Certified-toolbar

[stisjo]

Angående otl-filen skall jag bifoga den som en fil

Här kommer dds-filen

 

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_38

Run by Administratör at 19:18:21 on 2013-01-18

Microsoft Windows XP Professional 5.1.2600.3.1252.44.1053.18.1015.348 [GMT 1:00]

.

AV: Panda Global Protection 2013 *Enabled/Updated* {8BF935E7-731F-4115-B7A5-789FF5087595}

FW: Panda Personal Firewall 2013 *Enabled*

.

============== Running Processes ================

.

C:\Program\Windows Defender\MsMpEng.exe

C:\Program\Panda Security\Panda Global Protection 2013\TPSrv.exe

C:\PROGRAM\PANDA SECURITY\PANDA GLOBAL PROTECTION 2013\WebProxy.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Delade filer\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE

C:\Program\Google\Update\GoogleUpdate.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\CDBurnerXP\NMSAccessU.exe

C:\Program\Panda Security\Panda Global Protection 2013\PsCtrls.exe

C:\Program\Panda Security\Panda Global Protection 2013\PavFnSvr.exe

C:\Program\Delade filer\Panda Security\PavShld\pavprsrv.exe

C:\Program\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe

C:\Program\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC.exe

c:\program\panda security\panda global protection 2013\firewall\PSHOST.EXE

C:\Program\Panda Security\Panda Global Protection 2013\PsImSvc.exe

C:\Program\Google\Update\1.3.21.124\GoogleCrashHandler.exe

C:\Program\Panda Security\Panda Global Protection 2013\PskSvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\MsPMSPSv.exe

C:\Program\Panda Security\Panda Global Protection 2013\pavsrvx86.exe

C:\Program\Panda Security\Panda Global Protection 2013\AVENGINE.EXE

C:\Program\Windows Media Player\WMPNetwk.exe

C:\program\alpha networks\aniwzcs service\wzcsldr.exe

C:\Program\On2Share\On2Share MediaServer.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\alg.exe

C:\Program\Panda Security\Panda Global Protection 2013\SRVLOAD.EXE

C:\Program\Panda Security\Panda Global Protection 2013\PavBckPT.exe

C:\Program\Microsoft\BingBar\7.1.391.0\SeaPort.exe

C:\Program\Google\Chrome\Application\chrome.exe

C:\Program\Google\Chrome\Application\chrome.exe

C:\Program\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k rpcss

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\WINDOWS\system32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxps://www.google.se/

uDefault_Search_URL = hxxp://www.google.com

mStart Page = hxxp://www.google.com

mSearch Bar = hxxp://www.google.com

BHO: Länkhjälp till Adobe PDF Reader: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Videoraptor_WebRipPlugin Class: {3C0372C2-04C3-4100-BAB1-1D42C552BC48} - c:\program\rapidsolution\audialsone\videoraptor\plugins\ie\VR_WebRipIePlugin.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program\java\jre6\bin\ssv.dll

BHO: Tunebite_WebRipPlugin Class: {AA102584-3B97-47e7-B9BC-75D54C110A7D} - c:\program\rapidsolution\audialsone\tunebite\plugins\ie\TB_WebRipIePlugin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program\google\googletoolbarnotifier\5.7.8313.1002\swg.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program\microsoft\bingbar\7.1.391.0\BingExt.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program\java\jre6\bin\jp2ssv.dll

BHO: Google Gears Helper: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - c:\program\google\google gears\internet explorer\0.5.36.0\gears.dll

BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Winamp Toolbar: {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - LocalServer32 - <no file>

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program\google\google toolbar\GoogleToolbar_32.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\google toolbar\GoogleToolbar_32.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

uRun: [On2Share] c:\program\on2share\On2Share MediaServer.exe -no-notifywnd

uRun: [swg] "c:\program\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [ANIWZCSService] "c:\program\alpha networks\aniwzcs service\wzcsldr.exe"

mRun: [APVXDWIN] "c:\program\panda security\panda global protection 2013\APVXDWIN.EXE" /s

mRun: [sCANINICIO] "c:\program\panda security\panda global protection 2013\Inicio.exe"

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

uPolicies-Explorer: NoDriveTypeAutoRun = dword:323

uPolicies-Explorer: NoDrives = dword:0

uPolicies-Explorer: NoDriveAutoRun = dword:67108863

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_32.CAB

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab

DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} - hxxp://www.nanoscan.com/as/cabs/ascstubie.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1350814211218

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1350681596703

DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab

DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} - hxxp://www.nanoscan.com/cabs/nanoinst.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab

DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} - hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab

DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E505599B-F37A-4849-A7B0-E0AAB5CB054C} - hxxps://gfs.nb.se/privat/bank/scripts/eid/NordeaSmartCard.cab

TCP: NameServer = 84.246.88.10 192.168.0.1

TCP: Interfaces\{F3A897BE-584F-43F8-A577-BB598F76AAC2} : DHCPNameServer = 84.246.88.10 192.168.0.1

Notify: avldr - avldr.dll

Notify: igfxcui - igfxsrvc.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - c:\program\windows defender\MpShHook.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program\google\chrome\application\24.0.1312.52\installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

============= SERVICES / DRIVERS ===============

.

R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [2012-12-25 26696]

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2013-1-15 368616]

R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2013-1-15 342168]

R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2013-1-15 909728]

R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [2012-12-25 83528]

R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [2012-12-25 53256]

R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [2012-12-25 22024]

R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [2012-12-25 193864]

R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [2012-12-25 159112]

R1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\drivers\PCTSD.sys [2013-1-15 202280]

R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [2012-12-25 37448]

R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [2012-12-25 46856]

R2 AmFSM;AmFSM;c:\windows\system32\drivers\amm8651.sys [2012-12-25 63240]

R2 Panda Software Controller;Panda Software Controller;c:\program\panda security\panda global protection 2013\PsCtrlS.exe [2012-12-25 177440]

R2 PAVFNSVR;Panda Function Service;c:\program\panda security\panda global protection 2013\PavFnSvr.exe [2012-12-25 202016]

R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [2012-12-25 164488]

R2 PavPrSrv;Panda Process Protection Service;c:\program\delade filer\panda security\pavshld\PavPrSrv.exe [2012-12-25 62768]

R2 PAVSRV;Panda On-Access Anti-Malware Service;c:\program\panda security\panda global protection 2013\pavsrvx86.exe [2012-12-25 313664]

R2 PhoneMyPC_Helper;PhoneMyPC_Helper;c:\program\softwareforme inc\phonemypc\PhoneMyPC_Helper.exe [2010-8-22 31232]

R2 PskSvcRetail;Panda PSK service;c:\program\panda security\panda global protection 2013\psksvc.exe [2012-12-25 28992]

R2 WinDefend;Windows Defender;c:\program\windows defender\MsMpEng.exe [2006-11-3 13592]

R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]

R3 BBUpdate;BBUpdate;c:\program\microsoft\bingbar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]

R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;c:\windows\system32\drivers\neti1644.sys [2012-12-25 201032]

R3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\pavsrk.sys --> c:\windows\system32\PavSRK.sys [?]

R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\pavtpk.sys --> c:\windows\system32\PavTPK.sys [?]

R3 rt2870;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;c:\windows\system32\drivers\Drt2870.sys [2010-11-10 779136]

S2 BBSvc;BingBar Service;c:\program\microsoft\bingbar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 DCamUSB20;USB 2.0 Capture;c:\windows\system32\drivers\CsMini20.sys [2007-12-15 46216]

S3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program\adobe\elements organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]

S3 ComFiltr;Panda Anti-Dialer;c:\windows\system32\drivers\COMFiltr.sys [2012-12-25 13880]

S3 csaudio;USB2.0 Audio Device Driver;c:\windows\system32\drivers\csaud.sys [2007-12-15 11008]

S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2011-5-17 20032]

S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2009-10-24 36608]

S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2007-12-11 14336]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2012-6-3 121064]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2012-6-3 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2012-6-3 136808]

S3 TdsNordecr;Nordea NCR1 SmartCard Reader;c:\windows\system32\drivers\nordecr.sys [2007-10-30 23040]

S3 TodosAgmII;Driver for Todos Argos Mini II;c:\windows\system32\drivers\AgmIIusb.sys [2008-2-16 18176]

S3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM108.sys [2012-2-20 1522176]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== File Associations ===============

.

.txt: <filetype is not registered>

FileExt: .vbe: VBEFile=c:\program\pandas~1\pandag~1\PAVSCRIP.EXE "%1" %*

FileExt: .vbs: VBSFile=c:\program\pandas~1\pandag~1\PAVSCRIP.EXE "%1" %*

FileExt: .js: jsfile=c:\program\pandas~1\pandag~1\PAVSCRIP.EXE "%1" %*

FileExt: .jse: JSEFile=c:\program\pandas~1\pandag~1\PavScrip.exe "%1" %*

FileExt: .wsf: WSFFile=c:\program\pandas~1\pandag~1\PavScrip.exe "%1" %*

.

=============== Created Last 30 ================

.

2013-01-18 17:13:19 60872 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{78b4febb-8ca9-4477-8dd7-a0bae87678c5}\offreg.dll

2013-01-18 16:53:06 -------- d-----w- C:\_OTL

2013-01-18 09:52:49 6991832 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{78b4febb-8ca9-4477-8dd7-a0bae87678c5}\mpengine.dll

2013-01-17 15:44:32 -------- d-sha-r- C:\cmdcons

2013-01-17 15:40:19 98816 ----a-w- c:\windows\sed.exe

2013-01-17 15:40:19 256000 ----a-w- c:\windows\PEV.exe

2013-01-17 15:40:19 208896 ----a-w- c:\windows\MBR.exe

2013-01-17 10:42:03 -------- d-----w- c:\documents and settings\all users\application data\WinZipSE

2013-01-17 10:41:55 -------- d-----w- c:\program\WinZip Self-Extractor

2013-01-16 12:38:48 -------- d-----w- c:\program\Systweak

2013-01-16 12:24:57 12 ----a-w- c:\windows\system32\ASOROSet.bin

2013-01-15 17:56:05 909728 ----a-w- c:\windows\system32\drivers\pctEFA.sys

2013-01-15 17:56:05 342168 ----a-w- c:\windows\system32\drivers\pctDS.sys

2013-01-15 17:55:09 368616 ----a-w- c:\windows\system32\drivers\PCTCore.sys

2013-01-15 17:55:09 163288 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys

2013-01-15 17:54:39 202280 ----a-w- c:\windows\system32\drivers\PCTSD.sys

2013-01-15 17:54:33 -------- d-----w- c:\program\delade filer\PC Tools

2013-01-15 17:50:51 -------- d-----w- c:\documents and settings\all users\application data\PC Tools

2013-01-15 17:50:21 -------- d-----w- c:\documents and settings\administratör\application data\TestApp

2013-01-14 16:34:23 15360 ----a-w- c:\windows\Launcher.exe

2013-01-14 16:33:35 -------- d-----w- c:\documents and settings\administratör\lokala inställningar\application data\SimplyTech

2013-01-07 15:11:01 -------- dc-h--w- c:\windows\ie8

2013-01-07 14:29:25 -------- d-----w- c:\program\Microsoft

2013-01-07 14:26:23 -------- d--h--w- c:\windows\msdownld.tmp

2013-01-02 17:43:35 -------- d-----w- c:\documents and settings\all users\application data\23399

2012-12-25 13:31:53 13880 ----a-w- c:\windows\system32\drivers\COMFiltr.sys

2012-12-25 13:23:01 729424 ----a-w- c:\windows\system32\wodSFTP.dll

2012-12-25 13:23:01 672024 ----a-w- c:\windows\system32\wodKeys.dll

2012-12-25 13:22:53 284348 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT

2012-12-25 13:22:45 53256 ----a-w- c:\windows\system32\drivers\dsaflt.sys

2012-12-25 13:22:45 46856 ----a-w- c:\windows\system32\drivers\wnmflt.sys

2012-12-25 13:22:45 193864 ----a-w- c:\windows\system32\drivers\idsflt.sys

2012-12-25 13:22:11 83528 ----a-w- c:\windows\system32\drivers\APPFLT.SYS

2012-12-25 13:22:11 22024 ----a-w- c:\windows\system32\drivers\fnetmon.sys

2012-12-25 13:22:11 159112 ----a-w- c:\windows\system32\drivers\NETFLTDI.SYS

2012-12-25 13:21:59 26696 ----a-w- c:\windows\system32\drivers\pavboot.sys

2012-12-25 13:21:24 54832 ----a-w- c:\windows\system32\pavcpl.cpl

2012-12-25 11:39:08 -------- d-----w- C:\SMCLpav

2012-12-24 14:44:40 -------- d-----w- C:\backup

2012-12-24 12:52:21 -------- d-----w- c:\program\Microsoft Corporation

2012-12-21 18:44:11 -------- d-----w- c:\documents and settings\administratör\.swt

2012-12-21 18:39:33 -------- d-----w- c:\documents and settings\administratör\application data\Diino

2012-12-20 13:32:09 -------- d-----w- c:\documents and settings\administratör\lokala inställningar\application data\On2Trade

2012-12-20 13:32:09 -------- d-----w- c:\documents and settings\administratör\lokala inställningar\application data\On2Share

.

==================== Find3M ====================

.

2012-12-21 17:52:00 859072 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-12-21 17:51:59 779704 ----a-w- c:\windows\system32\deployJava1.dll

2012-12-19 10:08:25 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-12-11 22:37:50 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-11 22:37:50 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-03 12:50:40 371200 ----a-w- c:\windows\system32\SearchIndexer.dll

2012-12-03 12:50:40 269824 ----a-w- c:\windows\system32\SearchEngine.rs

2012-11-16 10:08:28 518432 ----a-w- c:\windows\system32\PavSHook.dll

2012-11-13 11:55:15 1866368 ------w- c:\windows\system32\win32k.sys

2012-11-09 15:51:52 466008 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-11-06 02:00:56 1371648 ------w- c:\windows\system32\msxml6.dll

2012-11-02 02:04:00 375296 ------w- c:\windows\system32\dpnet.dll

2012-11-01 12:13:01 916992 ----a-w- c:\windows\system32\wininet.dll

2012-11-01 12:13:01 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-11-01 12:13:01 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-01 00:35:48 385024 ----a-w- c:\windows\system32\html.iec

2012-10-29 11:10:02 4659712 ----a-w- c:\windows\system32\Redemption.dll

2012-10-29 11:09:26 821824 ----a-w- c:\windows\system32\dgderapi.dll

2012-10-29 11:09:26 45320 ----a-w- c:\windows\system32\MAMACExtract.dll

2012-10-29 11:09:26 319456 ----a-w- c:\windows\system32\DIFxAPI.dll

2012-10-29 11:09:26 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys

.

============= FINISH: 19:19:42,45 ===============

[Cecilia]

Stäng av alla program du ser inklusive antivirusprogram och antispionprogram så att de inte krockar med OTL.

Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html

 

Starta programmet OTL (i Vista/Windows7 högerklicka och välj Kör som administratör).

Kopiera alla raderna i rutan:

:OTL
SRV - (Iomega Activity Disk2) -- File not found
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
[2012-11-06 12:18:24 | 000,189,128 | ---- | M] () (No name found) -- C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\3dnrt1ua.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\CROSSRIDERAPP3491@CROSSRIDER.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\CROSSRIDERAPP4479@CROSSRIDER.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\FFXTLBR@FUNMOODS.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\FFXTLBR@INCREDIBAR.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
CHR - plugin: registryAccess (Enabled) = C:\Documents and Settings\Administrat\u00F6r\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo\7.15.9.29524_0\background/registryAccess.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Administrat\u00F6r\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.542_0\npbrowserext.dll
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No CLSID value found.
O16 - DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
[2013-01-18 18:06:35 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\YourFile DownloaderUpdate.job
[2013-01-18 18:06:35 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\YourFile Update.job
[2012-12-15 20:37:53 | 000,031,465 | ---- | C] () -- C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\funmoods.crx
[2012-07-12 15:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BearShare
:Commands
[CREATERESTOREPOINT]
[EMPTYTEMP]
[REBOOT]

Klistra in dem i rutan Custom Scans/Fixes. Kontrollera att det ser exakt likadant ut, t ex när det gäller radbrytningar.

Tryck på Run Fix.

Om du blir tillfrågad om att starta om datorn så gör det.

Det kommer upp en logg i Anteckningar. Kopiera den och klistra in i ditt svar.

 

Om den inte kommer automatiskt så hittar du den i mappen c:\_OTL\Moved Files med ett namn som innehåller dagens datum och klockslaget för körningen.

 

Se till att aktivera antivirusprogram mm innan du ansluter datorn till internet.

[Cecilia]

Starta Anteckningar.

Kopiera alla rader i rutan:

Killall::
ClearJavaCache::
DDS::
TB: Winamp Toolbar: {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - LocalServer32 - <no file>
DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab

och klistra in i Anteckningar. Kontrollera att inga filnamn/sökvägar delas upp på två rader.

Spara filen på Skrivbordet med kodningen ANSI och med namnet CFScript.

 

Förbered datorn på samma sätt som tidigare för ComboFix.

Dra CFScript med musen och släpp den ovanpå ComboFix-ikonen på Skrivbordet så startar programmet på ett särskilt sätt.

Klistra in loggen som kommer ut.

[Cecilia]

Du ser ut att ha inaktiverat enheter som inte ska vara inaktiverade.

 

Högerklicka på "Den här datorn" och välj Hantera.

Leta upp Enhetshanteraren i vänsterkolumnen och välj den.

 

System Event Notification

Det där är en väsentligt Windows-funktion.

Högerklicka på enheten och välj att aktivera.

 

WAN Miniport (IPX)

Samma sak gäller denna enhet.

 

ADMtek AN983 based ethernet adapter

Det där är ett nätverkskort för nätverkskabel. Ska det verkligen vara inaktiverat?

 

D-Link AirPlus G DWL-G510 Wireless PCI Adapter(rev.C)

Det där är ett nätverkskort för trådlös förbindelse. Ska det verkligen vara inaktiverat?

 

Description: NVIDIA GeForce FX 5200

Det där är ett grafikkort. Ska det verkligen vara inaktiverat?

 

Starta om datorn.

[Cecilia]

Spara Farbar Service Scanner på skrivbordet.

http://download.bleepingcomputer.com/farbar/FSS.exe

Starta programmet.

 

Se till att "Include All Files" är valt.

Klicka på "Scan".

 

Programmet skapar loggen FSS.txt på Skrivbordet.

Klistra in den i ditt svar.

[stisjo]

Hej Cecilia

Jag har gjort en ny QuickScan av OTL

som jag klistrar in här

Nu tror jag att jag gjort allt du ville ha

mvh stisj

 

 

OTL logfile created on: 2013-01-19 10:58:55 - Run 3

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administratör\Skrivbord

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

1014,98 Mb Total Physical Memory | 496,21 Mb Available Physical Memory | 48,89% Memory free

2,01 Gb Paging File | 1,41 Gb Available in Paging File | 70,27% Paging File free

Paging file location(s): C:\pagefile.sys 1140 2280 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 74,53 Gb Total Space | 28,87 Gb Free Space | 38,74% Space Free | Partition Type: NTFS

Drive D: | 39,06 Gb Total Space | 38,14 Gb Free Space | 97,64% Space Free | Partition Type: NTFS

Drive E: | 39,06 Gb Total Space | 33,52 Gb Free Space | 85,82% Space Free | Partition Type: NTFS

Drive F: | 33,67 Gb Total Space | 15,29 Gb Free Space | 45,42% Space Free | Partition Type: NTFS

 

Computer Name: STIGSJ-6C6FD30E | User Name: Administratör | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Documents and Settings\Administratör\Skrivbord\OTL.exe (OldTimer Tools)

PRC - C:\Program\Google\Update\1.3.21.124\GoogleCrashHandler.exe (Google Inc.)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\ApVxdWin.exe (Panda Security, S.L.)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\PsCtrlS.exe (Panda Security, S.L.)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\TPSrv.exe (Panda Security, S.L.)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\PavFnSvr.exe (Panda Security, S.L.)

PRC - C:\Program\Microsoft\BingBar\7.1.391.0\SeaPort.EXE (Microsoft Corporation.)

PRC - C:\Program\Microsoft\BingBar\7.1.391.0\BBSvc.EXE (Microsoft Corporation.)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\WebProxy.exe (Panda Security)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\PavBckPT.exe (Panda Security, S.L.)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\SrvLoad.exe (Panda Security, S.L.)

PRC - C:\Program\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe (SoftwareForMe Inc)

PRC - C:\Program\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC.exe (SoftwareForMe Inc)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\pavsrvx86.exe (Panda Security, S.L.)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\AVENGINE.EXE (Panda Security, S.L.)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\psksvc.exe (Panda Security, S.L.)

PRC - C:\Program\Delade filer\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

PRC - C:\Program\CDBurnerXP\NMSAccessU.exe ()

PRC - c:\Program\Panda Security\Panda Global Protection 2013\FIREWALL\PSHost.exe (Panda Security International)

PRC - C:\Program\On2Share\On2Share MediaServer.exe (On2Trade)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\PsImSvc.exe (Panda Security S.L.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program\Delade filer\Panda Security\PavShld\PavPrSrv.exe (Panda Security, S.L.)

PRC - C:\Program\Windows Defender\MsMpEng.exe (Microsoft Corporation)

PRC - C:\Program\Alpha Networks\ANIWZCS Service\WZCSLDR.exe (Alpha Networks Inc.)

PRC - C:\WINDOWS\system32\drivers\CDANTSRV.EXE (C-Dilla Ltd)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f43e890d874ef521aba51f76f64cd97b\System.ServiceProcess.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\4c91371e83d124ecb39664613e7e0417\System.Windows.Forms.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll ()

MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_1ee24694\mscorlib.dll ()

MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_6e5ee10b\system.drawing.dll ()

MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_f088942a\system.xml.dll ()

MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_78ee0e62\system.windows.forms.dll ()

MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_bf5e2e7b\system.dll ()

MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()

MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll ()

MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll ()

MOD - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\PDFShell.SVE ()

MOD - C:\Program\WinRAR\RarExt.dll ()

MOD - C:\Program\BearShare Applications\BearShare\ac3filter.ax ()

MOD - C:\Program\CDBurnerXP\NMSAccessU.exe ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_sv_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll ()

MOD - C:\WINDOWS\system32\msdmo.dll ()

MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll ()

MOD - c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_sv_b77a5c561934e089\mscorlib.resources.dll ()

MOD - c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll ()

MOD - C:\Program\Panda Security\Panda Global Protection 2013\MiniCrypto.dll ()

MOD - C:\Program\Panda Security\Panda Global Protection 2013\APIcr.dll ()

MOD - C:\Program\Panda Security\Panda Global Protection 2013\LIBXML2.DLL ()

 

 

========== Services (SafeList) ==========

 

SRV - (PLFlash DeviceIoControl Service) -- C:\WINDOWS\system32\IoctlSvc.exe File not found

SRV - (Iomega Activity Disk2) -- File not found

SRV - (gusvc) -- C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe File not found

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (Panda Software Controller) -- C:\Program\Panda Security\Panda Global Protection 2013\PsCtrlS.exe (Panda Security, S.L.)

SRV - (TPSrv) -- C:\Program\Panda Security\Panda Global Protection 2013\TPSrv.exe (Panda Security, S.L.)

SRV - (Adobe LM Service) -- C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)

SRV - (PAVFNSVR) -- C:\Program\Panda Security\Panda Global Protection 2013\PavFnSvr.exe (Panda Security, S.L.)

SRV - (MozillaMaintenance) -- C:\Program\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (BBUpdate) -- C:\Program\Microsoft\BingBar\7.1.391.0\SeaPort.EXE (Microsoft Corporation.)

SRV - (BBSvc) -- C:\Program\Microsoft\BingBar\7.1.391.0\BBSvc.EXE (Microsoft Corporation.)

SRV - (PhoneMyPC_Helper) -- C:\Program\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe (SoftwareForMe Inc)

SRV - (PAVSRV) -- C:\Program\Panda Security\Panda Global Protection 2013\pavsrvx86.exe (Panda Security, S.L.)

SRV - (PskSvcRetail) -- C:\Program\Panda Security\Panda Global Protection 2013\psksvc.exe (Panda Security, S.L.)

SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program\Delade filer\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

SRV - (ACDaemon) -- C:\Program\Delade filer\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

SRV - (NMSAccess) -- C:\Program\CDBurnerXP\NMSAccessU.exe ()

SRV - (FLEXnet Licensing Service) -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)

SRV - (PSHost) -- c:\Program\Panda Security\Panda Global Protection 2013\FIREWALL\PSHost.exe (Panda Security International)

SRV - (AdobeActiveFileMonitor8.0) -- C:\Program\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)

SRV - (ServiceLayer) -- C:\Program\PC Connectivity Solution\ServiceLayer.exe (Nokia.)

SRV - (SupportSoft RemoteAssist) -- C:\Program\Delade filer\SupportSoft\bin\ssrc.exe (SupportSoft, Inc.)

SRV - (PSIMSVC) -- C:\Program\Panda Security\Panda Global Protection 2013\PsImSvc.exe (Panda Security S.L.)

SRV - (PavPrSrv) -- C:\Program\Delade filer\Panda Security\PavShld\PavPrSrv.exe (Panda Security, S.L.)

SRV - (ANIWZCSdService) -- C:\Program\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (Wireless Service)

SRV - (WinDefend) -- C:\Program\Windows Defender\MsMpEng.exe (Microsoft Corporation)

SRV - (C-DillaSrv) -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE (C-Dilla Ltd)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (sptd) -- C:\WINDOWS\\SystemRoot\System32\Drivers\sptd.sys File not found

DRV - (PDRFRAME) -- File not found

DRV - (PDRELI) -- File not found

DRV - (PDFRAME) -- File not found

DRV - (PDCOMP) -- File not found

DRV - (PCIDump) -- File not found

DRV - (PavTPK.sys) -- C:\WINDOWS\system32\PavTPK.sys File not found

DRV - (PavSRK.sys) -- C:\WINDOWS\system32\PavSRK.sys File not found

DRV - (lbrtfdc) -- File not found

DRV - (i2omgmt) -- File not found

DRV - (Changer) -- File not found

DRV - (catchme) -- C:\ComboFix\catchme.sys File not found

DRV - (AvFlt) -- C:\WINDOWS\system32\drivers\av5flt.sys File not found

DRV - (adfs) -- File not found

DRV - (ComFiltr) -- C:\WINDOWS\system32\drivers\COMFiltr.sys ()

DRV - (PCTSD) -- C:\WINDOWS\system32\drivers\PCTSD.sys (PC Tools)

DRV - (dgderdrv) -- C:\WINDOWS\system32\drivers\dgderdrv.sys (Devguru Co., Ltd)

DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)

DRV - (PavProc) -- C:\WINDOWS\system32\drivers\PavProc.sys (Panda Security, S.L.)

DRV - (AmFSM) -- C:\WINDOWS\system32\drivers\amm8651.sys (Panda Security, S.L.)

DRV - (pctEFA) -- C:\WINDOWS\system32\drivers\pctEFA.sys (PC Tools)

DRV - (pctDS) -- C:\WINDOWS\system32\drivers\pctDS.sys (PC Tools)

DRV - (tbhsd) -- C:\WINDOWS\system32\drivers\tbhsd.sys (RapidSolution Software AG)

DRV - (ssadmdm) -- C:\WINDOWS\system32\drivers\ssadmdm.sys (MCCI Corporation)

DRV - (ssadbus) -- C:\WINDOWS\system32\drivers\ssadbus.sys (MCCI Corporation)

DRV - (ssadmdfl) -- C:\WINDOWS\system32\drivers\ssadmdfl.sys (MCCI Corporation)

DRV - (ShldDrv) -- C:\WINDOWS\system32\drivers\ShlDrv51.sys (Panda Security, S.L.)

DRV - (APPFLT) -- C:\WINDOWS\system32\drivers\APPFLT.SYS (Panda Security, S.L.)

DRV - (IDSFLT) -- C:\WINDOWS\system32\drivers\idsflt.sys (Panda Security, S.L.)

DRV - (NETIMFLT01060044) -- C:\WINDOWS\system32\drivers\neti1644.sys (Panda Security, S.L.)

DRV - (pavboot) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)

DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()

DRV - (rt2870) -- C:\WINDOWS\system32\drivers\Drt2870.sys (Ralink Technology, Corp.)

DRV - (WNMFLT) -- C:\WINDOWS\system32\drivers\wnmflt.sys (Panda Security, S.L.)

DRV - (NETFLTDI) -- C:\WINDOWS\system32\drivers\NETFLTDI.SYS (Panda Security, S.L.)

DRV - (FNETMON) -- C:\WINDOWS\system32\drivers\fnetmon.sys (Panda Security, S.L.)

DRV - (DSAFLT) -- C:\WINDOWS\system32\drivers\dsaflt.sys (Panda Security, S.L.)

DRV - (RT61) -- C:\WINDOWS\system32\drivers\rt61.sys (Ralink Technology, Corp.)

DRV - (USBPNPA) -- C:\WINDOWS\system32\drivers\CM108.sys (C-Media Electronics Inc)

DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)

DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)

DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)

DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)

DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)

DRV - (STAC97) -- C:\WINDOWS\system32\drivers\STAC97.sys (SigmaTel, Inc.)

DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Sonic Solutions)

DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Sonic Solutions)

DRV - (TdsNordecr) -- C:\WINDOWS\system32\drivers\nordecr.sys (Todos Data System AB)

DRV - (SRS_SSCFilter) -- C:\WINDOWS\system32\drivers\SRS_SSCFilter_i386.sys ()

DRV - (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()

DRV - (TodosAgmII) -- C:\WINDOWS\system32\drivers\AgmIIusb.sys (Todos Data System AB)

DRV - (ANIO) -- C:\WINDOWS\system32\ANIO.sys (Alpha Networks Inc.)

DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)

DRV - (ARCSOFTVIRTUALCAPTURE) -- C:\WINDOWS\system32\drivers\ArcSoftVirtualCapture.sys (ArcSoft, Inc.)

DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)

DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()

DRV - (PCLEPCI) -- C:\WINDOWS\system32\drivers\Pclepci.sys (Pinnacle Systems GmbH)

DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)

DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)

DRV - (AN983) -- C:\WINDOWS\system32\drivers\an983.sys (ADMtek Incorporated.)

DRV - (cmudau) -- C:\WINDOWS\system32\drivers\cmudau.sys (C-Media Inc)

DRV - (csaudio) -- C:\WINDOWS\system32\drivers\csaud.sys (Windows ® 2000 DDK provider)

DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)

DRV - (DCamUSB20) -- C:\WINDOWS\system32\drivers\CsMini20.sys (Crescentec Corporation)

DRV - (IdeChnDr) -- C:\WINDOWS\system32\drivers\IdeChnDr.sys (Intel Corporation)

DRV - (IdeBusDr) -- C:\WINDOWS\system32\drivers\IdeBusDr.sys (Intel Corporation)

DRV - (iomdisk) -- C:\WINDOWS\system32\drivers\IomDisk.sys (Iomega Corporation)

DRV - (C-Dilla) -- C:\WINDOWS\system32\drivers\CDANT.SYS (Macrovision)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com'>http://www.google.com'>http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/'>http://www.google.com/

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.se/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 73 C8 1E FE DE CD 01 [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultengine: "Web Search"

FF - prefs.js..browser.search.defaultenginename: "Web Search"

FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.order.1: "Web Search"

FF - prefs.js..browser.search.selectedEngine: "Web Search"

FF - prefs.js..browser.search.useDBForOrder: ""

FF - prefs.js..browser.startup.homepage: ""

FF - prefs.js..extensions.enabledAddons:

FF - prefs.js..extensions.enabledAddons:

FF - prefs.js..extensions.enabledAddons:

FF - prefs.js..extensions.enabledAddons:

FF - prefs.js..extensions.enabledAddons:

FF - prefs.js..extensions.enabledAddons:

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1: C:\WINDOWS\ [2013-01-19 10:46:35 | 000,000,000 | ---D | M]

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\tunebite-firefox-surf-and-catch-extension@audials.com: C:\Program\RapidSolution\AudialsOne\Tunebite\plugins\GeckoBased\tunebite-firefox-surf-and-catch-extension@audials.com\ [2008-12-05 20:01:01 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\videoraptor-firefox-surf-and-catch-extension@audials.com: C:\Program\RapidSolution\AudialsOne\VideoRaptor\plugins\GeckoBased\videoraptor-firefox-surf-and-catch-extension@audials.com\ [2008-12-05 22:34:06 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program\Google\Google Gears\Firefox\ [2010-03-06 10:29:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\39ffxtbr@MapsGalaxy_39.com: C:\Program\MapsGalaxy_39\bar\2.bin [2013-01-16 11:24:43 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program\Mozilla Firefox\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins

 

[2012-08-13 11:41:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administratör\Application Data\Mozilla\Extensions

[2013-01-18 17:59:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\3dnrt1ua.default\extensions

[2012-09-18 15:46:48 | 000,020,591 | ---- | M] () (No name found) -- C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\3dnrt1ua.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi

[2012-11-06 12:18:24 | 000,189,128 | ---- | M] () (No name found) -- C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\3dnrt1ua.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi

File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\{7473B6BD-4691-4744-A82B-7854EB3D70B6}

File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\CROSSRIDERAPP3491@CROSSRIDER.COM

File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\CROSSRIDERAPP4479@CROSSRIDER.COM

File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\FFXTLBR@FUNMOODS.COM

File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\FFXTLBR@INCREDIBAR.COM

File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM

 

========== Chrome ==========

 

CHR - homepage: http://google.se/'>http://google.se/

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},

CHR - homepage: http://google.se/

CHR - plugin: Shockwave Flash (Enabled) = C:\Program\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program\Google\Chrome\Application\24.0.1312.52\pdf.dll

CHR - plugin: registryAccess (Enabled) = C:\Documents and Settings\Administrat\u00F6r\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo\7.15.9.29524_0\background/registryAccess.dll

CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Administrat\u00F6r\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.542_0\npbrowserext.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dll

CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program\Garmin GPS Plugin\npGarmin.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program\Google\Update\1.3.21.124\npGoogleUpdate3.dll

CHR - plugin: Java Platform SE 6 U38 (Enabled) = C:\Program\Java\jre6\bin\plugin2\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program\Microsoft Silverlight\4.1.10329.0\npctrl.dll

CHR - plugin: Nexus Personal (Enabled) = C:\Program\Personal\bin\np_prsnl.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll

CHR - plugin: Java Deployment Toolkit 7.0.100.18 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll

CHR - Extension: Google Dokument = C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.4_0\

CHR - Extension: Google Drive = C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: YouTube = C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: S\u00F6k p\u00E5 Google = C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Gmail = C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2013-01-17 17:49:57 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Länkhjälp till Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Videoraptor_WebRipPlugin Class) - {3C0372C2-04C3-4100-BAB1-1D42C552BC48} - C:\Program\RapidSolution\AudialsOne\VideoRaptor\plugins\IE\VR_WebRipIePlugin.dll (RapidSolution Software)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Tunebite_WebRipPlugin Class) - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program\RapidSolution\AudialsOne\Tunebite\plugins\IE\TB_WebRipIePlugin.dll (RapidSolution Software)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)

O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)

O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No CLSID value found.

O4 - HKLM..\Run: [ANIWZCSService] c:\program\alpha networks\aniwzcs service\wzcsldr.exe (Alpha Networks Inc.)

O4 - HKLM..\Run: [APVXDWIN] C:\Program\Panda Security\Panda Global Protection 2013\APVXDWIN.EXE (Panda Security, S.L.)

O4 - HKLM..\Run: [sCANINICIO] C:\Program\Panda Security\Panda Global Protection 2013\Inicio.exe (Panda Security, S.L.)

O4 - HKCU..\Run: [On2Share] C:\Program\On2Share\On2Share MediaServer.exe (On2Trade)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab (DLM Control)

O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} http://www.nanoscan.com/as/cabs/ascstubie.cab (TotalScan Installer Class)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1350814211218 (WUWebControl Class)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1350681596703 (MUWebControl Class)

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)

O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} http://www.nanoscan.com/cabs/nanoinst.cab (NanoInstaller Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Reg Error: Value error.)

O16 - DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab (Microsoft Download Manager ActiveX control)

O16 - DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38)

O16 - DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E505599B-F37A-4849-A7B0-E0AAB5CB054C} https://gfs.nb.se/privat/bank/scripts/eid/NordeaSmartCard.cab (ScriptPlayerRuntime Class)

O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_32.CAB (Reg Error: Key error.)

O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 84.246.88.10 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3A897BE-584F-43F8-A577-BB598F76AAC2}: DhcpNameServer = 84.246.88.10 192.168.0.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program\Delade filer\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\avldr: DllName - (avldr.dll) - C:\WINDOWS\System32\avldr.dll (On-Access Anti-Malware Scanner Sync)

O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)

O24 - Desktop WallPaper: C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program\Windows Defender\MpShHook.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011-01-29 10:58:11 | 000,000,083 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2013-01-18 17:53:06 | 000,000,000 | ---D | C] -- C:\_OTL

[2013-01-18 12:48:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administratör\Skrivbord\OTL.exe

[2013-01-17 18:02:38 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2013-01-17 16:44:32 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2013-01-17 16:40:19 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2013-01-17 16:40:19 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2013-01-17 16:40:19 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2013-01-17 16:40:19 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2013-01-17 16:39:37 | 000,000,000 | ---D | C] -- C:\Qoobox

[2013-01-17 12:32:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Skrivbord\reparations-mapp

[2013-01-17 11:42:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\WinZip Self-Extractor

[2013-01-17 11:42:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinZipSE

[2013-01-17 11:41:55 | 000,000,000 | ---D | C] -- C:\Program\WinZip Self-Extractor

[2013-01-16 15:38:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Google Chrome

[2013-01-16 13:53:39 | 000,688,992 | R--- | C] (Swearware) -- C:\Documents and Settings\Administratör\Skrivbord\dds.scr

[2013-01-16 13:39:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Systweak PhotoStudio

[2013-01-16 13:38:48 | 000,000,000 | ---D | C] -- C:\Program\Systweak

[2013-01-15 18:56:05 | 000,909,728 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctEFA.sys

[2013-01-15 18:56:05 | 000,342,168 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctDS.sys

[2013-01-15 18:55:09 | 000,368,616 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys

[2013-01-15 18:55:09 | 000,163,288 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys

[2013-01-15 18:54:39 | 000,202,280 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTSD.sys

[2013-01-15 18:54:33 | 000,000,000 | ---D | C] -- C:\Program\Delade filer\PC Tools

[2013-01-15 18:50:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools

[2013-01-15 18:50:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Application Data\TestApp

[2013-01-15 10:51:49 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administratör\Recent

[2013-01-14 17:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\SimplyTech

[2013-01-07 16:11:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8

[2013-01-07 15:37:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Start-meny\Program\Accessories

[2013-01-07 15:29:25 | 000,000,000 | ---D | C] -- C:\Program\Microsoft

[2013-01-02 18:43:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\23399

[2012-12-31 11:47:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokument\CrashDump

[2012-12-25 14:23:01 | 000,729,424 | ---- | C] (WeOnlyDo Software) -- C:\WINDOWS\System32\wodSFTP.dll

[2012-12-25 14:23:01 | 000,672,024 | ---- | C] (WeOnlyDo! COM) -- C:\WINDOWS\System32\wodKeys.dll

[2012-12-25 14:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Panda Security

[2012-12-25 14:22:45 | 000,193,864 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\idsflt.sys

[2012-12-25 14:22:45 | 000,053,256 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\dsaflt.sys

[2012-12-25 14:22:45 | 000,046,856 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\wnmflt.sys

[2012-12-25 14:22:11 | 000,159,112 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\NETFLTDI.SYS

[2012-12-25 14:22:11 | 000,083,528 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\APPFLT.SYS

[2012-12-25 14:22:11 | 000,022,024 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\fnetmon.sys

[2012-12-25 14:21:59 | 000,026,696 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys

[2012-12-25 14:21:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Panda Global Protection 2013

[2012-12-25 14:21:24 | 000,054,832 | ---- | C] (Panda Software) -- C:\WINDOWS\System32\pavcpl.cpl

[2012-12-25 14:20:53 | 000,193,344 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\TpUtil.dll

[2012-12-25 14:20:53 | 000,107,568 | ---- | C] (Panda Software) -- C:\WINDOWS\System32\SYSTOOLS.DLL

[2012-12-25 14:20:53 | 000,087,328 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\PavLspHook.dll

[2012-12-25 14:20:53 | 000,055,616 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\pavipc.dll

[2012-12-25 14:20:51 | 000,518,432 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\PavSHook.dll

[2012-12-25 14:20:49 | 000,201,032 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\neti1644.sys

[2012-12-25 14:20:48 | 000,063,240 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\amm8651.sys

[2012-12-25 14:20:48 | 000,055,552 | ---- | C] (On-Access Anti-Malware Scanner Sync) -- C:\WINDOWS\System32\avldr.dll

[2012-12-25 14:20:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PAV

[2012-12-25 14:20:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Application Data\Panda Security

[2012-12-25 14:20:11 | 000,164,488 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\PavProc.sys

[2012-12-25 14:20:11 | 000,037,448 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\ShlDrv51.sys

[2012-12-25 14:20:11 | 000,000,000 | ---D | C] -- C:\Program\Delade filer\Panda Security

[2012-12-25 12:39:08 | 000,000,000 | ---D | C] -- C:\SMCLpav

[2012-12-24 15:44:40 | 000,000,000 | ---D | C] -- C:\backup

[2012-12-24 13:52:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Start-meny\Program\Microsoft IE ActiveX Analyzer

[2012-12-24 13:52:21 | 000,000,000 | ---D | C] -- C:\Program\Microsoft Corporation

[2012-12-21 19:44:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\.swt

[2012-12-21 19:39:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Application Data\Diino

[2012-12-21 18:57:10 | 000,000,000 | ---D | C] -- C:\Program\Delade filer\Java

[2012-12-20 14:32:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\On2Trade

[2012-12-20 14:32:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\On2Share

[2012-12-20 14:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\On2Share

[2007-12-30 18:45:32 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Administratör\Application Data\pcouffin.sys

[25 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2013-01-19 11:18:00 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B6A6AE5F-966C-457D-9979-2B9722D3F44D}.job

[2013-01-19 11:15:00 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D72E822F-E36C-4726-9FDD-DD9DDF8793FE}.job

[2013-01-19 11:14:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{945E1A1C-D934-4536-B47B-493B51D098FB}.job

[2013-01-19 11:07:42 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job

[2013-01-19 10:52:55 | 000,620,460 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls.bck

[2013-01-19 10:52:54 | 000,620,460 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls

[2013-01-19 10:52:31 | 000,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg.bck

[2013-01-19 10:52:31 | 000,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg

[2013-01-19 10:52:31 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg.bck

[2013-01-19 10:52:31 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg

[2013-01-19 10:52:31 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg.bck

[2013-01-19 10:52:31 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg

[2013-01-19 10:52:31 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg.bck

[2013-01-19 10:52:31 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg

[2013-01-19 10:52:30 | 000,001,132 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG.bck

[2013-01-19 10:52:30 | 000,001,132 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG

[2013-01-19 10:45:03 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cce125dd1eb61e.job

[2013-01-19 10:45:03 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\YourFile DownloaderUpdate.job

[2013-01-19 10:45:03 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\YourFile Update.job

[2013-01-19 10:44:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013-01-18 23:36:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013-01-18 18:09:58 | 000,284,348 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT.bck

[2013-01-18 18:09:58 | 000,284,348 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT

[2013-01-18 12:49:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administratör\Skrivbord\OTL.exe

[2013-01-18 12:32:07 | 000,000,020 | ---- | M] () -- C:\Documents and Settings\Administratör\defogger_reenable

[2013-01-17 18:05:02 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk

[2013-01-17 17:49:57 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2013-01-17 16:44:41 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2013-01-17 10:47:56 | 000,001,775 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2013-01-16 13:53:42 | 000,688,992 | R--- | M] (Swearware) -- C:\Documents and Settings\Administratör\Skrivbord\dds.scr

[2013-01-16 13:42:06 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Systweak PhotoStudio (2).lnk

[2013-01-16 13:31:17 | 000,000,012 | ---- | M] () -- C:\WINDOWS\System32\ASOROSet.bin

[2013-01-16 00:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\NeroLiveEpgUpdate-STIGSJ-6C6FD30E_Administratör.job

[2013-01-15 19:08:19 | 000,750,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB

[2013-01-15 17:15:26 | 000,000,211 | ---- | M] () -- C:\Boot.bak

[2013-01-15 12:05:25 | 000,002,303 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk

[2013-01-14 17:34:15 | 000,000,752 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent (2).lnk

[2013-01-14 17:34:13 | 000,000,806 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\WinRAR (2).lnk

[2013-01-14 17:34:12 | 000,001,731 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk

[2013-01-14 17:34:12 | 000,000,904 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk

[2013-01-14 17:34:12 | 000,000,643 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Tweak UI (2).lnk

[2013-01-14 17:34:11 | 000,001,876 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Panda Global Protection 2013.lnk

[2013-01-14 17:34:10 | 000,002,427 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk

[2013-01-14 17:34:10 | 000,001,555 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\On2Share MediaServer.lnk

[2013-01-14 17:34:10 | 000,000,854 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Outlook Express (2).lnk

[2013-01-14 17:34:09 | 000,002,233 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero ShowTime (2).lnk

[2013-01-14 17:34:09 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2013-01-14 17:34:05 | 000,002,507 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft ActiveSync (2).lnk

[2013-01-14 17:34:05 | 000,001,606 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\MagicISO.lnk

[2013-01-14 17:34:02 | 000,002,025 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Earth.lnk

[2013-01-14 17:34:02 | 000,001,640 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Kalkylatorn (2).lnk

[2013-01-14 17:34:01 | 000,000,958 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till Photoshop.lnk

[2013-01-14 17:34:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till WINWORD.lnk

[2013-01-14 17:34:01 | 000,000,922 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till switch.lnk

[2013-01-14 17:34:01 | 000,000,871 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till ToolbarCleaner.exe.lnk

[2013-01-14 17:33:59 | 000,000,890 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till KiesAirMessage.lnk

[2013-01-14 17:33:58 | 000,000,776 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till BitLord.lnk

[2013-01-14 17:33:58 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till Idioten.lnk

[2013-01-14 17:33:55 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Garmin Lifetime Updater.lnk

[2013-01-14 17:33:53 | 000,000,969 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\ConvertXtoDVD 4.lnk

[2013-01-14 17:33:44 | 000,001,035 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\BearShare.lnk

[2013-01-14 17:33:41 | 000,001,856 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Reader X.lnk

[2013-01-14 17:33:40 | 000,001,337 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Illustrator CS3 (2).lnk

[2013-01-14 17:33:40 | 000,001,048 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Photoshop Elements 8.0.lnk

[2013-01-14 17:33:38 | 000,002,234 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Illustrator CS (2).lnk

[2013-01-11 15:31:33 | 000,000,180 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\default.rss

[2013-01-11 15:28:53 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2013-01-09 20:01:31 | 001,447,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013-01-09 20:01:31 | 001,423,828 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat

[2013-01-09 20:01:31 | 000,521,692 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat

[2013-01-09 20:01:31 | 000,460,152 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013-01-08 12:56:35 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013-01-03 07:18:52 | 000,015,360 | ---- | M] () -- C:\WINDOWS\Launcher.exe

[2012-12-31 11:06:17 | 000,013,880 | ---- | M] () -- C:\WINDOWS\System32\drivers\COMFiltr.sys

[2012-12-25 15:10:02 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetLoc.wlt

[2012-12-25 15:05:23 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt.bck

[2012-12-25 15:05:23 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt

[2012-12-25 15:05:09 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAdapt.cfg.bck

[2012-12-25 15:05:09 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAdapt.cfg

[2012-12-25 14:38:54 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetLoc.wlt.bck

[2012-12-25 14:23:27 | 000,000,250 | ---- | M] () -- C:\WINDOWS\System32\PavCPL.dat

[2012-12-25 14:22:08 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Grundrensning.job

[2012-12-25 13:22:02 | 000,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC

[2012-12-22 19:18:48 | 004,445,680 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012-12-20 17:30:26 | 000,000,400 | ---- | M] () -- C:\0

[25 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2013-01-18 12:31:13 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\Administratör\defogger_reenable

[2013-01-17 18:05:02 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk

[2013-01-17 16:44:41 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2013-01-17 16:44:36 | 000,260,272 | RHS- | C] () -- C:\cmldr

[2013-01-17 16:40:19 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2013-01-17 16:40:19 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2013-01-17 16:40:19 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2013-01-17 16:40:19 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2013-01-17 16:40:19 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2013-01-16 15:38:23 | 000,001,775 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2013-01-16 13:42:06 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Systweak PhotoStudio (2).lnk

[2013-01-16 13:24:57 | 000,000,012 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin

[2013-01-15 18:56:11 | 000,750,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB

[2013-01-14 17:34:23 | 000,015,360 | ---- | C] () -- C:\WINDOWS\Launcher.exe

[2013-01-07 16:18:14 | 000,000,907 | ---- | C] () -- C:\Documents and Settings\Administratör\Start-meny\Program\Internet Explorer.lnk

[2013-01-07 15:36:50 | 000,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D72E822F-E36C-4726-9FDD-DD9DDF8793FE}.job

[2013-01-03 22:20:05 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till Idioten.lnk

[2012-12-26 11:16:34 | 000,000,871 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till ToolbarCleaner.exe.lnk

[2012-12-25 14:31:53 | 000,013,880 | ---- | C] () -- C:\WINDOWS\System32\drivers\COMFiltr.sys

[2012-12-25 14:23:27 | 000,000,250 | ---- | C] () -- C:\WINDOWS\System32\PavCPL.dat

[2012-12-25 14:23:26 | 000,001,876 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Panda Global Protection 2013.lnk

[2012-12-25 14:22:53 | 000,284,348 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT.bck

[2012-12-25 14:22:53 | 000,284,348 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT

[2012-12-25 14:22:53 | 000,001,132 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG.bck

[2012-12-25 14:22:53 | 000,001,132 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG

[2012-12-25 14:22:07 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Grundrensning.job

[2012-12-20 14:53:47 | 000,001,555 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\On2Share MediaServer.lnk

[2012-12-15 20:37:53 | 000,031,465 | ---- | C] () -- C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\funmoods.crx

[2012-12-07 13:56:52 | 000,000,764 | ---- | C] () -- C:\Documents and Settings\Administratör\Genväg till Downloads.lnk

[2012-12-03 18:51:04 | 000,000,248 | ---- | C] () -- C:\Documents and Settings\Administratör\Ahmbed.gz

[2012-12-03 13:50:39 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\SearchEngine.dat

[2012-11-29 11:43:31 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc

[2012-11-18 23:42:36 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\recently-used.xbel

[2012-10-24 14:20:13 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ImHttpComm.dll

[2012-06-05 16:31:15 | 000,000,016 | ---- | C] () -- C:\WINDOWS\WinInit.ini.backup

[2012-02-25 14:58:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll

[2012-02-20 19:25:56 | 000,001,911 | ---- | C] () -- C:\WINDOWS\Cmudau.ini

[2012-02-20 19:25:55 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmdrvrmu.exe

[2012-02-20 19:25:55 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\cmdrvrmu.dll

[2012-02-20 18:09:22 | 000,000,939 | ---- | C] () -- C:\WINDOWS\Cm108.ini.cfg

[2012-02-20 18:08:09 | 000,001,096 | ---- | C] () -- C:\WINDOWS\cm108.ini

[2012-02-20 12:38:05 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll

[2012-02-15 22:46:59 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012-02-14 17:36:55 | 000,257,460 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2012-02-14 17:36:55 | 000,257,460 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2012-02-14 17:36:54 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin

[2012-02-14 17:36:24 | 002,294,198 | R--- | C] () -- C:\WINDOWS\System32\nvdata.bin

[2012-02-04 18:58:06 | 000,000,160 | ---- | C] () -- C:\WINDOWS\{9A5F1282-D6F8-4F04-B73E-D9286924E9AC}.ini

[2012-02-04 18:58:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\{9A5F1282-D6F8-4F04-B73E-D9286924E9AC}.ini

[2012-01-31 23:24:19 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll

[2011-11-17 17:36:48 | 000,298,106 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\WPFFontCache_v0400-S-1-5-21-448539723-1004336348-682003330-1010-0.dat

[2011-05-17 12:44:36 | 005,258,427 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\WPFFontCache_v0400-S-1-5-21-448539723-1004336348-682003330-500-0.dat

[2011-04-27 13:19:32 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe

[2011-04-27 13:19:30 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll

[2011-04-27 13:19:30 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll

[2011-04-27 13:19:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll

[2011-04-27 13:19:30 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll

[2011-04-04 22:19:04 | 000,499,862 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\WPFFontCache_v0400-System.dat

[2011-03-25 22:17:54 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[2011-02-17 15:31:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Graffiti5.2Pin.ini

[2011-02-16 13:39:29 | 000,012,208 | ---- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2011-01-23 14:30:23 | 000,194,248 | ---- | C] () -- C:\WINDOWS\System32\LTRFD13n.DLL

[2011-01-23 13:58:37 | 000,001,182 | ---- | C] () -- C:\WINDOWS\VFO.INI

[2010-11-10 18:26:48 | 000,000,258 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\ANICONFIG_{4F4EAB24-3DAD-4C46-AF21-65F3C49938CF}.ini

[2010-11-10 16:35:59 | 000,000,258 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\ANICONFIG_{20B17DE4-A899-46CA-9338-7F6B6544D8CD}.ini

[2010-11-06 18:59:31 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\burnaware.ini

[2010-08-16 22:05:09 | 000,000,153 | ---- | C] () -- C:\Documents and Settings\Administratör\.java.policy

[2010-02-12 16:15:58 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Administratör\tenmy.ini

[2009-10-24 16:46:09 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\$_hpcst$.hpc

[2009-01-24 12:00:00 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\NetworkService\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008-12-05 18:28:33 | 000,000,180 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\default.rss

[2008-12-05 18:28:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\downloads.m3u

[2008-11-11 18:49:08 | 000,001,440 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\filterclsid.dat

[2008-11-02 12:59:54 | 000,000,404 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Yin4Yang common Preferences

[2008-10-15 14:29:18 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\default.pls

[2008-01-27 12:27:58 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\vso_ts_preview.xml

[2007-12-30 18:45:32 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\inst.exe

[2007-12-30 18:45:32 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\pcouffin.cat

[2007-12-30 18:45:32 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\pcouffin.inf

[2007-12-25 18:07:50 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Administratör\.rnd

[2007-12-15 18:52:36 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt

[2007-12-13 18:50:54 | 000,074,240 | ---- | C] () -- C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2007-12-11 16:07:19 | 000,000,142 | ---- | C] () -- C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\fusioncache.dat

 

========== ZeroAccess Check ==========

 

[2007-12-11 16:06:11 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 17:04:47 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-02-09 11:56:00 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2008-04-14 17:04:54 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

========== LOP Check ==========

 

[2010-06-27 11:37:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\AceBIT

[2012-06-05 16:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Active Disk

[2010-08-16 22:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Agency9

[2012-12-10 17:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Azureus

[2012-11-18 23:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\BitLord

[2012-01-31 17:03:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Canneverbe Limited

[2012-11-20 18:19:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2008-11-11 10:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\CoSoSys

[2005-02-24 19:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\ctl3davi60

[2012-12-05 15:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\DAEMON Tools Pro

[2012-12-10 17:44:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\DataMgr

[2010-11-08 17:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\dBpoweramp

[2010-02-04 22:41:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Desktopicon

[2012-12-24 14:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Diino

[2012-12-10 15:19:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\DriverCure

[2010-07-13 19:26:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\DriverFinder

[2012-12-24 13:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\ElevatedDiagnostics

[2007-12-20 13:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\EPSON

[2013-01-18 18:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Funmoods

[2011-10-02 10:14:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\GARMIN

[2010-11-20 14:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\genline

[2012-01-03 20:37:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Gmote

[2012-12-04 17:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\High Speed Download

[2012-12-10 17:44:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\HMN

[2007-12-15 21:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Idioten

[2012-02-03 10:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\InfraRecorder

[2012-04-15 10:30:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\InterTrust

[2008-02-17 23:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\LEAPS

[2012-07-12 14:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Media Finder

[2012-11-08 22:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\MicroTorrent

[2010-11-17 16:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\MyHeritage

[2007-12-21 16:27:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\NCH Swift Sound

[2008-02-16 11:30:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Netscape

[2008-06-03 15:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Nikon

[2008-10-28 23:06:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Nokia

[2012-01-04 18:25:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\OfficeRecovery

[2008-01-21 11:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Opera

[2012-12-25 14:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Panda Security

[2012-12-10 15:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\ParetoLogic

[2008-10-28 23:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\PC Suite

[2008-02-03 16:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Pegasys Inc

[2012-12-11 12:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\PerformerSoft

[2008-02-16 11:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Personal

[2012-12-25 18:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\PriceGong

[2012-01-04 16:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\proDAD

[2009-02-24 13:57:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Publish Providers

[2012-11-18 23:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Python-Eggs

[2008-12-05 22:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\RapidSolution

[2012-11-25 13:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Samsung

[2012-12-10 17:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\SDIV 2.0

[2012-02-04 13:31:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Simple Star

[2012-04-23 22:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Softland

[2009-02-24 13:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Sony

[2012-11-20 14:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2008-12-06 13:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Steganos

[2013-01-18 16:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Systweak

[2012-06-03 15:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Temp

[2013-01-15 18:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\TestApp

[2012-11-13 13:40:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Thinstall

[2008-12-06 13:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\TuneUp Software

[2010-04-17 10:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\UDC Profiles

[2008-12-21 14:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Ulead Systems

[2013-01-18 17:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\uTorrent

[2012-02-05 16:19:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Vso

[2010-11-19 16:04:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Wireshark

[2012-11-20 18:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\YourFileDownloader

[2008-12-25 23:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\17148

[2009-01-30 13:25:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1738A

[2008-12-27 10:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\203A9

[2013-01-02 18:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\23399

[2008-12-26 18:49:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2E167

[2009-01-12 19:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\3133C

[2008-11-19 15:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4D

[2009-01-06 16:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\68C

[2012-07-30 16:43:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Altova

[2012-12-12 15:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Backup

[2012-07-12 15:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BearShare

[2012-07-12 15:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess

[2012-01-31 17:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited

[2012-12-05 14:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

[2010-12-03 13:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dis

[2010-08-31 14:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Boost

[2010-07-08 14:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz

[2012-12-10 17:52:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverGenius

[2012-02-01 14:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easy Driver Pro

[2012-03-02 16:07:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON

[2007-12-18 18:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData

[2008-11-25 16:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN

[2012-12-10 17:52:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HardwareHelper

[2012-06-04 15:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations

[2011-11-28 16:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate

[2010-11-17 17:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MyHeritage

[2009-01-16 10:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound

[2008-11-08 16:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia

[2012-12-25 14:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security

[2010-10-23 22:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Software

[2013-01-18 16:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic

[2010-10-25 21:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters

[2011-06-30 14:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite

[2012-02-04 13:31:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PhotoShow Shared Assets

[2011-02-16 15:29:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle

[2008-01-24 16:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio

[2010-03-03 12:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Ultimate

[2010-01-04 18:00:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Ultimate Collection

[2011-11-28 16:37:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium

[2008-11-22 16:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PY_Software

[2012-02-27 23:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RapidSolution

[2012-11-20 12:55:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe

[2012-11-25 13:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung

[2007-12-13 16:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\sentinel

[2007-12-15 21:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simple Star

[2009-03-04 17:44:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc

[2008-05-07 17:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Smith Micro

[2009-02-06 17:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SRS Labs

[2008-10-26 15:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Storegate

[2012-01-04 13:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft

[2013-01-14 18:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer

[2013-01-15 18:51:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2007-12-20 13:23:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL

[2009-01-22 12:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems

[2008-01-26 17:57:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk

[2012-12-13 15:37:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip

[2013-01-17 11:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZipSE

[2012-02-13 20:44:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{09CD02A5-5ACC-4B34-8513-DD8BE7C2BD49}

[2011-09-11 18:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2012-07-12 15:26:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{6F1B3060-90C7-4F21-AFFB-07B6150C73EA}

[2012-02-28 22:53:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}

[2010-04-02 15:13:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{92E7A367-8E12-4830-AA70-29C32E331A81}

[2012-02-12 14:42:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{EB671835-6422-466B-8921-A8F0B0393387}

 

========== Purity Check ==========

 

 

 

< End of report >

[Cecilia]

Har du läst inlägg 27-30?

[stisjo]

Har du läst inlägg 27-30?

Hej

Ja, jag såg det i efterhand, jag håller på med det nu

stisjo

[stisjo]

Hej Cecilia!

beträffande dina frågor

hittade jag inte system event notification

wan miniport hittar inte drivrutin får bara ett gult utropstecken

D-Link G510 där använder jag Wireless N150 usb istället

Jag försökte sätta in NVIDIA kortet på rekommendation att få

bättre skärmbild fungerade inte så därför stängde jag av den

jag skickar OTL svaret här

All processes killed

========== OTL ==========

Service Iomega Activity Disk2 stopped successfully!

Service Iomega Activity Disk2 deleted successfully!

File File not found not found.

Prefs.js: "Web Search" removed from browser.search.defaultengine

Prefs.js: "Web Search" removed from browser.search.defaultenginename

Prefs.js: "uTorrentControl2 Customized Web Search" removed from browser.search.defaultthis.engineName

Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl

Prefs.js: "Web Search" removed from browser.search.order.1

Prefs.js: "Web Search" removed from browser.search.selectedEngine

C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\3dnrt1ua.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi moved successfully.

File C:\Documents and Settings\Administrat\u00F6r\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo\7.15.9.29524_0\background/registryAccess.dll not found.

File C:\Documents and Settings\Administrat\u00F6r\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.542_0\npbrowserext.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully.

här kommer FSS, combofix skickar jag på ett nytt inlägg

stisjo

Farbar Service Scanner Version: 16-01-2013

Ran by Administratör (administrator) on 19-01-2013 at 14:37:49

Running from "C:\Documents and Settings\Administratör\Skrivbord"

Microsoft Windows XP Service Pack 3 (X86)

Boot Mode: Normal

****************************************************************

 

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Attempt to access Google IP returned error. Google IP is offline

Google.com is accessible.

Yahoo IP is accessible.

[stisjo]

här kommer combofix

ComboFix 13-01-17.04 - Administratör 2013-01-19 13:31:26.2.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.44.1053.18.1015.498 [GMT 1:00]

Running from: c:\documents and settings\Administratör\Skrivbord\ComboFix.exe

Command switches used :: c:\documents and settings\Administratör\Skrivbord\CFScript.txt

AV: Panda Global Protection 2013 *Disabled/Updated* {8BF935E7-731F-4115-B7A5-789FF5087595}

FW: Panda Personal Firewall 2013 *Enabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\68C

c:\documents and settings\All Users\Application Data\68C\{7224A472-2370-4B75-88B7-8250F39DC301}.swf

c:\documents and settings\All Users\Application Data\TEMP

c:\program\BrowserCompanion

c:\program\BrowserCompanion\logo.ico

c:\program\BrowserCompanion\terms.lnk.url

c:\program\Incredibar.com

c:\program\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll

c:\program\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll

c:\program\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll

c:\program\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe

c:\program\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll

c:\program\Incredibar.com\incredibar\1.5.11.14\uninstall.exe

c:\program\Internet Explorer\Internet Explorer

c:\program\Internet Explorer\Internet Explorer\Connection Wizard\icwconn.dll

c:\program\Internet Explorer\Internet Explorer\Connection Wizard\icwconn1.exe

c:\program\Internet Explorer\Internet Explorer\Connection Wizard\icwconn2.exe

c:\program\Internet Explorer\Internet Explorer\Connection Wizard\icwdl.dll

c:\program\Internet Explorer\Internet Explorer\Connection Wizard\icwhelp.dll

c:\program\Internet Explorer\Internet Explorer\Connection Wizard\icwres.dll

c:\program\Internet Explorer\Internet Explorer\Connection Wizard\icwrmind.exe

c:\program\Internet Explorer\Internet Explorer\Connection Wizard\icwtutor.exe

c:\program\Internet Explorer\Internet Explorer\Connection Wizard\icwutil.dll

c:\program\Internet Explorer\Internet Explorer\Connection Wizard\inetwiz.exe

c:\program\Internet Explorer\Internet Explorer\Connection Wizard\isignup.exe

c:\program\Internet Explorer\Internet Explorer\Connection Wizard\trialoc.dll

c:\program\Internet Explorer\Internet Explorer\hmmapi.dll

c:\program\Internet Explorer\Internet Explorer\iedw.exe

c:\program\Internet Explorer\Internet Explorer\Plugins\npqtplugin.dll

c:\program\Internet Explorer\Internet Explorer\Plugins\npqtplugin2.dll

c:\program\Internet Explorer\Internet Explorer\Plugins\npqtplugin3.dll

c:\program\Internet Explorer\Internet Explorer\Plugins\npqtplugin4.dll

c:\program\Internet Explorer\Internet Explorer\Plugins\npqtplugin5.dll

c:\program\Internet Explorer\Internet Explorer\Plugins\npqtplugin6.dll

c:\program\Internet Explorer\Internet Explorer\Plugins\npqtplugin7.dll

c:\program\Internet Explorer\Internet Explorer\Plugins\QuickTimePlugin.class

c:\program\Vid-Saver

c:\program\Vid-Saver\ButtonUtil.dll

c:\program\Vid-Saver\Vid-Saver-bg.exe

c:\program\Vid-Saver\Vid-Saver.exe

c:\program\Vid-Saver\Vid-Saver.ico

c:\program\Vid-Saver\Vid-Saver.ini

c:\windows\system32\update

c:\windows\system32\update\diablo121016.cl

c:\windows\system32\update\diakgcn121016.cl

c:\windows\system32\update\libcurl-4.dll

c:\windows\system32\update\libeay32.dll

c:\windows\system32\update\libidn-11.dll

c:\windows\system32\update\libusb-1.0.dll

c:\windows\system32\update\phatk121016.cl

c:\windows\system32\update\poclbm121016.cl

c:\windows\system32\update\pthreadGC2.dll

c:\windows\system32\update\scrypt121016.cl

c:\windows\system32\update\ssleay32.dll

c:\windows\system32\update\zlib1.dll

c:\windows\system32\URTTemp

c:\windows\system32\URTTemp\fusion.dll

c:\windows\system32\URTTemp\mscoree.dll

c:\windows\system32\URTTemp\mscoree.dll.local

c:\windows\system32\URTTemp\mscorsn.dll

c:\windows\system32\URTTemp\mscorwks.dll

c:\windows\system32\URTTemp\msvcr71.dll

c:\windows\system32\URTTemp\regtlib.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-12-19 to 2013-01-19 )))))))))))))))))))))))))))))))

.

.

2013-01-19 13:13 . 2013-01-19 13:13 60872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{78B4FEBB-8CA9-4477-8DD7-A0BAE87678C5}\offreg.dll

2013-01-18 16:53 . 2013-01-18 16:53 -------- d-----w- C:\_OTL

2013-01-18 09:52 . 2013-01-08 04:57 6991832 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{78B4FEBB-8CA9-4477-8DD7-A0BAE87678C5}\mpengine.dll

2013-01-17 10:42 . 2013-01-17 10:42 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZipSE

2013-01-17 10:41 . 2013-01-17 10:41 -------- d-----w- c:\program\WinZip Self-Extractor

2013-01-16 12:38 . 2013-01-16 12:38 -------- d-----w- c:\program\Systweak

2013-01-16 12:24 . 2013-01-16 12:31 12 ----a-w- c:\windows\system32\ASOROSet.bin

2013-01-15 17:56 . 2012-02-28 10:43 909728 ----a-w- c:\windows\system32\drivers\pctEFA.sys

2013-01-15 17:56 . 2012-02-28 10:43 342168 ----a-w- c:\windows\system32\drivers\pctDS.sys

2013-01-15 17:55 . 2012-10-22 15:38 368616 ----a-w- c:\windows\system32\drivers\PCTCore.sys

2013-01-15 17:55 . 2012-10-22 15:38 163288 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys

2013-01-15 17:54 . 2012-11-01 14:35 202280 ----a-w- c:\windows\system32\drivers\PCTSD.sys

2013-01-15 17:54 . 2013-01-15 17:54 -------- d-----w- c:\program\Delade filer\PC Tools

2013-01-15 17:50 . 2013-01-15 17:50 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools

2013-01-15 17:50 . 2013-01-15 17:50 -------- d-----w- c:\documents and settings\Administratör\Application Data\TestApp

2013-01-14 16:34 . 2013-01-03 06:18 15360 ----a-w- c:\windows\Launcher.exe

2013-01-14 16:33 . 2013-01-15 09:55 -------- d-----w- c:\documents and settings\Administratör\Lokala inställningar\Application Data\SimplyTech

2013-01-07 15:11 . 2013-01-07 15:13 -------- dc-h--w- c:\windows\ie8

2013-01-07 14:29 . 2013-01-07 14:29 -------- d-----w- c:\program\Microsoft

2013-01-02 17:43 . 2013-01-02 17:43 -------- d-----w- c:\documents and settings\All Users\Application Data\23399

2012-12-25 13:31 . 2012-12-31 10:06 13880 ----a-w- c:\windows\system32\drivers\COMFiltr.sys

2012-12-25 13:23 . 2009-08-13 17:07 672024 ----a-w- c:\windows\system32\wodKeys.dll

2012-12-25 13:23 . 2009-08-13 17:07 729424 ----a-w- c:\windows\system32\wodSFTP.dll

2012-12-25 13:22 . 2013-01-19 12:37 289284 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT

2012-12-25 13:22 . 2010-09-09 14:23 193864 ----a-w- c:\windows\system32\drivers\idsflt.sys

2012-12-25 13:22 . 2009-09-25 12:54 46856 ----a-w- c:\windows\system32\drivers\wnmflt.sys

2012-12-25 13:22 . 2009-09-25 12:54 53256 ----a-w- c:\windows\system32\drivers\dsaflt.sys

2012-12-25 13:22 . 2011-01-31 14:41 83528 ----a-w- c:\windows\system32\drivers\APPFLT.SYS

2012-12-25 13:22 . 2009-09-25 12:54 159112 ----a-w- c:\windows\system32\drivers\NETFLTDI.SYS

2012-12-25 13:22 . 2009-09-25 12:54 22024 ----a-w- c:\windows\system32\drivers\fnetmon.sys

2012-12-25 13:21 . 2010-06-22 16:13 26696 ----a-w- c:\windows\system32\drivers\pavboot.sys

2012-12-25 13:21 . 2007-03-15 17:38 54832 ----a-w- c:\windows\system32\pavcpl.cpl

2012-12-25 11:39 . 2012-12-25 11:42 -------- d-----w- C:\SMCLpav

2012-12-24 14:44 . 2012-12-24 14:44 -------- d-----w- C:\backup

2012-12-24 12:52 . 2012-12-24 12:52 -------- d-----w- c:\program\Microsoft Corporation

2012-12-21 18:44 . 2012-12-21 18:44 -------- d-----w- c:\documents and settings\Administratör\.swt

2012-12-21 18:39 . 2012-12-24 13:49 -------- d-----w- c:\documents and settings\Administratör\Application Data\Diino

2012-12-21 17:57 . 2012-12-21 17:57 -------- d-----w- c:\program\Delade filer\Java

2012-12-20 13:32 . 2012-12-20 13:32 -------- d-----w- c:\documents and settings\Administratör\Lokala inställningar\Application Data\On2Share

2012-12-20 13:32 . 2012-12-20 13:32 -------- d-----w- c:\documents and settings\Administratör\Lokala inställningar\Application Data\On2Trade

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-21 17:52 . 2012-08-12 15:53 859072 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-12-21 17:51 . 2010-04-26 16:50 779704 ----a-w- c:\windows\system32\deployJava1.dll

2012-12-19 10:08 . 2012-12-19 10:10 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-12-16 12:23 . 2007-12-11 22:08 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-12-11 22:37 . 2012-08-15 20:36 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-11 22:37 . 2012-08-15 20:36 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-03 12:50 . 2012-12-03 12:50 371200 ----a-w- c:\windows\system32\SearchIndexer.dll

2012-12-03 12:50 . 2012-12-03 12:50 269824 ----a-w- c:\windows\system32\SearchEngine.rs

2012-11-13 11:55 . 2007-12-11 22:08 1866368 ------w- c:\windows\system32\win32k.sys

2012-11-09 15:51 . 2007-12-13 21:02 466008 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-11-08 18:00 . 2012-02-26 11:32 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2012-11-06 02:00 . 2007-05-15 14:43 1371648 ------w- c:\windows\system32\msxml6.dll

2012-11-02 02:04 . 2007-12-11 22:08 375296 ------w- c:\windows\system32\dpnet.dll

2012-11-01 12:13 . 2007-12-11 22:09 916992 ----a-w- c:\windows\system32\wininet.dll

2012-11-01 12:13 . 2007-12-11 22:09 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-11-01 12:13 . 2007-12-11 22:09 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-01 00:35 . 2007-12-11 22:09 385024 ----a-w- c:\windows\system32\html.iec

2012-10-29 11:10 . 2011-05-17 09:36 4659712 ----a-w- c:\windows\system32\Redemption.dll

2012-10-29 11:09 . 2012-10-29 11:09 45320 ----a-w- c:\windows\system32\MAMACExtract.dll

2012-10-29 11:09 . 2011-05-17 09:31 821824 ----a-w- c:\windows\system32\dgderapi.dll

2012-10-29 11:09 . 2011-05-17 09:31 319456 ----a-w- c:\windows\system32\DIFxAPI.dll

2012-10-29 11:09 . 2011-05-17 09:31 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"On2Share"="c:\program\On2Share\On2Share MediaServer.exe" [2009-03-28 1804288]

"swg"="c:\program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-02-06 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ANIWZCSService"="c:\program\alpha networks\aniwzcs service\wzcsldr.exe" [2003-08-21 32768]

"APVXDWIN"="c:\program\Panda Security\Panda Global Protection 2013\APVXDWIN.EXE" [2012-11-27 1037600]

"SCANINICIO"="c:\program\Panda Security\Panda Global Protection 2013\Inicio.exe" [2012-11-08 70432]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]

2010-03-24 10:55 55552 ----a-w- c:\windows\system32\avldr.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-12-03 07:35 946352 ----a-w- c:\program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Deskup]

2001-10-01 09:08 28672 ----a-w- c:\program\Iomega\DriveIcons\deskup.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iomega Active Disk]

2001-09-13 09:35 45056 ----a-w- c:\program\Iomega\AutoDisk\AD2KClient.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iomega Drive Icons]

2001-09-12 09:35 61440 ----a-w- c:\program\Iomega\DriveIcons\Imgicon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iomega Startup Options]

2001-01-17 15:33 45056 ----a-w- c:\program\Iomega\Common\IMGSTART.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]

2012-11-01 12:16 577536 ----a-w- c:\program\Samsung\Kies\KiesAirMessage.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]

2012-11-12 10:45 1104824 ----a-w- c:\program\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]

2012-11-12 10:45 968120 ----a-w- c:\program\Samsung\Kies\Kies.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]

2012-11-12 10:45 309688 ----a-w- c:\program\Samsung\Kies\KiesTrayAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyGarminAgent]

2010-03-16 08:36 337256 ----a-w- c:\program\Garmin\MyGarminAgent\myGarminAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2011-07-05 16:36 421888 ----a-w- c:\program\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2012-02-06 09:36 39408 ----a-w- c:\program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"Apple Mobile Device"=2 (0x2)

"Nero BackItUp Scheduler 4.0"=2 (0x2)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"CTFMON.EXE"=c:\windows\system32\ctfmon.exe

"gStart"=c:\garmin\gStart.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"snp2uvc"=c:\windows\vsnp2uvc.exe

"NBKeyScan"="c:\program\Nero\Nero BackItUp 4\NBKeyScan.exe"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

"mW[íµˆÖ¾`=µú¾˜v%S8’ÿÙêé>grl>­Ý\†Ð=ŸàÛ±Þ"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program\\Windows Media Player\\wmplayer.exe"=

"c:\\Program\\BitLord\\BitLord.exe"=

"c:\\Program\\On2Share\\On2Share MediaServer.exe"=

"c:\\Program\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=

"c:\\Program\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=

"c:\\Program\\K-Lite Codec Pack\\Filters\\ac3config.exe"=

"c:\program\Microsoft ActiveSync\rapimgr.exe"= c:\program\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"c:\program\Microsoft ActiveSync\wcescomm.exe"= c:\program\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"c:\program\Microsoft ActiveSync\WCESMgr.exe"= c:\program\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"c:\\Program\\D-Link\\Air Utility\\AirCFG.exe"=

"c:\\Program\\Java\\jre6\\bin\\javaw.exe"=

"c:\\Program\\iTunes\\iTunes.exe"=

"c:\\Program\\uTorrent\\uTorrent.exe"=

"c:\\WINDOWS\\system32\\msiexec.exe"=

"c:\\Program\\BearShare Applications\\BearShare\\BearShare.exe"=

"c:\\Program\\Panda Security\\Panda Global Protection 2013\\ApVxdWin.exe"=

"c:\\WINDOWS\\system32\\ARFC\\wrtc.exe"=

"c:\\Program\\YourFileDownloader\\YourFile.exe"=

"c:\\WINDOWS\\Microsoft.NET\\Framework\\v2.0.50727\\AppLaunch.exe"=

"c:\\Program\\Bonjour\\mDNSResponder.exe"=

"c:\\WINDOWS\\system32\\wuauclt.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

"26125:TCP"= 26125:TCP:Asset UPnP TCP

"26125:UDP"= 26125:UDP:Asset UPnP UDP

"2799:UDP"= 2799:UDP:Altova License Metering Port (UDP)

"2799:TCP"= 2799:TCP:Altova License Metering Port (TCP)

.

R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [2012-12-25 26696]

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2013-01-15 368616]

R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2013-01-15 342168]

R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2013-01-15 909728]

R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [2012-12-25 83528]

R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [2012-12-25 53256]

R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [2012-12-25 22024]

R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [2012-12-25 193864]

R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [2012-12-25 14:22 159112]

R1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\drivers\PCTSD.sys [2013-01-15 202280]

R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [2012-12-25 37448]

R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [2012-12-25 46856]

R2 AmFSM;AmFSM;c:\windows\system32\drivers\amm8651.sys [2012-12-25 63240]

R2 BBSvc;BingBar Service;c:\program\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-06-11 193616]

R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [2012-12-25 164488]

R2 PhoneMyPC_Helper;PhoneMyPC_Helper;c:\program\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe [2010-08-22 31232]

R2 PskSvcRetail;Panda PSK service;c:\program\Panda Security\Panda Global Protection 2013\psksvc.exe [2012-12-25 28992]

R2 WinDefend;Windows Defender;c:\program\Windows Defender\MsMpEng.exe [2006-11-03 13592]

R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]

R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;c:\windows\system32\drivers\neti1644.sys [2012-12-25 201032]

R3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys --> c:\windows\system32\PavSRK.sys [?]

R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?]

S2 DCamUSB20;USB 2.0 Capture;c:\windows\system32\drivers\CsMini20.sys [2007-12-15 46216]

S3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]

S3 BBUpdate;BBUpdate;c:\program\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-06-11 240208]

S3 ComFiltr;Panda Anti-Dialer;c:\windows\system32\drivers\COMFiltr.sys [2012-12-25 13880]

S3 csaudio;USB2.0 Audio Device Driver;c:\windows\system32\drivers\csaud.sys [2007-12-15 11008]

S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2011-05-17 20032]

S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2009-10-24 36608]

S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [2007-12-11 14336]

S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [2007-12-30 47360]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2012-06-03 121064]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2012-06-03 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2012-06-03 136808]

S3 TdsNordecr;Nordea NCR1 SmartCard Reader;c:\windows\system32\drivers\nordecr.sys [2007-10-30 23040]

S3 TodosAgmII;Driver for Todos Argos Mini II;c:\windows\system32\drivers\AgmIIusb.sys [2008-02-16 18176]

S3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM108.sys [2012-02-20 1522176]

S4 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

SearchIndexer

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-01-16 14:37 1606760 ----a-w- c:\program\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-01-19 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 22:37]

.

2013-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cce125dd1eb61e.job

- c:\program\Google\Update\GoogleUpdate.exe [2009-10-25 13:10]

.

2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program\Google\Update\GoogleUpdate.exe [2009-10-25 13:10]

.

2012-12-25 c:\windows\Tasks\Grundrensning.job

- c:\program\Panda Security\Panda Global Protection 2013\PlaTasks.exe [2012-12-25 09:36]

.

2013-01-19 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

.

2013-01-15 c:\windows\Tasks\NeroLiveEpgUpdate-STIGSJ-6C6FD30E_Administratör.job

- c:\program\Nero\Nero 9\Nero Live\NeroLive.exe [2008-09-18 12:51]

.

2013-01-19 c:\windows\Tasks\User_Feed_Synchronization-{945E1A1C-D934-4536-B47B-493B51D098FB}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]

.

2013-01-19 c:\windows\Tasks\User_Feed_Synchronization-{B6A6AE5F-966C-457D-9979-2B9722D3F44D}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]

.

2013-01-19 c:\windows\Tasks\User_Feed_Synchronization-{D72E822F-E36C-4726-9FDD-DD9DDF8793FE}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]

.

.

------- Supplementary Scan -------

.

uStart Page = https://www.google.se/

uDefault_Search_URL = hxxp://www.google.com

mStart Page = hxxp://www.google.com

mSearch Bar = hxxp://www.google.com

uInternet Settings,ProxyOverride = *.local

TCP: DhcpNameServer = 84.246.88.10 192.168.0.1

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_32.CAB

DPF: Microsoft XML Parser for Java

DPF: {E505599B-F37A-4849-A7B0-E0AAB5CB054C} - hxxps://gfs.nb.se/privat/bank/scripts/eid/NordeaSmartCard.cab

.

.

**************************************************************************

.

disk not found C:\

.

please note that you need administrator rights to perform deep scan

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files:

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f8,97,e0,3d,e7,e0,12,4f,8a,a4,b5,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f8,97,e0,3d,e7,e0,12,4f,8a,a4,b5,\

.

[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\DataMngr_Toolbar]

@Denied: (2) (Administrator)

.

[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (Administrator)

"{28387537-E3F9-4ED7-860C-11E69AF4A8A0}"=hex:51,66,7a,6c,4c,1d,3b,1b,27,6f,2e,

39,cb,b3,b1,04,98,04,4e,ba,9a,b7,e9,bf

"{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}"=hex:51,66,7a,6c,4c,1d,3b,1b,e5,3e,6c,

af,f9,39,6e,0d,a9,73,ee,b1,a6,47,7a,8a

"{B939CF93-F2CB-443D-956C-DC523D85C9DB}"=hex:51,66,7a,6c,4c,1d,3b,1b,83,d5,2f,

a8,f9,a2,5b,0e,8b,64,83,0e,3d,c6,88,c4

"{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}"=hex:51,66,7a,6c,4c,1d,3b,1b,e8,82,ce,

fa,c4,ac,f2,0c,a2,33,b5,e0,72,32,af,ae

"{336D0C35-8A85-403a-B9D2-65C292C39087}"=hex:51,66,7a,6c,4c,1d,3b,1b,25,16,7b,

22,b7,da,5c,0a,a7,da,3a,9e,92,80,d1,98

"{98889811-442D-49DD-99D7-DC866BE87DBC}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,82,9e,

89,1f,14,bb,03,87,df,83,da,6b,ab,3c,a3

"{2EECD738-5844-4A99-B4B6-146BF802613B}"=hex:51,66,7a,6c,4c,1d,3b,1b,28,cd,fa,

3f,76,08,ff,00,aa,be,4b,37,f8,41,20,24

"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,21,3b,

5c,8c,39,1c,0d,8e,fd,a2,87,05,76,38,6a

.

[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (Administrator)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,09,86,82,84,d4,c5,c9,42,93,ec,c9,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,09,86,82,84,d4,c5,c9,42,93,ec,c9,\

"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,09,86,82,84,d4,c5,c9,42,93,ec,c9,\

.

[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings]

@Denied: (2) (Administrator)

.

[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E3D006C1-465F-D162-FCC8-57E4B3471286}*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

"oabbdkkdfbnlbhanncbomhcnjaffph"=hex:69,61,62,6b,69,69,6b,62,69,62,6c,6f,68,6c,

6f,67,63,68,00,00

"nalbfnoghfocekeklomdlepdogch"=hex:6a,61,6e,6a,6d,6a,70,62,61,6c,64,63,62,63,

61,6f,6b,6d,66,61,00,00

"gbjpfhhjcmgbmnddlopgdccdgnlnliaidlmfdhomdipdfk"=hex:61,61,00,7e

"bbdpgaolafcnbldhfnmlohcpffkbgeaapibc"=hex:61,61,00,7e

.

[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FD4052A7-6146-70C0-7E56-E258991AF1D8}*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

"eajibbjkdf"=hex:66,61,70,6a,65,62,6c,63,63,6a,65,6f,00,00

"damhiafd"=hex:64,62,6e,6a,65,6e,61,6d,69,6c,64,68,65,6d,64,67,65,66,65,65,69,

63,65,6e,62,66,66,6a,69,6f,61,68,66,63,61,6a,62,62,61,68,00,00

"iablckpgomimgjdmcl"=hex:6a,61,63,6e,6e,65,61,62,70,69,70,67,6b,67,6c,6e,6e,61,

6d,64,00,00

"hahkijcfafldbpbm"=hex:6a,61,63,6e,6e,65,61,62,70,69,70,67,6b,67,6c,6e,6e,61,

6d,64,00,00

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (Administrator)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8c,80,7b,01,72,de,a3,41,a1,2e,eb,\

"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8c,80,7b,01,72,de,a3,41,a1,2e,eb,\

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(1072)

c:\windows\system32\avldr.dll

.

- - - - - - - > 'explorer.exe'(508)

c:\program\Panda Security\Panda Global Protection 2013\pavoepl.dll

c:\windows\system32\msi.dll

c:\windows\system32\eappcfg.dll

c:\windows\system32\webcheck.dll

c:\program\Panda Security\Panda Global Protection 2013\PavTrc.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program\Panda Security\Panda Global Protection 2013\TPSrv.exe

c:\program\PANDA SECURITY\PANDA GLOBAL PROTECTION 2013\WebProxy.exe

c:\program\Delade filer\ArcSoft\Connection Service\Bin\ACService.exe

c:\program\Bonjour\mDNSResponder.exe

c:\windows\system32\DRIVERS\CDANTSRV.EXE

c:\program\Java\jre6\bin\jqs.exe

c:\program\CDBurnerXP\NMSAccessU.exe

c:\program\Panda Security\Panda Global Protection 2013\PsCtrls.exe

c:\program\Panda Security\Panda Global Protection 2013\PavFnSvr.exe

c:\program\Delade filer\Panda Security\PavShld\pavprsrv.exe

c:\program\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC.exe

c:\program\panda security\panda global protection 2013\firewall\PSHOST.EXE

c:\program\Panda Security\Panda Global Protection 2013\PsImSvc.exe

c:\program\Google\Update\1.3.21.124\GoogleCrashHandler.exe

c:\windows\system32\MsPMSPSv.exe

c:\program\Panda Security\Panda Global Protection 2013\pavsrvx86.exe

c:\program\Panda Security\Panda Global Protection 2013\AVENGINE.EXE

c:\program\Windows Media Player\WMPNetwk.exe

c:\program\Panda Security\Panda Global Protection 2013\SRVLOAD.EXE

c:\program\Panda Security\Panda Global Protection 2013\PavBckPT.exe

.

**************************************************************************

.

Completion time: 2013-01-19 14:22:33 - machine was rebooted

ComboFix-quarantined-files.txt 2013-01-19 13:22

.

Pre-Run: 31 140 081 664 byte ledigt

Post-Run: 31 133 618 176 byte ledigt

.

- - End Of File - - 572AE1E5C6B3487B656F23EEB055866B

[Cecilia]

hittade jag inte system event notification

wan miniport hittar inte drivrutin får bara ett gult utropstecken

...

Jag försökte sätta in NVIDIA kortet på rekommendation att få bättre skärmbild fungerade inte så därför stängde jag av den

Du kanske behöver välja att visa dolda enheter i Enhetshanterarens meny för att se "system event notification".

 

Låt "wan miniport" vara aktiverad och så får vi försöka hitta en drivrutin i stället.

 

Om inte Nvidia-kortet finns i datorn så är det bättre om du avinstallerar drivrutinen i stället för att inaktivera den.

 

När det gäller "Farbar Service Scanner", kör det igen och se till att alla bockar är på plats innan du startar skanningen. Loggen är nu för kort. Det ska se ut som på http://www.technibble.com/fabar-service-scanner/

[Cecilia]

Starta Anteckningar.

Kopiera alla rader i rutan:

Killall::
ClearJavaCache::
Folder::
c:\documents and settings\All Users\Application Data\23399
RegLock::
[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\DataMngr_Toolbar]
[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\Microsoft\Internet Explorer\User Preferences]
[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E3D006C1-465F-D162-FCC8-57E4B3471286}*]
[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FD4052A7-6146-70C0-7E56-E258991AF1D8}*]
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\User Preferences]

och klistra in i Anteckningar. Kontrollera att inga filnamn/sökvägar delas upp på två rader.

Spara filen på Skrivbordet med kodningen ANSI och med namnet CFScript.

 

Förbered datorn på samma sätt som tidigare för ComboFix.

Dra CFScript med musen och släpp den ovanpå ComboFix-ikonen på Skrivbordet så startar programmet på ett särskilt sätt.

Klistra in loggen som kommer ut.

[stisjo]

Du kanske behöver välja att visa dolda enheter i Enhetshanterarens meny för att se "system event notification".

 

Låt "wan miniport" vara aktiverad och så får vi försöka hitta en drivrutin i stället.

 

Om inte Nvidia-kortet finns i datorn så är det bättre om du avinstallerar drivrutinen i stället för att inaktivera den.

 

När det gäller "Farbar Service Scanner", kör det igen och se till att alla bockar är på plats innan du startar skanningen. Loggen är nu för kort. Det ska se ut som på http://www.technibble.com/fabar-service-scanner/

Hej Cecilia

jag är inne på Datorhantering/enhethanteraren/systemenheter/visa dolda enheter

men hittar ingen event notification

stisjo

[stisjo]

Du kanske behöver välja att visa dolda enheter i Enhetshanterarens meny för att se "system event notification".

 

Låt "wan miniport" vara aktiverad och så får vi försöka hitta en drivrutin i stället.

 

Om inte Nvidia-kortet finns i datorn så är det bättre om du avinstallerar drivrutinen i stället för att inaktivera den.

 

När det gäller "Farbar Service Scanner", kör det igen och se till att alla bockar är på plats innan du startar skanningen. Loggen är nu för kort. Det ska se ut som på http://www.technibble.com/fabar-service-scanner/

jag har startat wan miniport

Nvidia-kortet sitter kvar i datorn men används inte

här kommer "Farbar Service"

Farbar Service Scanner Version: 16-01-2013

Ran by Administratör (administrator) on 20-01-2013 at 12:21:33

Running from "C:\Documents and Settings\Administratör\Skrivbord"

Microsoft Windows XP Service Pack 3 (X86)

Boot Mode: Normal

****************************************************************

 

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Attempt to access Google IP returned error. Google IP is offline

Google.com is accessible.

Yahoo IP is accessible.

Yahoo.com is accessible.

 

 

Windows Firewall:

=============

 

Firewall Disabled Policy:

==================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall"=DWORD:0

 

 

System Restore:

============

 

System Restore Disabled Policy:

========================

 

 

Security Center:

============

 

Windows Update:

============

 

Windows Autoupdate Disabled Policy:

============================

 

 

File Check:

========

C:\WINDOWS\system32\dhcpcsvc.dll

[2007-12-11 23:08] - [2008-04-14 17:04] - 0126464 ____N (Microsoft Corporation) 0CE3FA1C1A6803B34022D6C47273930D

 

C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit

C:\WINDOWS\system32\dnsrslvr.dll

[2007-12-11 23:08] - [2009-04-20 18:20] - 0045568 ____N (Microsoft Corporation) EFAC4D4C80CCD725CC5BD7D3DBF18C74

 

C:\WINDOWS\system32\ipnathlp.dll

[2007-12-11 23:09] - [2008-04-14 17:04] - 0330752 ____N (Microsoft Corporation) 30E1A46734BDF836C8770949C86B42A4

 

C:\WINDOWS\system32\netman.dll

[2007-12-11 23:09] - [2008-04-14 17:04] - 0198144 ____N (Microsoft Corporation) 7F791C1C9D3FEC5D3F519C9DB19465D3

 

C:\WINDOWS\system32\wbem\WMIsvc.dll

[2007-12-11 15:54] - [2008-04-14 17:04] - 0145408 ____N (Microsoft Corporation) CF4E2A27495F7EA6B3128D9A731B3716

 

C:\WINDOWS\system32\srsvc.dll

[2007-12-11 15:55] - [2008-04-14 17:04] - 0171008 ____N (Microsoft Corporation) 25EDB60132F9D82CB1B7961C1D0D13F2

 

C:\WINDOWS\system32\Drivers\sr.sys

[2007-12-11 15:55] - [2008-04-14 16:45] - 0073344 ____N (Microsoft Corporation) 1193EF00869F6367367E6E7CB96BE325

 

C:\WINDOWS\system32\wscsvc.dll

[2007-12-11 23:09] - [2008-04-14 17:04] - 0080896 ____N (Microsoft Corporation) 4AC32513FA47C8219448269BF895FC34

 

C:\WINDOWS\system32\wbem\WMIsvc.dll

[2007-12-11 15:54] - [2008-04-14 17:04] - 0145408 ____N (Microsoft Corporation) CF4E2A27495F7EA6B3128D9A731B3716

 

C:\WINDOWS\system32\wuauserv.dll

[2007-12-11 15:55] - [2008-04-14 17:04] - 0006656 ____N (Microsoft Corporation) 4CEAF29D35C2608C6463E80574DDCA10

 

C:\WINDOWS\system32\qmgr.dll

[2007-12-11 15:55] - [2008-04-14 17:04] - 0409088 ____N (Microsoft Corporation) 9741942A86E579231D3C41AA51DE042F

 

C:\WINDOWS\system32\es.dll

[2007-12-11 23:08] - [2008-07-07 21:29] - 0253952 ____N (Microsoft Corporation) 01CEC6DE315F1A06CE5AA70009C6979E

 

C:\WINDOWS\system32\cryptsvc.dll

[2007-12-11 23:08] - [2008-04-14 17:04] - 0062464 ____N (Microsoft Corporation) 04FD6585508A7320B2C7453CED231D6B

 

C:\WINDOWS\system32\svchost.exe

[2007-12-11 23:09] - [2008-04-14 17:05] - 0014336 ____N (Microsoft Corporation) 6CCEF19D7301D9861F90E299C798AD3F

 

C:\WINDOWS\system32\rpcss.dll

[2007-12-11 23:08] - [2009-02-09 11:56] - 0401408 ____N (Microsoft Corporation) 87DADC3F6E6CD5AAEB913E19CBFF922C

 

C:\WINDOWS\system32\services.exe

[2007-12-11 23:09] - [2009-02-09 12:27] - 0110592 ____N (Microsoft Corporation) 8870B0C4A094C1CE80CEA6F85FA38FF2

 

 

Extra List:

=======

Gpc(3) IPSec(5) NetBT(6) NETFLTDI(33) NETIMFLT01060044(32) NwlnkIpx(14) NwlnkNb(15) PSched(7) Tcpip(4)

0x21000000050000000100000002000000030000000400000009000000120000001400000016000000180000001E000000210000000600000007000000080000000A0000000B0000000C0000000D0000000E0000000F0000001000000011000000130000001500000017000000190000001A0000001B0000001C0000001D0000001F00000020000000

IpSec Tag value is correct.

 

**** End of log ****

[stisjo]

Hej Cecilia!

Det verkar som om datorn blir bättre o bättre

vissa saker som fb download har försvunnit

windows media player fungerar osv

här kommer combofix rapport

ComboFix 13-01-17.04 - Administratör 2013-01-20 12:58:46.3.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.44.1053.18.1015.506 [GMT 1:00]

Running from: c:\documents and settings\Administratör\Skrivbord\ComboFix.exe

Command switches used :: c:\documents and settings\Administratör\Skrivbord\CFScript.txt

AV: Panda Global Protection 2013 *Disabled/Updated* {8BF935E7-731F-4115-B7A5-789FF5087595}

FW: Panda Personal Firewall 2013 *Enabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8}

.

.

((((((((((((((((((((((((( Files Created from 2012-12-20 to 2013-01-20 )))))))))))))))))))))))))))))))

.

.

2013-01-18 16:53 . 2013-01-18 16:53 -------- d-----w- C:\_OTL

2013-01-18 09:52 . 2013-01-08 04:57 6991832 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{78B4FEBB-8CA9-4477-8DD7-A0BAE87678C5}\mpengine.dll

2013-01-17 10:42 . 2013-01-17 10:42 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZipSE

2013-01-17 10:41 . 2013-01-17 10:41 -------- d-----w- c:\program\WinZip Self-Extractor

2013-01-16 12:38 . 2013-01-16 12:38 -------- d-----w- c:\program\Systweak

2013-01-16 12:24 . 2013-01-16 12:31 12 ----a-w- c:\windows\system32\ASOROSet.bin

2013-01-15 17:56 . 2012-02-28 10:43 909728 ----a-w- c:\windows\system32\drivers\pctEFA.sys

2013-01-15 17:56 . 2012-02-28 10:43 342168 ----a-w- c:\windows\system32\drivers\pctDS.sys

2013-01-15 17:55 . 2012-10-22 15:38 368616 ----a-w- c:\windows\system32\drivers\PCTCore.sys

2013-01-15 17:55 . 2012-10-22 15:38 163288 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys

2013-01-15 17:54 . 2012-11-01 14:35 202280 ----a-w- c:\windows\system32\drivers\PCTSD.sys

2013-01-15 17:54 . 2013-01-15 17:54 -------- d-----w- c:\program\Delade filer\PC Tools

2013-01-15 17:50 . 2013-01-15 17:50 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools

2013-01-15 17:50 . 2013-01-15 17:50 -------- d-----w- c:\documents and settings\Administratör\Application Data\TestApp

2013-01-14 16:34 . 2013-01-03 06:18 15360 ----a-w- c:\windows\Launcher.exe

2013-01-14 16:33 . 2013-01-15 09:55 -------- d-----w- c:\documents and settings\Administratör\Lokala inställningar\Application Data\SimplyTech

2013-01-07 15:11 . 2013-01-07 15:13 -------- dc-h--w- c:\windows\ie8

2013-01-07 14:29 . 2013-01-07 14:29 -------- d-----w- c:\program\Microsoft

2013-01-02 17:43 . 2013-01-02 17:43 -------- d-----w- c:\documents and settings\All Users\Application Data\23399

2012-12-25 13:31 . 2012-12-31 10:06 13880 ----a-w- c:\windows\system32\drivers\COMFiltr.sys

2012-12-25 13:23 . 2009-08-13 17:07 672024 ----a-w- c:\windows\system32\wodKeys.dll

2012-12-25 13:23 . 2009-08-13 17:07 729424 ----a-w- c:\windows\system32\wodSFTP.dll

2012-12-25 13:22 . 2013-01-20 12:02 284940 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT

2012-12-25 13:22 . 2010-09-09 14:23 193864 ----a-w- c:\windows\system32\drivers\idsflt.sys

2012-12-25 13:22 . 2009-09-25 12:54 46856 ----a-w- c:\windows\system32\drivers\wnmflt.sys

2012-12-25 13:22 . 2009-09-25 12:54 53256 ----a-w- c:\windows\system32\drivers\dsaflt.sys

2012-12-25 13:22 . 2011-01-31 14:41 83528 ----a-w- c:\windows\system32\drivers\APPFLT.SYS

2012-12-25 13:22 . 2009-09-25 12:54 159112 ----a-w- c:\windows\system32\drivers\NETFLTDI.SYS

2012-12-25 13:22 . 2009-09-25 12:54 22024 ----a-w- c:\windows\system32\drivers\fnetmon.sys

2012-12-25 13:21 . 2010-06-22 16:13 26696 ----a-w- c:\windows\system32\drivers\pavboot.sys

2012-12-25 13:21 . 2007-03-15 17:38 54832 ----a-w- c:\windows\system32\pavcpl.cpl

2012-12-25 11:39 . 2012-12-25 11:42 -------- d-----w- C:\SMCLpav

2012-12-24 14:44 . 2012-12-24 14:44 -------- d-----w- C:\backup

2012-12-24 12:52 . 2012-12-24 12:52 -------- d-----w- c:\program\Microsoft Corporation

2012-12-21 18:44 . 2012-12-21 18:44 -------- d-----w- c:\documents and settings\Administratör\.swt

2012-12-21 18:39 . 2012-12-24 13:49 -------- d-----w- c:\documents and settings\Administratör\Application Data\Diino

2012-12-21 17:57 . 2012-12-21 17:57 -------- d-----w- c:\program\Delade filer\Java

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-21 17:52 . 2012-08-12 15:53 859072 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-12-21 17:51 . 2010-04-26 16:50 779704 ----a-w- c:\windows\system32\deployJava1.dll

2012-12-19 10:08 . 2012-12-19 10:10 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-12-16 12:23 . 2007-12-11 22:08 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-12-11 22:37 . 2012-08-15 20:36 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-11 22:37 . 2012-08-15 20:36 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-03 12:50 . 2012-12-03 12:50 371200 ----a-w- c:\windows\system32\SearchIndexer.dll

2012-12-03 12:50 . 2012-12-03 12:50 269824 ----a-w- c:\windows\system32\SearchEngine.rs

2012-11-13 11:55 . 2007-12-11 22:08 1866368 ------w- c:\windows\system32\win32k.sys

2012-11-09 15:51 . 2007-12-13 21:02 466008 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-11-08 18:00 . 2012-02-26 11:32 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2012-11-06 02:00 . 2007-05-15 14:43 1371648 ------w- c:\windows\system32\msxml6.dll

2012-11-02 02:04 . 2007-12-11 22:08 375296 ------w- c:\windows\system32\dpnet.dll

2012-11-01 12:13 . 2007-12-11 22:09 916992 ----a-w- c:\windows\system32\wininet.dll

2012-11-01 12:13 . 2007-12-11 22:09 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-11-01 12:13 . 2007-12-11 22:09 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-01 00:35 . 2007-12-11 22:09 385024 ----a-w- c:\windows\system32\html.iec

2012-10-29 11:10 . 2011-05-17 09:36 4659712 ----a-w- c:\windows\system32\Redemption.dll

2012-10-29 11:09 . 2012-10-29 11:09 45320 ----a-w- c:\windows\system32\MAMACExtract.dll

2012-10-29 11:09 . 2011-05-17 09:31 821824 ----a-w- c:\windows\system32\dgderapi.dll

2012-10-29 11:09 . 2011-05-17 09:31 319456 ----a-w- c:\windows\system32\DIFxAPI.dll

2012-10-29 11:09 . 2011-05-17 09:31 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"On2Share"="c:\program\On2Share\On2Share MediaServer.exe" [2009-03-28 1804288]

"swg"="c:\program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-02-06 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ANIWZCSService"="c:\program\alpha networks\aniwzcs service\wzcsldr.exe" [2003-08-21 32768]

"APVXDWIN"="c:\program\Panda Security\Panda Global Protection 2013\APVXDWIN.EXE" [2012-11-27 1037600]

"SCANINICIO"="c:\program\Panda Security\Panda Global Protection 2013\Inicio.exe" [2012-11-08 70432]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]

2010-03-24 10:55 55552 ----a-w- c:\windows\system32\avldr.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-12-03 07:35 946352 ----a-w- c:\program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Deskup]

2001-10-01 09:08 28672 ----a-w- c:\program\Iomega\DriveIcons\deskup.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iomega Active Disk]

2001-09-13 09:35 45056 ----a-w- c:\program\Iomega\AutoDisk\AD2KClient.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iomega Drive Icons]

2001-09-12 09:35 61440 ----a-w- c:\program\Iomega\DriveIcons\Imgicon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iomega Startup Options]

2001-01-17 15:33 45056 ----a-w- c:\program\Iomega\Common\IMGSTART.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]

2012-11-01 12:16 577536 ----a-w- c:\program\Samsung\Kies\KiesAirMessage.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]

2012-11-12 10:45 1104824 ----a-w- c:\program\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]

2012-11-12 10:45 968120 ----a-w- c:\program\Samsung\Kies\Kies.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]

2012-11-12 10:45 309688 ----a-w- c:\program\Samsung\Kies\KiesTrayAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyGarminAgent]

2010-03-16 08:36 337256 ----a-w- c:\program\Garmin\MyGarminAgent\myGarminAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2011-07-05 16:36 421888 ----a-w- c:\program\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2012-02-06 09:36 39408 ----a-w- c:\program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"Apple Mobile Device"=2 (0x2)

"Nero BackItUp Scheduler 4.0"=2 (0x2)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"CTFMON.EXE"=c:\windows\system32\ctfmon.exe

"gStart"=c:\garmin\gStart.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"snp2uvc"=c:\windows\vsnp2uvc.exe

"NBKeyScan"="c:\program\Nero\Nero BackItUp 4\NBKeyScan.exe"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

"mW[íµˆÖ¾`=µú¾˜v%S8’ÿÙêé>grl>­Ý\†Ð=ŸàÛ±Þ"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program\\Windows Media Player\\wmplayer.exe"=

"c:\\Program\\BitLord\\BitLord.exe"=

"c:\\Program\\On2Share\\On2Share MediaServer.exe"=

"c:\\Program\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=

"c:\\Program\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=

"c:\\Program\\K-Lite Codec Pack\\Filters\\ac3config.exe"=

"c:\program\Microsoft ActiveSync\rapimgr.exe"= c:\program\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"c:\program\Microsoft ActiveSync\wcescomm.exe"= c:\program\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"c:\program\Microsoft ActiveSync\WCESMgr.exe"= c:\program\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"c:\\Program\\D-Link\\Air Utility\\AirCFG.exe"=

"c:\\Program\\Java\\jre6\\bin\\javaw.exe"=

"c:\\Program\\iTunes\\iTunes.exe"=

"c:\\Program\\uTorrent\\uTorrent.exe"=

"c:\\WINDOWS\\system32\\msiexec.exe"=

"c:\\Program\\Panda Security\\Panda Global Protection 2013\\ApVxdWin.exe"=

"c:\\WINDOWS\\system32\\ARFC\\wrtc.exe"=

"c:\\Program\\YourFileDownloader\\YourFile.exe"=

"c:\\WINDOWS\\Microsoft.NET\\Framework\\v2.0.50727\\AppLaunch.exe"=

"c:\\Program\\Bonjour\\mDNSResponder.exe"=

"c:\\WINDOWS\\system32\\wuauclt.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

"26125:TCP"= 26125:TCP:Asset UPnP TCP

"26125:UDP"= 26125:UDP:Asset UPnP UDP

"2799:UDP"= 2799:UDP:Altova License Metering Port (UDP)

"2799:TCP"= 2799:TCP:Altova License Metering Port (TCP)

.

R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [2012-12-25 26696]

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2013-01-15 368616]

R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2013-01-15 342168]

R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2013-01-15 909728]

R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [2012-12-25 83528]

R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [2012-12-25 53256]

R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [2012-12-25 22024]

R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [2012-12-25 193864]

R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [2012-12-25 14:22 159112]

R1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\drivers\PCTSD.sys [2013-01-15 202280]

R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [2012-12-25 37448]

R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [2012-12-25 46856]

R2 AmFSM;AmFSM;c:\windows\system32\drivers\amm8651.sys [2012-12-25 63240]

R2 BBSvc;BingBar Service;c:\program\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-06-11 193616]

R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [2012-12-25 164488]

R2 PhoneMyPC_Helper;PhoneMyPC_Helper;c:\program\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe [2010-08-22 31232]

R2 PskSvcRetail;Panda PSK service;c:\program\Panda Security\Panda Global Protection 2013\psksvc.exe [2012-12-25 28992]

R2 WinDefend;Windows Defender;c:\program\Windows Defender\MsMpEng.exe [2006-11-03 13592]

R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]

R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;c:\windows\system32\drivers\neti1644.sys [2012-12-25 201032]

R3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys --> c:\windows\system32\PavSRK.sys [?]

R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?]

S2 DCamUSB20;USB 2.0 Capture;c:\windows\system32\drivers\CsMini20.sys [2007-12-15 46216]

S3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]

S3 BBUpdate;BBUpdate;c:\program\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-06-11 240208]

S3 ComFiltr;Panda Anti-Dialer;c:\windows\system32\drivers\COMFiltr.sys [2012-12-25 13880]

S3 csaudio;USB2.0 Audio Device Driver;c:\windows\system32\drivers\csaud.sys [2007-12-15 11008]

S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2011-05-17 20032]

S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2009-10-24 36608]

S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [2007-12-11 14336]

S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [2007-12-30 47360]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2012-06-03 121064]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2012-06-03 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2012-06-03 136808]

S3 TdsNordecr;Nordea NCR1 SmartCard Reader;c:\windows\system32\drivers\nordecr.sys [2007-10-30 23040]

S3 TodosAgmII;Driver for Todos Argos Mini II;c:\windows\system32\drivers\AgmIIusb.sys [2008-02-16 18176]

S3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM108.sys [2012-02-20 1522176]

S4 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

SearchIndexer

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-01-16 14:37 1606760 ----a-w- c:\program\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-01-20 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 22:37]

.

2013-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cce125dd1eb61e.job

- c:\program\Google\Update\GoogleUpdate.exe [2009-10-25 13:10]

.

2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program\Google\Update\GoogleUpdate.exe [2009-10-25 13:10]

.

2012-12-25 c:\windows\Tasks\Grundrensning.job

- c:\program\Panda Security\Panda Global Protection 2013\PlaTasks.exe [2012-12-25 09:36]

.

2013-01-20 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

.

2013-01-15 c:\windows\Tasks\NeroLiveEpgUpdate-STIGSJ-6C6FD30E_Administratör.job

- c:\program\Nero\Nero 9\Nero Live\NeroLive.exe [2008-09-18 12:51]

.

2013-01-20 c:\windows\Tasks\User_Feed_Synchronization-{945E1A1C-D934-4536-B47B-493B51D098FB}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]

.

2013-01-20 c:\windows\Tasks\User_Feed_Synchronization-{B6A6AE5F-966C-457D-9979-2B9722D3F44D}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]

.

2013-01-20 c:\windows\Tasks\User_Feed_Synchronization-{D72E822F-E36C-4726-9FDD-DD9DDF8793FE}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]

.

.

------- Supplementary Scan -------

.

uStart Page = https://www.google.se/

uDefault_Search_URL = hxxp://www.google.com

mStart Page = hxxp://www.google.com

mSearch Bar = hxxp://www.google.com

uInternet Settings,ProxyOverride = *.local

TCP: DhcpNameServer = 84.246.88.10 192.168.0.1

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_32.CAB

DPF: Microsoft XML Parser for Java

DPF: {E505599B-F37A-4849-A7B0-E0AAB5CB054C} - hxxps://gfs.nb.se/privat/bank/scripts/eid/NordeaSmartCard.cab

.

.

**************************************************************************

.

disk not found C:\

.

please note that you need administrator rights to perform deep scan

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files:

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f8,97,e0,3d,e7,e0,12,4f,8a,a4,b5,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f8,97,e0,3d,e7,e0,12,4f,8a,a4,b5,\

.

[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings]

@Denied: (2) (Administrator)

.

[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E3D006C1-465F-D162-FCC8-57E4B3471286}*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

"oabbdkkdfbnlbhanncbomhcnjaffph"=hex:69,61,62,6b,69,69,6b,62,69,62,6c,6f,68,6c,

6f,67,63,68,00,00

"nalbfnoghfocekeklomdlepdogch"=hex:6a,61,6e,6a,6d,6a,70,62,61,6c,64,63,62,63,

61,6f,6b,6d,66,61,00,00

"gbjpfhhjcmgbmnddlopgdccdgnlnliaidlmfdhomdipdfk"=hex:61,61,00,7e

"bbdpgaolafcnbldhfnmlohcpffkbgeaapibc"=hex:61,61,00,7e

.

[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FD4052A7-6146-70C0-7E56-E258991AF1D8}*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

"eajibbjkdf"=hex:66,61,70,6a,65,62,6c,63,63,6a,65,6f,00,00

"damhiafd"=hex:64,62,6e,6a,65,6e,61,6d,69,6c,64,68,65,6d,64,67,65,66,65,65,69,

63,65,6e,62,66,66,6a,69,6f,61,68,66,63,61,6a,62,62,61,68,00,00

"iablckpgomimgjdmcl"=hex:6a,61,63,6e,6e,65,61,62,70,69,70,67,6b,67,6c,6e,6e,61,

6d,64,00,00

"hahkijcfafldbpbm"=hex:6a,61,63,6e,6e,65,61,62,70,69,70,67,6b,67,6c,6e,6e,61,

6d,64,00,00

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(1072)

c:\windows\system32\avldr.dll

.

- - - - - - - > 'explorer.exe'(3136)

c:\program\Panda Security\Panda Global Protection 2013\pavoepl.dll

c:\windows\system32\msi.dll

c:\windows\system32\eappcfg.dll

c:\program\Panda Security\Panda Global Protection 2013\PavTrc.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program\Panda Security\Panda Global Protection 2013\TPSrv.exe

c:\program\PANDA SECURITY\PANDA GLOBAL PROTECTION 2013\WebProxy.exe

c:\program\Delade filer\ArcSoft\Connection Service\Bin\ACService.exe

c:\program\Bonjour\mDNSResponder.exe

c:\windows\system32\DRIVERS\CDANTSRV.EXE

c:\program\Java\jre6\bin\jqs.exe

c:\program\CDBurnerXP\NMSAccessU.exe

c:\program\Panda Security\Panda Global Protection 2013\PsCtrls.exe

c:\program\Panda Security\Panda Global Protection 2013\PavFnSvr.exe

c:\program\Delade filer\Panda Security\PavShld\pavprsrv.exe

c:\program\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC.exe

c:\program\panda security\panda global protection 2013\firewall\PSHOST.EXE

c:\program\Panda Security\Panda Global Protection 2013\PsImSvc.exe

c:\program\Google\Update\1.3.21.124\GoogleCrashHandler.exe

c:\windows\system32\MsPMSPSv.exe

c:\program\Panda Security\Panda Global Protection 2013\pavsrvx86.exe

c:\program\Panda Security\Panda Global Protection 2013\AVENGINE.EXE

c:\program\Windows Media Player\WMPNetwk.exe

c:\program\Panda Security\Panda Global Protection 2013\SRVLOAD.EXE

c:\program\Panda Security\Panda Global Protection 2013\PavBckPT.exe

.

**************************************************************************

.

Completion time: 2013-01-20 13:50:20 - machine was rebooted

ComboFix-quarantined-files.txt 2013-01-20 12:50

.

Pre-Run: 31 055 675 392 byte ledigt

Post-Run: 31 061 585 920 byte ledigt

.

- - End Of File - - C90B0BAD32BF45B9AD2BC3D735454423

[Cecilia]

1. Har du brandväggen i datorn igång?

Går det att sätta på den, om den nu inte är igång?

 

2. Går det att hitta "system event notification" på detta ställe?

Kontrollpanelen - Administrationsverktyg - Tjänster

I så fall dubbelklicka på den och välj "Startmetod" "Automatiskt".

Starta om datorn.

 

3. Starta Anteckningar.

Kopiera alla rader i rutan:

Killall::
RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings]
[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E3D006C1-465F-D162-FCC8-57E4B3471286}*]
[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FD4052A7-6146-70C0-7E56-E258991AF1D8}*]

och klistra in i Anteckningar. Kontrollera att det är 6 rader.

Spara filen på Skrivbordet med kodningen ANSI och med namnet CFScript.

 

Förbered datorn på samma sätt som tidigare för ComboFix.

Dra CFScript med musen och släpp den ovanpå ComboFix-ikonen på Skrivbordet så startar programmet på ett särskilt sätt.

Klistra in loggen som kommer ut.

 

4. Kör DDS och klistra in DDS.txt.

 

5. Kör OTL enligt inlägg 16 och klistra in OTL.txt.

[stisjo]

Hej Cecilia!

Här kommer svaren på senaste körningarna:

1. Jag kör Panda Security brandvägg och den är alltid igång

2. System Event Notification hitta jag där du föreslog

och den var startad och stod på Automatisk

 

 

ComboFix 13-01-17.04 - Administratör 2013-01-21 10:25:24.4.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.44.1053.18.1015.499 [GMT 1:00]

Running from: c:\documents and settings\Administratör\Skrivbord\ComboFix.exe

Command switches used :: c:\documents and settings\Administratör\Skrivbord\CFScript.txt

AV: Panda Global Protection 2013 *Disabled/Updated* {8BF935E7-731F-4115-B7A5-789FF5087595}

FW: Panda Personal Firewall 2013 *Enabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8}

.

.

((((((((((((((((((((((((( Files Created from 2012-12-21 to 2013-01-21 )))))))))))))))))))))))))))))))

.

.

2013-01-21 10:08 . 2013-01-21 10:08 60872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{78B4FEBB-8CA9-4477-8DD7-A0BAE87678C5}\offreg.dll

2013-01-18 16:53 . 2013-01-18 16:53 -------- d-----w- C:\_OTL

2013-01-18 09:52 . 2013-01-08 04:57 6991832 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{78B4FEBB-8CA9-4477-8DD7-A0BAE87678C5}\mpengine.dll

2013-01-17 10:42 . 2013-01-17 10:42 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZipSE

2013-01-17 10:41 . 2013-01-17 10:41 -------- d-----w- c:\program\WinZip Self-Extractor

2013-01-16 12:38 . 2013-01-16 12:38 -------- d-----w- c:\program\Systweak

2013-01-16 12:24 . 2013-01-16 12:31 12 ----a-w- c:\windows\system32\ASOROSet.bin

2013-01-15 17:56 . 2012-02-28 10:43 909728 ----a-w- c:\windows\system32\drivers\pctEFA.sys

2013-01-15 17:56 . 2012-02-28 10:43 342168 ----a-w- c:\windows\system32\drivers\pctDS.sys

2013-01-15 17:55 . 2012-10-22 15:38 368616 ----a-w- c:\windows\system32\drivers\PCTCore.sys

2013-01-15 17:55 . 2012-10-22 15:38 163288 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys

2013-01-15 17:54 . 2012-11-01 14:35 202280 ----a-w- c:\windows\system32\drivers\PCTSD.sys

2013-01-15 17:54 . 2013-01-15 17:54 -------- d-----w- c:\program\Delade filer\PC Tools

2013-01-15 17:50 . 2013-01-15 17:50 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools

2013-01-15 17:50 . 2013-01-15 17:50 -------- d-----w- c:\documents and settings\Administratör\Application Data\TestApp

2013-01-14 16:34 . 2013-01-03 06:18 15360 ----a-w- c:\windows\Launcher.exe

2013-01-14 16:33 . 2013-01-15 09:55 -------- d-----w- c:\documents and settings\Administratör\Lokala inställningar\Application Data\SimplyTech

2013-01-07 15:11 . 2013-01-07 15:13 -------- dc-h--w- c:\windows\ie8

2013-01-07 14:29 . 2013-01-07 14:29 -------- d-----w- c:\program\Microsoft

2013-01-02 17:43 . 2013-01-02 17:43 -------- d-----w- c:\documents and settings\All Users\Application Data\23399

2012-12-25 13:31 . 2012-12-31 10:06 13880 ----a-w- c:\windows\system32\drivers\COMFiltr.sys

2012-12-25 13:23 . 2009-08-13 17:07 672024 ----a-w- c:\windows\system32\wodKeys.dll

2012-12-25 13:23 . 2009-08-13 17:07 729424 ----a-w- c:\windows\system32\wodSFTP.dll

2012-12-25 13:22 . 2013-01-21 09:28 284940 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT

2012-12-25 13:22 . 2010-09-09 14:23 193864 ----a-w- c:\windows\system32\drivers\idsflt.sys

2012-12-25 13:22 . 2009-09-25 12:54 46856 ----a-w- c:\windows\system32\drivers\wnmflt.sys

2012-12-25 13:22 . 2009-09-25 12:54 53256 ----a-w- c:\windows\system32\drivers\dsaflt.sys

2012-12-25 13:22 . 2011-01-31 14:41 83528 ----a-w- c:\windows\system32\drivers\APPFLT.SYS

2012-12-25 13:22 . 2009-09-25 12:54 159112 ----a-w- c:\windows\system32\drivers\NETFLTDI.SYS

2012-12-25 13:22 . 2009-09-25 12:54 22024 ----a-w- c:\windows\system32\drivers\fnetmon.sys

2012-12-25 13:21 . 2010-06-22 16:13 26696 ----a-w- c:\windows\system32\drivers\pavboot.sys

2012-12-25 13:21 . 2007-03-15 17:38 54832 ----a-w- c:\windows\system32\pavcpl.cpl

2012-12-25 11:39 . 2012-12-25 11:42 -------- d-----w- C:\SMCLpav

2012-12-24 14:44 . 2012-12-24 14:44 -------- d-----w- C:\backup

2012-12-24 12:52 . 2012-12-24 12:52 -------- d-----w- c:\program\Microsoft Corporation

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-21 17:52 . 2012-08-12 15:53 859072 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-12-21 17:51 . 2010-04-26 16:50 779704 ----a-w- c:\windows\system32\deployJava1.dll

2012-12-19 10:08 . 2012-12-19 10:10 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-12-16 12:23 . 2007-12-11 22:08 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-12-11 22:37 . 2012-08-15 20:36 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-11 22:37 . 2012-08-15 20:36 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-03 12:50 . 2012-12-03 12:50 371200 ----a-w- c:\windows\system32\SearchIndexer.dll

2012-12-03 12:50 . 2012-12-03 12:50 269824 ----a-w- c:\windows\system32\SearchEngine.rs

2012-11-13 11:55 . 2007-12-11 22:08 1866368 ------w- c:\windows\system32\win32k.sys

2012-11-09 15:51 . 2007-12-13 21:02 466008 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-11-08 18:00 . 2012-02-26 11:32 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2012-11-06 02:00 . 2007-05-15 14:43 1371648 ------w- c:\windows\system32\msxml6.dll

2012-11-02 02:04 . 2007-12-11 22:08 375296 ------w- c:\windows\system32\dpnet.dll

2012-11-01 12:13 . 2007-12-11 22:09 916992 ----a-w- c:\windows\system32\wininet.dll

2012-11-01 12:13 . 2007-12-11 22:09 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-11-01 12:13 . 2007-12-11 22:09 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-01 00:35 . 2007-12-11 22:09 385024 ----a-w- c:\windows\system32\html.iec

2012-10-29 11:10 . 2011-05-17 09:36 4659712 ----a-w- c:\windows\system32\Redemption.dll

2012-10-29 11:09 . 2012-10-29 11:09 45320 ----a-w- c:\windows\system32\MAMACExtract.dll

2012-10-29 11:09 . 2011-05-17 09:31 821824 ----a-w- c:\windows\system32\dgderapi.dll

2012-10-29 11:09 . 2011-05-17 09:31 319456 ----a-w- c:\windows\system32\DIFxAPI.dll

2012-10-29 11:09 . 2011-05-17 09:31 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"On2Share"="c:\program\On2Share\On2Share MediaServer.exe" [2009-03-28 1804288]

"swg"="c:\program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-02-06 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ANIWZCSService"="c:\program\alpha networks\aniwzcs service\wzcsldr.exe" [2003-08-21 32768]

"APVXDWIN"="c:\program\Panda Security\Panda Global Protection 2013\APVXDWIN.EXE" [2012-11-27 1037600]

"SCANINICIO"="c:\program\Panda Security\Panda Global Protection 2013\Inicio.exe" [2012-11-08 70432]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]

2010-03-24 10:55 55552 ----a-w- c:\windows\system32\avldr.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-12-03 07:35 946352 ----a-w- c:\program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Deskup]

2001-10-01 09:08 28672 ----a-w- c:\program\Iomega\DriveIcons\deskup.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iomega Active Disk]

2001-09-13 09:35 45056 ----a-w- c:\program\Iomega\AutoDisk\AD2KClient.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iomega Drive Icons]

2001-09-12 09:35 61440 ----a-w- c:\program\Iomega\DriveIcons\Imgicon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iomega Startup Options]

2001-01-17 15:33 45056 ----a-w- c:\program\Iomega\Common\IMGSTART.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]

2012-11-01 12:16 577536 ----a-w- c:\program\Samsung\Kies\KiesAirMessage.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]

2012-11-12 10:45 1104824 ----a-w- c:\program\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]

2012-11-12 10:45 968120 ----a-w- c:\program\Samsung\Kies\Kies.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]

2012-11-12 10:45 309688 ----a-w- c:\program\Samsung\Kies\KiesTrayAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyGarminAgent]

2010-03-16 08:36 337256 ----a-w- c:\program\Garmin\MyGarminAgent\myGarminAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2011-07-05 16:36 421888 ----a-w- c:\program\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2012-02-06 09:36 39408 ----a-w- c:\program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"Apple Mobile Device"=2 (0x2)

"Nero BackItUp Scheduler 4.0"=2 (0x2)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"CTFMON.EXE"=c:\windows\system32\ctfmon.exe

"gStart"=c:\garmin\gStart.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"snp2uvc"=c:\windows\vsnp2uvc.exe

"NBKeyScan"="c:\program\Nero\Nero BackItUp 4\NBKeyScan.exe"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

"mW[íµˆÖ¾`=µú¾˜v%S8’ÿÙêé>grl>­Ý\†Ð=ŸàÛ±Þ"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program\\Windows Media Player\\wmplayer.exe"=

"c:\\Program\\BitLord\\BitLord.exe"=

"c:\\Program\\On2Share\\On2Share MediaServer.exe"=

"c:\\Program\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=

"c:\\Program\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=

"c:\\Program\\K-Lite Codec Pack\\Filters\\ac3config.exe"=

"c:\program\Microsoft ActiveSync\rapimgr.exe"= c:\program\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"c:\program\Microsoft ActiveSync\wcescomm.exe"= c:\program\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"c:\program\Microsoft ActiveSync\WCESMgr.exe"= c:\program\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"c:\\Program\\D-Link\\Air Utility\\AirCFG.exe"=

"c:\\Program\\Java\\jre6\\bin\\javaw.exe"=

"c:\\Program\\iTunes\\iTunes.exe"=

"c:\\Program\\uTorrent\\uTorrent.exe"=

"c:\\WINDOWS\\system32\\msiexec.exe"=

"c:\\Program\\Panda Security\\Panda Global Protection 2013\\ApVxdWin.exe"=

"c:\\WINDOWS\\system32\\ARFC\\wrtc.exe"=

"c:\\Program\\YourFileDownloader\\YourFile.exe"=

"c:\\WINDOWS\\Microsoft.NET\\Framework\\v2.0.50727\\AppLaunch.exe"=

"c:\\Program\\Bonjour\\mDNSResponder.exe"=

"c:\\WINDOWS\\system32\\wuauclt.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

"26125:TCP"= 26125:TCP:Asset UPnP TCP

"26125:UDP"= 26125:UDP:Asset UPnP UDP

"2799:UDP"= 2799:UDP:Altova License Metering Port (UDP)

"2799:TCP"= 2799:TCP:Altova License Metering Port (TCP)

.

R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [2012-12-25 26696]

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2013-01-15 368616]

R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2013-01-15 342168]

R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2013-01-15 909728]

R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [2012-12-25 83528]

R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [2012-12-25 53256]

R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [2012-12-25 22024]

R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [2012-12-25 193864]

R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [2012-12-25 14:22 159112]

R1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\drivers\PCTSD.sys [2013-01-15 202280]

R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [2012-12-25 37448]

R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [2012-12-25 46856]

R2 AmFSM;AmFSM;c:\windows\system32\drivers\amm8651.sys [2012-12-25 63240]

R2 BBSvc;BingBar Service;c:\program\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-06-11 193616]

R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [2012-12-25 164488]

R2 PhoneMyPC_Helper;PhoneMyPC_Helper;c:\program\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe [2010-08-22 31232]

R2 PskSvcRetail;Panda PSK service;c:\program\Panda Security\Panda Global Protection 2013\psksvc.exe [2012-12-25 28992]

R2 WinDefend;Windows Defender;c:\program\Windows Defender\MsMpEng.exe [2006-11-03 13592]

R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]

R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;c:\windows\system32\drivers\neti1644.sys [2012-12-25 201032]

R3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys --> c:\windows\system32\PavSRK.sys [?]

R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?]

S2 DCamUSB20;USB 2.0 Capture;c:\windows\system32\drivers\CsMini20.sys [2007-12-15 46216]

S3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]

S3 BBUpdate;BBUpdate;c:\program\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-06-11 240208]

S3 ComFiltr;Panda Anti-Dialer;c:\windows\system32\drivers\COMFiltr.sys [2012-12-25 13880]

S3 csaudio;USB2.0 Audio Device Driver;c:\windows\system32\drivers\csaud.sys [2007-12-15 11008]

S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2011-05-17 20032]

S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2009-10-24 36608]

S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [2007-12-11 14336]

S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [2007-12-30 47360]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2012-06-03 121064]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2012-06-03 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2012-06-03 136808]

S3 TdsNordecr;Nordea NCR1 SmartCard Reader;c:\windows\system32\drivers\nordecr.sys [2007-10-30 23040]

S3 TodosAgmII;Driver for Todos Argos Mini II;c:\windows\system32\drivers\AgmIIusb.sys [2008-02-16 18176]

S3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM108.sys [2012-02-20 1522176]

S4 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

SearchIndexer

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-01-16 14:37 1606760 ----a-w- c:\program\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-01-21 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 22:37]

.

2013-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cce125dd1eb61e.job

- c:\program\Google\Update\GoogleUpdate.exe [2009-10-25 13:10]

.

2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program\Google\Update\GoogleUpdate.exe [2009-10-25 13:10]

.

2012-12-25 c:\windows\Tasks\Grundrensning.job

- c:\program\Panda Security\Panda Global Protection 2013\PlaTasks.exe [2012-12-25 09:36]

.

2013-01-21 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

.

2013-01-15 c:\windows\Tasks\NeroLiveEpgUpdate-STIGSJ-6C6FD30E_Administratör.job

- c:\program\Nero\Nero 9\Nero Live\NeroLive.exe [2008-09-18 12:51]

.

2013-01-21 c:\windows\Tasks\User_Feed_Synchronization-{945E1A1C-D934-4536-B47B-493B51D098FB}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]

.

2013-01-21 c:\windows\Tasks\User_Feed_Synchronization-{B6A6AE5F-966C-457D-9979-2B9722D3F44D}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]

.

2013-01-21 c:\windows\Tasks\User_Feed_Synchronization-{D72E822F-E36C-4726-9FDD-DD9DDF8793FE}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]

.

.

------- Supplementary Scan -------

.

uStart Page = https://www.google.se/

uDefault_Search_URL = hxxp://www.google.com

mStart Page = hxxp://www.google.com

mSearch Bar = hxxp://www.google.com

uInternet Settings,ProxyOverride = *.local

TCP: DhcpNameServer = 84.246.88.10 192.168.0.1

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_32.CAB

DPF: Microsoft XML Parser for Java

DPF: {E505599B-F37A-4849-A7B0-E0AAB5CB054C} - hxxps://gfs.nb.se/privat/bank/scripts/eid/NordeaSmartCard.cab

.

.

**************************************************************************

.

disk not found C:\

.

please note that you need administrator rights to perform deep scan

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files:

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E3D006C1-465F-D162-FCC8-57E4B3471286}*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

"oabbdkkdfbnlbhanncbomhcnjaffph"=hex:69,61,62,6b,69,69,6b,62,69,62,6c,6f,68,6c,

6f,67,63,68,00,00

"nalbfnoghfocekeklomdlepdogch"=hex:6a,61,6e,6a,6d,6a,70,62,61,6c,64,63,62,63,

61,6f,6b,6d,66,61,00,00

"gbjpfhhjcmgbmnddlopgdccdgnlnliaidlmfdhomdipdfk"=hex:61,61,00,7e

"bbdpgaolafcnbldhfnmlohcpffkbgeaapibc"=hex:61,61,00,7e

.

[HKEY_USERS\S-1-5-21-448539723-1004336348-682003330-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FD4052A7-6146-70C0-7E56-E258991AF1D8}*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

"eajibbjkdf"=hex:66,61,70,6a,65,62,6c,63,63,6a,65,6f,00,00

"damhiafd"=hex:64,62,6e,6a,65,6e,61,6d,69,6c,64,68,65,6d,64,67,65,66,65,65,69,

63,65,6e,62,66,66,6a,69,6f,61,68,66,63,61,6a,62,62,61,68,00,00

"iablckpgomimgjdmcl"=hex:6a,61,63,6e,6e,65,61,62,70,69,70,67,6b,67,6c,6e,6e,61,

6d,64,00,00

"hahkijcfafldbpbm"=hex:6a,61,63,6e,6e,65,61,62,70,69,70,67,6b,67,6c,6e,6e,61,

6d,64,00,00

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(1072)

c:\windows\system32\avldr.dll

.

- - - - - - - > 'explorer.exe'(344)

c:\program\Panda Security\Panda Global Protection 2013\pavoepl.dll

c:\windows\system32\msi.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\eappcfg.dll

c:\windows\system32\WPDShServiceObj.dll

c:\program\Panda Security\Panda Global Protection 2013\PavTrc.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program\Panda Security\Panda Global Protection 2013\TPSrv.exe

c:\program\PANDA SECURITY\PANDA GLOBAL PROTECTION 2013\WebProxy.exe

c:\program\Delade filer\ArcSoft\Connection Service\Bin\ACService.exe

c:\program\Bonjour\mDNSResponder.exe

c:\windows\system32\DRIVERS\CDANTSRV.EXE

c:\program\Java\jre6\bin\jqs.exe

c:\program\CDBurnerXP\NMSAccessU.exe

c:\program\Panda Security\Panda Global Protection 2013\PsCtrls.exe

c:\program\Panda Security\Panda Global Protection 2013\PavFnSvr.exe

c:\program\Delade filer\Panda Security\PavShld\pavprsrv.exe

c:\program\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC.exe

c:\program\panda security\panda global protection 2013\firewall\PSHOST.EXE

c:\program\Panda Security\Panda Global Protection 2013\PsImSvc.exe

c:\program\Google\Update\1.3.21.124\GoogleCrashHandler.exe

c:\windows\system32\MsPMSPSv.exe

c:\program\Windows Media Player\WMPNetwk.exe

c:\program\Panda Security\Panda Global Protection 2013\pavsrvx86.exe

c:\program\Panda Security\Panda Global Protection 2013\AVENGINE.EXE

c:\program\Panda Security\Panda Global Protection 2013\SRVLOAD.EXE

c:\program\Panda Security\Panda Global Protection 2013\PavBckPT.exe

.

**************************************************************************

.

Completion time: 2013-01-21 11:16:28 - machine was rebooted

ComboFix-quarantined-files.txt 2013-01-21 10:16

.

Pre-Run: 31 024 123 904 byte ledigt

Post-Run: 31 028 191 232 byte ledigt

.

- - End Of File - - F23763C4523D87DE1F100A64560E88F9

 

här kommer attach

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\Harddisk0\DP(1)0x7e00-0x12a1c90400+2

Install Date: 2007-12-11 16:04:27

System Uptime: 2013-01-21 11:02:20 (1 hours ago)

.

Motherboard: FUJITSU SIEMENS | | D1451

Processor: Intel® Celeron® CPU 2.40GHz | CPU | 2392/400mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 75 GiB total, 28,928 GiB free.

D: is FIXED (NTFS) - 39 GiB total, 38,144 GiB free.

E: is FIXED (NTFS) - 39 GiB total, 33,48 GiB free.

F: is FIXED (NTFS) - 34 GiB total, 15,291 GiB free.

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: ADMtek AN983 based ethernet adapter

Device ID: PCI\VEN_1317&DEV_0985&SUBSYS_100C1734&REV_11\4&25296D99&0&08F0

Manufacturer: ADMtek Incorporated

Name: ADMtek AN983 based ethernet adapter

PNP Device ID: PCI\VEN_1317&DEV_0985&SUBSYS_100C1734&REV_11\4&25296D99&0&08F0

Service: AN983

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: 1394 Net Adapter

Device ID: V1394\NIC1394\525B110600

Manufacturer: Microsoft

Name: 1394 Net Adapter

PNP Device ID: V1394\NIC1394\525B110600

Service: NIC1394

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: D-Link AirPlus G DWL-G510 Wireless PCI Adapter(rev.C)

Device ID: PCI\VEN_1814&DEV_0302&SUBSYS_3C091186&REV_00\4&25296D99&0&38F0

Manufacturer: D-Link

Name: D-Link AirPlus G DWL-G510 Wireless PCI Adapter(rev.C)

PNP Device ID: PCI\VEN_1814&DEV_0302&SUBSYS_3C091186&REV_00\4&25296D99&0&38F0

Service: RT61

.

Class GUID: {4D36E968-E325-11CE-BFC1-08002BE10318}

Description: NVIDIA GeForce FX 5200

Device ID: PCI\VEN_10DE&DEV_0322&SUBSYS_00000000&REV_A1\4&25296D99&0&48F0

Manufacturer: NVIDIA

Name: NVIDIA GeForce FX 5200

PNP Device ID: PCI\VEN_10DE&DEV_0322&SUBSYS_00000000&REV_A1\4&25296D99&0&48F0

Service: nv

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: System Event Notification

Device ID: ROOT\LEGACY_SENS\0000

Manufacturer:

Name: System Event Notification

PNP Device ID: ROOT\LEGACY_SENS\0000

Service: SENS

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: WAN Miniport (IPX)

Device ID: ROOT\MS_NDISWANIPX\0001

Manufacturer: Microsoft

Name: WAN Miniport (IPX) #2

PNP Device ID: ROOT\MS_NDISWANIPX\0001

Service: NdisWan

.

==== System Restore Points ===================

.

RP491: 2012-12-27 20:22:21 - Systemkontrollpunkt

RP492: 2012-12-28 12:58:53 - Software Distribution Service 3.0

RP493: 2012-12-28 16:59:32 - RegCure Pro Backup

RP494: 2012-12-30 11:40:13 - Systemkontrollpunkt

RP495: 2012-12-31 12:25:50 - Systemkontrollpunkt

RP496: 2013-01-01 15:56:16 - Software Distribution Service 3.0

RP497: 2013-01-02 17:42:45 - Systemkontrollpunkt

RP498: 2013-01-02 19:00:24 - Software Distribution Service 3.0

RP499: 2013-01-03 19:24:14 - Systemkontrollpunkt

RP500: 2013-01-04 11:14:53 - Software Distribution Service 3.0

RP501: 2013-01-04 19:00:24 - Software Distribution Service 3.0

RP502: 2013-01-05 19:07:02 - Systemkontrollpunkt

RP503: 2013-01-06 19:30:25 - Systemkontrollpunkt

RP504: 2013-01-07 15:05:53 - RegCure Pro Backup

RP505: 2013-01-07 15:28:17 - Installed Windows Internet Explorer 8.

RP506: 2013-01-07 16:12:30 - Windows Internet Explorer 8 installerades.

RP507: 2013-01-07 16:26:31 - Installerade Windows XP KB2618444.

RP508: 2013-01-07 19:00:56 - Software Distribution Service 3.0

RP509: 2013-01-08 11:00:44 - Software Distribution Service 3.0

RP510: 2013-01-08 13:03:14 - Återställ till en osignerad drivrutin

RP511: 2013-01-09 13:16:21 - Systemkontrollpunkt

RP512: 2013-01-09 19:00:29 - Software Distribution Service 3.0

RP513: 2013-01-10 19:13:18 - Systemkontrollpunkt

RP514: 2013-01-11 11:27:33 - Software Distribution Service 3.0

RP515: 2013-01-11 11:40:11 - Software Distribution Service 3.0

RP516: 2013-01-12 13:26:55 - Systemkontrollpunkt

RP517: 2013-01-13 13:32:57 - Systemkontrollpunkt

RP518: 2013-01-14 17:24:13 - Systemkontrollpunkt

RP519: 2013-01-14 18:52:07 - RegCure Pro Backup

RP520: 2013-01-15 10:37:11 - Software Distribution Service 3.0

RP521: 2013-01-15 12:59:42 - RegCure Pro Backup

RP522: 2013-01-15 16:55:50 - Software Distribution Service 3.0

RP523: 2013-01-15 19:02:32 - Software Distribution Service 3.0

RP524: 2013-01-16 12:57:33 - RegClean Pro on, jan 16, 13 12:56

RP525: 2013-01-17 11:33:21 - stig 13.01.17

RP526: 2013-01-18 10:52:00 - Software Distribution Service 3.0

RP527: 2013-01-18 18:00:59 - OTL Restore Point - 2013-01-18 18:00:40

RP528: 2013-01-19 18:33:50 - Systemkontrollpunkt

RP529: 2013-01-20 18:40:50 - Systemkontrollpunkt

.

==== Installed Programs ======================

.

"Nero SoundTrax Help

Acrobat.com

Adobe AIR

Adobe Anchor Service CS3

Adobe Asset Services CS3

Adobe Bridge 1.0

Adobe Bridge CS3

Adobe Bridge Start Meeting

Adobe Camera Raw 4.0

Adobe CMaps CS4

Adobe Color EU Extra Settings CS4

Adobe Color JA Extra Settings CS4

Adobe Color NA Recommended Settings CS4

Adobe Default Language CS4

Adobe Device Central CS3

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Fonts All

Adobe Help Center 1.0

Adobe Help Manager

Adobe Help Viewer CS3

Adobe Illustrator CS

Adobe Illustrator CS3

Adobe Linguistics CS3

Adobe PDF Library Files CS4

Adobe Photoshop CS2

Adobe Photoshop Elements 8.0

Adobe Reader X (10.1.5) - Svenska

Adobe Setup

Adobe Stock Photos 1.0

Adobe SVG Viewer 3.0

Adobe Type Support CS4

Adobe Update Manager CS3

Adobe Version Cue CS3 Client

Adobe WinSoft Linguistics Plugin

Adobe XMP Panels CS3

Air Utility

Android SDK Tools

µTorrent

Bing Bar

Compatibility Pack for the 2007 Office system

EPSON Attach To Email

Garmin Communicator Plugin

Garmin Communicator Plugin with myGarmin Agent

Garmin Lifetime Updater

Garmin USB Drivers

Google Chrome

Google Earth Plug-in

Google Toolbar for Internet Explorer

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)

Hotfix for Windows XP (KB976002-v5)

ImagXpress

Java Auto Updater

Java 6 Update 38

Java SE Development Kit 6 Update 38

Kies Air Discovery Service

Magic ISO Maker v5.5 (build 0281)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2698023)

Microsoft .NET Framework 1.1 Security Update (KB2742597)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile Language Pack - SVE

Microsoft .NET Framework 4 Extended

Microsoft Download Manager

Microsoft IE ActiveX Analyzer

Microsoft Silverlight

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft XML Parser

Nero BackItUp

Nero BurningROM

Nero BurnRights

Nero ControlCenter

Nero CoverDesigner Help

Nero Disc Copy Gadget Help

Nero DiscSpeed

Nero DriveSpeed

Nero Express

Nero InfoTool

Nero Live

Nero Live Help

Nero PhotoSnap Help

Nero Recode Help

Nero RescueAgent Help

Nero ShowTime

Nero StartSmart Help

Nero WaveEditor Help

Nero Vision

Panda Global Protection 2010

Panda Global Protection 2013

Panda Internet Security 2009

Panda Secure Vault 5

Password Depot 6 - Panda Secure Vault Edition

PDF Settings CS4

Samsung Kies

Samsung PC Studio 3

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

SmartSound Quicktracks Plugin

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2510531)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2544521)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2618444)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2761465)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2799329)

Systweak PhotoStudio 2.1

WebFldrs XP

Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)

Windows Genuine Advantage Notifications (KB905474)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

WinZip 17.0

WinZip Self-Extractor

XML Paper Specification Shared Components Pack 1.0

.

==== Event Viewer Messages From Past Week ========

.

2013-01-21 11:03:32, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-21 11:03:32, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-21 11:03:32, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-21 11:03:32, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-21 11:03:32, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-21 10:43:51, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-21 10:42:47, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-21 10:24:41, error: Service Control Manager [7034] - Tjänsten WMDM PMSP Service avslutades oväntat. Detta har skett 1 gånger.

2013-01-21 10:24:41, error: Service Control Manager [7034] - Tjänsten Print Spooler avslutades oväntat. Detta har skett 1 gånger.

2013-01-21 10:24:41, error: Service Control Manager [7034] - Tjänsten PhoneMyPC_Helper avslutades oväntat. Detta har skett 1 gånger.

2013-01-21 10:24:41, error: Service Control Manager [7034] - Tjänsten NMSAccess avslutades oväntat. Detta har skett 1 gånger.

2013-01-21 10:24:41, error: Service Control Manager [7034] - Tjänsten Java Quick Starter avslutades oväntat. Detta har skett 1 gånger.

2013-01-21 10:24:41, error: Service Control Manager [7034] - Tjänsten BingBar Service avslutades oväntat. Detta har skett 1 gånger.

2013-01-21 10:24:41, error: Service Control Manager [7034] - Tjänsten Application Layer Gateway Service avslutades oväntat. Detta har skett 1 gånger.

2013-01-21 10:24:41, error: Service Control Manager [7034] - Tjänsten ACDaemon avslutades oväntat. Detta har skett 1 gånger.

2013-01-21 10:24:41, error: Service Control Manager [7034] - Tjänsten ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## avslutades oväntat. Detta har skett 1 gånger.

2013-01-21 10:24:41, error: Service Control Manager [7031] - Tjänsten Windows Defender avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 15000 millisekunder: Starta om tjänsten.

2013-01-21 10:24:29, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-21 10:22:33, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-21 10:22:32, error: Service Control Manager [7034] - Tjänsten C-DillaSrv avslutades oväntat. Detta har skett 1 gånger.

2013-01-21 10:20:13, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-21 10:20:13, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-21 10:20:13, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-21 10:20:13, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-21 10:20:13, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-21 10:13:31, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-21 10:09:23, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-21 10:08:20, error: Service Control Manager [7034] - Tjänsten C-DillaSrv avslutades oväntat. Detta har skett 1 gånger.

2013-01-21 10:08:20, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-21 08:33:25, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-21 08:33:25, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-21 08:33:25, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-21 08:33:25, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-21 08:33:25, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-20 13:37:18, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-20 13:37:18, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-20 13:37:18, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-20 13:37:18, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-20 13:37:18, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-20 13:18:39, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-20 13:17:33, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-20 12:58:06, error: Service Control Manager [7034] - Tjänsten WMDM PMSP Service avslutades oväntat. Detta har skett 1 gånger.

2013-01-20 12:58:06, error: Service Control Manager [7034] - Tjänsten Print Spooler avslutades oväntat. Detta har skett 1 gånger.

2013-01-20 12:58:06, error: Service Control Manager [7034] - Tjänsten PhoneMyPC_Helper avslutades oväntat. Detta har skett 1 gånger.

2013-01-20 12:58:06, error: Service Control Manager [7034] - Tjänsten NMSAccess avslutades oväntat. Detta har skett 1 gånger.

2013-01-20 12:58:06, error: Service Control Manager [7034] - Tjänsten Java Quick Starter avslutades oväntat. Detta har skett 1 gånger.

2013-01-20 12:58:06, error: Service Control Manager [7034] - Tjänsten BingBar Service avslutades oväntat. Detta har skett 1 gånger.

2013-01-20 12:58:06, error: Service Control Manager [7034] - Tjänsten Application Layer Gateway Service avslutades oväntat. Detta har skett 1 gånger.

2013-01-20 12:58:06, error: Service Control Manager [7034] - Tjänsten ACDaemon avslutades oväntat. Detta har skett 1 gånger.

2013-01-20 12:58:06, error: Service Control Manager [7034] - Tjänsten ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## avslutades oväntat. Detta har skett 1 gånger.

2013-01-20 12:58:06, error: Service Control Manager [7031] - Tjänsten Windows Defender avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 15000 millisekunder: Starta om tjänsten.

2013-01-20 12:57:49, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-20 12:56:12, error: Service Control Manager [7034] - Tjänsten C-DillaSrv avslutades oväntat. Detta har skett 1 gånger.

2013-01-20 12:56:12, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-20 12:53:38, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-20 12:53:38, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-20 12:53:38, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-20 12:53:37, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-20 12:53:37, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-20 12:46:26, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-20 12:42:06, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-20 12:41:00, error: Service Control Manager [7034] - Tjänsten C-DillaSrv avslutades oväntat. Detta har skett 1 gånger.

2013-01-20 12:41:00, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-20 11:18:54, error: Service Control Manager [7009] - En timeout (30000 ms) inträffade vid väntan på att tjänsten WMI Performance Adapter ska ansluta.

2013-01-20 11:18:54, error: Service Control Manager [7000] - Tjänsten WMI Performance Adapter kunde inte startas på grund av följande fel: Tjänsten svarade inte på start- eller kontrollbegäran i tid.

2013-01-20 11:17:00, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-20 11:17:00, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-20 11:17:00, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-20 11:17:00, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-20 11:17:00, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-19 16:30:13, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-19 16:30:13, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-19 16:30:13, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-19 16:30:13, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-19 16:30:13, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-19 16:00:06, error: Service Control Manager [7009] - En timeout (30000 ms) inträffade vid väntan på att tjänsten BITS ska ansluta.

2013-01-19 16:00:06, error: Service Control Manager [7000] - Tjänsten BITS kunde inte startas på grund av följande fel: Tjänsten svarade inte på start- eller kontrollbegäran i tid.

2013-01-19 16:00:05, error: DCOM [10005] - DCOM fick felet %1053 vid försök att starta tjänsten BITS med argumenten för att köra servern: {4991D34B-80A1-4291-83B6-3328366B9097}

2013-01-19 15:56:00, error: Service Control Manager [7009] - En timeout (30000 ms) inträffade vid väntan på att tjänsten WMI Performance Adapter ska ansluta.

2013-01-19 15:56:00, error: Service Control Manager [7000] - Tjänsten WMI Performance Adapter kunde inte startas på grund av följande fel: Tjänsten svarade inte på start- eller kontrollbegäran i tid.

2013-01-19 15:54:01, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-19 15:54:01, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-19 15:54:00, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-19 15:54:00, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-19 15:54:00, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-19 15:52:04, error: DCOM [10005] - DCOM fick felet %1084 vid försök att starta tjänsten EventSystem med argumenten för att köra servern: {1BE1F766-5536-11D1-B726-00C04FB926AF}

2013-01-19 15:51:30, error: DCOM [10005] - DCOM fick felet %1084 vid försök att starta tjänsten wuauserv med argumenten för att köra servern: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

2013-01-19 15:51:04, error: DCOM [10005] - DCOM fick felet %1084 vid försök att starta tjänsten StiSvc med argumenten för att köra servern: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

2013-01-19 15:49:30, error: DCOM [10005] - DCOM fick felet %1084 vid försök att starta tjänsten StiSvc med argumenten för att köra servern: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

2013-01-19 15:48:13, error: DCOM [10005] - DCOM fick felet %1084 vid försök att starta tjänsten StiSvc med argumenten för att köra servern: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

2013-01-19 15:47:46, error: DCOM [10005] - DCOM fick felet %1084 vid försök att starta tjänsten StiSvc med argumenten för att köra servern: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

2013-01-19 15:47:09, error: DCOM [10005] - DCOM fick felet %1084 vid försök att starta tjänsten StiSvc med argumenten för att köra servern: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

2013-01-19 15:46:48, error: DCOM [10005] - DCOM fick felet %1084 vid försök att starta tjänsten netman med argumenten för att köra servern: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

2013-01-19 15:46:46, error: Service Control Manager [7026] - Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: AFD APPFLT DSAFLT Fips FNETMON IDSFLT intelppm IPSec NetBT NETFLTDI pavboot PCLEPCI PCTSD RasAcd ShldDrv StarOpen Tcpip WNMFLT

2013-01-19 15:46:46, error: Service Control Manager [7001] - Tjänsten TCP/IP NetBIOS Helper är beroende av tjänsten AFD. Den sistnämnda kunde inte starta på grund av följande fel: En enhet som är ansluten till datorn fungerar inte.

2013-01-19 15:46:46, error: Service Control Manager [7001] - Tjänsten IPSEC Services är beroende av tjänsten IPSEC driver. Den sistnämnda kunde inte starta på grund av följande fel: En enhet som är ansluten till datorn fungerar inte.

2013-01-19 15:46:46, error: Service Control Manager [7001] - Tjänsten DNS Client är beroende av tjänsten TCP/IP Protocol Driver. Den sistnämnda kunde inte starta på grund av följande fel: En enhet som är ansluten till datorn fungerar inte.

2013-01-19 15:46:46, error: Service Control Manager [7001] - Tjänsten DHCP Client är beroende av tjänsten NetBios over Tcpip. Den sistnämnda kunde inte starta på grund av följande fel: En enhet som är ansluten till datorn fungerar inte.

2013-01-19 15:46:46, error: Service Control Manager [7001] - Tjänsten ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## är beroende av tjänsten TCP/IP Protocol Driver. Den sistnämnda kunde inte starta på grund av följande fel: En enhet som är ansluten till datorn fungerar inte.

2013-01-19 15:46:43, error: DCOM [10005] - DCOM fick felet %1084 vid försök att starta tjänsten netman med argumenten för att köra servern: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

2013-01-19 15:46:36, error: DCOM [10005] - DCOM fick felet %1084 vid försök att starta tjänsten EventSystem med argumenten för att köra servern: {1BE1F766-5536-11D1-B726-00C04FB926AF}

2013-01-19 14:09:40, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-19 14:09:40, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-19 14:09:40, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-19 14:09:40, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-19 14:09:40, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-19 13:49:41, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-19 13:48:35, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-19 13:30:26, error: Service Control Manager [7034] - Tjänsten WMDM PMSP Service avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 13:30:26, error: Service Control Manager [7034] - Tjänsten Print Spooler avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 13:30:26, error: Service Control Manager [7034] - Tjänsten PhoneMyPC_Helper avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 13:30:26, error: Service Control Manager [7034] - Tjänsten NMSAccess avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 13:30:26, error: Service Control Manager [7034] - Tjänsten Java Quick Starter avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 13:30:26, error: Service Control Manager [7034] - Tjänsten BingBar Service avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 13:30:26, error: Service Control Manager [7034] - Tjänsten Application Layer Gateway Service avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 13:30:26, error: Service Control Manager [7034] - Tjänsten ACDaemon avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 13:30:26, error: Service Control Manager [7034] - Tjänsten ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 13:30:26, error: Service Control Manager [7031] - Tjänsten Windows Defender avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 15000 millisekunder: Starta om tjänsten.

2013-01-19 13:30:10, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-19 13:28:27, error: Service Control Manager [7034] - Tjänsten C-DillaSrv avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 13:28:27, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-19 13:25:44, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-19 13:25:44, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-19 13:25:44, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-19 13:25:44, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-19 13:25:44, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-19 13:08:04, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-19 13:02:43, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-19 12:59:37, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-19 12:59:36, error: Service Control Manager [7034] - Tjänsten C-DillaSrv avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 12:03:34, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-19 12:03:34, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-19 12:03:33, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-19 12:03:33, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-19 12:03:33, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-19 11:47:04, error: Service Control Manager [7034] - Tjänsten PhoneMyPC_Helper avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 11:47:04, error: Service Control Manager [7034] - Tjänsten Panda Software Controller avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 11:47:04, error: Service Control Manager [7034] - Tjänsten Panda PSK service avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 11:47:04, error: Service Control Manager [7034] - Tjänsten Panda Process Protection Service avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 11:47:04, error: Service Control Manager [7034] - Tjänsten Panda On-Access Anti-Malware Service avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 11:47:04, error: Service Control Manager [7034] - Tjänsten Panda IManager Service avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 11:47:04, error: Service Control Manager [7034] - Tjänsten Panda Host Service avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 11:47:04, error: Service Control Manager [7034] - Tjänsten Panda Function Service avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 11:47:04, error: Service Control Manager [7034] - Tjänsten NMSAccess avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 11:47:04, error: Service Control Manager [7034] - Tjänsten Java Quick Starter avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 11:47:04, error: Service Control Manager [7034] - Tjänsten C-DillaSrv avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 11:47:04, error: Service Control Manager [7034] - Tjänsten BBUpdate avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 11:47:04, error: Service Control Manager [7009] - En timeout (30000 ms) inträffade vid väntan på att tjänsten Windows Defender ska ansluta.

2013-01-19 11:47:04, error: Service Control Manager [7000] - Tjänsten Windows Defender kunde inte startas på grund av följande fel: Tjänsten svarade inte på start- eller kontrollbegäran i tid.

2013-01-19 11:45:17, error: Service Control Manager [7034] - Tjänsten ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 11:45:16, error: Service Control Manager [7034] - Tjänsten ACDaemon avslutades oväntat. Detta har skett 1 gånger.

2013-01-19 11:45:15, error: Service Control Manager [7031] - Tjänsten Windows Defender avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 15000 millisekunder: Starta om tjänsten.

2013-01-19 10:47:01, error: Service Control Manager [7009] - En timeout (30000 ms) inträffade vid väntan på att tjänsten WMI Performance Adapter ska ansluta.

2013-01-19 10:47:01, error: Service Control Manager [7000] - Tjänsten WMI Performance Adapter kunde inte startas på grund av följande fel: Tjänsten svarade inte på start- eller kontrollbegäran i tid.

2013-01-19 10:45:15, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-19 10:45:15, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-19 10:45:15, error: Service Control Manager [7000] - Tjänsten Iomega Activity Disk2 kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-19 10:45:14, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-19 10:45:14, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-19 10:45:14, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-18 18:06:48, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-18 18:06:48, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-18 18:06:48, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-18 18:06:48, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-18 18:06:48, error: Service Control Manager [7000] - Tjänsten Iomega Activity Disk2 kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-18 18:06:48, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-18 17:07:05, error: Service Control Manager [7026] - Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: Lbd

2013-01-18 17:05:53, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-18 17:05:53, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-18 17:05:53, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-18 17:05:53, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-18 17:05:53, error: Service Control Manager [7000] - Tjänsten Iomega Activity Disk2 kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-18 17:05:53, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-18 12:39:01, error: Service Control Manager [7026] - Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: Lbd

2013-01-18 12:37:46, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-18 12:37:46, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-18 12:37:46, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-18 12:37:46, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-18 12:37:46, error: Service Control Manager [7000] - Tjänsten Iomega Activity Disk2 kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-18 12:37:46, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-18 10:44:59, error: Service Control Manager [7026] - Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: Lbd

2013-01-18 10:43:33, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-18 10:43:33, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-18 10:43:33, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-18 10:43:33, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-18 10:43:33, error: Service Control Manager [7000] - Tjänsten Iomega Activity Disk2 kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-18 10:43:33, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-17 17:48:50, error: Service Control Manager [7026] - Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: Lbd

2013-01-17 17:47:46, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-17 17:47:46, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-17 17:47:46, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-17 17:47:46, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-17 17:47:46, error: Service Control Manager [7000] - Tjänsten Iomega Activity Disk2 kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-17 17:47:46, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-17 17:28:53, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-17 17:28:01, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-17 17:12:18, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-17 17:10:36, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-17 17:10:35, error: Service Control Manager [7034] - Tjänsten C-DillaSrv avslutades oväntat. Detta har skett 1 gånger.

2013-01-17 17:09:22, error: TermService [1036] - Det gick inte att skapa Terminal Server-sessionen. Statuskod: 0xC0000034.

2013-01-17 17:09:20, error: Service Control Manager [7026] - Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: Lbd

2013-01-17 17:08:13, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-17 17:08:13, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-17 17:08:13, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-17 17:08:13, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-17 17:08:13, error: Service Control Manager [7000] - Tjänsten Iomega Activity Disk2 kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-17 17:08:13, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-17 17:00:35, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-17 16:43:21, error: Service Control Manager [7034] - Tjänsten C-DillaSrv avslutades oväntat. Detta har skett 1 gånger.

2013-01-17 16:43:21, error: Service Control Manager [7031] - Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

2013-01-17 10:48:57, error: Service Control Manager [7026] - Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: Lbd

2013-01-17 10:47:55, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-17 10:47:55, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-17 10:47:55, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-17 10:47:55, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-17 10:47:55, error: Service Control Manager [7000] - Tjänsten Iomega Activity Disk2 kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-17 10:47:55, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-16 13:33:10, error: Service Control Manager [7026] - Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: Lbd

2013-01-16 13:31:55, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-16 13:31:55, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-16 13:31:55, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-16 13:31:55, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-16 13:31:55, error: Service Control Manager [7000] - Tjänsten Iomega Activity Disk2 kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-16 13:31:55, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-16 11:32:42, error: Service Control Manager [7026] - Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: IdeBusDr IdeChnDr IntelIde Lbd

2013-01-16 11:32:12, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-16 11:32:12, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-16 11:32:12, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-16 11:32:12, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-16 11:32:12, error: Service Control Manager [7000] - Tjänsten Iomega Activity Disk2 kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-16 11:32:12, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-15 19:20:13, error: Service Control Manager [7009] - En timeout (30000 ms) inträffade vid väntan på att tjänsten Application Layer Gateway Service ska ansluta.

2013-01-15 19:20:13, error: Service Control Manager [7000] - Tjänsten Application Layer Gateway Service kunde inte startas på grund av följande fel: Tjänsten svarade inte på start- eller kontrollbegäran i tid.

2013-01-15 19:18:54, error: Service Control Manager [7026] - Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: Lbd

2013-01-15 19:17:52, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-15 19:17:52, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-15 19:17:52, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-15 19:17:52, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-15 19:17:52, error: Service Control Manager [7000] - Tjänsten Iomega Activity Disk2 kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-15 19:17:52, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-15 17:02:08, error: Service Control Manager [7009] - En timeout (30000 ms) inträffade vid väntan på att tjänsten WMI Performance Adapter ska ansluta.

2013-01-15 17:02:08, error: Service Control Manager [7000] - Tjänsten WMI Performance Adapter kunde inte startas på grund av följande fel: Tjänsten svarade inte på start- eller kontrollbegäran i tid.

2013-01-15 17:01:30, error: Service Control Manager [7026] - Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: Lbd

2013-01-15 17:00:35, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-15 17:00:35, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-15 17:00:35, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-15 17:00:35, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-15 17:00:35, error: Service Control Manager [7000] - Tjänsten Iomega Activity Disk2 kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-15 17:00:35, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-15 16:55:53, error: Windows Update Agent [20] - Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x80246007: Säkerhetsuppdatering för Internet Explorer 8 för Windows XP (KB2799329).

2013-01-15 14:54:41, error: Service Control Manager [7026] - Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: IdeBusDr IdeChnDr IntelIde Lbd

2013-01-15 14:54:03, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-15 14:54:03, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-15 14:54:03, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-15 14:54:03, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-15 14:54:03, error: Service Control Manager [7000] - Tjänsten Iomega Activity Disk2 kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-15 14:54:03, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-15 13:22:18, error: Service Control Manager [7026] - Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: Lbd

2013-01-15 13:21:13, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-15 13:21:13, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-15 13:21:13, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-15 13:21:13, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-15 13:21:13, error: Service Control Manager [7000] - Tjänsten Iomega Activity Disk2 kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-15 13:21:13, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-15 10:28:15, error: Service Control Manager [7026] - Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: Lbd

2013-01-15 10:26:52, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-15 10:26:52, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-15 10:26:52, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-15 10:26:52, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-15 10:26:52, error: Service Control Manager [7000] - Tjänsten Iomega Activity Disk2 kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-15 10:26:52, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-14 23:15:09, error: Service Control Manager [7026] - Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: Lbd

2013-01-14 23:13:56, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-14 23:13:56, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-14 23:13:56, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-14 23:13:56, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-14 23:13:56, error: Service Control Manager [7000] - Tjänsten Iomega Activity Disk2 kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-14 23:13:56, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-14 17:33:17, error: Service Control Manager [7032] - Tjänsthanteraren försökte utföra en korrigeringsåtgärd (Starta om tjänsten) efter att tjänsten IBUpdaterService avslutats oväntat, men denna åtgärd misslyckades med följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-14 17:33:12, error: Service Control Manager [7031] - Tjänsten IBUpdaterService avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 5000 millisekunder: Starta om tjänsten.

2013-01-14 17:33:11, error: Service Control Manager [7034] - Tjänsten IB Updater avslutades oväntat. Detta har skett 1 gånger.

2013-01-14 11:27:30, error: Service Control Manager [7026] - Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: Lbd

2013-01-14 11:25:56, error: Service Control Manager [7023] - Tjänsten IPSEC Services avbröts med följande fel: Autentiseringstjänsten är okänd.

2013-01-14 11:25:56, error: Service Control Manager [7000] - Tjänsten WebClient kunde inte startas på grund av följande fel: %%1290

2013-01-14 11:25:56, error: Service Control Manager [7000] - Tjänsten USB 2.0 Capture kunde inte startas på grund av följande fel: Tjänsten kan inte startas. Anledningen är antingen att tjänsten är spärrad eller att inga aktiva enheter är associerade med den.

2013-01-14 11:25:56, error: Service Control Manager [7000] - Tjänsten PLFlash DeviceIoControl Service kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-14 11:25:56, error: Service Control Manager [7000] - Tjänsten Iomega Activity Disk2 kunde inte startas på grund av följande fel: Det går inte att hitta filen.

2013-01-14 11:25:56, error: Service Control Manager [7000] - Tjänsten adfs kunde inte startas på grund av följande fel: Det går inte att hitta filen.

.

==== End Of File ===========================

[stisjo]

Här kommer forts.

 

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_38

Run by Administratör at 12:08:10 on 2013-01-21

Microsoft Windows XP Professional 5.1.2600.3.1252.44.1053.18.1015.282 [GMT 1:00]

.

AV: Panda Global Protection 2013 *Enabled/Updated* {8BF935E7-731F-4115-B7A5-789FF5087595}

FW: Panda Personal Firewall 2013 *Enabled*

.

============== Running Processes ================

.

C:\Program\Windows Defender\MsMpEng.exe

C:\Program\Panda Security\Panda Global Protection 2013\TPSrv.exe

C:\PROGRAM\PANDA SECURITY\PANDA GLOBAL PROTECTION 2013\WebProxy.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Delade filer\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE

C:\Program\Google\Update\GoogleUpdate.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\CDBurnerXP\NMSAccessU.exe

C:\Program\Panda Security\Panda Global Protection 2013\PsCtrls.exe

C:\Program\Panda Security\Panda Global Protection 2013\PavFnSvr.exe

C:\Program\Delade filer\Panda Security\PavShld\pavprsrv.exe

C:\Program\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe

C:\Program\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC.exe

c:\program\panda security\panda global protection 2013\firewall\PSHOST.EXE

C:\Program\Panda Security\Panda Global Protection 2013\PsImSvc.exe

C:\Program\Google\Update\1.3.21.124\GoogleCrashHandler.exe

C:\Program\Panda Security\Panda Global Protection 2013\PskSvc.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\Program\Windows Media Player\WMPNetwk.exe

C:\Program\Panda Security\Panda Global Protection 2013\pavsrvx86.exe

C:\Program\Panda Security\Panda Global Protection 2013\AVENGINE.EXE

C:\WINDOWS\System32\alg.exe

C:\program\alpha networks\aniwzcs service\wzcsldr.exe

C:\Program\Panda Security\Panda Global Protection 2013\APVXDWIN.EXE

C:\Program\On2Share\On2Share MediaServer.exe

C:\Program\Panda Security\Panda Global Protection 2013\SRVLOAD.EXE

C:\Program\Panda Security\Panda Global Protection 2013\PavBckPT.exe

C:\WINDOWS\explorer.exe

C:\Program\Microsoft\BingBar\7.1.391.0\SeaPort.exe

C:\Program\Google\Chrome\Application\chrome.exe

C:\Program\Google\Chrome\Application\chrome.exe

C:\Program\Google\Chrome\Application\chrome.exe

C:\Program\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k rpcss

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\svchost.exe -k netsvcs

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxps://www.google.se/

uDefault_Search_URL = hxxp://www.google.com

mStart Page = hxxp://www.google.com

mSearch Bar = hxxp://www.google.com

BHO: Länkhjälp till Adobe PDF Reader: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Videoraptor_WebRipPlugin Class: {3C0372C2-04C3-4100-BAB1-1D42C552BC48} - c:\program\rapidsolution\audialsone\videoraptor\plugins\ie\VR_WebRipIePlugin.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program\java\jre6\bin\ssv.dll

BHO: Tunebite_WebRipPlugin Class: {AA102584-3B97-47e7-B9BC-75D54C110A7D} - c:\program\rapidsolution\audialsone\tunebite\plugins\ie\TB_WebRipIePlugin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program\google\googletoolbarnotifier\5.7.8313.1002\swg.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program\microsoft\bingbar\7.1.391.0\BingExt.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program\java\jre6\bin\jp2ssv.dll

BHO: Google Gears Helper: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - c:\program\google\google gears\internet explorer\0.5.36.0\gears.dll

BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program\google\google toolbar\GoogleToolbar_32.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\google toolbar\GoogleToolbar_32.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

uRun: [On2Share] c:\program\on2share\On2Share MediaServer.exe -no-notifywnd

uRun: [swg] "c:\program\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

mRun: [ANIWZCSService] "c:\program\alpha networks\aniwzcs service\wzcsldr.exe"

mRun: [APVXDWIN] "c:\program\panda security\panda global protection 2013\APVXDWIN.EXE" /s

mRun: [sCANINICIO] "c:\program\panda security\panda global protection 2013\Inicio.exe"

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

uPolicies-Explorer: NoDriveTypeAutoRun = dword:323

uPolicies-Explorer: NoDrives = dword:0

uPolicies-Explorer: NoDriveAutoRun = dword:67108863

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_32.CAB

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab

DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} - hxxp://www.nanoscan.com/as/cabs/ascstubie.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1350814211218

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1350681596703

DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab

DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} - hxxp://www.nanoscan.com/cabs/nanoinst.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab

DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} - hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab

DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E505599B-F37A-4849-A7B0-E0AAB5CB054C} - hxxps://gfs.nb.se/privat/bank/scripts/eid/NordeaSmartCard.cab

TCP: NameServer = 84.246.88.10 192.168.0.1

TCP: Interfaces\{F3A897BE-584F-43F8-A577-BB598F76AAC2} : DHCPNameServer = 84.246.88.10 192.168.0.1

Notify: avldr - avldr.dll

Notify: igfxcui - igfxsrvc.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - c:\program\windows defender\MpShHook.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program\google\chrome\application\24.0.1312.52\installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

============= SERVICES / DRIVERS ===============

.

R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [2012-12-25 26696]

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2013-1-15 368616]

R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2013-1-15 342168]

R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2013-1-15 909728]

R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [2012-12-25 83528]

R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [2012-12-25 53256]

R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [2012-12-25 22024]

R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [2012-12-25 193864]

R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [2012-12-25 159112]

R1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\drivers\PCTSD.sys [2013-1-15 202280]

R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [2012-12-25 37448]

R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [2012-12-25 46856]

R2 AmFSM;AmFSM;c:\windows\system32\drivers\amm8651.sys [2012-12-25 63240]

R2 Panda Software Controller;Panda Software Controller;c:\program\panda security\panda global protection 2013\PsCtrlS.exe [2012-12-25 177440]

R2 PAVFNSVR;Panda Function Service;c:\program\panda security\panda global protection 2013\PavFnSvr.exe [2012-12-25 202016]

R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [2012-12-25 164488]

R2 PavPrSrv;Panda Process Protection Service;c:\program\delade filer\panda security\pavshld\PavPrSrv.exe [2012-12-25 62768]

R2 PAVSRV;Panda On-Access Anti-Malware Service;c:\program\panda security\panda global protection 2013\pavsrvx86.exe [2012-12-25 313664]

R2 PhoneMyPC_Helper;PhoneMyPC_Helper;c:\program\softwareforme inc\phonemypc\PhoneMyPC_Helper.exe [2010-8-22 31232]

R2 PskSvcRetail;Panda PSK service;c:\program\panda security\panda global protection 2013\psksvc.exe [2012-12-25 28992]

R2 WinDefend;Windows Defender;c:\program\windows defender\MsMpEng.exe [2006-11-3 13592]

R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]

R3 BBUpdate;BBUpdate;c:\program\microsoft\bingbar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]

R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;c:\windows\system32\drivers\neti1644.sys [2012-12-25 201032]

R3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\pavsrk.sys --> c:\windows\system32\PavSRK.sys [?]

R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\pavtpk.sys --> c:\windows\system32\PavTPK.sys [?]

R3 rt2870;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;c:\windows\system32\drivers\Drt2870.sys [2010-11-10 779136]

S2 BBSvc;BingBar Service;c:\program\microsoft\bingbar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 DCamUSB20;USB 2.0 Capture;c:\windows\system32\drivers\CsMini20.sys [2007-12-15 46216]

S3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program\adobe\elements organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]

S3 ComFiltr;Panda Anti-Dialer;c:\windows\system32\drivers\COMFiltr.sys [2012-12-25 13880]

S3 csaudio;USB2.0 Audio Device Driver;c:\windows\system32\drivers\csaud.sys [2007-12-15 11008]

S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2011-5-17 20032]

S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2009-10-24 36608]

S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2007-12-11 14336]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2012-6-3 121064]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2012-6-3 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2012-6-3 136808]

S3 TdsNordecr;Nordea NCR1 SmartCard Reader;c:\windows\system32\drivers\nordecr.sys [2007-10-30 23040]

S3 TodosAgmII;Driver for Todos Argos Mini II;c:\windows\system32\drivers\AgmIIusb.sys [2008-2-16 18176]

S3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM108.sys [2012-2-20 1522176]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== File Associations ===============

.

.txt: <filetype is not registered>

FileExt: .vbe: VBEFile=c:\program\pandas~1\pandag~1\PAVSCRIP.EXE "%1" %*

FileExt: .vbs: VBSFile=c:\program\pandas~1\pandag~1\PAVSCRIP.EXE "%1" %*

FileExt: .js: jsfile=c:\program\pandas~1\pandag~1\PAVSCRIP.EXE "%1" %*

FileExt: .jse: JSEFile=c:\program\pandas~1\pandag~1\PavScrip.exe "%1" %*

FileExt: .wsf: WSFFile=c:\program\pandas~1\pandag~1\PavScrip.exe "%1" %*

.

=============== Created Last 30 ================

.

2013-01-21 10:08:01 60872 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{78b4febb-8ca9-4477-8dd7-a0bae87678c5}\offreg.dll

2013-01-18 16:53:06 -------- d-----w- C:\_OTL

2013-01-18 09:52:49 6991832 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{78b4febb-8ca9-4477-8dd7-a0bae87678c5}\mpengine.dll

2013-01-17 15:44:32 -------- d-sha-r- C:\cmdcons

2013-01-17 15:40:19 98816 ----a-w- c:\windows\sed.exe

2013-01-17 15:40:19 256000 ----a-w- c:\windows\PEV.exe

2013-01-17 15:40:19 208896 ----a-w- c:\windows\MBR.exe

2013-01-17 10:42:03 -------- d-----w- c:\documents and settings\all users\application data\WinZipSE

2013-01-17 10:41:55 -------- d-----w- c:\program\WinZip Self-Extractor

2013-01-16 12:38:48 -------- d-----w- c:\program\Systweak

2013-01-16 12:24:57 12 ----a-w- c:\windows\system32\ASOROSet.bin

2013-01-15 17:56:05 909728 ----a-w- c:\windows\system32\drivers\pctEFA.sys

2013-01-15 17:56:05 342168 ----a-w- c:\windows\system32\drivers\pctDS.sys

2013-01-15 17:55:09 368616 ----a-w- c:\windows\system32\drivers\PCTCore.sys

2013-01-15 17:55:09 163288 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys

2013-01-15 17:54:39 202280 ----a-w- c:\windows\system32\drivers\PCTSD.sys

2013-01-15 17:54:33 -------- d-----w- c:\program\delade filer\PC Tools

2013-01-15 17:50:51 -------- d-----w- c:\documents and settings\all users\application data\PC Tools

2013-01-15 17:50:21 -------- d-----w- c:\documents and settings\administratör\application data\TestApp

2013-01-14 16:34:23 15360 ----a-w- c:\windows\Launcher.exe

2013-01-14 16:33:35 -------- d-----w- c:\documents and settings\administratör\lokala inställningar\application data\SimplyTech

2013-01-07 15:11:01 -------- dc-h--w- c:\windows\ie8

2013-01-07 14:29:25 -------- d-----w- c:\program\Microsoft

2013-01-02 17:43:35 -------- d-----w- c:\documents and settings\all users\application data\23399

2012-12-25 13:31:53 13880 ----a-w- c:\windows\system32\drivers\COMFiltr.sys

2012-12-25 13:23:01 729424 ----a-w- c:\windows\system32\wodSFTP.dll

2012-12-25 13:23:01 672024 ----a-w- c:\windows\system32\wodKeys.dll

2012-12-25 13:22:53 284940 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT

2012-12-25 13:22:45 53256 ----a-w- c:\windows\system32\drivers\dsaflt.sys

2012-12-25 13:22:45 46856 ----a-w- c:\windows\system32\drivers\wnmflt.sys

2012-12-25 13:22:45 193864 ----a-w- c:\windows\system32\drivers\idsflt.sys

2012-12-25 13:22:11 83528 ----a-w- c:\windows\system32\drivers\APPFLT.SYS

2012-12-25 13:22:11 22024 ----a-w- c:\windows\system32\drivers\fnetmon.sys

2012-12-25 13:22:11 159112 ----a-w- c:\windows\system32\drivers\NETFLTDI.SYS

2012-12-25 13:21:59 26696 ----a-w- c:\windows\system32\drivers\pavboot.sys

2012-12-25 13:21:24 54832 ----a-w- c:\windows\system32\pavcpl.cpl

2012-12-25 11:39:08 -------- d-----w- C:\SMCLpav

2012-12-24 14:44:40 -------- d-----w- C:\backup

2012-12-24 12:52:21 -------- d-----w- c:\program\Microsoft Corporation

.

==================== Find3M ====================

.

2012-12-21 17:52:00 859072 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-12-21 17:51:59 779704 ----a-w- c:\windows\system32\deployJava1.dll

2012-12-19 10:08:25 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-12-11 22:37:50 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-11 22:37:50 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-03 12:50:40 371200 ----a-w- c:\windows\system32\SearchIndexer.dll

2012-12-03 12:50:40 269824 ----a-w- c:\windows\system32\SearchEngine.rs

2012-11-16 10:08:28 518432 ----a-w- c:\windows\system32\PavSHook.dll

2012-11-13 11:55:15 1866368 ------w- c:\windows\system32\win32k.sys

2012-11-09 15:51:52 466008 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-11-06 02:00:56 1371648 ------w- c:\windows\system32\msxml6.dll

2012-11-02 02:04:00 375296 ------w- c:\windows\system32\dpnet.dll

2012-11-01 12:13:01 916992 ----a-w- c:\windows\system32\wininet.dll

2012-11-01 12:13:01 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-11-01 12:13:01 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-01 00:35:48 385024 ----a-w- c:\windows\system32\html.iec

2012-10-29 11:10:02 4659712 ----a-w- c:\windows\system32\Redemption.dll

2012-10-29 11:09:26 821824 ----a-w- c:\windows\system32\dgderapi.dll

2012-10-29 11:09:26 45320 ----a-w- c:\windows\system32\MAMACExtract.dll

2012-10-29 11:09:26 319456 ----a-w- c:\windows\system32\DIFxAPI.dll

2012-10-29 11:09:26 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys

.

============= FINISH: 12:10:23,43 ===============

[stisjo]

här kommer otl

OTL logfile created on: 2013-01-21 12:13:33 - Run 4

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administratör\Skrivbord

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

1014,98 Mb Total Physical Memory | 480,96 Mb Available Physical Memory | 47,39% Memory free

2,01 Gb Paging File | 1,44 Gb Available in Paging File | 71,76% Paging File free

Paging file location(s): C:\pagefile.sys 1140 2280 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 74,53 Gb Total Space | 28,93 Gb Free Space | 38,82% Space Free | Partition Type: NTFS

Drive D: | 39,06 Gb Total Space | 38,14 Gb Free Space | 97,65% Space Free | Partition Type: NTFS

Drive E: | 39,06 Gb Total Space | 33,48 Gb Free Space | 85,71% Space Free | Partition Type: NTFS

Drive F: | 33,67 Gb Total Space | 15,29 Gb Free Space | 45,42% Space Free | Partition Type: NTFS

 

Computer Name: STIGSJ-6C6FD30E | User Name: Administratör | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Documents and Settings\Administratör\Skrivbord\OTL.exe (OldTimer Tools)

PRC - C:\Program\Google\Update\1.3.21.124\GoogleCrashHandler.exe (Google Inc.)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\ApVxdWin.exe (Panda Security, S.L.)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\PsCtrlS.exe (Panda Security, S.L.)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\TPSrv.exe (Panda Security, S.L.)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\PavFnSvr.exe (Panda Security, S.L.)

PRC - C:\Program\Microsoft\BingBar\7.1.391.0\SeaPort.EXE (Microsoft Corporation.)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\WebProxy.exe (Panda Security)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\PavBckPT.exe (Panda Security, S.L.)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\SrvLoad.exe (Panda Security, S.L.)

PRC - C:\Program\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe (SoftwareForMe Inc)

PRC - C:\Program\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC.exe (SoftwareForMe Inc)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\pavsrvx86.exe (Panda Security, S.L.)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\AVENGINE.EXE (Panda Security, S.L.)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\psksvc.exe (Panda Security, S.L.)

PRC - C:\Program\Delade filer\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

PRC - C:\Program\CDBurnerXP\NMSAccessU.exe ()

PRC - c:\Program\Panda Security\Panda Global Protection 2013\FIREWALL\PSHost.exe (Panda Security International)

PRC - C:\Program\On2Share\On2Share MediaServer.exe (On2Trade)

PRC - C:\Program\Panda Security\Panda Global Protection 2013\PsImSvc.exe (Panda Security S.L.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program\Delade filer\Panda Security\PavShld\PavPrSrv.exe (Panda Security, S.L.)

PRC - C:\Program\Windows Defender\MsMpEng.exe (Microsoft Corporation)

PRC - C:\Program\Alpha Networks\ANIWZCS Service\WZCSLDR.exe (Alpha Networks Inc.)

PRC - C:\WINDOWS\system32\drivers\CDANTSRV.EXE (C-Dilla Ltd)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f43e890d874ef521aba51f76f64cd97b\System.ServiceProcess.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\4c91371e83d124ecb39664613e7e0417\System.Windows.Forms.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll ()

MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_1ee24694\mscorlib.dll ()

MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_6e5ee10b\system.drawing.dll ()

MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_f088942a\system.xml.dll ()

MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_78ee0e62\system.windows.forms.dll ()

MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_bf5e2e7b\system.dll ()

MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()

MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll ()

MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll ()

MOD - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\PDFShell.SVE ()

MOD - C:\Program\WinRAR\RarExt.dll ()

MOD - C:\Program\CDBurnerXP\NMSAccessU.exe ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_sv_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll ()

MOD - C:\WINDOWS\system32\msdmo.dll ()

MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll ()

MOD - c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_sv_b77a5c561934e089\mscorlib.resources.dll ()

MOD - c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll ()

MOD - C:\Program\Panda Security\Panda Global Protection 2013\MiniCrypto.dll ()

MOD - C:\Program\Panda Security\Panda Global Protection 2013\APIcr.dll ()

MOD - C:\Program\Panda Security\Panda Global Protection 2013\LIBXML2.DLL ()

 

 

========== Services (SafeList) ==========

 

SRV - (PLFlash DeviceIoControl Service) -- C:\WINDOWS\system32\IoctlSvc.exe File not found

SRV - (gusvc) -- C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe File not found

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (Panda Software Controller) -- C:\Program\Panda Security\Panda Global Protection 2013\PsCtrlS.exe (Panda Security, S.L.)

SRV - (TPSrv) -- C:\Program\Panda Security\Panda Global Protection 2013\TPSrv.exe (Panda Security, S.L.)

SRV - (Adobe LM Service) -- C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)

SRV - (PAVFNSVR) -- C:\Program\Panda Security\Panda Global Protection 2013\PavFnSvr.exe (Panda Security, S.L.)

SRV - (MozillaMaintenance) -- C:\Program\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (BBUpdate) -- C:\Program\Microsoft\BingBar\7.1.391.0\SeaPort.EXE (Microsoft Corporation.)

SRV - (BBSvc) -- C:\Program\Microsoft\BingBar\7.1.391.0\BBSvc.EXE (Microsoft Corporation.)

SRV - (PhoneMyPC_Helper) -- C:\Program\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe (SoftwareForMe Inc)

SRV - (PAVSRV) -- C:\Program\Panda Security\Panda Global Protection 2013\pavsrvx86.exe (Panda Security, S.L.)

SRV - (PskSvcRetail) -- C:\Program\Panda Security\Panda Global Protection 2013\psksvc.exe (Panda Security, S.L.)

SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program\Delade filer\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

SRV - (ACDaemon) -- C:\Program\Delade filer\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

SRV - (NMSAccess) -- C:\Program\CDBurnerXP\NMSAccessU.exe ()

SRV - (FLEXnet Licensing Service) -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)

SRV - (PSHost) -- c:\Program\Panda Security\Panda Global Protection 2013\FIREWALL\PSHost.exe (Panda Security International)

SRV - (AdobeActiveFileMonitor8.0) -- C:\Program\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)

SRV - (ServiceLayer) -- C:\Program\PC Connectivity Solution\ServiceLayer.exe (Nokia.)

SRV - (SupportSoft RemoteAssist) -- C:\Program\Delade filer\SupportSoft\bin\ssrc.exe (SupportSoft, Inc.)

SRV - (PSIMSVC) -- C:\Program\Panda Security\Panda Global Protection 2013\PsImSvc.exe (Panda Security S.L.)

SRV - (PavPrSrv) -- C:\Program\Delade filer\Panda Security\PavShld\PavPrSrv.exe (Panda Security, S.L.)

SRV - (ANIWZCSdService) -- C:\Program\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (Wireless Service)

SRV - (WinDefend) -- C:\Program\Windows Defender\MsMpEng.exe (Microsoft Corporation)

SRV - (C-DillaSrv) -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE (C-Dilla Ltd)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (sptd) -- C:\WINDOWS\\SystemRoot\System32\Drivers\sptd.sys File not found

DRV - (PDRFRAME) -- File not found

DRV - (PDRELI) -- File not found

DRV - (PDFRAME) -- File not found

DRV - (PDCOMP) -- File not found

DRV - (PCIDump) -- File not found

DRV - (PavTPK.sys) -- C:\WINDOWS\system32\PavTPK.sys File not found

DRV - (PavSRK.sys) -- C:\WINDOWS\system32\PavSRK.sys File not found

DRV - (mbr) -- C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\mbr.sys File not found

DRV - (lbrtfdc) -- File not found

DRV - (i2omgmt) -- File not found

DRV - (Changer) -- File not found

DRV - (catchme) -- C:\ComboFix\catchme.sys File not found

DRV - (AvFlt) -- C:\WINDOWS\system32\drivers\av5flt.sys File not found

DRV - (adfs) -- File not found

DRV - (ComFiltr) -- C:\WINDOWS\system32\drivers\COMFiltr.sys ()

DRV - (PCTSD) -- C:\WINDOWS\system32\drivers\PCTSD.sys (PC Tools)

DRV - (dgderdrv) -- C:\WINDOWS\system32\drivers\dgderdrv.sys (Devguru Co., Ltd)

DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)

DRV - (PavProc) -- C:\WINDOWS\system32\drivers\PavProc.sys (Panda Security, S.L.)

DRV - (AmFSM) -- C:\WINDOWS\system32\drivers\amm8651.sys (Panda Security, S.L.)

DRV - (pctEFA) -- C:\WINDOWS\system32\drivers\pctEFA.sys (PC Tools)

DRV - (pctDS) -- C:\WINDOWS\system32\drivers\pctDS.sys (PC Tools)

DRV - (tbhsd) -- C:\WINDOWS\system32\drivers\tbhsd.sys (RapidSolution Software AG)

DRV - (ssadmdm) -- C:\WINDOWS\system32\drivers\ssadmdm.sys (MCCI Corporation)

DRV - (ssadbus) -- C:\WINDOWS\system32\drivers\ssadbus.sys (MCCI Corporation)

DRV - (ssadmdfl) -- C:\WINDOWS\system32\drivers\ssadmdfl.sys (MCCI Corporation)

DRV - (ShldDrv) -- C:\WINDOWS\system32\drivers\ShlDrv51.sys (Panda Security, S.L.)

DRV - (APPFLT) -- C:\WINDOWS\system32\drivers\APPFLT.SYS (Panda Security, S.L.)

DRV - (IDSFLT) -- C:\WINDOWS\system32\drivers\idsflt.sys (Panda Security, S.L.)

DRV - (NETIMFLT01060044) -- C:\WINDOWS\system32\drivers\neti1644.sys (Panda Security, S.L.)

DRV - (pavboot) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)

DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()

DRV - (rt2870) -- C:\WINDOWS\system32\drivers\Drt2870.sys (Ralink Technology, Corp.)

DRV - (WNMFLT) -- C:\WINDOWS\system32\drivers\wnmflt.sys (Panda Security, S.L.)

DRV - (NETFLTDI) -- C:\WINDOWS\system32\drivers\NETFLTDI.SYS (Panda Security, S.L.)

DRV - (FNETMON) -- C:\WINDOWS\system32\drivers\fnetmon.sys (Panda Security, S.L.)

DRV - (DSAFLT) -- C:\WINDOWS\system32\drivers\dsaflt.sys (Panda Security, S.L.)

DRV - (RT61) -- C:\WINDOWS\system32\drivers\rt61.sys (Ralink Technology, Corp.)

DRV - (USBPNPA) -- C:\WINDOWS\system32\drivers\CM108.sys (C-Media Electronics Inc)

DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)

DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)

DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)

DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)

DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)

DRV - (STAC97) -- C:\WINDOWS\system32\drivers\STAC97.sys (SigmaTel, Inc.)

DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Sonic Solutions)

DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Sonic Solutions)

DRV - (TdsNordecr) -- C:\WINDOWS\system32\drivers\nordecr.sys (Todos Data System AB)

DRV - (SRS_SSCFilter) -- C:\WINDOWS\system32\drivers\SRS_SSCFilter_i386.sys ()

DRV - (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()

DRV - (TodosAgmII) -- C:\WINDOWS\system32\drivers\AgmIIusb.sys (Todos Data System AB)

DRV - (ANIO) -- C:\WINDOWS\system32\ANIO.sys (Alpha Networks Inc.)

DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)

DRV - (ARCSOFTVIRTUALCAPTURE) -- C:\WINDOWS\system32\drivers\ArcSoftVirtualCapture.sys (ArcSoft, Inc.)

DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)

DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()

DRV - (PCLEPCI) -- C:\WINDOWS\system32\drivers\Pclepci.sys (Pinnacle Systems GmbH)

DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)

DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)

DRV - (AN983) -- C:\WINDOWS\system32\drivers\an983.sys (ADMtek Incorporated.)

DRV - (cmudau) -- C:\WINDOWS\system32\drivers\cmudau.sys (C-Media Inc)

DRV - (csaudio) -- C:\WINDOWS\system32\drivers\csaud.sys (Windows ® 2000 DDK provider)

DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)

DRV - (DCamUSB20) -- C:\WINDOWS\system32\drivers\CsMini20.sys (Crescentec Corporation)

DRV - (IdeChnDr) -- C:\WINDOWS\system32\drivers\IdeChnDr.sys (Intel Corporation)

DRV - (IdeBusDr) -- C:\WINDOWS\system32\drivers\IdeBusDr.sys (Intel Corporation)

DRV - (iomdisk) -- C:\WINDOWS\system32\drivers\IomDisk.sys (Iomega Corporation)

DRV - (C-Dilla) -- C:\WINDOWS\system32\drivers\CDANT.SYS (Macrovision)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com'>http://www.google.com'>http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/'>http://www.google.com/

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.se/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 73 C8 1E FE DE CD 01 [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultengine: ""

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.defaultthis.engineName: ""

FF - prefs.js..browser.search.defaulturl: ""

FF - prefs.js..browser.search.order.1: ""

FF - prefs.js..browser.search.selectedEngine: ""

FF - prefs.js..browser.search.useDBForOrder: ""

FF - prefs.js..browser.startup.homepage: ""

FF - prefs.js..extensions.enabledAddons:

FF - prefs.js..extensions.enabledAddons:

FF - prefs.js..extensions.enabledAddons:

FF - prefs.js..extensions.enabledAddons:

FF - prefs.js..extensions.enabledAddons:

FF - prefs.js..extensions.enabledAddons:

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1: C:\WINDOWS\ [2013-01-21 11:06:16 | 000,000,000 | ---D | M]

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\tunebite-firefox-surf-and-catch-extension@audials.com: C:\Program\RapidSolution\AudialsOne\Tunebite\plugins\GeckoBased\tunebite-firefox-surf-and-catch-extension@audials.com\ [2008-12-05 20:01:01 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\videoraptor-firefox-surf-and-catch-extension@audials.com: C:\Program\RapidSolution\AudialsOne\VideoRaptor\plugins\GeckoBased\videoraptor-firefox-surf-and-catch-extension@audials.com\ [2008-12-05 22:34:06 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program\Google\Google Gears\Firefox\ [2010-03-06 10:29:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\39ffxtbr@MapsGalaxy_39.com: C:\Program\MapsGalaxy_39\bar\2.bin [2013-01-16 11:24:43 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program\Mozilla Firefox\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins

 

[2012-08-13 11:41:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administratör\Application Data\Mozilla\Extensions

[2013-01-18 17:59:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\3dnrt1ua.default\extensions

[2012-09-18 15:46:48 | 000,020,591 | ---- | M] () (No name found) -- C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\3dnrt1ua.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi

File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\{7473B6BD-4691-4744-A82B-7854EB3D70B6}

File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\CROSSRIDERAPP3491@CROSSRIDER.COM

File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\CROSSRIDERAPP4479@CROSSRIDER.COM

File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\FFXTLBR@FUNMOODS.COM

File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\FFXTLBR@INCREDIBAR.COM

File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATöR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\3DNRT1UA.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM

 

========== Chrome ==========

 

CHR - homepage: http://google.se/'>http://google.se/

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},

CHR - homepage: http://google.se/

CHR - plugin: Shockwave Flash (Enabled) = C:\Program\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program\Google\Chrome\Application\24.0.1312.52\pdf.dll

CHR - plugin: registryAccess (Enabled) = C:\Documents and Settings\Administrat\u00F6r\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo\7.15.9.29524_0\background/registryAccess.dll

CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Administrat\u00F6r\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.542_0\npbrowserext.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dll

CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program\Garmin GPS Plugin\npGarmin.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program\Google\Update\1.3.21.124\npGoogleUpdate3.dll

CHR - plugin: Java Platform SE 6 U38 (Enabled) = C:\Program\Java\jre6\bin\plugin2\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program\Microsoft Silverlight\4.1.10329.0\npctrl.dll

CHR - plugin: Nexus Personal (Enabled) = C:\Program\Personal\bin\np_prsnl.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll

CHR - plugin: Java Deployment Toolkit 7.0.100.18 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll

CHR - Extension: Google Dokument = C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.4_0\

CHR - Extension: Google Drive = C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: YouTube = C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: S\u00F6k p\u00E5 Google = C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Gmail = C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2013-01-21 11:05:24 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Länkhjälp till Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Videoraptor_WebRipPlugin Class) - {3C0372C2-04C3-4100-BAB1-1D42C552BC48} - C:\Program\RapidSolution\AudialsOne\VideoRaptor\plugins\IE\VR_WebRipIePlugin.dll (RapidSolution Software)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Tunebite_WebRipPlugin Class) - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program\RapidSolution\AudialsOne\Tunebite\plugins\IE\TB_WebRipIePlugin.dll (RapidSolution Software)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)

O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)

O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)

O4 - HKLM..\Run: [ANIWZCSService] c:\program\alpha networks\aniwzcs service\wzcsldr.exe (Alpha Networks Inc.)

O4 - HKLM..\Run: [APVXDWIN] C:\Program\Panda Security\Panda Global Protection 2013\APVXDWIN.EXE (Panda Security, S.L.)

O4 - HKLM..\Run: [sCANINICIO] C:\Program\Panda Security\Panda Global Protection 2013\Inicio.exe (Panda Security, S.L.)

O4 - HKCU..\Run: [On2Share] C:\Program\On2Share\On2Share MediaServer.exe (On2Trade)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab (DLM Control)

O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} http://www.nanoscan.com/as/cabs/ascstubie.cab (TotalScan Installer Class)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1350814211218 (WUWebControl Class)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1350681596703 (MUWebControl Class)

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)

O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} http://www.nanoscan.com/cabs/nanoinst.cab (NanoInstaller Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Reg Error: Value error.)

O16 - DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab (Microsoft Download Manager ActiveX control)

O16 - DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E505599B-F37A-4849-A7B0-E0AAB5CB054C} https://gfs.nb.se/privat/bank/scripts/eid/NordeaSmartCard.cab (ScriptPlayerRuntime Class)

O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_32.CAB (Reg Error: Key error.)

O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 84.246.88.10 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3A897BE-584F-43F8-A577-BB598F76AAC2}: DhcpNameServer = 84.246.88.10 192.168.0.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program\Delade filer\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\avldr: DllName - (avldr.dll) - C:\WINDOWS\System32\avldr.dll (On-Access Anti-Malware Scanner Sync)

O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)

O24 - Desktop WallPaper: C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program\Windows Defender\MpShHook.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011-01-29 10:58:11 | 000,000,083 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2013-01-20 12:20:55 | 000,350,915 | ---- | C] (Farbar) -- C:\Documents and Settings\Administratör\Skrivbord\FSS.exe

[2013-01-19 12:53:50 | 005,023,971 | R--- | C] (Swearware) -- C:\Documents and Settings\Administratör\Skrivbord\ComboFix.exe

[2013-01-18 17:53:06 | 000,000,000 | ---D | C] -- C:\_OTL

[2013-01-18 12:48:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administratör\Skrivbord\OTL.exe

[2013-01-17 16:44:32 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2013-01-17 16:40:19 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2013-01-17 16:40:19 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2013-01-17 16:40:19 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2013-01-17 16:40:19 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2013-01-17 16:39:37 | 000,000,000 | ---D | C] -- C:\Qoobox

[2013-01-17 12:32:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Skrivbord\reparations-mapp

[2013-01-17 11:42:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\WinZip Self-Extractor

[2013-01-17 11:42:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinZipSE

[2013-01-17 11:41:55 | 000,000,000 | ---D | C] -- C:\Program\WinZip Self-Extractor

[2013-01-16 15:38:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Google Chrome

[2013-01-16 13:53:39 | 000,688,992 | R--- | C] (Swearware) -- C:\Documents and Settings\Administratör\Skrivbord\dds.scr

[2013-01-16 13:39:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Systweak PhotoStudio

[2013-01-16 13:38:48 | 000,000,000 | ---D | C] -- C:\Program\Systweak

[2013-01-15 18:56:05 | 000,909,728 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctEFA.sys

[2013-01-15 18:56:05 | 000,342,168 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctDS.sys

[2013-01-15 18:55:09 | 000,368,616 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys

[2013-01-15 18:55:09 | 000,163,288 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys

[2013-01-15 18:54:39 | 000,202,280 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTSD.sys

[2013-01-15 18:54:33 | 000,000,000 | ---D | C] -- C:\Program\Delade filer\PC Tools

[2013-01-15 18:50:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools

[2013-01-15 18:50:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Application Data\TestApp

[2013-01-15 10:51:49 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administratör\Recent

[2013-01-14 17:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\SimplyTech

[2013-01-07 16:11:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8

[2013-01-07 15:37:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Start-meny\Program\Accessories

[2013-01-07 15:29:25 | 000,000,000 | ---D | C] -- C:\Program\Microsoft

[2013-01-02 18:43:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\23399

[2012-12-31 11:47:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokument\CrashDump

[2012-12-25 14:23:01 | 000,729,424 | ---- | C] (WeOnlyDo Software) -- C:\WINDOWS\System32\wodSFTP.dll

[2012-12-25 14:23:01 | 000,672,024 | ---- | C] (WeOnlyDo! COM) -- C:\WINDOWS\System32\wodKeys.dll

[2012-12-25 14:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Panda Security

[2012-12-25 14:22:45 | 000,193,864 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\idsflt.sys

[2012-12-25 14:22:45 | 000,053,256 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\dsaflt.sys

[2012-12-25 14:22:45 | 000,046,856 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\wnmflt.sys

[2012-12-25 14:22:11 | 000,159,112 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\NETFLTDI.SYS

[2012-12-25 14:22:11 | 000,083,528 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\APPFLT.SYS

[2012-12-25 14:22:11 | 000,022,024 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\fnetmon.sys

[2012-12-25 14:21:59 | 000,026,696 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys

[2012-12-25 14:21:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Panda Global Protection 2013

[2012-12-25 14:21:24 | 000,054,832 | ---- | C] (Panda Software) -- C:\WINDOWS\System32\pavcpl.cpl

[2012-12-25 14:20:53 | 000,193,344 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\TpUtil.dll

[2012-12-25 14:20:53 | 000,107,568 | ---- | C] (Panda Software) -- C:\WINDOWS\System32\SYSTOOLS.DLL

[2012-12-25 14:20:53 | 000,087,328 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\PavLspHook.dll

[2012-12-25 14:20:53 | 000,055,616 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\pavipc.dll

[2012-12-25 14:20:51 | 000,518,432 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\PavSHook.dll

[2012-12-25 14:20:49 | 000,201,032 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\neti1644.sys

[2012-12-25 14:20:48 | 000,063,240 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\amm8651.sys

[2012-12-25 14:20:48 | 000,055,552 | ---- | C] (On-Access Anti-Malware Scanner Sync) -- C:\WINDOWS\System32\avldr.dll

[2012-12-25 14:20:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PAV

[2012-12-25 14:20:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Application Data\Panda Security

[2012-12-25 14:20:11 | 000,164,488 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\PavProc.sys

[2012-12-25 14:20:11 | 000,037,448 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\ShlDrv51.sys

[2012-12-25 14:20:11 | 000,000,000 | ---D | C] -- C:\Program\Delade filer\Panda Security

[2012-12-25 12:39:08 | 000,000,000 | ---D | C] -- C:\SMCLpav

[2012-12-24 15:44:40 | 000,000,000 | ---D | C] -- C:\backup

[2012-12-24 13:52:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Start-meny\Program\Microsoft IE ActiveX Analyzer

[2012-12-24 13:52:21 | 000,000,000 | ---D | C] -- C:\Program\Microsoft Corporation

[2007-12-30 18:45:32 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Administratör\Application Data\pcouffin.sys

 

========== Files - Modified Within 30 Days ==========

 

[2013-01-21 12:30:00 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D72E822F-E36C-4726-9FDD-DD9DDF8793FE}.job

[2013-01-21 12:29:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{945E1A1C-D934-4536-B47B-493B51D098FB}.job

[2013-01-21 12:28:00 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B6A6AE5F-966C-457D-9979-2B9722D3F44D}.job

[2013-01-21 11:36:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013-01-21 11:11:01 | 000,620,460 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls.bck

[2013-01-21 11:11:01 | 000,620,460 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls

[2013-01-21 11:10:32 | 000,001,132 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG.bck

[2013-01-21 11:10:32 | 000,001,132 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG

[2013-01-21 11:10:32 | 000,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg.bck

[2013-01-21 11:10:32 | 000,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg

[2013-01-21 11:10:32 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg.bck

[2013-01-21 11:10:32 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg

[2013-01-21 11:10:32 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg.bck

[2013-01-21 11:10:32 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg

[2013-01-21 11:10:32 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg.bck

[2013-01-21 11:10:32 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg

[2013-01-21 11:07:02 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job

[2013-01-21 11:05:24 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2013-01-21 11:03:23 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cce125dd1eb61e.job

[2013-01-21 11:03:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013-01-21 10:29:00 | 000,284,940 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT.bck

[2013-01-21 10:28:58 | 000,284,940 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT

[2013-01-20 12:21:06 | 000,350,915 | ---- | M] (Farbar) -- C:\Documents and Settings\Administratör\Skrivbord\FSS.exe

[2013-01-20 11:59:48 | 000,000,833 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till chrome.lnk

[2013-01-20 11:25:27 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till wmplayer.lnk

[2013-01-19 23:35:24 | 000,000,566 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till WinRAR.lnk

[2013-01-19 15:31:44 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2013-01-19 14:59:32 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk

[2013-01-19 12:54:08 | 005,023,971 | R--- | M] (Swearware) -- C:\Documents and Settings\Administratör\Skrivbord\ComboFix.exe

[2013-01-18 12:49:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administratör\Skrivbord\OTL.exe

[2013-01-18 12:32:07 | 000,000,020 | ---- | M] () -- C:\Documents and Settings\Administratör\defogger_reenable

[2013-01-16 13:53:42 | 000,688,992 | R--- | M] (Swearware) -- C:\Documents and Settings\Administratör\Skrivbord\dds.scr

[2013-01-16 13:42:06 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Systweak PhotoStudio (2).lnk

[2013-01-16 13:31:17 | 000,000,012 | ---- | M] () -- C:\WINDOWS\System32\ASOROSet.bin

[2013-01-16 00:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\NeroLiveEpgUpdate-STIGSJ-6C6FD30E_Administratör.job

[2013-01-15 19:08:19 | 000,750,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB

[2013-01-15 17:15:26 | 000,000,211 | ---- | M] () -- C:\Boot.bak

[2013-01-15 12:05:25 | 000,002,303 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk

[2013-01-14 17:34:15 | 000,000,752 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent (2).lnk

[2013-01-14 17:34:12 | 000,001,731 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk

[2013-01-14 17:34:12 | 000,000,643 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Tweak UI (2).lnk

[2013-01-14 17:34:11 | 000,001,876 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Panda Global Protection 2013.lnk

[2013-01-14 17:34:10 | 000,002,427 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk

[2013-01-14 17:34:10 | 000,001,555 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\On2Share MediaServer.lnk

[2013-01-14 17:34:10 | 000,000,854 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Outlook Express (2).lnk

[2013-01-14 17:34:09 | 000,002,233 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero ShowTime (2).lnk

[2013-01-14 17:34:09 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2013-01-14 17:34:05 | 000,002,507 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft ActiveSync (2).lnk

[2013-01-14 17:34:05 | 000,001,606 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\MagicISO.lnk

[2013-01-14 17:34:02 | 000,002,025 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Earth.lnk

[2013-01-14 17:34:02 | 000,001,640 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Kalkylatorn (2).lnk

[2013-01-14 17:34:01 | 000,000,958 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till Photoshop.lnk

[2013-01-14 17:34:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till WINWORD.lnk

[2013-01-14 17:34:01 | 000,000,922 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till switch.lnk

[2013-01-14 17:34:01 | 000,000,871 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till ToolbarCleaner.exe.lnk

[2013-01-14 17:33:59 | 000,000,890 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till KiesAirMessage.lnk

[2013-01-14 17:33:58 | 000,000,776 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till BitLord.lnk

[2013-01-14 17:33:58 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till Idioten.lnk

[2013-01-14 17:33:55 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Garmin Lifetime Updater.lnk

[2013-01-14 17:33:53 | 000,000,969 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\ConvertXtoDVD 4.lnk

[2013-01-14 17:33:41 | 000,001,856 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Reader X.lnk

[2013-01-14 17:33:40 | 000,001,337 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Illustrator CS3 (2).lnk

[2013-01-14 17:33:40 | 000,001,048 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Photoshop Elements 8.0.lnk

[2013-01-14 17:33:38 | 000,002,234 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Illustrator CS (2).lnk

[2013-01-11 15:31:33 | 000,000,180 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\default.rss

[2013-01-11 15:28:53 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2013-01-09 20:01:31 | 001,447,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013-01-09 20:01:31 | 001,423,828 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat

[2013-01-09 20:01:31 | 000,521,692 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat

[2013-01-09 20:01:31 | 000,460,152 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013-01-08 12:56:35 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013-01-03 07:18:52 | 000,015,360 | ---- | M] () -- C:\WINDOWS\Launcher.exe

[2012-12-31 11:06:17 | 000,013,880 | ---- | M] () -- C:\WINDOWS\System32\drivers\COMFiltr.sys

[2012-12-25 15:10:02 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetLoc.wlt

[2012-12-25 15:05:23 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt.bck

[2012-12-25 15:05:23 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt

[2012-12-25 15:05:09 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAdapt.cfg.bck

[2012-12-25 15:05:09 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAdapt.cfg

[2012-12-25 14:38:54 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetLoc.wlt.bck

[2012-12-25 14:23:27 | 000,000,250 | ---- | M] () -- C:\WINDOWS\System32\PavCPL.dat

[2012-12-25 14:22:08 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Grundrensning.job

[2012-12-25 13:22:02 | 000,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC

[2012-12-22 19:18:48 | 004,445,680 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

 

========== Files Created - No Company Name ==========

 

[2013-01-20 11:59:48 | 000,000,833 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till chrome.lnk

[2013-01-20 11:25:27 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till wmplayer.lnk

[2013-01-19 23:35:24 | 000,000,566 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till WinRAR.lnk

[2013-01-18 12:31:13 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\Administratör\defogger_reenable

[2013-01-17 18:05:02 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk

[2013-01-17 16:44:41 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2013-01-17 16:44:36 | 000,260,272 | RHS- | C] () -- C:\cmldr

[2013-01-17 16:40:19 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2013-01-17 16:40:19 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2013-01-17 16:40:19 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2013-01-17 16:40:19 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2013-01-17 16:40:19 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2013-01-16 13:42:06 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Systweak PhotoStudio (2).lnk

[2013-01-16 13:24:57 | 000,000,012 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin

[2013-01-15 18:56:11 | 000,750,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB

[2013-01-14 17:34:23 | 000,015,360 | ---- | C] () -- C:\WINDOWS\Launcher.exe

[2013-01-07 16:18:14 | 000,000,907 | ---- | C] () -- C:\Documents and Settings\Administratör\Start-meny\Program\Internet Explorer.lnk

[2013-01-07 15:36:50 | 000,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D72E822F-E36C-4726-9FDD-DD9DDF8793FE}.job

[2013-01-03 22:20:05 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till Idioten.lnk

[2012-12-26 11:16:34 | 000,000,871 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Genväg till ToolbarCleaner.exe.lnk

[2012-12-25 14:31:53 | 000,013,880 | ---- | C] () -- C:\WINDOWS\System32\drivers\COMFiltr.sys

[2012-12-25 14:23:27 | 000,000,250 | ---- | C] () -- C:\WINDOWS\System32\PavCPL.dat

[2012-12-25 14:23:26 | 000,001,876 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\Panda Global Protection 2013.lnk

[2012-12-25 14:22:53 | 000,284,940 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT.bck

[2012-12-25 14:22:53 | 000,284,940 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT

[2012-12-25 14:22:53 | 000,001,132 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG.bck

[2012-12-25 14:22:53 | 000,001,132 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG

[2012-12-25 14:22:07 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Grundrensning.job

[2012-12-07 13:56:52 | 000,000,764 | ---- | C] () -- C:\Documents and Settings\Administratör\Genväg till Downloads.lnk

[2012-12-03 18:51:04 | 000,000,248 | ---- | C] () -- C:\Documents and Settings\Administratör\Ahmbed.gz

[2012-12-03 13:50:39 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\SearchEngine.dat

[2012-11-29 11:43:31 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc

[2012-11-18 23:42:36 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\recently-used.xbel

[2012-10-24 14:20:13 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ImHttpComm.dll

[2012-06-05 16:31:15 | 000,000,016 | ---- | C] () -- C:\WINDOWS\WinInit.ini.backup

[2012-02-25 14:58:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll

[2012-02-20 19:25:56 | 000,001,911 | ---- | C] () -- C:\WINDOWS\Cmudau.ini

[2012-02-20 19:25:55 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmdrvrmu.exe

[2012-02-20 19:25:55 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\cmdrvrmu.dll

[2012-02-20 18:09:22 | 000,000,939 | ---- | C] () -- C:\WINDOWS\Cm108.ini.cfg

[2012-02-20 18:08:09 | 000,001,096 | ---- | C] () -- C:\WINDOWS\cm108.ini

[2012-02-20 12:38:05 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll

[2012-02-15 22:46:59 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012-02-14 17:36:55 | 000,257,460 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2012-02-14 17:36:55 | 000,257,460 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2012-02-14 17:36:54 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin

[2012-02-14 17:36:24 | 002,294,198 | R--- | C] () -- C:\WINDOWS\System32\nvdata.bin

[2012-02-04 18:58:06 | 000,000,160 | ---- | C] () -- C:\WINDOWS\{9A5F1282-D6F8-4F04-B73E-D9286924E9AC}.ini

[2012-02-04 18:58:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\{9A5F1282-D6F8-4F04-B73E-D9286924E9AC}.ini

[2012-01-31 23:24:19 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll

[2011-11-17 17:36:48 | 000,298,106 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\WPFFontCache_v0400-S-1-5-21-448539723-1004336348-682003330-1010-0.dat

[2011-05-17 12:44:36 | 005,258,427 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\WPFFontCache_v0400-S-1-5-21-448539723-1004336348-682003330-500-0.dat

[2011-04-27 13:19:32 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe

[2011-04-27 13:19:30 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll

[2011-04-27 13:19:30 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll

[2011-04-27 13:19:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll

[2011-04-27 13:19:30 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll

[2011-04-04 22:19:04 | 000,499,862 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\WPFFontCache_v0400-System.dat

[2011-03-25 22:17:54 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[2011-02-17 15:31:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Graffiti5.2Pin.ini

[2011-02-16 13:39:29 | 000,012,208 | ---- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2011-01-23 14:30:23 | 000,194,248 | ---- | C] () -- C:\WINDOWS\System32\LTRFD13n.DLL

[2011-01-23 13:58:37 | 000,001,182 | ---- | C] () -- C:\WINDOWS\VFO.INI

[2010-11-10 18:26:48 | 000,000,258 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\ANICONFIG_{4F4EAB24-3DAD-4C46-AF21-65F3C49938CF}.ini

[2010-11-10 16:35:59 | 000,000,258 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\ANICONFIG_{20B17DE4-A899-46CA-9338-7F6B6544D8CD}.ini

[2010-11-06 18:59:31 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\burnaware.ini

[2010-08-16 22:05:09 | 000,000,153 | ---- | C] () -- C:\Documents and Settings\Administratör\.java.policy

[2010-02-12 16:15:58 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Administratör\tenmy.ini

[2009-10-24 16:46:09 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\$_hpcst$.hpc

[2009-01-24 12:00:00 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\NetworkService\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008-12-05 18:28:33 | 000,000,180 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\default.rss

[2008-12-05 18:28:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\downloads.m3u

[2008-11-11 18:49:08 | 000,001,440 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\filterclsid.dat

[2008-11-02 12:59:54 | 000,000,404 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Yin4Yang common Preferences

[2008-10-15 14:29:18 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\default.pls

[2008-01-27 12:27:58 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\vso_ts_preview.xml

[2007-12-30 18:45:32 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\inst.exe

[2007-12-30 18:45:32 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\pcouffin.cat

[2007-12-30 18:45:32 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\pcouffin.inf

[2007-12-25 18:07:50 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Administratör\.rnd

[2007-12-15 18:52:36 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt

[2007-12-13 18:50:54 | 000,074,240 | ---- | C] () -- C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2007-12-11 16:07:19 | 000,000,142 | ---- | C] () -- C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\fusioncache.dat

 

========== ZeroAccess Check ==========

 

[2007-12-11 16:06:11 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 17:04:47 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-02-09 11:56:00 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2008-04-14 17:04:54 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

========== LOP Check ==========

 

[2010-06-27 11:37:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\AceBIT

[2012-06-05 16:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Active Disk

[2010-08-16 22:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Agency9

[2012-12-10 17:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Azureus

[2012-11-18 23:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\BitLord

[2012-01-31 17:03:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Canneverbe Limited

[2012-11-20 18:19:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2008-11-11 10:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\CoSoSys

[2005-02-24 19:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\ctl3davi60

[2012-12-05 15:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\DAEMON Tools Pro

[2012-12-10 17:44:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\DataMgr

[2010-11-08 17:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\dBpoweramp

[2010-02-04 22:41:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Desktopicon

[2012-12-24 14:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Diino

[2012-12-10 15:19:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\DriverCure

[2010-07-13 19:26:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\DriverFinder

[2012-12-24 13:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\ElevatedDiagnostics

[2007-12-20 13:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\EPSON

[2013-01-18 18:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Funmoods

[2011-10-02 10:14:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\GARMIN

[2010-11-20 14:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\genline

[2012-01-03 20:37:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Gmote

[2012-12-04 17:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\High Speed Download

[2012-12-10 17:44:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\HMN

[2007-12-15 21:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Idioten

[2012-02-03 10:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\InfraRecorder

[2012-04-15 10:30:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\InterTrust

[2008-02-17 23:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\LEAPS

[2012-07-12 14:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Media Finder

[2012-11-08 22:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\MicroTorrent

[2010-11-17 16:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\MyHeritage

[2007-12-21 16:27:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\NCH Swift Sound

[2008-02-16 11:30:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Netscape

[2008-06-03 15:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Nikon

[2008-10-28 23:06:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Nokia

[2012-01-04 18:25:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\OfficeRecovery

[2008-01-21 11:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Opera

[2012-12-25 14:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Panda Security

[2012-12-10 15:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\ParetoLogic

[2008-10-28 23:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\PC Suite

[2008-02-03 16:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Pegasys Inc

[2012-12-11 12:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\PerformerSoft

[2008-02-16 11:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Personal

[2012-12-25 18:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\PriceGong

[2012-01-04 16:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\proDAD

[2009-02-24 13:57:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Publish Providers

[2012-11-18 23:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Python-Eggs

[2008-12-05 22:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\RapidSolution

[2012-11-25 13:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Samsung

[2012-12-10 17:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\SDIV 2.0

[2012-02-04 13:31:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Simple Star

[2012-04-23 22:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Softland

[2009-02-24 13:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Sony

[2012-11-20 14:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2008-12-06 13:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Steganos

[2013-01-18 16:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Systweak

[2012-06-03 15:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Temp

[2013-01-15 18:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\TestApp

[2012-11-13 13:40:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Thinstall

[2008-12-06 13:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\TuneUp Software

[2010-04-17 10:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\UDC Profiles

[2008-12-21 14:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Ulead Systems

[2013-01-18 17:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\uTorrent

[2012-02-05 16:19:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Vso

[2010-11-19 16:04:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Wireshark

[2012-11-20 18:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\YourFileDownloader

[2008-12-25 23:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\17148

[2009-01-30 13:25:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1738A

[2008-12-27 10:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\203A9

[2013-01-02 18:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\23399

[2008-12-26 18:49:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2E167

[2009-01-12 19:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\3133C

[2008-11-19 15:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4D

[2012-07-30 16:43:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Altova

[2012-12-12 15:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Backup

[2012-07-12 15:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess

[2012-01-31 17:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited

[2012-12-05 14:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

[2010-12-03 13:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dis

[2010-08-31 14:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Boost

[2010-07-08 14:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz

[2012-12-10 17:52:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverGenius

[2012-02-01 14:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easy Driver Pro

[2012-03-02 16:07:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON

[2007-12-18 18:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData

[2008-11-25 16:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN

[2012-12-10 17:52:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HardwareHelper

[2012-06-04 15:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations

[2011-11-28 16:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate

[2010-11-17 17:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MyHeritage

[2009-01-16 10:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound

[2008-11-08 16:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia

[2012-12-25 14:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security

[2010-10-23 22:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Software

[2013-01-18 16:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic

[2010-10-25 21:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters

[2011-06-30 14:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite

[2012-02-04 13:31:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PhotoShow Shared Assets

[2011-02-16 15:29:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle

[2008-01-24 16:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio

[2010-03-03 12:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Ultimate

[2010-01-04 18:00:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Ultimate Collection

[2011-11-28 16:37:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium

[2008-11-22 16:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PY_Software

[2012-02-27 23:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RapidSolution

[2012-11-20 12:55:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe

[2012-11-25 13:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung

[2007-12-13 16:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\sentinel

[2007-12-15 21:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simple Star

[2009-03-04 17:44:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc

[2008-05-07 17:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Smith Micro

[2009-02-06 17:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SRS Labs

[2008-10-26 15:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Storegate

[2012-01-04 13:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft

[2013-01-14 18:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer

[2007-12-20 13:23:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL

[2009-01-22 12:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems

[2008-01-26 17:57:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk

[2012-12-13 15:37:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip

[2013-01-17 11:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZipSE

[2012-02-13 20:44:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{09CD02A5-5ACC-4B34-8513-DD8BE7C2BD49}

[2011-09-11 18:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2012-07-12 15:26:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{6F1B3060-90C7-4F21-AFFB-07B6150C73EA}

[2012-02-28 22:53:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}

[2010-04-02 15:13:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{92E7A367-8E12-4830-AA70-29C32E331A81}

[2012-02-12 14:42:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{EB671835-6422-466B-8921-A8F0B0393387}

 

========== Purity Check ==========

 

 

 

< End of report >

[Cecilia]

1. Är Spyware Doctor eller något annat program från PC Tools fortfarande installerat?

Jag undrar eftersom det är flera drivrutiner från PC Tools som körs.

 

2. Läs sidan https://support.google.com/chrome/bin/answer.py?hl=sv&answer=142064&p=cpn_plugins för att ta reda på hur du inaktiverar plugin-program i Google Chrome. Inaktivera dessa två:

registryAccess

Injovo Extension Plugin

 

3. Kontrollpanelen - Administrationsverktyg - Tjänster

Leta upp dessa två tjänster:

PLFlash DeviceIoControl Service

adfs

Dubbelklicka på en i taget och ändra "Startmetod" till "Inaktiverad".

Så blir du av med två av felmeddelandena som kommer i Loggboken under varje start av Windows.

 

4. Är det problem med att stänga av datorn?

 

5. Skanna datorn online på http://www.eset.com/onlinescan/

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

 

Avbocka alternativet Remove found threats

Bocka för Scan Archives

 

Klicka på Advanced Settings

Bocka för:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

 

Klicka på Scan

 

När skanningen är klar kopiera resultatet och klistra sedan in det i ditt svar.

[stisjo]

1. Är Spyware Doctor eller något annat program från PC Tools fortfarande installerat?

Jag undrar eftersom det är flera drivrutiner från PC Tools som körs.

 

2. Läs sidan https://support.google.com/chrome/bin/answer.py?hl=sv&answer=142064&p=cpn_plugins för att ta reda på hur du inaktiverar plugin-program i Google Chrome. Inaktivera dessa två:

registryAccess

Injovo Extension Plugin

 

3. Kontrollpanelen - Administrationsverktyg - Tjänster

Leta upp dessa två tjänster:

PLFlash DeviceIoControl Service

adfs

Dubbelklicka på en i taget och ändra "Startmetod" till "Inaktiverad".

Så blir du av med två av felmeddelandena som kommer i Loggboken under varje start av Windows.

 

4. Är det problem med att stänga av datorn?

 

5. Skanna datorn online på http://www.eset.com/onlinescan/

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

 

Avbocka alternativet Remove found threats

Bocka för Scan Archives

 

Klicka på Advanced Settings

Bocka för:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

 

Klicka på Scan

 

När skanningen är klar kopiera resultatet och klistra sedan in det i ditt svar.

Hej Cecilia

jag hittade 2 mappar med pc tools med uninstall-filer men dom fungerade inte

så jag lyfte ut dom i papperskorgen

plflash har jag inaktiverat

adfs hittade jag inte

jag hittade inte registryaccess eller injovo bland plugin i chrome

stisjo

[stisjo]

Hej Cecilia

jag hittade 2 mappar med pc tools med uninstall-filer men dom fungerade inte

så jag lyfte ut dom i papperskorgen

plflash har jag inaktiverat

adfs hittade jag inte

jag hittade inte registryaccess eller injovo bland plugin i chrome

stisjo

Svar på frågan om datan var svår att avsluta är väl ett "nja sådär"

sen försökte jag skanna datorn på eset men den laddade ner programmet!

skall jag köra därifrån, den började scanna efter

Avbocka alternativet Remove found threats

Bocka för Scan Archives skall jag låta den fortsätta därifrån

stisjo

[Cecilia]

Du måste se till att välja under Advanced Settings.

[stisjo]

Du måste se till att välja under Advanced Settings.

Hej Cecilia!

jag hittade advanced och här kommer resultatet

stisjo

 

C:\Documents and Settings\Administratör\Skrivbord\Mina program\REPARATION AV DATA\FixMyRegistry.exe Win32/Bundled.Toolbar.Ask application

C:\Program\1ClickDownload\ocmainpack.exe Win32/Adware.1ClickDownload.E application

C:\Program\Claro LTD\claro\1.8.3.10\escortShld.dll Win32/Toolbar.Funmoods application

C:\Program\Giant Savings\Giant Savings.dll Win32/Toolbar.CrossRider application

C:\Program\YourFileDownloader\uninstall.exe a variant of Win32/YourFileDownloader.A application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP491\A0132165.exe a variant of Win32/BitCoinMiner.O application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP492\A0132206.exe a variant of Win32/BitCoinMiner.O application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP493\A0132221.exe Win32/InstalleRex.E.Gen application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP493\A0132236.exe a variant of Win32/BitCoinMiner.O application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP493\A0133237.exe a variant of Win32/BitCoinMiner.O application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP494\A0133258.exe a variant of Win32/BitCoinMiner.O application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP494\A0134257.exe a variant of Win32/BitCoinMiner.O application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP495\A0134544.exe a variant of Win32/BitCoinMiner.O application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP495\A0135544.exe a variant of Win32/BitCoinMiner.O application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP496\A0136552.exe a variant of Win32/BitCoinMiner.O application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP496\A0136585.exe a variant of Win32/BitCoinMiner.O application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP496\A0136586.exe a variant of Win32/BitCoinMiner.O application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP503\A0137775.exe a variant of Win32/ExpressFiles.B application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP518\A0141379.dll a variant of Win32/Adware.Yontoo.A application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP518\A0141381.dll a variant of Win32/Adware.Yontoo.B application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP523\A0141582.dll a variant of Win32/Toolbar.CrossRider.A application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP523\A0141583.exe probably a variant of Win32/Injector.AAAD trojan

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP523\A0141584.dll Win32/Toolbar.Funmoods application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP523\A0141585.dll Win32/Toolbar.Funmoods application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP523\A0141586.exe Win32/Toolbar.Funmoods application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP523\A0141587.dll Win32/Toolbar.Funmoods application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP523\A0141595.exe Win32/Toolbar.CrossRider.B application

C:\System Volume Information\_restore{71CF0F30-7EFB-4BCB-9D5F-B3097F11F6EC}\RP523\A0141597.dll Win32/Toolbar.Funmoods application

C:\WINDOWS\system32\drivers\etc\disable_activation.cmd BAT/HostsChanger.A application

C:\WINDOWS\system32\SearchEngine.rs a variant of Win32/BitCoinMiner.O application

F:\igfxupdate.exe a variant of Win32/BitCoinMiner.O application

[Cecilia]

På sidan http://www.virustotal.com klickar du på Choose File -knappen och klistrar in ett av följande filnamn i fältet "Filnamn", klicka på Öppna och sedan på Scan it!. Om det kommer upp en fråga om filen ska analyseras om så välj det alternativet. Vänta tills resultatet är klart. Klistra in länken (webbadressen) till resultatet här. Upprepa med nästa filnamn.

c:\windows\system32\SearchIndexer.dll

c:\windows\system32\SearchEngine.rs

 

Går det att avinstallera dessa fyra program?

C:\Program\1ClickDownload\ocmainpack.exe Win32/Adware.1ClickDownload.E application

C:\Program\Claro LTD\claro\1.8.3.10\escortShld.dll Win32/Toolbar.Funmoods application

C:\Program\Giant Savings\Giant Savings.dll Win32/Toolbar.CrossRider application

C:\Program\YourFileDownloader\uninstall.exe a variant of Win32/YourFileDownloader.A