Extremely slow PC [Solved]

Need a geek? Geeks to Go offers free, quality tech support -- in terms anyone can understand. Volunteers are waiting to help, friendly, technology experts who have knowledge to share, and enjoy helping others. Feel free to browse the site as a guest. However, you must log in to reply to existing topics, or to start a new topic. Other benefits of joining include richer forum features, and removal of all advertising. Learn more in our Welcome Guide Infected? Malware and Spyware Cleaning Guide. What are you waiting for? Click here to join for free today!

> Geeks to Go! » Security » Virus, Spyware and Trojan Removal

2 Pages

1 2 >

Extremely slow PC [Solved], 8 svchost running + iexplore.exe takes 70% CPU

Options

Jetkokos View Member Profile	Jun 27 2009, 04:51 AM Post #1
Member Posts: 13 OS: Win XP	Hello Will try describing the problem, my knowledge in this is however limited, so can't really give so many details. It's an 4-years old pc, but it should work I think. Recently I had some attacks from spoofed IPs, which my KasperskyIS seemed to have blocked, just deleted a fraudpack yesterday and after that I started experiencing quite an amount of freezes and some really slow booting. Checked the task manager, it shows 8 svchost.exe (no cpu usage though), and iexplore.exe sucking up to 89% cpu when opening new window. I ran MBAM clearing 24 infections, didn't manage to save that log though because everything suddenly shut down. Did a new run after rebooting and it's all clear, so I think there's no use posting the new log. Please say if I should though. Noticed OTL Extras log has some swedish in it, don't know how to change it though. Thanks in advance. Here's Rooter: Rooter.exe (v1.0.2) by Eric_71 . SeDebugPrivilege granted successfully ... . Windows XP Home Edition (5.1.2600) Service Pack 3 [32_bits] - x86 Family 15 Model 4 Stepping 1, GenuineIntel . [wscsvc] (Security Center) RUNNING (state:4) [SharedAccess] RUNNING (state:4) Windows Firewall -> Disabled ! . Internet Explorer 8.0.6001.18702 Mozilla Firefox 3.0.11 (sv-SE) . C:\ [Fixed-NTFS] .. ( Total:143 Go - Free:81 Go ) D:\ [Fixed-FAT32] .. ( Total:5 Go - Free:2 Go ) E:\ [CD_Rom] F:\ [Removable] G:\ [Removable] H:\ [Removable] I:\ [Removable] . Scan : 11:29.27 Path : C:\Documents and Settings\Compaq_Ägaren\Skrivbord\Rooter.exe User : Compaq_Ägaren ( Administrator -> YES ) . ----------------------\\ Processes . Locked [System Process] (0) ______ System (4) ______ \SystemRoot\System32\smss.exe (896) ______ \??\C:\WINDOWS\system32\csrss.exe (1008) ______ \??\C:\WINDOWS\system32\winlogon.exe (1032) ______ C:\WINDOWS\system32\services.exe (1076) ______ C:\WINDOWS\system32\lsass.exe (1088) ______ C:\WINDOWS\system32\svchost.exe (1252) ______ C:\WINDOWS\system32\svchost.exe (1352) ______ C:\WINDOWS\System32\svchost.exe (1476) ______ C:\WINDOWS\system32\svchost.exe (1508) ______ C:\WINDOWS\system32\svchost.exe (1668) ______ C:\WINDOWS\system32\spoolsv.exe (1776) ______ C:\WINDOWS\system32\svchost.exe (1852) ______ C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe (1896) Locked avp.exe (1912) ______ C:\Program\Bonjour\mDNSResponder.exe (1948) ______ C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (2008) ______ C:\Program\Delade filer\InterVideo\RegMgr\iviRegMgr.exe (276) ______ C:\Program\Java\jre6\bin\jqs.exe (300) ______ C:\WINDOWS\system32\nvsvc32.exe (476) ______ C:\WINDOWS\system32\svchost.exe (636) ______ C:\WINDOWS\Explorer.EXE (496) ______ C:\windows\system\hpsysdrv.exe (1268) ______ C:\HP\KBD\KBD.EXE (2036) ______ C:\Program\Microsoft Office\Office12\GrooveMonitor.exe (1544) ______ C:\Program\Delade filer\InstallShield\UpdateService\ISUSPM.exe (1208) Locked avp.exe (1432) ______ C:\WINDOWS\system32\RUNDLL32.EXE (2176) ______ C:\Program\Microsoft IntelliPoint\ipoint.exe (2224) ______ C:\WINDOWS\SOUNDMAN.EXE (2324) ______ C:\WINDOWS\ALCWZRD.EXE (2412) ______ C:\WINDOWS\ALCMTR.EXE (2428) ______ C:\Program\Java\jre6\bin\jusched.exe (2584) ______ C:\WINDOWS\system32\ctfmon.exe (2932) ______ C:\WINDOWS\System32\alg.exe (3200) ______ C:\WINDOWS\System32\svchost.exe (3832) ______ C:\Program\Internet Explorer\iexplore.exe (2668) ______ C:\Program\Internet Explorer\iexplore.exe (2840) ______ C:\Documents and Settings\Compaq_Ägaren\Skrivbord\Rooter.exe (3676) ______ C:\WINDOWS\system32\wscntfy.exe (4080) . ----------------------\\ Device\Harddisk0\ . \Device\Harddisk0 [Sectors : 63 x 512 Bytes] . \Device\Harddisk0\Partition1 (Start_Offset:32256 \| Length:6440845824) \Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:6440878080 \| Length:153590169600) . ----------------------\\ Scheduled Tasks . C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\Tasks\desktop.ini C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job C:\WINDOWS\Tasks\SA.DAT . ----------------------\\ Registry . . ----------------------\\ Files & Folders . ----------------------\\ Scan completed at 11:30.09 . C:\Rooter$\Rooter_1.txt - (27/06/2009 \| 11:30.09) OTL logs: OTL logfile created on: 2009-06-27 12:05:37 - Run 2 OTL by OldTimer - Version 3.0.5.3 Folder = C:\Documents and Settings\Compaq_Ägaren\Skrivbord Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000041D \| Country: Sverige \| Language: SVE \| Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory \| 2,00 Gb Available Physical Memory \| 100,00% Memory free 4,00 Gb Paging File \| 3,97 Gb Available in Paging File \| 99,27% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Drive C: \| 143,04 Gb Total Space \| 81,87 Gb Free Space \| 57,24% Space Free \| Partition Type: NTFS Drive D: \| 5,99 Gb Total Space \| 2,73 Gb Free Space \| 45,62% Space Free \| Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: IVAN Current User Name: Compaq_Ägaren Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe (Autodesk) PRC - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe (Kaspersky Lab) PRC - C:\Program\Bonjour\mDNSResponder.exe (Apple Inc.) PRC - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) PRC - C:\Program\Delade filer\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) PRC - C:\Program\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) PRC - C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation) PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation) PRC - C:\windows\system\hpsysdrv.exe (Hewlett-Packard Company) PRC - C:\HP\KBD\KBD.EXE (Hewlett-Packard Company) PRC - C:\Program\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) PRC - C:\Program\Delade filer\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) PRC - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe (Kaspersky Lab) PRC - C:\Program\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) PRC - C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.) PRC - C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) PRC - C:\Program\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) PRC - C:\Program\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Program\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Documents and Settings\Compaq_Ägaren\Skrivbord\OTL.exe (OldTimer Tools) ========== Win32 Services (SafeList) ========== SRV - (appdrvrem01 [Auto \| Stopped]) -- C:\WINDOWS\System32\appdrvrem01.exe (Protection Technology) SRV - (aspnet_state [On_Demand \| Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation) SRV - (Autodesk Licensing Service [Auto \| Running]) -- C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe (Autodesk) SRV - (AVP [Auto \| Running]) -- C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe (Kaspersky Lab) SRV - (Bonjour Service [Auto \| Running]) -- C:\Program\Bonjour\mDNSResponder.exe (Apple Inc.) SRV - (clr_optimization_v2.0.50727_32 [Auto \| Running]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (FLEXnet Licensing Service [On_Demand \| Stopped]) -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (FontCache3.0.0.0 [On_Demand \| Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (helpsvc [Auto \| Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation) SRV - (idsvc [Unknown \| Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (IviRegMgr [Auto \| Running]) -- C:\Program\Delade filer\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) SRV - (JavaQuickStarterService [Auto \| Running]) -- C:\Program\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) SRV - (mi-raysat_3dsmax9_32 [Auto \| Stopped]) -- File not found SRV - (Microsoft Office Groove Audit Service [On_Demand \| Stopped]) -- C:\Program\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation) SRV - (NBService [On_Demand \| Stopped]) -- C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG) SRV - (NetTcpPortSharing [Disabled \| Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (NMIndexingService [On_Demand \| Stopped]) -- C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe (Nero AG) SRV - (NVSvc [Auto \| Running]) -- C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation) SRV - (odserv [On_Demand \| Stopped]) -- C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose [On_Demand \| Stopped]) -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (Pml Driver HPZ12 [On_Demand \| Stopped]) -- C:\WINDOWS\System32\HPZipm12.exe (HP) SRV - (WMPNetworkSvc [On_Demand \| Stopped]) -- C:\Program\Windows Media Player\WMPNetwk.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (HdAudAddService [On_Demand \| Stopped]) -- C:\WINDOWS\System32\drivers\HdAudio.sys (Windows ® Server 2003 DDK provider) DRV - (HDAudBus [On_Demand \| Running]) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider) DRV - (HPZid412 [On_Demand \| Stopped]) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys (HP) DRV - (HPZipr12 [On_Demand \| Stopped]) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys (HP) DRV - (HPZius12 [On_Demand \| Stopped]) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys (HP) DRV - (hwdatacard [On_Demand \| Stopped]) -- C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (IntcAzAudAddService [On_Demand \| Running]) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (kl1 [Boot \| Running]) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab) DRV - (klbg [Boot \| Running]) -- C:\WINDOWS\system32\drivers\klbg.sys (Kaspersky Lab) DRV - (KLFLTDEV [On_Demand \| Running]) -- C:\WINDOWS\System32\DRIVERS\klfltdev.sys (Kaspersky Lab) DRV - (KLIF [System \| Running]) -- C:\WINDOWS\System32\DRIVERS\klif.sys (Kaspersky Lab) DRV - (klim5 [On_Demand \| Running]) -- C:\WINDOWS\System32\DRIVERS\klim5.sys (Kaspersky Lab) DRV - (ltmodem5 [On_Demand \| Stopped]) -- C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys (LT) DRV - (NuidFltr [On_Demand \| Running]) -- C:\WINDOWS\System32\DRIVERS\NuidFltr.sys (Microsoft Corporation) DRV - (nv [On_Demand \| Running]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation) DRV - (PD0620VID [On_Demand \| Stopped]) -- C:\WINDOWS\System32\DRIVERS\P0620Vid.sys (Creative Technology Ltd.) DRV - (Point32 [On_Demand \| Running]) -- C:\WINDOWS\System32\DRIVERS\point32.sys (Microsoft Corporation) DRV - (Ps2 [On_Demand \| Running]) -- C:\WINDOWS\System32\DRIVERS\PS2.sys (Hewlett-Packard Company) DRV - (Ptilink [On_Demand \| Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.) DRV - (PxHelp20 [Boot \| Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions) DRV - (RTL8023xp [On_Demand \| Running]) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys (Realtek Semiconductor Corporation ) DRV - (rtl8139 [On_Demand \| Stopped]) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation) DRV - (s3117bus [On_Demand \| Stopped]) -- C:\WINDOWS\System32\DRIVERS\s3117bus.sys (MCCI Corporation) DRV - (s3117mdfl [On_Demand \| Stopped]) -- C:\WINDOWS\System32\DRIVERS\s3117mdfl.sys (MCCI Corporation) DRV - (s3117mdm [On_Demand \| Stopped]) -- C:\WINDOWS\System32\DRIVERS\s3117mdm.sys (MCCI Corporation) DRV - (s3117mgmt [On_Demand \| Stopped]) -- C:\WINDOWS\System32\DRIVERS\s3117mgmt.sys (MCCI Corporation) DRV - (s3117nd5 [On_Demand \| Stopped]) -- C:\WINDOWS\System32\DRIVERS\s3117nd5.sys (MCCI Corporation) DRV - (s3117obex [On_Demand \| Stopped]) -- C:\WINDOWS\System32\DRIVERS\s3117obex.sys (MCCI Corporation) DRV - (s3117unic [On_Demand \| Stopped]) -- C:\WINDOWS\System32\DRIVERS\s3117unic.sys (MCCI Corporation) DRV - (SCDEmu [System \| Running]) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.) DRV - (Secdrv [On_Demand \| Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (smbusp [On_Demand \| Running]) -- C:\WINDOWS\System32\DRIVERS\intelsmb.sys (Intel Corporation) DRV - (sptd [Boot \| Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys () DRV - (TVICHW32 [On_Demand \| Stopped]) -- C:\WINDOWS\System32\DRIVERS\TVICHW32.SYS (EnTech Taiwan) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.se/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = .local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Live Search" FF - prefs.js..browser.search.defaulturl: "http://search.live.com/results.aspx?FORM=IEFM1&q=" FF - prefs.js..browser.search.selectedEngine: "Live Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://s2.bitefight.se/bite/login.php" FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090525 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.14 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14 FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.0.2 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11 FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?FORM=IEFM1&q=" FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-06-27 11:19:49 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program\Java\jre6\lib\deploy\jqs\ff [2009-05-10 14:51:46 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program\Mozilla Firefox\components [2009-06-16 06:49:07 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2009-06-16 06:49:03 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\THBExt [2008-12-31 19:37:52 \| 00,000,000 \| ---D \| M] [2008-04-28 16:05:30 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Compaq_Ägaren\Application Data\mozilla\Extensions [2008-04-28 16:05:30 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Compaq_Ägaren\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-06-24 09:24:03 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Compaq_Ägaren\Application Data\mozilla\Firefox\Profiles\05yjixca.default\extensions [2008-10-16 13:54:39 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Compaq_Ägaren\Application Data\mozilla\Firefox\Profiles\05yjixca.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66} [2009-06-05 18:25:22 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Compaq_Ägaren\Application Data\mozilla\Firefox\Profiles\05yjixca.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2009-04-20 11:53:25 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Compaq_Ägaren\Application Data\mozilla\Firefox\Profiles\05yjixca.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2009-06-24 09:24:03 \| 00,000,000 \| ---D \| M] -- C:\Program\mozilla firefox\extensions [2009-06-16 06:49:03 \| 00,000,000 \| ---D \| M] -- C:\Program\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2008-04-30 06:34:02 \| 00,000,000 \| ---D \| M] -- C:\Program\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [2008-08-11 16:42:57 \| 00,000,000 \| ---D \| M] -- C:\Program\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [2009-03-21 19:04:21 \| 00,000,000 \| ---D \| M] -- C:\Program\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [2009-05-10 14:52:07 \| 00,000,000 \| ---D \| M] -- C:\Program\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009-05-10 11:20:25 \| 00,000,000 \| ---D \| M] -- C:\Program\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}(2) [2009-06-16 07:31:30 \| 00,000,000 \| ---D \| M] -- C:\Program\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [2009-06-03 11:28:36 \| 00,023,032 \| ---- \| M] (Mozilla Foundation) -- C:\Program\mozilla firefox\components\browserdirprovider.dll [2009-06-03 11:28:36 \| 00,134,648 \| ---- \| M] (Mozilla Foundation) -- C:\Program\mozilla firefox\components\brwsrcmp.dll [2009-01-16 20:17:04 \| 00,114,688 \| ---- \| M] (Adobe Systems, Inc.) -- C:\Program\mozilla firefox\plugins\np32dsw.dll [2009-05-21 11:33:58 \| 00,410,984 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Program\mozilla firefox\plugins\npdeploytk.dll [2008-11-21 23:45:26 \| 00,098,304 \| ---- \| M] (DivX, Inc) -- C:\Program\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2008-06-27 16:03:12 \| 01,446,440 \| ---- \| M] (Microsoft Corporation) -- C:\Program\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-03 11:28:37 \| 00,065,528 \| ---- \| M] (mozilla.org) -- C:\Program\mozilla firefox\plugins\npnul32.dll [2006-10-26 20:12:16 \| 00,016,192 \| ---- \| M] (Microsoft Corporation) -- C:\Program\mozilla firefox\plugins\NPOFF12.DLL [2009-05-01 10:44:55 \| 00,239,432 \| ---- \| M] (Pando Networks) -- C:\Program\mozilla firefox\plugins\npPandoWebInst.dll [2006-12-18 04:18:30 \| 00,077,824 \| ---- \| M] (Adobe Systems Inc.) -- C:\Program\mozilla firefox\plugins\nppdf32.dll [2008-02-25 20:45:26 \| 00,001,470 \| ---- \| M] () -- C:\Program\mozilla firefox\searchplugins\allaannonser-sv-SE.xml [2008-03-08 11:35:22 \| 00,001,534 \| ---- \| M] () -- C:\Program\mozilla firefox\searchplugins\creativecommons.xml [2008-04-16 06:08:20 \| 00,001,706 \| ---- \| M] () -- C:\Program\mozilla firefox\searchplugins\google.xml [2008-02-25 20:45:26 \| 00,002,670 \| ---- \| M] () -- C:\Program\mozilla firefox\searchplugins\prisjakt-sv-SE.xml [2008-02-25 20:45:26 \| 00,000,948 \| ---- \| M] () -- C:\Program\mozilla firefox\searchplugins\tyda-sv-SE.xml [2008-03-29 11:50:28 \| 00,001,174 \| ---- \| M] () -- C:\Program\mozilla firefox\searchplugins\wikipedia-sv-SE.xml [2006-09-15 19:15:52 \| 00,000,647 \| ---- \| M] () -- C:\Program\mozilla firefox\searchplugins\yahoo-sv-SE.xml O1 HOSTS File: (710 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll (Kaspersky Lab) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Windows Live inloggningshjälpen) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No CLSID value found. O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.) O4 - HKLM..\Run: [AVP] C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [Genväg till egenskapssida för High Definition Audio] C:\WINDOWS\System32\HDAudPropShortcut.exe (Windows ® Server 2003 DDK provider) O4 - HKLM..\Run: [GrooveMonitor] C:\Program\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [IntelliPoint] C:\Program\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4 - HKLM..\Run: [ISUSPM] C:\Program\Delade filer\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - HKLM..\Run: [KBD] C:\HP\KBD\KBD.EXE (Hewlett-Packard Company) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [NeroFilterCheck] C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [PS2] C:\WINDOWS\System32\ps2.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE () O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [EPSON Stylus SX400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [updateMgr] C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskmgr = 0 O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm () O8 - Extra context menu item: E&xportera till Microsoft Excel - C:\Program\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll (Kaspersky Lab) O9 - Extra Button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program\Bonjour\ExplorerPlugin.dll (Apple Inc.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Hjälp med anslutning - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm () O9 - Extra 'Tools' menuitem : Hjälp med anslutning - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm () O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool) O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab (Reg Error: Key error.) O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab (NVIDIA Smart Scan) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program\Delade filer\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program\Delade filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\Program\KASPER~1\KASPER~1\mzvkbd.dll) - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\Program\KASPER~1\KASPER~1\adialhk.dll) - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\adialhk.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\Program\KASPER~1\KASPER~1\kloehk.dll) - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\kloehk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\System32\klogon.dll (Kaspersky Lab) O24 - Desktop Components:0 (Min aktuella startsida) - About:Home O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004-11-29 18:37:32 \| 00,000,000 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2001-07-28 07:07:38 \| 00,000,000 \| -HS- \| M] () - D:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2004-04-30 23:01:14 \| 00,000,053 \| -HS- \| M] () - D:\Autorun.inf -- [ FAT32 ] O33 - MountPoints2\{4bd08f9a-823a-11dd-9e69-0013d448345d}\Shell - "" = AutoRun O33 - MountPoints2\{4bd08f9a-823a-11dd-9e69-0013d448345d}\Shell\AutoRun\command - "" = K:\AutoRun.exe -- File not found O33 - MountPoints2\{4bd09067-823a-11dd-9e69-0013d448345d}\Shell - "" = AutoRun O33 - MountPoints2\{4bd09067-823a-11dd-9e69-0013d448345d}\Shell\AutoRun\command - "" = K:\AutoRun.exe -- File not found O33 - MountPoints2\{4bd094b6-823a-11dd-9e69-000000000000}\Shell - "" = AutoRun O33 - MountPoints2\{4bd094fc-823a-11dd-9e69-000000000000}\Shell - "" = AutoRun O33 - MountPoints2\{4bd094fc-823a-11dd-9e69-000000000000}\Shell\AutoRun\command - "" = N:\AutoRun.exe -- File not found O33 - MountPoints2\{7633d86a-84cf-11dd-9e73-0013d448345d}\Shell - "" = AutoRun O33 - MountPoints2\L\Shell - "" = AutoRun O33 - MountPoints2\N\Shell - "" = AutoRun O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: () - File not found ========== Files/Folders - Created Within 30 Days ========== [2009-06-27 11:30:09 \| 00,000,000 \| ---D \| C] -- C:\Rooter$ [2009-06-27 11:28:05 \| 00,513,536 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\OTL.exe [2009-06-27 11:27:56 \| 00,173,119 \| ---- \| C] (Eric_71) -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\Rooter.exe [2009-06-27 10:37:52 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Ägaren\Application Data\Malwarebytes [2009-06-27 10:37:42 \| 00,000,672 \| ---- \| C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes' Anti-Malware.lnk [2009-06-27 10:37:40 \| 00,038,160 \| ---- \| C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009-06-27 10:37:39 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2009-06-27 10:36:42 \| 00,019,096 \| ---- \| C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009-06-27 10:36:40 \| 00,000,000 \| ---D \| C] -- C:\Program\Malwarebytes' Anti-Malware [2009-06-27 10:13:03 \| 00,000,000 \| ---D \| C] -- C:\WINDOWS\ERDNT [2009-06-27 10:11:06 \| 00,000,587 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\NTREGOPT.lnk [2009-06-27 10:11:06 \| 00,000,568 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\ERUNT.lnk [2009-06-27 10:11:04 \| 00,000,000 \| ---D \| C] -- C:\Program\ERUNT [2009-06-27 09:59:10 \| 00,265,216 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\TFC.exe [2009-06-27 09:58:45 \| 00,021,504 \| ---- \| C] (Doug Knox) -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\SysRestorePoint.exe [2009-06-22 15:52:57 \| 00,000,000 \| ---D \| C] -- C:\Valve [2009-06-21 10:50:52 \| 00,116,248 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\dump.jpg [2009-06-21 09:04:21 \| 00,014,268 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\PRESENTATION(Olga).docx [2009-06-19 15:58:27 \| 00,000,005 \| ---- \| C] () -- C:\WINDOWS\System32\system.dat [2009-06-19 15:57:00 \| 00,003,082 \| ---- \| C] () -- C:\WINDOWS\System32\affv6628p5now.sys [2009-06-18 10:29:05 \| 00,077,825 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\imhere.jpg [2009-06-18 10:20:57 \| 00,546,601 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\imhere.psd [2009-06-16 09:07:38 \| 00,000,000 \| ---D \| C] -- C:\Program\Delade filer\ParetoLogic [2009-06-16 07:49:47 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\The Qemist [2009-06-16 07:30:35 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\McAfee [2009-06-15 20:16:43 \| 00,000,000 \| -HSD \| C] -- C:\found.000 [2009-06-15 20:04:22 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Ägaren\Lokala inställningar\Application Data\Apple [2009-06-15 20:04:14 \| 00,000,000 \| ---D \| C] -- C:\Program\Apple Software Update [2009-06-15 20:04:14 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Apple [2009-06-15 12:37:19 \| 00,000,000 \| -H-D \| C] -- C:\WINDOWS\System32\win [2009-06-15 12:11:45 \| 00,403,047 \| ---- \| C] () -- C:\WINDOWS\fishing_beta_0.1.3i.exe [2009-06-14 23:31:59 \| 07,585,920 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\ICQ - Without You.mp3 [2009-06-12 20:18:56 \| 00,019,941 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\Hej Tomas.docx [2009-06-11 18:46:21 \| 00,000,761 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\YouTube Downloader.lnk [2009-06-11 18:46:15 \| 00,000,000 \| ---D \| C] -- C:\Program\YouTube Downloader [2009-06-10 22:39:44 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\Dagis [2009-06-10 10:04:17 \| 00,000,000 \| -H-D \| C] -- C:\Documents and Settings\All Users\Application Data\{A613CA96-150A-4A1D-90CE-67F81379DF8C} [2009-06-10 09:29:12 \| 00,246,272 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll [2009-06-10 09:29:12 \| 00,012,800 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll [2009-06-09 20:02:15 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Compaq_Ägaren\Lokala inställningar\Application Data\Nemex [2009-05-31 15:32:38 \| 00,015,158 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\Timur_Zakirov_Inl1_20090601.docx [2009-05-31 14:40:05 \| 00,107,520 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\artikel oponering.doc [2009-05-31 13:16:39 \| 00,029,696 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\20090311 schema.xls [2009-05-31 13:16:31 \| 00,029,696 \| ---- \| C] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\ANNASOMSCH.xls [2009-04-19 13:30:15 \| 01,970,176 \| ---- \| C] () -- C:\WINDOWS\System32\d3dx9.dll [2009-04-19 11:14:53 \| 00,000,335 \| ---- \| C] () -- C:\WINDOWS\wpe_0delay.INI [2009-04-05 12:44:40 \| 00,000,317 \| ---- \| C] () -- C:\WINDOWS\WPE PRO.INI [2009-03-11 14:32:28 \| 06,772,736 \| ---- \| C] () -- C:\WINDOWS\System32\tliadjust30.dll [2009-01-04 16:39:42 \| 00,000,071 \| ---- \| C] () -- C:\WINDOWS\System32\winitn.dll [2009-01-04 16:38:41 \| 00,000,001 \| ---- \| C] () -- C:\WINDOWS\sslzdlt.dll [2009-01-04 16:38:30 \| 00,237,568 \| ---- \| C] () -- C:\WINDOWS\System32\lame_enc.dll [2008-12-31 18:04:42 \| 00,691,560 \| ---- \| C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2008-12-15 22:09:23 \| 00,000,097 \| ---- \| C] () -- C:\WINDOWS\System32\PICSDK.ini [2008-12-15 22:01:05 \| 00,000,026 \| ---- \| C] () -- C:\WINDOWS\CDE SX400EXPORT.ini [2008-12-07 11:01:55 \| 00,156,160 \| ---- \| C] () -- C:\WINDOWS\System32\ztvunrar3.dll [2008-12-07 11:01:55 \| 00,075,264 \| ---- \| C] () -- C:\WINDOWS\System32\ztvunacev2.dll [2008-11-21 23:47:52 \| 03,596,288 \| ---- \| C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008-11-21 23:45:16 \| 00,000,416 \| ---- \| C] () -- C:\WINDOWS\System32\dtu100.dll.manifest [2008-11-21 23:45:16 \| 00,000,416 \| ---- \| C] () -- C:\WINDOWS\System32\dpl100.dll.manifest [2008-11-21 23:44:16 \| 00,012,288 \| ---- \| C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2008-09-16 18:39:47 \| 00,005,632 \| ---- \| C] () -- C:\WINDOWS\System32\BReWErS.dll [2008-08-30 11:39:04 \| 00,000,155 \| ---- \| C] () -- C:\WINDOWS\NeroDigital.ini [2008-06-01 18:40:51 \| 00,000,304 \| ---- \| C] () -- C:\WINDOWS\game.ini [2008-05-28 16:57:51 \| 00,043,520 \| ---- \| C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2008-05-08 19:44:42 \| 00,034,308 \| ---- \| C] () -- C:\WINDOWS\System32\BASSMOD.dll [2008-05-08 19:37:09 \| 00,715,248 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008-04-28 11:11:16 \| 00,053,248 \| ---- \| C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-04-28 11:11:16 \| 00,053,248 \| ---- \| C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-04-28 11:11:16 \| 00,053,248 \| ---- \| C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-04-28 11:11:16 \| 00,053,248 \| ---- \| C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-04-28 11:11:16 \| 00,053,248 \| ---- \| C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-04-28 11:11:16 \| 00,053,248 \| ---- \| C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-04-28 11:11:16 \| 00,053,248 \| ---- \| C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-04-28 11:11:16 \| 00,053,248 \| ---- \| C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-04-28 11:11:16 \| 00,053,248 \| ---- \| C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2007-12-15 14:55:30 \| 05,423,104 \| ---- \| C] () -- C:\WINDOWS\System32\tlpsplib10.dll [2007-12-05 01:41:00 \| 00,286,720 \| ---- \| C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2007-08-07 19:22:22 \| 00,141,180 \| ---- \| C] () -- C:\WINDOWS\System32\xlive.dll.cat [2007-07-25 15:24:30 \| 01,559,040 \| ---- \| C] () -- C:\WINDOWS\System32\xvidcore.dll [2007-03-28 01:14:38 \| 00,131,072 \| ---- \| C] () -- C:\WINDOWS\System32\gc.dll [2006-02-26 16:08:28 \| 00,585,728 \| ---- \| C] () -- C:\WINDOWS\System32\xvidvfw.dll [2005-01-02 04:49:51 \| 00,000,061 \| ---- \| C] () -- C:\WINDOWS\smscfg.ini [2005-01-02 04:26:22 \| 00,013,253 \| ---- \| C] () -- C:\WINDOWS\System32\CHODDI.SYS [2005-01-02 04:26:17 \| 00,045,056 \| ---- \| C] () -- C:\WINDOWS\System32\hpreg.dll [2005-01-02 04:15:44 \| 00,003,529 \| ---- \| C] () -- C:\WINDOWS\System32\fxsperf.ini [2005-01-02 04:10:43 \| 01,703,936 \| ---- \| C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2005-01-02 04:10:43 \| 01,478,656 \| ---- \| C] () -- C:\WINDOWS\System32\nview.dll [2005-01-02 04:10:43 \| 01,019,904 \| ---- \| C] () -- C:\WINDOWS\System32\nvwimg.dll [2005-01-02 04:10:43 \| 00,466,944 \| ---- \| C] () -- C:\WINDOWS\System32\nvshell.dll [2005-01-02 04:00:37 \| 00,000,788 \| ---- \| C] () -- C:\WINDOWS\orun32.ini [2005-01-02 03:58:47 \| 00,323,584 \| ---- \| C] () -- C:\WINDOWS\System32\pythoncom22.dll [2005-01-02 03:58:47 \| 00,094,208 \| ---- \| C] () -- C:\WINDOWS\System32\pywintypes22.dll [2005-01-02 03:58:26 \| 00,016,896 \| ---- \| C] () -- C:\WINDOWS\System32\bcbmm.dll [2004-11-29 19:30:16 \| 00,000,227 \| ---- \| C] () -- C:\WINDOWS\system.ini [2004-11-29 18:37:32 \| 00,000,617 \| ---- \| C] () -- C:\WINDOWS\win.ini [2002-09-28 02:22:32 \| 00,001,010 \| ---- \| C] () -- C:\WINDOWS\System32\oeminfo.ini ========== Files - Modified Within 30 Days ========== [2009-06-27 12:01:53 \| 00,000,248 \| ---- \| M] () -- C:\WINDOWS\System\hpsysdrv.dat [2009-06-27 12:01:25 \| 00,000,006 \| -H-- \| M] () -- C:\WINDOWS\tasks\SA.DAT [2009-06-27 12:01:19 \| 00,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2009-06-27 12:01:17 \| 32,205,57824 \| -HS- \| M] () -- C:\hiberfil.sys [2009-06-27 11:35:56 \| 05,591,072 \| -HS- \| M] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2009-06-27 11:35:56 \| 01,409,056 \| -HS- \| M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat [2009-06-27 11:35:56 \| 00,044,760 \| -HS- \| M] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2009-06-27 11:35:56 \| 00,005,896 \| -HS- \| M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx [2009-06-27 11:28:05 \| 00,513,536 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\OTL.exe [2009-06-27 11:27:56 \| 00,173,119 \| ---- \| M] (Eric_71) -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\Rooter.exe [2009-06-27 11:21:00 \| 00,824,170 \| -H-- \| M] () -- C:\Documents and Settings\Compaq_Ägaren\Lokala inställningar\Application Data\IconCache.db [2009-06-27 11:06:37 \| 00,001,158 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.dbl [2009-06-27 10:48:31 \| 00,195,690 \| ---- \| M] () -- C:\WINDOWS\System32\nvapps.xml [2009-06-27 10:37:42 \| 00,000,672 \| ---- \| M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes' Anti-Malware.lnk [2009-06-27 10:11:06 \| 00,000,587 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\NTREGOPT.lnk [2009-06-27 10:11:06 \| 00,000,568 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\ERUNT.lnk [2009-06-27 09:59:10 \| 00,265,216 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\TFC.exe [2009-06-27 09:58:45 \| 00,021,504 \| ---- \| M] (Doug Knox) -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\SysRestorePoint.exe [2009-06-27 09:40:15 \| 00,000,617 \| ---- \| M] () -- C:\WINDOWS\win.ini [2009-06-27 09:40:15 \| 00,000,294 \| RHS- \| M] () -- C:\boot.ini [2009-06-27 09:40:15 \| 00,000,227 \| ---- \| M] () -- C:\WINDOWS\system.ini [2009-06-25 13:31:03 \| 00,043,520 \| ---- \| M] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2009-06-24 10:05:36 \| 00,163,328 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Ägaren\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-06-24 10:05:36 \| 00,000,155 \| ---- \| M] () -- C:\WINDOWS\NeroDigital.ini [2009-06-22 21:11:00 \| 00,000,448 \| ---- \| M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2009-06-21 10:50:52 \| 00,116,248 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\dump.jpg [2009-06-21 09:38:35 \| 00,014,268 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\PRESENTATION(Olga).docx [2009-06-19 15:58:27 \| 00,000,005 \| ---- \| M] () -- C:\WINDOWS\System32\system.dat [2009-06-19 15:57:00 \| 00,003,082 \| ---- \| M] () -- C:\WINDOWS\System32\affv6628p5now.sys [2009-06-18 10:29:05 \| 00,077,825 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\imhere.jpg [2009-06-18 10:20:58 \| 00,546,601 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\imhere.psd [2009-06-17 11:27:56 \| 00,038,160 \| ---- \| M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009-06-17 11:27:44 \| 00,019,096 \| ---- \| M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009-06-16 23:04:25 \| 00,019,941 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\Hej Tomas.docx [2009-06-16 09:08:06 \| 00,107,280 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Ägaren\Lokala inställningar\Application Data\GDIPFONTCACHEV1.DAT [2009-06-16 08:00:42 \| 07,585,920 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\ICQ - Without You.mp3 [2009-06-16 07:53:40 \| 00,760,975 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\PETROL HEADS feat KATE & DEE - Looking Out.mp3 [2009-06-16 07:22:36 \| 01,652,960 \| ---- \| M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-06-16 07:05:17 \| 00,001,733 \| ---- \| M] () -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Adobe Reader Speed Launch.lnk [2009-06-16 07:05:17 \| 00,001,716 \| ---- \| M] () -- C:\Documents and Settings\All Users\Skrivbord\Adobe Reader 7.0.lnk [2009-06-16 06:49:07 \| 00,001,554 \| ---- \| M] () -- C:\Documents and Settings\All Users\Skrivbord\Mozilla Firefox.lnk [2009-06-15 12:34:28 \| 00,000,794 \| ---- \| M] () -- C:\WINDOWS\System32\%LocalXml% [2009-06-14 23:26:55 \| 00,000,761 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\YouTube Downloader.lnk [2009-06-12 06:19:24 \| 00,001,374 \| ---- \| M] () -- C:\WINDOWS\imsins.BAK [2009-06-01 18:51:12 \| 23,635,392 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe [2009-05-31 15:30:44 \| 00,015,158 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\Timur_Zakirov_Inl1_20090601.docx [2009-05-31 14:40:05 \| 00,107,520 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\artikel oponering.doc [2009-05-31 13:16:39 \| 00,029,696 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\20090311 schema.xls [2009-05-31 13:16:31 \| 00,029,696 \| ---- \| M] () -- C:\Documents and Settings\Compaq_Ägaren\Skrivbord\ANNASOMSCH.xls ========== Alternate Data Streams ========== @Alternate Data Stream - 208 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E41EAF13 @Alternate Data Stream - 202 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 @Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1D786A64 @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89EAFAFC ========== Files - Unicode (All) ========== [2008-05-25 20:49:33 \| 00,015,212 \| ---- \| C] ()(C:\Documents and Settings\Compaq_Ägaren\Mina dokument\??????? Olga Tim.docx) -- C:\Documents and Settings\Compaq_Ägaren\Mina dokument\Реализм Olga Tim.docx [2008-05-25 20:49:34 \| 00,015,212 \| ---- \| M] ()(C:\Documents and Settings\Compaq_Ägaren\Mina dokument\??????? Olga Tim.docx) -- C:\Documents and Settings\Compaq_Ägaren\Mina dokument\Реализм Olga Tim.docx [2008-05-25 23:09:13 \| 00,015,334 \| ---- \| C] ()(C:\Documents and Settings\Compaq_Ägaren\Mina dokument\???????.docx) -- C:\Documents and Settings\Compaq_Ägaren\Mina dokument\Реализм.docx [2008-05-25 23:09:13 \| 00,015,334 \| ---- \| M] ()(C:\Documents and Settings\Compaq_Ägaren\Mina dokument\???????.docx) -- C:\Documents and Settings\Compaq_Ägaren\Mina dokument\Реализм.docx < End of report > Extras OTL Extras logfile created on: 2009-06-27 11:33:37 - Run 1 OTL by OldTimer - Version 3.0.5.3 Folder = C:\Documents and Settings\Compaq_Ägaren\Skrivbord Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000041D \| Country: Sverige \| Language: SVE \| Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory \| 2,00 Gb Available Physical Memory \| 100,00% Memory free 4,00 Gb Paging File \| 3,97 Gb Available in Paging File \| 99,37% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Drive C: \| 143,04 Gb Total Space \| 81,87 Gb Free Space \| 57,24% Space Free \| Partition Type: NTFS Drive D: \| 5,99 Gb Total Space \| 2,73 Gb Free Space \| 45,62% Space Free \| Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: IVAN Current User Name: Compaq_Ägaren Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 "" = [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "57840:TCP" = 57840:TCP::Enabled:Pando Media Booster "57840:UDP" = 57840:UDP::Enabled:Pando Media Booster ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] %ProgramFiles%\iTunes\iTunes.exe::enabled:iTunes File not found %windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation) C:\Program\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] %windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation) C:\Program\Microsoft Office\Office12\OUTLOOK.EXE::Enabled:Microsoft Office Outlook (Microsoft Corporation) C:\Program\Microsoft Office\Office12\GROOVE.EXE::Enabled:Microsoft Office Groove (Microsoft Corporation) C:\Program\Microsoft Office\Office12\ONENOTE.EXE::Enabled:Microsoft Office OneNote (Microsoft Corporation) C:\Program\Atari\Neverwinter Nights 2\nwn2main.exe::Enabled:Neverwinter Nights 2 Main File not found C:\Program\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe::Enabled:Neverwinter Nights 2 AMD File not found C:\Program\Atari\Neverwinter Nights 2\nwupdate.exe::Enabled:Neverwinter Nights 2 Updater File not found C:\Program\Atari\Neverwinter Nights 2\nwn2server.exe::Enabled:Neverwinter Nights 2 Server File not found K:\Program\GSC World Publishing\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe::Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI) File not found K:\Program\GSC World Publishing\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe::Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV) File not found K:\Program\id Software\Enemy Territory - QUAKE Wars\etqwded.exe::Enabled:etqwded.exe File not found K:\Program\id Software\Enemy Territory - QUAKE Wars\etqw.exe::Enabled:Enemy Territory - QUAKE Wars™ File not found C:\WINDOWS\system32\PnkBstrA.exe::Enabled:PnkBstrA File not found C:\WINDOWS\system32\PnkBstrB.exe::Enabled:PnkBstrB File not found C:\Program\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger (Microsoft Corporation) C:\Program\Microsoft Games\Zoo Tycoon 2\zt.exe::Enabled:Zoo Tycoon 2 Executable (Microsoft Corporation) C:\Program\Pando Networks\Media Booster\PMB.exe::Enabled:Pando Media Booster () C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe::Enabled:Fjärrhjälp - Windows Messenger och tal (Microsoft Corporation) C:\Program\Bonjour\mDNSResponder.exe::Enabled:Bonjour (Apple Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3 "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{0C5D0DC4-F5D3-46F9-AE2E-E45C99B4A6B6}" = Enemy Territory - QUAKE Wars™ 1.1 Patch "{0E93710D-31E5-477C-8A4B-5032B484BE74}" = Windows Live inloggningsassistenten "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{20B5E4D0-6DFE-4D5F-B96F-C3B91F272B2D}" = Portable MP3 Player "{20DEB77C-21D6-4D22-BB47-233E47613D57}" = Microsoft Games for Windows - LIVE Redistributable "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{23C3F5C0-566B-478B-AAB6-197ADAD0C945}" = Uniblue SpeedUpMyPC 2009 "{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2 "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 14 "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 3.209.00 "{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7 "{350C941d-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{420DADC7-0E52-48F2-81EE-7BCF663815E0}" = Windows Live Essentials "{42EDF895-158C-484E-A7F2-42B90759F281}" = Camera RAW Plug-In for EPSON Creativity Suite "{46CBBDF8-55B5-40DB-B459-7B848394309C}" = EPSON File Manager "{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01) "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5783F2D7-6001-0409-0002-0060B0CE6BBA}" = AutoCAD 2008 - English "{5E684419-44E3-46EE-A43C-A60082CBF4EC}" = Topaz Adjust 3 "{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup "{66A9D30D-1464-4C7F-B2F3-507DADAF2595}" = Microsoft IntelliPoint 6.3 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{74224F8D-4A17-4816-9EDB-7BB854DE532C}" = NVIDIA PhysX v8.04.25 "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update "{77701BFD-3A86-34B0-A9EC-0D7440C6D8AF}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - SVE "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}" = 3dsmax ancillary install "{7D7152AF-581B-316F-8CA4-15342C3EFA4B}" = Microsoft .NET Framework 3.5 Language Pack SP1 - sve "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}" = EPSON Easy Photo Print "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}" = Kaspersky Internet Security 2009 "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90120000-0010-041D-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Swedish) 12 "{90120000-0015-041D-0000-0000000FF1CE}" = Microsoft Office Access MUI (Swedish) 2007 "{90120000-0015-041D-0000-0000000FF1CE}_ENTERPRISE_{1AEE207F-E4DC-4A6C-9ACD-D1218F08B442}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-041D-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Swedish) 2007 "{90120000-0016-041D-0000-0000000FF1CE}_ENTERPRISE_{1AEE207F-E4DC-4A6C-9ACD-D1218F08B442}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-041D-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Swedish) 2007 "{90120000-0018-041D-0000-0000000FF1CE}_ENTERPRISE_{1AEE207F-E4DC-4A6C-9ACD-D1218F08B442}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-041D-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Swedish) 2007 "{90120000-0019-041D-0000-0000000FF1CE}_ENTERPRISE_{1AEE207F-E4DC-4A6C-9ACD-D1218F08B442}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-041D-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Swedish) 2007 "{90120000-001A-041D-0000-0000000FF1CE}_ENTERPRISE_{1AEE207F-E4DC-4A6C-9ACD-D1218F08B442}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-041D-0000-0000000FF1CE}" = Microsoft Office Word MUI (Swedish) 2007 "{90120000-001B-041D-0000-0000000FF1CE}_ENTERPRISE_{1AEE207F-E4DC-4A6C-9ACD-D1218F08B442}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040B-0000-0000000FF1CE}" = Microsoft Office Proof (Finnish) 2007 "{90120000-001F-040B-0000-0000000FF1CE}_ENTERPRISE_{8C00DF3E-E8BD-4C6A-B86F-0135E11DAF1C}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-041D-0000-0000000FF1CE}" = Microsoft Office Proof (Swedish) 2007 "{90120000-001F-041D-0000-0000000FF1CE}_ENTERPRISE_{43722AA8-ACEA-4F54-9B83-2467D376EF8A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-041D-0000-0000000FF1CE}" = Microsoft Office Proofing (Swedish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0044-041D-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Swedish) 2007 "{90120000-0044-041D-0000-0000000FF1CE}_ENTERPRISE_{1AEE207F-E4DC-4A6C-9ACD-D1218F08B442}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-041D-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Swedish) 2007 "{90120000-006E-041D-0000-0000000FF1CE}_ENTERPRISE_{8C2A0B2D-382B-428C-9E8D-247D31B22201}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-041D-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Swedish) 2007 "{90120000-00A1-041D-0000-0000000FF1CE}_ENTERPRISE_{1AEE207F-E4DC-4A6C-9ACD-D1218F08B442}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A4-041D-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components "{90120000-00BA-041D-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Swedish) 2007 "{90120000-00BA-041D-0000-0000000FF1CE}_ENTERPRISE_{1AEE207F-E4DC-4A6C-9ACD-D1218F08B442}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings "{96DABE26-CA86-4E13-B38F-FA92564FF855}" = Trafikskolan TEO 2009 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{992A2DB1-4ABC-4738-BD71-045C5FFE00D1}" = Microsoft .NET Framework 1.1 Swedish Language Pack "{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7 "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support 4.0 "{AA8CF3BD-6717-3B70-83BF-377426410A66}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - SVE "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings "{AC76BA86-7AD7-1053-7B44-A71000000002}" = Adobe Reader 7.1.3 - Svenska "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup "{B5F8FCE2-1677-4370-A857-4976E5A95209}" = Topaz Vivacity "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF097717-F174-4144-954A-FBC4BF301053}" = Nero 7 Premium "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D3AE160E-C459-4EB1-9922-169F1D5119EF}" = Advantage Data Architect v7.1 "{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser "{DB427EF6-F13E-4AA6-9D40-5D962394774F}" = OGA Notifier 1.7.0105.35.0 "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings "{E63E34A7-E552-412B-9E40-FD6FC5227ABA}" = Uniblue RegistryBooster 2009 "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FCEA59CC-5A80-4680-9F7F-6E75174E884C}" = Windows Live Messenger "7-Zip" = 7-Zip 4.65 "AC3Filter" = AC3Filter (remove only) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11 "Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3 "Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2 "Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings "ASAPI Update" = ASAPI Update "AutoCAD 2008 - English" = AutoCAD 2008 - English "AutoCAD 2008 - English SP1" = AutoCAD 2008 - English SP1 "Azureus" = Azureus "Cheat Engine 5.5_is1" = Cheat Engine 5.5 "Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18 "Condition_Zero_3" = Condition Zero 3 "Counter-Strike: Condition Zero" = Counter-Strike: Condition Zero "Creative PD0620" = Creative WebCam Instant Driver (1.01.02.0729) "Creative WebCam Center" = Creative WebCam Center "DriverAgent.exe" = DriverAgent by TouchStone Software "DVD Shrink_is1" = DVD Shrink 3.2 "Easy GIF Animator_is1" = Easy GIF Animator 4.8 "ENTERPRISE" = Microsoft Office Enterprise 2007 "EPSON Scanner" = EPSON Scan "EPSON Stylus SX200_SX400_TX200_TX400 Användarhandbok" = EPSON Stylus SX200_SX400_TX200_TX400 Handbok "EPSON Stylus SX400 Series" = EPSON Stylus SX400 Series Printer Uninstall "ERUNT_is1" = ERUNT 1.1j "EVEREST Ultimate + Corporate Edition_is1" = EVEREST Ultimate v4.20.1257 + Corporate Edition Beta Registered "Help and Support Additions" = Tillägg för Hjälp- och support "Hogs Of War" = Hogs Of War "Huawei Modems" = Huawei Modems "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{0C5D0DC4-F5D3-46F9-AE2E-E45C99B4A6B6}" = Enemy Territory - QUAKE Wars™ 1.1 Patch "InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8 "InstallWIX_{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}" = Kaspersky Internet Security 2009 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Messenger Plus! Live" = Messenger Plus! Live "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - sve" = Språkpaket för Microsoft .NET Framework 3.5 SP 1 - sve "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NVIDIA Drivers" = NVIDIA Drivers "Personal" = BankID säkerhetsprogram 4.9.3 "POD-Bot 2.5" = POD-Bot 2.5 "PowerISO" = PowerISO "ProxySwitcher Standard_is1" = ProxySwitcher Standard "PS2" = PS2 "Python 2.2.3" = Python 2.2.3 "pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203) "Steinberg WaveLab 5.00a" = Steinberg WaveLab 5.00a "SystemRequirementsLab" = System Requirements Lab "Tibia_is1" = Tibia "Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009 "Uniblue RegistryBooster 2009" = Uniblue RegistryBooster 2009 "Uniblue SpeedUpMyPC 2009" = Uniblue SpeedUpMyPC 2009 "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "VLC media player" = VideoLAN VLC media player 0.8.6i "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "Xvid_is1" = Xvid 1.1.3 final uninstall "Zero Assumption Recovery_is1" = Zero Assumption Recovery Version 8.4 "Zoo Tycoon 2" = Zoo Tycoon 2 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 2009-05-25 02:00:13 \| Computer Name = IVAN \| Source = Application Error \| ID = 1000 Description = Felaktigt program super_youtube_downloader.exe, version 1.0.0.0, felaktig modul oleaut32.dll, version 5.1.2600.5512, felaktig adress 0x00049a44. Error - 2009-06-03 05:26:12 \| Computer Name = IVAN \| Source = Application Hang \| ID = 1002 Description = Stoppat program iexplore.exe, version 8.0.6001.18702, stoppad modul hungapp, version 0.0.0.0, stoppad adress 0x00000000. Error - 2009-06-03 05:26:15 \| Computer Name = IVAN \| Source = Application Hang \| ID = 1001 Description = Fel-bucket 1180947459. Error - 2009-06-03 05:28:41 \| Computer Name = IVAN \| Source = Application Hang \| ID = 1002 Description = Stoppat program iexplore.exe, version 8.0.6001.18702, stoppad modul hungapp, version 0.0.0.0, stoppad adress 0x00000000. Error - 2009-06-12 00:05:34 \| Computer Name = IVAN \| Source = Application Hang \| ID = 1002 Description = Stoppat program iexplore.exe, version 8.0.6001.18702, stoppad modul hungapp, version 0.0.0.0, stoppad adress 0x00000000. Error - 2009-06-16 03:11:35 \| Computer Name = IVAN \| Source = Application Hang \| ID = 1002 Description = Stoppat program Pareto_AV.exe, version 6.1.1.9, stoppad modul hungapp, version 0.0.0.0, stoppad adress 0x00000000. Error - 2009-06-16 05:31:11 \| Computer Name = IVAN \| Source = Application Hang \| ID = 1002 Description = Stoppat program iexplore.exe, version 8.0.6001.18702, stoppad modul hungapp, version 0.0.0.0, stoppad adress 0x00000000. Error - 2009-06-18 04:30:24 \| Computer Name = IVAN \| Source = Application Error \| ID = 1000 Description = Felaktigt program qlumpy.exe, version 0.0.0.0, felaktig modul qlumpy.exe, version 0.0.0.0, felaktig adress 0x00004862. Error - 2009-06-22 09:55:58 \| Computer Name = IVAN \| Source = Microsoft IntelliPoint \| ID = 1000 Description = Error - 2009-06-22 13:35:58 \| Computer Name = IVAN \| Source = Application Hang \| ID = 1002 Description = Stoppat program Photoshop.exe, version 10.0.1.0, stoppad modul hungapp, version 0.0.0.0, stoppad adress 0x00000000. [ System Events ] Error - 2009-06-27 01:26:22 \| Computer Name = IVAN \| Source = MRxSmb \| ID = 8003 Description = Master browser har mottagit ett meddelande från datorn TZV081221-DATOR som tror att den är master browser för domänen på transporten NetBT_Tcpip_{664CC8BB-DA5. Master browser stannar eller ett val tvingas att göras. Error - 2009-06-27 02:38:22 \| Computer Name = IVAN \| Source = MRxSmb \| ID = 8003 Description = Master browser har mottagit ett meddelande från datorn TZV081221-DATOR som tror att den är master browser för domänen på transporten NetBT_Tcpip_{664CC8BB-DA5. Master browser stannar eller ett val tvingas att göras. Error - 2009-06-27 03:38:22 \| Computer Name = IVAN \| Source = Service Control Manager \| ID = 7026 Description = Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: appdrv01 Error - 2009-06-27 03:42:10 \| Computer Name = IVAN \| Source = Service Control Manager \| ID = 7026 Description = Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: appdrv01 Error - 2009-06-27 03:50:25 \| Computer Name = IVAN \| Source = MRxSmb \| ID = 8003 Description = Master browser har mottagit ett meddelande från datorn TZV081221-DATOR som tror att den är master browser för domänen på transporten NetBT_Tcpip_{664CC8BB-DA5. Master browser stannar eller ett val tvingas att göras. Error - 2009-06-27 04:06:21 \| Computer Name = IVAN \| Source = Service Control Manager \| ID = 7026 Description = Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: appdrv01 Error - 2009-06-27 04:14:25 \| Computer Name = IVAN \| Source = MRxSmb \| ID = 8003 Description = Master browser har mottagit ett meddelande från datorn TZV081221-DATOR som tror att den är master browser för domänen på transporten NetBT_Tcpip_{664CC8BB-DA5. Master browser stannar eller ett val tvingas att göras. Error - 2009-06-27 04:47:26 \| Computer Name = IVAN \| Source = Service Control Manager \| ID = 7026 Description = Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: appdrv01 Error - 2009-06-27 05:22:58 \| Computer Name = IVAN \| Source = Service Control Manager \| ID = 7026 Description = Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: appdrv01 Error - 2009-06-27 05:25:15 \| Computer Name = IVAN \| Source = MRxSmb \| ID = 8003 Description = Master browser har mottagit ett meddelande från datorn TZV081221-DATOR som tror att den är master browser för domänen på transporten NetBT_Tcpip_{664CC8BB-DA5. Master browser stannar eller ett val tvingas att göras. < End of report > This post has been edited by Jetkokos: Jun 28 2009, 12:02 PM

SpySentinel View Member Profile	Jun 30 2009, 02:13 PM Post #2
Trusted Helper Posts: 3,952 From: The United States OS: Windows XP SP3 & Windows Vista SP1	Hi Jetkokos, Welcome to Geeks to Go! My name is SpySentinel and I will be helping you fix your computer problem. Sorry for the delay, we have been very busy lately, and I apologize for your wait. Run OTL.exe Under the Custom Scans/Fixes box at the bottom, paste in the following CODE :OTL O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No CLSID value found. O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O33 - MountPoints2\{4bd08f9a-823a-11dd-9e69-0013d448345d}\Shell - "" = AutoRun O33 - MountPoints2\{4bd08f9a-823a-11dd-9e69-0013d448345d}\Shell\AutoRun\command - "" = K:\AutoRun.exe -- File not found O33 - MountPoints2\{4bd09067-823a-11dd-9e69-0013d448345d}\Shell - "" = AutoRun O33 - MountPoints2\{4bd09067-823a-11dd-9e69-0013d448345d}\Shell\AutoRun\command - "" = K:\AutoRun.exe -- File not found O33 - MountPoints2\{4bd094b6-823a-11dd-9e69-000000000000}\Shell - "" = AutoRun O33 - MountPoints2\{4bd094fc-823a-11dd-9e69-000000000000}\Shell - "" = AutoRun O33 - MountPoints2\{4bd094fc-823a-11dd-9e69-000000000000}\Shell\AutoRun\command - "" = N:\AutoRun.exe -- File not found O33 - MountPoints2\{7633d86a-84cf-11dd-9e73-0013d448345d}\Shell - "" = AutoRun O33 - MountPoints2\L\Shell - "" = AutoRun O33 - MountPoints2\N\Shell - "" = AutoRun O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\AutoRun.exe -- File not found :Files C:\WINDOWS\System32\affv6628p5now.sys :Commands [purity] [emptytemp] [start explorer] [Reboot] Then click the Run Fix button at the top Let the program run unhindered, reboot when it is done

Jetkokos View Member Profile	Jun 30 2009, 03:21 PM Post #3
Member Posts: 13 OS: Win XP	Hello SpySentinel, your help is really appreciated. So I ran the fix, rebooted and get this log. What now? Also, as a side note, one of svchost.exe jump to 60% now and then, is it supposed to do so? Thanks All processes killed ========== OTL ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE5D279F-081B-4404-994D-C6B60AAEBA6D}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Alcmtr deleted successfully. C:\WINDOWS\ALCMTR.EXE moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4bd08f9a-823a-11dd-9e69-0013d448345d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4bd08f9a-823a-11dd-9e69-0013d448345d}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4bd08f9a-823a-11dd-9e69-0013d448345d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4bd08f9a-823a-11dd-9e69-0013d448345d}\ not found. File K:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4bd09067-823a-11dd-9e69-0013d448345d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4bd09067-823a-11dd-9e69-0013d448345d}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4bd09067-823a-11dd-9e69-0013d448345d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4bd09067-823a-11dd-9e69-0013d448345d}\ not found. File K:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4bd094b6-823a-11dd-9e69-000000000000}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4bd094b6-823a-11dd-9e69-000000000000}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4bd094fc-823a-11dd-9e69-000000000000}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4bd094fc-823a-11dd-9e69-000000000000}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4bd094fc-823a-11dd-9e69-000000000000}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4bd094fc-823a-11dd-9e69-000000000000}\ not found. File N:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7633d86a-84cf-11dd-9e73-0013d448345d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7633d86a-84cf-11dd-9e73-0013d448345d}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\L\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\N\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\N\ not found. File N:\AutoRun.exe not found. ========== FILES ========== C:\WINDOWS\System32\affv6628p5now.sys moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Compaq_-garen User: Compaq_Ägaren ->Temp folder emptied: 3840989 bytes File delete failed. C:\Documents and Settings\Compaq_Ägaren\Lokala inställningar\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 32382064 bytes ->Java cache emptied: 15062865 bytes ->FireFox cache emptied: 107520382 bytes ->Opera cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService File delete failed. C:\Documents and Settings\LocalService\Lokala inställningar\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\LocalService\Lokala inställningar\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\LocalService\Lokala inställningar\Temp\Cookies\index.dat scheduled to be deleted on reboot. ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 16786 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 19569 bytes %systemroot%\System32 .tmp files removed: 0 bytes Windows Temp folder emptied: 32768 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 151,61 mb Error: Unable to interpret <[start explorer]> in the current context! OTL by OldTimer - Version 3.0.5.3 log created on 06302009_230342 Files\Folders moved on Reboot... Registry entries deleted on Reboot... This post has been edited by Jetkokos: Jun 30 2009, 03:23 PM

SpySentinel View Member Profile	Jun 30 2009, 06:36 PM Post #4
Trusted Helper Posts: 3,952 From: The United States OS: Windows XP SP3 & Windows Vista SP1	QUOTE Also, as a side note, one of svchost.exe jump to 60% now and then, is it supposed to do so? It could be a sign of malware. Launch Malwarebytes' Anti-Malware If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy&Paste the entire report in your next reply. Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately. Download and scan with SUPERAntiSpyware Free for Home Users Double-click SUPERAntiSpyware.exe and use the default settings for installation. An icon will be created on your desktop. Double-click that icon to launch the program. If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.) Under "Configuration and Preferences", click the Preferences button. Click the Scanning Control tab. Under Scanner Options make sure the following are checked (leave all others unchecked): Close browsers before scanning. Scan for tracking cookies. Terminate memory threats before quarantining. Click the "Close" button to leave the control center screen. Back on the main screen, under "Scan for Harmful Software" click Scan your computer. On the left, make sure you check C:\Fixed Drive. On the right, under "Complete Scan", choose Perform Complete Scan. Click "Next" to start the scan. Please be patient while it scans your computer. After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK". Make sure everything has a checkmark next to it and click "Next". A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu. If asked if you want to reboot, click "Yes". To retrieve the removal information after reboot, launch SUPERAntispyware again. o Click Preferences, then click the Statistics/Logs tab. o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log. o If there are several logs, click the current dated log and press View log. A text file will open in your default text editor. o Please copy and paste the Scan Log results in your next reply. Click Close to exit the program.

Jetkokos View Member Profile	Jul 1 2009, 01:27 AM Post #5
Member Posts: 13 OS: Win XP	Hello again, here's the SUPERAntiSpyware log. I saw some pornography cookies there, so I wonder, those sites must have been accessed in order to have the cookies, right? Looks like I'll have to take a talk with my son about that. As for MBAM, it came completely clean, the log is however in Swedish, i tried reinstalling, but it still comes up in Swedish when finnished. But as said, it came up with zero of everything. A small edit; this is new, when I turned of the computer just some minutes ago, the screen went black (I mean the very last step), but the monitor light was still on. I had to shut the power 10 minuter after. Can this be something inside the box itself? SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 07/01/2009 at 08:44 AM Application Version : 4.26.1006 Core Rules Database Version : 3964 Trace Rules Database Version: 1905 Scan type : Complete Scan Total Scan Time : 00:56:39 Memory items scanned : 398 Memory threats detected : 0 Registry items scanned : 8108 Registry threats detected : 13 File items scanned : 52462 File threats detected : 38 Adware.Vundo Variant HKLM\Software\Classes\CLSID\{27B47AD3-2380-361D-83E3-A008F592F141} HKCR\CLSID\{27B47AD3-2380-361D-83E3-A008F592F141} HKCR\CLSID\{27B47AD3-2380-361D-83E3-A008F592F141} HKCR\CLSID\{27B47AD3-2380-361D-83E3-A008F592F141}\InprocServer32 HKCR\CLSID\{27B47AD3-2380-361D-83E3-A008F592F141}\InprocServer32#ThreadingModel HKU\S-1-5-21-3323170575-2697025314-47309388-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27B47AD3-2380-361D-83E3-A008F592F141} Adware.Tracking Cookie C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@youngpornmovies[4].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@galleries1.adult-empire[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@tacoda[2].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@advertising[2].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@doubleclick[2].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@collective-media[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@tradedoubler[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@count.rbc[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@bunnyteens[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@mmstat[2].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@stat.swedbank[2].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@love[bleep]k[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@atdmt[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@teenax[2].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@yieldmanager[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@tns-counter[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@pornbb[2].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@media6degrees[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@www.pornstarsexplorer[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@petiteteenager[4].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@adtech[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@sexyandfunny[2].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@findlaw[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@caselaw.lp.findlaw[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@dmtracker[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@overture[2].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@www.pornbb[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@chitika[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@www.sexyandfunny[2].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@adsby.webtraffic[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@www.googleadservices[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@adultfriendfinder[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@track.adform[2].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@epochstats[1].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@server.cpmstar[2].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@weownthetraffic[2].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@www.youngpornmovies[2].txt C:\Documents and Settings\Compaq_Ägaren\Cookies\compaq_ägaren@sex4share[2].txt Adware.MyWebSearch/FunWebProducts HKU\S-1-5-21-3323170575-2697025314-47309388-1008\SOFTWARE\FunWebProducts HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32 HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32 This post has been edited by Jetkokos: Jul 1 2009, 07:06 AM

SpySentinel View Member Profile	Jul 1 2009, 07:17 PM Post #6
Trusted Helper Posts: 3,952 From: The United States OS: Windows XP SP3 & Windows Vista SP1	QUOTE I saw some pornography cookies there, so I wonder, those sites must have been accessed in order to have the cookies, right? Usually yes, could also be from ads, but more likely from the sites. Download random's system information tool (RSIT) by random/random from here and save it to your desktop. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Jetkokos View Member Profile	Jul 2 2009, 01:46 AM Post #7
Member Posts: 13 OS: Win XP	Here they are: log.txt: Logfile of random's system information tool 1.06 (written by random/random) Run by Compaq_Ägaren at 2009-07-02 09:38:02 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 96 GB (65%) free of 146 GB Total RAM: 3071 MB (81% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:38:09, on 2009-07-02 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program\Bonjour\mDNSResponder.exe C:\Program\Delade filer\InterVideo\RegMgr\iviRegMgr.exe C:\Program\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\Program\Microsoft Office\Office12\GrooveMonitor.exe C:\Program\Delade filer\InstallShield\UpdateService\ISUSPM.exe C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program\Microsoft IntelliPoint\ipoint.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\Program\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program\Internet Explorer\iexplore.exe C:\Program\Internet Explorer\iexplore.exe C:\Documents and Settings\Compaq_Ägaren\Skrivbord\RSIT.exe C:\Program\trend micro\Compaq_Ägaren.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.se/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = .local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [Genväg till egenskapssida för High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ISUSPM] "C:\Program\Delade filer\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKLM\..\Run: [AVP] "C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [IntelliPoint] "C:\Program\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1 O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\WINDOWS\TEMP\E_S6B.tmp" /EF "HKCU" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program\Bonjour\ExplorerPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Hjälp med anslutning - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Hjälp med anslutning - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra button: Hjälp med anslutning - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O9 - Extra 'Tools' menuitem: Hjälp med anslutning - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\Microsoft Office\Office12\GrooveSystemServices.dll O20 - AppInit_DLLs: C:\Program\KASPER~1\KASPER~1\mzvkbd.dll,C:\Program\KASPER~1\KASPER~1\adialhk.dll,C:\Program\KASPER~1\KASPER~1\kloehk.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program\Delade filer\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 10444 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [2008-09-25 62728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live inloggningshjälpen - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java™ Plug-In 2 SSV Helper - C:\Program\Java\jre6\bin\jp2ssv.dll [2009-05-21 41368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-21 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"=c:\windows\system\hpsysdrv.exe [1998-05-07 52736] "Genväg till egenskapssida för High Definition Audio"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-18 61952] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-08-28 8466432] "KBD"=C:\HP\KBD\KBD.EXE [2005-02-03 61440] "Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2004-04-14 233472] "PS2"=C:\WINDOWS\system32\ps2.exe [2003-09-12 98304] "GrooveMonitor"=C:\Program\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] "NeroFilterCheck"=C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe [2007-03-01 153136] "ISUSPM"=C:\Program\Delade filer\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936] "AVP"=C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-02-04 201992] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-08-28 81920] "IntelliPoint"=C:\Program\Microsoft IntelliPoint\ipoint.exe [2008-06-10 1406024] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2008-08-19 77824] "AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2008-06-19 2808832] "SunJavaUpdateSched"=C:\Program\Java\jre6\bin\jusched.exe [2009-05-21 148888] "nwiz"=nwiz.exe /installquiet /keeploaded /nodetect [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "updateMgr"=C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472] "EPSON Stylus SX400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE [2007-12-17 188928] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] C:\Program\HP\hpcoretech\hpcmpmgr.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-06-21 172032] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2004-10-14 253952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSwitch] C:\Program\Proxy Switcher Standard\ProxySwitcher.exe [2008-11-15 2764800] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Program^Autostart^BankID säkerhetsprogram.lnk] C:\Program\Personal\bin\Personal.exe [2008-08-18 910864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Program^Autostart^HP Digital Imaging Monitor.lnk] C:\Program\HP\DIGITA~1\bin\hpqtra08.exe [] C:\Documents and Settings\All Users\Start-meny\Program\Autostart Adobe Reader Speed Launch.lnk - C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\Program\KASPER~1\KASPER~1\mzvkbd.dll,C:\Program\KASPER~1\KASPER~1\adialhk.dll,C:\Program\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon] C:\Program\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2008-04-25 206088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskmgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "C:\Program\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program\Microsoft Office\Office12\OUTLOOK.EXE::Enabled:Microsoft Office Outlook" "C:\Program\Microsoft Office\Office12\GROOVE.EXE"="C:\Program\Microsoft Office\Office12\GROOVE.EXE::Enabled:Microsoft Office Groove" "C:\Program\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program\Microsoft Office\Office12\ONENOTE.EXE::Enabled:Microsoft Office OneNote" "C:\Program\Atari\Neverwinter Nights 2\nwn2main.exe"="C:\Program\Atari\Neverwinter Nights 2\nwn2main.exe::Enabled:Neverwinter Nights 2 Main" "C:\Program\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe"="C:\Program\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe::Enabled:Neverwinter Nights 2 AMD" "C:\Program\Atari\Neverwinter Nights 2\nwupdate.exe"="C:\Program\Atari\Neverwinter Nights 2\nwupdate.exe::Enabled:Neverwinter Nights 2 Updater" "C:\Program\Atari\Neverwinter Nights 2\nwn2server.exe"="C:\Program\Atari\Neverwinter Nights 2\nwn2server.exe::Enabled:Neverwinter Nights 2 Server" "K:\Program\GSC World Publishing\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="K:\Program\GSC World Publishing\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe::Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)" "K:\Program\GSC World Publishing\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="K:\Program\GSC World Publishing\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe::Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)" "K:\Program\id Software\Enemy Territory - QUAKE Wars\etqwded.exe"="K:\Program\id Software\Enemy Territory - QUAKE Wars\etqwded.exe::Enabled:etqwded.exe" "K:\Program\id Software\Enemy Territory - QUAKE Wars\etqw.exe"="K:\Program\id Software\Enemy Territory - QUAKE Wars\etqw.exe::Enabled:Enemy Territory - QUAKE Wars™ " "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe::Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe::Enabled:PnkBstrB" "C:\Program\Windows Live\Messenger\msnmsgr.exe"="C:\Program\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger" "C:\Program\Microsoft Games\Zoo Tycoon 2\zt.exe"="C:\Program\Microsoft Games\Zoo Tycoon 2\zt.exe::Enabled:Zoo Tycoon 2 Executable" "C:\Program\Pando Networks\Media Booster\PMB.exe"="C:\Program\Pando Networks\Media Booster\PMB.exe::Enabled:Pando Media Booster" "C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe::Enabled:Fjärrhjälp - Windows Messenger och tal" "C:\Program\Bonjour\mDNSResponder.exe"="C:\Program\Bonjour\mDNSResponder.exe::Enabled:Bonjour" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "%ProgramFiles%\iTunes\iTunes.exe"="%ProgramFiles%\iTunes\iTunes.exe::enabled:iTunes" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "C:\Program\Windows Live\Messenger\msnmsgr.exe"="C:\Program\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger" ======File associations====== .scr - open - "C:\WINDOWS\system32\notepad.exe" "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2009-07-02 07:51:18 ----D---- C:\Program\trend micro 2009-07-02 07:51:12 ----D---- C:\rsit 2009-07-01 06:44:17 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2009-07-01 06:43:46 ----D---- C:\Program\SUPERAntiSpyware 2009-07-01 06:43:46 ----D---- C:\Documents and Settings\Compaq_Ägaren\Application Data\SUPERAntiSpyware.com 2009-06-30 23:03:42 ----D---- C:\_OTL 2009-06-28 20:14:00 ----HDC---- C:\WINDOWS\ie8 2009-06-28 19:37:13 ----HD---- C:\WINDOWS\$NtUninstallKB952954$ 2009-06-28 19:37:11 ----HD---- C:\WINDOWS\$NtUninstallKB952287$ 2009-06-28 19:37:08 ----HD---- C:\WINDOWS\$NtUninstallKB951748$ 2009-06-28 19:37:06 ----HD---- C:\WINDOWS\$NtUninstallKB951698$ 2009-06-28 19:37:03 ----HD---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2009-06-28 19:37:01 ----HD---- C:\WINDOWS\$NtUninstallKB951066$ 2009-06-28 19:36:59 ----HD---- C:\WINDOWS\$NtUninstallKB950974$ 2009-06-28 19:36:58 ----HD---- C:\WINDOWS\$NtUninstallKB950762$ 2009-06-28 19:36:56 ----HD---- C:\WINDOWS\$NtUninstallKB946648$ 2009-06-28 19:33:45 ----D---- C:\WINDOWS\ServicePackFiles 2009-06-28 19:18:32 ----D---- C:\WINDOWS\Prefetch 2009-06-28 19:15:53 ----DC---- C:\WINDOWS\$NtUninstallKB970238$(2) 2009-06-28 19:15:39 ----DC---- C:\WINDOWS\$NtUninstallKB968537$(2) 2009-06-28 19:15:26 ----DC---- C:\WINDOWS\$NtUninstallKB967715$(2) 2009-06-28 19:15:18 ----DC---- C:\WINDOWS\$NtUninstallKB961503$(2) 2009-06-28 19:15:10 ----DC---- C:\WINDOWS\$NtUninstallKB961501$(2) 2009-06-28 19:15:02 ----DC---- C:\WINDOWS\$NtUninstallKB961373$(2) 2009-06-28 19:14:42 ----DC---- C:\WINDOWS\$NtUninstallKB961118$(2) 2009-06-28 19:14:34 ----DC---- C:\WINDOWS\$NtUninstallKB960803$(2) 2009-06-28 19:14:24 ----DC---- C:\WINDOWS\$NtUninstallKB960225$(2) 2009-06-28 19:14:16 ----DC---- C:\WINDOWS\$NtUninstallKB959426$(2) 2009-06-28 19:14:06 ----DC---- C:\WINDOWS\$NtUninstallKB958687$(2) 2009-06-28 19:13:59 ----DC---- C:\WINDOWS\$NtUninstallKB958644$(2) 2009-06-28 19:13:51 ----DC---- C:\WINDOWS\$NtUninstallKB957097$(2) 2009-06-28 19:13:38 ----DC---- C:\WINDOWS\$NtUninstallKB956803$(2) 2009-06-28 19:13:29 ----DC---- C:\WINDOWS\$NtUninstallKB956802$(2) 2009-06-28 19:13:17 ----DC---- C:\WINDOWS\$NtUninstallKB956572$(2) 2009-06-28 19:13:04 ----DC---- C:\WINDOWS\$NtUninstallKB955069$(2) 2009-06-28 19:12:55 ----DC---- C:\WINDOWS\$NtUninstallKB954600$(2) 2009-06-28 19:12:44 ----DC---- C:\WINDOWS\$NtUninstallKB952954$(2) 2009-06-28 19:12:34 ----DC---- C:\WINDOWS\$NtUninstallKB952287$(2) 2009-06-28 19:12:24 ----DC---- C:\WINDOWS\$NtUninstallKB952004$(2) 2009-06-28 19:12:14 ----DC---- C:\WINDOWS\$NtUninstallKB951748$(2) 2009-06-28 19:12:06 ----DC---- C:\WINDOWS\$NtUninstallKB951698$(2) 2009-06-28 19:11:57 ----DC---- C:\WINDOWS\$NtUninstallKB951376-v2$(2) 2009-06-28 19:11:47 ----DC---- C:\WINDOWS\$NtUninstallKB951066$(2) 2009-06-28 19:11:40 ----DC---- C:\WINDOWS\$NtUninstallKB950974$(2) 2009-06-28 19:11:33 ----DC---- C:\WINDOWS\$NtUninstallKB950762$(2) 2009-06-28 19:11:21 ----DC---- C:\WINDOWS\$NtUninstallKB946648$(2) 2009-06-28 19:11:13 ----DC---- C:\WINDOWS\$NtUninstallKB938464-v2$(2) 2009-06-28 19:11:05 ----DC---- C:\WINDOWS\$NtUninstallKB923561$(2) 2009-06-28 19:05:27 ----D---- C:\WINDOWS\ServicePackFiles(2) 2009-06-28 18:59:38 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2009-06-28 18:19:08 ----DC---- C:\WINDOWS\$NtUninstallKB938464-v2$ 2009-06-28 18:18:57 ----DC---- C:\WINDOWS\$NtUninstallKB925720$ 2009-06-27 11:30:09 ----D---- C:\Rooter$ 2009-06-27 10:37:52 ----D---- C:\Documents and Settings\Compaq_Ägaren\Application Data\Malwarebytes 2009-06-27 10:37:39 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-06-27 10:36:40 ----D---- C:\Program\Malwarebytes' Anti-Malware 2009-06-27 10:13:03 ----D---- C:\WINDOWS\ERDNT 2009-06-27 10:11:04 ----D---- C:\Program\ERUNT 2009-06-22 15:52:57 ----D---- C:\Valve 2009-06-16 09:07:38 ----D---- C:\Program\Delade filer\ParetoLogic 2009-06-16 07:31:27 ----A---- C:\WINDOWS\system32\javaws.exe 2009-06-16 07:31:27 ----A---- C:\WINDOWS\system32\javaw.exe 2009-06-16 07:31:27 ----A---- C:\WINDOWS\system32\java.exe 2009-06-16 07:30:35 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee 2009-06-15 20:16:43 ----SHD---- C:\found.000 2009-06-15 20:04:14 ----D---- C:\Program\Apple Software Update 2009-06-15 20:04:14 ----D---- C:\Documents and Settings\All Users\Application Data\Apple 2009-06-15 12:37:19 ----HD---- C:\WINDOWS\system32\win 2009-06-15 12:11:45 ----A---- C:\WINDOWS\fishing_beta_0.1.3i.exe 2009-06-12 06:19:21 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ 2009-06-12 06:19:11 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$ 2009-06-12 06:16:38 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2009-06-12 06:16:28 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$ 2009-06-11 18:46:15 ----D---- C:\Program\YouTube Downloader 2009-06-10 10:04:17 ----HDC---- C:\Documents and Settings\All Users\Application Data\{A613CA96-150A-4A1D-90CE-67F81379DF8C} ======List of files/folders modified in the last 1 months====== 2009-07-02 09:37:54 ----D---- C:\WINDOWS\Temp 2009-07-02 09:36:40 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2009-07-02 07:51:18 ----RD---- C:\Program 2009-07-02 02:08:03 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-07-01 22:18:31 ----A---- C:\WINDOWS\NeroDigital.ini 2009-07-01 20:36:33 ----D---- C:\Documents and Settings\Compaq_Ägaren\Application Data\Adobe 2009-07-01 18:06:29 ----D---- C:\WINDOWS\system32\CatRoot2 2009-07-01 06:48:46 ----D---- C:\WINDOWS\system32\CatRoot 2009-07-01 06:44:07 ----SHD---- C:\WINDOWS\Installer 2009-07-01 06:44:06 ----HD---- C:\Config.Msi 2009-07-01 06:43:05 ----D---- C:\Program\Delade filer\Wise Installation Wizard 2009-06-30 23:04:11 ----D---- C:\WINDOWS 2009-06-30 23:03:43 ----D---- C:\WINDOWS\system32 2009-06-30 19:24:00 ----D---- C:\Program\Cheat Engine 2009-06-30 11:10:48 ----D---- C:\Program\Mozilla Firefox 2009-06-28 20:19:22 ----RSHD---- C:\WINDOWS\system32\dllcache 2009-06-28 20:19:22 ----HD---- C:\WINDOWS\inf 2009-06-28 20:19:22 ----D---- C:\WINDOWS\Media 2009-06-28 20:19:22 ----D---- C:\WINDOWS\Help 2009-06-28 20:19:22 ----D---- C:\Program\Internet Explorer 2009-06-28 20:17:23 ----HD---- C:\WINDOWS\$hf_mig$ 2009-06-28 20:16:07 ----A---- C:\WINDOWS\imsins.BAK 2009-06-28 20:15:48 ----D---- C:\WINDOWS\system32\en-us 2009-06-28 19:37:59 ----D---- C:\WINDOWS\system32\config 2009-06-28 19:37:45 ----D---- C:\WINDOWS\system32\wbem 2009-06-28 19:37:44 ----D---- C:\WINDOWS\Registration 2009-06-28 19:37:10 ----D---- C:\WINDOWS\system32\drivers 2009-06-28 19:36:57 ----D---- C:\Program\Messenger 2009-06-28 19:35:07 ----D---- C:\WINDOWS\system32\bits 2009-06-28 19:35:05 ----D---- C:\WINDOWS\system32\usmt 2009-06-28 19:35:05 ----D---- C:\WINDOWS\system32\sv 2009-06-28 19:35:04 ----D---- C:\WINDOWS\AppPatch 2009-06-28 19:34:53 ----D---- C:\Program\Delade filer\System 2009-06-28 19:34:52 ----D---- C:\Program\Movie Maker 2009-06-28 19:34:51 ----D---- C:\Program\Outlook Express 2009-06-28 19:34:51 ----D---- C:\Program\NetMeeting 2009-06-28 19:34:50 ----D---- C:\Program\Windows Media Player 2009-06-28 19:34:49 ----D---- C:\Program\Windows NT 2009-06-28 19:34:48 ----D---- C:\WINDOWS\ime 2009-06-28 19:34:45 ----D---- C:\WINDOWS\msagent 2009-06-28 19:34:44 ----D---- C:\WINDOWS\system 2009-06-28 19:34:44 ----D---- C:\WINDOWS\srchasst 2009-06-28 19:34:44 ----D---- C:\WINDOWS\PeerNet 2009-06-28 19:34:44 ----D---- C:\WINDOWS\network diagnostic 2009-06-28 19:34:12 ----D---- C:\WINDOWS\system32\Com 2009-06-28 19:33:52 ----D---- C:\WINDOWS\system32\npp 2009-06-28 19:33:51 ----D---- C:\WINDOWS\system32\Setup 2009-06-28 19:33:51 ----D---- C:\WINDOWS\system32\Restore 2009-06-28 19:33:51 ----D---- C:\WINDOWS\system32\oobe 2009-06-28 19:33:48 ----D---- C:\WINDOWS\WinSxS 2009-06-28 19:33:41 ----RSD---- C:\WINDOWS\Fonts 2009-06-28 19:33:28 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2009-06-28 19:33:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2009-06-28 19:33:24 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2009-06-28 19:33:22 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2009-06-28 19:33:20 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2009-06-28 19:33:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2009-06-28 19:33:11 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2009-06-28 19:33:08 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ 2009-06-28 19:33:07 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2009-06-28 19:33:04 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2009-06-28 19:32:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2009-06-28 19:32:53 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2009-06-28 19:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2009-06-28 19:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$ 2009-06-28 19:32:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2009-06-28 19:32:47 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$ 2009-06-28 19:32:45 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2009-06-28 19:31:53 ----D---- C:\WINDOWS\EHome 2009-06-28 19:31:49 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-06-28 19:19:17 ----A---- C:\WINDOWS\setuplog.txt 2009-06-28 19:16:57 ----D---- C:\WINDOWS\security 2009-06-28 19:07:26 ----D---- C:\WINDOWS\system32\sv-se 2009-06-28 19:07:25 ----D---- C:\WINDOWS\l2schemas 2009-06-28 17:49:47 ----SD---- C:\WINDOWS\Tasks 2009-06-28 17:09:06 ----D---- C:\WINDOWS\ie8updates 2009-06-27 16:47:04 ----D---- C:\Program\Condition Zero 2009-06-27 16:29:02 ----D---- C:\Documents and Settings\Compaq_Ägaren\Application Data\Azureus 2009-06-27 13:31:35 ----D---- C:\WINDOWS\Microsoft.NET 2009-06-27 11:22:17 ----D---- C:\WINDOWS\nview 2009-06-27 09:40:15 ----RASH---- C:\boot.ini 2009-06-27 09:40:15 ----A---- C:\WINDOWS\win.ini 2009-06-27 09:40:15 ----A---- C:\WINDOWS\system.ini 2009-06-25 13:31:03 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll 2009-06-22 09:16:27 ----D---- C:\Program\Metin2_UK 2009-06-20 11:29:27 ----D---- C:\WINDOWS\system32\Macromed 2009-06-20 11:05:32 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-06-16 09:07:38 ----D---- C:\Program\Delade filer 2009-06-16 07:31:24 ----D---- C:\Program\Java 2009-06-16 07:22:06 ----D---- C:\Program\7-Zip 2009-06-16 07:19:51 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2009-06-16 07:19:47 ----RSD---- C:\WINDOWS\assembly 2009-06-16 07:18:23 ----D---- C:\Program\Delade filer\Microsoft Shared 2009-06-16 07:18:06 ----D---- C:\Program\Microsoft Works 2009-06-15 20:05:18 ----D---- C:\Program\Bonjour 2009-06-10 10:17:59 ----D---- C:\Documents and Settings\All Users\Application Data\DriverScanner 2009-06-07 17:55:06 ----D---- C:\Program\Topaz Labs 2009-06-07 17:45:00 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-06-06 13:03:30 ----D---- C:\Program\Super_YouTube_Downloader 2009-06-05 19:15:12 ----D---- C:\Program\AutoCAD 2008 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Intel-processordrivrutin; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40320] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-02-04 213520] R1 SASDIFSV;SASDIFSV; \??\C:\Program\SUPERAntiSpyware\SASDIFSV.SYS [] R1 SASKUTIL;SASKUTIL; \??\C:\Program\SUPERAntiSpyware\SASKUTIL.sys [] R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-03-14 46652] R3 HDAudBus;Microsoft UAA-bussdrivrutin för High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Microsoft HID-klassdrivrutin; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-12-26 4968448] R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-03-25 24592] R3 mouhid;HID-drivrutin för mus; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-06 12160] R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2008-06-09 18504] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-08-28 6811168] R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2008-06-10 31048] R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2002-07-29 23808] R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-10-30 117120] R3 smbusp;Intel® SMBus 2.0 Driver; C:\WINDOWS\system32\DRIVERS\intelsmb.sys [2006-12-28 45184] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;USB2-aktiverat nav; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 USBSTOR;Drivrutin för USB-masslagringsenheter; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S1 appdrv01;Application Driver (01); C:\WINDOWS\System32\Drivers\appdrv01.sys [] S3 a1d1n3ay;a1d1n3ay; C:\WINDOWS\system32\drivers\a1d1n3ay.sys [] S3 affxjo7h;affxjo7h; C:\WINDOWS\system32\drivers\affxjo7h.sys [] S3 Arp1394;1394 ARP-klientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\E:\INSTAL~E\Core\BVRPMPR5.SYS [] S3 CCDECODE;Avkodare för dold textning; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 HdAudAddService;Microsoft UAA-funktionsdrivrutin för High Definition Audio-tjänst; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-18 113664] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-08-08 101120] S3 jnv4_mib;jnv4_mib; \??\C:\DOCUME~1\COMPAQ~1\LOKALA~1\Temp\jnv4_mib.sys [] S3 ltmodem5;LT Modem Driver; C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys [2004-08-04 606812] S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [] S3 MSTEE;Tee/Sink-to-Sink-konverterare för Microsoft-direktuppspelning; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Microsoft TV/Video-anslutning; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] S3 PD0620VID;Creative WebCam Instant; C:\WINDOWS\system32\DRIVERS\P0620Vid.sys [2004-07-29 91577] S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992] S3 s3117bus;Sony Ericsson Device 3117 driver (WDM); C:\WINDOWS\system32\DRIVERS\s3117bus.sys [2008-05-12 90408] S3 s3117mdfl;Sony Ericsson Device 3117 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s3117mdfl.sys [2008-05-12 15016] S3 s3117mdm;Sony Ericsson Device 3117 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s3117mdm.sys [2008-05-12 122024] S3 s3117mgmt;Sony Ericsson Device 3117 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s3117mgmt.sys [2008-05-12 115368] S3 s3117nd5;Sony Ericsson Device 3117 USB Ethernet Emulation SEMC3117 (NDIS); C:\WINDOWS\system32\DRIVERS\s3117nd5.sys [2008-05-12 25768] S3 s3117obex;Sony Ericsson Device 3117 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s3117obex.sys [2008-05-12 111784] S3 s3117unic;Sony Ericsson Device 3117 USB Ethernet Emulation SEMC3117 (WDM); C:\WINDOWS\system32\DRIVERS\s3117unic.sys [2008-05-12 117544] S3 SASENUM;SASENUM; \??\C:\Program\SUPERAntiSpyware\SASENUM.SYS [] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [] S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Microsoft USB-skrivarklass; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Drivrutin för USB-skanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Teletext-codec för världsstandard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe [2008-05-02 85096] R2 AVP;Kaspersky Internet Security; C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-02-04 201992] R2 Bonjour Service;Bonjour-tjänst; C:\Program\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 IviRegMgr;IviRegMgr; C:\Program\Delade filer\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152] R2 JavaQuickStarterService;Java Quick Starter; C:\Program\Java\jre6\bin\jqs.exe [2009-05-21 152984] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-08-28 155716] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\WINDOWS\System32\appdrvrem01.exe [2008-09-11 304528] S2 mi-raysat_3dsmax9_32;mental ray 3.5 Satellite (32-bit); C:\Program\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe [] S3 aspnet_state;ASP.NET tillståndstjänst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-05-01 654848] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 NBService;NBService; C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040] S3 NMIndexingService;NMIndexingService; C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848] S3 odserv;Microsoft Office Diagnostics Service; C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536] S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program\Windows Media Player\WMPNetwk.exe [2006-11-15 912384] S4 NetTcpPortSharing;Net.Tcp - portdelningstjänst; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- info.txt:* info.txt logfile of random's system information tool 1.06 2009-07-02 07:51:41 ======Uninstall list====== -->"C:\Program\InstallShield Installation Information\{F37167DD-4436-4641-90B6-329D60632DDA}\Setup.exe" REMOVEALL --u:{F37167DD-4436-4641-90B6-329D60632DDA} -->C:\Program\DivX\DivXConverterUninstall.exe /CONVERTER -->C:\Program\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\IsUn041d.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->MsiExec /X{74224F8D-4A17-4816-9EDB-7BB854DE532C} -->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057} -->RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{363435F2-7426-11D8-9966-00A0C9663221}\setup.exe" -l0x9 -->RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x9 -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 3dsmax ancillary install-->MsiExec.exe /I{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C} 7-Zip 4.65-->"C:\Program\7-Zip\Uninstall.exe" ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07} AC3Filter (remove only)-->C:\Program\AC3Filter\uninstall.exe Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E} Adobe Color Common Settings-->C:\Program\Delade filer\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF} Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8} Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe ExtendScript Toolkit 2-->C:\Program\Delade filer\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop CS3-->C:\Program\Delade filer\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05} Adobe Reader 7.1.3 - Svenska-->MsiExec.exe /I{AC76BA86-7AD7-1053-7B44-A71000000002} Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1} Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D} Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462} Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} Advantage Data Architect v7.1-->MsiExec.exe /I{D3AE160E-C459-4EB1-9922-169F1D5119EF} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} ASAPI Update-->C:\WINDOWS\IsUninst.exe -f"C:\Program\VOB\ASAPI Update\ASAPI.isu" AutoCAD 2008 - English SP1-->Msiexec.exe /uninstall {1C500B62-B044-4216-8011-604640F4F925} /package {5783F2D7-6001-0409-0002-0060B0CE6BBA} /qb AutoCAD 2008 - English-->C:\Program\AutoCAD 2008\Setup\Setup.exe /P {5783F2D7-6001-0409-0002-0060B0CE6BBA} /M ACAD Autodesk DWF Viewer 7-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057} Avanquest update-->C:\Program\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\setup.exe -runfromtemp -l0x001d -removeonly Azureus-->C:\Program\Azureus\Uninstall.exe BankID säkerhetsprogram 4.9.3-->"C:\Program\Personal\bin\persinst.exe" -u Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} Camera RAW Plug-In for EPSON Creativity Suite-->RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{42EDF895-158C-484E-A7F2-42B90759F281}\SETUP.EXE" -l0x9 UNINST Cheat Engine 5.5-->"C:\Program\Cheat Engine\unins000.exe" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Combined Community Codec Pack 2008-09-21 16:18-->"C:\Program\Combined Community Codec Pack\unins000.exe" Condition Zero 3-->C:\WINDOWS\iun6002.exe "C:\Program\Condition Zero\irunin.ini" Counter-Strike: Condition Zero-->C:\Valve\CONDIT~1\UNWISE.EXE C:\Valve\CONDIT~1\INSTALL.LOG Creative WebCam Center-->RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{363435F2-7426-11D8-9966-00A0C9663221}\setup.exe" -l0x9 /remove Creative WebCam Instant Driver (1.01.02.0729)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script PD0620.uns -unsext NT -plugin P0620Pin.dll -pluginres P0620Pin.crl DivX Converter-->C:\Program\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program\DivX\DivXPlayerUninstall.exe /PLAYER DriverAgent by TouchStone Software-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove DVD Shrink 3.2-->"C:\Program\DVD Shrink\unins000.exe" Easy GIF Animator 4.8-->"C:\Program\Easy GIF Animator\unins000.exe" Enemy Territory - QUAKE Wars™ 1.1 Patch-->C:\Program\InstallShield Installation Information\{0C5D0DC4-F5D3-46F9-AE2E-E45C99B4A6B6}\setup.exe -runfromtemp -l0x0409 EPSON Easy Photo Print-->RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}\SETUP.EXE" -l0x9 UNINST EPSON File Manager-->RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{46CBBDF8-55B5-40DB-B459-7B848394309C}\Setup.exe" -l0x9 UNINST EPSON Scan Assistant-->RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x9 -u EPSON Scan-->C:\Program\epson\escndv\setup\setup.exe /r EPSON Stylus SX200_SX400_TX200_TX400 Handbok-->C:\Program\EPSON\TPMANUAL\ES_SX_TX\SWE\USE_G\DOCUNINS.EXE EPSON Stylus SX400 Series Printer Uninstall-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FINSEGE.EXE /R /APD /P:"EPSON Stylus SX400 Series" ERUNT 1.1j-->C:\Program\ERUNT\unins000.exe EVEREST Ultimate v4.20.1257 + Corporate Edition Beta Registered-->"C:\Program\Lavalys\EVEREST Corporate + Ultimate Edition\unins000.exe" High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe HijackThis 2.0.2-->"C:\Program\trend micro\HijackThis.exe" /uninstall Hogs Of War-->C:\WINDOWS\IsUninst.exe -fj:\hogs\uninst.isu Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Huawei Modems-->C:\WINDOWS\Huawei ModemsUninstall.exe InterVideo WinDVD 8-->C:\Program\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x041d J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000} Java™ 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF} Java™ 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55} Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55} KBD-->C:\HP\KBD\KBD.EXE uninstalled Malwarebytes' Anti-Malware-->"C:\Program\Malwarebytes' Anti-Malware\unins001.exe" Messenger Plus! Live-->"C:\Program\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1 Swedish Language Pack-->MsiExec.exe /X{992A2DB1-4ABC-4738-BD71-045C5FFE00D1} Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - SVE-->MsiExec.exe /I{77701BFD-3A86-34B0-A9EC-0D7440C6D8AF} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - SVE-->MsiExec.exe /I{AA8CF3BD-6717-3B70-83BF-377426410A66} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 Language Pack SP1 - sve-->MsiExec.exe /I{7D7152AF-581B-316F-8CA4-15342C3EFA4B} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{20DEB77C-21D6-4D22-BB47-233E47613D57} Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office 2003 Web Components-->MsiExec.exe /I{90120000-00A4-041D-0000-0000000FF1CE} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-041D-0000-0000000FF1CE} /uninstall {1AEE207F-E4DC-4A6C-9ACD-D1218F08B442} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-041D-0000-0000000FF1CE} /uninstall {1AEE207F-E4DC-4A6C-9ACD-D1218F08B442} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-041D-0000-0000000FF1CE} /uninstall {1AEE207F-E4DC-4A6C-9ACD-D1218F08B442} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-041D-0000-0000000FF1CE} /uninstall {1AEE207F-E4DC-4A6C-9ACD-D1218F08B442} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-041D-0000-0000000FF1CE} /uninstall {1AEE207F-E4DC-4A6C-9ACD-D1218F08B442} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-041D-0000-0000000FF1CE} /uninstall {1AEE207F-E4DC-4A6C-9ACD-D1218F08B442} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-041D-0000-0000000FF1CE} /uninstall {1AEE207F-E4DC-4A6C-9ACD-D1218F08B442} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-041D-0000-0000000FF1CE} /uninstall {8C2A0B2D-382B-428C-9E8D-247D31B22201} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-041D-0000-0000000FF1CE} /uninstall {1AEE207F-E4DC-4A6C-9ACD-D1218F08B442} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-041D-0000-0000000FF1CE} /uninstall {1AEE207F-E4DC-4A6C-9ACD-D1218F08B442} Microsoft Office Access MUI (Swedish) 2007-->MsiExec.exe /X{90120000-0015-041D-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program\Delade filer\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (Swedish) 2007-->MsiExec.exe /X{90120000-0016-041D-0000-0000000FF1CE} Microsoft Office Groove MUI (Swedish) 2007-->MsiExec.exe /X{90120000-00BA-041D-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Swedish) 2007-->MsiExec.exe /X{90120000-0044-041D-0000-0000000FF1CE} Microsoft Office OneNote MUI (Swedish) 2007-->MsiExec.exe /X{90120000-00A1-041D-0000-0000000FF1CE} Microsoft Office Outlook MUI (Swedish) 2007-->MsiExec.exe /X{90120000-001A-041D-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Swedish) 2007-->MsiExec.exe /X{90120000-0018-041D-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (Finnish) 2007-->MsiExec.exe /X{90120000-001F-040B-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Swedish) 2007-->MsiExec.exe /X{90120000-001F-041D-0000-0000000FF1CE} Microsoft Office Proofing (Swedish) 2007-->MsiExec.exe /X{90120000-002C-041D-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040B-0000-0000000FF1CE} /uninstall {8C00DF3E-E8BD-4C6A-B86F-0135E11DAF1C} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041D-0000-0000000FF1CE} /uninstall {43722AA8-ACEA-4F54-9B83-2467D376EF8A} Microsoft Office Publisher MUI (Swedish) 2007-->MsiExec.exe /X{90120000-0019-041D-0000-0000000FF1CE} Microsoft Office Shared MUI (Swedish) 2007-->MsiExec.exe /X{90120000-006E-041D-0000-0000000FF1CE} Microsoft Office Word MUI (Swedish) 2007-->MsiExec.exe /X{90120000-001B-041D-0000-0000000FF1CE} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mozilla Firefox (3.0.11)-->C:\Program\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} Nero 7 Premium-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301053} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI NVIDIA PhysX v8.04.25-->MsiExec.exe /X{74224F8D-4A17-4816-9EDB-7BB854DE532C} OGA Notifier 1.7.0105.35.0-->MsiExec.exe /I{DB427EF6-F13E-4AA6-9D40-5D962394774F} Pando Media Booster-->C:\Program\Pando Networks\Media Booster\uninst.exe PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} POD-Bot 2.5-->C:\WINDOWS\unvise32.exe c:\program\azureus\nedladdat\games\condition zero\123\cstrike\poduninst.log Portable MP3 Player-->RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{20B5E4D0-6DFE-4D5F-B96F-C3B91F272B2D}\SETUP.EXE" -l0x9 PowerISO-->"C:\Program\PowerISO\uninstall.exe" ProxySwitcher Standard-->"C:\Program\Proxy Switcher Standard\unins000.exe" PS2-->C:\WINDOWS\system32\ps2.exe uninstall Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log" Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709 Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Snabbkorrigering för Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Snabbkorrigering för Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Snabbkorrigering för Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Snabbkorrigering för Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Sony Ericsson PC Suite 3.209.00-->C:\Program\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\Setup.exe -runfromtemp -l0x001d -removeonly Språkpaket för Microsoft .NET Framework 3.5 SP 1 - sve-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - sve\setup.exe Steinberg WaveLab 5.00a-->C:\Program\STEINB~1\WaveLab\UNWISE.EXE C:\Program\STEINB~1\WaveLab\INSTALL.LOG SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} System Requirements Lab-->C:\Program\SystemRequirementsLab\Uninstall.exe Säkerhetsuppdatering för Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Säkerhetsuppdatering för Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Tibia-->"C:\Documents and Settings\Compaq_Ägaren\Skrivbord\Games\Tibia\loader\loader\Tibia Clients\Tibia 8.41\unins000.exe" Tillägg för Hjälp- och support-->WScript.exe C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\eHelpSetup.jse eHelpUninstall Topaz Adjust 3-->MsiExec.exe /I{5E684419-44E3-46EE-A43C-A60082CBF4EC} Topaz Vivacity-->MsiExec.exe /I{B5F8FCE2-1677-4370-A857-4976E5A95209} Trafikskolan TEO 2009-->MsiExec.exe /I{96DABE26-CA86-4E13-B38F-FA92564FF855} Uniblue DriverScanner 2009-->"C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\DriverScanner_Setup.exe" REMOVE=TRUE MODIFY=FALSE Uniblue DriverScanner 2009-->C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\DriverScanner_Setup.exe Uniblue RegistryBooster 2009-->"C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\Uniblue RegistryBooster.exe" REMOVE=TRUE MODIFY=FALSE Uniblue RegistryBooster 2009-->C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\Uniblue RegistryBooster.exe Uniblue SpeedUpMyPC 2009-->"C:\Documents and Settings\All Users\Application Data\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\speedupmypc2009.exe" REMOVE=TRUE MODIFY=FALSE Uniblue SpeedUpMyPC 2009-->C:\Documents and Settings\All Users\Application Data\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\speedupmypc2009.exe Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft Office Outlook 2007 (KB969907)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {74F98B24-AFBD-4800-9BD6-87D349B5C462} Update for Outlook 2007 Junk Email Filter (kb970012)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {DC4A962B-9EC2-469C-BC9C-87312ADAEE81} Uppdatering för Windows Internet Explorer 8 (KB969497)-->"C:\WINDOWS\ie8updates\KB969497-IE8\spuninst\spuninst.exe" Uppdatering för Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe" Uppdatering för Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Uppdatering för Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Uppdatering för Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Uppdatering för Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Uppdatering för Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027} VideoLAN VLC media player 0.8.6i-->C:\Program\VideoLAN\VLC\uninstall.exe Viktig uppdatering för Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Essentials-->C:\Program\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{420DADC7-0E52-48F2-81EE-7BCF663815E0} Windows Live inloggningsassistenten-->MsiExec.exe /I{0E93710D-31E5-477C-8A4B-5032B484BE74} Windows Live Messenger-->MsiExec.exe /X{FCEA59CC-5A80-4680-9F7F-6E75174E884C} Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Windows Media Format 11 runtime-->"C:\Program\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\Program\Windows Media Player\Setup_wm.exe" /Uninstall Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinRAR archiver-->C:\Program\WinRAR\uninstall.exe XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" Xvid 1.1.3 final uninstall-->"C:\Program\Xvid\unins000.exe" Zero Assumption Recovery Version 8.4-->"J:\ZAR\unins000.exe" Zoo Tycoon 2-->"C:\Program\Microsoft Games\Zoo Tycoon 2\UNINSTAL.EXE" /runtemp /uninstall ======Security center information====== AV: Kaspersky Internet Security FW: Kaspersky Internet Security ======System event log====== Computer Name: IVAN Event Code: 7023 Message: Tjänsten Application Management avbröts med följande fel: Det går inte att hitta den angivna modulen. Record Number: 38636 Source Name: Service Control Manager Time Written: 20090616074530.000000+120 Event Type: Fel User: Computer Name: IVAN Event Code: 7023 Message: Tjänsten Application Management avbröts med följande fel: Det går inte att hitta den angivna modulen. Record Number: 38633 Source Name: Service Control Manager Time Written: 20090616074530.000000+120 Event Type: Fel User: Computer Name: IVAN Event Code: 7023 Message: Tjänsten Application Management avbröts med följande fel: Det går inte att hitta den angivna modulen. Record Number: 38630 Source Name: Service Control Manager Time Written: 20090616074530.000000+120 Event Type: Fel User: Computer Name: IVAN Event Code: 7023 Message: Tjänsten Application Management avbröts med följande fel: Det går inte att hitta den angivna modulen. Record Number: 38626 Source Name: Service Control Manager Time Written: 20090616074529.000000+120 Event Type: Fel User: Computer Name: IVAN Event Code: 7026 Message: Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: appdrv01 Record Number: 38600 Source Name: Service Control Manager Time Written: 20090616072231.000000+120 Event Type: Fel User: =====Application event log===== Computer Name: IVAN Event Code: 1002 Message: Stoppat program iexplore.exe, version 7.0.6000.16762, stoppad modul hungapp, version 0.0.0.0, stoppad adress 0x00000000. Record Number: 10444 Source Name: Application Hang Time Written: 20081228222051.000000+060 Event Type: Fel User: Computer Name: IVAN Event Code: 12001 Message: Record Number: 10428 Source Name: usnjsvc Time Written: 20081228130634.000000+060 Event Type: User: Computer Name: IVAN Event Code: 12001 Message: Record Number: 10402 Source Name: usnjsvc Time Written: 20081227154755.000000+060 Event Type: User: Computer Name: IVAN Event Code: 1002 Message: Stoppat program RA3.exe, version 1.0.0.0, stoppad modul hungapp, version 0.0.0.0, stoppad adress 0x00000000. Record Number: 10394 Source Name: Application Hang Time Written: 20081227095502.000000+060 Event Type: Fel User: Computer Name: IVAN Event Code: 12001 Message: Record Number: 10382 Source Name: usnjsvc Time Written: 20081226173303.000000+060 Event Type: User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program\Delade filer\Autodesk Shared\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel "PROCESSOR_REVISION"=0401 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF-----------------

SpySentinel View Member Profile	Jul 3 2009, 04:59 PM Post #8
Trusted Helper Posts: 3,952 From: The United States OS: Windows XP SP3 & Windows Vista SP1	Hi Jetkokos, Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present): Java™ 6 Update 5 Java™ 6 Update 7 J2SE Runtime Environment 5.0 Your Adobe Acrobat Reader is out of date. Older versions are vulnerable to attack. Please go to the link below to update. http://www.adobe.com/products/acrobat/readstep2.html

Jetkokos View Member Profile	Jul 4 2009, 02:34 AM Post #9
Member Posts: 13 OS: Win XP	Good morning All of them were present and removed successfully, the update went well. Also, I wonder what to do with SUPERAntiSpyware, MBAM and all these programs I installed here, will they interfere with Kaspersky? And is Kaspersky any good at all?

SpySentinel View Member Profile	Jul 5 2009, 12:54 PM Post #10
Trusted Helper Posts: 3,952 From: The United States OS: Windows XP SP3 & Windows Vista SP1	Hi Jetkokos, SUPERAntiSpyware and MBAM are great to keep because they are free AntiSpyware Scanners. As for the other tools, they will be rmeoved once you are clean. How is your computer running?

Jetkokos View Member Profile	Jul 6 2009, 02:32 AM Post #11
Member Posts: 13 OS: Win XP	Hello SpySentinel It's running rather good, startup takes less time. Almost no freezes, except now and then when running IE8. Took me two minutes to access this forum, for example. Other than that I think it's as good as it was years ago when I bought it; many thanks to you. edit; scanned with Kaspersky now, and it found for the 6th time Trojan.Win32.Vapsup.uem in C:\System Volume Information\_restore{7FA95762-7F57-4B6D-9078-2FB5ACF8DBFA}\RP427\A0147869.exe C:\System Volume Information\_restore{7FA95762-7F57-4B6D-9078-2FB5ACF8DBFA}\RP336\A0102679.exe Do I still have something on my computer or is it just a false positive? This post has been edited by Jetkokos: Jul 6 2009, 01:37 PM

SpySentinel View Member Profile	Jul 6 2009, 08:02 PM Post #12
Trusted Helper Posts: 3,952 From: The United States OS: Windows XP SP3 & Windows Vista SP1	Those threats are found in the systems restore which we will be dealing with once you are clean, so no worries there. I would like to see one more log. Please download VundoFix.exe to your desktop Double-click VundoFix.exe to run it. Click the Scan for Vundo button. Once it's done scanning, click the Remove Vundo button. You will receive a prompt asking if you want to remove the files, click YES Once you click yes, your desktop will go blank as it starts removing Vundo. When completed, it will prompt that it will reboot your computer, click OK. Please post the contents of C:\vundofix.txt and a new HiJackThis log in a reply to this thread. Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting. Disable resident protections (Antivirus...); you'll re-enable them after the scan Download Lop S&D < here Double-click Lop S&D.exe Choose the language, then choose Option 1 (Search) Wait till the end of the scan Post the log which is created: (%SystemDrive%\lopR.txt)

Jetkokos View Member Profile	Jul 7 2009, 01:13 AM Post #13
Member Posts: 13 OS: Win XP	Hello, here they are. VundoFix V7.0.6 Scan started at 08:43:25 2009-07-07 Listing files found while scanning.... No infected files were found. --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 2.93GHz ) BIOS : BIOS Date: 01/23/06 20:09:06 Ver: 08.00.10 USER : Compaq_Ägaren ( Administrator ) BOOT : Normal boot Antivirus : Kaspersky Internet Security 8.0.0.357 (Not Activated) Firewall : Kaspersky Internet Security 8.0.0.357 (Not Activated) C:\ (Local Disk) - NTFS - Total:143 Go (Free:93 Go) D:\ (Local Disk) - FAT32 - Total:5 Go (Free:2 Go) E:\ (CD or DVD) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (USB) "C:\Lop SD" ( MAJ : 19-12-2008\|23:40 ) Option : [1] ( 2009-07-07\| 8:55 ) --------------------\\ Listing folders in APPLIC~1 [2009-06-10\|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{A613CA96-150A-4A1D-90CE-67F81379DF8C} [2008-12-12\|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} [2008-12-12\|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{D5ABFFAD-D592-4F98-B02B-587125B4801F} [2009-07-04\|08:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [2009-01-29\|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [2009-06-15\|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [2008-08-30\|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [2009-02-28\|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk [2008-04-30\|07:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus [2008-12-29\|20:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Birdstep Technology [2009-01-08\|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software [2008-05-09\|16:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Pro [2009-06-10\|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner [2009-03-14\|08:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [2008-12-15\|22:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON [2008-05-01\|09:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet [2005-01-02\|04:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [2009-07-07\|05:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab [2008-09-25\|07:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files [2009-06-27\|10:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [2009-06-16\|07:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee [2008-11-03\|19:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [2009-01-10\|11:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [2009-03-18\|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games [2009-06-16\|07:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [2008-08-30\|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero [2009-07-04\|08:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS [2009-05-10\|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [2009-02-26\|11:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage [2008-08-29\|23:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle [2009-05-10\|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PMB Files [2008-04-28\|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [2005-01-02\|04:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [2009-05-10\|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SecTaskMan [2009-01-09\|17:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [2009-01-08\|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson [2009-07-01\|06:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com [2008-04-27\|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [2009-06-07\|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [2008-05-10\|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft [2008-12-15\|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL [2008-05-07\|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [2008-11-20\|08:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip [2008-06-02\|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VirtualDecor [2008-12-18\|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [0\|fil(er)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\byte [47\|katalog(er)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\byte ledigt [2009-07-05\|11:36] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Adobe [2009-02-09\|21:49] C:\DOCUME~1\COMPAQ~1\APPLIC~1\AdobeUM [2009-01-31\|12:25] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Ahead [2005-01-02\|04:24] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Apple Computer [2009-02-28\|14:01] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Autodesk [2009-06-27\|16:29] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Azureus [2008-12-07\|10:43] C:\DOCUME~1\COMPAQ~1\APPLIC~1\BitZipper [2008-09-01\|18:34] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Command & Conquer 3 Kane's Wrath [2009-01-02\|15:43] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Copax [2008-10-10\|22:52] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Creative [2008-05-10\|19:33] C:\DOCUME~1\COMPAQ~1\APPLIC~1\DAEMON Tools [2008-05-08\|19:46] C:\DOCUME~1\COMPAQ~1\APPLIC~1\DAEMON Tools Pro [2008-12-06\|12:27] C:\DOCUME~1\COMPAQ~1\APPLIC~1\DivX [2008-11-30\|20:09] C:\DOCUME~1\COMPAQ~1\APPLIC~1\dvdcss [2009-04-08\|10:17] C:\DOCUME~1\COMPAQ~1\APPLIC~1\GetRightToGo [2008-10-02\|17:44] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Google [2004-11-29\|18:37] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Identities [2008-12-15\|22:09] C:\DOCUME~1\COMPAQ~1\APPLIC~1\InstallShield [2008-08-30\|12:08] C:\DOCUME~1\COMPAQ~1\APPLIC~1\InterVideo [2008-05-12\|07:26] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Leadertech [2008-08-24\|21:19] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Macromedia [2009-06-27\|10:37] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Malwarebytes [2008-12-05\|18:42] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Microsoft [2009-03-18\|10:10] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Microsoft Games [2008-04-28\|16:05] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Mozilla [2008-08-31\|16:59] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Opera [2008-08-18\|19:11] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Personal [2008-12-28\|14:51] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Red Alert 3 [2005-01-02\|04:32] C:\DOCUME~1\COMPAQ~1\APPLIC~1\SampleView [2009-01-04\|14:37] C:\DOCUME~1\COMPAQ~1\APPLIC~1\SmartFTP [2008-05-12\|07:27] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sonic [2008-04-30\|06:30] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sun [2009-07-01\|06:43] C:\DOCUME~1\COMPAQ~1\APPLIC~1\SUPERAntiSpyware.com [2005-01-02\|04:40] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Symantec [2008-09-28\|14:53] C:\DOCUME~1\COMPAQ~1\APPLIC~1\SystemRequirementsLab [2009-03-16\|13:21] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Tibia [2008-05-10\|18:12] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Ubisoft [2008-12-12\|12:32] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Uniblue [2008-04-27\|15:48] C:\DOCUME~1\COMPAQ~1\APPLIC~1\WinRAR [2008-08-28\|08:55] C:\DOCUME~1\COMPAQ~1\APPLIC~1\vlc [2008-11-08\|12:46] C:\DOCUME~1\COMPAQ~1\APPLIC~1\WNR [0\|fil(er)] C:\DOCUME~1\COMPAQ~1\APPLIC~1\byte [43\|katalog(er)] C:\DOCUME~1\COMPAQ~1\APPLIC~1\byte ledigt [2005-01-02\|04:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer [2004-11-29\|18:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [2005-01-02\|04:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [2005-01-02\|04:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView [2005-01-02\|04:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec [0\|fil(er)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\byte [7\|katalog(er)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\byte ledigt [2004-11-29\|18:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [0\|fil(er)] C:\DOCUME~1\LOCALS~1\APPLIC~1\byte [3\|katalog(er)] C:\DOCUME~1\LOCALS~1\APPLIC~1\byte ledigt [2004-11-29\|18:37] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [0\|fil(er)] C:\DOCUME~1\NETWOR~1\APPLIC~1\byte [3\|katalog(er)] C:\DOCUME~1\NETWOR~1\APPLIC~1\byte ledigt --------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks [2009-07-06 21:11][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2008-12-12 10:36][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job [2009-07-07 05:02][--ah-----] C:\WINDOWS\tasks\SA.DAT [2004-08-04 20:00][-rah-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing Folders in C:\Program [2009-06-16\|07:22] C:\Program\7-Zip [2008-12-15\|22:12] C:\Program\ABBYY FineReader 6.0 Sprint [2008-09-03\|07:37] C:\Program\AC3Filter [2009-07-04\|08:52] C:\Program\Adobe [2008-05-28\|09:08] C:\Program\AGEIA Technologies [2009-01-04\|16:38] C:\Program\AML Products [2009-06-15\|20:04] C:\Program\Apple Software Update [2009-06-05\|19:15] C:\Program\AutoCAD 2008 [2009-02-28\|14:01] C:\Program\Autodesk [2009-01-08\|19:27] C:\Program\Avanquest update [2008-12-06\|11:57] C:\Program\Azureus [2009-06-15\|20:05] C:\Program\Bonjour [2009-07-04\|12:36] C:\Program\Cheat Engine [2008-12-12\|11:29] C:\Program\Combined Community Codec Pack [2004-11-29\|18:35] C:\Program\ComPlus Applications [2009-06-27\|16:47] C:\Program\Condition Zero [2008-10-10\|22:53] C:\Program\Creative [2008-05-09\|16:44] C:\Program\DAEMON Tools Pro [2009-07-04\|08:48] C:\Program\Delade filer [2008-12-05\|20:29] C:\Program\DivX [2009-01-29\|10:28] C:\Program\DVD Shrink [2009-01-27\|12:58] C:\Program\Easy GIF Animator [2005-01-02\|04:31] C:\Program\Easy Internet signup [2008-12-15\|22:13] C:\Program\epson [2009-06-27\|10:12] C:\Program\ERUNT [2008-05-28\|11:05] C:\Program\Extended Systems [2009-05-23\|10:28] C:\Program\HP [2005-01-02\|04:28] C:\Program\HPQ [2008-09-14\|10:56] C:\Program\Huawei Modems [2009-05-10\|10:39] C:\Program\InstallShield Installation Information [2008-12-12\|10:24] C:\Program\Intel [2009-06-28\|20:19] C:\Program\Internet Explorer [2008-08-30\|12:05] C:\Program\InterVideo [2008-08-30\|12:06] C:\Program\InterVideo Information Service [2009-06-16\|07:31] C:\Program\Java [2009-05-10\|11:20] C:\Program\Java(2) [2008-09-25\|07:47] C:\Program\Kaspersky Lab [2008-04-29\|22:10] C:\Program\Lavalys [2009-06-27\|10:37] C:\Program\Malwarebytes' Anti-Malware [2009-06-28\|19:36] C:\Program\Messenger [2009-02-09\|22:57] C:\Program\Messenger Plus! Live [2009-06-22\|09:16] C:\Program\Metin2_UK [2009-01-10\|11:43] C:\Program\Microsoft [2008-04-29\|09:23] C:\Program\Microsoft CAPICOM 2.1.0.2 [2004-11-29\|18:37] C:\Program\microsoft frontpage [2009-03-18\|10:07] C:\Program\Microsoft Games [2008-12-12\|10:31] C:\Program\Microsoft IntelliPoint [2008-05-02\|18:11] C:\Program\Microsoft Office [2008-04-29\|14:53] C:\Program\Microsoft Visual Studio [2009-06-16\|07:18] C:\Program\Microsoft Works [2008-04-29\|14:52] C:\Program\Microsoft.NET [2009-06-28\|19:34] C:\Program\Movie Maker [2009-07-07\|07:37] C:\Program\Mozilla Firefox [2008-11-30\|10:42] C:\Program\MSBuild [2009-02-25\|12:38] C:\Program\MSECache [2004-11-29\|18:34] C:\Program\MSN Gaming Zone [2008-04-27\|17:02] C:\Program\MSXML 4.0 [2008-05-18\|07:55] C:\Program\MSXML 6.0 [2008-08-30\|10:46] C:\Program\Nero [2009-06-28\|19:34] C:\Program\NetMeeting [2009-07-04\|08:49] C:\Program\NOS [2005-01-02\|04:30] C:\Program\Onlinetj„nster [2009-06-28\|19:34] C:\Program\Outlook Express [2009-05-10\|11:20] C:\Program\Packard Bell [2009-05-10\|10:39] C:\Program\Pando Networks [2008-08-18\|19:11] C:\Program\Personal [2008-05-02\|18:00] C:\Program\PowerISO [2009-05-10\|11:20] C:\Program\Proxy Switcher Standard [2008-05-25\|09:47] C:\Program\QuickTime [2009-01-04\|21:37] C:\Program\Realtek [2008-11-30\|10:36] C:\Program\Reference Assemblies [2008-12-27\|12:01] C:\Program\Runtime Software [2009-01-04\|15:37] C:\Program\SmartFTP Client 3.0 Setup Files [2009-01-08\|19:25] C:\Program\Sony Ericsson [2008-08-29\|23:13] C:\Program\Steinberg [2009-06-06\|13:03] C:\Program\Super_YouTube_Downloader [2009-07-01\|06:43] C:\Program\SUPERAntiSpyware [2008-09-28\|14:53] C:\Program\SystemRequirementsLab [2008-04-27\|15:10] C:\Program\Tele2 [2009-06-07\|17:55] C:\Program\Topaz Labs [2009-01-02\|15:43] C:\Program\Trafikskolan TEO 2009 [2009-07-02\|09:38] C:\Program\trend micro [2009-01-03\|18:47] C:\Program\Ubisoft [2008-12-12\|12:28] C:\Program\Uniblue [2008-05-02\|18:12] C:\Program\Uninstall Information [2008-08-28\|08:49] C:\Program\VideoLAN [2009-01-10\|11:42] C:\Program\Windows Live [2009-01-10\|11:42] C:\Program\Windows Live SkyDrive [2008-05-07\|10:08] C:\Program\Windows Media Connect 2 [2009-06-28\|19:34] C:\Program\Windows Media Player [2009-06-28\|19:34] C:\Program\Windows NT [2004-11-29\|18:35] C:\Program\WindowsUpdate [2008-08-30\|12:00] C:\Program\WinRAR [2008-06-02\|19:53] C:\Program\VirtualDecor [2008-08-29\|23:14] C:\Program\VOB [2004-11-29\|18:37] C:\Program\xerox [2008-04-27\|19:59] C:\Program\Xvid [2009-06-11\|18:46] C:\Program\YouTube Downloader [0\|fil(er)] C:\Program\byte [100\|katalog(er)] C:\Program\byte ledigt --------------------\\ Listing Folders in C:\Program\Delade filer [2009-07-04\|08:52] C:\Program\Delade filer\Adobe [2008-08-30\|10:47] C:\Program\Delade filer\Ahead [2009-02-28\|13:54] C:\Program\Delade filer\Autodesk Shared [2008-05-02\|18:11] C:\Program\Delade filer\DESIGNER [2008-04-27\|14:55] C:\Program\Delade filer\Hewlett-Packard [2008-08-30\|12:06] C:\Program\Delade filer\InstallShield [2008-08-30\|12:05] C:\Program\Delade filer\InterVideo [2008-05-01\|09:29] C:\Program\Delade filer\Macrovision Shared [2009-06-16\|07:18] C:\Program\Delade filer\Microsoft Shared [2004-11-29\|18:35] C:\Program\Delade filer\MSSoap [2004-11-29\|19:30] C:\Program\Delade filer\ODBC [2009-06-16\|09:40] C:\Program\Delade filer\ParetoLogic [2008-04-27\|23:20] C:\Program\Delade filer\Services [2008-05-25\|09:53] C:\Program\Delade filer\Sonic Shared [2004-11-29\|19:30] C:\Program\Delade filer\SpeechEngines [2008-04-27\|15:07] C:\Program\Delade filer\Symantec Shared [2009-06-28\|19:34] C:\Program\Delade filer\System [2008-08-30\|12:06] C:\Program\Delade filer\Ulead [2009-01-10\|11:39] C:\Program\Delade filer\Windows Live [2008-04-29\|06:29] C:\Program\Delade filer\WindowsLiveInstaller [2009-07-01\|06:43] C:\Program\Delade filer\Wise Installation Wizard [0\|fil(er)] C:\Program\Delade filer\byte [23\|katalog(er)] C:\Program\Delade filer\byte ledigt --------------------\\ Process ( 38 Processes ) ... OK ! --------------------\\ Searching with S_Lop No Lop folder found ! --------------------\\ Searching for Lop Files - Folders No Lop folder found ! --------------------\\ Searching within the Registry ..... OK ! --------------------\\ Checking the Hosts file Hosts file CLEAN --------------------\\ Searching for hidden files with Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-07 08:57:43 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Searching for other infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\COMPAQ~1\Application Data\Macromedia\Flash Player\#SharedObjects\PFVHB6QD\static.onemorelevel.com\games3\crack-shot.swf C:\DOCUME~1\COMPAQ~1\Application Data\Macromedia\Flash Player\#SharedObjects\PFVHB6QD\static.onemorelevel.com\games3\crack-shot.swf\CRACKSHOTv3.sol [F:236][D:13]-> C:\DOCUME~1\COMPAQ~1\LOKALA~1\Temp [F:147][D:0]-> C:\DOCUME~1\COMPAQ~1\Cookies [F:158][D:8]-> C:\DOCUME~1\COMPAQ~1\LOKALA~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 2009-07-07\| 8:59 - Option : [1] --------------------\\ Scan completed at 8:59:12

SpySentinel View Member Profile	Jul 8 2009, 05:13 PM Post #14
Trusted Helper Posts: 3,952 From: The United States OS: Windows XP SP3 & Windows Vista SP1	Select the entire area below, then right-click and choose Copy QUOTE C:\DOCUME~1\COMPAQ~1\Application Data\Macromedia\Flash Player\#SharedObjects\PFVHB6QD\static.onemorelevel.com\games3\crack-shot.swf C:\DOCUME~1\COMPAQ~1\Application Data\Macromedia\Flash Player\#SharedObjects\PFVHB6QD\static.onemorelevel.com\games3\crack-shot.swf\CRACKSHOTv3.sol Restart Lop S&D Choose Option 4 (LopScript) A blank page will be opened, right-click it and choose Paste Close the page, you'll be asked to save it, click [Save] Don't close the windows during suppression! Post the log which is created: (%SystemDrive%\lopR.txt) This post has been edited by SpySentinel: Jul 8 2009, 05:14 PM

Jetkokos View Member Profile	Jul 9 2009, 02:43 AM Post #15
Member Posts: 13 OS: Win XP	Hello SpySentinel --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 2.93GHz ) BIOS : BIOS Date: 01/23/06 20:09:06 Ver: 08.00.10 USER : Compaq_Ägaren ( Administrator ) BOOT : Normal boot Antivirus : Kaspersky Internet Security 8.0.0.357 (Not Activated) Firewall : Kaspersky Internet Security 8.0.0.357 (Not Activated) C:\ (Local Disk) - NTFS - Total:143 Go (Free:96 Go) D:\ (Local Disk) - FAT32 - Total:5 Go (Free:2 Go) E:\ (CD or DVD) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (USB) "C:\Lop SD" ( MAJ : 19-12-2008\|23:40 ) Option : [4] ( 2009-07-09\|10:34 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script C:\DOCUME~1\COMPAQ~1\Application Data\Macromedia\Flash Player\#SharedObjects\PFVHB6QD\static.onemorelevel.com\games3\crack-shot.swf C:\DOCUME~1\COMPAQ~1\Application Data\Macromedia\Flash Player\#SharedObjects\PFVHB6QD\static.onemorelevel.com\games3\crack-shot.swf\CRACKSHOTv3.sol \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX Deleted! - C:\DOCUME~1\COMPAQ~1\Application Data\Macromedia\Flash Player\#SharedObjects\PFVHB6QD\static.onemorelevel.com\games3\crack-shot.swf ... C:\DOCUME~1\COMPAQ~1\Application Data\Macromedia\Flash Player\#SharedObjects\PFVHB6QD\static.onemorelevel.com\games3\crack-shot.swf\CRACKSHOTv3.sol -> does not exist ! \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing folders in APPLIC~1 [2009-06-10\|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{A613CA96-150A-4A1D-90CE-67F81379DF8C} [2008-12-12\|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} [2008-12-12\|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{D5ABFFAD-D592-4F98-B02B-587125B4801F} [2009-07-04\|08:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [2009-01-29\|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [2009-06-15\|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [2008-08-30\|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [2009-02-28\|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk [2008-04-30\|07:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus [2008-12-29\|20:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Birdstep Technology [2009-01-08\|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software [2008-05-09\|16:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Pro [2009-06-10\|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner [2009-03-14\|08:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [2008-12-15\|22:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON [2008-05-01\|09:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet [2005-01-02\|04:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [2009-07-09\|08:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab [2008-09-25\|07:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files [2009-06-27\|10:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [2009-06-16\|07:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee [2008-11-03\|19:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [2009-01-10\|11:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [2009-03-18\|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games [2009-06-16\|07:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [2008-08-30\|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero [2009-07-04\|08:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS [2009-05-10\|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [2009-02-26\|11:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage [2008-08-29\|23:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle [2009-05-10\|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PMB Files [2008-04-28\|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [2005-01-02\|04:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [2009-05-10\|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SecTaskMan [2009-01-09\|17:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [2009-01-08\|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson [2009-07-01\|06:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com [2008-04-27\|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [2009-06-07\|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [2008-05-10\|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft [2008-12-15\|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL [2008-05-07\|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [2008-11-20\|08:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip [2008-06-02\|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VirtualDecor [2008-12-18\|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [0\|fil(er)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\byte [47\|katalog(er)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\byte ledigt [2009-07-08\|08:04] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Adobe [2009-02-09\|21:49] C:\DOCUME~1\COMPAQ~1\APPLIC~1\AdobeUM [2009-01-31\|12:25] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Ahead [2005-01-02\|04:24] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Apple Computer [2009-02-28\|14:01] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Autodesk [2009-06-27\|16:29] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Azureus [2008-12-07\|10:43] C:\DOCUME~1\COMPAQ~1\APPLIC~1\BitZipper [2008-09-01\|18:34] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Command & Conquer 3 Kane's Wrath [2009-01-02\|15:43] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Copax [2008-10-10\|22:52] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Creative [2008-05-10\|19:33] C:\DOCUME~1\COMPAQ~1\APPLIC~1\DAEMON Tools [2008-05-08\|19:46] C:\DOCUME~1\COMPAQ~1\APPLIC~1\DAEMON Tools Pro [2008-12-06\|12:27] C:\DOCUME~1\COMPAQ~1\APPLIC~1\DivX [2008-11-30\|20:09] C:\DOCUME~1\COMPAQ~1\APPLIC~1\dvdcss [2009-04-08\|10:17] C:\DOCUME~1\COMPAQ~1\APPLIC~1\GetRightToGo [2008-10-02\|17:44] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Google [2004-11-29\|18:37] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Identities [2008-12-15\|22:09] C:\DOCUME~1\COMPAQ~1\APPLIC~1\InstallShield [2008-08-30\|12:08] C:\DOCUME~1\COMPAQ~1\APPLIC~1\InterVideo [2008-05-12\|07:26] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Leadertech [2008-08-24\|21:19] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Macromedia [2009-06-27\|10:37] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Malwarebytes [2008-12-05\|18:42] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Microsoft [2009-03-18\|10:10] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Microsoft Games [2008-04-28\|16:05] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Mozilla [2008-08-31\|16:59] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Opera [2008-08-18\|19:11] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Personal [2008-12-28\|14:51] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Red Alert 3 [2005-01-02\|04:32] C:\DOCUME~1\COMPAQ~1\APPLIC~1\SampleView [2009-01-04\|14:37] C:\DOCUME~1\COMPAQ~1\APPLIC~1\SmartFTP [2008-05-12\|07:27] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sonic [2008-04-30\|06:30] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sun [2009-07-01\|06:43] C:\DOCUME~1\COMPAQ~1\APPLIC~1\SUPERAntiSpyware.com [2005-01-02\|04:40] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Symantec [2008-09-28\|14:53] C:\DOCUME~1\COMPAQ~1\APPLIC~1\SystemRequirementsLab [2009-03-16\|13:21] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Tibia [2008-05-10\|18:12] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Ubisoft [2008-12-12\|12:32] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Uniblue [2008-04-27\|15:48] C:\DOCUME~1\COMPAQ~1\APPLIC~1\WinRAR [2008-08-28\|08:55] C:\DOCUME~1\COMPAQ~1\APPLIC~1\vlc [2008-11-08\|12:46] C:\DOCUME~1\COMPAQ~1\APPLIC~1\WNR [0\|fil(er)] C:\DOCUME~1\COMPAQ~1\APPLIC~1\byte [43\|katalog(er)] C:\DOCUME~1\COMPAQ~1\APPLIC~1\byte ledigt [2005-01-02\|04:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer [2004-11-29\|18:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [2005-01-02\|04:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [2005-01-02\|04:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView [2005-01-02\|04:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec [0\|fil(er)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\byte [7\|katalog(er)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\byte ledigt [2004-11-29\|18:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [0\|fil(er)] C:\DOCUME~1\LOCALS~1\APPLIC~1\byte [3\|katalog(er)] C:\DOCUME~1\LOCALS~1\APPLIC~1\byte ledigt [2004-11-29\|18:37] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [0\|fil(er)] C:\DOCUME~1\NETWOR~1\APPLIC~1\byte [3\|katalog(er)] C:\DOCUME~1\NETWOR~1\APPLIC~1\byte ledigt --------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks [2009-07-06 21:11][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2008-12-12 10:36][--ah-----] C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job [2009-07-09 08:36][--ah-----] C:\WINDOWS\tasks\SA.DAT [2004-08-04 20:00][-rah-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing Folders in C:\Program [2009-06-16\|07:22] C:\Program\7-Zip [2008-12-15\|22:12] C:\Program\ABBYY FineReader 6.0 Sprint [2008-09-03\|07:37] C:\Program\AC3Filter [2009-07-04\|08:52] C:\Program\Adobe [2008-05-28\|09:08] C:\Program\AGEIA Technologies [2009-01-04\|16:38] C:\Program\AML Products [2009-06-15\|20:04] C:\Program\Apple Software Update [2009-06-05\|19:15] C:\Program\AutoCAD 2008 [2009-02-28\|14:01] C:\Program\Autodesk [2009-01-08\|19:27] C:\Program\Avanquest update [2008-12-06\|11:57] C:\Program\Azureus [2009-06-15\|20:05] C:\Program\Bonjour [2009-07-04\|12:36] C:\Program\Cheat Engine [2008-12-12\|11:29] C:\Program\Combined Community Codec Pack [2004-11-29\|18:35] C:\Program\ComPlus Applications [2009-06-27\|16:47] C:\Program\Condition Zero [2008-10-10\|22:53] C:\Program\Creative [2008-05-09\|16:44] C:\Program\DAEMON Tools Pro [2009-07-04\|08:48] C:\Program\Delade filer [2008-12-05\|20:29] C:\Program\DivX [2009-01-29\|10:28] C:\Program\DVD Shrink [2009-01-27\|12:58] C:\Program\Easy GIF Animator [2005-01-02\|04:31] C:\Program\Easy Internet signup [2008-12-15\|22:13] C:\Program\epson [2009-06-27\|10:12] C:\Program\ERUNT [2008-05-28\|11:05] C:\Program\Extended Systems [2009-05-23\|10:28] C:\Program\HP [2005-01-02\|04:28] C:\Program\HPQ [2008-09-14\|10:56] C:\Program\Huawei Modems [2009-05-10\|10:39] C:\Program\InstallShield Installation Information [2008-12-12\|10:24] C:\Program\Intel [2009-06-28\|20:19] C:\Program\Internet Explorer [2008-08-30\|12:05] C:\Program\InterVideo [2008-08-30\|12:06] C:\Program\InterVideo Information Service [2009-06-16\|07:31] C:\Program\Java [2009-05-10\|11:20] C:\Program\Java(2) [2008-09-25\|07:47] C:\Program\Kaspersky Lab [2008-04-29\|22:10] C:\Program\Lavalys [2009-06-27\|10:37] C:\Program\Malwarebytes' Anti-Malware [2009-06-28\|19:36] C:\Program\Messenger [2009-02-09\|22:57] C:\Program\Messenger Plus! Live [2009-06-22\|09:16] C:\Program\Metin2_UK [2009-01-10\|11:43] C:\Program\Microsoft [2008-04-29\|09:23] C:\Program\Microsoft CAPICOM 2.1.0.2 [2004-11-29\|18:37] C:\Program\microsoft frontpage [2009-03-18\|10:07] C:\Program\Microsoft Games [2008-12-12\|10:31] C:\Program\Microsoft IntelliPoint [2008-05-02\|18:11] C:\Program\Microsoft Office [2008-04-29\|14:53] C:\Program\Microsoft Visual Studio [2009-06-16\|07:18] C:\Program\Microsoft Works [2008-04-29\|14:52] C:\Program\Microsoft.NET [2009-06-28\|19:34] C:\Program\Movie Maker [2009-07-08\|16:09] C:\Program\Mozilla Firefox [2008-11-30\|10:42] C:\Program\MSBuild [2009-02-25\|12:38] C:\Program\MSECache [2004-11-29\|18:34] C:\Program\MSN Gaming Zone [2008-04-27\|17:02] C:\Program\MSXML 4.0 [2008-05-18\|07:55] C:\Program\MSXML 6.0 [2008-08-30\|10:46] C:\Program\Nero [2009-06-28\|19:34] C:\Program\NetMeeting [2009-07-04\|08:49] C:\Program\NOS [2005-01-02\|04:30] C:\Program\Onlinetj„nster [2009-06-28\|19:34] C:\Program\Outlook Express [2009-05-10\|11:20] C:\Program\Packard Bell [2009-05-10\|10:39] C:\Program\Pando Networks [2008-08-18\|19:11] C:\Program\Personal [2008-05-02\|18:00] C:\Program\PowerISO [2009-05-10\|11:20] C:\Program\Proxy Switcher Standard [2008-05-25\|09:47] C:\Program\QuickTime [2009-01-04\|21:37] C:\Program\Realtek [2008-11-30\|10:36] C:\Program\Reference Assemblies [2008-12-27\|12:01] C:\Program\Runtime Software [2009-01-04\|15:37] C:\Program\SmartFTP Client 3.0 Setup Files [2009-01-08\|19:25] C:\Program\Sony Ericsson [2008-08-29\|23:13] C:\Program\Steinberg [2009-06-06\|13:03] C:\Program\Super_YouTube_Downloader [2009-07-01\|06:43] C:\Program\SUPERAntiSpyware [2008-09-28\|14:53] C:\Program\SystemRequirementsLab [2008-04-27\|15:10] C:\Program\Tele2 [2009-06-07\|17:55] C:\Program\Topaz Labs [2009-01-02\|15:43] C:\Program\Trafikskolan TEO 2009 [2009-07-02\|09:38] C:\Program\trend micro [2009-01-03\|18:47] C:\Program\Ubisoft [2008-12-12\|12:28] C:\Program\Uniblue [2008-05-02\|18:12] C:\Program\Uninstall Information [2008-08-28\|08:49] C:\Program\VideoLAN [2009-01-10\|11:42] C:\Program\Windows Live [2009-01-10\|11:42] C:\Program\Windows Live SkyDrive [2008-05-07\|10:08] C:\Program\Windows Media Connect 2 [2009-06-28\|19:34] C:\Program\Windows Media Player [2009-06-28\|19:34] C:\Program\Windows NT [2004-11-29\|18:35] C:\Program\WindowsUpdate [2008-08-30\|12:00] C:\Program\WinRAR [2008-06-02\|19:53] C:\Program\VirtualDecor [2008-08-29\|23:14] C:\Program\VOB [2004-11-29\|18:37] C:\Program\xerox [2008-04-27\|19:59] C:\Program\Xvid [2009-06-11\|18:46] C:\Program\YouTube Downloader [0\|fil(er)] C:\Program\byte [100\|katalog(er)] C:\Program\byte ledigt --------------------\\ Listing Folders in C:\Program\Delade filer [2009-07-04\|08:52] C:\Program\Delade filer\Adobe [2008-08-30\|10:47] C:\Program\Delade filer\Ahead [2009-02-28\|13:54] C:\Program\Delade filer\Autodesk Shared [2008-05-02\|18:11] C:\Program\Delade filer\DESIGNER [2008-04-27\|14:55] C:\Program\Delade filer\Hewlett-Packard [2008-08-30\|12:06] C:\Program\Delade filer\InstallShield [2008-08-30\|12:05] C:\Program\Delade filer\InterVideo [2008-05-01\|09:29] C:\Program\Delade filer\Macrovision Shared [2009-06-16\|07:18] C:\Program\Delade filer\Microsoft Shared [2004-11-29\|18:35] C:\Program\Delade filer\MSSoap [2004-11-29\|19:30] C:\Program\Delade filer\ODBC [2009-06-16\|09:40] C:\Program\Delade filer\ParetoLogic [2008-04-27\|23:20] C:\Program\Delade filer\Services [2008-05-25\|09:53] C:\Program\Delade filer\Sonic Shared [2004-11-29\|19:30] C:\Program\Delade filer\SpeechEngines [2008-04-27\|15:07] C:\Program\Delade filer\Symantec Shared [2009-06-28\|19:34] C:\Program\Delade filer\System [2008-08-30\|12:06] C:\Program\Delade filer\Ulead [2009-01-10\|11:39] C:\Program\Delade filer\Windows Live [2008-04-29\|06:29] C:\Program\Delade filer\WindowsLiveInstaller [2009-07-01\|06:43] C:\Program\Delade filer\Wise Installation Wizard [0\|fil(er)] C:\Program\Delade filer\byte [23\|katalog(er)] C:\Program\Delade filer\byte ledigt --------------------\\ Process ( 37 Processes ) ... OK ! --------------------\\ Searching with S_Lop No Lop folder found ! --------------------\\ Searching for Lop Files - Folders No Lop folder found ! --------------------\\ Searching within the Registry ..... OK ! --------------------\\ Checking the Hosts file Hosts file CLEAN --------------------\\ Searching for hidden files with Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-09 10:37:50 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Searching for other infections No other infections found ! [F:247][D:13]-> C:\DOCUME~1\COMPAQ~1\LOKALA~1\Temp [F:220][D:0]-> C:\DOCUME~1\COMPAQ~1\Cookies [F:182][D:8]-> C:\DOCUME~1\COMPAQ~1\LOKALA~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 2009-07-07\| 8:59 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 2009-07-09\|10:39 - Option : [4] --------------------\\ Scan completed at 10:39:23

« Next Oldest · Virus, Spyware and Trojan Removal · Next Newest »

2 Pages

1 2 >

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Topic Title	Replies / Views	Topic Information
Virus, Spyware and Trojan Removal Extremely slow PC	0 / 210	5th April 2008 - 03:50 PM mister leigh started - last by mister leigh
Virus, Spyware and Trojan Removal extremely slow pc, hangs, quits responding	1 / 238	3rd May 2008 - 01:47 PM cc2001 started - last by greyknight17
Virus, Spyware and Trojan Removal Abnormal scan/Very slow pc [Solved]	6 / 144	21st May 2009 - 08:53 AM skoorb28 started - last by handhfan
Virus, Spyware and Trojan Removal Need help with slow PC [Solved]	12 / 303	11th July 2009 - 03:03 PM shadowz187 started - last by Essexboy