kroghelg Skrevet 22. desember 2007 Rapporter Del Skrevet 22. desember 2007 Heisan Sitter på en pc som har hatt/har mye virus Den er blitt veldig treg etterhvert Har scannet den med SAS, Avira og cc-cleaner Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:52:36, on 22.12.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\AntiVir PersonalEdition Classic\avguard.exe C:\Programfiler\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Video Add-on\isfmntr.exe C:\windows\system\hpsysdrv.exe C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe C:\WINDOWS\VM_STI.EXE C:\Programfiler\AntiVir PersonalEdition Classic\avgnt.exe C:\Programfiler\Java\jre1.5.0_08\bin\jusched.exe C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\Programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE C:\Programfiler\Fellesfiler\Teleca Shared\Generic.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\MSN Messenger\usnsvc.exe C:\Programfiler\Video Add-on\isfmm.exe C:\Programfiler\MSN Messenger\msnmsgr.exe C:\Programfiler\AntiVir PersonalEdition Classic\avscan.exe C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programfiler\Internet Explorer\iexplore.exe C:\Documents and Settings\HP_Eier\Skrivebord\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/def.../search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {69B98C68-D2B8-4A4E-9CB7-E85B6F3A7014} - C:\Programfiler\Video Add-on\isfmdl.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_08\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {CA356D79-679B-4b4c-8E49-5AF97014F4C1} - (no file) O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8684BB} - C:\Programfiler\Helper\findsiteonline.dll O3 - Toolbar: HP-visning - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Programfiler\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: IE Custom Tools - {F2BADA0D-FD61-45EF-A994-64A073FD6613} - C:\Programfiler\Video Add-on\ictmdl.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 300NC PC Camera O4 - HKLM\..\Run: [iSUSPM Startup] c:\progra~1\felles~1\instal~1\update~1\isuspm.exe -startup O4 - HKLM\..\Run: [avgnt] "C:\Programfiler\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [V0230Mon.exe] C:\WINDOWS\V0230Mon.exe O4 - HKLM\..\Run: [AVFX Engine] C:\Programfiler\Creative\Creative Live! Cam\VideoFX\StartFX.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_08\bin\jusched.exe O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MicrosoftService] service.exe O4 - HKLM\..\Run: [salestart] "C:\Programfiler\Fellesfiler\WinAnonymous\mc.exe" dm=http://winanonymous.com ad=http://winanonymous.com sd=http://ilp.winanonymous.com O4 - HKLM\..\RunServices: [load] msupdate.exe O4 - HKCU\..\Run: [LDM] C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Programfiler\Video Add-on\icthis.exe O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Programfiler\Video Add-on\isfmntr.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Programfiler\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Programfiler\Picasa2\PicasaMediaDetector.exe (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.securesoftwarefeed.com/redirect.php (file missing) O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.securesoftwarefeed.com/redirect.php (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {47CEF84E-92D8-4C4A-86D7-CB982889DCC0} (Oberon Media Network Optimizer) - http://mp1.mplay.oberon-media.com/client/flashnet.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {4FAE30E1-EE9C-477D-8D06-BF8D3429B60F} (WebIQ Technology Client) - https://www.webiqonline.com/WebIQ/bin/WebIQ.cab O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave.com/content/dinerdash...h2.1.0.0.53.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1126040459875 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} (Seekford Solutions, Inc.'s ssiPictureUploader Control) - http://img.funtigo.com/images/uploader/ssi...ureUploader.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/6c5b0a...5/Installer.exe O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: bw+0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: cariniana - {5c770fbc-cc2f-4acd-93e8-e6f0594307fd} - (no file) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programfiler\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programfiler\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: Network Translation Service (NTSS) - Unknown owner - C:\WINDOWS\system32\nts.exe (file missing) -- End of file - 22939 bytes Lenke til kommentar
norbat Skrevet 22. desember 2007 Rapporter Del Skrevet 22. desember 2007 (endret) Ja, dette så ikke bra ut Kjør gjennom langversjonen i følgende post: https://www.diskusjon.no/index.php?showtopic=691246. Dette vil rense bort mye rusk og rask. Resten tar vi etterpå (Hvis du har kjørt SAS og CCleaner, tar du og kjører Combofix bare) Edit: SAS bruker normalt å ta Video Add-on. Kunne du ha postet loggen fra SAS også (preferences->statistics/logs) Endret 22. desember 2007 av norbat Lenke til kommentar
kroghelg Skrevet 22. desember 2007 Forfatter Rapporter Del Skrevet 22. desember 2007 hehe,,ikke bra ut er nok bare forbokstaven. Tar lang tid uansett hva jeg gjør, så ,,,ikke hold pusten mens du venter;) Kommer tilbake når jeg har kjørt det. Kent Lenke til kommentar
kroghelg Skrevet 22. desember 2007 Forfatter Rapporter Del Skrevet 22. desember 2007 Da var loggene klar, og kjørt i følgende rekkefølge: combofix ComboFix 07-12-21.4 - HP_Eier 2007-12-22 2:20:59.1 - NTFSx86 Running from: C:\Documents and Settings\HP_Eier\Skrivebord\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\HP_Eier\Programdata\installer_en[1].exe C:\Documents and Settings\HP_Eier\Programdata\setup_en[2].exe C:\Programfiler\Helper C:\Programfiler\Helper\findsiteonline.dll C:\Programfiler\screensavers.com C:\Programfiler\screensavers.com\Wallpaper\swpstart.exe C:\WINDOWS\bobsaver.exe C:\WINDOWS\bobsaver.scr C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53 C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\accessories\dirty_dishes.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\accessories\foodtray.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\accessories\heart1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\accessories\heart2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\accessories\heart3.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\accessories\menu_down.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\accessories\menu_up.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\accessories\mop_prop.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\accessories\ticket.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\music\cafe\cafe_music_a1.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\music\cafe\cafe_music_a2.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\music\cafe\cafe_music_a3.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\music\cafe\cafe_music_a4.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\music\mainmenumusic.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\baby_cry.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\chef_cook1.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\closing_time.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\customer_ditch.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\dialog_down.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\dialog_up.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\drink_table.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\expert.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\highchair_deliver.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\highchair_pickup.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\keystroke2.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\level_lose.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\level_win.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\menu_click.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\menu_rollover.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\mop_pickup.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\mop_spill.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\sfx_bring_check_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\sfx_deliver_food_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\sfx_dropoff_drinks_1.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\sfx_food_ready_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\sfx_gain_heart_1.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\sfx_get_drinks_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\sfx_menu_down.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\sfx_party_arrive_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\sfx_pencil_write_2.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\sfx_pickup_food_1_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\sfx_seat_people_snd.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\spill.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\table_drink.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\audio\sfx\tip_2.ogg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\backgrounds\flo_lose.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\backgrounds\flo_win.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\backgrounds\fullscreendialog.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\backgrounds\high_score_menu_bg.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\backgrounds\levelintro.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\backgrounds\levelintro.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\backgrounds\levelover.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\backgrounds\longdialog.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\backgrounds\longdialog.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\backgrounds\mainmenu.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\backgrounds\mainmenu_logo.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\backgrounds\popup.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\backgrounds\popup.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\backgrounds\textfield.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\backgrounds\upgrade_lines.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\arrowdown_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\arrowdown_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\arrowdown_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\arrowup_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\arrowup_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\arrowup_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\checkbox_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\checkbox_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\checkbox_rotated_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\checkbox_rotated_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\decor_highlight.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\decor_normal.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\decor_selected.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\dialog_button_a_large_1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\dialog_button_a_large_2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\dialog_button_a_large_3.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\dialog_button_a_small_1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\dialog_button_a_small_2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\dialog_button_a_small_3.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\dialog_button_a1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\dialog_button_a2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\dialog_button_a3.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\left_arrow_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\left_arrow_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\left_arrow_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\main_menu_button1_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\main_menu_button1_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\main_menu_button1_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\main_menu_button1_mask.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\main_menu_button2_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\main_menu_button2_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\main_menu_button2_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\main_menu_button2_mask.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\map_button_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\map_button_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\map_button_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\right_arrow_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\right_arrow_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\right_arrow_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\upgrade_down.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\upgrade_over.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\upgrade_up.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\buttons\welcome_player.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\config\actionpoints.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\config\career.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\config\customer.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\config\endless.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\config\global.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\config\powerups.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\cook\stove.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\cursor\arrow.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\cursor\click.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\cursor\click2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\cursor\grab.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\cursor\open.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\dad_male\anim.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\dad_male\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\dad_male\blue.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\dad_male\blue_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\dad_male\legs.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\dad_male\red.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\dad_male\red_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\kid_male\anim.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\kid_male\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\kid_male\blue.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\kid_male\blue_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\kid_male\legs.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\kid_male\red.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\kid_male\red_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\mom_female\anim.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\mom_female\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\mom_female\baby.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\mom_female\baby.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\mom_female\blue.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\mom_female\blue_baby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\mom_female\blue_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\mom_female\legs.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\mom_female\red.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\mom_female\red_baby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\mom_female\red_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\young_female\anim.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\young_female\anim.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\young_female\blue.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\young_female\blue_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\young_female\legs.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\young_female\red.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\customers\young_female\red_legs.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\flo\idle.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\flo\idle.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\flo\lower.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\flo\lower.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\flo\upper.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\flo\upper.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\fonts\mercurius.mvec C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\bench.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\bench.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\blue_highchairbaby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\chair.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\chair.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\dirt2top.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\dirt4top.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\dishcart.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\dishcart.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\green_highchairbaby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\highchair_prop_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\highchair_prop_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\highchairbaby.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\highchairbaby.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\luxury_bench.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\luxury_bench.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\mop_station_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\mop_station_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\mop_station_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\podium.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\podium_heart.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\podium_heart.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\purple_highchairbaby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\radio.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\red_highchairbaby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\spill.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\spill.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\stereo.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\ticketstation.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\ticketstation.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\furniture\yellow_highchairbaby.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\help\family.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\help\help_dividerline.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\help\help1_colormatch1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\help\help1_colormatch2.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\help\help1_noise.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\help\help1_score.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\help\help2_cleardishes.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\help\help2_givecheck.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\help\help2_pickupfood.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\help\help2_servefood.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\help\help2_takeorder.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\hiscore\local-hs-bb.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\hiscore\p1icon.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\layouts\career_1_1.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\layouts\career_1_2.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\layouts\career_1_3.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\layouts\career_1_4.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\layouts\career_1_5.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\layouts\career_1_6.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\layouts\endless_1_1.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\layouts\endless_1_1_a.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\layouts\endless_1_1_b.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\layouts\endless_1_1_c.bin C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\playfirstlogo.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\background.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\chairs\blue.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\chairs\green.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\chairs\green.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\chairs\grey.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\chairs\red.pal C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\food\cup1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\food\food.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\food\food.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\frames\2_0.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\frames\2_1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\furniture\drinkstation1_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\furniture\drinkstation1_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\furniture\drinkstation1_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\people\cook.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\people\cook.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\props\cup_prop1.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\tables\2top.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\tables\2top.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\tables\4top.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\tables\4top.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_0.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_1.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\cafe\upgrades.xml C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\restaurants\tableshadow.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\careerupgrade.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\choosedifficulty.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\closeconfirm.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\entername.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\game.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\getmoregames.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\help1.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\help2.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\hiscore.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\hiscoreinfo.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\hiscoresubmit.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\levelintro.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\levelover.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\loading.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\mainloop.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\mainmenu.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\ok.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\pause.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\style.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\upgrade.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\upsell.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\scripts\yesno.lua C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\splash\aol_logo.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\splash\playfirst_logo.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\strings.xml C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\angersmoke.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\angersmoke.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\bubbles\request_bubble.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\bubbles\request_mop.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\bubbles\request_rejectmeal.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\chairflags.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\chairflags.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\check.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\checkmark.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\closed.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\coinflip.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\coinflip.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\decor_lines.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\dollar.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\expert.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\foodpoof.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\foodpoof.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\heartgrow.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\heartgrow.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\jar.anm C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\jar.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\lives_icon.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\noisering.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\notes\music_boost_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\notes\music_boost_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\notes\music_boost_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\notes\music_boost_d.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\notes\music_boost_e.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\notes\music_boost_f.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\tablenumber_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\tablenumber_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\traynumber.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\tutorialarrow.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\tutorialbox.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\ui_base.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\ui_hand.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\ui_timer_off.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\ui_timer_on.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgradeanim.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_bench_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_bench_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_bench_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_drink_station1_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_drink_station1_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_drink_station1_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_luxury_bench_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_luxury_bench_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_luxury_bench_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_oven_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_oven_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_oven_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_podium_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_podium_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_podium_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_powerbars_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_powerbars_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_powerbars_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_radio_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_radio_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_radio_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_stereo_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_stereo_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_stereo_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_table_a.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_table_b.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\ui\upgrades\icon_table_c.png C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\upsell\dd1.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\upsell\dd2.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\upsell\dd3.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\assets\upsell\dd4.jpg C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.53\dinerdash2.exe C:\WINDOWS\system32\gnjsjc.dll D:\Autorun.inf . ((((((((((((((((((((((((( Files Created from 2007-11-22 to 2007-12-22 ))))))))))))))))))))))))))))))) . 2007-12-21 23:06 . 2007-12-21 23:06 <DIR> dr-h----- C:\Documents and Settings\Administrator\Siste 2007-12-21 22:49 . 2004-08-04 01:03 21,504 --a------ C:\WINDOWS\system32\hidserv.dll 2007-12-21 22:49 . 2004-08-04 01:03 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll 2007-12-21 22:49 . 2004-08-04 00:57 14,720 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys 2007-12-21 22:49 . 2004-08-04 00:57 14,720 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys 2007-12-18 16:33 . 2007-12-18 16:33 <DIR> d-------- C:\Documents and Settings\HP_Eier\Programdata\WinAnonymous 2007-12-18 16:28 . 2007-12-18 16:28 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\WinAnonymous 2007-12-18 16:26 . 2007-12-22 00:14 <DIR> d-------- C:\Programfiler\WinPCDoctor 2007-12-18 16:26 . 2007-12-18 16:26 <DIR> d-------- C:\Programfiler\Fellesfiler\WinAnonymous 2007-12-18 14:57 . 2007-12-18 14:58 <DIR> d-------- C:\Programfiler\Video Add-on 2007-12-17 21:46 . 2007-12-17 21:46 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2007-12-17 21:46 . 2007-12-17 21:46 1,409 --a------ C:\WINDOWS\QTFont.for 2007-12-07 21:37 . 2007-12-07 21:37 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\SUPERAntiSpyware.com 2007-12-07 21:37 . 2007-12-07 21:37 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Sony Ericsson 2007-12-07 21:36 . 2005-01-01 17:54 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS 2007-12-07 21:36 . 2005-01-01 09:10 <DIR> dr------- C:\Documents and Settings\Administrator\Start-meny 2007-12-07 21:36 . 2005-01-01 17:13 <DIR> d--h----- C:\Documents and Settings\Administrator\Skrivere 2007-12-07 21:36 . 2005-01-01 21:40 <DIR> d-------- C:\Documents and Settings\Administrator\Skrivebord 2007-12-07 21:36 . 2005-01-01 19:19 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Symantec 2007-12-07 21:36 . 2005-01-01 21:50 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\SampleView 2007-12-07 21:36 . 2005-01-01 17:46 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Intervideo 2007-12-07 21:36 . 2005-01-01 17:53 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Apple Computer 2007-12-07 21:36 . 2007-12-07 21:37 <DIR> dr-h----- C:\Documents and Settings\Administrator\Programdata 2007-12-07 21:36 . 2005-01-01 09:10 <DIR> dr------- C:\Documents and Settings\Administrator\Mine dokumenter 2007-12-07 21:36 . 2005-01-01 09:11 <DIR> d--h----- C:\Documents and Settings\Administrator\Maler 2007-12-07 21:36 . 2005-01-01 17:13 <DIR> d--h----- C:\Documents and Settings\Administrator\Lokale innstillinger 2007-12-07 21:36 . 2005-01-01 09:10 <DIR> dr------- C:\Documents and Settings\Administrator\Favoritter 2007-12-07 21:36 . 2005-01-01 17:13 <DIR> d--h----- C:\Documents and Settings\Administrator\AndrMask . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-21 22:44 --------- d--h--w C:\Programfiler\InstallShield Installation Information 2007-12-21 22:38 --------- d-----w C:\Programfiler\Fellesfiler\Symantec Shared 2007-12-21 22:07 --------- d-----w C:\Programfiler\SUPERAntiSpyware 2007-12-21 22:01 --------- d---a-w C:\Documents and Settings\All Users\Programdata\TEMP 2007-12-21 22:00 --------- d-----w C:\Documents and Settings\All Users\Programdata\Spybot - Search & Destroy 2007-12-21 21:57 --------- d-----w C:\Documents and Settings\HP_Eier\Programdata\Lavasoft 2007-12-13 14:57 --------- d-----w C:\Programfiler\Picasa2 2007-11-23 14:11 --------- d-----w C:\Programfiler\LimeWire 2007-11-23 13:41 320,512 ----a-w C:\WINDOWS\Tele2Uninstall.exe 2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-11-12 13:34 --------- d-----w C:\Programfiler\Yahoo! 2007-11-12 13:34 --------- d-----w C:\Programfiler\Shockwave.com 2007-11-12 13:33 --------- d-----w C:\Programfiler\Oberon Media . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{69B98C68-D2B8-4A4E-9CB7-E85B6F3A7014}] 2007-12-21 23:30 13312 --a------ C:\Programfiler\Video Add-on\isfmdl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} {F2BADA0D-FD61-45EF-A994-64A073FD6613} [HKEY_CLASSES_ROOT\clsid\{f2bada0d-fd61-45ef-a994-64a073fd6613}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LDM"="C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-02 20:43] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 16:04] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-08-20 22:55] "ISUSScheduler"="C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2004-06-16 13:03] "SiSPower"="Rundll32.exe" [2004-08-04 04:00 C:\WINDOWS\system32\rundll32.exe] "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 20:47 C:\WINDOWS\ALCXMNTR.EXE] "BigDogPath"="C:\WINDOWS\VM_STI.exe" [2004-06-09 15:37] "ISUSPM Startup"="c:\progra~1\felles~1\instal~1\update~1\isuspm.exe" [2004-06-16 13:03] "avgnt"="C:\Programfiler\AntiVir PersonalEdition Classic\avgnt.exe" [2007-10-10 15:30] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 11:45 C:\WINDOWS\KHALMNPR.Exe] "V0230Mon.exe"="C:\WINDOWS\V0230Mon.exe" [2006-09-06 18:01] "AVFX Engine"="C:\Programfiler\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-08-16 00:12] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.5.0_08\bin\jusched.exe" [2006-07-26 02:03] "Sony Ericsson PC Suite"="C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 00:06] "QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2007-04-27 08:41] "MicrosoftService"="service.exe" [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] "load"="msupdate.exe" [] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Picasa Media Detector"="C:\Programfiler\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18] C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\ Logitech Desktop Messenger.lnk - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-07-02 20:43:49] Logitech SetPoint.lnk - C:\Programfiler\Logitech\SetPoint\SetPoint.exe [2007-07-02 20:42:12] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^MyWebSearch Email Plugin.lnk] path=C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\MyWebSearch Email Plugin.lnk backup=C:\WINDOWS\pss\MyWebSearch Email Plugin.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Eier^Start-meny^Programmer^Oppstart^MyWebSearch Email Plugin.lnk] path=C:\Documents and Settings\HP_Eier\Start-meny\Programmer\Oppstart\MyWebSearch Email Plugin.lnk backup=C:\WINDOWS\pss\MyWebSearch Email Plugin.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] AGRSMMSG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare] C:\Programfiler\BearShare\BearShare.exe /pause [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErrorSafe] C:\Programfiler\ErrorSafe\ers.exe /scan [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\First less] C:\DOCUME~1\HP_Eier\PROGRA~1\INFOFA~1\Seek plan.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HbTools] C:\Programfiler\HbTools\Bin\4.7.1.0\HbtOEAddOn.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06] 2004-06-07 19:30 659456 --a------ C:\WINDOWS\system32\hphmon06.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06] 2004-06-07 19:34 49152 --a------ c:\Programfiler\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] c:\progra~1\felles~1\instal~1\update~1\isuspm.exe -startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2007-06-28 08:14 270648 --a------ C:\Programfiler\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] 2003-02-11 20:02 61440 --a------ C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\load] msupdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher] 2004-10-14 21:54 253952 --a------ c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3] C:\Programfiler\MessengerPlus! 3\MsgPlus.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Programfiler\MSN Messenger\MsnMsgr.Exe /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] 2007-10-23 22:18 443968 --a------ C:\Programfiler\Picasa2\PicasaMediaDetector.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2] 2002-10-16 16:57 81920 --a------ C:\WINDOWS\system32\ps2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Programfiler\QuickTime\qttask.exe -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard] 2004-04-14 20:43 233472 --a------ C:\WINDOWS\SMINST\RECGUARD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder] 2003-12-18 00:31 118784 --a------ C:\Windows\Creator\Remind_XP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Stupid Up Ping Bias] C:\Documents and Settings\All Users\Programdata\Htm Trust Stupid Up\forkaxis.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Programfiler\Java\j2re1.4.2_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] C:\Programfiler\Macrogaming\SweetIM\SweetIM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer] VTTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherOnTray] C:\Programfiler\HbTools\Bin\4.7.1.0\HbtWeatherOnTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSearchWHSE] C:\Programfiler\WhenUSearch\whse.exe R0 viaagp1;VIA AGP Filter;C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 11:42] R3 LUsbKbd;Logitech SetPoint USB Keyboard Filter;C:\WINDOWS\system32\Drivers\LUsbKbd.Sys [2004-12-10 11:48] S2 NTSS;Network Translation Service;C:\WINDOWS\system32\nts.exe [] S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver;E:\INSTAL~E\Core\BVRPMPR5.SYS [] S3 se46bus;Sony Ericsson Device 070 driver (WDM);C:\WINDOWS\system32\DRIVERS\se46bus.sys [2006-11-30 14:11] S3 se46mdfl;Sony Ericsson Device 070 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se46mdfl.sys [2006-11-30 14:11] S3 se46mdm;Sony Ericsson Device 070 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se46mdm.sys [2006-11-30 14:11] S3 se46mgmt;Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se46mgmt.sys [2006-11-30 14:11] S3 se46nd5;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS);C:\WINDOWS\system32\DRIVERS\se46nd5.sys [2006-11-30 14:11] S3 se46obex;Sony Ericsson Device 070 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se46obex.sys [2006-11-30 14:11] S3 se46unic;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM);C:\WINDOWS\system32\DRIVERS\se46unic.sys [2006-11-30 14:11] S3 V0230Vfx;V0230Vfx;C:\WINDOWS\system32\DRIVERS\V0230Vfx.sys [2006-03-23 18:00] S3 V0230VID;Live! Cam Video IM Pro;C:\WINDOWS\system32\DRIVERS\V0230VID.sys [2006-09-28 18:01] *Newly Created Service* - CATCHME *Newly Created Service* - PROCEXP90 . Contents of the 'Scheduled Tasks' folder "2007-12-18 10:13:07 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Programfiler\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-22 02:30:34 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-22 2:31:45 . 2007-12-13 02:05:52 --- E O F --- SAS SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 12/22/2007 at 03:49 AM Application Version : 3.9.1008 Core Rules Database Version : 3366 Trace Rules Database Version: 1365 Scan type : Complete Scan Total Scan Time : 01:14:11 Memory items scanned : 454 Memory threats detected : 2 Registry items scanned : 5545 Registry threats detected : 63 File items scanned : 69030 File threats detected : 39 Trojan.Media-Codec/V4 C:\PROGRAMFILER\VIDEO ADD-ON\ISFMNTR.EXE C:\PROGRAMFILER\VIDEO ADD-ON\ISFMNTR.EXE C:\PROGRAMFILER\VIDEO ADD-ON\ISFMM.EXE C:\PROGRAMFILER\VIDEO ADD-ON\ISFMM.EXE [start] C:\PROGRAMFILER\VIDEO ADD-ON\ISFMNTR.EXE HKLM\Software\Classes\CLSID\{69B98C68-D2B8-4A4E-9CB7-E85B6F3A7014} HKCR\CLSID\{69B98C68-D2B8-4A4E-9CB7-E85B6F3A7014} HKCR\CLSID\{69B98C68-D2B8-4A4E-9CB7-E85B6F3A7014}#xxx HKCR\CLSID\{69B98C68-D2B8-4A4E-9CB7-E85B6F3A7014}\InprocServer32 HKCR\CLSID\{69B98C68-D2B8-4A4E-9CB7-E85B6F3A7014}\InprocServer32#ThreadingModel C:\PROGRAMFILER\VIDEO ADD-ON\ISFMDL.DLL HKLM\Software\Classes\CLSID\{F2BADA0D-FD61-45EF-A994-64A073FD6613} HKCR\CLSID\{F2BADA0D-FD61-45EF-A994-64A073FD6613} HKCR\CLSID\{F2BADA0D-FD61-45EF-A994-64A073FD6613} HKCR\CLSID\{F2BADA0D-FD61-45EF-A994-64A073FD6613}\Implemented Categories HKCR\CLSID\{F2BADA0D-FD61-45EF-A994-64A073FD6613}\Implemented Categories\{00021493-0000-0000-C000-000000000046} HKCR\CLSID\{F2BADA0D-FD61-45EF-A994-64A073FD6613}\InprocServer32 HKCR\CLSID\{F2BADA0D-FD61-45EF-A994-64A073FD6613}\InprocServer32#ThreadingModel C:\PROGRAMFILER\VIDEO ADD-ON\ICTMDL.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69B98C68-D2B8-4A4E-9CB7-E85B6F3A7014} HKLM\Software\Microsoft\Internet Explorer\Toolbar#{F2BADA0D-FD61-45EF-A994-64A073FD6613} C:\Programfiler\Video Add-on\icmntr.exe C:\Programfiler\Video Add-on\icthis.exe C:\Programfiler\Video Add-on\ictun.exe C:\Programfiler\Video Add-on\icun.exe C:\Programfiler\Video Add-on\isfun.exe C:\Programfiler\Video Add-on\ot.ico C:\Programfiler\Video Add-on\ts.ico C:\Programfiler\Video Add-on\uninst.exe C:\Programfiler\Video Add-on HKU\S-1-5-21-138022566-3606848007-360855088-1007\Software\Online Add-on HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Custom Tools HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Custom Tools#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Custom Tools#UninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Safety Features HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Safety Features#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Safety Features#UninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Information Center HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Information Center#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Information Center#UninstallString HKCR\videoPl.chl HKCR\videoPl.chl\CLSID HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#ProductionEnvironment HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#UninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayIcon HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayVersion HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#Publisher C:\SYSTEM VOLUME INFORMATION\_RESTORE{1509DECB-A7F2-4ADC-BB0E-36BD25814EEC}\RP705\A0256520.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{1509DECB-A7F2-4ADC-BB0E-36BD25814EEC}\RP706\A0258521.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{1509DECB-A7F2-4ADC-BB0E-36BD25814EEC}\RP706\A0259521.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{1509DECB-A7F2-4ADC-BB0E-36BD25814EEC}\RP706\A0259533.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{1509DECB-A7F2-4ADC-BB0E-36BD25814EEC}\RP706\A0260535.DLL C:\SYSTEM VOLUME INFORMATION\_RESTORE{1509DECB-A7F2-4ADC-BB0E-36BD25814EEC}\RP706\A0261085.DLL C:\WINDOWS\Prefetch\ICMNTR.EXE-17DE5787.pf C:\WINDOWS\Prefetch\ICTHIS.EXE-370D5478.pf C:\WINDOWS\Prefetch\ISFMM.EXE-05E75ED9.pf C:\WINDOWS\Prefetch\ISFMNTR.EXE-07DC38DA.pf Malware.MalwareBurn HKCR\CLSID\{47DC4218-AE5B-32B9-3EF8-C7F9CF2B564F} HKCR\CLSID\{47DC4218-AE5B-32B9-3EF8-C7F9CF2B564F}\dGduPz HKCR\CLSID\{47DC4218-AE5B-32B9-3EF8-C7F9CF2B564F}\GnYBsjD HKCR\CLSID\{47DC4218-AE5B-32B9-3EF8-C7F9CF2B564F}\InProcServer32 HKCR\CLSID\{47DC4218-AE5B-32B9-3EF8-C7F9CF2B564F}\InProcServer32#ThreadingModel HKCR\CLSID\{47DC4218-AE5B-32B9-3EF8-C7F9CF2B564F}\ktonfuszb HKCR\CLSID\{47DC4218-AE5B-32B9-3EF8-C7F9CF2B564F}\LegZpSlpds HKCR\CLSID\{47DC4218-AE5B-32B9-3EF8-C7F9CF2B564F}\pgbUytssu HKCR\CLSID\{47DC4218-AE5B-32B9-3EF8-C7F9CF2B564F}\siJdxouoaf HKCR\CLSID\{47DC4218-AE5B-32B9-3EF8-C7F9CF2B564F}\tfybRisrr Malware.VirusProtect HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726} HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\artiJBc HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\fAdtbWlvltq HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\fcrhf HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\Icjhre HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\Implemented Categories HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\Implemented Categories\{C501EDBE-9E70-11D1-9053-00C04FD9189D} HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\InprocServer32 HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\InprocServer32#ThreadingModel HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\kZhK HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\Ole1Class HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\otndisa HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\ProgID HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\Programmable HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\qignmm HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\TypeLib HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\VersionIndependentProgID HKCR\CLSID\{B7C9058D-0F9C-32C0-83B6-740DFD8A6726}\ypyjufc C:\SYSTEM VOLUME INFORMATION\_RESTORE{1509DECB-A7F2-4ADC-BB0E-36BD25814EEC}\RP706\A0260627.EXE C:\SYSTEM VOLUME INFORMATION\_RESTORE{1509DECB-A7F2-4ADC-BB0E-36BD25814EEC}\RP706\A0260637.EXE Malware.LocusSoftware Inc/ConfidentSurf HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved#{B33DE756-DEEE-4D7A-87DB-1D905BA2AA21} [ secure_del ] C:\SYSTEM VOLUME INFORMATION\_RESTORE{1509DECB-A7F2-4ADC-BB0E-36BD25814EEC}\RP706\A0261069.EXE Browser Hijacker.Favorites C:\DOCUMENTS AND SETTINGS\HP_EIER\FAVORITTER\ONLINE SECURITY TEST.URL Rogue.StorageProtector/Trace C:\PROGRAMFILER\FELLESFILER\WINANONYMOUS\MC.EXE C:\WINDOWS\Prefetch\MC.EXE-050EDD0F.pf Malware.LocusSoftware Inc/BestSellerAntivirus C:\QOOBOX\QUARANTINE\C\DOCUMENTS AND SETTINGS\HP_EIER\PROGRAMDATA\INSTALLER_EN[1].EXE.VIR C:\QOOBOX\QUARANTINE\C\DOCUMENTS AND SETTINGS\HP_EIER\PROGRAMDATA\SETUP_EN[2].EXE.VIR C:\SYSTEM VOLUME INFORMATION\_RESTORE{1509DECB-A7F2-4ADC-BB0E-36BD25814EEC}\RP708\A0261128.EXE C:\SYSTEM VOLUME INFORMATION\_RESTORE{1509DECB-A7F2-4ADC-BB0E-36BD25814EEC}\RP708\A0261129.EXE Adware.E404 Helper/Variant C:\QOOBOX\QUARANTINE\C\PROGRAMFILER\HELPER\FINDSITEONLINE.DLL.VIR C:\SYSTEM VOLUME INFORMATION\_RESTORE{1509DECB-A7F2-4ADC-BB0E-36BD25814EEC}\RP708\A0261130.DLL Trojan.Smitfraud Variant C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\GNJSJC.DLL.VIR C:\SYSTEM VOLUME INFORMATION\_RESTORE{1509DECB-A7F2-4ADC-BB0E-36BD25814EEC}\RP708\A0261134.DLL Malware.LocusSoftware Inc/Gen C:\SYSTEM VOLUME INFORMATION\_RESTORE{1509DECB-A7F2-4ADC-BB0E-36BD25814EEC}\RP706\A0260645.EXE Rogue.PCPrivacyTools/Component C:\SYSTEM VOLUME INFORMATION\_RESTORE{1509DECB-A7F2-4ADC-BB0E-36BD25814EEC}\RP706\A0260646.EXE HJT Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 04:15:03, on 22.12.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\AntiVir PersonalEdition Classic\avguard.exe C:\Programfiler\AntiVir PersonalEdition Classic\sched.exe C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe C:\WINDOWS\ALCXMNTR.EXE C:\WINDOWS\VM_STI.EXE C:\Programfiler\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\V0230Mon.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Creative\Creative Live! Cam\VideoFX\StartFX.exe C:\Programfiler\Java\jre1.5.0_08\bin\jusched.exe C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\Fellesfiler\Logitech\KHAL\KHALMNPR.EXE C:\Programfiler\internet explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\HP_Eier\Skrivebord\HiJackThis.exe C:\Programfiler\Fellesfiler\Teleca Shared\CapabilityManager.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_08\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: HP-visning - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Programfiler\HP\Digital Imaging\bin\HPDTLK02.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 300NC PC Camera O4 - HKLM\..\Run: [iSUSPM Startup] c:\progra~1\felles~1\instal~1\update~1\isuspm.exe -startup O4 - HKLM\..\Run: [avgnt] "C:\Programfiler\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [V0230Mon.exe] C:\WINDOWS\V0230Mon.exe O4 - HKLM\..\Run: [AVFX Engine] C:\Programfiler\Creative\Creative Live! Cam\VideoFX\StartFX.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_08\bin\jusched.exe O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MicrosoftService] service.exe O4 - HKLM\..\RunServices: [load] msupdate.exe O4 - HKCU\..\Run: [LDM] C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Programfiler\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Programfiler\Picasa2\PicasaMediaDetector.exe (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.securesoftwarefeed.com/redirect.php (file missing) O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.securesoftwarefeed.com/redirect.php (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {47CEF84E-92D8-4C4A-86D7-CB982889DCC0} (Oberon Media Network Optimizer) - http://mp1.mplay.oberon-media.com/client/flashnet.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {4FAE30E1-EE9C-477D-8D06-BF8D3429B60F} (WebIQ Technology Client) - https://www.webiqonline.com/WebIQ/bin/WebIQ.cab O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave.com/content/dinerdash...h2.1.0.0.53.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1126040459875 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} (Seekford Solutions, Inc.'s ssiPictureUploader Control) - http://img.funtigo.com/images/uploader/ssi...ureUploader.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/6c5b0a...5/Installer.exe O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: bw+0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {A79CABEB-9EAC-44CA-84B9-E85DC53BE6AC} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programfiler\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programfiler\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: Network Translation Service (NTSS) - Unknown owner - C:\WINDOWS\system32\nts.exe (file missing) -- End of file - 21634 bytes -kent Lenke til kommentar
norbat Skrevet 22. desember 2007 Rapporter Del Skrevet 22. desember 2007 Start HJT, velg "Do a system scan only", sett merke framfor følgende linjer og klikk Fix checked: O4 - HKLM\..\Run: [MicrosoftService] service.exe O4 - HKLM\..\RunServices: [load] msupdate.exe O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.securesoftwarefeed.com/redirect.php (file missing) O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.securesoftwarefeed.com/redirect.php (file missing) Avinstaller fra legg til / fjern programmer, hvis tilstede: Logitech Desktop Messenger MessengerPlus3 MyWebSearch SweetIM Restart PC-en Kjør Combofix på nytt og post loggen, så tar vi resten av oppryddingen etterpå. Lenke til kommentar
kroghelg Skrevet 22. desember 2007 Forfatter Rapporter Del Skrevet 22. desember 2007 Hei Da var de punktene fikset i hjt. Av de programmene du nevner, fant jeg bare logitech som ble avinstallert. Combo ComboFix 07-12-21.4 - HP_Eier 2007-12-22 14:35:52.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.45 [GMT 1:00] Running from: C:\Documents and Settings\HP_Eier\Skrivebord\ComboFix.exe . ((((((((((((((((((((((((( Files Created from 2007-11-22 to 2007-12-22 ))))))))))))))))))))))))))))))) . 2007-12-22 14:18 . 2007-12-22 14:18 <DIR> dr-h----- C:\Documents and Settings\HP_Eier\Siste 2007-12-21 23:06 . 2007-12-21 23:06 <DIR> dr-h----- C:\Documents and Settings\Administrator\Siste 2007-12-21 22:49 . 2004-08-04 01:03 21,504 --a------ C:\WINDOWS\system32\hidserv.dll 2007-12-21 22:49 . 2004-08-04 01:03 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll 2007-12-21 22:49 . 2004-08-04 00:57 14,720 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys 2007-12-21 22:49 . 2004-08-04 00:57 14,720 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys 2007-12-18 16:33 . 2007-12-18 16:33 <DIR> d-------- C:\Documents and Settings\HP_Eier\Programdata\WinAnonymous 2007-12-18 16:28 . 2007-12-18 16:28 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\WinAnonymous 2007-12-18 16:26 . 2007-12-22 00:14 <DIR> d-------- C:\Programfiler\WinPCDoctor 2007-12-18 16:26 . 2007-12-22 04:06 <DIR> d-------- C:\Programfiler\Fellesfiler\WinAnonymous 2007-12-17 21:46 . 2007-12-17 21:46 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2007-12-17 21:46 . 2007-12-17 21:46 1,409 --a------ C:\WINDOWS\QTFont.for 2007-12-07 21:37 . 2007-12-07 21:37 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\SUPERAntiSpyware.com 2007-12-07 21:37 . 2007-12-07 21:37 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Sony Ericsson 2007-12-07 21:36 . 2005-01-01 17:54 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS 2007-12-07 21:36 . 2005-01-01 09:10 <DIR> dr------- C:\Documents and Settings\Administrator\Start-meny 2007-12-07 21:36 . 2005-01-01 17:13 <DIR> d--h----- C:\Documents and Settings\Administrator\Skrivere 2007-12-07 21:36 . 2005-01-01 21:40 <DIR> d-------- C:\Documents and Settings\Administrator\Skrivebord 2007-12-07 21:36 . 2005-01-01 19:19 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Symantec 2007-12-07 21:36 . 2005-01-01 21:50 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\SampleView 2007-12-07 21:36 . 2005-01-01 17:46 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Intervideo 2007-12-07 21:36 . 2005-01-01 17:53 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Apple Computer 2007-12-07 21:36 . 2007-12-07 21:37 <DIR> dr-h----- C:\Documents and Settings\Administrator\Programdata 2007-12-07 21:36 . 2005-01-01 09:10 <DIR> dr------- C:\Documents and Settings\Administrator\Mine dokumenter 2007-12-07 21:36 . 2005-01-01 09:11 <DIR> d--h----- C:\Documents and Settings\Administrator\Maler 2007-12-07 21:36 . 2007-12-22 14:29 <DIR> d--h----- C:\Documents and Settings\Administrator\Lokale innstillinger 2007-12-07 21:36 . 2005-01-01 09:10 <DIR> dr------- C:\Documents and Settings\Administrator\Favoritter 2007-12-07 21:36 . 2005-01-01 17:13 <DIR> d--h----- C:\Documents and Settings\Administrator\AndrMask . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-22 13:16 --------- d-----w C:\Programfiler\Logitech 2007-12-22 03:20 --------- d-----w C:\Programfiler\SUPERAntiSpyware 2007-12-21 22:44 --------- d--h--w C:\Programfiler\InstallShield Installation Information 2007-12-21 22:38 --------- d-----w C:\Programfiler\Fellesfiler\Symantec Shared 2007-12-21 22:01 --------- d---a-w C:\Documents and Settings\All Users\Programdata\TEMP 2007-12-21 22:00 --------- d-----w C:\Documents and Settings\All Users\Programdata\Spybot - Search & Destroy 2007-12-21 21:57 --------- d-----w C:\Documents and Settings\HP_Eier\Programdata\Lavasoft 2007-12-13 14:57 --------- d-----w C:\Programfiler\Picasa2 2007-11-23 14:11 --------- d-----w C:\Programfiler\LimeWire 2007-11-23 13:41 320,512 ----a-w C:\WINDOWS\Tele2Uninstall.exe 2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-11-12 13:34 --------- d-----w C:\Programfiler\Yahoo! 2007-11-12 13:34 --------- d-----w C:\Programfiler\Shockwave.com 2007-11-12 13:33 --------- d-----w C:\Programfiler\Oberon Media 2007-10-29 22:45 1,290,752 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-20 05:01 227,328 ----a-w C:\WINDOWS\system32\wmasf.dll . ((((((((((((((((((((((((((((( snapshot@2007-12-22_ 2.30.58,76 ))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 16:04] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-08-20 22:55] "ISUSScheduler"="C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2004-06-16 13:03] "SiSPower"="Rundll32.exe" [2004-08-04 04:00 C:\WINDOWS\system32\rundll32.exe] "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 20:47 C:\WINDOWS\ALCXMNTR.EXE] "BigDogPath"="C:\WINDOWS\VM_STI.exe" [2004-06-09 15:37] "ISUSPM Startup"="c:\progra~1\felles~1\instal~1\update~1\isuspm.exe" [2004-06-16 13:03] "avgnt"="C:\Programfiler\AntiVir PersonalEdition Classic\avgnt.exe" [2007-10-10 15:30] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 11:45 C:\WINDOWS\KHALMNPR.Exe] "V0230Mon.exe"="C:\WINDOWS\V0230Mon.exe" [2006-09-06 18:01] "AVFX Engine"="C:\Programfiler\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-08-16 00:12] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.5.0_08\bin\jusched.exe" [2006-07-26 02:03] "Sony Ericsson PC Suite"="C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 00:06] "QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2007-04-27 08:41] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Picasa Media Detector"="C:\Programfiler\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18] C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\ Logitech SetPoint.lnk - C:\Programfiler\Logitech\SetPoint\SetPoint.exe [2007-07-02 20:42:12] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^MyWebSearch Email Plugin.lnk] path=C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\MyWebSearch Email Plugin.lnk backup=C:\WINDOWS\pss\MyWebSearch Email Plugin.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Eier^Start-meny^Programmer^Oppstart^MyWebSearch Email Plugin.lnk] path=C:\Documents and Settings\HP_Eier\Start-meny\Programmer\Oppstart\MyWebSearch Email Plugin.lnk backup=C:\WINDOWS\pss\MyWebSearch Email Plugin.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] AGRSMMSG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare] C:\Programfiler\BearShare\BearShare.exe /pause [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErrorSafe] C:\Programfiler\ErrorSafe\ers.exe /scan [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\First less] C:\DOCUME~1\HP_Eier\PROGRA~1\INFOFA~1\Seek plan.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HbTools] C:\Programfiler\HbTools\Bin\4.7.1.0\HbtOEAddOn.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06] 2004-06-07 19:30 659456 --a------ C:\WINDOWS\system32\hphmon06.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06] 2004-06-07 19:34 49152 --a------ c:\Programfiler\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] c:\progra~1\felles~1\instal~1\update~1\isuspm.exe -startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2007-06-28 08:14 270648 --a------ C:\Programfiler\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] 2003-02-11 20:02 61440 --a------ C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\load] msupdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher] 2004-10-14 21:54 253952 --a------ c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3] C:\Programfiler\MessengerPlus! 3\MsgPlus.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Programfiler\MSN Messenger\MsnMsgr.Exe /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] 2007-10-23 22:18 443968 --a------ C:\Programfiler\Picasa2\PicasaMediaDetector.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2] 2002-10-16 16:57 81920 --a------ C:\WINDOWS\system32\ps2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Programfiler\QuickTime\qttask.exe -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard] 2004-04-14 20:43 233472 --a------ C:\WINDOWS\SMINST\RECGUARD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder] 2003-12-18 00:31 118784 --a------ C:\Windows\Creator\Remind_XP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Stupid Up Ping Bias] C:\Documents and Settings\All Users\Programdata\Htm Trust Stupid Up\forkaxis.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Programfiler\Java\j2re1.4.2_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] C:\Programfiler\Macrogaming\SweetIM\SweetIM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer] VTTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherOnTray] C:\Programfiler\HbTools\Bin\4.7.1.0\HbtWeatherOnTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSearchWHSE] C:\Programfiler\WhenUSearch\whse.exe R0 viaagp1;VIA AGP Filter;C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 11:42] R3 LUsbKbd;Logitech SetPoint USB Keyboard Filter;C:\WINDOWS\system32\Drivers\LUsbKbd.Sys [2004-12-10 11:48] S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver;E:\INSTAL~E\Core\BVRPMPR5.SYS [] S3 se46bus;Sony Ericsson Device 070 driver (WDM);C:\WINDOWS\system32\DRIVERS\se46bus.sys [2006-11-30 14:11] S3 se46mdfl;Sony Ericsson Device 070 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se46mdfl.sys [2006-11-30 14:11] S3 se46mdm;Sony Ericsson Device 070 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se46mdm.sys [2006-11-30 14:11] S3 se46mgmt;Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se46mgmt.sys [2006-11-30 14:11] S3 se46nd5;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS);C:\WINDOWS\system32\DRIVERS\se46nd5.sys [2006-11-30 14:11] S3 se46obex;Sony Ericsson Device 070 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se46obex.sys [2006-11-30 14:11] S3 se46unic;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM);C:\WINDOWS\system32\DRIVERS\se46unic.sys [2006-11-30 14:11] S3 V0230Vfx;V0230Vfx;C:\WINDOWS\system32\DRIVERS\V0230Vfx.sys [2006-03-23 18:00] S3 V0230VID;Live! Cam Video IM Pro;C:\WINDOWS\system32\DRIVERS\V0230VID.sys [2006-09-28 18:01] . Contents of the 'Scheduled Tasks' folder "2007-12-18 10:13:07 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Programfiler\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-22 14:42:58 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156] -> C:\Programfiler\Logitech\SetPoint\GameHook.dll . Completion time: 2007-12-22 14:44:37 C:\ComboFix2.txt ... 2007-12-22 14:29 C:\ComboFix3.txt ... 2007-12-22 02:31 . 2007-12-22 02:05:59 --- E O F --- Lenke til kommentar
norbat Skrevet 22. desember 2007 Rapporter Del Skrevet 22. desember 2007 (endret) Åpne notisblokk og kopier inn det som står i fet skrift under, lagre fila på skrivebordet som CFScript.txt. Dra deretter fila over Combofix-iconet (se ill. under). Combofix vil starte igjen. Post loggen. File:: Folder:: C:\Programfiler\WhenUSearch C:\Programfiler\Macrogaming C:\Documents and Settings\All Users\Programdata\Htm Trust Stupid Up C:\PROGRA~1\MYWEBS~1 C:\Programfiler\MessengerPlus! 3 C:\DOCUME~1\HP_Eier\PROGRA~1\INFOFA~1 C:\Programfiler\ErrorSafe C:\Programfiler\BearShare Registry:: [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSearchWHSE] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Stupid Up Ping Bias] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\load] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\First less] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErrorSafe] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Eier^Start-meny^Programmer^Oppstart^MyWebSearch Email Plugin.lnk] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^MyWebSearch Email Plugin.lnk] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare] Endret 22. desember 2007 av norbat Lenke til kommentar
kroghelg Skrevet 22. desember 2007 Forfatter Rapporter Del Skrevet 22. desember 2007 combo ComboFix 07-12-21.4 - HP_Eier 2007-12-22 17:55:18.4 - NTFSx86 Running from: C:\Documents and Settings\HP_Eier\Skrivebord\ComboFix.exe Command switches used :: C:\Documents and Settings\HP_Eier\Skrivebord\CFScript.txt * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Programfiler\Macrogaming C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\emoticons_shortcut.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\lastuse_Winks.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\user_config.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\emoticons_shortcut.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\lastuse_Audibles.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\lastuse_SoundFX.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\lastuse_SpecialFX.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\user_config.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\main_user_config.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\emoticons_shortcut.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\lastuse_Audibles.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\lastuse_DisplayPictures.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\lastuse_SoundFX.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\lastuse_SpecialFX.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\lastuse_Winks.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\user_config.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\emoticons_shortcut.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\user_config.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\emoticons_shortcut.xml C:\Programfiler\Macrogaming\SweetIM\conf\users\[email protected]\user_config.xml C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100AC.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100AE.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100B1.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100B2.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100B3.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100B4.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100B6.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100B7.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100BB.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100C0.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100C6.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100CB.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100CC.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100CD.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100CE.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100CF.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100D0.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100D1.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100D2.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100D3.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100D4.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100D5.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100D8.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100E2.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100E7.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100E8.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100F9.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100FA.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100FD.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100FE.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100FF.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000100AA.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010100.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010104.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010106.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010108.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010109.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0001010A.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0001010B.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0001010C.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0001010D.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010111.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010119.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000103EB.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000103ED.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000103EE.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000103F3.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000103F5.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000103F7.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000103F9.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000103FA.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000103FB.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000103FD.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000103FE.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010405.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0001040D.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0001040E.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0001040F.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010410.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010411.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010412.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010413.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010414.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010415.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010416.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010417.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010418.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010419.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0001041B.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0001041C.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0001041E.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000107DB.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000107DC.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000107E0.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000107E7.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000107EA.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000107EE.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000107EF.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000107F6.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000107F7.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000107F8.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000107F9.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000107FA.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000107FB.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000107FC.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000107FD.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000107FE.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000107FF.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010800.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010801.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010803.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010804.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010805.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010807.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00010809.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0001080A.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0001080B.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0001080C.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0001080D.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0001080E.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0001080F.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00020069.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0002006A.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0002006B.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0002006C.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0002006D.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0002006E.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00020071.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00020072.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00020074.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00020075.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00020077.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0002007A.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0002007B.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0002007D.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00020080.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000200A6.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000200A9.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000200AB.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000200AC.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000200AD.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000200BE.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000200C1.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\000200AA.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00030001.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00030003.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00030005.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00030007.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00030009.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0003000F.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00030011.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00030013.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00030015.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00030017.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00030019.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0003001B.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0003001D.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0003001F.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00030023.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00030025.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00030027.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00040011.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00040014.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00040015.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0004001B.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0004001E.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0004001F.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00040021.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00040022.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00040027.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00040029.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0004002A.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00040037.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00040038.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00040039.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0004003A.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00050001.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00050002.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0006001D.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\00060027.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\0006002F.dat C:\Programfiler\Macrogaming\SweetIM\data\contentdb\cache_indx.dat C:\Programfiler\Macrogaming\SweetIM\update\lastversioninfo.xml . ((((((((((((((((((((((((( Files Created from 2007-11-22 to 2007-12-22 ))))))))))))))))))))))))))))))) . 2007-12-22 15:41 . 2007-12-22 15:49 <DIR> d-------- C:\Programfiler\SopCast 2007-12-22 15:20 . 2007-10-11 00:53 6,065,664 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2007-12-22 15:20 . 2007-07-01 04:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2007-12-22 15:20 . 2007-07-01 04:36 1,007,616 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2007-12-22 15:20 . 2007-10-11 00:53 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2007-12-22 15:20 . 2007-10-11 00:53 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2007-12-22 15:20 . 2007-10-11 00:53 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2007-12-22 15:20 . 2007-10-11 00:53 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2007-12-22 15:20 . 2007-10-11 00:53 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2007-12-22 15:20 . 2007-10-10 11:59 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2007-12-22 15:19 . 2007-12-22 15:21 <DIR> d-------- C:\WINDOWS\system32\nb-no 2007-12-22 15:10 . 2007-12-22 15:11 <DIR> d-------- C:\Programfiler\TVAnts 2007-12-22 15:10 . 2007-12-22 15:20 1,393 --a------ C:\WINDOWS\imsins.BAK 2007-12-22 14:18 . 2007-12-22 17:25 <DIR> dr-h----- C:\Documents and Settings\HP_Eier\Siste 2007-12-21 23:06 . 2007-12-21 23:06 <DIR> dr-h----- C:\Documents and Settings\Administrator\Siste 2007-12-21 22:49 . 2004-08-04 01:03 21,504 --a------ C:\WINDOWS\system32\hidserv.dll 2007-12-21 22:49 . 2004-08-04 01:03 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll 2007-12-21 22:49 . 2004-08-04 00:57 14,720 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys 2007-12-21 22:49 . 2004-08-04 00:57 14,720 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys 2007-12-18 16:33 . 2007-12-18 16:33 <DIR> d-------- C:\Documents and Settings\HP_Eier\Programdata\WinAnonymous 2007-12-18 16:28 . 2007-12-18 16:28 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\WinAnonymous 2007-12-18 16:26 . 2007-12-22 00:14 <DIR> d-------- C:\Programfiler\WinPCDoctor 2007-12-18 16:26 . 2007-12-22 04:06 <DIR> d-------- C:\Programfiler\Fellesfiler\WinAnonymous 2007-12-17 21:46 . 2007-12-17 21:46 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2007-12-17 21:46 . 2007-12-17 21:46 1,409 --a------ C:\WINDOWS\QTFont.for 2007-12-07 21:37 . 2007-12-07 21:37 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\SUPERAntiSpyware.com 2007-12-07 21:37 . 2007-12-07 21:37 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Sony Ericsson 2007-12-07 21:36 . 2005-01-01 17:54 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS 2007-12-07 21:36 . 2005-01-01 09:10 <DIR> dr------- C:\Documents and Settings\Administrator\Start-meny 2007-12-07 21:36 . 2005-01-01 17:13 <DIR> d--h----- C:\Documents and Settings\Administrator\Skrivere 2007-12-07 21:36 . 2005-01-01 21:40 <DIR> d-------- C:\Documents and Settings\Administrator\Skrivebord 2007-12-07 21:36 . 2005-01-01 19:19 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Symantec 2007-12-07 21:36 . 2005-01-01 21:50 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\SampleView 2007-12-07 21:36 . 2005-01-01 17:46 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Intervideo 2007-12-07 21:36 . 2005-01-01 17:53 <DIR> d-------- C:\Documents and Settings\Administrator\Programdata\Apple Computer 2007-12-07 21:36 . 2007-12-07 21:37 <DIR> dr-h----- C:\Documents and Settings\Administrator\Programdata 2007-12-07 21:36 . 2005-01-01 09:10 <DIR> dr------- C:\Documents and Settings\Administrator\Mine dokumenter 2007-12-07 21:36 . 2005-01-01 09:11 <DIR> d--h----- C:\Documents and Settings\Administrator\Maler 2007-12-07 21:36 . 2007-12-22 14:44 <DIR> d--h----- C:\Documents and Settings\Administrator\Lokale innstillinger 2007-12-07 21:36 . 2005-01-01 09:10 <DIR> dr------- C:\Documents and Settings\Administrator\Favoritter 2007-12-07 21:36 . 2005-01-01 17:13 <DIR> d--h----- C:\Documents and Settings\Administrator\AndrMask . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-22 13:16 --------- d-----w C:\Programfiler\Logitech 2007-12-22 03:20 --------- d-----w C:\Programfiler\SUPERAntiSpyware 2007-12-21 22:44 --------- d--h--w C:\Programfiler\InstallShield Installation Information 2007-12-21 22:38 --------- d-----w C:\Programfiler\Fellesfiler\Symantec Shared 2007-12-21 22:01 --------- d---a-w C:\Documents and Settings\All Users\Programdata\TEMP 2007-12-21 22:00 --------- d-----w C:\Documents and Settings\All Users\Programdata\Spybot - Search & Destroy 2007-12-21 21:57 --------- d-----w C:\Documents and Settings\HP_Eier\Programdata\Lavasoft 2007-12-13 14:57 --------- d-----w C:\Programfiler\Picasa2 2007-11-23 14:11 --------- d-----w C:\Programfiler\LimeWire 2007-11-23 13:41 320,512 ----a-w C:\WINDOWS\Tele2Uninstall.exe 2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-11-12 13:34 --------- d-----w C:\Programfiler\Yahoo! 2007-11-12 13:34 --------- d-----w C:\Programfiler\Shockwave.com 2007-11-12 13:33 --------- d-----w C:\Programfiler\Oberon Media . ((((((((((((((((((((((((((((( snapshot@2007-12-22_ 2.30.58,76 ))))))))))))))))))))))))))))))))))))))))) . - 2006-12-19 21:51:45 8,459,776 -c----w C:\WINDOWS\$NtUninstallKB943460$\shell32.dll - 2007-08-21 10:53:32 115,712 -c----w C:\WINDOWS\$NtUninstallKB943460$\xpsp3res.dll + 2006-12-19 21:51:45 8,459,776 -c----w C:\WINDOWS\$NtUninstallKB943460_0$\shell32.dll + 2007-03-06 02:01:51 214,752 -c----w C:\WINDOWS\$NtUninstallKB943460_0$\spuninst\spuninst.exe + 2007-03-06 02:03:01 374,496 -c----w C:\WINDOWS\$NtUninstallKB943460_0$\spuninst\updspapi.dll + 2007-08-21 10:53:32 115,712 -c----w C:\WINDOWS\$NtUninstallKB943460_0$\xpsp3res.dll + 2004-08-04 03:00:00 61,440 -c----w C:\WINDOWS\ie7\admparse.dll + 2004-08-04 03:00:00 100,352 -c----w C:\WINDOWS\ie7\advpack.dll + 2004-08-04 03:00:00 35,328 -c----w C:\WINDOWS\ie7\corpol.dll + 2006-06-02 19:34:07 33,792 -c----w C:\WINDOWS\ie7\custsat.dll + 2007-10-11 06:14:47 357,888 -c----w C:\WINDOWS\ie7\dxtmsft.dll + 2007-10-11 06:14:47 205,312 -c----w C:\WINDOWS\ie7\dxtrans.dll + 2007-10-11 06:14:47 55,808 -c----w C:\WINDOWS\ie7\extmgr.dll + 2004-08-04 03:00:00 38,912 -c----w C:\WINDOWS\ie7\hmmapi.dll + 2004-08-04 03:00:00 34,304 -c----w C:\WINDOWS\ie7\ie4uinit.exe + 2004-08-04 03:00:00 139,264 -c----w C:\WINDOWS\ie7\ieakeng.dll + 2004-08-04 03:00:00 218,624 -c----w C:\WINDOWS\ie7\ieaksie.dll + 2004-08-04 03:00:00 225,280 -c----w C:\WINDOWS\ie7\ieakui.dll + 2004-08-04 03:00:00 323,584 -c----w C:\WINDOWS\ie7\iedkcs32.dll + 2007-10-10 11:16:27 18,432 -c----w C:\WINDOWS\ie7\iedw.exe + 2004-08-04 03:00:00 81,920 -c----w C:\WINDOWS\ie7\ieencode.dll + 2007-10-11 06:14:47 251,392 -c----w C:\WINDOWS\ie7\iepeers.dll + 2004-08-04 03:00:00 48,640 -c----w C:\WINDOWS\ie7\iernonce.dll + 2004-08-04 03:00:00 62,976 -c----w C:\WINDOWS\ie7\iesetup.dll + 2004-08-04 03:00:00 93,184 -c----w C:\WINDOWS\ie7\iexplore.exe + 2004-08-04 03:00:00 35,840 -c----w C:\WINDOWS\ie7\imgutil.dll + 2007-10-11 06:14:47 96,768 -c----w C:\WINDOWS\ie7\inseng.dll + 2007-11-14 07:29:37 450,560 -c----w C:\WINDOWS\ie7\jscript.dll + 2007-10-11 06:14:47 16,384 -c----w C:\WINDOWS\ie7\jsproxy.dll + 2004-08-04 03:00:00 22,016 -c----w C:\WINDOWS\ie7\licmgr10.dll + 2004-08-04 03:00:00 29,184 -c----w C:\WINDOWS\ie7\mshta.exe + 2007-10-30 10:20:45 3,079,680 -c----w C:\WINDOWS\ie7\mshtml.dll + 2007-10-11 06:14:48 449,024 -c----w C:\WINDOWS\ie7\mshtmled.dll + 2004-08-04 03:00:00 57,344 -c----w C:\WINDOWS\ie7\mshtmler.dll + 2004-08-04 03:00:00 146,432 -c----w C:\WINDOWS\ie7\msls31.dll + 2007-10-11 06:14:48 146,432 -c----w C:\WINDOWS\ie7\msrating.dll + 2007-10-11 06:14:48 532,480 -c----w C:\WINDOWS\ie7\mstime.dll + 2004-08-04 03:00:00 96,768 -c----w C:\WINDOWS\ie7\occache.dll + 2007-10-11 06:14:48 39,424 -c----w C:\WINDOWS\ie7\pngfilt.dll + 2007-10-04 09:24:54 33,472 -c----w C:\WINDOWS\ie7\spuninst\iecustom.dll + 2007-10-04 09:22:36 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe + 2006-09-06 16:43:46 214,752 -c----w C:\WINDOWS\ie7\spuninst\spuninst.exe + 2006-09-06 16:43:48 374,496 -c----w C:\WINDOWS\ie7\spuninst\updspapi.dll + 2004-08-04 03:00:00 37,888 -c----w C:\WINDOWS\ie7\url.dll + 2007-10-11 06:14:48 615,424 -c----w C:\WINDOWS\ie7\urlmon.dll + 2004-08-04 03:00:00 417,792 -c----w C:\WINDOWS\ie7\vbscript.dll + 2007-06-26 13:57:31 851,968 -c----w C:\WINDOWS\ie7\vgx.dll + 2004-08-04 03:00:00 278,016 -c----w C:\WINDOWS\ie7\webcheck.dll + 2007-10-11 06:14:49 658,944 -c----w C:\WINDOWS\ie7\wininet.dll + 2007-08-13 17:39:00 123,904 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll + 2007-08-13 17:35:38 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll + 2007-08-13 17:54:10 131,584 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll + 2007-08-13 17:36:26 61,952 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll + 2007-08-13 17:39:06 54,784 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe + 2007-08-13 17:39:26 152,064 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll + 2007-08-13 17:39:54 229,376 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll + 2007-08-13 16:56:54 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll + 2007-02-12 15:10:12 2,451,312 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dat + 2007-07-11 11:27:48 383,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll + 2007-08-13 17:39:50 382,976 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll + 2007-08-13 17:54:10 6,049,280 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll + 2007-08-13 17:39:10 43,008 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll + 2007-08-13 17:34:04 266,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll + 2007-08-13 17:39:10 13,312 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe + 2007-08-13 17:43:56 622,080 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe + 2007-08-13 17:54:10 27,136 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll + 2007-08-13 17:54:10 458,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll + 2007-08-13 17:54:10 50,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll + 2007-08-13 17:54:12 3,578,368 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll + 2007-08-13 17:54:10 475,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll + 2007-08-13 17:44:26 192,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll + 2007-08-13 17:54:10 670,720 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll + 2007-08-13 17:44:06 101,376 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll + 2007-03-06 02:01:51 214,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe + 2007-06-30 20:28:42 374,496 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll + 2007-08-13 17:44:30 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll + 2007-08-13 17:54:10 1,162,240 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll + 2007-08-13 17:54:10 231,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll + 2007-08-13 17:54:10 818,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll + 2006-06-02 19:34:07 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll + 2006-10-10 12:44:50 557,568 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe - 2004-08-04 03:00:00 61,440 ----a-w C:\WINDOWS\system32\admparse.dll + 2007-08-13 17:39:20 71,680 ----a-w C:\WINDOWS\system32\admparse.dll - 2004-08-04 03:00:00 100,352 ----a-w C:\WINDOWS\system32\advpack.dll + 2007-10-10 23:53:51 124,928 ----a-w C:\WINDOWS\system32\advpack.dll - 2004-08-04 03:00:00 61,440 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll + 2007-08-13 17:39:20 71,680 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll - 2004-08-04 03:00:00 100,352 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll + 2007-10-10 23:53:51 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll - 2004-05-11 23:18:58 28,672 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll + 2007-08-13 17:54:10 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll - 2007-10-11 06:14:47 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll + 2007-08-13 17:35:46 346,624 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll - 2007-10-11 06:14:47 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll + 2007-10-10 23:53:51 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll - 2007-10-11 06:14:47 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll + 2007-10-10 23:53:52 132,608 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll - 2004-08-04 03:00:00 38,912 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll + 2007-08-13 17:18:02 60,416 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll - 2004-08-04 03:00:00 34,304 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe + 2007-10-10 11:02:27 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe - 2004-08-04 03:00:00 139,264 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll + 2007-10-10 23:53:52 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll - 2004-08-04 03:00:00 218,624 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll + 2007-10-10 23:53:52 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll - 2004-08-04 03:00:00 225,280 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll + 2007-10-10 05:46:55 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll - 2004-08-04 03:00:00 323,584 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll + 2007-10-10 23:53:52 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll - 2007-10-10 11:16:27 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe + 2007-08-13 17:44:02 69,120 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe - 2004-08-04 03:00:00 81,920 -c--a-w C:\WINDOWS\system32\dllcache\ieencode.dll + 2007-08-13 17:45:18 78,336 -c--a-w C:\WINDOWS\system32\dllcache\ieencode.dll - 2007-10-11 06:14:47 251,392 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll + 2007-08-13 17:54:10 191,488 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll - 2004-08-04 03:00:00 48,640 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll + 2007-10-10 23:53:54 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll - 2004-08-04 03:00:00 62,976 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll + 2007-08-13 17:39:12 55,296 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll - 2004-08-04 03:00:00 93,184 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe + 2007-10-10 11:02:43 625,152 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe - 2004-08-04 03:00:00 35,840 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll + 2007-08-13 17:36:06 36,352 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll - 2007-10-11 06:14:47 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll + 2007-08-13 17:39:02 92,672 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll - 2007-11-14 07:29:37 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll + 2007-08-13 17:38:04 491,520 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll - 2007-10-11 06:14:47 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll + 2007-10-10 23:53:55 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll - 2004-08-04 03:00:00 22,016 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll + 2007-08-13 17:44:18 40,960 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll - 2004-08-04 03:00:00 29,184 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe + 2007-08-13 17:32:30 45,568 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe - 2007-10-30 10:20:45 3,079,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll + 2007-10-31 04:00:16 3,590,656 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll - 2007-10-11 06:14:48 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll + 2007-10-10 23:53:58 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll - 2004-08-04 03:00:00 57,344 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll + 2007-08-13 17:01:12 48,128 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll - 2004-08-04 03:00:00 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll + 2007-08-13 17:54:10 156,160 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll - 2007-10-11 06:14:48 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll + 2007-10-10 23:53:58 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll - 2007-10-11 06:14:48 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll + 2007-10-10 23:53:59 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll - 2004-08-04 03:00:00 96,768 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll + 2007-10-10 23:53:59 102,400 -c----w C:\WINDOWS\system32\dllcache\occache.dll - 2007-10-11 06:14:48 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll + 2007-08-13 17:36:12 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll - 2007-10-25 16:57:36 8,460,800 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll + 2007-10-25 16:44:36 8,466,432 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll - 2004-08-04 03:00:00 37,888 -c--a-w C:\WINDOWS\system32\dllcache\url.dll + 2007-10-10 23:53:59 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll - 2007-10-11 06:14:48 615,424 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll + 2007-10-10 23:53:59 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll - 2004-08-04 03:00:00 417,792 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll + 2007-08-13 17:54:10 413,696 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll - 2007-06-26 13:57:31 851,968 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll + 2007-08-13 17:54:10 765,952 -c--a-w C:\WINDOWS\system32\dllcache\VGX.dll - 2004-08-04 03:00:00 49,152 -c--a-w C:\WINDOWS\system32\dllcache\wdigest.dll + 2006-03-24 04:39:58 49,152 -c--a-w C:\WINDOWS\system32\dllcache\wdigest.dll - 2004-08-04 03:00:00 278,016 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll + 2007-10-10 23:54:00 232,960 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll - 2007-10-11 06:14:49 658,944 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll + 2007-10-10 23:54:00 824,832 -c----w C:\WINDOWS\system32\dllcache\wininet.dll - 2007-10-11 06:14:47 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll + 2007-08-13 17:35:46 346,624 ----a-w C:\WINDOWS\system32\dxtmsft.dll - 2007-10-11 06:14:47 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll + 2007-10-10 23:53:51 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll - 2007-10-11 06:14:47 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll + 2007-10-10 23:53:52 132,608 ------w C:\WINDOWS\system32\extmgr.dll + 2007-10-10 23:53:52 63,488 ----a-w C:\WINDOWS\system32\icardie.dll + 2006-06-29 07:05:44 26,112 ------w C:\WINDOWS\system32\idndl.dll - 2004-08-04 03:00:00 34,304 ----a-w C:\WINDOWS\system32\ie4uinit.exe + 2007-10-10 11:02:27 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe - 2004-08-04 03:00:00 139,264 ----a-w C:\WINDOWS\system32\ieakeng.dll + 2007-10-10 23:53:52 153,088 ------w C:\WINDOWS\system32\ieakeng.dll - 2004-08-04 03:00:00 218,624 ----a-w C:\WINDOWS\system32\ieaksie.dll + 2007-10-10 23:53:52 230,400 ------w C:\WINDOWS\system32\ieaksie.dll - 2004-08-04 03:00:00 225,280 ----a-w C:\WINDOWS\system32\ieakui.dll + 2007-10-10 05:46:55 161,792 ------w C:\WINDOWS\system32\ieakui.dll + 2007-07-01 03:31:33 2,455,488 ----a-w C:\WINDOWS\system32\ieapfltr.dat + 2007-10-10 23:53:52 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll - 2004-08-04 03:00:00 323,584 ----a-w C:\WINDOWS\system32\iedkcs32.dll + 2007-10-10 23:53:52 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll - 2004-08-04 03:00:00 81,920 ----a-w C:\WINDOWS\system32\ieencode.dll + 2007-08-13 17:45:18 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll + 2007-10-10 23:53:54 6,065,664 ----a-w C:\WINDOWS\system32\ieframe.dll - 2007-10-11 06:14:47 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll + 2007-08-13 17:54:10 191,488 ----a-w C:\WINDOWS\system32\iepeers.dll - 2004-08-04 03:00:00 48,640 ----a-w C:\WINDOWS\system32\iernonce.dll + 2007-10-10 23:53:54 44,544 ------w C:\WINDOWS\system32\iernonce.dll + 2007-10-10 23:53:54 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll - 2004-08-04 03:00:00 62,976 ----a-w C:\WINDOWS\system32\iesetup.dll + 2007-08-13 17:39:12 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll + 2007-10-10 10:59:40 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe + 2007-08-13 17:54:10 180,736 ------w C:\WINDOWS\system32\ieui.dll - 2004-08-04 03:00:00 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll + 2007-08-13 17:36:06 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll - 2007-10-11 06:14:47 96,768 ----a-w C:\WINDOWS\system32\inseng.dll + 2007-08-13 17:39:02 92,672 ----a-w C:\WINDOWS\system32\inseng.dll - 2007-11-14 07:29:37 450,560 ----a-w C:\WINDOWS\system32\jscript.dll + 2007-08-13 17:38:04 491,520 ----a-w C:\WINDOWS\system32\jscript.dll - 2007-10-11 06:14:47 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll + 2007-10-10 23:53:55 27,648 ------w C:\WINDOWS\system32\jsproxy.dll - 2007-04-24 10:32:06 1,485,696 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll + 2007-10-11 13:12:48 1,468,968 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll - 2004-08-04 03:00:00 22,016 ----a-w C:\WINDOWS\system32\licmgr10.dll + 2007-08-13 17:44:18 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll + 2007-10-10 23:53:56 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll + 2007-10-10 23:53:56 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll + 2007-08-13 17:36:40 12,288 ------w C:\WINDOWS\system32\msfeedssync.exe - 2004-08-04 03:00:00 29,184 ----a-w C:\WINDOWS\system32\mshta.exe + 2007-08-13 17:32:30 45,568 ----a-w C:\WINDOWS\system32\mshta.exe - 2007-10-30 10:20:45 3,079,680 ----a-w C:\WINDOWS\system32\mshtml.dll + 2007-10-31 04:00:16 3,590,656 ----a-w C:\WINDOWS\system32\mshtml.dll - 2007-10-11 06:14:48 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll + 2007-10-10 23:53:58 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll - 2004-08-04 03:00:00 57,344 ----a-w C:\WINDOWS\system32\mshtmler.dll + 2007-08-13 17:01:12 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll - 2004-08-04 03:00:00 146,432 ----a-w C:\WINDOWS\system32\msls31.dll + 2007-08-13 17:54:10 156,160 ----a-w C:\WINDOWS\system32\msls31.dll - 2007-10-11 06:14:48 146,432 ----a-w C:\WINDOWS\system32\msrating.dll + 2007-10-10 23:53:58 193,024 ------w C:\WINDOWS\system32\msrating.dll - 2007-10-11 06:14:48 532,480 ----a-w C:\WINDOWS\system32\mstime.dll + 2007-10-10 23:53:59 671,232 ------w C:\WINDOWS\system32\mstime.dll + 2006-06-28 16:59:26 24,576 ------w C:\WINDOWS\system32\nlsdl.dll + 2006-06-29 07:05:44 23,552 ------w C:\WINDOWS\system32\normaliz.dll - 2004-08-04 03:00:00 96,768 ----a-w C:\WINDOWS\system32\occache.dll + 2007-10-10 23:53:59 102,400 ------w C:\WINDOWS\system32\occache.dll - 2007-10-11 06:14:48 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll + 2007-08-13 17:36:12 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll - 2007-10-25 16:57:36 8,460,800 ----a-w C:\WINDOWS\system32\shell32.dll + 2007-10-25 16:44:36 8,466,432 ----a-w C:\WINDOWS\system32\shell32.dll - 2006-11-17 15:14:30 14,640 ------w C:\WINDOWS\system32\spmsg.dll + 2007-10-08 13:46:18 14,640 ------w C:\WINDOWS\system32\spmsg.dll - 2005-06-28 08:21:34 22,752 ----a-w C:\WINDOWS\system32\spupdsvc.exe + 2006-09-06 16:43:46 22,752 ----a-w C:\WINDOWS\system32\spupdsvc.exe - 2004-08-04 03:00:00 37,888 ----a-w C:\WINDOWS\system32\url.dll + 2007-10-10 23:53:59 105,984 ----a-w C:\WINDOWS\system32\url.dll - 2007-10-11 06:14:48 615,424 ----a-w C:\WINDOWS\system32\urlmon.dll + 2007-10-10 23:53:59 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll - 2004-08-04 03:00:00 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll + 2007-08-13 17:54:10 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll - 2004-08-04 03:00:00 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll + 2006-03-24 04:39:58 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll - 2004-08-04 03:00:00 278,016 ----a-w C:\WINDOWS\system32\webcheck.dll + 2007-10-10 23:54:00 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll + 2007-08-13 17:45:16 206,336 ------w C:\WINDOWS\system32\WinFXDocObj.exe - 2007-10-11 06:14:49 658,944 ----a-w C:\WINDOWS\system32\wininet.dll + 2007-10-10 23:54:00 824,832 ----a-w C:\WINDOWS\system32\wininet.dll + 2006-07-14 15:51:51 121,856 ------w C:\WINDOWS\system32\xmllite.dll - 2007-10-29 15:35:22 115,712 ----a-w C:\WINDOWS\system32\xpsp3res.dll + 2007-10-29 15:07:26 353,792 ----a-w C:\WINDOWS\system32\xpsp3res.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 16:04] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-08-20 22:55] "ISUSScheduler"="C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2004-06-16 13:03] "SiSPower"="Rundll32.exe" [2004-08-04 04:00 C:\WINDOWS\system32\rundll32.exe] "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 20:47 C:\WINDOWS\ALCXMNTR.EXE] "BigDogPath"="C:\WINDOWS\VM_STI.exe" [2004-06-09 15:37] "ISUSPM Startup"="c:\progra~1\felles~1\instal~1\update~1\isuspm.exe" [2004-06-16 13:03] "avgnt"="C:\Programfiler\AntiVir PersonalEdition Classic\avgnt.exe" [2007-10-10 15:30] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 11:45 C:\WINDOWS\KHALMNPR.Exe] "V0230Mon.exe"="C:\WINDOWS\V0230Mon.exe" [2006-09-06 18:01] "AVFX Engine"="C:\Programfiler\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-08-16 00:12] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.5.0_08\bin\jusched.exe" [2006-07-26 02:03] "Sony Ericsson PC Suite"="C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 00:06] "QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2007-04-27 08:41] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Picasa Media Detector"="C:\Programfiler\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18] C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\ Logitech SetPoint.lnk - C:\Programfiler\Logitech\SetPoint\SetPoint.exe [2007-07-02 20:42:12] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] AGRSMMSG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HbTools] C:\Programfiler\HbTools\Bin\4.7.1.0\HbtOEAddOn.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06] 2004-06-07 19:30 659456 --a------ C:\WINDOWS\system32\hphmon06.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06] 2004-06-07 19:34 49152 --a------ c:\Programfiler\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] c:\progra~1\felles~1\instal~1\update~1\isuspm.exe -startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2007-06-28 08:14 270648 --a------ C:\Programfiler\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] 2003-02-11 20:02 61440 --a------ C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher] 2004-10-14 21:54 253952 --a------ c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Programfiler\MSN Messenger\MsnMsgr.Exe /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] 2007-10-23 22:18 443968 --a------ C:\Programfiler\Picasa2\PicasaMediaDetector.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2] 2002-10-16 16:57 81920 --a------ C:\WINDOWS\system32\ps2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Programfiler\QuickTime\qttask.exe -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard] 2004-04-14 20:43 233472 --a------ C:\WINDOWS\SMINST\RECGUARD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder] 2003-12-18 00:31 118784 --a------ C:\Windows\Creator\Remind_XP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Programfiler\Java\j2re1.4.2_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer] VTTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherOnTray] C:\Programfiler\HbTools\Bin\4.7.1.0\HbtWeatherOnTray.exe R0 viaagp1;VIA AGP Filter;C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 11:42] R3 LUsbKbd;Logitech SetPoint USB Keyboard Filter;C:\WINDOWS\system32\Drivers\LUsbKbd.Sys [2004-12-10 11:48] S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver;E:\INSTAL~E\Core\BVRPMPR5.SYS [] S3 se46bus;Sony Ericsson Device 070 driver (WDM);C:\WINDOWS\system32\DRIVERS\se46bus.sys [2006-11-30 14:11] S3 se46mdfl;Sony Ericsson Device 070 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se46mdfl.sys [2006-11-30 14:11] S3 se46mdm;Sony Ericsson Device 070 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se46mdm.sys [2006-11-30 14:11] S3 se46mgmt;Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se46mgmt.sys [2006-11-30 14:11] S3 se46nd5;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS);C:\WINDOWS\system32\DRIVERS\se46nd5.sys [2006-11-30 14:11] S3 se46obex;Sony Ericsson Device 070 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se46obex.sys [2006-11-30 14:11] S3 se46unic;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM);C:\WINDOWS\system32\DRIVERS\se46unic.sys [2006-11-30 14:11] S3 V0230Vfx;V0230Vfx;C:\WINDOWS\system32\DRIVERS\V0230Vfx.sys [2006-03-23 18:00] S3 V0230VID;Live! Cam Video IM Pro;C:\WINDOWS\system32\DRIVERS\V0230VID.sys [2006-09-28 18:01] . Contents of the 'Scheduled Tasks' folder "2007-12-18 10:13:07 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Programfiler\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-22 18:04:10 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-22 18:06:33 C:\ComboFix2.txt ... 2007-12-22 14:44 C:\ComboFix3.txt ... 2007-12-22 14:29 . 2007-12-22 02:05:59 --- E O F --- Lenke til kommentar
norbat Skrevet 22. desember 2007 Rapporter Del Skrevet 22. desember 2007 Ser fint ut. Hvordan kjører PC-en? Lenke til kommentar
kroghelg Skrevet 23. desember 2007 Forfatter Rapporter Del Skrevet 23. desember 2007 heisan Pc`en kjører greit. Nå er dette ikke min pc, så vet egentlig ikke hvordan den skal kjøre. Er i alle fall ingen pop-ups og den kjører mye raskere enn før. Avira har også roet seg med varslene. Visst du ikke finner noe mere, så vil jeg benytte anledningen til å takke så mye for flott hjelp og ønske dere alle god jul Lenke til kommentar
norbat Skrevet 23. desember 2007 Rapporter Del Skrevet 23. desember 2007 Høres fint ut. Du bør nullstille gjenopprettingsmappa slik at du ikke blir infisert ved en evt. systemgjenoppretting. Kontrollpanel->system->systemgjenoppretting . Sett merke framfor "Slå av Systemgjenopprettingen .....", restart pc, fjern merket igjen for å aktivere funksjonen. Surf trygt og god jul. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå