Error - 2009-04-02 14:39:50 | Computer Name = DANIELSDATOR | Source = Service Control Manager | ID = 7001

Description = Tjänsten TCP/IP Protocol Driver är beroende av tjänsten IPSEC driver.

Den sistnämnda kunde inte starta på grund av följande fel: %%2

 

Error - 2009-04-02 14:39:50 | Computer Name = DANIELSDATOR | Source = Service Control Manager | ID = 7000

Description = Tjänsten IPSEC driver kunde inte startas på grund av följande fel:

%%2

 

 

< End of report >

[/log]

 

[Cecilia]

Vilket antivirusprogram är det som du vill använda? Jag ser både Symantec/Norton och Nod32 i loggen och det är inte bra. Avinstallera det ena.

 

Daemon Tools Toolbar är inte lämplig att ha, den visar annonser eller liknande:

http://www.systemlookup.com/CLSID/29780-DTToolbar_dll.html

Du har den både för Internet Explorer och Firefox och tas lämpligen bort i båda.

 

Det var mycket skadliga filer i den datorn, har funnits där åtminstone sedan måndag kväll.

 

Ladda ner Malwarebytes Anti-Malware (MBAM) från en av dessa länkar:

http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

http://projects.securitywonks.net/projects/details.php?file=158

Dubbelklicka på mbam-setup för att installera programmet.

 

[log]Se till i slutet av installationen att det är bockar för:

Uppdatera Malwarebytes' Anti-Malware

Starta Malwarebytes' Anti-Malware

Tryck på Slutför

Om det finns någon uppdatering så kommer den att laddas ner och installeras.

 

När programmet startar så välj "Utför snabb skanning" och tryck på Skanna.

Skanningen tar ett tag.

När den är klar så tryck på OK och sedan "Visa resultat".

Bocka för allt och tryck sedan Ta bort markerade.

När borttagningen är klar så öppnar Anteckningar med en logg.

 

Eventuellt så kommer det upp en begäran om att starta om datorn (Restart). I så fall gör det.

Om det blir ett felmeddelande Error loading... efter omstarten så starta om datorn än en gång.

Om programmet inte kommer igång efter omstarten så starta det.

 

Om loggen inte kommer upp själv i Anteckningar så hittar du loggen på fliken Loggar i MBAM.

Kopiera loggen och klistra in den i ditt svar.[/log]

 

[XerxesTitanos]

Jag visste inte ens att jag hade NOD32 O.o

Hur tar jag jag bort det?

 

Daemon Tools Toolbar har jag stängt av i både IE och Firefox,

ska ta bort DTT helt

 

MBAM:

 

[log]

Malwarebytes' Anti-Malware 1.35

Databasversion: 1904

Windows 5.1.2600 Service Pack 3

 

2009-04-03 18:34:20

mbam-log-2009-04-03 (18-34-20).txt

 

Skanningstyp: Snabb skanning

Antal skannade objekt: 78742

Förfluten tid: 4 minute(s), 54 second(s)

 

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 4

Infekterade registervärden: 0

Infekterade registerdataposter: 1

Infekterade mappar: 0

Infekterade filer: 7

 

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

 

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

 

Infekterade registernycklar:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\defaultlib (Spyware.Passwords) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\softyinforwow1 (Trojan.PWS) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\OKME\softyinforwow1 (Trojan.PWS) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\AGprotect (Malware.Trace) -> Quarantined and deleted successfully.

 

Infekterade registervärden:

(Inga illasinnade poster hittades)

 

Infekterade registerdataposter:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

 

Infekterade mappar:

(Inga illasinnade poster hittades)

 

Infekterade filer:

C:\WINDOWS\system32\drivers\ovfsth.sys (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ovfsthardhsbpsxmoirrfyyewqvfhmvmpfvrlt.dll (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ovfsthkeydyuunldfscoawhrnsnsifosyapfnn.dll (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ovfsthnfnintadvfmjkyrtxrjbcbcsmycktedl.dll (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ovfsthonsigduqpvmrmqnprwsluxpecmrttxxq.dll (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ovfsthbhdcyyqfhrkcwvuqhgasyhwprokqoplj.dat (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ovfsthsbgashpqiujndwronbxittshpfujmjmr.dat (Trojan.Agent) -> Quarantined and deleted successfully.

[/log]

 

Fick lite problem med att explorer.exe inte startade vid omstart men fick igång det via aktivitetshanteraren tillslut =)

[inlägget ändrat 2009-04-03 18:50:23 av XerxesTitanos]

[Cecilia]

Nod32 avinstallerar du på vanligt sätt i Kontrollpanelen - Lägg till eller ta bort program.

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\default

lib (Spyware.Passwords)

Alltså något som stjäl lösenord så när datorn är ren så måste du byta alla lösenord du har i datorn och på internet.

 

Ladda ner ComboFix till Skrivbordet:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

[log]Stäng av alla program du ser inklusive antivirusprogram och antispionprogram men lämna brandväggen på.

Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html

Kör ComboFix och följ anvisningarna som visas.

Om det kommer upp en fråga om du vill installera återställningskonsolen så svara ja.

 

VIKTIGT! Klicka inte på ComboFix-fönstret med musen när den körs annars kan den hänga upp sig.

 

När den är färdig så ska en logg komma upp, bifoga den till ditt svar. Kontrollera att antivirusprogram mm är igång innan du ansluter till internet.

 

Om du får problem med att komma ut på internet:

Kontrollpanelen - Nätverksanslutningar

högerklicka på din internetanslutning och välj Reparera och/eller starta om datorn.[/log]

 

Varning! ComboFix förhindrar automatisk körning av CD, disketter och USB-enheter för att göra det lättare att rensa datorn och skydda datorn mot infektioner i framtiden. Det kan bli problem t ex om datorn har internet via ett USB-modem eller USB-nätverkskort. Säg då till i stället för att köra ComboFix.

 

[XerxesTitanos]

Vi har inte ett USB modem och inte ett USB nätverkskort

 

NOD32 går inte att tas bort med Lägg till eller ta bort program det står att

"Det uppstod ett problem när NOD32 Antivirus skulle tas bort. Det kanske redan är avinstallerat" vad ska jag göra?

 

Jag kan inte starta norton för att stänga av det helt och Combofix varnar att Norton är igång... vad bör jag göra? Starta Combofix ändå?

 

[Cecilia]

Försök med Nod32s borttagningsprogram (removal tool):

http://www.betterantivirus.com/nod32-antivirus-faqs/faqs/c1095623943.html#1170455686

 

Går det inte att stänga av Norton genom att högerklicka på dess ikon vid klockan och välja något om att inaktivera skydd?

 

[XerxesTitanos]

Det finns ingen ikonv för norton där nere

 

[Cecilia]

Kör ComboFix i alla fall då.

 

[XerxesTitanos]

ComboFix vill inte starta riktigt

Det står "Förbereder Combofix för att köras"

sen kommer ett fönster upp där det står:

 

"CFScript namnfel

 

Försökte du köra ett CFScript?

Namnet CFScript verkar vara felstavat"

 

Vad betyder det?

 

När jag trycker på Ok så stängs ComboFix

 

[Cecilia]

Startar du ComboFix genom att dubbelklicka på ikonen på Skrivbordet?

Du kan också se om ComboFix fungerar bättre i felsäkert läge.

 

[XerxesTitanos]

Ja jag dubbelklickar på Combofix ikonen på skrivbordet

Det blev samma fel i felsäkert läge

 

[Cecilia]

Ladda ner Gmer till C:\ från en av dessa sidor:

http://www.gmer.net/files.php välj Gmer application

http://www.majorgeeks.com/GMER_d5198.html

 

Packa upp filen till Skrivbordet.

 

Dra ur internetanslutningen.

Stäng alla program, även antivirusprogram och brandvägg.

 

Starta programmet gmer.exe.

Om det kommer upp en fråga om "scan" så välj Ja.

Om frågan inte kommer så välj fliken Rootkit/Malware, kontrollera att allt är förbockat till höger utom Show All. Tryck på Scan. Låt datorn stå ifred medan Gmer håller på.

 

Tryck på Spara och välj att spara resultatet i en fil på Skrivbordet.

 

Sätt igång antivirusprogram och brandvägg innan du ansluter till internet.

Klistra in resultatet i ditt svar.

 

[XerxesTitanos]

Jag kan fortfarande inte få upp Norton så att jag kan stänga av det riktigt...

ska jag starta Gmer ändå?

 

[Cecilia]

Gör det i felsäkert läge för där borde inte Norton vara igång.

 

[XerxesTitanos]

När jag startar Gmer så får jag den här varningen:

 

"WARNING!!

 

GMER has found a system modification, which might have been caused by ROOTKIT activity.

 

Dou you want to fully scan your system ?"

 

Vad ska jag göra?

 

[inlägget ändrat 2009-04-03 22:56:02 av XerxesTitanos]

[Cecilia]

Du svarar ja/yes/ok, beroende på vad det nu står.