Thank you again peku006.
I've done everything you said.
Here is the main.txt log:Deckard's System Scanner v20071014.68
Run by Maria Eriksson on 2008-06-27 10:59:41
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 4 Restore Point(s) --
4: 2008-06-27 08:59:53 UTC - RP38 - Deckard's System Scanner Restore Point
3: 2008-06-26 20:50:31 UTC - RP37 - Software Distribution Service 3.0
2: 2008-06-26 18:10:36 UTC - RP36 - Configured VeohTV BETA
1: 2008-06-26 15:09:51 UTC - RP35 - Systemkontrollpunkt
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 511 MiB (512 MiB recommended).-- HijackThis (run as Maria Eriksson.exe) --------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:02:36, on 2008-06-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program\Canon\IJPLM\IJPLMSVC.EXE
C:\Program\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\Smartscaps.exe
C:\WINDOWS\System32\MsPMSPSv.exe
c:\program\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\WINDOWS\System32\LXSUPMON.EXE
C:\Program\Java\jre1.6.0_06\bin\jusched.exe
C:\Program\Creative\SBLive\Diagnostics\diagent.exe
C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program\Internet Explorer\IEXPLORE.EXE
C:\Program\SmartTrust\SmartTrust Personal\Csp\SmartCertmover.exe
C:\Program\Logitech\SetPoint\KEM.exe
C:\Program\Personal\bin\Personal.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Logitech\SetPoint\KHALMNPR.EXE
C:\Program\DELADE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Documents and Settings\Maria Eriksson\Skrivbord\dss.exe
C:\Program\TRENDM~1\HIJACK~1\Maria Eriksson.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.aftonbladet.se/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program\Delade filer\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program\DELADE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O3 - Toolbar: Visa Norton-verktygsfältet - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program\Delade filer\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [LXSUPMON] "C:\WINDOWS\System32\LXSUPMON.EXE" RUN
O4 - HKLM\..\Run: [diagent] "C:\Program\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [PinnacleDriverCheck] "C:\WINDOWS\system32\PSDrvCheck.exe" -CheckReg
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Pinnacle WebUpdater] "C:\Program\Pinnacle\Shared Files\\Programs\WebUpdater\WebUpdater.exe" -s -f=UpdateVersion.xml -url=http://cdn.pinnaclesys.com/SupportFiles
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [BIND SUPPORT SEEK FIRST] "C:\Documents and Settings\All Users\Application Data\dumb pure bind support\TWO VGA.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [lphc79rj0ej37] C:\WINDOWS\system32\lphc79rj0ej37.exe
O4 - HKLM\..\Run: [SMrhc39rj0ej37] C:\Program\rhc39rj0ej37\rhc39rj0ej37.exe
O4 - HKLM\..\RunOnce: [SymLnch] "C:\Documents and Settings\Maria Eriksson\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070829\Support\SymLnch\SymLnch.exe" "C:\Documents and Settings\Maria Eriksson\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070829\Setup.exe" "/REALUPREBOOT /temp /patched"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] "C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"
O4 - HKCU\..\Run: [PMCS] "C:\Program\Pinnacle\Shared Files\\Programs\MediaCenterService\PMC.Service.Main.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\RunOnce: [*SPRTRA] rundll32.exe "C:\Program\DELADE~1\SYMANT~1\SUPPOR~1\tgctlcm.dll",JoinBackIssue
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Certificate Mover.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe
O8 - Extra context menu item: E&xportera till Microsoft Excel -
res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com/sscv6/Shar ... vSniff.cabO16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) -
file://D:\content\include\XPPatchInstaller.CAB
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) -
http://www.symantec.com/techsupp/asa/ss ... gctlsi.cabO16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) -
http://www.symantec.com/techsupp/asa/ss ... gctlsr.cabO16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/Shar ... /cabsa.cabO16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
http://go.divx.com/plugin/DivXBrowserPlugin.cabO16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) -
https://webdl.symantec.com/activex/symdlmgr.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/1481 ... scan53.cabO16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) -
http://support.euro.dell.com/global/app ... OFILER.CABO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://messenger.zone.msn.com/binary/ZI ... b56649.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Me ... b56907.cabO16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: GoToAssist - C:\Program\Citrix\GoToAssist\508\G2AWinLogon.dll
O21 - SSODL: MonKernel - {46b707a9-37a6-4b9c-9f35-d4d1198dfbe5} - (no file)
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)
O23 - Service: Automatisk LiveUpdate-schemaläggare - Symantec Corporation - C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program\Citrix\GoToAssist\508\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: SmartTrust Smart Card Server (Smartscaps) - SmartTrust - C:\WINDOWS\system32\Smartscaps.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program\DELADE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program\Delade filer\Symantec Shared\Support Controls\ssrc.exe
--
End of file - 11812 bytes
-- File Associations -----------------------------------------------------------
.reg - regfile - shell\open\command - regedit.exe "%1" %*.scr - scrfile - shell\open\command - "%1" %*-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology (StarForce); SF FrontLine>
R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology (StarForce); SF FrontLine>
R0 sfsync02 (StarForce Protection Synchronization Driver (version 2.x)) - c:\windows\system32\drivers\sfsync02.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfsync04 (StarForce Protection Synchronization Driver (version 4.x)) - c:\windows\system32\drivers\sfsync04.sys <Not Verified; Protection Technology (StarForce); SF FrontLine>
R0 sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - c:\windows\system32\drivers\sfvfs02.sys <Not Verified; Protection Technology; StarForce Protection System>
R1 OMCI - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R1 PCLEPCI - c:\windows\system32\drivers\pclepci.sys <Not Verified; Pinnacle Systems GmbH; PCLEPCI>
R3 ASAPIW2K - c:\windows\system32\drivers\asapiw2k.sys <Not Verified; VOB Computersysteme GmbH; asapi>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
S2 ZQGKJOQR - c:\windows\system32\zqgkjoqr.kot (file missing)
S3 gkmixern - c:\docume~1\mariae~1\lokala~1\temp\gkmixern.sys (file missing)
S3 hamachi (Hamachi Network Interface) - c:\windows\system32\drivers\hamachi.sys <Not Verified; Applied Networking Inc.; Hamachi Virtual Network Interface Driver>
S3 NPPTNT2 - c:\windows\system32\npptnt2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
S3 z3f2bus (Sony Ericsson driver (WDM)) - c:\windows\system32\drivers\z3f2bus.sys <Not Verified; MCCI; Sony Ericsson>
S3 z3f2mdfl (Sony Ericsson USB WMC Modem Filter) - c:\windows\system32\drivers\z3f2mdfl.sys <Not Verified; MCCI; Sony Ericsson USB WMC Modem Filter Driver>
S3 z3f2mdm (Sony Ericsson USB WMC Modem Driver) - c:\windows\system32\drivers\z3f2mdm.sys <Not Verified; MCCI; Sony Ericsson USB WMC Modem>
S3 z3f2mgmt (Sony Ericsson USB WMC Device Management Drivers (WDM)) - c:\windows\system32\drivers\z3f2mgmt.sys <Not Verified; MCCI; Sony Ericsson USB WMC Device Management>
S3 z3f2obex (Sony Ericsson USB WMC OBEX Interface) - c:\windows\system32\drivers\z3f2obex.sys <Not Verified; MCCI; Sony Ericsson USB WMC OBEX Interface>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 PinnacleSys.MediaServer (Pinnacle Systems Media Service) - c:\program\pinnacle\shared files\programs\mediaserver\pmshost.exe <Not Verified; Pinnacle Systems; Media Server>
R2 Smartscaps (SmartTrust Smart Card Server) - c:\windows\system32\smartscaps.exe service <Not Verified; SmartTrust; SmartTrust Smart Card Server>
S2 ATI Smart - c:\windows\system32\ati2sgag.exe (file missing)
S3 gusvc (Google Updater Service) - "c:\program\google\common\google updater\googleupdaterservice.exe" (file missing)
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\328820C55042A1
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\328820C55042A1
Service: NIC1394
-- Scheduled Tasks -------------------------------------------------------------
2008-06-25 17:30:49 396 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job
2008-06-16 20:00:01 640 --a------ C:\WINDOWS\Tasks\Norton Internet Security - Kör fullständig systemsökning - Maria Eriksson.job
-- Files created between 2008-05-27 and 2008-06-27 -----------------------------
2008-06-27 09:30:21 0 d-------- C:\NSS
2008-06-26 20:26:43 0 d-------- C:\Program\Trend Micro
2008-06-26 18:35:45 94208 --a------ C:\WINDOWS\system32\pphc79rj0ej37.exe
2008-06-26 16:50:53 0 d-------- C:\Documents and Settings\Maria Eriksson\Application Data\Malwarebytes
2008-06-26 16:50:49 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-26 16:50:48 0 d-------- C:\Program\Malwarebytes' Anti-Malware
2008-06-26 12:10:34 0 d-------- C:\Documents and Settings\Maria Eriksson\Application Data\rhc39rj0ej37
2008-06-26 12:06:37 0 d-------- C:\Program\rhc39rj0ej37
2008-06-26 12:05:25 139264 --a------ C:\WINDOWS\etgv.exe
2008-06-26 12:04:51 60928 --a------ C:\WINDOWS\system32\blphc79rj0ej37.scr <Not Verified; Sysinternals; Sysinternals Blue Screen>
2008-06-26 12:04:44 109056 --a------ C:\WINDOWS\system32\lphc79rj0ej37.exe
2008-06-26 11:01:04 0 d-------- C:\Program\MAIET
2008-06-25 15:25:46 0 d-------- C:\Program\TuneUp Utilities 2007
2008-06-25 15:23:30 0 d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-06-25 15:23:25 0 d-------- C:\Program\Delade filer\Wise Installation Wizard
2008-06-24 22:33:41 0 d-------- C:\Documents and Settings\All Users\Application Data\TrackMania
2008-06-24 21:58:47 0 d-------- C:\Program\TmNationsForever
2008-06-19 19:39:39 0 d-------- C:\Program\Microsoft Xbox 360 Accessories
2008-06-17 21:22:40 0 d-------- C:\Documents and Settings\Maria Eriksson\Application Data\SPORE Creature Creator
2008-06-17 21:19:36 0 d-------- C:\ProgramData
2008-06-17 21:19:14 1190 --a------ C:\WINDOWS\system32\ealregsnapshot1.reg
2008-06-17 21:17:17 0 d-------- C:\Program\Electronic Arts
2008-06-17 19:02:46 0 d-------- C:\WINDOWS\system32\Adobe
2008-06-15 22:01:59 69468 --a------ C:\WINDOWS\War3Unin.dat
2008-06-15 22:01:58 2829 --a------ C:\WINDOWS\War3Unin.pif
2008-06-15 22:01:58 139264 --a------ C:\WINDOWS\War3Unin.exe <Not Verified; Blizzard Entertainment; Warcraft III Uninstaller>
2008-06-02 21:51:48 21840 --a-----t C:\WINDOWS\system32\SIntfNT.dll
2008-06-02 21:51:48 17212 --a-----t C:\WINDOWS\system32\SIntf32.dll
2008-06-02 21:51:48 12067 --a-----t C:\WINDOWS\system32\SIntf16.dll
2008-06-01 15:54:38 0 d-------- C:\Program\Rockstar Games
-- Find3M Report ---------------------------------------------------------------
2008-06-27 11:02:15 0 d-------- C:\Program\Delade filer\Symantec Shared
2008-06-26 11:58:58 0 d-------- C:\Documents and Settings\Maria Eriksson\Application Data\uTorrent
2008-06-25 21:33:08 0 d-------- C:\Documents and Settings\Maria Eriksson\Application Data\U3
2008-06-25 15:37:21 0 d-------- C:\Documents and Settings\Maria Eriksson\Application Data\Azureus
2008-06-25 15:23:25 0 d-------- C:\Program\Delade filer
2008-06-18 22:26:07 0 d-------- C:\Program\EA Games
2008-06-18 22:01:19 0 d-------- C:\Program\Plugins
2008-06-18 22:01:17 0 d-------- C:\Program\QTSystem
2008-06-17 21:19:51 0 d--h----- C:\Program\InstallShield Installation Information
2008-06-16 20:12:36 0 d-------- C:\Program\Warcraft III
2008-06-13 12:10:56 0 d-------- C:\Program\LucasArts
2008-06-08 15:28:56 429598 --a------ C:\WINDOWS\system32\perfh01D.dat
2008-06-08 15:28:56 84046 --a------ C:\WINDOWS\system32\perfc01D.dat
2008-06-04 22:14:06 0 d-------- C:\Program\SpywareBlaster
2008-06-04 09:22:27 0 d-------- C:\Program\Java
2008-06-02 15:55:57 0 d-------- C:\Program\Symantec
2008-05-27 21:26:42 0 d-------- C:\Program\GameSpy Arcade
2008-05-26 15:51:18 0 d-------- C:\Documents and Settings\Maria Eriksson\Application Data\dvdcss
2008-05-21 20:17:34 0 d-------- C:\Program\Text2PDF v1.5
2008-05-21 17:32:00 0 d-------- C:\Program\OverDrive ReaderWorks
2008-05-21 17:30:06 0 d-------- C:\Program\Delade filer\OverDrive Shared
2008-05-14 15:35:48 0 d-------- C:\Program\Microsoft Reader
2008-05-12 19:10:24 0 d-------- C:\Program\Hitman Pro
2008-05-12 19:09:47 0 d-------- C:\Documents and Settings\Maria Eriksson\Application Data\Lavasoft
2008-05-11 12:23:42 0 d-------- C:\Program\Games-Masters.com
2008-05-07 18:24:52 0 d-------- C:\Documents and Settings\Maria Eriksson\Application Data\TuneUp Software
2008-05-07 16:25:11 0 d-------- C:\Program\Citrix
2008-05-02 10:00:30 0 d-------- C:\Documents and Settings\Maria Eriksson\Application Data\SupportSoft
2008-04-10 20:27:55 85470 --ahs---- C:\WINDOWS\system32\CJQrtBeg.ini2
2008-04-02 11:03:07 6429 --ahs---- C:\WINDOWS\system32\tsYFOnnn.ini2
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
2007-08-24 21:51 316784 --a------ C:\Program\Delade filer\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
2008-04-02 11:44 116088 --a------ C:\Program\DELADE~1\SYMANT~1\IDS\IPSBHO.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program\Delade filer\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [2007-08-24 21:51 316784]
[-HKEY_CLASSES_ROOT\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2007-09-07 15:56]
"LXSUPMON"="C:\WINDOWS\System32\LXSUPMON.exe" [2002-02-13 04:31]
"diagent"="C:\Program\Creative\SBLive\Diagnostics\diagent.exe" [2002-04-03 01:01]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2004-03-11 01:26]
"SunJavaUpdateSched"="C:\Program\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28]
"Easy-PrintToolBox"="C:\Program\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [2006-10-17 03:20]
"ccApp"="C:\Program\Delade filer\Symantec Shared\ccApp.exe" [2008-02-14 11:01]
"osCheck"="C:\Program\Norton Internet Security\osCheck.exe" [2007-08-24 22:53]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 01:07]
"nwiz"="nwiz.exe" [2007-09-17 01:07 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-09-17 01:07]
"Pinnacle WebUpdater"="C:\Program\Pinnacle\Shared Files\\Programs\WebUpdater\WebUpdater.exe" [2006-06-08 10:40]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2007-09-07 15:56]
"BIND SUPPORT SEEK FIRST"="C:\Documents and Settings\All Users\Application Data\dumb pure bind support\TWO VGA.exe" [2008-06-26 22:49]
"QuickTime Task"="C:\Program\QTTask.exe" [2007-10-19 21:16]
"lphc79rj0ej37"="C:\WINDOWS\system32\lphc79rj0ej37.exe" [2008-06-26 12:04]
"SMrhc39rj0ej37"="C:\Program\rhc39rj0ej37\rhc39rj0ej37.exe" [2008-06-25 22:31]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 10:34]
"LDM"="C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-09 17:11]
"PMCS"="C:\Program\Pinnacle\Shared Files\\Programs\MediaCenterService\PMC.Service.Main.exe" [2006-06-08 10:42]
"msnmsgr"="C:\Program\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:35]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"*SPRTRA"=rundll32.exe "C:\Program\DELADE~1\SYMANT~1\SUPPOR~1\tgctlcm.dll",JoinBackIssue
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"SymLnch"="C:\Documents and Settings\Maria Eriksson\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070829\Support\SymLnch\SymLnch.exe" "C:\Documents and Settings\Maria Eriksson\Application Data\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070829\Setup.exe" "/REALUPREBOOT /temp /patched"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ALUAlert"=C:\Program\Symantec\LiveUpdate\ALUNotify.exe
C:\Documents and Settings\All Users\Start-meny\Program\Autostart\
Certificate Mover.lnk - C:\Program\SmartTrust\SmartTrust Personal\Csp\SmartCertmover.exe [2004-05-07 18:14:36]
Logitech Desktop Messenger.lnk - C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-03-09 17:11:22]
Logitech SetPoint.lnk - C:\Program\Logitech\SetPoint\KEM.exe [2005-12-25 12:38:13]
Personal.lnk - C:\Program\Personal\bin\Personal.exe [2007-12-03 19:56:18]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
"NoDispBackgroundPage"=1 (0x1)
"NoDispScrSavPage"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
@=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
C:\Program\Citrix\GoToAssist\508\G2AWinLogon.dll 2008-05-07 16:25 10536 C:\Program\Citrix\GoToAssist\508\g2awinlogon.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="C:\Program\DAEMON Tools Lite\daemon.exe" -autorun
"swg"=C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"AdaptecDirectCD"="C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
"Adobe Reader Speed Launcher"="C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"QuickTime Task"="C:\Program\QTTask.exe" -atboottime
"PMCRemote"="C:\Program\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe"
"woodii_updater"=C:\Program\WoodiiMeny2\wu.exe
"XboxStat"="c:\Program\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6dee5f24-b915-11dc-8c7a-0007e9488958}]
AutoRun\command- G:\LaunchU3.exe -a
*Newly Created Service* - COMHOST
-- Hosts -----------------------------------------------------------------------
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
8076 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-06-27 11:03:35 ------------
Here is the extra.txt :Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: Swedish
CPU 0: Intel(R) Pentium(R) 4 CPU 2.66GHz
Percentage of Memory in Use: 66%
Physical Memory (total/avail): 511 MiB / 171.47 MiB
Pagefile Memory (total/avail): 1249.04 MiB / 765.81 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1927.67 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 111.7 GiB total, 65.36 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - WDC WD1200JB-75CRA0 - 111.76 GiB - 2 partitions
\PARTITION0 - Unknown - 54.88 MiB
\PARTITION1 (bootable) - Installerbart filsystem - 111.7 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FW: Norton Internet Security v15.0.0.60 (Symantec Corporation)
AV: Norton Internet Security v15.0.0.60 (Symantec Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program\\Windows Live\\Messenger\\livecall.exe"="C:\\Program\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program\\LucasArts\\SWKotOR2\\swupdate.exe"="C:\\Program\\LucasArts\\SWKotOR2\\swupdate.exe:*:Enabled:Star Wars: Knights of the Old Republic II: The Sith Lords Update Program"
"C:\\Program Files\\LucasArts\\SWKotOR\\swupdate.exe"="C:\\Program Files\\LucasArts\\SWKotOR\\swupdate.exe:*:Enabled:Star Wars: Knights of the old Republic Update Program"
"C:\\Program\\Warcraft III\\Warcraft III.exe"="C:\\Program\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"D:\\cdextra.exe"="D:\\cdextra.exe:*:Enabled:Macromedia Projector"
"C:\\Program\\Messenger\\msmsgs.exe"="C:\\Program\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program\\World of Warcraft\\WoW-1.12.0.5595-to-1.12.1.5875-enGB-downloader.exe"="C:\\Program\\World of Warcraft\\WoW-1.12.0.5595-to-1.12.1.5875-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program\\World of Warcraft\\WoW-1.12.0-enGB-downloader.exe"="C:\\Program\\World of Warcraft\\WoW-1.12.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program\\Pinnacle\\Studio 10\\programs\\RM.exe"="C:\\Program\\Pinnacle\\Studio 10\\programs\\RM.exe:*:Enabled:Render Manager"
"C:\\Program\\Pinnacle\\Studio 10\\programs\\Studio.exe"="C:\\Program\\Pinnacle\\Studio 10\\programs\\Studio.exe:*:Enabled:Studio"
"C:\\Program\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"="C:\\Program\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\\Program\\Pinnacle\\Studio 10\\programs\\umi.exe"="C:\\Program\\Pinnacle\\Studio 10\\programs\\umi.exe:*:Enabled:umi"
"C:\\Program\\Pinnacle\\MediaCenter\\PMC.exe"="C:\\Program\\Pinnacle\\MediaCenter\\PMC.exe:LocalSubNet:Enabled:Pmc.exe"
"C:\\Program\\Pinnacle\\MediaCenter\\PSST.exe"="C:\\Program\\Pinnacle\\MediaCenter\\PSST.exe:LocalSubNet:Enabled:PSST.exe"
"C:\\Program\\Pinnacle\\Shared Files\\Programs\\MediaManager\\PMSManager.exe"="C:\\Program\\Pinnacle\\Shared Files\\Programs\\MediaManager\\PMSManager.exe:LocalSubNet:Enabled:PMSManager.exe"
"C:\\Program\\Pinnacle\\MediaCenter\\PMSInstallInit.exe"="C:\\Program\\Pinnacle\\MediaCenter\\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe"
"C:\\Program\\Pinnacle\\MediaCenter\\PMC.Tvtv.Wizard.exe"="C:\\Program\\Pinnacle\\MediaCenter\\PMC.Tvtv.Wizard.exe:LocalSubNet:Enabled:PMC.Tvtv.Wizard.exe"
"C:\\Program\\Pinnacle\\Shared Files\\Programs\\MediaServer\\PMSInstallInit.exe"="C:\\Program\\Pinnacle\\Shared Files\\Programs\\MediaServer\\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe"
"C:\\WINDOWS\\system32\\services.exe"="C:\\WINDOWS\\system32\\services.exe:*:Enabled:Tjänst- och styrenhetsprogram"
"C:\\Program\\World of Warcraft\\WoW-1.12.x-to-2.0.1-enGB-patch-downloader.exe"="C:\\Program\\World of Warcraft\\WoW-1.12.x-to-2.0.1-enGB-patch-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program\\World of Warcraft\\WoW-2.0.3-enGB-downloader.exe"="C:\\Program\\World of Warcraft\\WoW-2.0.3-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program\\World of Warcraft\\WoW-2.0.3.6299-to-2.0.5.6320-enGB-downloader.exe"="C:\\Program\\World of Warcraft\\WoW-2.0.3.6299-to-2.0.5.6320-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program\\World of Warcraft\\WoW-2.0.5.6320-to-2.0.6.6337-enGB-downloader.exe"="C:\\Program\\World of Warcraft\\WoW-2.0.5.6320-to-2.0.6.6337-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program\\World of Warcraft\\WoW-2.0.6.6337-to-2.0.7.6383-enGB-downloader.exe"="C:\\Program\\World of Warcraft\\WoW-2.0.6.6337-to-2.0.7.6383-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program\\World of Warcraft\\WoW-2.0.7.6383-to-2.0.8.6403-enGB-downloader.exe"="C:\\Program\\World of Warcraft\\WoW-2.0.7.6383-to-2.0.8.6403-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program\\World of Warcraft\\WoW-2.0.8.6403-to-2.0.10.6448-enGB-downloader.exe"="C:\\Program\\World of Warcraft\\WoW-2.0.8.6403-to-2.0.10.6448-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program\\Java\\jre1.6.0_01\\bin\\javaw.exe"="C:\\Program\\Java\\jre1.6.0_01\\bin\\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program\\uTorrent\\uTorrent.exe"="C:\\Program\\uTorrent\\uTorrent.exe:*:Enabled:uTorrent"
"C:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program\\Windows Live\\Messenger\\livecall.exe"="C:\\Program\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe:*:Enabled:Fjärrhjälp - Windows Messenger och tal"
"C:\\Program\\Pinnacle\\Shared Files\\Programs\\MediaCenterService\\PMC.Service.Main.exe"="C:\\Program\\Pinnacle\\Shared Files\\Programs\\MediaCenterService\\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Maria Eriksson\Application Data
CLASSPATH=.;C:\Program\Java\jre1.6.0_01\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program\Delade filer
COMPUTERNAME=MARIA-88L53ZXZY
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Maria Eriksson
LOGONSERVER=\\MARIA-88L53ZXZY
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program\ATI Technologies\ATI Control Panel;C:\Program\Sonic\MyDVD;C:\Program\Delade filer\Roxio Shared\DLLShared\;C:\Program\Delade filer\Adaptec Shared\System;C:\Program\Microsoft SQL Server\80\Tools\Binn\;C:\Program\QTSystem\;C:\Program\ATI Technologies\ATI.ACE\Core-Static;C:\Program\Pinnacle\Shared Files;C:\Program\Pinnacle\Shared Files\Filter
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program
PROMPT=$P$G
QTJAVA=C:\Program\Java\jre1.6.0_01\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\MARIAE~1\LOKALA~1\Temp
TMP=C:\DOCUME~1\MARIAE~1\LOKALA~1\Temp
USERDOMAIN=MARIA-88L53ZXZY
USERNAME=Maria Eriksson
USERPROFILE=C:\Documents and Settings\Maria Eriksson
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Maria Eriksson
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> "C:\Program\Symantec\LiveUpdate\LSETUP.EXE" /U
--> C:\Program\Creative\SBLive\Program\Ctzapxx.EXE /X /U /S /R
--> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9
--> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9 /remove
--> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
--> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
--> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9
--> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9 /remove
--> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{51F5239C-197B-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
--> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{51F5239C-197B-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
--> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{55BC7EFA-D832-4EE3-9DEA-49B0C07539D9}\setup.exe" -l0x1d -L0x1danything
--> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{DCDC8E79-4600-4C02-9824-CD3BB8971D4E}\Setup.exe" -l0x1d -L0x1danything
--> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9
--> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9 /remove
--> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
--> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program\Delade filer\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program\Delade filer\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop Album 2.0 Starter Edition --> MsiExec.exe /I{11B569C2-4BF6-4ED0-9D17-A4273943CB24}
Adobe Reader 8.1.2 - Svenska --> MsiExec.exe /I{AC76BA86-7AD7-1053-7B44-A81200000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
AntivirXP08 --> "C:\Program\rhc39rj0ej37\uninstall.exe"
AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ATI Control Panel --> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
µTorrent --> "C:\Program\uTorrent\uTorrent.exe" /UNINSTALL
Canon iP2500 series --> "C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2500_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2500_series /L0x001d
Canon iP2500 series användarregistrering --> C:\Program\Canon\IJEREG\iP2500 series\UNINST.EXE
Canon Utilities Easy-LayoutPrint --> C:\Program\Canon\Easy-LayoutPrint\uninst.exe uninst.ini
Canon Utilities Easy-PhotoPrint --> C:\Program\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
Canon Utilities Easy-PrintToolBox --> C:\Program\Canon\Easy-PrintToolBox\uninst.exe uninst.ini
ccCommon --> MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118}
Component Framework --> MsiExec.exe /I{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}
Conexant SmartHSFi V.9x 56K Speakerphone PCI Modem --> C:\Program\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2702\HXFSETUP.EXE -U -IDel8d8xk.INF
Dell ResourceCD --> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe"
Disc2Phone --> MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
DiscAPI (Studio 10) --> MsiExec.exe /X{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}
DivX --> C:\Program\DivX\DivXCodecUninstall.exe /CODEC
DivX Web Player --> C:\Program\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EA Download Manager --> C:\Program\DELADE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1053
Easy CD Creator 5 Basic --> MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0}
En Riktig Jul --> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{F4D003CD-C820-48AE-9DAB-5C54F9060839}\SETUP.EXE" -l0x1d
FirstClass® Client --> RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{5B35C417-2649-11D6-83D1-0050FC01225C}\setup.exe" -l0x1d -uninst
Free CD-DA Extractor 4.8 --> C:\WINDOWS\iun6002.exe "C:\Program\Free CD-DA Extractor 4.8\irunin.ini"
GameSpy Arcade --> C:\Program\GAMESP~1\UNWISE.EXE C:\Program\GAMESP~1\INSTALL.LOG
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
GoToAssist 8.0.0.508 --> C:\Program\Citrix\GoToAssist\508\G2AUninstaller.exe /uninstall
Grand Theft Auto Vice City --> RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\Setup.exe" -l0x9
Guild Wars --> "C:\Program\Guild Wars\Gw.exe" -uninstall
HijackThis 2.0.2 --> "C:\Program\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Intel(R) PRO Network Adapters and Drivers --> Prounstl.exe
InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe
J2SE Runtime Environment 5.0 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Lexmark Supplies Monitor --> C:\WINDOWS\System32\LXSMUNIN.EXE
LiveUpdate (Symantec Corporation) --> MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate"
LiveUpdate (Symantec Corporation) --> MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
Logitech Desktop Messenger --> RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.EXE" -l0x1d UNINSTALL
Logitech SetPoint --> RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x1d
Malwarebytes' Anti-Malware --> "C:\Program\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live & Sponsor (CiD) --> "C:\Program\Messenger Plus! Live\Uninstall.exe"
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{9111041D-6000-11D3-8CFE-0150048383C9}
Microsoft Reader --> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{B6F7DBE7-2FE2-458F-A738-B10832746036}\Setup.exe" -L0x9
Microsoft SQL Server Desktop Engine (PINNACLESYS) --> MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Xbox 360 Accessories 1.1 --> MsiExec.exe /X{6F6B46DC-4289-454E-8FFD-80CE597F403B}
Mozilla Firefox (2.0.0.14) --> C:\Program\Mozilla Firefox\uninstall\helper.exe
MP3 Player --> MsiExec.exe /I{EA470D3B-058E-4772-B020-3C8C1F652A2E}
Multimedia Screen Saver --> C:\Program\MULTIM~1\UNWISE.EXE C:\Program\MULTIM~1\INSTALL.LOG
MUSICMATCH® Jukebox --> C:\Program\MUSICM~1\MUSICM~2\unmatch.exe
MyDVD --> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{5E835305-63BB-4E55-BBB7-EEBBE67774DB}\SETUP.EXE" -l0x1d -L0x1d /SMAINT
Nord --> C:\WINDOWS\system32\javaws.exe -uninstall -prompt "http://www.getnord.se/NordSwe.jnlp"
Norton AntiVirus --> MsiExec.exe /X{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}
Norton AntiVirus Help --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
Norton Confidential Core --> MsiExec.exe /I{55A6283C-638A-4EE0-B491-51118554BDA2}
Norton Internet Security --> MsiExec.exe /I{C1C185CA-C531-49F5-A6FA-B838405A049D}
Norton Internet Security (Symantec Corporation) --> "C:\Program\Delade filer\Symantec Shared\SymSetup\{C1C185CA-C531-49F5-A6FA-B838405A049D}_15_0_0_60\Setup.exe" /X
Norton Protection Center --> MsiExec.exe /I{62120008-8E1E-4807-860D-A8B48F8552DB}
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Personal 4.5.4 --> "C:\Program\Personal\bin\persinst.exe" -u
Pinnacle MediaCenter --> RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exe" -l0x1d
Pinnacle MediaServer --> RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{460CE8B9-6EC2-458A-90D4-691631ECE9D9}\setup.exe" -l0x1d UNINSTALL
PIXMA Extended Survey Program --> C:\Program\Canon\IJPLM\SETUP.EXE -R
PowerDVD --> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime --> MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121}
RAPID (Studio 10) --> MsiExec.exe /X{EEECE229-49F6-4851-A73A-99B058221F8C}
ReaderWorks Standard --> MsiExec.exe /I{6891401F-695B-447F-B3E3-3FDEDA952DC6}
Roxio CDEngine --> C:\WINDOWS\UNENG.EXE
Roxio VideoWave Movie Creator --> MsiExec.exe /I{BB46245B-CECA-406F-8790-3ABA0D01012F}
Sid Meier's Civilization 4 --> RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x9 -removeonly
SmartSound Quicktracks Plugin --> C:\Program\DELADE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
SmartTrust Personal 3.3.1 --> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{15072DAB-616F-4A02-9C3A-98F5C42A4774}\Setup.exe"
Snabbkorrigering för Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB939653) --> "C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB942615) --> "C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB950749) --> "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB951376) --> "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Sony Ericsson File Manager --> MsiExec.exe /X{C00FAC7F-DAF5-4FD8-83E7-5959C882A811}
Sony Ericsson Image Editor --> MsiExec.exe /X{506907A8-7146-4AFD-983A-FD08CC83D2DD}
Sony Ericsson MMS Home Studio --> MsiExec.exe /X{680DC451-F795-4D70-91B5-A3BB3BAC3A47}
Sony Ericsson Mobile Networking Wizard --> MsiExec.exe /X{03A70F27-D80E-4A22-A1B4-1C878FC6056A}
Sony Ericsson Sound Editor --> MsiExec.exe /X{8739AE20-81AF-43AA-8FAF-281B064612C2}
Sony Ericsson Sync Station --> MsiExec.exe /X{CBA04F21-D46C-46FC-9A8A-A5360F58CF94}
Sound Blaster Live! --> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{96E16100-A77F-4B31-B9AD-FFBA040EE1BD}\SETUP.EXE" -l0x9
SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
SPCS Administration --> MsiExec.exe /I{A737F62C-E5B4-4DF4-9CAC-5A4928BC983C}
SPORE™ Creature Creator Trial Edition --> "C:\Program\InstallShield Installation Information\{ECEE0279-785F-4CB3-9F28-E69813234BF8}\setup.exe" -runfromtemp -l0x001d -removeonly
SpywareBlaster 4.0 --> "C:\Program\SpywareBlaster\unins000.exe"
Star Wars(R) Knights of the Old Republic(R) II: The Sith Lords(TM) --> RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{629F65FB-7F3C-4D66-A1C0-20722744B7B6}\setup.exe" -l0x9 -removeonly
Star Wars(TM): Knights of the Old Republic (TM) --> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}\setup.exe" -l0x9
Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Studio 10 --> RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{3CB05291-F546-458E-A796-B5BCF5A3CDC4}\Setup2.exe" -l0x9 UNINSTALL
Symantec Technical Support Web Controls --> MsiExec.exe /X{20C53FA2-4307-4671-A93F-9463B29DFCF1}
Text To PDF Converter v1.5 --> "C:\Program\Text2PDF v1.5\unins000.exe"
TmNationsForever --> "C:\Program\TmNationsForever\unins000.exe"
TuneUp Utilities 2007 --> MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}
Uppdatering för Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB932823-v3) --> "C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB942840) --> "C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
USB MEMORY BAR --> RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{B1F69DF2-8C69-437E-A288-663326C4404A}\Setup.exe" -l0x9
Warcraft III: All Products --> C:\WINDOWS\War3Unin.exe C:\WINDOWS\War3Unin.dat
VeohTV BETA --> C:\Program\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.6d --> C:\Program\VideoLAN\VLC\uninstall.exe
Windows Live inloggningsassistenten --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Live installer --> MsiExec.exe /X{E17F76BE-50E9-4E7C-ADF6-6D8F44A9C6F3}
Windows Live Messenger --> MsiExec.exe /X{20503DFE-E5B2-491E-B2C5-8BCB5BF5B9E9}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR --> C:\Program\WinRAR\uninstall.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type15334 / Warning
Event Submitted/Written: 06/27/2008 09:00:24 AM
Event ID/Source: 19011 / MSSQL$PINNACLESYS
Event Description:
(SpnRegister) : Error 1355
Event Record #/Type15315 / Error
Event Submitted/Written: 06/26/2008 08:41:15 PM
Event ID/Source: 1000 / Application Error
Event Description:
Felaktigt program rhc39rj0ej37.exe, version 0.0.0.0, felaktig modul rhc39rj0ej37.exe, version 0.0.0.0, felaktig adress 0x00044019.
Mediespecifik händelse behandlas för [rhc39rj0ej37.exe!ws!]
Event Record #/Type15306 / Warning
Event Submitted/Written: 06/26/2008 08:40:14 PM
Event ID/Source: 19011 / MSSQL$PINNACLESYS
Event Description:
(SpnRegister) : Error 1355
Event Record #/Type15281 / Error
Event Submitted/Written: 06/26/2008 07:59:10 PM
Event ID/Source: 1000 / Application Error
Event Description:
Felaktigt program spyhunter3.exe, version 1.0.13.0, felaktig modul kernel32.dll, version 5.1.2600.3119, felaktig adress 0x00012a5b.
Mediespecifik händelse behandlas för [spyhunter3.exe!ws!]
Event Record #/Type15280 / Error
Event Submitted/Written: 06/26/2008 07:58:56 PM
Event ID/Source: 1000 / Application Error
Event Description:
Felaktigt program iexplore.exe, version 7.0.6000.16674, felaktig modul ieui.dll, version 7.0.5730.13, felaktig adress 0x000061b5.
Mediespecifik händelse behandlas för [iexplore.exe!ws!]
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type49892 / Error
Event Submitted/Written: 06/27/2008 09:01:26 AM
Event ID/Source: 7026 / Service Control Manager
Event Description:
Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start:
kcp
Event Record #/Type49891 / Error
Event Submitted/Written: 06/27/2008 09:01:26 AM
Event ID/Source: 7023 / Service Control Manager
Event Description:
Tjänsten Automatisk LiveUpdate-schemaläggare avbröts med följande fel:
%%2147500053
Event Record #/Type49890 / Error
Event Submitted/Written: 06/27/2008 09:01:26 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Tjänsten ATI Smart kunde inte startas på grund av följande fel:
%%2
Event Record #/Type49853 / Error
Event Submitted/Written: 06/26/2008 08:41:20 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start:
kcp
Event Record #/Type49852 / Error
Event Submitted/Written: 06/26/2008 08:41:20 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
Tjänsten Automatisk LiveUpdate-schemaläggare avbröts med följande fel:
%%2147500053
-- End of Deckard's System Scanner: finished at 2008-06-27 11:03:35 ------------
This is the results of virustotal on C:\WINDOWS\system32\lphc79rj0ej37.exe Fil lphc79rj0ej37.exe mottagen 2008.06.27 11:20:26 (CET)
Närvarande status: genomförd
Resultat: 10/33 (30.30%)
Compact Compact
Skriv ut resultat Skriv ut resultat
Antivirus Version Senaste Uppdatering Resultat
AhnLab-V3 - - -
AntiVir - - TR/Vundo.Gen
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - -
CAT-QuickHeal - - (Suspicious) - DNAScan
ClamAV - - -
DrWeb - - -
eSafe - - Suspicious File
eTrust-Vet - - -
Ewido - - -
F-Prot - - -
F-Secure - - -
Fortinet - - W32/Tibs.JNF!tr
GData - - -
Ikarus - - Trojan.Vundo
Kaspersky - - -
McAfee - - -
Microsoft - - Trojan:Win32/Tibs.GK
NOD32v2 - - -
Norman - - -
Panda - - -
Prevx1 - - Cloaked Malware
Rising - - -
Sophos - - Mal/Generic-A
Sunbelt - - -
Symantec - - Trojan.Fakeavalert
TheHacker - - -
TrendMicro - - -
VBA32 - - -
VirusBuster - - -
Webwasher-Gateway - - Trojan.Vundo.Gen
Övrig information
MD5: 37c7ce6bcfc6ce5f0a65f8e4a6b9fb8b
SHA1: 76ed1a18c55ef39818e6ebc8f6436a972075ff51
SHA256: e2ebc8426b9546a22855f31ad3559398a0a0c165bdae4bca3a8244d6d435f720
SHA512: ecf7464197ee01ca662c7c3fe3dde6911fc95b7e20df857b1be64d31d311d72d2e80875af5746124ac862c8d0be7dab70fbcd1c42e2e026923ed3b1ce21c5503
And here are the results of virustotals scan of C:\Program\rhc39rj0ej37\rhc39rj0ej37.exe Fil rhcn7cj0ea59.exe mottagen 2008.06.26 15:43:04 (CET)
Närvarande status: genomförd
Resultat: 5/33 (15.15%)
Compact Compact
Skriv ut resultat Skriv ut resultat
Antivirus Version Senaste Uppdatering Resultat
AhnLab-V3 2008.6.26.0 2008.06.26 -
AntiVir 7.8.0.59 2008.06.26 TR/Drop.Age.1642496
Authentium 5.1.0.4 2008.06.25 -
Avast 4.8.1195.0 2008.06.26 -
AVG 7.5.0.516 2008.06.26 -
BitDefender 7.2 2008.06.26 -
CAT-QuickHeal 9.50 2008.06.26 -
ClamAV 0.93.1 2008.06.26 -
DrWeb 4.44.0.09170 2008.06.26 -
eSafe 7.0.17.0 2008.06.25 -
eTrust-Vet 31.6.5907 2008.06.26 -
Ewido 4.0 2008.06.26 -
F-Prot 4.4.4.56 2008.06.25 -
F-Secure 7.60.13501.0 2008.06.24 -
Fortinet 3.14.0.0 2008.06.26 -
GData 2.0.7306.1023 2008.06.26 -
Ikarus T3.1.1.26.0 2008.06.26 Trojan.Win32.Tibs.GK
Kaspersky 7.0.0.125 2008.06.26 -
McAfee 5325 2008.06.25 -
Microsoft 1.3704 2008.06.26 Trojan:Win32/Tibs.GK
NOD32v2 3221 2008.06.26 -
Norman 5.80.02 2008.06.26 -
Panda 9.0.0.4 2008.06.26 -
Prevx1 V2 2008.06.26 Suspicious
Rising 20.50.32.00 2008.06.26 -
Sophos 4.30.0 2008.06.26 -
Sunbelt 3.0.1153.1 2008.06.15 -
Symantec 10 2008.06.26 -
TheHacker 6.2.92.362 2008.06.26 -
TrendMicro 8.700.0.1004 2008.06.26 -
VBA32 3.12.6.8 2008.06.26 -
VirusBuster 4.5.11.0 2008.06.23 -
Webwasher-Gateway 6.6.2 2008.06.26 Trojan.Drop.Age.1642496
Övrig information
File size: 1214976 bytes
MD5...: a06937ee3ab217a97affa6e2e9562a98
SHA1..: 296a7f2d89066bfc27705260112cb065afeb5d9e
SHA256: 084f31ccf8b074f40995f64764a101ca5b9c9d2d73485b6ce6c831cb6d248e32
SHA512: 5bdd49e6a3c68e27ed7e5af7e7a3686362826748355d75cd41f94e37e92325d3
f17ddca9fece50d0bb2012f99f7aa1fca9da365474f75cb369c8500c929dc706
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x4080ff
timedatestamp.....: 0x485d43ab (Sat Jun 21 18:08:43 2008)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x7f5b6 0x3aa00 8.00 52d73e5866d089b4ae74b3159302bc77
.rdata 0x81000 0x23b9e 0xc600 8.00 ffe74596c0adfcb9ab145f199ae8c75c
.data 0xa5000 0x1bfc1 0xc800 8.00 5616b0c42196ca1ac382d2e919296e5c
.tls 0xc1000 0xe76 0x200 7.62 8fd422fcf2dc99ffd720a37272d7c5a4
.rsrc 0xc2000 0xd4000 0xd4000 5.10 777b0080d4663df1dff625d0cf10217c
( 3 imports )
> kernel32.dll: CompareFileTime, CopyFileW, CreateThread, DefineDosDeviceW, EnumResourceTypesW, GetCommConfig, GetConsoleWindow, GetDateFormatW
> user32.dll: DdePostAdvise, CascadeWindows, ClientToScreen
> msvcrt.dll: _mbccpy, _mbctombb, _mbsdec, _pctype, _snprintf, _snwprintf
( 0 exports )
Prevx info:
http://info.prevx.com/aboutprogramtext. ... 008C1C6CD3