Avatar billede rigtigebuko Nybegynder
07. marts 2007 - 15:40 Der er 19 kommentarer og
1 løsning

Hjælp til HiJack

Nogen der kan hjælpe med at Hijacke??? Jeg sidder ved min venindes bærbare og hun har ikke haft sikkerhed på computeren længe...
Der kommer en side, der hedder about:blank, hver gang man lukker et vindue i Internet Explorer. Den vil heller ikke hente automatiske opdateringer, de mislykkedes... Også er den blevet ekstrem langsom...


Logfile of HijackThis v1.99.1
Scan saved at 14:41:48, on 07-03-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Eva\Skrivebord\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Programmer\SpywareGuard\dlprotect.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar4.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programmer\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LaunchAp] "C:\Programmer\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [PowerKey] "C:\Programmer\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] "C:\Programmer\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Programmer\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Programmer\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Programmer\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Programmer\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Programmer\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Image Zone Hurtig start.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://evahamborg.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmer\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
Avatar billede ejvindh Ekspert
07. marts 2007 - 15:41 #1
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=36038

Jeg kan se, at du har lagt loggen flere steder. Det bliver noget rod at løse den flere steder, derfor synes jeg du skal vælge om du vil have den løst herinde, eller på Spywarefri.
Avatar billede rigtigebuko Nybegynder
07. marts 2007 - 15:44 #2
kommer an på om du vil have point :)
Jeg har bare brug for hjælp... Vidste jo ikke folk holdte øje med begge steder... Sorry :(
Avatar billede rigtigebuko Nybegynder
07. marts 2007 - 15:46 #3
Håber på hjælp her... Har skrevet forklaring til spywarefris forum...
Avatar billede ejvindh Ekspert
07. marts 2007 - 15:49 #4
Ok. Der er ikke så meget at komme efter i HJT-loggen, men prøv lige at køre disse ekstra-skanninger:

-- Opdatér SuperAntispyware.

-- Hent Dr. Web, og gem det på skrivebordet:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

Hent dette værktøj:
http://www.uploads.ejvindh.net/rootchk.exe
Dobbeltklik på filen, og læg resultatet herind til et sidste check.

-- Genstart i fejlsikret, hvis du ikke ved hvordan så kig her:
http://www.ctrlaltdel.dk/forum/forum_posts.asp?TID=23&PN=1

-- Dobbeltklik på drweb-cureit.exe, den vil køre en expressscan, det siger du ja til. Lad den slette hvad den finder (say Yes to all). Undervejs i scanningen vil der dukke en grøn popup som tilbyder dig at købe Dr.Web, hvor du får mulighederne "Buy" eller "50% discount". Her skal du bare lukke popuppen, ved at klikke på krydset øverst til højre.

Når den skriver "Select object for Scanning" nederst til venstre, skal du klikke på Options->Change settings.
Skift til fanebladet Scan, fjern fluebenet ved Heuristic analysis.
Skift til fanebladet - File Types, prik i - All Files
Skift til fanebladet Actions, her skal alle punkter under Malware sættes til Move.
Fjern flueben ved "Prompt on action"
Ved "Move path", skriver du i tekstboksen "c:\" Så der kommer til at stå "c:\infected".
Skift til fanbladet Log File. Der fjerner du flueben ved: "Scanned objects" og "Archivers name".
Tryk på Anvend

Klik så på det eller de drev du vil have scannet, der kommer en rød prik for at vise det/de er valgt.
Tryk så på den grønne pil nederst til højre, så scanner den.
Lad den slette/move hvad den finder (Say yes to all)

Når scanningen er færdig, gå op i file – Tryk på- Save Report list.

Så ligger der en en fil der her hedder "drweb.csv" på skrivebordet. Luk Programmet

-- Start herefter SuperAntispyware, klik "Scan your computer", sæt flueben i dine drev, ovre til venstre i vinduet. Ovre til højre i vinduet, sætter du prik i "Perform Complete Scan". Klik "næste", nu scanner den. Når den er færdig, så markerer du det den finder, og lader scannereren fjerne det.

-- Genstart til normal tilstand (scannereren tilbyder måske at gøre det).
Åbn scannereren igen, og klik "preferences"-> "stastics/logs". Marker loggen, og klik "View log". Kopier loggen her ind i tråden, sammen med indholdet af drweb.csv og rootchk-loggen.
Avatar billede rigtigebuko Nybegynder
07. marts 2007 - 15:51 #5
Tak for hurtigt svar - Jeg prøver :)
Avatar billede rigtigebuko Nybegynder
07. marts 2007 - 15:57 #6
********************************* ROOTCHK-(07-03-06)-LOG, by ejvindh
07-03-2007 15:56:56,70

The rootkits that are detected by this tool were not found.

********************************* ROOTCHK-LOG-end
Avatar billede rigtigebuko Nybegynder
07. marts 2007 - 15:58 #7
Genstarter nu i fejlsikret tilstand og vender tilbage snarest...
Avatar billede rigtigebuko Nybegynder
07. marts 2007 - 19:28 #8
SUPERAntiSpyware Scan Log
Generated 03/07/2007 at 12:32 PM

Application Version : 3.5.1016

Core Rules Database Version : 3195
Trace Rules Database Version: 1205

Scan type      : Complete Scan
Total Scan Time : 00:37:02

Memory items scanned      : 468
Memory threats detected  : 0
Registry items scanned    : 5257
Registry threats detected : 48
File items scanned        : 28978
File threats detected    : 51

Adware.MyGlobalSearchBar
    HKLM\Software\Classes\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}
    HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10}
    HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10}
    HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10}\InprocServer32
    C:\PROGRAMMER\MYGLOBALSEARCH\BAR\1.BIN\MGSBAR.DLL
    HKLM\Software\Classes\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}
    HKCR\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}
    HKCR\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}
    HKCR\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}\InprocServer32
    HKCR\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}\InprocServer32#ThreadingModel
    HKCR\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}\Programmable
    HKCR\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}\TypeLib
    HKLM\Software\Classes\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}
    HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}
    HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}
    HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\InprocServer32
    HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\InprocServer32#ThreadingModel
    HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\Programmable
    HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\TypeLib
    HKLM\Software\Classes\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}
    HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}
    HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}
    HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\Control
    HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\InprocServer32
    HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\InprocServer32#ThreadingModel
    HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\MiscStatus
    HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\MiscStatus\1
    HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\ProgID
    HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\Programmable
    HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\TypeLib
    HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\Version
    HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\VersionIndependentProgID
    HKLM\Software\Classes\CLSID\{EF281620-A3A3-4f08-874F-D68CFC9B7945}
    HKCR\CLSID\{EF281620-A3A3-4F08-874F-D68CFC9B7945}
    HKCR\CLSID\{EF281620-A3A3-4F08-874F-D68CFC9B7945}
    HKCR\CLSID\{EF281620-A3A3-4F08-874F-D68CFC9B7945}\InprocServer32
    HKCR\CLSID\{EF281620-A3A3-4F08-874F-D68CFC9B7945}\InprocServer32#ThreadingModel
    HKCR\CLSID\{EF281620-A3A3-4F08-874F-D68CFC9B7945}\ProgID
    HKCR\CLSID\{EF281620-A3A3-4F08-874F-D68CFC9B7945}\Programmable
    HKCR\CLSID\{EF281620-A3A3-4F08-874F-D68CFC9B7945}\TypeLib
    HKCR\CLSID\{EF281620-A3A3-4F08-874F-D68CFC9B7945}\VersionIndependentProgID
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37B85A21-692B-4205-9CAD-2626E4993404}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar#{37B85A29-692B-4205-9CAD-2626E4993404}
    HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}
    HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0
    HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0\0
    HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0\0\win32
    HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0\FLAGS
    HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0\HELPDIR

Adware.Tracking Cookie
    C:\Documents and Settings\Eva\Cookies\eva@1072063249[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@ad.ofir[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@stats1.reliablestats[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@www.amaena[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@ads.beamfile[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@flixbanner.bearshare[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@secure.agoramedia[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@adfair[3].txt
    C:\Documents and Settings\Eva\Cookies\eva@ads.as4x.tmcs[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@www.sexdating[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@smileycentral[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@tracker.netklix[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@cgi-bin[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@agoramedia[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@adultmatchheat[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@stat.postdanmark[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@stats.drivecleaner[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@toplist[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@adultmatchfirm[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@www.winfixer[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@www.888[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@cassava[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@888[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@cts.metricsdirect[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@ads.arto[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@flashstat.jubii[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@www.winantivirus[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@ads2.jubii[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@winfixer[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@e2.emediate[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@amaena[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@dk.winantivirus[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@winantivirus[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@drivecleaner[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@yieldmanager[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@centrebet.advertserve[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@azjmp[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@mb[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@dk.drivecleaner[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@ad.creafi[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@secure.winantivirus[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@netmediagroup[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@www.adult-matchfirm[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@adfair[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@ad.ofir[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@e2.emediate[2].txt
    C:\Documents and Settings\Eva\Cookies\eva@stats1.reliablestats[1].txt
    C:\Documents and Settings\Eva\Cookies\eva@cts.metricsdirect[1].txt

Trojan.WinAntiSpyware/WinAntiVirus 2006/2007
    C:\WINDOWS\system32\stera.job

Trojan.ErrorSafe
    C:\DOCUMENTS AND SETTINGS\EVA\APPLICATION DATA\ERRORSAFEFREEINSTALL_DK[1].EXE



Drweb åbnet i word, da den ikke ville åbne i excel

NPMYGLSH.DLL;C:\Programmer\MyGlobalSearch\bar\1.bin;Adware.Msearch;Moved.;
A0024466.exe;C:\System Volume Information\_restore{F54E5166-566F-42CC-AF40-B51007CE2568}\RP184;Trojan.DownLoader.10963;Deleted.;
A0024551.DLL;C:\System Volume Information\_restore{F54E5166-566F-42CC-AF40-B51007CE2568}\RP186;Adware.Msearch;Moved.;



********************************* ROOTCHK-(07-03-06)-LOG, by ejvindh
07-03-2007 19:26:59,53

The rootkits that are detected by this tool were not found.

********************************* ROOTCHK-LOG-end



Håber du bliver klogere og kan hjælpe... For det siger ikke mig noget...
Avatar billede ejvindh Ekspert
07. marts 2007 - 19:45 #9
Det ser ud til at særligt SuperAntispyware har gjort et godt stykke arbejde. Har det hjulpet på det oprindelige problem?

Hvis nej, så prøv dette:
Hent Oldtimer's WinPFind3 herfra:
http://download.bleepingcomputer.com/oldtimer/winpfind3u.exe

Dobbeltklik på WinPFind3u, som du hentede, og klik på Extract. Så udpakkes programmet i en særskilt mappe. Gå ind i denne mappe, og dobbeltklik på WinPFind3U.exe. Sæt så flueben og prikker på følgende måde:

Processes: Non-Microsoft
Win32 Services: Non-Microsoft
Driver Services: Non-Microsoft
Registry:  Non-Microsoft
Files Created Within: 30 Days, Non-Microsoft Only
Files Modified Within: 30 Days, Non-Microsoft Only
File String Search: None

Klik herefter på "Run Scan". Efter noget tid vil der dukke en logfil op, som du gerne må paste herind. Muligvis vil loggen være så lang, at den ikke kan være i en enkelt post. Så må du lægge den ind i flere dele.
Avatar billede rigtigebuko Nybegynder
07. marts 2007 - 19:50 #10
Intet af det hjalp på det oprindelige problem... Så jeg prøver dit næste foreslag :)
Avatar billede rigtigebuko Nybegynder
08. marts 2007 - 11:50 #11
WinPFind3 logfile created on: 08-03-2007 11:48:55
WinPFind3U by OldTimer - Version 1.0.20    Folder = C:\Documents and Settings\Eva\Skrivebord\winpfind3u\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)

252336 Kb Total Physical Memory | 55148 Kb Available Physical Memory | 21,85% Memory free
616888 Kb Paging File | 212384 Kb Available in Paging File | 34,43% Paging File free
Paging file location(s): C:\pagefile.sys 372 744;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmer
Drive C: | 27546032 Kb Total Space | 13683536 Kb Free Space | 49,68% Space Free
Drive D: | 27955456 Kb Total Space | 27881152 Kb Free Space | 99,73% Space Free
E: Drive not present or media not loaded
F: Drive not present or media not loaded


[Processes - Non-Microsoft Only]
anbmserv.exe -> %SystemDrive%\Acer\eManager\anbmServ.exe -> OSA Technologies Inc. [Ver = 3.0.6.9 | Size = 1273344 bytes | Modified Date = 06-06-2005 19:08:58 | Attr =    ]
ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe ->  [Ver = 4, 7, 936, 0 | Size = 108160 bytes | Modified Date = 15-01-2007 18:28:58 | Attr =    ]
ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 255616 bytes | Modified Date = 15-01-2007 18:28:32 | Attr =    ]
ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe ->  [Ver = 4, 7, 936, 0 | Size = 132736 bytes | Modified Date = 15-01-2007 18:28:52 | Attr =    ]
ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 370304 bytes | Modified Date = 15-01-2007 18:27:52 | Attr =    ]
aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe ->  [Ver =  | Size = 59008 bytes | Modified Date = 05-08-2006 17:10:10 | Attr =    ]
epm-dm.exe -> %SystemDrive%\Acer\ePM\epm-dm.exe -> Acer Inc [Ver = 2.62 | Size = 192512 bytes | Modified Date = 01-06-2005 14:17:08 | Attr =    ]
googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 1128, 5462 | Size = 171448 bytes | Modified Date = 12-02-2007 09:15:24 | Attr =    ]
hkcmd.exe -> %System32%\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4020 | Size = 126976 bytes | Modified Date = 23-01-2005 10:31:34 | Attr =    ]
hotkeyapp.exe -> %ProgramFiles%\Launch Manager\HotkeyApp.exe -> Wistron [Ver = 1, 0, 7, 0 | Size = 69632 bytes | Modified Date = 06-06-2005 11:52:10 | Attr =    ]
hpcmpmgr.exe -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 12-05-2004 15:18:56 | Attr =    ]
hpqgalry.exe -> %ProgramFiles%\HP\Digital Imaging\bin\hpqgalry.exe -> Hewlett-Packard Co. [Ver = 043.000.120.000 | Size = 520192 bytes | Modified Date = 15-03-2004 19:47:52 | Attr =    ]
hpqtra08.exe -> %ProgramFiles%\HP\Digital Imaging\bin\hpqtra08.exe -> Hewlett-Packard Co. [Ver = 43.0.120.000 | Size = 241664 bytes | Modified Date = 15-03-2004 19:08:06 | Attr =    ]
hpwuschd2.exe -> %ProgramFiles%\HP\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Co. [Ver = 50.0.146.000 | Size = 49152 bytes | Modified Date = 16-02-2005 23:11:42 | Attr =    ]
igfxtray.exe -> %System32%\igfxtray.exe -> Intel Corporation [Ver = 3.0.0.4020 | Size = 155648 bytes | Modified Date = 23-01-2005 10:36:10 | Attr =    ]
launchap.exe -> %ProgramFiles%\Launch Manager\LaunchAp.exe ->  [Ver = 1, 0, 1, 0 | Size = 32768 bytes | Modified Date = 25-07-2005 13:36:40 | Attr =    ]
monitor.exe -> %ProgramFiles%\acer\eRecovery\Monitor.exe -> acer Inc. [Ver = 1, 2, 11, 1 | Size = 352256 bytes | Modified Date = 29-06-2005 17:26:14 | Attr =    ]
osdctrl.exe -> %ProgramFiles%\Launch Manager\OSDCtrl.exe ->  [Ver = 1, 0, 1, 2 | Size = 241664 bytes | Modified Date = 25-07-2005 10:45:00 | Attr =    ]
pdvdserv.exe -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe -> Cyberlink Corp. [Ver = 5.00.0000 | Size = 32768 bytes | Modified Date = 15-07-2004 01:07:56 | Attr =    ]
powerkey.exe -> %ProgramFiles%\Launch Manager\Powerkey.exe ->  [Ver = 1, 4, 4, 0 | Size = 94208 bytes | Modified Date = 30-08-2002 15:02:48 | Attr =    ]
sgbhp.exe -> %ProgramFiles%\SpywareGuard\sgbhp.exe ->  [Ver = 2.02.0001 | Size = 233472 bytes | Modified Date = 29-08-2003 11:14:58 | Attr =    ]
sgmain.exe -> %ProgramFiles%\SpywareGuard\sgmain.exe ->  [Ver = 2.02.0001 | Size = 360448 bytes | Modified Date = 29-08-2003 19:05:36 | Attr =    ]
soundman.exe -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.0.38 | Size = 77824 bytes | Modified Date = 15-04-2005 11:01:46 | Attr =    ]
superantispyware.exe -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 3, 5, 0, 1016 | Size = 1310720 bytes | Modified Date = 10-01-2007 15:14:36 | Attr =    ]
syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 7.13.2 04Feb05 | Size = 708698 bytes | Modified Date = 04-02-2005 11:11:48 | Attr =    ]
syntplpr.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe -> Synaptics, Inc. [Ver = 7.13.2 04Feb05 | Size = 102490 bytes | Modified Date = 04-02-2005 11:12:58 | Attr =    ]
wbutton.exe -> %ProgramFiles%\Launch Manager\WButton.exe ->  [Ver = 1, 0, 6, 0 | Size = 81920 bytes | Modified Date = 25-07-2005 13:34:28 | Attr =    ]
winpfind3u.exe -> %UserDesktop%\winpfind3u\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.20.0 | Size = 310784 bytes | Modified Date = 04-03-2007 13:21:48 | Attr =    ]

[Win32 Services - Non-Microsoft Only]
(anbmService) Notebook Manager Service [Win32_Own | Auto | Running] -> %SystemDrive%\Acer\eManager\anbmServ.exe -> OSA Technologies Inc. [Ver = 3.0.6.9 | Size = 1273344 bytes | Modified Date = 06-06-2005 19:08:58 | Attr =    ]
(aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe ->  [Ver =  | Size = 59008 bytes | Modified Date = 05-08-2006 17:10:10 | Attr =    ]
(avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe ->  [Ver = 4, 7, 936, 0 | Size = 132736 bytes | Modified Date = 15-01-2007 18:28:52 | Attr =    ]
(avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 255616 bytes | Modified Date = 15-01-2007 18:28:32 | Attr =    ]
(avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 370304 bytes | Modified Date = 15-01-2007 18:27:52 | Attr =    ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 12-02-2007 09:14:54 | Attr =    ]

[Driver Services - Non-Microsoft Only]
(Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> %System32%\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.892.0 | Size = 31560 bytes | Modified Date = 21-12-2006 00:51:58 | Attr =    ]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] ->  -> File not found
(ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> %System32%\drivers\ALCXWDM.SYS -> Realtek Semiconductor Corp. [Ver = 5.10.5830 built by: WinDDK | Size = 2317504 bytes | Modified Date = 19-04-2005 10:40:52 | Attr =    ]
(AliIde) AliIde [Kernel | Boot | Running] -> %System32%\drivers\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 17-08-2001 21:51:56 | Attr =    ]
(amdagp) Filterdriver til AMD AGP-bus [Kernel | Boot | Running] -> %System32%\drivers\AMDAGP.SYS -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Modified Date = 03-08-2004 23:07:44 | Attr =    ]
(AR5211) Atheros Wireless Network Adapter Service [Kernel | On_Demand | Stopped] -> %System32%\drivers\ar5211.sys -> Atheros Communications, Inc. [Ver = 4.0.0.14001 | Size = 449888 bytes | Modified Date = 10-01-2005 15:47:14 | Attr =    ]
(asc) asc [Kernel | Boot | Running] -> %System32%\drivers\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Modified Date = 17-08-2001 21:52:00 | Attr =    ]
(asc3550) asc3550 [Kernel | Boot | Running] -> %System32%\drivers\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Modified Date = 17-08-2001 21:51:58 | Attr =    ]
(aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> %System32%\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.892.0 | Size = 94424 bytes | Modified Date = 21-12-2006 00:56:00 | Attr =    ]
(aswRdr) aswRdr [Kernel | On_Demand | Running] -> %System32%\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.936.0 | Size = 23352 bytes | Modified Date = 15-01-2007 18:26:08 | Attr =    ]
(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %System32%\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.936.0 | Size = 43176 bytes | Modified Date = 15-01-2007 18:25:24 | Attr =    ]
(Atdisk) Atdisk [Kernel | Disabled | Stopped] ->  -> File not found
(BCM43XX) Driver til Sony Ericsson 802.11 trådløs LAN-adapter [Kernel | On_Demand | Stopped] -> %System32%\drivers\BCMWL5.SYS -> Broadcom Corporation [Ver = 3.100.46.0 built by: WinDDK | Size = 369024 bytes | Modified Date = 22-12-2004 01:32:12 | Attr =    ]
(Changer) Changer [Kernel | System | Stopped] ->  -> File not found
(CmdIde) CmdIde [Kernel | Boot | Running] -> %System32%\drivers\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Modified Date = 04-10-2001 16:34:58 | Attr =    ]
(dac2w2k) dac2w2k [Kernel | Boot | Running] -> %System32%\drivers\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Modified Date = 17-08-2001 21:52:16 | Attr =    ]
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %System32%\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 800000 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
(dmio) dmio [Kernel | Disabled | Stopped] -> %System32%\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153600 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
(dmload) dmload [Kernel | Disabled | Stopped] -> %System32%\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
(EpmPsd) Acer EPM Power Scheme Driver [Kernel | Auto | Running] -> %System32%\drivers\epm-psd.sys -> Acer Value Labs, USA [Ver = 1.02 | Size = 4096 bytes | Modified Date = 19-07-2004 13:10:00 | Attr =    ]
(EpmShd) Acer EPM System Hardware Driver [Kernel | Auto | Running] -> %System32%\drivers\epm-shd.sys -> Acer Value Labs, USA [Ver = 1.24 | Size = 78208 bytes | Modified Date = 07-04-2005 18:08:46 | Attr =    ]
(FETNDIS) NT-driver til VIA PCI 10/100Mb Fast Ethernet-netværkskort [Kernel | On_Demand | Stopped] -> %System32%\drivers\fetnd5.sys -> VIA Technologies, Inc.              [Ver = 2.66 | Size = 27165 bytes | Modified Date = 17-08-2001 20:13:08 | Attr =    ]
(Hotkey) Hotkey [Kernel | System | Running] -> %System32%\drivers\HOTKEY.sys ->  [Ver =  | Size = 9867 bytes | Modified Date = 28-04-2003 11:27:06 | Attr =    ]
(HSFHWICH) HSFHWICH [Kernel | On_Demand | Running] -> %System32%\drivers\HSFHWICH.sys -> Conexant Systems, Inc. [Ver = 7.20.00 built by: WinDDK | Size = 207232 bytes | Modified Date = 15-12-2004 15:18:34 | Attr =    ]
(HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> %System32%\drivers\HSF_DP.sys -> Conexant Systems, Inc. [Ver = 7.20.00 built by: WinDDK | Size = 1038208 bytes | Modified Date = 15-12-2004 15:18:26 | Attr =    ]
(ialm) ialm [Kernel | On_Demand | Running] -> %System32%\drivers\ialmnt5.sys -> Intel Corporation [Ver = 6.14.10.4020 | Size = 804317 bytes | Modified Date = 23-01-2005 11:05:06 | Attr =    ]
(int15.sys) int15.sys [Kernel | Auto | Running] -> %ProgramFiles%\acer\eRecovery\int15.sys ->  [Ver =  | Size = 69632 bytes | Modified Date = 13-01-2005 14:46:16 | Attr =    ]
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] ->  -> File not found
(mailKmd) mailKmd [Kernel | System | Stopped] ->  -> File not found
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %System32%\drivers\mdmxsdk.sys -> Conexant [Ver = 1.0.2.006 | Size = 13059 bytes | Modified Date = 17-03-2004 11:04:14 | Attr =    ]
(mraid35x) mraid35x [Kernel | Boot | Running] -> %System32%\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 17-08-2001 21:52:12 | Attr =    ]
(NSCIRDA) NSC Infrared enhedsdriver [Kernel | On_Demand | Stopped] -> %System32%\drivers\nscirda.sys -> National Semiconductor Corporation [Ver = 5,02,00,011 (xpsp_sp2_rtm.040803-2158) | Size = 28672 bytes | Modified Date = 03-08-2004 23:00:52 | Attr =    ]
(NTIDrvr) Upper Class Filter Driver [Kernel | On_Demand | Running] -> %System32%\drivers\NTIDrvr.sys -> NewTech Infosystems, Inc. [Ver = 1, 0, 0, 6 | Size = 6144 bytes | Modified Date = 07-04-2006 17:34:30 | Attr =    ]
(osaio) osaio [Kernel | Auto | Running] -> %System32%\drivers\osaio.sys -> Avocent/OSA Technologies Inc. [Ver = 5.2.3790.0 built by: WinDDK | Size = 8704 bytes | Modified Date = 04-03-2005 16:37:26 | Attr =    ]
(osanbm) osanbm [Kernel | Auto | Running] -> %System32%\drivers\osanbm.sys -> Windows (R) 2000 DDK provider [Ver = 5.00.2195.1620 | Size = 4010 bytes | Modified Date = 14-01-2005 15:57:16 | Attr =    ]
(PCIDump) PCIDump [Kernel | System | Stopped] ->  -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] ->  -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] ->  -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] ->  -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] ->  -> File not found
(pfc) Padus ASPI Shell [Kernel | On_Demand | Stopped] -> %System32%\drivers\pfc.sys -> Padus, Inc. [Ver = 2, 5, 0, 204 | Size = 10368 bytes | Modified Date = 05-12-2003 18:46:36 | Attr =    ]
(POWERKEY) POWERKEY [Kernel | On_Demand | Running] -> %ProgramFiles%\Launch Manager\POWERKEY.SYS ->  [Ver =  | Size = 2343 bytes | Modified Date = 19-12-2000 18:29:52 | Attr =    ]
(Ptilink) Driver til direkte, parallel forbindelse [Kernel | On_Demand | Running] -> %System32%\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
(ql1080) ql1080 [Kernel | Boot | Running] -> %System32%\drivers\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Modified Date = 17-08-2001 21:52:20 | Attr =    ]
(ql12160) ql12160 [Kernel | Boot | Running] -> %System32%\drivers\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Modified Date = 17-08-2001 21:52:20 | Attr =    ]
(ql1280) ql1280 [Kernel | Boot | Running] -> %System32%\drivers\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Modified Date = 17-08-2001 21:52:18 | Attr =    ]
(RTL8023xp) Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver [Kernel | On_Demand | Running] -> %System32%\drivers\Rtlnicxp.sys -> Realtek Semiconductor Corporation                            [Ver = 5.620.1202.2004 built by: WinDDK | Size = 70912 bytes | Modified Date = 02-12-2004 16:36:08 | Attr =    ]
(SASENUM) SASENUM [Kernel | On_Demand | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASENUM.SYS -> SuperAdBlocker, Inc. [Ver = 1, 0, 0, 1002 | Size = 4096 bytes | Modified Date = 16-02-2006 16:51:08 | Attr = R  ]
(SASKUTIL) SASKUTIL [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASKUTIL.SYS ->  [Ver = 1, 0, 0, 1034 | Size = 30720 bytes | Modified Date = 09-01-2007 14:09:48 | Attr =    ]
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %System32%\drivers\secdrv.sys ->  [Ver =  | Size = 27440 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
(Simbad) Simbad [Kernel | Disabled | Stopped] ->  -> File not found
(sisagp) SIS AGP-busfilter [Kernel | Boot | Running] -> %System32%\drivers\SISAGP.SYS -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp_sp2_rtm.040803-2158) | Size = 41088 bytes | Modified Date = 03-08-2004 23:07:44 | Attr =    ]
(Sparrow) Sparrow [Kernel | Boot | Running] -> %System32%\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 17-08-2001 22:07:44 | Attr =    ]
(symc810) symc810 [Kernel | Boot | Running] -> %System32%\drivers\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Modified Date = 17-08-2001 22:07:34 | Attr =    ]
(symc8xx) symc8xx [Kernel | Boot | Running] -> %System32%\drivers\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Modified Date = 17-08-2001 22:07:36 | Attr =    ]
(sym_hi) sym_hi [Kernel | Boot | Running] -> %System32%\drivers\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Modified Date = 17-08-2001 22:07:40 | Attr =    ]
(sym_u3) sym_u3 [Kernel | Boot | Running] -> %System32%\drivers\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Modified Date = 17-08-2001 22:07:42 | Attr =    ]
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %System32%\drivers\SynTP.sys -> Synaptics, Inc. [Ver = 7.13.2 04Feb05 | Size = 193216 bytes | Modified Date = 04-02-2005 10:59:46 | Attr =    ]
(UBHelper) UBHelper [Kernel | Boot | Running] -> %System32%\drivers\UBHelper.sys ->  [Ver =  | Size = 13952 bytes | Modified Date = 17-12-2004 17:14:44 | Attr =    ]
(ultra) ultra [Kernel | Boot | Running] -> %System32%\drivers\ultra.sys -> Promise Technology, Inc. [Ver =  1.43 (Build 0603) | Size = 36736 bytes | Modified Date = 17-08-2001 21:52:22 | Attr =    ]
(USBCM) Scientific Atlanta USB Cable Modem Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\Sacm2K.sys ->  [Ver = 1.12.0.0000 | Size = 15429 bytes | Modified Date = 10-06-2004 18:42:38 | Attr = R  ]
(Wbutton) Wbutton [Kernel | System | Stopped] -> %System32%\drivers\Wbutton.sys -> File not found
(WDICA) WDICA [Kernel | On_Demand | Stopped] ->  -> File not found
(winachsf) winachsf [Kernel | On_Demand | Running] -> %System32%\drivers\HSF_CNXT.sys -> Conexant Systems, Inc. [Ver = 7.20.00 built by: WinDDK | Size = 703232 bytes | Modified Date = 15-12-2004 15:18:28 | Attr =    ]
(SASDIFSV) SASDIFSV [Kernel | System | Stopped] -> %ProgramFiles%\SUPERAntiSpyware\sasdifsv.sys ->  [Ver = 1, 0, 0, 1006 | Size = 5632 bytes | Modified Date = 10-10-2006 12:53:48 | Attr =    ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe ->  [Ver = 4, 7, 936, 0 | Size = 108160 bytes | Modified Date = 15-01-2007 18:28:58 | Attr =    ]
CtrlVol -> %ProgramFiles%\Launch Manager\CtrlVol.exe -> Wistron [Ver = 1, 0, 0, 7 | Size = 20480 bytes | Modified Date = 16-09-2003 14:28:26 | Attr =    ]
EPM-DM -> %SystemDrive%\Acer\ePM\epm-dm.exe -> Acer Inc [Ver = 2.62 | Size = 192512 bytes | Modified Date = 01-06-2005 14:17:08 | Attr =    ]
ePowerManagement -> %SystemDrive%\Acer\ePM\ePM.exe -> Acer Value Labs, Taiwan [Ver = 1.5.6.0 | Size = 2893824 bytes | Modified Date = 15-03-2005 10:03:06 | Attr =    ]
eRecoveryService -> %ProgramFiles%\acer\eRecovery\Monitor.exe -> acer Inc. [Ver = 1, 2, 11, 1 | Size = 352256 bytes | Modified Date = 29-06-2005 17:26:14 | Attr =    ]
HotKeysCmds -> %System32%\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.4020 | Size = 126976 bytes | Modified Date = 23-01-2005 10:31:34 | Attr =    ]
HP Component Manager -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 12-05-2004 15:18:56 | Attr =    ]
HP Software Update -> %ProgramFiles%\HP\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Co. [Ver = 50.0.146.000 | Size = 49152 bytes | Modified Date = 16-02-2005 23:11:42 | Attr =    ]
IgfxTray -> %System32%\igfxtray.exe -> Intel Corporation [Ver = 3.0.0.4020 | Size = 155648 bytes | Modified Date = 23-01-2005 10:36:10 | Attr =    ]
LaunchAp -> %ProgramFiles%\Launch Manager\LaunchAp.exe ->  [Ver = 1, 0, 1, 0 | Size = 32768 bytes | Modified Date = 25-07-2005 13:36:40 | Attr =    ]
LManager -> %ProgramFiles%\Launch Manager\HotkeyApp.exe -> Wistron [Ver = 1, 0, 7, 0 | Size = 69632 bytes | Modified Date = 06-06-2005 11:52:10 | Attr =    ]
LMgrOSD -> %ProgramFiles%\Launch Manager\OSDCtrl.exe ->  [Ver = 1, 0, 1, 2 | Size = 241664 bytes | Modified Date = 25-07-2005 10:45:00 | Attr =    ]
MSPY2002 -> %System32%\IME\PINTLGNT\IMSCINST.EXE ->  [Ver =  | Size = 59392 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
PowerKey -> %ProgramFiles%\Launch Manager\Powerkey.exe ->  [Ver = 1, 4, 4, 0 | Size = 94208 bytes | Modified Date = 30-08-2002 15:02:48 | Attr =    ]
preload -> %SystemRoot%\RUNXMLPL.EXE -> Wistron [Ver = 1, 0, 0, 2 | Size = 32768 bytes | Modified Date = 19-05-2005 17:09:52 | Attr =    ]
RemoteControl -> %ProgramFiles%\CyberLink\PowerDVD\PDVDServ.exe -> Cyberlink Corp. [Ver = 5.00.0000 | Size = 32768 bytes | Modified Date = 15-07-2004 01:07:56 | Attr =    ]
SoundMan -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.0.38 | Size = 77824 bytes | Modified Date = 15-04-2005 11:01:46 | Attr =    ]
SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 7.13.2 04Feb05 | Size = 708698 bytes | Modified Date = 04-02-2005 11:11:48 | Attr =    ]
SynTPLpr -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe -> Synaptics, Inc. [Ver = 7.13.2 04Feb05 | Size = 102490 bytes | Modified Date = 04-02-2005 11:12:58 | Attr =    ]
Wbutton -> %ProgramFiles%\Launch Manager\WButton.exe ->  [Ver = 1, 0, 6, 0 | Size = 81920 bytes | Modified Date = 25-07-2005 13:34:28 | Attr =    ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 3, 5, 0, 1016 | Size = 1310720 bytes | Modified Date = 10-01-2007 15:14:36 | Attr =    ]
swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe -> Google Inc. [Ver = 1, 2, 1128, 5462 | Size = 171448 bytes | Modified Date = 12-02-2007 09:15:24 | Attr =    ]
< Common Startup > -> C:\Documents and Settings\All Users\Menuen Start\Programmer\Start
%AllUsersStartup%\HP Digital Imaging Monitor.lnk -> %ProgramFiles%\HP\Digital Imaging\bin\hpqtra08.exe -> Hewlett-Packard Co. [Ver = 43.0.120.000 | Size = 241664 bytes | Modified Date = 15-03-2004 19:08:06 | Attr =    ]
%AllUsersStartup%\HP Image Zone Hurtig start.lnk -> %ProgramFiles%\HP\Digital Imaging\bin\hpqthb08.exe -> Hewlett-Packard Co. [Ver = 043.000.120.000 | Size = 53248 bytes | Modified Date = 15-03-2004 19:45:34 | Attr =    ]
< User Startup > -> C:\Documents and Settings\Eva\Menuen Start\Programmer\Start
%UserStartup%\SpywareGuard.lnk -> %ProgramFiles%\SpywareGuard\sgmain.exe ->  [Ver = 2.02.0001 | Size = 360448 bytes | Modified Date = 29-08-2003 19:05:36 | Attr =    ]
< Disabled MSConfig Registry Items [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\
BearShare -> Reg Data - Value does not exist -> File not found
ErrorSafe -> Reg Data - Value does not exist -> File not found
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_06\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 36975 bytes | Modified Date = 10-11-2005 13:03:52 | Attr =    ]
SweetIM -> %ProgramFiles%\Macrogaming\SweetIM\SweetIM.exe -> MacroGaming LTD. [Ver = 1, 1, 0, 162 | Size = 40960 bytes | Modified Date = 06-06-2006 10:07:48 | Attr = R  ]
zango -> Reg Data - Value does not exist -> File not found
< File Associations > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\
.bat [@ = batfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.chm [@ = chm.file] -> PersistentHandler = Reg Data - Key not found ->
.cmd [@ = cmdfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.com [@ = comfile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb} ->
.cpl [@ = cplfile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb} ->
.exe [@ = exefile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb} ->
.hlp [@ = hlpfile] -> PersistentHandler = Reg Data - Key not found ->
.hta [@ = htafile] -> PersistentHandler = Reg Data - Key not found ->
.html [@ = htmlfile] -> PersistentHandler = {eec97550-47a9-11cf-b952-00aa0051fe20} ->
.inf [@ = inffile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.ini [@ = inifile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.url [@ = InternetShortcut] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.js [@ = JSFile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.jse [@ = JSEFile] -> PersistentHandler = Reg Data - Key not found ->
.pif [@ = piffile] -> PersistentHandler = Reg Data - Key not found ->
.reg [@ = regfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.scr [@ = scrfile] -> PersistentHandler = Reg Data - Key not found ->
.txt [@ = txtfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.vbe [@ = VBEFile] -> PersistentHandler = Reg Data - Key not found ->
.vbs [@ = VBSFile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.wsf [@ = WSFFile] -> PersistentHandler = Reg Data - Key not found ->
.wsh [@ = WSHFile] -> PersistentHandler = Reg Data - Key not found ->
< Registry Shell Spawning > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command
batfile [edit] -> %SystemRoot%\System32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
batfile [open] -> "%1" %* ->
batfile [print] -> %SystemRoot%\System32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
chm.file [open] -> "%SystemRoot%\hh.exe" %1 -> Microsoft Corporation [Ver = 5.2.3790.2453 (srv03_sp1_gdr.050525-1542) | Size = 10752 bytes | Modified Date = 27-05-2005 01:22:02 | Attr =    ]
cmdfile [edit] -> %SystemRoot%\System32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
cmdfile [open] -> "%1" %* ->
cmdfile [print] -> %SystemRoot%\System32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
comfile [open] -> "%1" %* ->
cplfile [cplopen] -> rundll32.exe shell32.dll,Control_RunDLL "%1",%* -> Microsoft Corporation [Ver = 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316) | Size = 8465408 bytes | Modified Date = 19-12-2006 22:50:34 | Attr =    ]
exefile [open] -> "%1" %* ->
helpfile [open] -> winhlp32.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 284672 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
hlpfile [open] -> %SystemRoot%\System32\winhlp32.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 8192 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
htafile [open] -> %System32%\mshta.exe "%1" %* -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 29184 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
htmlfile [edit] -> "%ProgramFiles%\Microsoft Office\OFFICE11\msohtmed.exe" %1 -> Microsoft Corporation [Ver = 11.0.5510 | Size = 55360 bytes | Modified Date = 15-07-2003 06:52:56 | Attr =    ]
htmlfile [open] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" -nohome -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
htmlfile [opennew] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" %1 -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
htmlfile [print] -> "%ProgramFiles%\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 -> Microsoft Corporation [Ver = 11.0.5510 | Size = 55360 bytes | Modified Date = 15-07-2003 06:52:56 | Attr =    ]
http [open] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" -nohome -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
https [open] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" -nohome -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
inffile [install] -> %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 33280 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
inffile [open] -> %SystemRoot%\System32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
inffile [print] -> %SystemRoot%\System32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
inifile [open] -> %SystemRoot%\System32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
inifile [print] -> %SystemRoot%\System32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
InternetShortcut [open] -> rundll32.exe shdocvw.dll,OpenURL %l -> Microsoft Corporation [Ver = 6.00.2900.3059 (xpsp_sp2_gdr.070104-0050) | Size = 1494528 bytes | Modified Date = 04-01-2007 14:55:32 | Attr =    ]
InternetShortcut [print] -> rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" -> Microsoft Corporation [Ver = 6.00.2900.3059 (xpsp_sp2_gdr.070104-0050) | Size = 3077632 bytes | Modified Date = 04-01-2007 14:55:20 | Attr =    ]
jsfile [edit] -> %SystemRoot%\System32\Notepad.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
jsfile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
jsfile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
jsefile [edit] -> %SystemRoot%\System32\Notepad.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
jsefile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
jsefile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
piffile [open] -> "%1" %* ->
regfile [edit] -> %SystemRoot%\system32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
regfile [open] -> regedit.exe "%1" -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 150528 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
regfile [merge] -> Reg Data - Key not found ->
regfile [print] -> %SystemRoot%\system32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
scrfile [config] -> "%1" ->
scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 136192 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
scrfile [open] -> "%1" /S ->
txtfile [edit] -> Reg Data - Key not found ->
txtfile [open] -> %SystemRoot%\system32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
txtfile [print] -> %SystemRoot%\system32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
txtfile [printto] -> %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
vbefile [edit] -> %SystemRoot%\System32\Notepad.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
vbefile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
vbefile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
vbsfile [edit] -> %SystemRoot%\System32\Notepad.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
vbsfile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
vbsfile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
wsffile [edit] -> %SystemRoot%\System32\Notepad.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
wsffile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
wsffile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
wshfile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Microsoft Corporation [Ver = 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316) | Size = 8465408 bytes | Modified Date = 19-12-2006 22:50:34 | Attr =    ]
Directory [find] -> %SystemRoot%\Explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1033216 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1033216 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1033216 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
Drive [find] -> %SystemRoot%\Explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1033216 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
Applications\iexplore.exe [open] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" %1 -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
< ActiveX StubPath [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\
{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} ->  ->
{22d6f312-b0f6-11d0-94ab-0080c74c7e95} ->  ->
{2C7339CF-2B09-4501-B3F3-F3508C9228ED} -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ->
{44BBA840-CC51-11CF-AAFA-00AA00B6015C} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ->
{44BBA842-CC51-11CF-AAFA-00AA00B6015B} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ->
{5945c046-1e7d-11d1-bc44-00c04fd912be} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ->
{6BF52A52-394A-11d3-B153-00C04F79FAA6} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub ->
{73FA19D0-2D75-11D2-995D-00C04F98BBC9} ->  ->
{7790769C-0471-11d2-AF11-00C04FA35D02} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ->
{89820200-ECBD-11cf-8B85-00AA005B4340} -> regsvr32.exe /s /n /i:U shell32.dll ->
{89820200-ECBD-11cf-8B85-00AA005B4383} -> %SystemRoot%\system32\ie4uinit.exe ->
{89B4C1CD-B018-4511-B0A1-5476DBF70820} -> C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ->
{8b15971b-5355-4c82-8c07-7e181ea07608} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser ->
{94de52c8-2d59-4f1b-883e-79663d2d9a8c} ->  ->
>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> C:\WINDOWS\inf\unregmp2.exe /ShowWMP ->
>{26923b43-4d38-484f-9b9e-de460746276c} -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE ->
>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -> RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ->
>{881dd1c5-3dcf-431b-b061-f3f88e8be88a} -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ->
< WOW Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW
cmdline -> %SystemRoot%\system32\ntvdm.exe ->
wowcmdline -> %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386 ->
< Session Manager Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
BootExecute -> stera; ->
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKLM] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 20-12-2006 12:55:48 | Attr =    ]
{81559C35-8464-49F7-BB0E-07A383BEF910} [HKLM] -> %ProgramFiles%\SpywareGuard\spywareguard.dll [] ->  [Ver = 2.02 | Size = 126976 bytes | Modified Date = 02-08-2003 23:20:58 | Attr = R  ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL ->  -> File not found
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
< Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. ->  ->
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
0 -> [Key] ->
0 -> FriendlyName = Min aktuelle startside ->
0 -> Source = About:Home ->
0 -> SubscribedURL = About:Home ->
< HOSTS File > (723 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts
127.0.0.1      localhost ->  ->
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://global.acer.com/ ->
HKLM: Main\\Default_Search_URL -> http://www.google.com/ie ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: Search\\Default_Search_URL -> http://www.google.com/ie ->
HKLM: SearchAssistant -> http://www.google.com/ie ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Bar -> http://www.google.com/ie ->
HKCU: Search Page -> http://www.google.com ->
HKCU: Start Page -> http://www.google.dk/ ->
HKCU: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKCU: SearchAssistant -> http://www.google.com/ie ->
HKCU: URLSearchHooks\\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} [HKLM] -> %ProgramFiles%\Macrogaming\SweetIMBarForIE\toolbar.dll [SweetIM For Internet Explorer] -> Macrogaming [Ver = 1, 0, 0, 12 | Size = 552960 bytes | Modified Date = 12-04-2006 11:57:16 | Attr = R  ]
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] ->  ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 6.0.0.2003051500 | Size = 50376 bytes | Modified Date = 15-05-2003 00:47:54 | Attr =    ]
{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} [HKLM] -> %ProgramFiles%\Macrogaming\SweetIMBarForIE\toolbar.dll [SWEETIE Class] -> Macrogaming [Ver = 1, 0, 0, 12 | Size = 552960 bytes | Modified Date = 12-04-2006 11:57:16 | Attr = R  ]
{4A368E80-174F-4872-96B5-0B27DDD11DB2} [HKLM] -> %ProgramFiles%\SpywareGuard\dlprotect.dll [SpywareGuardDLBLOCK.CBrowserHelper] ->  [Ver = 2.02 | Size = 192512 bytes | Modified Date = 02-08-2003 23:24:02 | Attr = R  ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_06\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 184423 bytes | Modified Date = 10-11-2005 13:22:12 | Attr =    ]
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar4.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 19-01-2007 23:55:32 | Attr = R  ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar4.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 19-01-2007 23:55:32 | Attr = R  ]
{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} [HKLM] -> %ProgramFiles%\Macrogaming\SweetIMBarForIE\toolbar.dll [SweetIM For Internet Explorer] -> Macrogaming [Ver = 1, 0, 0, 12 | Size = 552960 bytes | Modified Date = 12-04-2006 11:57:16 | Attr = R  ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar4.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 19-01-2007 23:55:32 | Attr = R  ]
ShellBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} [HKLM] -> %ProgramFiles%\Macrogaming\SweetIMBarForIE\toolbar.dll [SweetIM For Internet Explorer] -> Macrogaming [Ver = 1, 0, 0, 12 | Size = 552960 bytes | Modified Date = 12-04-2006 11:57:16 | Attr = R  ]
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar4.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 19-01-2007 23:55:32 | Attr = R  ]
WebBrowser\\{37B85A29-692B-4205-9CAD-2626E4993404} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} [HKLM] -> %ProgramFiles%\Macrogaming\SweetIMBarForIE\toolbar.dll [SweetIM For Internet Explorer] -> Macrogaming [Ver = 1, 0, 0, 12 | Size = 552960 bytes | Modified Date = 12-04-2006 11:57:16 | Attr = R  ]
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8194 - Sun Java Console ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> 8193 - Reg Data - Value does not exist ->
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8192 - Windows Messenger ->
NextId -> 8195 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_06\bin\npjpi150_06.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 69746 bytes | Modified Date = 10-11-2005 13:22:12 | Attr =    ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_06\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 184423 bytes | Modified Date = 10-11-2005 13:22:12 | Attr =    ]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Opslag] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
&Windows Live Search -> %ProgramFiles%\Windows Live Toolbar\msntb.dll\search.htm -> File not found
E&ksporter til Microsoft Excel ->  -> File not found
Åbn på ny baggrundsfane ->  -> File not found
Åbn på ny forgrundsfane ->  -> File not found
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} [HKLM] -> Reg Data - Key not found [Autoplay for SlideShow] -> File not found
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Proceslinje og menuen Start] -> File not found
{2b45bd21-71f8-4c8c-a87a-7eeb25a1a3e0} [HKLM] -> %System32%\Epm-Po.dll [EPM-PO Shell Extension] -> Acer Labs USA [Ver = 0.01 | Size = 221258 bytes | Modified Date = 01-09-2004 23:57:00 | Attr =    ]
{2F603045-309F-11CF-9774-0020AFD0CFF6} [HKLM] -> %ProgramFiles%\Synaptics\SynTP\SynTPCpl.dll [Synaptics Control Panel] -> Synaptics, Inc. [Ver = 7.13.2 04Feb05 | Size = 5947482 bytes | Modified Date = 04-02-2005 11:04:16 | Attr =    ]
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> Reg Data - Key not found [Kontrolpanel-udvidelse til skærmpanorering] -> File not found
{472083B0-C522-11CF-8763-00608CC02F24} [HKLM] -> %ProgramFiles%\Alwil Software\Avast4\ashShell.dll [avast] -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 69632 bytes | Modified Date = 15-01-2007 18:23:14 | Attr =    ]
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Grænsefladeudvidelser til filkomprimering] -> File not found
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [Brugerkonti] -> File not found
{81559C35-8464-49F7-BB0E-07A383BEF910} [HKLM] -> %ProgramFiles%\SpywareGuard\spywareguard.dll [] ->  [Ver = 2.02 | Size = 126976 bytes | Modified Date = 02-08-2003 23:20:58 | Attr = R  ]
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Kontekstmenu til kryptering] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [HyperTerminal-ikon] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 27-08-2004 05:00:00 | Attr =    ]
{BDA77241-42F6-11d0-85E2-00AA001FE28C} [HKLM] -> Reg Data - Key not found [LDVP Shell Extensions] -> File not found
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{472083B0-C522-11CF-8763-00608CC02F24} [HKLM] -> %ProgramFiles%\Alwil Software\Avast4\ashShell.dll [avast] -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 69632 bytes | Modified Date = 15-01-2007 18:23:14 | Attr =    ]
< ContextMenuHandlers - Directory\Background [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\
{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} [HKLM] -> %System32%\igfxpph.dll [igfxcui] -> Intel Corporation [Ver = 3.0.0.4020 | Size = 225280 bytes | Modified Date = 23-01-2005 10:35:42 | Attr =    ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{472083B0-C522-11CF-8763-00608CC02F24} [HKLM] -> %ProgramFiles%\Alwil Software\Avast4\ashShell.dll [avast] -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 69632 bytes | Modified Date = 15-01-2007 18:23:14 | Attr =    ]
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
SIMBAR Enabled ->  ->
SIMBAR={BB62F399-8E7C-449a-902A-C60769ACA228} ->  ->
SV1 ->  ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{2AA22514-8C66-473F-9EE9-176BAE34A712} ->    (Atheros AR5005G Wireless Network Adapter) ->
{DD57B218-F81C-4926-A4B4-B7504EC924D3} ->    (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
{FDB42221-BB73-45C3-B33C-719BEAFED63A} ->    (Scientific Atlanta WebSTAR 2000 series Cable Modem) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
cetihpz -> %ProgramFiles%\HP\hpcoretech\comp\hpuiprot.dll -> Hewlett-Packard Company [Ver = 2.1.5 | Size = 81920 bytes | Modified Date = 12-05-2004 15:18:56 | Attr =    ]
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -> Office Update Installation Engine - CodeBase = http://office.microsoft.com/officeupdate/content/opuc3.cab ->
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> MSN Photo Upload Tool - CodeBase = http://evahamborg.spaces.live.com//PhotoUpload/MsnPUpld.cab ->
{5ED80217-570B-4DA9-BF44-BE107C0EC166} -> Windows Live Safety Center Base Module - CodeBase = http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab ->
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} ->  - CodeBase = http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab ->
Microsoft XML Parser for Java ->  - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab ->


[Files - Created Within 30 days]
eMule0.47c-Installer.exe -> %SystemDrive%\eMule0.47c-Installer.exe ->  [Ver =  | Size = 3534076 bytes | Created Date = 03-03-2007 17:01:56 | Attr =    ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 258461696 bytes | Created Date = 02-01-1601 23:00:00 | Attr =  HS]
Heidi.doc -> %UserDocuments%\Heidi.doc ->  [Ver =  | Size = 22016 bytes | Created Date = 07-03-2007 15:54:56 | Attr =    ]
hijackthis.exe -> %UserDesktop%\hijackthis.exe -> Soeperman Enterprises Ltd. [Ver = 1.99.0001 | Size = 218112 bytes | Created Date = 07-03-2007 11:03:10 | Attr =    ]
about blank.doc -> %UserDesktop%\about blank.doc ->  [Ver =  | Size = 30208 bytes | Created Date = 07-03-2007 14:08:40 | Attr =    ]
AboutBuster.zip -> %UserDesktop%\AboutBuster.zip ->  [Ver =  | Size = 39103 bytes | Created Date = 07-03-2007 14:31:54 | Attr =    ]
rootchk.exe -> %UserDesktop%\rootchk.exe ->  [Ver =  | Size = 257392 bytes | Created Date = 07-03-2007 15:50:57 | Attr =    ]
drweb-cureit.exe -> %UserDesktop%\drweb-cureit.exe ->  [Ver =  | Size = 5821400 bytes | Created Date = 07-03-2007 15:52:14 | Attr =    ]
winpfind3u.exe -> %UserDesktop%\winpfind3u.exe ->  [Ver =  | Size = 344532 bytes | Created Date = 08-03-2007 11:44:53 | Attr =    ]
SpywareGuard.lnk -> %UserStartup%\SpywareGuard.lnk ->  [Ver =  | Size = 543 bytes | Created Date = 06-03-2007 16:59:43 | Attr =    ]
choice.exe -> %SystemRoot%\choice.exe ->  [Ver =  | Size = 21312 bytes | Created Date = 06-03-2007 16:57:13 | Attr =    ]
HP_48BitScanUpdatePatch.ini -> %SystemRoot%\HP_48BitScanUpdatePatch.ini ->  [Ver =  | Size = 214 bytes | Created Date = 15-02-2007 10:47:36 | Attr =    ]
ltkrn13n.dll -> %System32%\ltkrn13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 462848 bytes | Created Date = 14-02-2007 14:46:47 | Attr =    ]
ltfil13n.dll -> %System32%\ltfil13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 163840 bytes | Created Date = 14-02-2007 14:46:47 | Attr =    ]
ltdis13n.dll -> %System32%\ltdis13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 299008 bytes | Created Date = 14-02-2007 14:46:48 | Attr =    ]
ltimg13n.dll -> %System32%\ltimg13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 450560 bytes | Created Date = 14-02-2007 14:46:48 | Attr =    ]
lfbmp13n.dll -> %System32%\lfbmp13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 57344 bytes | Created Date = 14-02-2007 14:46:48 | Attr =    ]
actskin4.ocx -> %System32%\actskin4.ocx ->  [Ver = 4, 2, 7, 3 | Size = 380928 bytes | Created Date = 06-03-2007 11:08:15 | Attr =    ]
AVASTSS.scr -> %System32%\AVASTSS.scr -> ALWIL Software [Ver = 4, 7, 936, 0 | Size = 90112 bytes | Created Date = 06-03-2007 11:08:15 | Attr =    ]
lfcmp13n.dll -> %System32%\lfcmp13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 401408 bytes | Created Date = 14-02-2007 14:46:48 | Attr =    ]
aswBoot.exe -> %System32%\aswBoot.exe ->  [Ver = 4, 7, 936, 0 | Size = 689280 bytes | Created Date = 06-03-2007 11:08:15 | Attr =    ]
ltefx13n.dll -> %System32%\ltefx13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.068 | Size = 206336 bytes | Created Date = 14-02-2007 14:46:48 | Attr =    ]
lfgif13n.dll -> %System32%\lfgif13n.dll -> LEAD Technologies, Inc. [Ver = 13.0.0.084 | Size = 69632 bytes | Created Date = 14-02-2007 14:46:50 | Attr =    ]
aswmon.sys -> %System32%\drivers\aswmon.sys -> ALWIL Software [Ver = 4.7.892.0 | Size = 85952 bytes | Created Date = 06-03-2007 11:08:23 | Attr =    ]
aswmon2.sys -> %System32%\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.892.0 | Size = 94424 bytes | Created Date = 06-03-2007 11:08:23 | Attr =    ]
aavmker4.sys -> %System32%\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.892.0 | Size = 31560 bytes | Created Date = 06-03-2007 11:08:28 | Attr =    ]
aswTdi.sys -> %System32%\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.936.0 | Size = 43176 bytes | Created Date = 06-03-2007 11:08:28 | Attr =    ]
aswRdr.sys -> %System32%\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.936.0 | Size = 23352 bytes | Created Date = 06-03-2007 11:08:28 | Attr =    ]

[Files - Modified Within 30 days]
eMule0.47c-Installer.exe -> %SystemDrive%\eMule0.47c-Installer.exe ->  [Ver =  | Size = 3534076 bytes | Modified Date = 09-02-2007 10:02:38 | Attr =    ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 258461696 bytes | Modified Date = 08-03-2007 11:36:54 | Attr =  HS]
sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm ->  [Ver =  | Size = 244 bytes | Modified Date = 12-02-2007 14:07:42 | Attr =  H ]
sqmnoopt02.sqm -> %SystemDrive%\sqmnoopt02.sqm ->  [Ver =  | Size = 244 bytes | Modified Date = 13-02-2007 19:37:26 | Attr =  H ]
sqmnoopt03.sqm -> %SystemDrive%\sqmnoopt03.sqm ->  [Ver =  | Size = 244 bytes | Modified Date = 15-02-2007 21:29:56 | Attr =  H ]
sqmnoopt04.sqm -> %SystemDrive%\sqmnoopt04.sqm ->  [Ver =  | Size = 244 bytes | Modified Date = 15-02-2007 23:20:00 | Attr =  H ]
sqmdata01.sqm -> %SystemDrive%\sqmdata01.sqm ->  [Ver =  | Size = 268 bytes | Modified Date = 12-02-2007 14:07:42 | Attr =  H ]
sqmdata02.sqm -> %SystemDrive%\sqmdata02.sqm ->  [Ver =  | Size = 268 bytes | Modified Date = 13-02-2007 19:37:26 | Attr =  H ]
sqmdata03.sqm -> %SystemDrive%\sqmdata03.sqm ->  [Ver =  | Size = 268 bytes | Modified Date = 15-02-2007 21:29:56 | Attr =  H ]
sqmdata04.sqm -> %SystemDrive%\sqmdata04.sqm ->  [Ver =  | Size = 268 bytes | Modified Date = 15-02-2007 23:20:02 | Attr =  H ]
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ->  [Ver =  | Size = 8704 bytes | Modified Date = 25-02-2007 21:13:08 | Attr =    ]
Heidi.doc -> %UserDocuments%\Heidi.doc ->  [Ver =  | Size = 22016 bytes | Modified Date = 07-03-2007 15:54:58 | Attr =    ]
hijackthis.exe -> %UserDesktop%\hijackthis.exe -> Soeperman Enterprises Ltd. [Ver = 1.99.0001 | Size = 218112 bytes | Modified Date = 07-03-2007 11:03:12 | Attr =    ]
about blank.doc -> %UserDesktop%\about blank.doc ->  [Ver =  | Size = 30208 bytes | Modified Date = 07-03-2007 14:08:42 | Attr =    ]
AboutBuster.zip -> %UserDesktop%\AboutBuster.zip ->  [Ver =  | Size = 39103 bytes | Modified Date = 07-03-2007 14:31:52 | Attr =    ]
rootchk.exe -> %UserDesktop%\rootchk.exe ->  [Ver =  | Size = 257392 bytes | Modified Date = 07-03-2007 15:51:00 | Attr =    ]
drweb-cureit.exe -> %UserDesktop%\drweb-cureit.exe ->  [Ver =  | Size = 5821400 bytes | Modified Date = 07-03-2007 15:52:16 | Attr =    ]
winpfind3u.exe -> %UserDesktop%\winpfind3u.exe ->  [Ver =  | Size = 344532 bytes | Modified Date = 08-03-2007 11:45:00 | Attr =    ]
SpywareGuard.lnk -> %UserStartup%\SpywareGuard.lnk ->  [Ver =  | Size = 543 bytes | Modified Date = 06-03-2007 16:59:44 | Attr =    ]
imsins.BAK -> %SystemRoot%\imsins.BAK ->  [Ver =  | Size = 1374 bytes | Modified Date = 14-02-2007 23:42:46 | Attr =    ]
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Modified Date = 08-03-2007 11:36:56 | Attr =  S]
ComponentList.xml -> %SystemRoot%\ComponentList.xml ->  [Ver =  | Size = 97 bytes | Modified Date = 08-03-2007 11:37:54 | Attr =    ]
HP_48BitScanUpdatePatch.ini -> %SystemRoot%\HP_48BitScanUpdatePatch.ini ->  [Ver =  | Size = 214 bytes | Modified Date = 15-02-2007 10:47:38 | Attr =    ]
wpa.dbl -> %System32%\wpa.dbl ->  [Ver =  | Size = 1158 bytes | Modified Date = 08-03-2007 11:39:00 | Attr =    ]
perfc009.dat -> %System32%\perfc009.dat ->  [Ver =  | Size = 54614 bytes | Modified Date = 24-02-2007 23:27:18 | Attr =    ]
perfh009.dat -> %System32%\perfh009.dat ->  [Ver =  | Size = 384930 bytes | Modified Date = 24-02-2007 23:27:18 | Attr =    ]
perfc006.dat -> %System32%\perfc006.dat ->  [Ver =  | Size = 64610 bytes | Modified Date = 24-02-2007 23:27:18 | Attr =    ]
perfh006.dat -> %System32%\perfh006.dat ->  [Ver =  | Size = 399716 bytes | Modified Date = 24-02-2007 23:27:18 | Attr =    ]
eRLog.ini -> %System32%\eRLog.ini ->  [Ver =  | Size = 0 bytes | Modified Date = 08-03-2007 11:39:24 | Attr =    ]
CONFIG.NT -> %System32%\CONFIG.NT ->  [Ver =  | Size = 2709 bytes | Modified Date = 06-03-2007 18:05:54 | Attr =    ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI ->  [Ver =  | Size = 890248 bytes | Modified Date = 24-02-2007 23:27:18 | Attr =    ]

< End of report >
Avatar billede ejvindh Ekspert
08. marts 2007 - 12:27 #12
-- Gå ind i kontrolpanel-tilføj/fjern programmer, og se om du kan få lov til at afinstallere følgende programmer:
SweetIM
Emule

-- Kør så WinPFind3U fra WinPFind3U-mappen igen. Kopier indholdet mellem de bølgede linier ind i det hvide felt til højre (højreklik på feltet og vælg "sæt ind"/"paste"):

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[Kill Explorer]
[Registry - Non-Microsoft Only]
< Disabled MSConfig Registry Items [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\
YY -> SweetIM -> %ProgramFiles%\Macrogaming\SweetIM\SweetIM.exe
YN -> zango -> Reg Data - Value does not exist
< Session Manager Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
YN -> BootExecute -> stera;
< Internet Explorer Settings > ->
YY -> HKCU: URLSearchHooks\\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} [HKLM] -> %ProgramFiles%\Macrogaming\SweetIMBarForIE\toolbar.dll [SweetIM For Internet Explorer]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
YY -> {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} [HKLM] -> %ProgramFiles%\Macrogaming\SweetIMBarForIE\toolbar.dll [SweetIM For Internet Explorer]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YY -> ShellBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} [HKLM] -> %ProgramFiles%\Macrogaming\SweetIMBarForIE\toolbar.dll [SweetIM For Internet Explorer]
YY -> WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} [HKLM] -> %ProgramFiles%\Macrogaming\SweetIMBarForIE\toolbar.dll [SweetIM For Internet Explorer]
[Files - Created Within 30 days]
NY -> eMule0.47c-Installer.exe -> %SystemDrive%\eMule0.47c-Installer.exe
[Start Explorer]
[Reboot]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Klik herefter på "Run Fix", og følg instruksionerne, der gives. Din computer vil nu genstarte. Efter genstart skal du åbne WinPFindu-mappen igen. Her vil nu ligge en log, hvis navn består af en masse numre - den skal du kopiere herind. Du behøver i første omgang ikke lægge en ny log fra Winpfind3u herind.

-- Skriv også gerne om det har hjulpet.
Avatar billede rigtigebuko Nybegynder
08. marts 2007 - 13:27 #13
Explorer killed successfully
[Registry - Non-Microsoft Only]
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM deleted successfully.
File  not found.
File C:\Programmer\Macrogaming\SweetIM\SweetIM.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\zango deleted successfully.
File  not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\BootExecute not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} not found.
File C:\Programmer\Macrogaming\SweetIMBarForIE\toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar\\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} not found.
File C:\Programmer\Macrogaming\SweetIMBarForIE\toolbar.dll not found.
File C:\Programmer\Macrogaming\SweetIMBarForIE\toolbar.dll not found.
File C:\Programmer\Macrogaming\SweetIMBarForIE\toolbar.dll not found.
[Files - Created Within 30 days]
C:\eMule0.47c-Installer.exe moved successfully.
< End of log >
Created on 03-08-2007 12:57:48



About:blank siden der kom når der blev lukket et vindue i IE er forsvundet... Lækkert, TAK for hjælpen ;)

Men de automatiske opdateringer mislykkedes stadig. Jeg kan ikke hente opdateringer til SuperAntiSpyware... Og computeren er stadig ekstrem langsom...
Avatar billede rigtigebuko Nybegynder
08. marts 2007 - 13:31 #14
Det lykkedes alligevel at hente opdateringer til SuperAntiSpyware :)
Avatar billede rigtigebuko Nybegynder
08. marts 2007 - 14:42 #15
Hvis det kan hjælpe, så er det følgende opdateringer, der mislykkedes...


Opdateringer med høj prioritet
Microsoft Windows XP



Windows Internet Explorer 7.0 til Windows XP
Overførselsstørrelse: 14.1 MB , mindre end 1 minut
Denne gratis opgradering til Internet Explorer til kunder med ægte kopier af Windows, tilbyder forbedringer, f.eks.: udvidet sikkerhed, der hjælper med at beskytte dig mod skadelig software og svindelwebsteder, et mere overskueligt udseende, herunder faner til søgning på flere sider i ét vindue, funktioner, der gør hverdagsopgaver, f.eks. udskrivning og søgning på internettet, meget lettere. Med denne opgradering bevares den aktuelle startside, indstillingerne for søgning, de foretrukne elementer (nu kaldet favoritter) og kompatible værktøjslinjer. Opgraderingen kan fjernes, hvis du ønsker det.  Detaljer...

Microsoft Office 2003



Sikkerhedsopdatering til Office 2003 (KB920813)
Overførselsstørrelse: 0 KB , 0 minutter  (Hentet. Klar til installation) 
Microsoft har udgivet en sikkerhedsopdatering til Microsoft Office 2003. Opdateringen løser et problem, som gjorde det muligt at køre skadelig kode. Opdateringen kan også indeholde andre programrettelser.  Detaljer...


Sikkerhedsopdatering til Office 2003 (KB929064)
Overførselsstørrelse: 0 KB , 0 minutter  (Hentet. Klar til installation) 
Der findes et sikkerhedsproblem i Microsoft Office 2003, som kan gøre det muligt at køre vilkårlig kode, når en fil, der indeholder skadelig kode, åbnes. Denne opdatering løser dette problem.  Detaljer...


Sikkerhedsopdatering til Word 2003 (KB929057)
Overførselsstørrelse: 0 KB , 0 minutter  (Hentet. Klar til installation) 
Der findes et sikkerhedsproblem i Microsoft Office Word 2003, som kan gøre det muligt at køre vilkårlig kode, når en fil, der indeholder skadelig kode, åbnes. Denne opdatering løser dette problem.  Detaljer...


Opdatering til Excel 2003 (KB929058)
Overførselsstørrelse: 0 KB , 0 minutter  (Hentet. Klar til installation) 
Microsoft har udgivet en opdatering til Microsoft Office Excel 2003. Når du redigerer en Microsoft Office Excel 2007-projektmappe, som er gemt på et SharePoint Portal Server-websted eller et Windows SharePoint Services-websted, gemmes ændringerne ikke.  Detaljer...


Opdatering til Office 2003 (KB925251)
Overførselsstørrelse: 0 KB , 0 minutter  (Hentet. Klar til installation) 
Microsoft har udgivet en opdatering til Microsoft Office 2003. Opdateringen omhandler ændringen til euro som den nationale valuta i Slovenien.  Detaljer...


Opdatering til Outlook 2003-filteret mod uønsket e-mail (KB924885)
Overførselsstørrelse: 0 KB , 0 minutter  (Hentet. Klar til installation) 
Denne opdatering opdaterer filteret mod uønsket e-mail til Microsoft Office Outlook 2003 med en mere aktuel definition af, hvilke e-mails der skal betragtes som uønskede. Opdateringen blev udgivet i februar 2007.  Detaljer...


Opdatering til PowerPoint 2003 (KB929060)
Overførselsstørrelse: 0 KB , 0 minutter  (Hentet. Klar til installation) 
Microsoft har udgivet en opdatering til Microsoft Office PowerPoint 2003. Når du redigerer en Microsoft Office PowerPoint 2007-præsentation, som er gemt på et SharePoint Portal Server-websted eller et Windows SharePoint Services-websted, gemmes ændringerne ikke.  Detaljer...


Sikkerhedsopdatering til Outlook 2003 (KB924085)
Overførselsstørrelse: 0 KB , 0 minutter  (Hentet. Klar til installation) 
Denne opdatering løser et sikkerhedsproblem i Microsoft Office Outlook 2003, som kan gøre det muligt for en fjernbruger at køre kode på en computer, der kører Outlook 2003.  Detaljer...


Sikkerhedsopdatering til Office 2003 (KB924424)
Overførselsstørrelse: 0 KB , 0 minutter  (Hentet. Klar til installation) 
Der findes et sikkerhedsproblem i Microsoft Office 2003, som kan medføre afsløring af oplysninger. Denne opdatering løser dette problem.  Detaljer...


Opdatering til Office 2003 Proofing Tools (KB924886)
Overførselsstørrelse: 0 KB , 0 minutter  (Hentet. Klar til installation) 
Microsoft har udgivet en opdatering til stavekontrollen i Microsoft Office 2003. Denne opdatering forbedrer proceduren for, hvordan Office 2003-programmer finder og retter fejl i dokumenter på tysk.  Detaljer...


Opdatering til Office 2003 (KB919029)
Overførselsstørrelse: 0 KB , 0 minutter  (Hentet. Klar til installation) 
Microsoft har udgivet en opdatering til Microsoft Office 2003, som løser et problem i plug-in-programmet til oprydning i den lokale cache i guiden Diskoprydning. Nogle Office 2003-installationsfiler slettes fra den lokale installationskilde, selvom brugeren ikke anmoder om det.  Detaljer...


Opdatering til Office 2003 (KB923097)
Overførselsstørrelse: 0 KB , 0 minutter  (Hentet. Klar til installation) 
Microsoft har udgivet en opdatering til Microsoft Office 2003. Opdateringen indeholder den struktur, som SharePoint Team Services skal bruge til at åbne og gemme filer ved hjælp af det åbne XML-filformat, som er en nyhed i 2007-versionen af Microsoft Office System.  Detaljer...


Sikkerhedsopdatering til Publisher 2003 (KB894542)
Overførselsstørrelse: 0 KB , 0 minutter  (Hentet. Klar til installation) 
Der findes et sikkerhedsproblem i Microsoft Office Publisher 2003, som kan gøre det muligt at køre vilkårlig kode, når du åbner et dokument, som indeholder skadelig kode. Denne opdatering løser problemet, så Publisher 2003-dokumenter behandles korrekt.  Detaljer...


Opdatering til InfoPath 2003 (KB920103)
Overførselsstørrelse: 0 KB , 0 minutter  (Hentet. Klar til installation) 
Microsoft har udgivet en opdatering til Microsoft Office InfoPath 2003. Denne opdatering indeholder de seneste rettelser til InfoPath 2003. Opdateringen indeholder desuden stabilitets- og ydeevneforbedringer.  Detaljer...


Sikkerhedsopdatering til Office 2003 (KB914455)
Overførselsstørrelse: 0 KB , 0 minutter  (Hentet. Klar til installation) 
Der findes et sikkerhedsproblem i Microsoft Office 2003, Microsoft Office Project 2003 og Microsoft Office OneNote 2003, som kan gøre det muligt for en hacker at køre vilkårlig kode på en brugers system. Denne opdatering løser dette problem.  Detaljer...


Opdatering til Office 2003 (KB907417)
Avatar billede ejvindh Ekspert
08. marts 2007 - 19:15 #16
Jeg tror du skal prøve at køre en scanning for rootkits:

Download Gmer-rootkit scanner, og pak den ud til skrivebordet:
http://www.young-andersen.dk/gamer/gamer.zip
Start med at omdøbe programmet gmer.exe (fx til abc.exe). Kør programmet, klik på fanebladet "Rootkit", og klik på "Scan". Imens der scannes, er det vigtigt at du ikke bruger computeren til andre ting. Du bør heller ikke klikke på andre ting i Gmer-scanneren. Når scanningen er færdig, skal du klikke på "Copy". Så dukker et vindue op, som fortæller at resultatet af rootkit-scanningen er blevet lagt ind i udklipsholderen. Du kan herefter gå ind i denne tråd, og kopiere indholdet herind, ved at stille dig i indtastningsfeltet, og trykke ctrl-v.
Avatar billede rigtigebuko Nybegynder
13. marts 2007 - 10:32 #17
Gmer fandt ingenting... Så nu har jeg slettet Office og geninstallerer det...
Avatar billede ejvindh Ekspert
13. marts 2007 - 13:11 #18
Ok, har det så hjulpet på opdaterings-problemet?
Avatar billede rigtigebuko Nybegynder
14. marts 2007 - 08:18 #19
Jeps, nu kan vi opdatere igen :) Min veninde er tilfreds :) Jeg synes dog stadig den er meget langsom i opstarten...
Avatar billede ejvindh Ekspert
14. marts 2007 - 11:41 #20
For at optimere computeren kan du evt. køre denne checkliste igennem:

1. Prøv at downloade og installere Ccleaner herfra:
http://www.ccleaner.com/

Kør en rensnings-procedure med programmet -- både under "Renser" og "Problemer" menuerne i programmet. Lad den fjerne alt hvad den finder. Genstart, og se om det har hjulpet.

2. Prøv at defragmentere din HD: Dobbeltklik på Denne Computer, højreklik på din HD, vælg Egenskaber-Funktioner-Defragmenter nu, og kør en defragmentering. Det kan godt tage lang tid. Genstart, og se om det har hjulpet.

3. Prøv et sfc-scan: Klik på Start=>Kør skriv: SFC /scannow  (husk mellemrum mellem SFC og /scannow)
Din windows skive skal sidde i drevet. Den tjekker og reparer dine systemfiler.

4. Prøv en repair: http://www.hcma.dk/tips1to10.htm#no4
Efter en repair er det vigtigt at gå ind og få opdateret windows-styresystemet (da styresystemet føres tilbage til det niveau som findes på din installations-skive):
http://windowsupdate.microsoft.com/

Genstart, og se om det har hjulpet.


5. Klik på start-kør, skriv devmgmt.msc og klik på OK.

Så åbner enhedshåndteringen. Klik på +-tegnet ud for "IDE ATA/ATAPI-controllere", og højreklik på "Primær IDE-kanal", og vælg Egenskaber. Klik på fanebladet "Avancerede indstillinger". Hvis der står "Kun PIO" ved overførsels-tilstanden, ved nogle af enhederne, kan det være årsagen til en langsom computer. Du kan prøve at ændre dette på 2 måder:

a. Prøv først at lave om på dette ved at skifte til "DMA, hvis den er tilgængelig", klik på OK, og genstart computeren. Hjalp det?

b. Hvis nej, så prøv igen at gå ind i enhedshåndteringen, Klik på +-tegnet ud for "IDE ATA/ATAPI-controllere", og højreklik på "Primær IDE-kanal", og vælg Egenskaber. Klik på fanebladet "Driver", og klik på fjern. Når processen er færdig skal du genstarte computeren, hvorved styresystemet nyinstallerer din HD, og giver den standard-indstillingerne.


6. Endelig er der også nogle forslag på dette link, som du kan afprøve:
http://www.spywareinfo.dk/index.htm#/tip-og-tricks/langsom-op-og-nedlukning-xp.htm



For at forhindre gentagelser, vil jeg anbefale dig at lægge nogle små programmer ind, som forhindrer spyware i at komme ind i første omgang. Du finder links og gode råd her:
http://www.spywarefri.dk/manualer/sikkerhedspakke.htm

Jeg vil også foreslå, at du læser disse artikler om hvordan du kan undgå at blive inficeret i fremtiden:
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=14414
http://www.ejvindh.net/viewtopic.php?t=37
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester