Just nu i M3-nätverket
Gå till innehåll
Eforum är stängt för nya inlägg och svar sedan 20 juni 2022. Klicka för att läsa vad som hände och om alternativ.

LÅNG tid att starta datorn!

Grdic

Startad av Grdic,
i Windows XP

Rekommendera Poster

Grdic

Grdic

Postad
Postad

Hej!

 

Min dator är otroligt seg och tar över 8 minuter att starta, (från att jag startar den till att jag är inne på skrivbordet och kan börja använda datorn).

 

Datorn är av modellen HP Pavilion zd8000 med följande system:

Windows XP Home Edition

Version 2002

Service Pack 2

 

Intel Pentium 4 CPU 3.20 GHz

3.19 GHz, 1.00 GB RAM

 

Jag har vidtagit följande åtgärder:

 

*Rensat datorn på 1GB onödiga filer m.m. med hjälp av CCleaner

*Tagit bort Norton Security 2005 paketet med Symantecs egna avinstallationsverktyg och bytit ut det mot NOD32 antivirus

*Scannat efter spyware, malware etc. med Ad-aware 2008

*Scannat datorn efter virus med NOD32

*Scannat datorn efter virus med hjälp av Trend Micro HouseCall Online, både i normalt och felsäkert läge

*Defragmenterat datorn och "optimerat processorn" med Smart defrag

*HELT tagit bort alla program som jag tror mig ej behöva med Revo Uninstaller

*Gått igenom alla processer i Aktivitetshanteraren och inaktiverat de jag inte tror mig behöva via Start>Kör>service.msc

 

Trots dessa åtgärder tar det alltså fortfarande över 8 minuter att starta datorn och komma till skrivbordet i Windows XP.

 

Jag har inte fått några blåskärmar efter detta (peppar peppar), men det har inte gått ett dygn än så det är för tidigt att säga om just det problemet är åtgärdat.

 

Jag hoppas verkligen att någon kan hjälpa mig.

 

Tack på förhand!

 

[inlägget ändrat 2008-12-09 01:39:22 av Grdic]

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Det kan vara lämpligt att kolla hårddiskens överföringsläge om den är PATA-ansluten och inte SATA-ansluten.

Högerklick på Den här datorn - Hantera - Enhetshanteraren - IDE ATA/ATAPI-styrenheter - Primär IDE-kanal - Avancerade inställningar

Vad står det för Aktuellt överföringsläge för hårddisken?

Det ska normalt vara Ultra DMA Mode 5 om det ska gå med full hastighet.

 

Om de står i PIO-mode eller fel DMA-mod så har Microsoft tänkt sig att du får tillbaks hårddisken i rätt DMA-mod så här:

http://support.microsoft.com/kb/817472

Avsnittet Workaround

 

 

Länk till kommentar
Dela på andra webbplatser
Grdic

Grdic

Postad
  • Trådskapare
Postad

Hej Cecilia,

 

Tack för det snabba svaret.

 

På "Enhet 0" står det Ultra DMA Mode 5.

Men på "Enhet 1" står det Multi-Word DMA Mode 2

 

Innebär det att jag ska testa och köra avsnittet Workaround i länken som du skickade?

 

Tack än en gång!

 

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad
Men på "Enhet 1" står det Multi-Word DMA Mode 2

 

Innebär det att jag ska testa och köra avsnittet Workaround i länken som du skickade?

Mode 2 är normalt för CD/DVD-enheter. Om du bara har en hårddisk så lär Enhet 1 vara CD/DVD-enheten, men om du har två hårddiskar så.

 

Länk till kommentar
Dela på andra webbplatser
Grdic

Grdic

Postad
  • Trådskapare
Postad

Jag har enbart en hårddisk i datorn så då antar jag att enhet 1 är min CD/DVD-enhet.

 

Jag läste artikeln som du länkade till och som jag förstår det så återskapar datorn vid omstarten automatiskt det man avinstallerar.

Men finns det nån risk med att göra detta?

Jag kan ju alltid försöka men då det troligtvis är min CD/DVD-enhet som har DMA Mode 2 så borde det inte göra någon skillnad, eller?

 

Finns det andra åtgärder som jag kan vidta?

 

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Då verkar det onödigt att göra det som Microsoft föreslog.

 

Är RAM-mängden det som Windows rapporterar eller det som du har stoppat in?

 

Vi kan se om HijackThis visar något. Ladda ner från en av länkarna:

http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html

Installera, starta och välj "Do a system scan and save a logfile", kopiera loggen som kommer upp (inget annat).

 

I ditt svar bifogar du HijackThis-loggen på detta sätt:

Tryck på LOG-knappen i Besvara-fönstret

Klistra in loggen

Tryck igen på LOG-knappen

 

Länk till kommentar
Dela på andra webbplatser
Grdic

Grdic

Postad
  • Trådskapare
Postad
Är RAM-mängden det som Windows rapporterar eller det som du har stoppat in?

 

Här tappade du mig, vet inte vad du menar :)

 

Här kommer HijackThis-loggen iaf;

 

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:03:36, on 2008-12-09

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\Program\SystemOK\BackOnTrack\BOTCbs.exe

C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe

C:\Program\Eset\nod32krn.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Synaptics\SynTP\SynTPLpr.exe

C:\Program\Synaptics\SynTP\SynTPEnh.exe

C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program\HPQ\Quick Launch Buttons\EabServr.exe

C:\Program\Java\jre1.6.0_07\bin\jusched.exe

C:\Program\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

C:\Program\SystemOK\BackOnTrack\BOTTray.exe

C:\Program\Hp\HP Software Update\HPWuSchd2.exe

C:\Program\iTunes\iTunesHelper.exe

C:\Program\Eset\nod32kui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\WIDCOMM\Bluetooth-programvara\BTTray.exe

C:\Program\Personal\bin\Personal.exe

C:\Program\WIDCOMM\BLUETO~1\BTSTAC~1.EXE

C:\Program\HPQ\shared\hpqwmi.exe

C:\Program\iPod\bin\iPodService.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Delade filer\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

C:\Program\Windows Live\Messenger\msnmsgr.exe

C:\Program\Adobe\Reader 8.0\Reader\AcroRd32.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q305&bd=pavilion&pf=laptop

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idg.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [synTPLpr] C:\Program\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [Cpqset] C:\Program\HPQ\Default Settings\cpqset.exe

O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program\HPQ\Quick Launch Buttons\EabServr.exe /Start

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

O4 - HKLM\..\Run: [bOTTray] "C:\Program\SystemOK\BackOnTrack\BOTTray.exe"

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [uSB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController

O4 - HKLM\..\Run: [babylon Client] C:\Program\Babylon\Babylon-Pro\Babylon.exe -AutoStart

O4 - HKLM\..\Run: [HP Software Update] C:\Program\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [nod32kui] "C:\Program\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1

O4 - HKCU\..\Policies\Explorer\Run: [NTSpool] NTSpool.exe

O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program\Picasa2\PicasaMediaDetector.exe (User 'Default user')

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://F:\Office\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Skicka till &Bluetooth - C:\Program\WIDCOMM\Bluetooth-programvara\btsendto_ie_ctx.htm

O8 - Extra context menu item: Translate with &Babylon - res://C:\Program\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework/control/en-US/activex/TmHcmsX.CAB

O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} - http://www.pixaco.se/static/download/pixacodndupload.cab

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.nattstad.se/ImageUploader4.cab

O16 - DPF: {73809B3B-F06D-4DB3-8A36-0DEF36FAB39B} (AKFileUploadCtrl Class) - http://system.arkitektkopia.se/LOGIN/Customer/AKFileUpload.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {E505599B-F37A-4849-A7B0-E0AAB5CB054C} (ScriptPlayerRuntime Class) - https://gfs.nb.se/privat/bank/scripts/eid/NordeaSmartCard.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: {75DC891D-D4CB-48f7-BDD1-C1E56C64250E} - C:\Program\SystemOK\BACKON~1\botwlnp.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Automatisk LiveUpdate-schemaläggare - Unknown owner - C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: BackOnTrack Callback Service (BOTCbs) - SystemOK AB - C:\Program\SystemOK\BackOnTrack\BOTCbs.exe

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe

O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program\HPQ\shared\hpqwmi.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe

O23 - Service: NMIndexingService - Unknown owner - C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program\Eset\nod32krn.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe

 

--

End of file - 8783 bytes

[/log]

 

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Datorn ser ut att vara infekterad, eller om det kanske bara är en rest efter en infektion, vi får se.

 

Ladda ner MSNFix till Skrivbordet.

http://sosvirus.changelog.fr/MSNFix.zip

Starta om datorn i felsäkert läge (tryck F8 upprepade gånger under uppstarten och välj felsäkert läge i menyn).

Packa upp filen så att en ny mapp skapas.

Öppna den nya mappen och starta MSNFix.bat genom att dubbelklicka på den (XP), högerklicka och välja Kör som administratör (Vista).

Välj språk genom att trycka på motsvarande bokstav och sedan Enter.

Tryck R och Enter för att starta skanningen.

Om något hittas så tryck på valfri tangent för att starta borttagningen.

Ibland så kommer det upp ett meddelande om att starta om datorn, gör det i så fall.

Klistra in loggen som kommer upp i ditt svar här.

Om den inte kommer upp så hittar du den i den i C:\Windows och den heter msnfix.txt.

Klistra in en ny HijackThis-logg också.

 

Länk till kommentar
Dela på andra webbplatser
Grdic

Grdic

Postad
  • Trådskapare
Postad

Jag följde dina instruktioner.

 

NOD32 gav utslag på MSNFix.zip när jag skulle ladda ner den. (se bifogad bild).

 

Det verkade först inte som att datorn ville starta i felsäkert läge, det tog längre tid än vanligt. På tredje försöket gick det, då i felsäkert läge med nätverksanslutning.

 

MSNFixen verkade inte hitta några virus.

MSNFix-loggen;

 

[log]MSNFix 1.749

 

C:\Documents and Settings\HP_Žgaren\Skrivbord\MSNFix\MSNFix

Sokningen var klar pa 2008-12-09 - 18:24:36,98 By HP_Žgaren

Felsakert lage

 

************************ Kollar filer

 

Inga Filer Funna

 

************************ Kollar mappar

 

Inga Mappar Funna

 

 

 

 

************************ Hostsclean

 

Cleanhosts v 0.1.0.7 By Laurent

 

-- Backup : C:\WINDOWS\system32\drivers\etc\hosts-20081209182745

-- original size 0.69 Kb / 18 lines

-- Start cleaning Hosts file ....

 

 

 

-- final size 0.69 Kb / 18 lines

-- entry Found : 0 / Entry check : 310

 

End .............................. 48.19 Secondes

[/log]

 

Ny HiJack-logg:

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:46:10, on 2008-12-09

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\Program\SystemOK\BackOnTrack\BOTCbs.exe

C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe

C:\Program\Eset\nod32krn.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program\SystemOK\BackOnTrack\UpdateBackOnTrack.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Synaptics\SynTP\SynTPLpr.exe

C:\Program\Synaptics\SynTP\SynTPEnh.exe

C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program\HPQ\Quick Launch Buttons\EabServr.exe

C:\Program\Java\jre1.6.0_07\bin\jusched.exe

C:\Program\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

C:\Program\SystemOK\BackOnTrack\BOTTray.exe

C:\Program\Hp\HP Software Update\HPWuSchd2.exe

C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe

C:\Program\iTunes\iTunesHelper.exe

C:\Program\Eset\nod32kui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\WIDCOMM\Bluetooth-programvara\BTTray.exe

C:\Program\Personal\bin\Personal.exe

C:\Program\HPQ\shared\hpqwmi.exe

C:\Program\WIDCOMM\BLUETO~1\BTSTAC~1.EXE

C:\Program\iPod\bin\iPodService.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q305&bd=pavilion&pf=laptop

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idg.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [synTPLpr] C:\Program\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [Cpqset] C:\Program\HPQ\Default Settings\cpqset.exe

O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program\HPQ\Quick Launch Buttons\EabServr.exe /Start

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

O4 - HKLM\..\Run: [bOTTray] "C:\Program\SystemOK\BackOnTrack\BOTTray.exe"

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [uSB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController

O4 - HKLM\..\Run: [babylon Client] C:\Program\Babylon\Babylon-Pro\Babylon.exe -AutoStart

O4 - HKLM\..\Run: [HP Software Update] C:\Program\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [nod32kui] "C:\Program\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1

O4 - HKCU\..\Policies\Explorer\Run: [NTSpool] NTSpool.exe

O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program\Picasa2\PicasaMediaDetector.exe (User 'Default user')

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://F:\Office\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Skicka till &Bluetooth - C:\Program\WIDCOMM\Bluetooth-programvara\btsendto_ie_ctx.htm

O8 - Extra context menu item: Translate with &Babylon - res://C:\Program\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework/control/en-US/activex/TmHcmsX.CAB

O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} - http://www.pixaco.se/static/download/pixacodndupload.cab

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.nattstad.se/ImageUploader4.cab

O16 - DPF: {73809B3B-F06D-4DB3-8A36-0DEF36FAB39B} (AKFileUploadCtrl Class) - http://system.arkitektkopia.se/LOGIN/Customer/AKFileUpload.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {E505599B-F37A-4849-A7B0-E0AAB5CB054C} (ScriptPlayerRuntime Class) - https://gfs.nb.se/privat/bank/scripts/eid/NordeaSmartCard.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: {75DC891D-D4CB-48f7-BDD1-C1E56C64250E} - C:\Program\SystemOK\BACKON~1\botwlnp.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Automatisk LiveUpdate-schemaläggare - Unknown owner - C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: BackOnTrack Callback Service (BOTCbs) - SystemOK AB - C:\Program\SystemOK\BackOnTrack\BOTCbs.exe

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe

O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program\HPQ\shared\hpqwmi.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe

O23 - Service: NMIndexingService - Unknown owner - C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program\Eset\nod32krn.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe

 

--

End of file - 8590 bytes

[/log]

 

[bild bifogad 2008-12-09 18:54:14 av Grdic]

1105763_thumb.jpg

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad
NOD32 gav utslag på MSNFix.zip när jag skulle ladda ner den. (se bifogad bild).
Det är vanligt att antivirusprogrammen reagerar.

 

Ladda ner OTViewIt till Skrivbordet:

http://oldtimer.geekstogo.com/OTViewIt.exe

 

Stäng alla program.

Kör OTViewIt (i Vista högerklicka och Kör som administratör).

Bocka för Scan all Users.

Välj 30 dagar för File Age om det inte redan är valt.

Tryck på Run Scan och låt programmet köra ostört.

 

När det är klart så skapas två loggfiler på Skrivbordet, OTViewIt.txt och Extras.txt, klistra in båda två i ditt svar.

 

Länk till kommentar
Dela på andra webbplatser
Grdic

Grdic

Postad
  • Trådskapare
Postad

Ok, följde dina instruktioner, här kommer loggarna...

 

Extras:

 

[log]OTViewIt Extras logfile created on: 2008-12-09 20:03:56 - Run 2

OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\HP_Ägaren\Skrivbord

Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.11)

Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

1022,48 Mb Total Physical Memory | 595,45 Mb Available Physical Memory | 58,24% Memory free

2,40 Gb Paging File | 2,12 Gb Available in Paging File | 88,47% Paging File free

Paging file location(s): C:\pagefile.sys 1533 3072;

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 93,16 Gb Total Space | 16,64 Gb Free Space | 17,87% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

Drive E: | 506,21 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: GRDIC

Current User Name: HP_Ägaren

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled"=1

"AntiVirusDisableNotify"=0

"FirewallDisableNotify"=1

"UpdatesDisableNotify"=0

"AntiVirusOverride"=0

"FirewallOverride"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

"EnableFirewall"=1

"DoNotAllowExceptions"=0

"DisableNotifications"=0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[2004-08-04 13:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[2006-10-10 13:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[2007-10-18 11:35:08 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[2007-10-02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

[2004-08-04 13:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[2006-10-10 13:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[2004-10-13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program\Messenger\msmsgs.exe:*:Enabled:Windows Messenger

[2005-05-07 01:47:08 | 02,224,128 | ---- | M] (www.BitLord.com) -- C:\Program\BitLord\BitLord.exe:*:Enabled:BitLord

[2004-08-04 13:00:00 | 00,768,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Fjärrhjälp - Windows Messenger och tal

[2007-10-18 11:35:08 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[2007-10-02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[2008-02-01 17:22:12 | 21,898,024 | R--- | M] (Skype Technologies S.A.) -- C:\Program\Skype\Phone\Skype.exe:*:Enabled:Skype

[2008-08-29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour

[2008-11-20 13:20:48 | 14,294,824 | ---- | M] (Apple Inc.) -- C:\Program\iTunes\iTunes.exe:*:Enabled:iTunes

 

========== (O10) Winsock2 Catalogs ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]

NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -- C:\Program\Bonjour\mdnsNSP.dll (Apple Inc.)

Protocol_Catalog9\Catalog_Entries\000000000001 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000002 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000003 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000004 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000005 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000006 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000007 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000008 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000009 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000010 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000011 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000012 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000013 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000014 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000015 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000016 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000017 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000018 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000019 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000020 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000021 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000022 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000023 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000024 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000025 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000026 -- C:\WINDOWS\system32\imon.dll (Eset )

Protocol_Catalog9\Catalog_Entries\000000000027 -- C:\WINDOWS\system32\imon.dll (Eset )

 

========== (O18) Protocol Handlers ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

ipp: [HKLM - No CLSID value]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2007-08-28 23:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2007-10-18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

msdaipp: [HKLM - No CLSID value]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2007-08-28 23:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2007-08-28 23:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2006-10-26 13:45:02 | 00,873,216 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll (ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} (HKLM) [HxProtocol Class])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2007-10-18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2008-02-01 17:22:12 | 01,934,672 | R--- | M] (Skype Technologies) C:\Program\Delade filer\Skype\Skype4COM.dll (skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} (HKLM) [iEProtocolHandler Class])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2004-06-02 17:16:20 | 00,110,592 | ---- | M] (WIDCOMM, Inc.) C:\WINDOWS\system32\BTXPPanel.dll (widimg:{EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} (HKLM) [WidImg Class])

 

========== (O18) Protocol Filters ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters

[2006-10-26 21:41:48 | 00,044,344 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL text/xml:{807563E5-5146-11D5-A672-00B0D022E945} (HKLM) [Microsoft Office InfoPath XML Mime Filter]

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{058F1FBA-1980-48B5-A4FB-616D99DFB239}"=BackOnTrack

"{0691B876-15B2-451B-AEA4-5653E40899C4}"=Windows Presentation Foundation Language Pack (SVE)

"{075473F5-846A-448B-BCB3-104AA1760205}"=Sonic Data Module

"{08AB56DB-F5B6-4477-A2FD-38398F06C378}"=Microsoft .NET Framework 3.0 Swedish Language Pack

"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}"=WD Diagnostics

"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}"=ATI Control Panel

"{15095BF3-A3D7-4DDF-B193-3A496881E003}"=Microsoft .NET Framework 3.0

"{17014473-0098-4DF0-827D-7D582697C78C}"=Microsoft .NET Framework 2.0 Language Pack - SVE

"{18D10072035C4515918F7E37EAFAACFC}"=AutoUpdate

"{20503DFE-E5B2-491E-B2C5-8BCB5BF5B9E9}"=Windows Live Messenger

"{21657574-BD54-48A2-9450-EB03B2C7FC29}"=Sonic MyDVD Plus

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}"=Sonic Update Manager

"{318AB667-3230-41B5-A617-CB3BF748D371}"=iTunes

"{3248F0A8-6813-11D6-A77B-00B0D0150020}"=J2SE Runtime Environment 5.0 Update 2

"{3248F0A8-6813-11D6-A77B-00B0D0150110}"=J2SE Runtime Environment 5.0 Update 11

"{3248F0A8-6813-11D6-A77B-00B0D0160010}"=Java SE Runtime Environment 6 Update 1

"{3248F0A8-6813-11D6-A77B-00B0D0160030}"=Java 6 Update 3

"{3248F0A8-6813-11D6-A77B-00B0D0160050}"=Java 6 Update 5

"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java 6 Update 7

"{350C941d-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP

"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}"=HP Wireless Assistant 1.01 A2

"{491DD792-AD81-429C-9EB4-86DD3D22E333}"=Windows Communication Foundation

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}"=neroxml

"{56CA5D3B-3002-4E7B-90FE-071D8FDF3814}"=

"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}"=Skype™ 3.6

"{612DC38A-B36A-4699-88EB-12C7394DE2FC}"=TIxx21

"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}"=Adobe Setup

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}"=Sonic Express Labeler

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update

"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}"=Adobe Color Common Settings

"{793C456F-EB0A-4164-BE77-B6D901F2C7E3}"=Windows Workflow Foundation SV Language Pack

"{7B63B2922B174135AFC0E1377DD81EC2}"=DivX Codec

"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}"=Windows Workflow Foundation

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}"=Microsoft Silverlight

"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}"=Bonjour

"{8ADFC4160D694100B5B8A22DE9DCABD9}"=DivX Player

"{90120000-0010-0409-0000-0000000FF1CE}"=Microsoft Software Update for Web Folders (English) 12

"{90120000-0015-0409-0000-0000000FF1CE}"=Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0016-0409-0000-0000000FF1CE}"=Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0018-0409-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0019-0409-0000-0000000FF1CE}"=Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001A-0409-0000-0000000FF1CE}"=Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001B-0409-0000-0000000FF1CE}"=Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0409-0000-0000000FF1CE}"=Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-040C-0000-0000000FF1CE}"=Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0C0A-0000-0000000FF1CE}"=Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-002C-0409-0000-0000000FF1CE}"=Microsoft Office Proofing (English) 2007

"{90120000-0030-0000-0000-0000000FF1CE}"=Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0044-0409-0000-0000000FF1CE}"=Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-006E-0409-0000-0000000FF1CE}"=Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-00A1-0409-0000-0000000FF1CE}"=Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-00B2-041D-0000-0000000FF1CE}"=Microsoft-tillägget Spara som PDF eller XPS för Microsoft Office 2007-program

"{90120000-00BA-0409-0000-0000000FF1CE}"=Microsoft Office Groove MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0114-0409-0000-0000000FF1CE}"=Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0115-0409-0000-0000000FF1CE}"=Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0117-0409-0000-0000000FF1CE}"=Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90535871-81B9-4D99-8A13-A7EE97F2D7FE}"=Bluetooth by hp

"{9112041D-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Standard Edition 2003

"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}"=InterVideo WinDVD

"{94FB906A-CF42-4128-A509-D353026A607E}"=REALTEK Gigabit and Fast Ethernet NIC Driver

"{992A2DB1-4ABC-4738-BD71-045C5FFE00D1}"=Microsoft .NET Framework 1.1 Swedish Language Pack

"{99A40651-0BC2-4095-8F9A-A40FAB224FEF}"=PC Connectivity Solution

"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}"=HP Help and Support

"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}"=Sonic Audio Module

"{AC76BA86-7AD7-1053-7B44-A81300000003}"=Adobe Reader 8.1.3 - Svenska

"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}"=Windows Live inloggningsassistenten

"{B12665F4-4E93-4AB4-B7FC-37053B524629}"=Sonic Copy Module

"{B13A7C41581B411290FBC0395694E2A9}"=DivX Converter

"{B508B3F1-A24A-32C0-B310-85786919EF28}"=Microsoft .NET Framework 2.0 Service Pack 1

"{B7050CBDB2504B34BC2A9CA0A692CC29}"=DivX Web Player

"{BAF78226-3200-4DB4-BE33-4D922A799840}"=Windows Presentation Foundation

"{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}"=Windows Rights Management Client with Service Pack 2

"{BF476E33-ED16-4C5A-8DFB-ABCA8A47AD61}"=Windows Communication Foundation Language Pack - SVE

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1

"{CEB326EC-8F40-47B2-BA22-BB092565D66F}"=Quick Launch Buttons 5.10 A2

"{D0C27A12-1622-436C-AFE1-414D41101B17}"=Garmin POI Loader

"{D84CB492-A248-49BA-8BBF-805A67C38A4E}"=Argos Mini II

"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}"=Ad-Aware

"{E17F76BE-50E9-4E7C-ADF6-6D8F44A9C6F3}"=Windows Live installer

"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}"=Apple Mobile Device Support

"{EC905264-BCFE-423B-9C42-C3A106266790}"=Windows Rights Management Client Backwards Compatibility SP2

"{EEB7A930-53B9-455C-B3B0-9ACD854394C3}"=Nordea E-code Driver

"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}"=Pinnacle Instant DVD Recorder

"{F958CA02-BB40-4007-894B-258729456EE4}"=QuickTime

"{FE57DE70-95DE-4B64-9266-84DA811053DB}"=HP Update

"43A08386617C2D20EE613010760BCEDD604E2638"=Windows Driver Package - Todos Data System AB Smartcard Reader Nordea NCR1 (10/29/2007 1.0.1.3)

"Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin"=Adobe Flash Player Plugin

"Adobe Shockwave Player"=Adobe Shockwave Player

"Adobe_6c8e2cb4fd241c55406016127a6ab2e"=Adobe Color Common Settings

"All ATI Software"=ATI - Hjälp för avinstallation av program

"ATI Display Driver"=ATI Display Driver

"Babylon"=Babylon

"BitLord"=BitLord 1.1

"Broadcom 802.11b Network Adapter"=Broadcom 802.11 Wireless LAN Adapter

"CCleaner"=CCleaner (remove only)

"CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_3082103C"=Conexant Data Fax Modem with SmartCP

"Conexant PCI Audio"=Conexant AC-97 Audio

"DiskCheckup_is1"=DiskCheckup V2.1

"ENTERPRISE"=Microsoft Office Enterprise 2007

"F268870D744B5AD17B9D31CB1A5770235199E53B"=Windows-drivrutinspaket - Todos Data System AB Smartcard Reader Argos Mini II (05/11/2007 3.3.0.0)

"HijackThis"=HijackThis 2.0.2

"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs

"ie7"=Windows Internet Explorer 7

"InstallShield_{612DC38A-B36A-4699-88EB-12C7394DE2FC}"=Texas Instruments PCIxx21/x515 drivers.

"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1

"Microsoft .NET Framework 2.0 Language Pack - SVE"=Microsoft .NET Framework 2.0 Language Pack - SVE

"Microsoft .NET Framework 3.0"=Microsoft .NET Framework 3.0

"Microsoft .NET Framework 3.0 Swedish Language Pack"=Microsoft .NET Framework 3.0 Swedish Language Pack

"Mozilla Firefox (3.0.4)"=Mozilla Firefox (3.0.4)

"MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP

"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs

"NOD32"=NOD32 Antivirus

"Personal"=Personal 4.5.4

"RealPlayer 6.0"=RealPlayer

"Revo Uninstaller"=Revo Uninstaller 1.75

"Smart Defrag_is1"=Smart Defrag 1.03

"Stadskartan"=Stadskartan

"SynTPDeinstKey"=Synaptics Pointing Device Driver

"Uppgradering till Kartex 5.0.0.50"=Uppgradering till Kartex 5.0.0.50

"WIC"=Windows Imaging Component

"Winamp"=Winamp

"Windows Media Format Runtime"=Windows Media Format 11 runtime

"Windows Media Player"=Windows Media Player 11

"WinRAR archiver"=WinRAR archiver

"WinZip"=WinZip

"VLC media player"=VideoLAN VLC media player 0.8.6a

"WMFDist11"=Windows Media Format 11 runtime

"wmp11"=Windows Media Player 11

"Wudf01005"=Microsoft User-Mode Driver Framework Feature Pack 1.5

"XpsEPSC"=XML Paper Specification Shared Components Pack 1.0

"XPSEPSCLP"=XML Paper Specification Shared Components Language Pack 1.0

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-1993962763-484061587-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 2008-11-18 05:47:21 | Computer Name = GRDIC | Source = crypt32 | ID = 131083

Description = Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen

vid: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

Fel: Felaktig data.

 

Error - 2008-11-18 05:47:21 | Computer Name = GRDIC | Source = crypt32 | ID = 131083

Description = Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen

vid: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

Fel: Felaktig data.

 

Error - 2008-11-18 05:47:21 | Computer Name = GRDIC | Source = crypt32 | ID = 131083

Description = Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen

vid: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

Fel: Felaktig data.

 

Error - 2008-11-18 05:47:22 | Computer Name = GRDIC | Source = crypt32 | ID = 131083

Description = Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen

vid: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

Fel: Felaktig data.

 

Error - 2008-11-18 05:47:22 | Computer Name = GRDIC | Source = crypt32 | ID = 131083

Description = Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen

vid: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

Fel: Felaktig data.

 

Error - 2008-11-18 05:47:22 | Computer Name = GRDIC | Source = crypt32 | ID = 131083

Description = Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen

vid: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

Fel: Felaktig data.

 

Error - 2008-11-18 05:47:22 | Computer Name = GRDIC | Source = crypt32 | ID = 131083

Description = Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen

vid: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

Fel: Felaktig data.

 

Error - 2008-11-18 05:47:22 | Computer Name = GRDIC | Source = crypt32 | ID = 131083

Description = Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen

vid: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

Fel: Felaktig data.

 

Error - 2008-11-18 05:47:22 | Computer Name = GRDIC | Source = crypt32 | ID = 131083

Description = Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen

vid: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

Fel: Felaktig data.

 

Error - 2008-11-21 05:28:25 | Computer Name = GRDIC | Source = Application Hang | ID = 1002

Description = Stoppat program iexplore.exe, version 7.0.6000.16735, stoppad modul

hungapp, version 0.0.0.0, stoppad adress 0x00000000.

 

[ OSession Events ]

Error - 2007-03-23 08:14:46 | Computer Name = GRDIC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 274

seconds with 60 seconds of active time. This session ended with a crash.

 

Error - 2008-08-12 04:13:26 | Computer Name = GRDIC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 16

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 2008-08-12 04:13:45 | Computer Name = GRDIC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 2008-08-12 04:13:53 | Computer Name = GRDIC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 2008-08-12 04:13:59 | Computer Name = GRDIC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 2008-08-12 04:35:30 | Computer Name = GRDIC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 2008-08-12 04:35:57 | Computer Name = GRDIC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 2008-08-12 04:36:07 | Computer Name = GRDIC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 2008-08-25 05:58:02 | Computer Name = GRDIC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5590

seconds with 2460 seconds of active time. This session ended with a crash.

 

Error - 2008-09-04 20:55:27 | Computer Name = GRDIC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application

Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session

lasted 4930 seconds with 2220 seconds of active time. This session ended with a

crash.

 

[ System Events ]

Error - 2008-12-09 14:54:14 | Computer Name = GRDIC | Source = Disk | ID = 262151

Description = Det finns ett felaktigt block på enhet \Device\Harddisk0\D.

 

Error - 2008-12-09 14:54:20 | Computer Name = GRDIC | Source = Disk | ID = 262151

Description = Det finns ett felaktigt block på enhet \Device\Harddisk0\D.

 

Error - 2008-12-09 15:04:11 | Computer Name = GRDIC | Source = Disk | ID = 262151

Description = Det finns ett felaktigt block på enhet \Device\Harddisk0\D.

 

Error - 2008-12-09 15:04:17 | Computer Name = GRDIC | Source = Disk | ID = 262151

Description = Det finns ett felaktigt block på enhet \Device\Harddisk0\D.

 

Error - 2008-12-09 15:04:23 | Computer Name = GRDIC | Source = Disk | ID = 262151

Description = Det finns ett felaktigt block på enhet \Device\Harddisk0\D.

 

Error - 2008-12-09 15:04:28 | Computer Name = GRDIC | Source = Disk | ID = 262151

Description = Det finns ett felaktigt block på enhet \Device\Harddisk0\D.

 

Error - 2008-12-09 15:04:34 | Computer Name = GRDIC | Source = Disk | ID = 262151

Description = Det finns ett felaktigt block på enhet \Device\Harddisk0\D.

 

Error - 2008-12-09 15:04:40 | Computer Name = GRDIC | Source = Disk | ID = 262151

Description = Det finns ett felaktigt block på enhet \Device\Harddisk0\D.

 

Error - 2008-12-09 15:04:46 | Computer Name = GRDIC | Source = Disk | ID = 262151

Description = Det finns ett felaktigt block på enhet \Device\Harddisk0\D.

 

Error - 2008-12-09 15:04:52 | Computer Name = GRDIC | Source = Disk | ID = 262151

Description = Det finns ett felaktigt block på enhet \Device\Harddisk0\D.

 

 

< End of report >

[/log]

 

OtViewIt:

 

[log]OTViewIt logfile created on: 2008-12-09 20:03:56 - Run 2

OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\HP_Ägaren\Skrivbord

Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.11)

Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

1022,48 Mb Total Physical Memory | 595,45 Mb Available Physical Memory | 58,24% Memory free

2,40 Gb Paging File | 2,12 Gb Available in Paging File | 88,47% Paging File free

Paging file location(s): C:\pagefile.sys 1533 3072;

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 93,16 Gb Total Space | 16,64 Gb Free Space | 17,87% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

Drive E: | 506,21 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: GRDIC

Current User Name: HP_Ägaren

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

 

========== Processes ==========

 

[2005-03-08 22:34:28 | 00,352,256 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe

[2008-08-29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program\Bonjour\mDNSResponder.exe

[2004-09-01 17:04:52 | 00,393,216 | ---- | M] (SystemOK AB) -- C:\Program\SystemOK\BackOnTrack\BOTCbs.exe

[2004-06-03 13:14:16 | 00,163,840 | ---- | M] (WIDCOMM, Inc.) -- C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe

[2008-12-08 16:17:31 | 00,552,064 | ---- | M] (Eset ) -- C:\Program\ESET\nod32krn.exe

[2005-03-08 22:34:28 | 00,352,256 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe

[2005-02-02 13:12:22 | 00,102,492 | ---- | M] (Synaptics, Inc.) -- C:\Program\Synaptics\SynTP\SynTPLpr.exe

[2005-02-02 13:11:12 | 00,692,316 | ---- | M] (Synaptics, Inc.) -- C:\Program\Synaptics\SynTP\SynTPEnh.exe

[2005-03-08 21:05:00 | 00,339,968 | ---- | M] (ATI Technologies, Inc.) -- C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

[2004-12-03 13:24:20 | 00,290,816 | ---- | M] (Hewlett-Packard ) -- C:\Program\HPQ\Quick Launch Buttons\eabservr.exe

[2008-06-10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Java\jre1.6.0_07\bin\jusched.exe

[2005-04-01 15:11:14 | 00,794,624 | ---- | M] (Hewlett-Packard Company) -- C:\Program\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe

[2004-08-31 17:37:50 | 00,262,144 | ---- | M] (SystemOK AB) -- C:\Program\SystemOK\BackOnTrack\BOTTray.exe

[2004-08-04 13:00:00 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe

[2007-05-08 15:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program\Hp\HP Software Update\hpwuSchd2.exe

[2008-11-20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program\iTunes\iTunesHelper.exe

[2008-12-08 16:17:31 | 00,949,376 | ---- | M] (Eset ) -- C:\Program\ESET\nod32kui.exe

[2004-06-02 17:48:22 | 00,565,309 | ---- | M] (WIDCOMM, Inc.) -- C:\Program\WIDCOMM\Bluetooth-programvara\BTTray.exe

[2007-12-24 04:00:18 | 00,722,464 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exe

[2005-03-04 12:16:18 | 00,098,304 | R--- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program\HPQ\shared\hpqwmi.exe

[2004-06-02 17:46:52 | 01,249,364 | ---- | M] (WIDCOMM, Inc.) -- C:\Program\WIDCOMM\Bluetooth-programvara\BTStackServer.exe

[2008-11-20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program\iPod\bin\iPodService.exe

[2008-12-09 19:47:27 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Ägaren\Skrivbord\OTViewIt.exe

 

========== (O23) Win32 Services ==========

 

[2008-09-10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [On_Demand | Stopped])

[2008-11-07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Disabled | Stopped])

[2007-10-24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])

[2005-03-08 22:34:28 | 00,352,256 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])

File not found -- -- (Automatisk LiveUpdate-schemaläggare [Auto | Stopped])

[2008-08-29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])

[2004-09-01 17:04:52 | 00,393,216 | ---- | M] (SystemOK AB) -- C:\Program\SystemOK\BackOnTrack\BOTCbs.exe -- (BOTCbs [Auto | Running])

[2004-06-03 13:14:16 | 00,163,840 | ---- | M] (WIDCOMM, Inc.) -- C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe -- (btwdins [Auto | Running])

[2007-10-24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

[2006-10-20 20:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])

[2005-03-04 12:16:18 | 00,098,304 | R--- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program\HPQ\shared\hpqwmi.exe -- (hpqwmi [On_Demand | Running])

[2006-10-30 02:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped])

[2008-11-20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])

[2006-10-26 13:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM [Disabled | Stopped])

[2006-10-30 02:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

File not found -- -- (NMIndexingService [On_Demand | Stopped])

[2008-12-08 16:17:31 | 00,552,064 | ---- | M] (Eset ) -- C:\Program\ESET\nod32krn.exe -- (NOD32krn [Auto | Running])

[2007-08-24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])

[2006-10-26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])

[2007-06-15 15:55:00 | 00,300,544 | ---- | M] (Nokia.) -- C:\Program\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])

[2007-10-18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])

[2007-10-25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])

[2006-11-15 10:49:34 | 00,912,384 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

 

========== Driver Services ==========

 

[2008-12-08 16:17:31 | 00,512,096 | ---- | M] (Eset ) -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON [Auto | Running])

[2005-02-23 16:40:26 | 00,011,264 | ---- | M] (VOB Computersysteme GmbH) -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k [On_Demand | Running])

[2004-08-03 22:59:44 | 00,095,360 | ---- | M] () -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi [boot | Running])

[2005-03-08 22:36:52 | 00,988,672 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running])

[2005-03-29 13:41:32 | 00,170,144 | ---- | M] (SystemOK) -- C:\WINDOWS\system32\drivers\BCatDriver.sys -- (BCatDriver [boot | Running])

[2006-10-12 23:26:56 | 00,604,928 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX [On_Demand | Running])

[2004-06-02 17:13:32 | 00,016,896 | ---- | M] (WIDCOMM, Inc.) -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio [On_Demand | Running])

[2004-06-02 16:59:58 | 00,030,235 | ---- | M] (WIDCOMM, Inc.) -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver [On_Demand | Running])

[2004-06-02 17:07:28 | 01,240,938 | ---- | M] (WIDCOMM, Inc.) -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL [boot | Running])

[2004-06-02 17:00:10 | 00,147,864 | ---- | M] (WIDCOMM, Inc.) -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS [On_Demand | Running])

[2004-06-02 16:50:16 | 00,053,816 | ---- | M] (WIDCOMM, Inc.) -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB [On_Demand | Running])

[2004-11-17 11:17:14 | 00,293,120 | R--- | M] (Conexant Systems Inc.) -- C:\WINDOWS\system32\drivers\camcaud.sys -- (CAMCAUD [On_Demand | Running])

[2004-11-17 11:17:58 | 00,280,192 | R--- | M] (Conexant Systems Inc.) -- C:\WINDOWS\system32\drivers\camchal.sys -- (CAMCHALA [On_Demand | Running])

[2004-03-12 22:41:28 | 00,156,800 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\d346bus.sys -- (d346bus [boot | Running])

[2004-03-12 22:41:42 | 00,005,248 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\d346prt.sys -- (d346prt [boot | Running])

[2005-12-21 09:14:52 | 00,100,957 | ---- | M] (eMPIA Technology, Inc.) -- C:\WINDOWS\system32\drivers\emDevice.sys -- (DCamUSBEMPIA [On_Demand | Stopped])

[2004-04-14 07:36:50 | 00,007,432 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr [system | Running])

[2003-06-06 11:46:16 | 00,005,220 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb [On_Demand | Stopped])

[2005-12-21 09:14:52 | 00,019,712 | ---- | M] (Pinnacle Systems, Inc.) -- C:\WINDOWS\system32\drivers\emAudio.sys -- (emAudio [On_Demand | Stopped])

[2005-12-21 09:14:52 | 00,005,245 | ---- | M] (eMPIA Technology, Inc.) -- C:\WINDOWS\system32\drivers\emFilter.sys -- (FiltUSBEMPIA [On_Demand | Stopped])

[2008-04-17 12:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])

[2004-12-15 16:18:34 | 00,207,232 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH [On_Demand | Running])

[2004-12-15 16:18:26 | 01,038,208 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP [On_Demand | Running])

[2005-06-02 17:28:38 | 00,171,008 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus [On_Demand | Running])

[2004-03-17 12:04:14 | 00,013,059 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])

[2008-12-08 16:17:30 | 00,015,424 | ---- | M] () -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv [system | Running])

[2005-02-09 10:59:00 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI [system | Running])

[2004-08-04 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])

[2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [boot | Running])

[2004-08-04 13:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM [On_Demand | Running])

[2005-03-04 12:10:26 | 00,074,496 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp [On_Demand | Running])

[2004-08-03 23:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139 [On_Demand | Stopped])

[2005-12-21 09:14:52 | 00,004,493 | ---- | M] (eMPIA Technology, Inc.) -- C:\WINDOWS\system32\drivers\emScan.sys -- (ScanUSBEMPIA [On_Demand | Stopped])

[2004-08-04 13:00:00 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sdbus.sys -- (sdbus [On_Demand | Running])

[2007-11-13 11:25:56 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])

[2007-02-25 23:49:56 | 00,004,608 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd [Auto | Running])

[2005-02-02 12:58:58 | 00,191,456 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])

[2007-10-30 09:57:54 | 00,023,040 | ---- | M] (Todos Data System AB) -- C:\WINDOWS\system32\drivers\nordecr.sys -- (TdsNordecr [On_Demand | Stopped])

[2005-03-16 13:43:06 | 00,159,488 | ---- | M] (Texas Instruments) -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21 [On_Demand | Running])

[2007-12-24 17:37:00 | 00,138,384 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm [Auto | Running])

[2007-05-24 12:42:16 | 00,018,176 | ---- | M] () -- C:\WINDOWS\system32\drivers\AgmIIusb.sys -- (TodosAgmII [On_Demand | Stopped])

[2004-12-15 16:18:28 | 00,703,232 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf [On_Demand | Running])

[2004-08-04 00:07:42 | 00,008,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wmiacpi.sys -- (WmiAcpi [system | Running])

[2004-08-04 13:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [system | Running])

 

========== (R ) Internet Explorer ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157

"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896

"Default_Secondary_Page_URL"=

"Extensions Off Page"=about:NoAdd-ons

"Local Page"=%SystemRoot%\system32\blank.htm

"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896

"Security Risk Page"=about:SecurityRisk

"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]

"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\WINDOWS\system32\blank.htm

"Page_Transitions"=

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Secondary Start Pages"=

"Start Page"=http://www.idg.se/

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

"ProxyOverride" = *.local

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-21-1993962763-484061587-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\WINDOWS\system32\blank.htm

"Page_Transitions"=

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Secondary Start Pages"=

"Start Page"=http://www.idg.se/

 

[HKEY_USERS\S-1-5-21-1993962763-484061587-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-1993962763-484061587-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

"ProxyOverride" = *.local

 

========== (O1) Hosts File ==========

 

HOSTS File = (710 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

First 25 entries...

127.0.0.1 localhost

 

========== (O2) BHO's ==========

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)

{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

 

========== (O3) Toolbars ==========

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-21-1993962763-484061587-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-21-1993962763-484061587-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

[HKEY_USERS\S-1-5-21-1993962763-484061587-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

 

========== (O4) Run Keys ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)

"ATIPTA"=C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)

"Babylon Client"=C:\Program\Babylon\Babylon-Pro\Babylon.exe -AutoStart (Babylon Ltd.)

"BOTTray"="C:\Program\SystemOK\BackOnTrack\BOTTray.exe" (SystemOK AB)

"Cpqset"=C:\Program\HPQ\Default Settings\cpqset.exe ()

"eabconfg.cpl"=C:\Program\HPQ\Quick Launch Buttons\EabServr.exe /Start (Hewlett-Packard )

"HP Software Update"=C:\Program\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)

"hpWirelessAssistant"=C:\Program\hpq\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Company)

"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)

"iTunesHelper"="C:\Program\iTunes\iTunesHelper.exe" (Apple Inc.)

"nod32kui"="C:\Program\Eset\nod32kui.exe" /WAITSERVICE (Eset )

"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName (Microsoft Corporation)

"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC (Microsoft Corporation)

"PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg ()

"QuickTime Task"="C:\Program\QuickTime\QTTask.exe" -atboottime (Apple Inc.)

"SunJavaUpdateSched"="C:\Program\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.)

"SynTPEnh"=C:\Program\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)

"SynTPLpr"=C:\Program\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)

"USB2Check"=RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController (Pinnacle Systems)

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe" File not found

"updateMgr"="C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 File not found

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Picasa Media Detector"=C:\Program\Picasa2\PicasaMediaDetector.exe File not found

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Picasa Media Detector"=C:\Program\Picasa2\PicasaMediaDetector.exe File not found

 

[HKEY_USERS\S-1-5-21-1993962763-484061587-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe" File not found

"updateMgr"="C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 File not found

 

========== (O4) Startup Folders ==========

 

[2004-06-02 17:48:22 | 00,565,309 | ---- | M] (WIDCOMM, Inc.) -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BTTray.lnk = C:\Program\WIDCOMM\Bluetooth-programvara\BTTray.exe

[2007-12-24 04:00:18 | 00,722,464 | ---- | M] (Technology Nexus AB) -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Personal.lnk = C:\Program\Personal\bin\Personal.exe

 

========== (O6 & O7) Current Version Policies ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoCDBurning"=0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run]

"NTSpool"=NTSpool.exe

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-21-1993962763-484061587-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run]

"NTSpool"=NTSpool.exe

 

========== (O8) IE Context Menu Extensions ==========

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]

E&xport to Microsoft Excel: C:\Program\Microsoft Office\Office12\EXCEL.EXE [2008-07-30 02:25:02 | 17,930,264 | ---- | M] (Microsoft Corporation)

E&xportera till Microsoft Excel: F:\Office\OFFICE11\EXCEL.EXE File not found

Skicka till &Bluetooth: C:\Program\WIDCOMM\Bluetooth-programvara\btsendto_ie_ctx.htm [2003-05-29 13:53:12 | 00,001,320 | ---- | M] ()

Translate with &Babylon: C:\Program\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll [2008-03-11 08:19:10 | 00,121,856 | ---- | M] (Babylon Ltd.)

 

[HKEY_USERS\S-1-5-21-1993962763-484061587-682003330-1004\Software\Microsoft\Internet Explorer\MenuExt\]

E&xport to Microsoft Excel: C:\Program\Microsoft Office\Office12\EXCEL.EXE [2008-07-30 02:25:02 | 17,930,264 | ---- | M] (Microsoft Corporation)

E&xportera till Microsoft Excel: F:\Office\OFFICE11\EXCEL.EXE File not found

Skicka till &Bluetooth: C:\Program\WIDCOMM\Bluetooth-programvara\btsendto_ie_ctx.htm [2003-05-29 13:53:12 | 00,001,320 | ---- | M] ()

Translate with &Babylon: C:\Program\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll [2008-03-11 08:19:10 | 00,121,856 | ---- | M] (Babylon Ltd.)

 

========== (O9) IE Extensions ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun Java-konsol -- %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [2008-06-10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)

{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2006-10-10 13:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation)

{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004-10-13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)

{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2004-10-13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [sun Java-konsol] -> [2008-06-10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004-10-13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004-10-13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004-10-13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-1993962763-484061587-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [sun Java-konsol] -> [2008-06-10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004-10-13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)

 

========== (O12) Internet Explorer Plugins ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]

PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s

PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

 

========== (O13) Default Prefixes ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]

""=http://

 

========== (O15) Trusted Sites ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

1 domain(s) and sub-domain(s) not assigned to a zone.

 

========== (O16) DPF ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]

{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}: http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab -- Office Genuine Advantage Validation Tool

{166B1BCA-3F9C-11CF-8075-444553540000}: http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab -- Shockwave ActiveX Control

{17492023-C23A-453E-A040-C7C580BBF700}: http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab -- Windows Genuine Advantage Validation Tool

{1EF9F042-C2EB-4293-8213-474CAEEF531D}: http://www.trendsecure.com/framework/control/en-US/activex/TmHcmsX.CAB -- TmHcmsX Control

{2EF3FB47-7B1E-4536-BA4D-51427BD45DFA}: http://www.pixaco.se/static/download/pixacodndupload.cab -- Reg Error: Key does not exist or could not be opened.

{6E5E167B-1566-4316-B27F-0DDAB3484CF7}: http://www.nattstad.se/ImageUploader4.cab -- Image Uploader Control

{73809B3B-F06D-4DB3-8A36-0DEF36FAB39B}: http://system.arkitektkopia.se/LOGIN/Customer/AKFileUpload.cab -- AKFileUploadCtrl Class

{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab -- Reg Error: Key does not exist or could not be opened.

{BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B}: http://game05.zylom.com/activex/zylomgamesplayer.cab -- Zylom Games Player

{C7DB51B4-BCF7-4923-8874-7F1A0DC92277}: http://office.microsoft.com/officeupdate/content/opuc4.cab -- Office Update Installation Engine

{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}: http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab -- Java Plug-in 1.5.0_02

{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab -- Java Plug-in 1.5.0_11

{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab -- Java Plug-in 1.6.0_01

{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab -- Java Plug-in 1.6.0_03

{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab -- Java Plug-in 1.6.0_05

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07

{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object

{E505599B-F37A-4849-A7B0-E0AAB5CB054C}: https://gfs.nb.se/privat/bank/scripts/eid/NordeaSmartCard.cab -- ScriptPlayerRuntime Class

 

========== (O17) DNS Name Servers ==========

 

{05817000-1525-45EC-803F-248B34939F8E} (Servers: | Description: 1394 Net Adapter)

{163D2FC4-7E71-45F8-BFA8-EB6F5392F064} (Servers: | Description: )

{3B21BB23-2CBB-44CC-AFE7-447680B7F4F6} (Servers: | Description: )

{9DC81DEF-235A-441C-B5F0-12857B253702} (Servers: | Description: 1394 Net Adapter)

{ABB0C944-1B2C-40D3-84BD-42973DA37AF8} (Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC)

{CB3FFCE5-D979-4373-8CBD-CA6A584E6360} (Servers: | Description: Broadcom 802.11b/g WLAN)

 

========== (O20) Winlogon Notify Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]

{75DC891D-D4CB-48f7-BDD1-C1E56C64250E}: "DllName" = C:\Program\SystemOK\BACKON~1\botwlnp.dll -- C:\Program\SystemOK\BackOnTrack\botwlnp.dll ()

AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)

 

========== Safeboot Options ==========

 

"AlternateShell"=cmd.exe

 

========== CDRom AutoRun Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 1

 

========== Autorun Files on Drives ==========

 

AUTOEXEC.BAT []

[2006-03-09 11:07:13 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

 

AUTORUN.INF [[autorun] | open=talk-now\tlknow32.exe \talk-now\data\startup.ast | icon=\data\talknow.ico | shell\install=&Install | shell\install\command=instal32.exe \data\startup.ast | shell\readme=&ReadMe | shell\readme\command=notepad \readme.txt | | ]

[2001-03-23 12:48:22 | 00,000,234 | R--- | M] () -- E:\AUTORUN.INF -- [ CDFS ]

 

========== MountPoints2 ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07974adc-ac79-11db-9655-806d6172696f}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07974adc-ac79-11db-9655-806d6172696f}\Shell\AutoRun\command]

""=E:\talk-now\tlknow32.exe \talk-now\data\startup.ast -- File not found

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07974adc-ac79-11db-9655-806d6172696f}\Shell\install\command]

""=E:\instal32.exe \data\startup.ast -- File not found

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07974adc-ac79-11db-9655-806d6172696f}\Shell\readme\command]

""=notepad \readme.txt

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{85cfa237-99eb-11dc-97bf-0010c68ad4df}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{85cfa237-99eb-11dc-97bf-0010c68ad4df}\Shell\AutoRun\command]

""=F:\LaunchU3.exe -- File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d13dad22-af59-11da-92da-806d6172696f}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d13dad22-af59-11da-92da-806d6172696f}\Shell\AutoRun\command]

""=D:\reatogoMenu.exe -- File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\AutoRun\command]

""=E:\talk-now\tlknow32.exe \talk-now\data\startup.ast -- File not found

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\install\command]

""=E:\instal32.exe \data\startup.ast -- File not found

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\readme\command]

""=notepad \readme.txt

 

========== Files/Folders - Created Within 30 Days ==========

 

[1 C:\WINDOWS\System32\*.tmp files]

[2008-12-09 19:47:07 | 00,423,424 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Ägaren\Skrivbord\OTViewIt.exe

[2008-12-09 18:39:14 | 10,722,22208 | -HS- | C] () -- C:\hiberfil.sys

[2008-12-09 18:28:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Ägaren\Skrivbord\Upload_Me

[2008-12-09 18:23:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Ägaren\Skrivbord\MSNFix

[2008-12-09 17:48:13 | 00,000,048 | ---- | C] () -- C:\WINDOWS\System32\imon1.dat

[2008-12-09 17:43:41 | 00,792,618 | ---- | C] () -- C:\Documents and Settings\HP_Ägaren\Skrivbord\MSNFix.zip

[2008-12-09 16:58:07 | 00,001,678 | ---- | C] () -- C:\Documents and Settings\HP_Ägaren\Skrivbord\HijackThis.lnk

[2008-12-09 16:58:06 | 00,000,000 | ---D | C] -- C:\Program\Trend Micro

[2008-12-08 16:19:57 | 00,512,096 | ---- | C] (Eset ) -- C:\WINDOWS\System32\drivers\amon.sys

[2008-12-08 16:19:57 | 00,298,104 | ---- | C] (Eset ) -- C:\WINDOWS\System32\imon.dll

[2008-12-08 16:19:56 | 00,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys

[2008-12-08 16:17:26 | 00,000,000 | ---D | C] -- C:\Program\ESET

[2008-12-07 22:10:11 | 00,138,384 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys

[2008-12-07 21:25:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\HouseCall 6.6

[2008-12-07 13:22:01 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK

[2008-12-07 12:19:49 | 00,000,344 | ---- | C] () -- C:\Documents and Settings\HP_Ägaren\Skrivbord\dump.rtf

[2008-12-05 09:28:28 | 00,000,628 | ---- | C] () -- C:\Documents and Settings\HP_Ägaren\Skrivbord\DiskCheckup.lnk

[2008-12-05 09:28:27 | 00,000,000 | ---D | C] -- C:\Program\DiskCheckup

[2008-12-05 03:21:12 | 00,000,760 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Smart Defrag.lnk

[2008-12-05 03:21:09 | 00,000,000 | ---D | C] -- C:\Program\IObit

[2008-12-05 01:05:04 | 00,000,749 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Ad-Aware.lnk

[2008-12-05 01:04:59 | 00,000,000 | ---D | C] -- C:\Program\Lavasoft

[2008-12-05 01:04:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft

[2008-12-05 01:03:57 | 00,000,000 | ---D | C] -- C:\Program\Delade filer\Wise Installation Wizard

[2008-12-04 23:30:52 | 00,001,492 | ---- | C] () -- C:\Documents and Settings\HP_Ägaren\Skrivbord\CCleaner.lnk

[2008-12-04 23:30:51 | 00,000,000 | ---D | C] -- C:\Program\CCleaner

[2008-12-04 23:12:57 | 00,000,873 | ---- | C] () -- C:\Documents and Settings\HP_Ägaren\Skrivbord\Revo Uninstaller.lnk

[2008-12-04 23:12:56 | 00,000,000 | ---D | C] -- C:\Program\VS Revo Group

[2008-12-04 23:06:56 | 00,000,120 | ---- | C] () -- C:\WINDOWS\CIS_Setup_3.5.55810.432_XP_Vista_x32[1].INI

[2008-12-02 13:27:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Ägaren\Mina dokument\Adobe Scripts

[2008-12-02 13:06:57 | 00,000,000 | ---D | C] -- C:\Program\iPod

[2008-12-02 13:06:52 | 00,000,000 | ---D | C] -- C:\Program\iTunes

[2008-12-02 13:06:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

[2008-12-02 13:04:02 | 00,000,000 | ---D | C] -- C:\Program\QuickTime

[2008-12-02 13:03:15 | 00,000,000 | ---D | C] -- C:\Program\Delade filer\Apple

 

========== Files - Modified Within 30 Days ==========

 

[1 C:\WINDOWS\System32\*.tmp files]

[3 C:\WINDOWS\*.tmp files]

[2008-12-09 19:47:27 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Ägaren\Skrivbord\OTViewIt.exe

[2008-12-09 18:39:52 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2008-12-09 18:39:28 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2008-12-09 18:39:21 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2008-12-09 18:39:14 | 10,722,22208 | -HS- | M] () -- C:\hiberfil.sys

[2008-12-09 18:29:52 | 04,240,744 | -H-- | M] () -- C:\Documents and Settings\HP_Ägaren\Lokala inställningar\Application Data\IconCache.db

[2008-12-09 17:48:13 | 00,000,048 | ---- | M] () -- C:\WINDOWS\System32\imon1.dat

[2008-12-09 17:43:41 | 00,792,618 | ---- | M] () -- C:\Documents and Settings\HP_Ägaren\Skrivbord\MSNFix.zip

[2008-12-09 16:58:07 | 00,001,678 | ---- | M] () -- C:\Documents and Settings\HP_Ägaren\Skrivbord\HijackThis.lnk

[2008-12-09 00:31:58 | 00,000,512 | ---- | M] () -- C:\WINDOWS\win.ini

[2008-12-09 00:31:58 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2008-12-09 00:31:58 | 00,000,211 | -HS- | M] () -- C:\boot.ini

[2008-12-08 20:15:08 | 00,000,584 | ---- | M] () -- C:\Documents and Settings\HP_Ägaren\Mina dokument\Mina delade mappar.lnk

[2008-12-08 18:03:42 | 00,097,296 | ---- | M] () -- C:\Documents and Settings\HP_Ägaren\Lokala inställningar\Application Data\GDIPFONTCACHEV1.DAT

[2008-12-08 16:17:32 | 00,298,104 | ---- | M] (Eset ) -- C:\WINDOWS\System32\imon.dll

[2008-12-08 16:17:31 | 00,512,096 | ---- | M] (Eset ) -- C:\WINDOWS\System32\drivers\amon.sys

[2008-12-08 16:17:30 | 00,015,424 | ---- | M] () -- C:\WINDOWS\System32\drivers\nod32drv.sys

[2008-12-07 13:25:30 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2008-12-07 13:22:44 | 00,444,034 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat

[2008-12-07 13:22:44 | 00,441,958 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2008-12-07 13:22:44 | 00,083,496 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat

[2008-12-07 13:22:44 | 00,071,642 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2008-12-07 12:19:49 | 00,000,344 | ---- | M] () -- C:\Documents and Settings\HP_Ägaren\Skrivbord\dump.rtf

[2008-12-05 13:39:41 | 01,661,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2008-12-05 09:28:28 | 00,000,628 | ---- | M] () -- C:\Documents and Settings\HP_Ägaren\Skrivbord\DiskCheckup.lnk

[2008-12-05 03:21:12 | 00,000,760 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Smart Defrag.lnk

[2008-12-05 01:05:04 | 00,000,749 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Ad-Aware.lnk

[2008-12-04 23:30:52 | 00,001,492 | ---- | M] () -- C:\Documents and Settings\HP_Ägaren\Skrivbord\CCleaner.lnk

[2008-12-04 23:12:57 | 00,000,873 | ---- | M] () -- C:\Documents and Settings\HP_Ägaren\Skrivbord\Revo Uninstaller.lnk

[2008-12-04 23:09:42 | 00,000,120 | ---- | M] () -- C:\WINDOWS\CIS_Setup_3.5.55810.432_XP_Vista_x32[1].INI

[2008-12-03 17:42:55 | 00,236,544 | ---- | M] () -- C:\Documents and Settings\HP_Ägaren\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008-12-02 12:43:09 | 00,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2008-11-28 19:45:00 | 00,000,256 | ---- | M] () -- C:\WINDOWS\tasks\BackOnTrack - påminnelse om återställningspunkt.job

[2008-11-20 15:13:19 | 00,146,944 | -HS- | M] () -- C:\Documents and Settings\HP_Ägaren\Skrivbord\Thumbs.db

@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\HP_Ägaren\Skrivbord\Thumbs.db:encryptable

[2008-11-12 15:35:57 | 01,084,204 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

< End of report >

[/log]

 

Btw, du anar inte hur tacksam jag är för hjälpen! :)

 

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Det var bara en ofarlig rest som syntes i HijackThis-loggen, efter en tidigare infektion. Skanna med HijackThis och bocka för:

O4 - HKCU\..\Policies\Explorer\Run: [NTSpool] NTSpool.exe

Avsluta alla andra program.

Tryck Fix checked.

 

Finns det fler användarkonton på datorn?

 

Det är flera gamla Java-versioner med många säkerhetshål i datorn. Jag rekommenderar dig att installera en ny från http://www.java.com/sv/ och därefter avinstallera alla Java/J2SE utom den senaste i Kontrollpanelen - Lägg till eller ta bort program (inga webbläsare igång).

 

Har du kört Norton Removal? För det var en del Symantec-registerposter kvar enligt loggen.

http://service1.symantec.com/Support/tsgeninfo.nsf/docid/2005033108162039

 

Från datorns loggbok:

Error - 2008-12-09 14:54:14 | Computer Name = GRDIC | Source = Disk | ID = 262151

Description = Det finns ett felaktigt block på enhet \Device\Harddisk0\D.

Det kan vara problem med hårddisken. Se till att ha alla viktiga filer är säkerhetskopierade. Testa hårddisken med det testprogram som tillverkaren av den har på sin webbplats. Om du inte vet vilken tillverkare det är av hårddisken så kan man ofta få fram det genom att titta i Enhetshanteraren (högerklick på Den här datorn - Hantera), där brukar det stå åtminstone ett artikelnummer för hårddisken som man kan googla på för att få fram tillverkaren.

 

Det är oftare lättare att gå via sidan http://www.tacktech.com/display.cfm?ttid=287 för att hitta testprogrammet än att leta på tillverkarens webbplats.

 

Länk till kommentar
Dela på andra webbplatser
Grdic

Grdic

Postad
  • Trådskapare
Postad
Det var bara en ofarlig rest som syntes i HijackThis-loggen, efter en tidigare infektion. Skanna med HijackThis och bocka för:

O4 - HKCU\..\Policies\Explorer\Run: [NTSpool] NTSpool.exe

Avsluta alla andra program.

Tryck Fix checked.

 

Genomfört utan problem.

 

Finns det fler användarkonton på datorn?

 

Nej, men jag har haft det tidigare. Jag tog bort det andra användarkontot igår (läs i söndags).

 

Det är flera gamla Java-versioner med många säkerhetshål i datorn. Jag rekommenderar dig att installera en ny från http://www.java.com/sv/ och därefter avinstallera alla Java/J2SE utom den senaste i Kontrollpanelen - Lägg till eller ta bort program (inga webbläsare igång).

 

Genomfört utan problem.

 

Har du kört Norton Removal? För det var en del Symantec-registerposter kvar enligt loggen.

 

Jag körde den när jag tog bort Norton, men jag gjorde som du sa och körde den en gång till. Fungerade antagligen inte fullständigt första gången jag körde den.

 

Det kan vara problem med hårddisken. Se till att ha alla viktiga filer är säkerhetskopierade. Testa hårddisken med det testprogram som tillverkaren av den har på sin webbplats.

 

Jag hittade följande verktyg till min Fujitsu hårddisk;

FUJITSU HDD Diagnostic Tool for Windows

Version 1.12.0.0

från http://www.fel.fujitsu.com/home/drivers.asp

 

Efter testet fick jag följande resultat;

"Some bad sectors were detected. It is possible to convert the bad sectors to usable sectors, but the original data in the bad sectors will be lost. Do you wish to proceed?"

 

Det verkar ju som du sa att det är nåt problem med hårddisken. Ska jag låta programmet fixa det?

Isf, vilken data riskerar jag att förlora och hur gör jag bäst för att säkerhetskopiera?

 

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad
Det verkar ju som du sa att det är nåt problem med hårddisken. Ska jag låta programmet fixa det?
Det spelar inte någon roll, du behöver byta ut hårddisken.

 

Isf, vilken data riskerar jag att förlora och hur gör jag bäst för att säkerhetskopiera?
Det beror ju helt på vilka filer som ligger där de dåliga sektorerna finns resp. t ex bränna ut på DVD.

 

Länk till kommentar
Dela på andra webbplatser
Grdic

Grdic

Postad
  • Trådskapare
Postad

Ok, det var tråkigt att höra då jag precis köpt loss datorn efter att ha "hyrt" den från företaget i tre år :)

 

Men jag har ändå några frågor;

 

Så det finns inget jag kan göra för att snabba upp datorn förutom att byta ut hårddisken? Inte ens en aning snabbare?

 

Vad innebär det egentligen att jag har problem med hårddisken, dvs "bad sectors", och hur uppstår det?

 

Hur kommer det sig att jag inte upplever datorns seghet väl inne i Windows, utan mest när jag startar datorn?

 

Du som har koll på mina loggar och förstår dem, finns det något annat skräp som jag kan ta bort eller problem som jag kan åtgärda? :)

 

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Det var ju tråkigt att det inträffar just nu då.

 

En sektor är en liten bit på hårddisken och att den blivit dålig betyder att den inte fungerar som den ska längre och det finns säkert många orsaker till att sektorer blir dåliga. Men tyvärr så är det ofta så att när väl en sektor har blivit dålig så blir snart fler dåliga. Just nu så kan det vara så att det ligger uppstartsfiler på de dåliga sektorerna och då får Windows läsa dem många gånger innan den lyckas, men rätt som det är så kommer Windows troligen att misslyckas med läsningarna och då kommer inte Windows att starta längre. Nästa dåliga sektor kan bli där du har någon viktig fil och då kan du förlora den filen.

 

Tycker du att det fortfarande är intressant att diskutera andra sätt att snabba upp datorn?

 

Länk till kommentar
Dela på andra webbplatser
Grdic

Grdic

Postad
  • Trådskapare
Postad

Ok, jag förstår...

 

Tanken är att jag ska skaffa en ny laptop snart, men ha kvar denna som en "stationär" dator i hemmet.

 

Medan jag väntade på ditt svar gick jag in på pricerunner för att få en uppfattning om de olika hårddiskar som finns på marknaden.

Givetvis så finns det en mängd variabler att välja utifrån. Vad måste jag tänka på för att den ska vara kompatibel med just min dator?

 

Kan jag testa övrig hårdvara i datorn också, processor, moderkort etc? Det känns som att det kan vara värt att byta hårddisk om datorn i övrigt är relativt funkis, men om det är mycket strul i övrigt kanske man ska ge upp hoppet? :)

 

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Det måste vara rätt sorts anslutning av hårddisken. Det finns två typer av anslutning PATA och SATA, där PATA ibland kallas IDE. En PATA-kabel är en ca 5 cm bred flatkabel, medan en SATA-kabel är 1-2 cm bred. Du får titta i datorn och se vad för sorts kabel det är till hårddisken. Någon annan begränsning kan jag inte komma på.

 

Testa RAM-minnet med ett minnestestprogram, t ex Memtest86:

http://www.memtest.org/

 

Titta efter hur kondensatorerna på moderkortet ser ut. De ser ut som små torn och ska vara platta och rena upptill och det ska inte ha läckt något nertill. Du kan se bilder på dåliga kondensatorer på http://www.badcaps.net/ och http://www.badcaps.net/pages.php?vid=5

 

Några testprogram för processor och moderkort känner jag inte till. Det är ovanligt att processorer går sönder och när de gör det så är det plötsligt och inget som man kan testa för i förväg.

 

Länk till kommentar
Dela på andra webbplatser
Grdic

Grdic

Postad
  • Trådskapare
Postad

Byta hårddisk är ett projekt i sig så jag får nog nöja mig med att köra som det är året ut här...får säkerhetskopiera allt annat så länge, tills jag tar tag i det.

 

Tack för hjälpen och alla tips. Jag har lärt mig en hel del faktiskt! :thumbsup:

 

Du är värd alla poäng du kan få Cecilia, det är det minsta jag (och alla andra i nöd) kan göra för dig! =)

 

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad
Jag har lärt mig en hel del faktiskt!
Det var roligt att höra! :thumbsup:

 

Tack så mycket för alla poäng! :) :)

 

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

Gå till ämneslista


×
×
  • Skapa nytt...