Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

XP won't boot


  • Please log in to reply

#1
Ruske

Ruske

    Member

  • Member
  • PipPip
  • 31 posts
Please help me ! I really don't know what to do ? XP won't boot, and I have files on the disk I don't want to loose.
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there - what happened prior to the non booting ?

Please print these instruction out so that you know what you are doing

OTLPENet.exe
MD5=C2629B6D6FA189EA92FF6FD1FFA2A81D
127,353,979bytes / 121.4MB

  • Download the attached scan.txt to your desktop[attachment=46597:scan.txt]
  • Download OTLPENet.exe to your desktop
  • Ensure that you have a blank CD in the drive
  • Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
  • Reboot your system using the boot CD you just created.
    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :D

  • Your system should now display a Reatogo desktop.
    Note : as you are running from CD it is not exactly speedy
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start.
  • Double click the Custom scans and fixes box
  • In the dialogue locate the scan.txt you have on the USB
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system.
  • Right click the file and select send to : select the USB drive.
  • Confirm that it has copied to the USB drive by selecting it
  • You can backup any files that you wish from this OS
  • Please post the contents of the C:\OTL.txt file in your reply.

  • 0

#3
Ruske

Ruske

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
My antivirus found some malware I think, and quarantined them. Then Iexplorer, GoogleChrome and ChromePlus could'nt connect to the internet. My mailprogram worked fine. So the problem had to be with browsers. Unfornately I tried to restart before I noted which virus or malware it was. Now I can't boot, neither of the ways. Normal og protected.
I have ran out of empty cd's so I have to wait until tomorrow after work, to continue.
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No problem - it gives me a feel for the areas to look at
  • 0

#5
Ruske

Ruske

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Now I have done what you told me to do.

I have attached the OTL.Txt file.

I wait for you to tell me what I shall do as the next step.

I thank in advance :-)
  • 0

#6
Ruske

Ruske

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Here you have the contents of the OTL.txt file

OTL logfile created on: 12/14/2010 9:14:14 PM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2800.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmer
Drive C: | 149.00 Gb Total Space | 111.84 Gb Free Space | 75.06% Space Free | Partition Type: NTFS
Drive D: | 233.76 Gb Total Space | 231.31 Gb Free Space | 98.95% Space Free | Partition Type: NTFS
Drive E: | 3.84 Gb Total Space | 3.84 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- d:\Programmer\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2010/12/13 14:03:25 | 000,253,952 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Auto] -- C:\WINDOWS\system32\sshnas21.dll -- (SSHNAS)
SRV - [2010/10/15 18:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto] -- C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/09/01 09:51:28 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand] -- C:\Programmer\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/08/05 12:11:44 | 001,885,488 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programmer\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2010/07/01 10:17:24 | 001,832,072 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programmer\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2010/07/01 09:24:02 | 000,357,704 | ---- | M] (Symantec Corporation) [Disabled] -- C:\Programmer\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2010/05/06 10:21:14 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2010/05/06 10:21:14 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2010/03/18 06:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 06:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 06:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010/02/17 03:53:18 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Programmer\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2009/07/20 06:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Programmer\Fælles filer\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/03/30 10:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008/11/03 18:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programmer\Fælles filer\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/09/10 10:22:32 | 000,229,648 | ---- | M] (Uniblue) [Auto] -- C:\Programmer\Uniblue\DiskRescue\UBDiskRescueSrv.exe -- (Uniblue DiskRescue)
SRV - [2008/07/26 02:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto] -- C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/07/26 02:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto] -- C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2008/02/28 11:07:48 | 000,529,704 | ---- | M] (Nero AG) [Disabled] -- C:\Programmer\Fælles filer\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2006/12/12 03:22:34 | 000,537,480 | ---- | M] ( ) [On_Demand] -- C:\WINDOWS\System32\dlcqcoms.exe -- (dlcq_device)
SRV - [2006/10/26 07:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)
SRV - [2006/10/26 07:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programmer\Fælles filer\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010/12/09 04:00:00 | 001,360,248 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Programmer\Fælles filer\Symantec Shared\VirusDefs\20101212.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/12/09 04:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Programmer\Fælles filer\Symantec Shared\VirusDefs\20101212.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/08/29 11:28:02 | 000,125,488 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/05/26 03:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Programmer\Fælles filer\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/26 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Programmer\Fælles filer\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/03/08 05:59:14 | 000,320,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2010/03/08 05:59:14 | 000,283,184 | ---- | M] (Symantec Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2010/03/08 05:59:14 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2010/02/26 07:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 07:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 07:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 07:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/02/26 07:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009/12/18 08:42:12 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Programmer\Fælles filer\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/09/11 06:48:04 | 000,066,056 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2009/09/11 06:47:54 | 000,014,984 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2009/09/11 06:47:32 | 000,035,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009/09/11 06:47:22 | 000,022,792 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2009/09/03 10:03:48 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/09/03 10:03:48 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/07/14 06:51:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2009/06/17 11:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 11:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/02/18 08:44:00 | 006,308,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/12/18 17:43:18 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2008/12/18 17:43:06 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008/08/26 03:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/24 21:22:00 | 000,014,208 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/08/05 06:29:00 | 000,039,456 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2008/08/01 05:36:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/08/01 05:36:00 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/07/26 02:25:02 | 000,025,624 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/05/07 06:21:40 | 004,739,072 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/13 05:45:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB-lyddriver (WDM)
DRV - [2008/04/13 05:00:04 | 000,225,664 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008/04/13 04:53:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 02:36:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/04/16 10:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006/02/27 00:46:20 | 000,081,408 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2004/12/16 10:41:30 | 000,089,808 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\slabser.sys -- (slabser)
DRV - [2004/08/12 05:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/03/11 10:24:14 | 000,052,384 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\slabbus.sys -- (slabbus) CP2101 USB Composite Device driver (WDM)
DRV - [2003/10/16 04:44:04 | 000,082,704 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cyg_ser.sys -- (cyg_ser)
DRV - [2003/08/29 01:43:48 | 000,334,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CamDrL21.sys -- (PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0)
DRV - [2003/04/07 04:37:58 | 000,075,264 | ---- | M] (Sunix) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snxppalx.sys -- (SNXPPALX)
DRV - [2003/04/02 10:06:58 | 000,020,864 | ---- | M] (Sunix) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snxpcard.sys -- (SNXPCARD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Internet Explorer\SearchURL\www.google.dk, = http://www.google.dk
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Internet Explorer\SearchURL\www.google.dk, = +
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Internet Explorer\SearchURL\www.google.dk,# = %23
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Internet Explorer\SearchURL\www.google.dk,% = %25
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Internet Explorer\SearchURL\www.google.dk,& = %26
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Internet Explorer\SearchURL\www.google.dk,+ = %2B
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:59274

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Programmer\Fiddler2\FiddlerHook [2010/11/04 15:04:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Programmer\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/07/22 09:01:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Programmer\Mozilla Firefox\components [2010/11/04 13:57:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Programmer\Mozilla Firefox\plugins [2010/11/17 15:02:13 | 000,000,000 | ---D | M]

[2010/11/17 17:12:54 | 000,000,000 | ---D | M] -- C:\Programmer\Mozilla Firefox\extensions
[2010/07/14 06:07:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmer\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/05/18 15:46:59 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmer\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/24 12:19:34 | 000,001,525 | ---- | M] () -- C:\Programmer\Mozilla Firefox\searchplugins\amazon-co-uk.xml
[2010/10/24 12:19:34 | 000,001,178 | ---- | M] () -- C:\Programmer\Mozilla Firefox\searchplugins\wikipedia-da.xml
[2010/10/24 12:19:34 | 000,001,102 | ---- | M] () -- C:\Programmer\Mozilla Firefox\searchplugins\yahoo-dk.xml

O1 HOSTS File: ([2010/04/18 09:29:36 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Hjælp til tilmelding til Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (CutePDF Form Filler Helper) - {D41289F2-69C6-417B-897E-C653D677CBAF} - C:\Programmer\Acro Software\CutePDF Pro\CPFillerCo.dll (Acro Software Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Tina_Vilhelmsen_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ccApp] C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DLCQCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.DLL ()
O4 - HKLM..\Run: [dlcqmon.exe] C:\Programmer\Dell Photo AIO Printer 966\dlcqmon.exe ()
O4 - HKLM..\Run: [FaxCenterServer] C:\Programmer\Dell PC Fax\fm3032.exe ()
O4 - HKLM..\Run: [Google Quick Search Box] C:\Programmer\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programmer\Fælles filer\InstallShield\UpdateService\isuspm.exe File not found
O4 - HKLM..\Run: [ISUSScheduler] C:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programmer\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [MemoryCardManager] C:\Programmer\Dell Photo AIO Printer 966\memcard.exe ()
O4 - HKLM..\Run: [NBKeyScan] C:\Programmer\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programmer\Fælles filer\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PlexUtilities] C:\Programmer\Plextor\PlexUTILITIES\PlexRadar.exe File not found
O4 - HKU\Tina_Vilhelmsen_ON_C..\Run: [DriverFinder] C:\Programmer\DriverFinder\DriverFinder.exe File not found
O4 - HKU\Tina_Vilhelmsen_ON_C..\Run: [DriverScanner] C:\Programmer\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited)
O4 - HKU\Tina_Vilhelmsen_ON_C..\Run: [JP595IR86O] C:\DOCUME~1\TINAVI~1\LOKALE~1\Temp\Krh.exe File not found
O4 - HKU\Tina_Vilhelmsen_ON_C..\Run: [PC Suite Tray] C:\Programmer\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\Tina_Vilhelmsen_ON_C..\Run: [swg] C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\Tina_Vilhelmsen_ON_C..\Run: [Uniblue SpyEraser] C:\Programmer\Uniblue\SpyEraser\SpyEraser.exe (Uniblue Software)
O4 - HKU\Tina_Vilhelmsen_ON_C..\Run: [ypsrilxk] C:\Documents and Settings\Tina Vilhelmsen\Lokale indstillinger\temp\capeghsrj\ejjowgqaffm.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found
O4 - HKU\Administrator_ON_C..\RunOnce: [_nltide_2] File not found
O4 - HKU\Administrator_ON_C..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe File not found
O4 - HKU\Tina_Vilhelmsen_ON_C..\RunOnce: [DriverScanner] C:\Programmer\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited)
O4 - Startup: C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Tina_Vilhelmsen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\Tina_Vilhelmsen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Tina_Vilhelmsen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Programmer\Fiddler2\Fiddler.exe (Eric Lawrence)
O9 - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Programmer\Fiddler2\Fiddler.exe (Eric Lawrence)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programmer\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} https://www.sparnord...e-prod-1.30.cab (ActiveX sikkerhedssoftware Control)
O16 - DPF: {11818680-FCF6-11D0-9808-0800092A4865} http://www.kps.dk/Codebase/FormCtl.cab (Adobe Form Control)
O16 - DPF: {1469FF24-47F6-11D2-8805-006008C537E3} http://www.kps.dk/codebase/ffmail.cab (Adobe Mail Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.co.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {4F2A3649-7A9F-4950-9C31-409FAC6FC7C8} https://danid.dk/csp...nticode/csp.exe (IssueUtilCtrl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1236725578966 (MUWebControl Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...ctDetection.cab (Reg Error: Key error.)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {775879E2-7309-4619-BB02-AADE41F4B690} http://aolsvc.aol.co...web.1.0.0.9.cab (CPlayFirstdreamControl Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {92EB6641-286A-11D2-A68E-00A0C996A6DD} http://www.kps.dk/co...jfsignature.cab (Adobe Signature Object)
O16 - DPF: {9DF01F00-08E7-4DBE-9070-94841463B3FE} https://danid.dk/csp...nticode/csp.exe (Util Class)
O16 - DPF: {AD90E8D1-3B47-11D2-A696-00A0C996A6DD} http://www.kps.dk/co...se/jfcrypto.cab (jfCryptoSignature Class)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CDDCFBB3-4D93-11D2-B1A9-00A0C9B742BE} http://www.kps.dk/co...criptobject.cab (Adobe Script Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {EF2FB80F-0975-408E-A871-B00CC863478A} http://www.kps.dk/co...ntinstaller.cab (Adobe Soft Font Installer)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmer\Fælles filer\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmer\Fælles filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\programmer\fælles filer\logishrd\bluetooth\LBTWlgn.dll - C:\Programmer\Fælles filer\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll ()
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programmer\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/10 10:15:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: winmgmt - C:\WINDOWS\system32\wbem\winmgmt.exe (Microsoft Corporation)

Drivers32: msacm.enc - C:\WINDOWS\System32\ITIG726.acm (Ingenient Technologies, Inc.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2010/12/13 14:33:28 | 000,733,184 | ---- | C] (lgpcbrrjhy Corporation) -- C:\WINDOWS\System32\alk917.dll
[2010/12/13 13:59:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\Skrivebord\Driver_Detective_v6.4.1.5_Full_Cracked_Version_Of_2010_Multilang_incl_Bonus_Tools.part2
[2010/12/13 13:47:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Usenet.nl
[2010/12/13 13:47:17 | 000,000,000 | ---D | C] -- C:\Programmer\Usenet.nl
[2010/12/13 13:12:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\PlexUTILITIES
[2010/12/13 13:12:30 | 000,000,000 | ---D | C] -- C:\Programmer\Plextor
[2010/12/13 12:48:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\DriverFinder
[2010/12/08 16:14:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2010/11/18 15:51:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\.oces2
[2010/11/18 15:02:54 | 000,000,000 | ---D | C] -- C:\Programmer\Fælles filer\Adobe
[2010/11/18 15:02:54 | 000,000,000 | ---D | C] -- C:\Programmer\Adobe
[2010/11/18 14:22:07 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Lokale indstillinger\Application Data\Microsoft
[2010/11/18 14:22:07 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2010/11/18 14:22:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo
[2010/11/18 14:22:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Application Data
[2010/11/18 14:22:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menuen Start
[2010/11/18 14:22:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2010/11/18 14:22:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\Cookies
[2010/11/18 14:22:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Skabeloner
[2010/11/18 14:22:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Recent
[2010/11/18 14:22:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Printere
[2010/11/18 14:22:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Lokale indstillinger
[2010/11/18 14:22:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Andre computere
[2010/11/18 14:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Skrivebord
[2010/11/18 14:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Lokale indstillinger\Application Data\Microsoft Help
[2010/11/18 14:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Foretrukne
[2010/11/18 14:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenter
[2010/11/18 14:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Lokale indstillinger\Application Data\Adobe
[2010/11/18 11:45:25 | 000,000,000 | ---D | C] -- C:\Programmer\Windows Installer Clean Up
[2010/11/17 15:02:12 | 000,000,000 | ---D | C] -- C:\Programmer\NOS
[2010/11/17 13:31:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\Lokale indstillinger\Application Data\CutePDF_Filler
[2010/11/17 13:29:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\Lokale indstillinger\Application Data\CustomStamp
[2010/11/17 13:28:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\Lokale indstillinger\Application Data\CutePDF_Pro
[2010/11/17 13:28:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\Lokale indstillinger\Application Data\CutePDF
[2010/11/17 13:28:51 | 000,000,000 | ---D | C] -- C:\Programmer\GPLGS
[2010/11/17 12:47:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\Lokale indstillinger\Application Data\CutePDF Writer
[2010/11/16 09:53:07 | 000,000,000 | ---D | C] -- C:\iPod Photo Cache
[2010/11/16 09:53:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2010/11/16 09:53:04 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2009/03/18 15:48:06 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\DLCQhcp.dll
[2006/10/11 17:41:42 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqinpa.dll
[2006/10/11 17:01:40 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqpmui.dll
[2006/10/11 16:59:56 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqserv.dll
[2006/10/11 16:54:10 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqcomm.dll
[2006/10/11 16:52:34 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqlmpm.dll
[2006/10/11 16:51:16 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqiesc.dll
[2006/10/11 16:48:58 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqpplc.dll
[2006/10/11 16:48:14 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqcomc.dll
[2006/10/11 16:47:42 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqprox.dll
[2006/10/11 16:41:04 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqusb1.dll
[2006/10/11 16:37:14 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqhbn3.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/13 16:46:49 | 000,000,350 | RHS- | M] () -- C:\boot.ini
[2010/12/13 16:25:51 | 000,000,318 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/12/13 16:25:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/13 14:33:28 | 000,733,184 | ---- | M] (lgpcbrrjhy Corporation) -- C:\WINDOWS\System32\alk917.dll
[2010/12/13 14:31:00 | 000,000,308 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/12/13 14:26:00 | 000,000,308 | -H-- | M] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2010/12/13 14:05:12 | 000,000,308 | -H-- | M] () -- C:\WINDOWS\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010/12/13 14:03:25 | 000,253,952 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\System32\sshnas21.dll
[2010/12/13 13:50:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/13 13:47:18 | 000,001,552 | ---- | M] () -- C:\Documents and Settings\Tina Vilhelmsen\Skrivebord\Usenet.nl.lnk
[2010/12/13 13:35:00 | 000,001,064 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-412668190-1801674531-1003UA.job
[2010/12/13 13:12:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/13 12:54:24 | 000,000,769 | ---- | M] () -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Microsoft\Internet Explorer\Quick Launch\DriverScanner.lnk
[2010/12/13 12:19:32 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2F54F2CE-7C2F-445C-8DA0-C6802269CED6}.job
[2010/12/13 03:34:26 | 000,544,294 | ---- | M] () -- C:\WINDOWS\System32\perfh006.dat
[2010/12/13 03:34:26 | 000,505,224 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/13 03:34:26 | 000,110,704 | ---- | M] () -- C:\WINDOWS\System32\perfc006.dat
[2010/12/13 03:34:26 | 000,088,792 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/13 03:30:55 | 000,206,324 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/12/13 03:30:30 | 000,000,910 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/13 03:30:27 | 000,000,198 | ---- | M] () -- C:\PSLOG
[2010/12/12 16:12:40 | 000,000,111 | ---- | M] () -- C:\WINDOWS\GMouse.ini
[2010/12/12 15:35:00 | 000,001,012 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-412668190-1801674531-1003Core.job
[2010/12/11 02:11:00 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/06 13:42:14 | 000,000,760 | ---- | M] () -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\setup_ldm.iss
[2010/12/04 11:36:03 | 000,002,439 | ---- | M] () -- C:\Documents and Settings\Tina Vilhelmsen\Skrivebord\Google Chrome.lnk
[2010/12/04 11:36:03 | 000,002,417 | ---- | M] () -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/30 13:43:53 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tina Vilhelmsen\temp.dat
[2010/11/17 16:27:23 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Microsoft\Internet Explorer\Quick Launch\SpeedUpMyPC.lnk
[2010/11/16 09:55:17 | 000,053,216 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/13 13:47:18 | 000,001,552 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\Skrivebord\Usenet.nl.lnk
[2010/12/13 12:54:24 | 000,000,769 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Microsoft\Internet Explorer\Quick Launch\DriverScanner.lnk
[2010/12/06 13:42:14 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\setup_ldm.iss
[2010/11/18 15:51:26 | 001,085,191 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\danid.log.1
[2010/11/18 15:51:26 | 000,804,502 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\danid.log
[2010/11/17 16:27:23 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Microsoft\Internet Explorer\Quick Launch\SpeedUpMyPC.lnk
[2010/11/17 13:55:46 | 000,020,232 | ---- | C] () -- C:\WINDOWS\System32\AntiSpyNative64.exe
[2010/11/17 13:55:46 | 000,016,648 | ---- | C] () -- C:\WINDOWS\System32\AntiSpyNative32.exe
[2010/11/17 13:27:42 | 000,087,544 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2010/11/16 09:55:17 | 000,053,216 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/11/08 18:35:32 | 000,000,111 | ---- | C] () -- C:\WINDOWS\GMouse.ini
[2010/10/20 00:48:18 | 000,272,254 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokale indstillinger\Application Data\WPFFontCache_v0400-S-1-5-21-2052111302-412668190-1801674531-1003-0.dat
[2010/10/20 00:48:16 | 000,160,712 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokale indstillinger\Application Data\FontCache3.0.0.0.dat
[2010/10/20 00:48:14 | 000,272,254 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokale indstillinger\Application Data\WPFFontCache_v0400-System.dat
[2010/08/12 16:29:37 | 000,010,361 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\golfbolde.xlsx
[2010/06/19 05:35:47 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\oashdihasidhasuidhiasdhiashdiuasdhasd
[2010/05/16 14:21:14 | 000,003,766 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010/05/16 14:21:14 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\BCEDB1EE70.sys
[2010/01/27 13:14:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EkspresLøn.INI
[2009/10/03 10:10:54 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/10/03 09:29:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\WgaLogon.dll
[2009/04/02 13:18:51 | 000,007,610 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\Lokale indstillinger\Application Data\slot1.mm1
[2009/03/25 06:54:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\temp.dat
[2009/03/18 15:48:06 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\DLCQinst.dll
[2009/03/18 15:42:28 | 000,344,064 | R--- | C] () -- C:\WINDOWS\System32\dlcqcoin.dll
[2009/03/18 15:42:27 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\DLCQcfg.dll
[2009/03/18 14:30:53 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\Bot.dll
[2009/03/18 14:30:53 | 000,000,101 | ---- | C] () -- C:\WINDOWS\Psxlpr.ini
[2009/03/18 10:53:28 | 000,054,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\snxpserx.sys
[2009/03/18 10:53:28 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\snxprops.dll
[2009/03/14 16:30:10 | 000,000,216 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/03/13 21:43:31 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\default.pls
[2009/03/12 16:41:36 | 000,001,199 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\CommandDispatchers.xml
[2009/03/12 16:41:35 | 000,001,162 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\cleaner-config.xml
[2009/03/11 16:48:33 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/03/11 16:47:55 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\Lokale indstillinger\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/11 14:09:06 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\WBCustomizer.dll
[2009/03/11 11:07:39 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\.rnd
[2009/03/10 21:35:14 | 000,014,938 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/03/10 21:21:59 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DLPRMON.DLL
[2009/03/10 21:21:59 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLPMONUI.DLL
[2009/03/10 20:54:51 | 000,000,602 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2009/03/10 20:50:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI
[2009/03/10 18:58:39 | 000,035,000 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009/03/10 18:19:00 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\Lokale indstillinger\Application Data\fusioncache.dat
[2009/03/10 16:53:23 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009/03/10 16:53:10 | 000,036,054 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/03/10 16:53:08 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009/03/10 10:57:18 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/10/07 03:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 03:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/07/26 02:25:02 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/05/26 16:23:18 | 000,016,130 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 16:23:16 | 000,021,898 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 16:23:14 | 000,016,012 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/01/03 09:26:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/01/03 09:26:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/01/03 09:26:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/01/03 09:26:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/01/03 09:26:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/20 19:17:44 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcqinsb.dll
[2006/10/20 19:17:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcqcub.dll
[2006/10/20 19:15:28 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcqcu.dll
[2006/10/20 19:14:54 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcqins.dll
[2006/10/20 19:09:16 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\dlcqutil.dll
[2006/10/20 02:35:38 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcqinsr.dll
[2006/10/20 02:35:32 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcqcur.dll
[2006/10/20 02:34:30 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\dlcqjswr.dll
[2006/10/20 00:35:40 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\dlcqgrd.dll
[2006/08/14 11:32:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dlcqcaps.dll
[2006/08/08 09:58:04 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\dlcqdrs.dll
[2006/05/09 04:10:04 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dlcqcnv4.dll
[2006/04/25 02:11:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlcqvs.dll
[2004/07/10 12:55:38 | 000,252,416 | ---- | C] () -- C:\WINDOWS\System32\wsiShared.dll
[2004/03/15 08:29:12 | 000,000,061 | ---- | C] () -- C:\WINDOWS\System32\uninstall.ini
[1999/01/27 07:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 01:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2009/03/13 04:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Cryptomathic
[2010/12/13 13:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\DriverFinder
[2010/04/26 14:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\GARMIN
[2010/11/09 16:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\GetRightToGo
[2009/03/11 06:15:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Leadertech
[2010/11/09 17:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Mouse Recorder Pro
[2010/06/13 08:12:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Nokia
[2010/06/13 08:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\PC Suite
[2010/05/26 15:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Uniblue
[2010/12/13 14:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Usenet.nl
[2009/03/10 18:16:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Windows Desktop Search
[2009/03/11 07:53:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Windows Search
[2009/04/05 06:36:38 | 000,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue DiskRescue 2009.job
[2010/07/14 07:06:38 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpyEraser.job
[2010/12/13 12:19:32 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{2F54F2CE-7C2F-445C-8DA0-C6802269CED6}.job
[2010/12/13 14:31:00 | 000,000,308 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/12/13 14:05:12 | 000,000,308 | -H-- | M] () -- C:\WINDOWS\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010/12/13 14:26:00 | 000,000,308 | -H-- | M] () -- C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/10/28 03:38:42 | 000,188,721 | ---- | M] () -- C:\28-10-2010 10;38;32.rtf
[2010/10/28 03:44:38 | 000,417,485 | ---- | M] () -- C:\28-10-2010 10;44;30.rtf
[2009/03/10 10:15:13 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/03/29 15:22:08 | 000,614,400 | ---- | M] () -- C:\Backup.va
[2010/12/13 16:46:49 | 000,000,350 | RHS- | M] () -- C:\boot.ini
[2010/12/13 17:01:32 | 000,002,638 | ---- | M] () -- C:\bootex.log
[2001/10/09 06:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010/04/18 09:34:40 | 000,030,080 | ---- | M] () -- C:\ComboFix.txt
[2009/03/10 10:15:13 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/12/09 22:38:51 | 000,094,821 | ---- | M] () -- C:\dlcq.log
[2009/03/10 10:15:13 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/20 11:58:45 | 000,020,562 | ---- | M] () -- C:\lopR.txt
[2010/04/16 17:18:19 | 000,000,119 | ---- | M] () -- C:\mbam-error.txt
[2009/03/10 10:15:13 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/13 02:43:04 | 000,047,564 | ---- | M] () -- C:\ntdetect.com
[2008/04/13 04:31:50 | 000,250,576 | ---- | M] () -- C:\ntldr
[2010/12/13 03:30:27 | 000,000,198 | ---- | M] () -- C:\PSLOG
[2009/03/10 19:05:25 | 000,000,519 | ---- | M] () -- C:\RHDSetup.log
[2009/03/18 15:49:40 | 000,000,172 | ---- | M] () -- C:\setupfax.log
[2009/03/21 20:21:57 | 000,000,057 | ---- | M] () -- C:\splash.idx
[2008/11/19 09:13:04 | 000,005,552 | -H-- | M] () -- C:\version


< MD5 for: EXPLORER.EXE >
[2008/04/14 02:05:50 | 001,034,752 | ---- | M] (Microsoft Corporation) MD5=1D9BD1CAA1E4CF63370F201DF742DC7D -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/14 02:05:50 | 001,034,752 | ---- | M] (Microsoft Corporation) MD5=1D9BD1CAA1E4CF63370F201DF742DC7D -- C:\WINDOWS\explorer.exe
[2008/04/14 02:05:50 | 001,034,752 | ---- | M] (Microsoft Corporation) MD5=1D9BD1CAA1E4CF63370F201DF742DC7D -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: USERINIT.EXE >
[2008/04/14 02:06:06 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7B3770DB760FBBA068454EAFCAA89772 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/14 02:06:06 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7B3770DB760FBBA068454EAFCAA89772 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 02:06:06 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7B3770DB760FBBA068454EAFCAA89772 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008/04/14 02:06:08 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=E0339362391BF6AC04D1622EF8E3A61B -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/14 02:06:08 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=E0339362391BF6AC04D1622EF8E3A61B -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 02:06:08 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=E0339362391BF6AC04D1622EF8E3A61B -- C:\WINDOWS\system32\winlogon.exe
< End of report >
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets see if this works

Start OTLPE as you did previously from CD
Copy the attached Fix.txt to a USB
[attachment=46623:fix.txt]
  • Insert your USB drive with fix.txt on it
  • Start OTLPE
  • Drag and drop fix.txt into the Custom scans and fixes box
  • If you cannot drag and drop for some reason. Then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your USB drive
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done to normal mode if possible
  • Then post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

  • 0

#8
Ruske

Ruske

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
I did the fix, but when I rebooted to normal mode, I still get the blue screen, so unfortunately it did not help. What should I do next ?

Here you have a new OTL.txt file

OTL logfile created on: 12/14/2010 10:05:58 PM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2800.5512)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmer
Drive C: | 149.00 Gb Total Space | 112.62 Gb Free Space | 75.58% Space Free | Partition Type: NTFS
Drive D: | 233.76 Gb Total Space | 231.31 Gb Free Space | 98.95% Space Free | Partition Type: NTFS
Drive E: | 3.84 Gb Total Space | 2.34 Gb Free Space | 60.93% Space Free | Partition Type: FAT32
Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- d:\Programmer\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2010/12/13 14:03:25 | 000,253,952 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Auto] -- C:\WINDOWS\system32\sshnas21.dll -- (SSHNAS)
SRV - [2010/10/15 18:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto] -- C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/09/01 09:51:28 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand] -- C:\Programmer\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/08/05 12:11:44 | 001,885,488 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programmer\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2010/07/01 10:17:24 | 001,832,072 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programmer\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2010/07/01 09:24:02 | 000,357,704 | ---- | M] (Symantec Corporation) [Disabled] -- C:\Programmer\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2010/05/06 10:21:14 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2010/05/06 10:21:14 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2010/03/18 06:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 06:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 06:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010/02/17 03:53:18 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Programmer\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2009/07/20 06:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Programmer\Fælles filer\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/03/30 10:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008/11/03 18:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programmer\Fælles filer\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/09/10 10:22:32 | 000,229,648 | ---- | M] (Uniblue) [Auto] -- C:\Programmer\Uniblue\DiskRescue\UBDiskRescueSrv.exe -- (Uniblue DiskRescue)
SRV - [2008/07/26 02:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto] -- C:\Programmer\Fælles filer\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/07/26 02:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto] -- C:\Programmer\Fælles filer\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2008/02/28 11:07:48 | 000,529,704 | ---- | M] (Nero AG) [Disabled] -- C:\Programmer\Fælles filer\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2006/12/12 03:22:34 | 000,537,480 | ---- | M] ( ) [On_Demand] -- C:\WINDOWS\System32\dlcqcoms.exe -- (dlcq_device)
SRV - [2006/10/26 07:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)
SRV - [2006/10/26 07:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programmer\Fælles filer\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010/12/09 04:00:00 | 001,360,248 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Programmer\Fælles filer\Symantec Shared\VirusDefs\20101212.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/12/09 04:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Programmer\Fælles filer\Symantec Shared\VirusDefs\20101212.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/08/29 11:28:02 | 000,125,488 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/05/26 03:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Programmer\Fælles filer\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/26 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Programmer\Fælles filer\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/03/08 05:59:14 | 000,320,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2010/03/08 05:59:14 | 000,283,184 | ---- | M] (Symantec Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2010/03/08 05:59:14 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2010/02/26 07:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 07:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 07:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 07:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/02/26 07:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009/12/18 08:42:12 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Programmer\Fælles filer\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/09/11 06:48:04 | 000,066,056 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2009/09/11 06:47:54 | 000,014,984 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2009/09/11 06:47:32 | 000,035,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009/09/11 06:47:22 | 000,022,792 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2009/09/03 10:03:48 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/09/03 10:03:48 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/07/14 06:51:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2009/06/17 11:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 11:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/02/18 08:44:00 | 006,308,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/12/18 17:43:18 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2008/12/18 17:43:06 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008/08/26 03:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/24 21:22:00 | 000,014,208 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/08/05 06:29:00 | 000,039,456 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2008/08/01 05:36:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/08/01 05:36:00 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/07/26 02:25:02 | 000,025,624 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/05/07 06:21:40 | 004,739,072 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/13 05:45:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB-lyddriver (WDM)
DRV - [2008/04/13 05:00:04 | 000,225,664 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008/04/13 04:53:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 02:36:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/04/16 10:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006/02/27 00:46:20 | 000,081,408 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2004/12/16 10:41:30 | 000,089,808 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\slabser.sys -- (slabser)
DRV - [2004/08/12 05:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/03/11 10:24:14 | 000,052,384 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\slabbus.sys -- (slabbus) CP2101 USB Composite Device driver (WDM)
DRV - [2003/10/16 04:44:04 | 000,082,704 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cyg_ser.sys -- (cyg_ser)
DRV - [2003/08/29 01:43:48 | 000,334,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CamDrL21.sys -- (PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0)
DRV - [2003/04/07 04:37:58 | 000,075,264 | ---- | M] (Sunix) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snxppalx.sys -- (SNXPPALX)
DRV - [2003/04/02 10:06:58 | 000,020,864 | ---- | M] (Sunix) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snxpcard.sys -- (SNXPCARD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Internet Explorer\SearchURL\www.google.dk, =
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Internet Explorer\SearchURL\www.google.dk, = +
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Internet Explorer\SearchURL\www.google.dk,# =
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Internet Explorer\SearchURL\www.google.dk,% =
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Internet Explorer\SearchURL\www.google.dk,& =
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Internet Explorer\SearchURL\www.google.dk,+ =
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKU\Tina_Vilhelmsen_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Programmer\Fiddler2\FiddlerHook [2010/11/04 15:04:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Programmer\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/07/22 09:01:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Programmer\Mozilla Firefox\components [2010/11/04 13:57:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Programmer\Mozilla Firefox\plugins [2010/11/17 15:02:13 | 000,000,000 | ---D | M]

[2010/11/17 17:12:54 | 000,000,000 | ---D | M] -- C:\Programmer\Mozilla Firefox\extensions
[2010/07/14 06:07:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmer\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/05/18 15:46:59 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmer\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/24 12:19:34 | 000,001,525 | ---- | M] () -- C:\Programmer\Mozilla Firefox\searchplugins\amazon-co-uk.xml
[2010/10/24 12:19:34 | 000,001,178 | ---- | M] () -- C:\Programmer\Mozilla Firefox\searchplugins\wikipedia-da.xml
[2010/10/24 12:19:34 | 000,001,102 | ---- | M] () -- C:\Programmer\Mozilla Firefox\searchplugins\yahoo-dk.xml

O1 HOSTS File: ([2010/12/14 21:54:19 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Hjælp til tilmelding til Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (CutePDF Form Filler Helper) - {D41289F2-69C6-417B-897E-C653D677CBAF} - C:\Programmer\Acro Software\CutePDF Pro\CPFillerCo.dll (Acro Software Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Tina_Vilhelmsen_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ccApp] C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DLCQCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.DLL ()
O4 - HKLM..\Run: [dlcqmon.exe] C:\Programmer\Dell Photo AIO Printer 966\dlcqmon.exe ()
O4 - HKLM..\Run: [FaxCenterServer] C:\Programmer\Dell PC Fax\fm3032.exe ()
O4 - HKLM..\Run: [Google Quick Search Box] C:\Programmer\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programmer\Fælles filer\InstallShield\UpdateService\isuspm.exe File not found
O4 - HKLM..\Run: [ISUSScheduler] C:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Programmer\Fælles filer\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programmer\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [MemoryCardManager] C:\Programmer\Dell Photo AIO Printer 966\memcard.exe ()
O4 - HKLM..\Run: [NBKeyScan] C:\Programmer\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programmer\Fælles filer\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PlexUtilities] C:\Programmer\Plextor\PlexUTILITIES\PlexRadar.exe File not found
O4 - HKU\Tina_Vilhelmsen_ON_C..\Run: [DriverFinder] C:\Programmer\DriverFinder\DriverFinder.exe File not found
O4 - HKU\Tina_Vilhelmsen_ON_C..\Run: [DriverScanner] C:\Programmer\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited)
O4 - HKU\Tina_Vilhelmsen_ON_C..\Run: [PC Suite Tray] C:\Programmer\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\Tina_Vilhelmsen_ON_C..\Run: [swg] C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\Tina_Vilhelmsen_ON_C..\Run: [Uniblue SpyEraser] C:\Programmer\Uniblue\SpyEraser\SpyEraser.exe (Uniblue Software)
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found
O4 - HKU\Administrator_ON_C..\RunOnce: [_nltide_2] File not found
O4 - HKU\Administrator_ON_C..\RunOnce: [tscuninstall] C:\WINDOWS\System32\tscupgrd.exe File not found
O4 - HKU\Tina_Vilhelmsen_ON_C..\RunOnce: [DriverScanner] C:\Programmer\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited)
O4 - Startup: C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Tina_Vilhelmsen_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Tina_Vilhelmsen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\Tina_Vilhelmsen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Tina_Vilhelmsen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki ... - C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Programmer\Fiddler2\Fiddler.exe (Eric Lawrence)
O9 - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Programmer\Fiddler2\Fiddler.exe (Eric Lawrence)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programmer\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} https://www.sparnord...e-prod-1.30.cab (ActiveX sikkerhedssoftware Control)
O16 - DPF: {11818680-FCF6-11D0-9808-0800092A4865} http://www.kps.dk/Codebase/FormCtl.cab (Adobe Form Control)
O16 - DPF: {1469FF24-47F6-11D2-8805-006008C537E3} http://www.kps.dk/codebase/ffmail.cab (Adobe Mail Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.co.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {4F2A3649-7A9F-4950-9C31-409FAC6FC7C8} https://danid.dk/csp...nticode/csp.exe (IssueUtilCtrl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1236725578966 (MUWebControl Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...ctDetection.cab (Reg Error: Key error.)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {775879E2-7309-4619-BB02-AADE41F4B690} http://aolsvc.aol.co...web.1.0.0.9.cab (CPlayFirstdreamControl Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {92EB6641-286A-11D2-A68E-00A0C996A6DD} http://www.kps.dk/co...jfsignature.cab (Adobe Signature Object)
O16 - DPF: {9DF01F00-08E7-4DBE-9070-94841463B3FE} https://danid.dk/csp...nticode/csp.exe (Util Class)
O16 - DPF: {AD90E8D1-3B47-11D2-A696-00A0C996A6DD} http://www.kps.dk/co...se/jfcrypto.cab (jfCryptoSignature Class)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CDDCFBB3-4D93-11D2-B1A9-00A0C9B742BE} http://www.kps.dk/co...criptobject.cab (Adobe Script Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {EF2FB80F-0975-408E-A871-B00CC863478A} http://www.kps.dk/co...ntinstaller.cab (Adobe Soft Font Installer)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmer\Fælles filer\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmer\Fælles filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\programmer\fælles filer\logishrd\bluetooth\LBTWlgn.dll - C:\Programmer\Fælles filer\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll ()
O24 - Desktop Components:0 (Min aktuelle startside) - About:Home
O24 - Desktop BackupWallPaper: C:\WINDOWS\Prærievind.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programmer\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/10 10:15:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: winmgmt - C:\WINDOWS\system32\wbem\winmgmt.exe (Microsoft Corporation)

Drivers32: msacm.enc - C:\WINDOWS\System32\ITIG726.acm (Ingenient Technologies, Inc.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2010/12/14 21:54:07 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/12/13 13:59:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\Skrivebord\Driver_Detective_v6.4.1.5_Full_Cracked_Version_Of_2010_Multilang_incl_Bonus_Tools.part2
[2010/12/13 13:47:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Usenet.nl
[2010/12/13 13:47:17 | 000,000,000 | ---D | C] -- C:\Programmer\Usenet.nl
[2010/12/13 13:12:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\PlexUTILITIES
[2010/12/13 13:12:30 | 000,000,000 | ---D | C] -- C:\Programmer\Plextor
[2010/12/13 12:48:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\DriverFinder
[2010/12/08 16:14:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2010/11/18 15:51:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\.oces2
[2010/11/18 15:02:54 | 000,000,000 | ---D | C] -- C:\Programmer\Fælles filer\Adobe
[2010/11/18 15:02:54 | 000,000,000 | ---D | C] -- C:\Programmer\Adobe
[2010/11/18 14:22:07 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Lokale indstillinger\Application Data\Microsoft
[2010/11/18 14:22:07 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2010/11/18 14:22:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo
[2010/11/18 14:22:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Application Data
[2010/11/18 14:22:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menuen Start
[2010/11/18 14:22:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2010/11/18 14:22:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\Cookies
[2010/11/18 14:22:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Skabeloner
[2010/11/18 14:22:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Recent
[2010/11/18 14:22:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Printere
[2010/11/18 14:22:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Lokale indstillinger
[2010/11/18 14:22:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Andre computere
[2010/11/18 14:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Skrivebord
[2010/11/18 14:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Lokale indstillinger\Application Data\Microsoft Help
[2010/11/18 14:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Foretrukne
[2010/11/18 14:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenter
[2010/11/18 14:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Lokale indstillinger\Application Data\Adobe
[2010/11/18 11:45:25 | 000,000,000 | ---D | C] -- C:\Programmer\Windows Installer Clean Up
[2010/11/17 15:02:12 | 000,000,000 | ---D | C] -- C:\Programmer\NOS
[2010/11/17 13:31:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\Lokale indstillinger\Application Data\CutePDF_Filler
[2010/11/17 13:29:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\Lokale indstillinger\Application Data\CustomStamp
[2010/11/17 13:28:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\Lokale indstillinger\Application Data\CutePDF_Pro
[2010/11/17 13:28:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\Lokale indstillinger\Application Data\CutePDF
[2010/11/17 13:28:51 | 000,000,000 | ---D | C] -- C:\Programmer\GPLGS
[2010/11/17 12:47:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tina Vilhelmsen\Lokale indstillinger\Application Data\CutePDF Writer
[2010/11/16 09:53:07 | 000,000,000 | ---D | C] -- C:\iPod Photo Cache
[2010/11/16 09:53:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2010/11/16 09:53:04 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2009/03/18 15:48:06 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\DLCQhcp.dll
[2006/10/11 17:41:42 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqinpa.dll
[2006/10/11 17:01:40 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqpmui.dll
[2006/10/11 16:59:56 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqserv.dll
[2006/10/11 16:54:10 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqcomm.dll
[2006/10/11 16:52:34 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqlmpm.dll
[2006/10/11 16:51:16 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqiesc.dll
[2006/10/11 16:48:58 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqpplc.dll
[2006/10/11 16:48:14 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqcomc.dll
[2006/10/11 16:47:42 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqprox.dll
[2006/10/11 16:41:04 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqusb1.dll
[2006/10/11 16:37:14 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcqhbn3.dll

========== Files - Modified Within 30 Days ==========

[2010/12/14 21:31:15 | 000,000,210 | RHS- | M] () -- C:\boot.ini
[2010/12/13 16:25:51 | 000,000,318 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/12/13 16:25:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/13 14:03:25 | 000,253,952 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\System32\sshnas21.dll
[2010/12/13 13:50:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/13 13:47:18 | 000,001,552 | ---- | M] () -- C:\Documents and Settings\Tina Vilhelmsen\Skrivebord\Usenet.nl.lnk
[2010/12/13 13:35:00 | 000,001,064 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-412668190-1801674531-1003UA.job
[2010/12/13 13:12:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/13 12:19:32 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2F54F2CE-7C2F-445C-8DA0-C6802269CED6}.job
[2010/12/13 03:34:26 | 000,544,294 | ---- | M] () -- C:\WINDOWS\System32\perfh006.dat
[2010/12/13 03:34:26 | 000,505,224 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/13 03:34:26 | 000,110,704 | ---- | M] () -- C:\WINDOWS\System32\perfc006.dat
[2010/12/13 03:34:26 | 000,088,792 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/13 03:30:55 | 000,206,324 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/12/13 03:30:30 | 000,000,910 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/13 03:30:27 | 000,000,198 | ---- | M] () -- C:\PSLOG
[2010/12/12 16:12:40 | 000,000,111 | ---- | M] () -- C:\WINDOWS\GMouse.ini
[2010/12/12 15:35:00 | 000,001,012 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-412668190-1801674531-1003Core.job
[2010/12/11 02:11:00 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/06 13:42:14 | 000,000,760 | ---- | M] () -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\setup_ldm.iss
[2010/12/04 11:36:03 | 000,002,439 | ---- | M] () -- C:\Documents and Settings\Tina Vilhelmsen\Skrivebord\Google Chrome.lnk
[2010/12/04 11:36:03 | 000,002,417 | ---- | M] () -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/30 13:43:53 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tina Vilhelmsen\temp.dat
[2010/11/17 16:27:23 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Microsoft\Internet Explorer\Quick Launch\SpeedUpMyPC.lnk
[2010/11/16 09:55:17 | 000,053,216 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat

========== Files Created - No Company Name ==========

[2010/12/13 13:47:18 | 000,001,552 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\Skrivebord\Usenet.nl.lnk
[2010/12/06 13:42:14 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\setup_ldm.iss
[2010/11/18 15:51:26 | 001,085,191 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\danid.log.1
[2010/11/18 15:51:26 | 000,804,502 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\danid.log
[2010/11/17 16:27:23 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\Application Data\Microsoft\Internet Explorer\Quick Launch\SpeedUpMyPC.lnk
[2010/11/17 13:27:42 | 000,087,544 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2010/11/16 09:55:17 | 000,053,216 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/11/08 18:35:32 | 000,000,111 | ---- | C] () -- C:\WINDOWS\GMouse.ini
[2010/10/20 00:48:18 | 000,272,254 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokale indstillinger\Application Data\WPFFontCache_v0400-S-1-5-21-2052111302-412668190-1801674531-1003-0.dat
[2010/10/20 00:48:16 | 000,160,712 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokale indstillinger\Application Data\FontCache3.0.0.0.dat
[2010/10/20 00:48:14 | 000,272,254 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokale indstillinger\Application Data\WPFFontCache_v0400-System.dat
[2010/08/12 16:29:37 | 000,010,361 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\golfbolde.xlsx
[2010/06/19 05:35:47 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\oashdihasidhasuidhiasdhiashdiuasdhasd
[2010/05/16 14:21:14 | 000,003,766 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010/05/16 14:21:14 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\BCEDB1EE70.sys
[2010/01/27 13:14:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EkspresLøn.INI
[2009/10/03 10:10:54 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/10/03 09:29:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\WgaLogon.dll
[2009/04/02 13:18:51 | 000,007,610 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\Lokale indstillinger\Application Data\slot1.mm1
[2009/03/25 06:54:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\temp.dat
[2009/03/18 15:48:06 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\DLCQinst.dll
[2009/03/18 15:42:28 | 000,344,064 | R--- | C] () -- C:\WINDOWS\System32\dlcqcoin.dll
[2009/03/18 15:42:27 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\DLCQcfg.dll
[2009/03/18 14:30:53 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\Bot.dll
[2009/03/18 14:30:53 | 000,000,101 | ---- | C] () -- C:\WINDOWS\Psxlpr.ini
[2009/03/18 10:53:28 | 000,054,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\snxpserx.sys
[2009/03/18 10:53:28 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\snxprops.dll
[2009/03/14 16:30:10 | 000,000,216 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/03/13 21:43:31 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\default.pls
[2009/03/12 16:41:36 | 000,001,199 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\CommandDispatchers.xml
[2009/03/12 16:41:35 | 000,001,162 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\cleaner-config.xml
[2009/03/11 16:48:33 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/03/11 16:47:55 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\Lokale indstillinger\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/11 14:09:06 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\WBCustomizer.dll
[2009/03/11 11:07:39 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\.rnd
[2009/03/10 21:35:14 | 000,014,938 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/03/10 21:21:59 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DLPRMON.DLL
[2009/03/10 21:21:59 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLPMONUI.DLL
[2009/03/10 20:54:51 | 000,000,602 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2009/03/10 20:50:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI
[2009/03/10 18:58:39 | 000,035,000 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009/03/10 18:19:00 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Tina Vilhelmsen\Lokale indstillinger\Application Data\fusioncache.dat
[2009/03/10 16:53:23 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009/03/10 16:53:10 | 000,036,054 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/03/10 16:53:08 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009/03/10 10:57:18 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/10/07 03:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 03:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/07/26 02:25:02 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/05/26 16:23:18 | 000,016,130 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 16:23:16 | 000,021,898 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 16:23:14 | 000,016,012 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/01/03 09:26:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/01/03 09:26:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/01/03 09:26:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/01/03 09:26:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/01/03 09:26:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/20 19:17:44 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcqinsb.dll
[2006/10/20 19:17:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcqcub.dll
[2006/10/20 19:15:28 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcqcu.dll
[2006/10/20 19:14:54 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcqins.dll
[2006/10/20 19:09:16 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\dlcqutil.dll
[2006/10/20 02:35:38 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcqinsr.dll
[2006/10/20 02:35:32 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcqcur.dll
[2006/10/20 02:34:30 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\dlcqjswr.dll
[2006/10/20 00:35:40 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\dlcqgrd.dll
[2006/08/14 11:32:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dlcqcaps.dll
[2006/08/08 09:58:04 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\dlcqdrs.dll
[2006/05/09 04:10:04 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dlcqcnv4.dll
[2006/04/25 02:11:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlcqvs.dll
[2004/07/10 12:55:38 | 000,252,416 | ---- | C] () -- C:\WINDOWS\System32\wsiShared.dll
[2004/03/15 08:29:12 | 000,000,061 | ---- | C] () -- C:\WINDOWS\System32\uninstall.ini
[1999/01/27 07:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 01:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/10/28 03:38:42 | 000,188,721 | ---- | M] () -- C:\28-10-2010 10;38;32.rtf
[2010/10/28 03:44:38 | 000,417,485 | ---- | M] () -- C:\28-10-2010 10;44;30.rtf
[2009/03/10 10:15:13 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/03/29 15:22:08 | 000,614,400 | ---- | M] () -- C:\Backup.va
[2010/12/14 21:31:15 | 000,000,210 | RHS- | M] () -- C:\boot.ini
[2010/12/13 17:01:32 | 000,002,638 | ---- | M] () -- C:\bootex.log
[2001/10/09 06:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010/04/18 09:34:40 | 000,030,080 | ---- | M] () -- C:\ComboFix.txt
[2009/03/10 10:15:13 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/12/09 22:38:51 | 000,094,821 | ---- | M] () -- C:\dlcq.log
[2009/03/10 10:15:13 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/20 11:58:45 | 000,020,562 | ---- | M] () -- C:\lopR.txt
[2010/04/16 17:18:19 | 000,000,119 | ---- | M] () -- C:\mbam-error.txt
[2009/03/10 10:15:13 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/13 02:43:04 | 000,047,564 | ---- | M] () -- C:\ntdetect.com
[2008/04/13 04:31:50 | 000,250,576 | ---- | M] () -- C:\ntldr
[2010/12/14 21:18:59 | 000,105,984 | ---- | M] () -- C:\OTL.Txt
[2010/12/13 03:30:27 | 000,000,198 | ---- | M] () -- C:\PSLOG
[2009/03/10 19:05:25 | 000,000,519 | ---- | M] () -- C:\RHDSetup.log
[2009/03/18 15:49:40 | 000,000,172 | ---- | M] () -- C:\setupfax.log
[2009/03/21 20:21:57 | 000,000,057 | ---- | M] () -- C:\splash.idx
[2008/11/19 09:13:04 | 000,005,552 | -H-- | M] () -- C:\version


< MD5 for: EXPLORER.EXE >
[2008/04/14 02:05:50 | 001,034,752 | ---- | M] (Microsoft Corporation) MD5=1D9BD1CAA1E4CF63370F201DF742DC7D -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/14 02:05:50 | 001,034,752 | ---- | M] (Microsoft Corporation) MD5=1D9BD1CAA1E4CF63370F201DF742DC7D -- C:\WINDOWS\explorer.exe
[2008/04/14 02:05:50 | 001,034,752 | ---- | M] (Microsoft Corporation) MD5=1D9BD1CAA1E4CF63370F201DF742DC7D -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: USERINIT.EXE >
[2008/04/14 02:06:06 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7B3770DB760FBBA068454EAFCAA89772 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/14 02:06:06 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7B3770DB760FBBA068454EAFCAA89772 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 02:06:06 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7B3770DB760FBBA068454EAFCAA89772 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008/04/14 02:06:08 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=E0339362391BF6AC04D1622EF8E3A61B -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/14 02:06:08 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=E0339362391BF6AC04D1622EF8E3A61B -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 02:06:08 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=E0339362391BF6AC04D1622EF8E3A61B -- C:\WINDOWS\system32\winlogon.exe
< End of report >
  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are you able to access the F8 menu with the recovery console as an option ?
  • 0

#10
Ruske

Ruske

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Have to try ! Will be back shortly.
  • 0

Advertisements


#11
Ruske

Ruske

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Yes, I can get the F8 menu, but it does not semm to have the recory consol as an option.
  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Will the F8 menu allow you to boot to safe mode ?
  • 0

#13
Ruske

Ruske

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Nope, I only get a black screen with a blinking cursor.
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK bear with me I need to check something out
  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
We will use an mobile operating system called xPUD, and a script called rst.sh to restore your computer.

On the clean computer.

Creating a bootable USB using xPUD
  • Please download the following files and save it to the desktop
  • Insert the USB device to make bootable to the computer. (Make sure that no other USB's are inserted)
  • Double-click on unetbootin.exe to run
  • Select Disk Image, ISO and in the space provided, enter the path location of xpud-0.9.2.iso (ex. C:\Documents and Settings\yourusername\Desktop\xpud-0.9.2.iso)
  • Select USB Drive type and the drive letter assigned to your USB stick.
  • Click "OK" and wait until the program finishes. You now have a bootable xPUD.
  • Download the following tool and save it inside the bootable USB

Please note: if you prefer to create a bootable CD using xPUD, you may download the ISO image found here and burn it to a CD.



On the infected computer.
  • Reboot your system using the xPUD bootable USB you just created.
    Note : If you do not know how to set your computer to boot from USB follow the steps here
  • Your system should now display a xPUD desktop.
  • Select on the File icon; on the right pane click on the "mnt" folder and highlight "sdb1" - this is your USB device.

    sda1,2...usually corresponds to your HDD
    sdb1 is likely your USB

  • Click on the "Tool" menu and select Open Terminal
    Posted Image
  • In the open terminal window, type in the following:

    bash rst.sh
  • Press "Enter" and let it run uninterrupted.
    (The program lists available Restore Points and will save a report enum.log located in the USB drive.)
  • The program is finished when it say's "Done".
  • Type "Exit" to close the terminal window.
  • Please attached the enum.log file in your reply. (You may remove your USB drive when transferring log to a clean computer).

Please note: If you have an ethernet connection you can access the internet by way of xPUD (Firefox). You can perform all these steps on your sick computer. When you download the download will reside in the Download folder. It can be found under the File tab also. You can similarly access our thread by way of this OS too so you can send the logs that way.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP