Kan inte starta internet explorer 7 - iexplore.exe kan inte hittas

11 februari, 2009

Hej

Läste inlägget "“Trojan/virus som gör att det inte går att starta Internet explorer?” och det verkar som jag har råkat ut för samma sak Jag kan inte starta IE. Jag har avinstallerat IE7 och xp service pack 3. Provade att ominstallera IE7 men det blev inte bättre. Cecilia hjälpte till här, så duktig! Jag får samma fel som Rob fick, när jag försöker starta IE får jag ett felmeddelande om att iexplore.exe inte finns när den ligger där under c:/program/internet explorer/iexplore.exe. Skulle du kunna hjälpa mig också? Kör just nu med firefox men jag måste ha internet explorer för att kunna koppla upp mig i jobbet. Jag har Windows XP.

Tacksam för all hjälp.

11 februari, 2009

Är det den här tråden du tänker på?

//eforum.idg.se/viewmsg.asp?EntriesId=1112705

Vi kan se vad HijackThis visar till att börja med. Ladda ner från en av länkarna:

http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html

Installera, starta och välj "Do a system scan and save a logfile", kopiera loggen som kommer upp (inget annat) och bifoga den till ditt svar.

I ditt svar bifogar du en logg på detta sätt:

Tryck på LOG-knappen i Besvara-fönstret

Klistra in loggen

Tryck igen på LOG-knappen nappen i Besvara-fönstret

Ladda ner Malwarebytes Anti-Malware (MBAM) från en av dessa länkar:

http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

http://projects.securitywonks.net/projects/details.php?file=158

Dubbelklicka på mbam-setup för att installera programmet.

[log]Se till i slutet av installationen att det är bockar för:

Uppdatera Malwarebytes' Anti-Malware

Starta Malwarebytes' Anti-Malware

Tryck på Slutför

Om det finns någon uppdatering så kommer den att laddas ner och installeras.

När programmet startar så välj "Utför snabb skanning" och tryck på Skanna.

Skanningen tar ett tag.

När den är klar så tryck på OK och sedan "Visa resultat".

Bocka för allt och tryck sedan Ta bort markerade.

När borttagningen är klar så öppnar Anteckningar med en logg.

Eventuellt så kommer det upp en begäran om att starta om datorn (Restart). I så fall gör det.

Om det blir ett felmeddelande Error loading... efter omstarten så starta om datorn än en gång.

Om programmet inte kommer igång efter omstarten så starta det.

Om loggen inte kommer upp själv i Anteckningar så hittar du loggen på fliken Loggar i MBAM.

Kopiera loggen och klistra in den i ditt svar. [/log]

11 februari, 2009

Härligt att du vill hjälpa mig, TACK!

Här kommer loggen.

[log]

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:17:02, on 2009-02-11

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Intel\Wireless\Bin\EvtEng.exe

C:\Program\Intel\Wireless\Bin\S24EvMon.exe

C:\Program\Intel\Wireless\Bin\WLKeeper.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program\GLOCAL~1\backweb\1334833\Program\SERVIC~1.EXE

C:\Program\Bonjour\mDNSResponder.exe

C:\Program\Glocalnet Säkerhetspaket\Anti-Virus\fsgk32st.exe

C:\Program\Glocalnet Säkerhetspaket\backweb\1334833\program\fsbwsys.exe

C:\Program\Glocalnet Säkerhetspaket\Anti-Virus\FSGK32.EXE

C:\Program\Glocalnet Säkerhetspaket\Common\FSMA32.EXE

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\Glocalnet Säkerhetspaket\Anti-Virus\fssm32.exe

C:\Program\Glocalnet Säkerhetspaket\Common\FSMB32.EXE

C:\Program\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

C:\Program\Intel\Wireless\Bin\RegSrvc.exe

C:\Program\Photodex\ProShowProducer\ScsiAccess.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Delade filer\Ulead Systems\DVD\ULCDRSvr.exe

C:\Program\Glocalnet Säkerhetspaket\Common\FCH32.EXE

C:\Program\Canon\CAL\CALMAIN.exe

C:\Program\Glocalnet Säkerhetspaket\Common\FAMEH32.EXE

C:\Program\Glocalnet Säkerhetspaket\Anti-Virus\fsqh.exe

C:\Program\Glocalnet Säkerhetspaket\Anti-Virus\fsrw.exe

C:\Program\Glocalnet Säkerhetspaket\FWES\Program\fsdfwd.exe

C:\Program\Glocalnet Säkerhetspaket\Anti-Virus\fsav32.exe

C:\Program\Intel\Wireless\Bin\ZcfgSvc.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Intel\Wireless\Bin\1XConfig.exe

C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program\Dell\QuickSet\quickset.exe

C:\Program\Apoint\Apoint.exe

C:\Program\Dell\Media Experience\DMXLauncher.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program\Apoint\Apntex.exe

C:\Program\Delade filer\InstallShield\UpdateService\issch.exe

C:\Program\Glocalnet Säkerhetspaket\Common\FSM32.EXE

C:\Program\Glocalnet Säkerhetspaket\FSGUI\ispnews.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program\CyberLink\PowerDVD\PDVDServ.exe

C:\Program\QuickTime\QTTask.exe

C:\Program\iTunes\iTunesHelper.exe

C:\Program\Java\jre6\bin\jusched.exe

C:\Program\GLOCAL~1\ANTI-S~1\fsaw.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Program\Personal\bin\Personal.exe

C:\Program\Digital Line Detect\DLG.exe

C:\Program\Glocalnet Säkerhetspaket\backweb\1334833\Program\fspex.exe

C:\Program\Pantone\huey\hueyTray.exe

C:\Program\Glocalnet Säkerhetspaket\FSGUI\fsguidll.exe

C:\Program\3\3Connect\AutoUpdateSrv.exe

C:\Program\iPod\bin\iPodService.exe

C:\Program\3\3Connect\Wilog.exe

C:\Program\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.skandiabanken.se/hem/templates/pages/StartPage____1579.aspx

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.euro.dell.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: D - {1FA8449B-1E32-36DB-80D6-91F409484614} - C:\WINDOWS\system32\wrq91371.dll (file missing)

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar5.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: AlxTB BHO - {F1FABE79-25FC-46de-8C5A-2C6DB9D64333} - C:\WINDOWS\system32\AlxTB1.dll (file missing)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar5.dll

O4 - HKLM\..\Run: [ATIPTA] "C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe"

O4 - HKLM\..\Run: [intelWireless] C:\Program\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [Dell QuickSet] C:\Program\Dell\QuickSet\quickset.exe

O4 - HKLM\..\Run: [Apoint] C:\Program\Apoint\Apoint.exe

O4 - HKLM\..\Run: [DMXLauncher] C:\Program\Dell\Media Experience\DMXLauncher.exe

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [iSUSPM Startup] C:\Program\DELADE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\Glocalnet Säkerhetspaket\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program\Glocalnet Säkerhetspaket\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program\Glocalnet Säkerhetspaket\FSGUI\FSSW.EXE" /reboot

O4 - HKLM\..\Run: [News Service] "C:\Program\Glocalnet Säkerhetspaket\FSGUI\ispnews.exe"

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [RemoteControl] C:\Program\CyberLink\PowerDVD\PDVDServ.exe

O4 - HKLM\..\Run: [DriveCleaner 2006 Free] "C:\Program\DriveCleaner 2006 Free\UDC2006.exe" /min

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe

O4 - Global Startup: Digital Line Detect.lnk = ?

O4 - Global Startup: Glocalnet Säkerhetspaket.lnk = ?

O4 - Global Startup: hueyTray.lnk = C:\Program\Pantone\huey\hueyTray.exe

O4 - Global Startup: Uppdateringsagent.lnk = ?

O8 - Extra context menu item: &Blockera detta popup-fönster - C:\Program\Glocalnet Säkerhetspaket\Anti-Spyware\blockpopups.htm

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O9 - Extra button: IE-sköld - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\Glocalnet Säkerhetspaket\Anti-Spyware\ieshield.dll

O9 - Extra 'Tools' menuitem: IE-sköld... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\Glocalnet Säkerhetspaket\Anti-Spyware\ieshield.dll

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing)

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe (file missing)

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O15 - Trusted Zone: www.fujidirekt.se

O16 - DPF: {0F2F3121-75E2-4C60-9977-C1ADC3D5F3DC} (IFIUploader Control) - http://web03.ifi.fi/PhotoProducts/ActiveX/IfiUploader.cab

O16 - DPF: {230C3D02-DA27-11D2-8612-00A0C93EEA3C} (SAXFile FileUpload ActiveX Control) - http://www.fujicolordigital.se/SAXFile/saxfile.cab

O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} (F5 Networks CacheCleaner) - https://ras.infodata.se/vdesk/cachecleaner.cab#version=6010,2007,0223,0315

O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} (F5 Networks VPN Manager) - https://ras.infodata.se/vdesk/terminal/urxvpn.cab#version=6010,2007,0223,0327

O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - https://ras.infodata.se/vdesk/terminal/InstallerControl.cab

O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.se/s/v/29.36/uploader2.cab

O16 - DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} (F5 Networks Policy Agent Host Class) - https://ras.infodata.se/vdesk/terminal/f5InspectionHost.cab#version=6010,2007,0223,0317

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab

O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} (F5 Networks SSLTunnel) - https://ras.infodata.se/vdesk/terminal/urTermProxy.cab#version=6010,2007,0223,0314

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.fujidirekt.se/aurigma/ImageUploader3.cab

O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - https://ras.infodata.se/vdesk/terminal/urxshost.cab#version=6010,2007,0223,0320

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {DC6FEBC5-0A2D-458A-A01B-5DB15EEC4305} (IlosoftImageUploadCtl Class) - http://webc.gosiacervin.com/controls/IlosoftImageUpload.dll

O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://ras.infodata.se/vdesk/terminal/urxhost.cab#version=6010,2007,0223,0312

O16 - DPF: {E615C9EA-AD69-4AE9-83C9-9D906A0ACA6D} (F5 Networks OS Policy Agent) - https://ras.infodata.se/policy/download_binary.php/win32/f5syschk.cab#Version=6010,2007,0223,0322

O17 - HKLM\System\CCS\Services\Tcpip\..\{487103D9-73AB-41D2-9FD7-F19DC396A73F}: NameServer = 80.251.201.177 80.251.201.178

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Glocalnet Säkerhetspaket (BackWeb Plug-in - 1334833) - BackWeb Technologies Inc. - C:\Program\GLOCAL~1\backweb\1334833\Program\SERVIC~1.EXE

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program\Canon\CAL\CALMAIN.exe

O23 - Service: EvtEng - Intel Corporation - C:\Program\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program\Glocalnet Säkerhetspaket\Anti-Virus\fsgk32st.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: fsbwsys - F-Secure Corp. - C:\Program\Glocalnet Säkerhetspaket\backweb\1334833\program\fsbwsys.exe

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program\Glocalnet Säkerhetspaket\FWES\Program\fsdfwd.exe

O23 - Service: FSMA - F-Secure Corporation - C:\Program\Glocalnet Säkerhetspaket\Common\FSMA32.EXE

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - c:\program\delade filer\logishrd\lvmvfm\LVPrcSrv.exe (file missing)

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program\Delade filer\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Program\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: ScsiAccess - Unknown owner - C:\Program\Photodex\ProShowProducer\ScsiAccess.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program\Delade filer\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program\Intel\Wireless\Bin\WLKeeper.exe

--

End of file - 14811 bytes

[/log]

11 februari, 2009

och här kommer loggfilen från Malware:

[log]

Malwarebytes' Anti-Malware 1.34

Databasversion: 1749

Windows 5.1.2600 Service Pack 2

2009-02-11 20:26:56

mbam-log-2009-02-11 (20-26-56).txt

Skanningstyp: Snabb skanning

Antal skannade objekt: 76333

Förfluten tid: 8 minute(s), 10 second(s)

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 2

Infekterade registervärden: 0

Infekterade registerdataposter: 0

Infekterade mappar: 1

Infekterade filer: 2

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

Infekterade registernycklar:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1fa8449b-1e32-36db-80d6-91f409484614} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{1fa8449b-1e32-36db-80d6-91f409484614} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

Infekterade registervärden:

(Inga illasinnade poster hittades)

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

Infekterade mappar:

C:\Program\DriveCleaner 2006 Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.

Infekterade filer:

C:\Program\DriveCleaner 2006 Free\InstHelp.exe.bak (Rogue.DriveCleaner) -> Quarantined and deleted successfully.

C:\Program\KB36521.exe (Trojan.Agent) -> Quarantined and deleted successfully.

[/log]

11 februari, 2009

Har du USB-modem? Programmet ComboFix vore det bästa men det har rapporteras att uppkopplingen via USB-modem inte fungerar sedan utan att det har installerats om.

Ladda ner Gmer till Skrivbordet från en av dessa sidor:

http://www.majorgeeks.com/GMER_d5198.html

Packa upp filen till Skrivbordet.

http://www.gmer.net/files.php välj Gmer application

Stäng alla program.

Starta programmet gmer.exe.

Välj fliken rootkit, kontrollera att allt är förbockat till höger utom Show All. Tryck på Scan. Låt datorn stå ifred medan Gmer håller på.

Tryck på Copy och klistra sedan in resultatet i ditt svar.

[log]Ladda ner OTViewIt till Skrivbordet:

http://oldtimer.geekstogo.com/OTViewIt.exe

Stäng alla program.

Kör OTViewIt (i Vista högerklicka och Kör som administratör).

Bocka för Scan all Users.

Låt andra bockar vara.

Välj 30 dagar för File Age om det inte redan är valt.

Tryck på Run Scan och låt programmet köra ostört.

När det är klart så skapas två loggfiler på Skrivbordet, OTViewIt.txt och Extras.txt, klistra in båda två i ditt svar (kom ihåg LOG-knappen).[/log]

12 februari, 2009

Vi har ett Huawei E220 Turbo 3G USM modem. Ska jag hoppa över installationen av ComboFix och köra Gmer istället?

12 februari, 2009

Vi kan försöka med Gmer och OTViewIt, men om det inte går, har du då möjlighet att installera om modemet?

12 februari, 2009

Här kommer Gmer resultatet:

[log]

GMER 1.0.14.14536 - http://www.gmer.net

Rootkit scan 2009-02-12 21:22:50

Windows 5.1.2600 Service Pack 2

---- System - GMER 1.0.14 ----

SSDT sphi.sys ZwCreateKey [0xF72DB0E0]

SSDT \WINDOWS\System32\drivers\fsndis5.sys (F-Secure Network Interceptor/F-Secure Corporation) ZwCreateProcess [0xF753D67C]

SSDT \WINDOWS\System32\drivers\fsndis5.sys (F-Secure Network Interceptor/F-Secure Corporation) ZwCreateProcessEx [0xF753D710]

SSDT \WINDOWS\System32\drivers\fsndis5.sys (F-Secure Network Interceptor/F-Secure Corporation) ZwCreateSection [0xF753D0C0]

SSDT \WINDOWS\System32\drivers\fsndis5.sys (F-Secure Network Interceptor/F-Secure Corporation) ZwCreateThread [0xF753CF76]

SSDT sphi.sys ZwEnumerateKey [0xF72F9CA2]

SSDT sphi.sys ZwEnumerateValueKey [0xF72FA030]

SSDT sphi.sys ZwOpenKey [0xF72DB0C0]

SSDT sphi.sys ZwQueryKey [0xF72FA108]

SSDT sphi.sys ZwQueryValueKey [0xF72F9F88]

SSDT sphi.sys ZwSetValueKey [0xF72FA19A]

SSDT \WINDOWS\System32\drivers\fsndis5.sys (F-Secure Network Interceptor/F-Secure Corporation) ZwWriteVirtualMemory [0xF753CFF6]

INT 0x62 ? 871DABF8

INT 0x63 ? 8682BBF8

INT 0x82 ? 871DABF8

INT 0x83 ? 8682BBF8

INT 0xB4 ? 8682BBF8

Code \WINDOWS\System32\drivers\fsndis5.sys (F-Secure Network Interceptor/F-Secure Corporation) IoCreateDevice

---- Kernel code sections - GMER 1.0.14 ----

? sphi.sys Det går inte att hitta filen. !

? C:\WINDOWS\system32\drivers\sonyhcb.sys Åtkomst nekad.

.text USBPORT.SYS!DllUnload F671062C 5 Bytes JMP 8682B1D8

---- User code sections - GMER 1.0.14 ----

.text C:\Program\Windows Live\Messenger\MsnMsgr.Exe[1772] kernel32.dll!SetUnhandledExceptionFilter 7C84467D 5 Bytes JMP 0056DBBD C:\Program\Windows Live\Messenger\MsnMsgr.Exe (Windows Live Messenger/Microsoft Corporation)

---- Kernel IAT/EAT - GMER 1.0.14 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F72DC040] sphi.sys

IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F72DC13C] sphi.sys

IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F72DC0BE] sphi.sys

IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F72DC7FC] sphi.sys

IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F72DC6D2] sphi.sys

IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F72EC048] sphi.sys

---- Devices - GMER 1.0.14 ----

Device \FileSystem\Ntfs \Ntfs 871D91F8

AttachedDevice \FileSystem\Ntfs \Ntfs FSfilter.sys

AttachedDevice \FileSystem\Ntfs \Ntfs FSrec.sys

Device \Driver\BTHUSB \Device\0000009b bthport.sys (Bluetooth-bussdrivrutin/Microsoft Corporation)

Device \Driver\Tcpip \Device\Ip fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)

AttachedDevice \Driver\Tcpip \Device\Ip mdvrmng.sys

Device \Driver\BTHUSB \Device\0000009d bthport.sys (Bluetooth-bussdrivrutin/Microsoft Corporation)

Device \Driver\usbuhci \Device\USBPDO-0 8682A1F8

Device \Driver\usbuhci \Device\USBPDO-1 8682A1F8

Device \Driver\dmio \Device\DmControl\DmIoDaemon 8716D1F8

Device \Driver\dmio \Device\DmControl\DmConfig 8716D1F8

Device \Driver\dmio \Device\DmControl\DmPnP 8716D1F8

Device \Driver\dmio \Device\DmControl\DmInfo 8716D1F8

Device \Driver\usbuhci \Device\USBPDO-2 8682A1F8

Device \Driver\usbuhci \Device\USBPDO-3 8682A1F8

Device \Driver\usbehci \Device\USBPDO-4 867FD1F8

Device \Driver\Tcpip \Device\Tcp fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)

AttachedDevice \Driver\Tcpip \Device\Tcp mdvrmng.sys

Device \Driver\Ftdisk \Device\HarddiskVolume1 871DB1F8

Device \Driver\Ftdisk \Device\HarddiskVolume2 871DB1F8

Device \Driver\Cdrom \Device\CdRom0 867D11F8

Device \Driver\NetBT \Device\NetBT_Tcpip_{66D1BD7F-D1A0-4FA3-AEBC-F86168B7C9BA} 86726500

Device \Driver\Cdrom \Device\CdRom1 867D11F8

Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 871DA1F8

Device \Driver\atapi \Device\Ide\IdePort0 871DA1F8

Device \Driver\atapi \Device\Ide\IdePort1 871DA1F8

Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e 871DA1F8

Device \Driver\Ftdisk \Device\HarddiskVolume3 871DB1F8

Device \Driver\NetBT \Device\NetBt_Wins_Export 86726500

Device \Driver\NetBT \Device\NetbiosSmb 86726500

Device \Driver\USBSTOR \Device\00000095 866E6500

Device \Driver\Tcpip \Device\Udp fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)

AttachedDevice \Driver\Tcpip \Device\Udp mdvrmng.sys

Device \Driver\USBSTOR \Device\00000096 866E6500

Device \Driver\Tcpip \Device\RawIp fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)

AttachedDevice \Driver\Tcpip \Device\RawIp mdvrmng.sys

Device \Driver\usbuhci \Device\USBFDO-0 8682A1F8

Device \Driver\NetBT \Device\NetBT_Tcpip_{03030339-AB96-4CE3-92E3-EA5271D2D76A} 86726500

Device \Driver\usbuhci \Device\USBFDO-1 8682A1F8

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 86724500

Device \Driver\Tcpip \Device\IPMULTICAST fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)

Device \Driver\usbuhci \Device\USBFDO-2 8682A1F8

Device \FileSystem\MRxSmb \Device\LanmanRedirector 86724500

Device \Driver\usbuhci \Device\USBFDO-3 8682A1F8

Device \Driver\NetBT \Device\NetBT_Tcpip_{F6B9D451-FFAB-4CAF-B122-3AB51AC75212} 86726500

Device \Driver\usbehci \Device\USBFDO-4 867FD1F8

Device \Driver\Ftdisk \Device\FtControl 871DB1F8

Device \FileSystem\Fastfat \Fat 85189500

Device \FileSystem\Fastfat \Fat EF1421F9

AttachedDevice \FileSystem\Fastfat \Fat FSfilter.sys

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

Device \FileSystem\Cdfs \Cdfs 86700500

Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- Registry - GMER 1.0.14 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0010c6db9eb9

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0010c6db9eb9@001c9a1f1b83 0x7A 0x8E 0x09 0xCA ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xCF 0x05 0xA4 0x59 ...

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xCF 0x05 0xA4 0x59 ...

Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0010c6db9eb9

Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0010c6db9eb9@001c9a1f1b83 0x7A 0x8E 0x09 0xCA ...

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xCF 0x05 0xA4 0x59 ...

Reg HKLM\SOFTWARE\Classes\CLSID\{087F3405-C50C-733B-1D4C-B82680176732}\InProcServer32@ %SystemRoot%\system32\mshtml.dll

Reg HKLM\SOFTWARE\Classes\CLSID\{087F3405-C50C-733B-1D4C-B82680176732}\InProcServer32@ThreadingModel Apartment

---- EOF - GMER 1.0.14 ----

[/log]

12 februari, 2009

Här kommer Extras.txt filen:

[log]

OTViewIt Extras logfile created on: 2009-02-12 21:27:03 - Run

OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Johanna\Skrivbord

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

1023,40 Mb Total Physical Memory | 465,33 Mb Available Physical Memory | 45,47% Memory free

2,40 Gb Paging File | 1,93 Gb Available in Paging File | 80,17% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 90,06 Gb Total Space | 35,61 Gb Free Space | 39,54% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

Drive E: | 13,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: D49JTZ1J

Current User Name: Johanna

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

"MaxScriptStatements"=

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled"=1

"AntiVirusDisableNotify"=0

"FirewallDisableNotify"=0

"UpdatesDisableNotify"=0

"AntiVirusOverride"=0

"FirewallOverride"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

"EnableFirewall"=0

"DoNotAllowExceptions"=0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[2004-08-04 13:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[2007-02-19 17:30:16 | 00,032,807 | ---- | M] (BackWeb Technologies Inc. ) -- C:\Program\Glocalnet Säkerhetspaket\backweb\1334833\Program\fspex.exe:*:Enabled:Glocalnet Säkerhetspaket

[2006-10-10 13:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[2007-10-18 10:35:08 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[2007-10-02 16:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

[2004-08-04 13:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

File not found -- D:\Program\SpeedTouch\SetupST.exe:*:Enabled:SpeedTouch Setup Wizard

File not found -- C:\Program\B2BPOKER\Unibet Poker\jre\bin\javaw.exe:*:Enabled:javaw

File not found -- C:\Program\B2BPOKER\MartinsPoker\jre\bin\javaw.exe:*:Enabled:javaw

File not found -- C:\Program\B2BPOKER\Poker Dandy\jre\bin\javaw.exe:*:Enabled:javaw

[2004-10-13 17:24:37 | 01,694,208 | -HS- | M] (Microsoft Corporation) -- C:\Program\Messenger\msmsgs.exe:*:Enabled:Windows Messenger

[2008-11-20 13:20:48 | 14,294,824 | ---- | M] (Apple Inc.) -- C:\Program\iTunes\iTunes.exe:*:Enabled:iTunes

[2007-02-19 17:30:16 | 00,032,807 | ---- | M] (BackWeb Technologies Inc. ) -- C:\Program\Glocalnet Säkerhetspaket\backweb\1334833\Program\fspex.exe:*:Enabled:Glocalnet Säkerhetspaket

[2006-10-10 13:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour

[2007-10-18 10:35:08 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[2007-10-02 16:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[2007-02-05 17:35:20 | 25,370,152 | ---- | M] (Skype Technologies S.A.) -- C:\Program\Skype\Phone\Skype.exe:*:Enabled:Skype

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]

NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -- C:\Program\Bonjour\mdnsNSP.dll (Apple Inc.)

NameSpace_Catalog5\Catalog_Entries\000000000005 [bluetooth-namnområde] -- C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

ipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2002-05-23 21:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\msdaipp.dll ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - Microsoft OLE DB Moniker Binder for Internet Publishing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2007-10-18 10:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

msdaipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2002-05-23 21:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\msdaipp.dll msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - Microsoft OLE DB Moniker Binder for Internet Publishing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2002-05-23 21:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\msdaipp.dll msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2007-10-18 10:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation) C:\Program\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2007-01-12 12:50:48 | 01,828,440 | R--- | M] (Skype Technologies) C:\Program\Delade filer\Skype\Skype4COM.dll (skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} (HKLM) [iEProtocolHandler Class])

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}"=Adobe Color NA Recommended Settings CS4

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}"=Adobe Update Manager CS4

"{054EFA56-2AC1-48F4-A883-0AB89874B972}"=Adobe Extension Manager CS4

"{068502DA-6979-4D9A-BBE1-C3AD0FF11F19}"=Ulead DVD MovieFactory 3 SE

"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}"=mSSO

"{07287123-B8AC-41CE-8346-3D777245C35B}"=Bonjour

"{075473F5-846A-448B-BCB3-104AA1760205}"=Sonic RecordNow Data

"{098727E1-775A-4450-B573-3F441F1CA243}"=kuler

"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}"=ATI Control Panel

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}"=Adobe Color JA Extra Settings CS4

"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}"=Adobe Setup

"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}"=mLogView

"{0F723FC1-7606-4867-866C-CE80AD292DAF}"=Adobe CSI CS4

"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}"=Sonic DLA

"{13413C6C-C640-40B8-917E-CA3062826B18}"=PIXELA ImageMixer

"{1618734A-3957-4ADD-8199-F973763109A8}"=Adobe Anchor Service CS4

"{16E16F01-2E2D-4248-A42F-76261C147B6C}"=Adobe Drive CS4

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}"=AdobeColorCommonSetRGB

"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}"=Adobe AIR

"{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}"=PC Connectivity Solution

"{1F528948-0E80-4C96-B455-DE4167CB1DF7}"=Internal Network Card Power Management

"{20503DFE-E5B2-491E-B2C5-8BCB5BF5B9E9}"=Windows Live Messenger

"{212748BB-0DA5-46DE-82A1-403736DC9F27}"=MSVC80_x86

"{21657574-BD54-48A2-9450-EB03B2C7FC29}"=Sonic MyDVD LE

"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}"=InterVideo FilterSDK for Hauppauge

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=Google Toolbar for Internet Explorer

"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}"=mProSafe

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java 6 Update 11

"{2A0A6470-FD0F-4F45-9B11-85F3167DB943}"=Nokia Flashing Cable Driver

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}"=Sonic Update Manager

"{30BB4D60-81DB-11D5-BB77-00400536ABAC}"=OLYMPUS CAMEDIA Master 4.1

"{318AB667-3230-41B5-A617-CB3BF748D371}"=iTunes

"{350C941d-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP

"{35725FBC-A136-4A46-9F29-091759D9BB93}"=MVision

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}"=PDF Settings CS4

"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}"=Adobe Media Player

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}"=Adobe XMP Panels CS4

"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}"=Adobe Color - Photoshop Specific CS4

"{3D5782A9-E8E0-4F25-BD76-0CC94E209F66}"=Samsung PC Studio

"{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}"=Skype Plugin Manager

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}"=Adobe WinSoft Linguistics Plugin

"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}"=mIWA

"{3F92ABBB-6BBF-11D5-B229-002078017FBF}"=NetWaiting

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}"=Adobe Service Manager Extension

"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}"=mHlpDell

"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}"=Adobe Color EU Extra Settings CS4

"{59D98250-CFEB-4A0B-A737-FC7CADE27852}"=CuteFTP 7 Home

"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}"=Adobe Color Video Profiles CS CS4

"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}"=Adobe Photoshop CS4 Support

"{64A77F14-0E08-4A97-A859-E93CFF428756}"=Broadcom Management Programs 2

"{67F0E67A-8E93-4C2C-B29D-47C48262738A}"=Adobe Device Central CS4

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}"=PowerDVD

"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}"=AdobeColorCommonSetCMYK

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update

"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}"=mCore

"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}"=mIWCA

"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}"=Microsoft .NET Framework 2.0

"{7148F0A8-6813-11D6-A77B-00B0D0142030}"=Java 2 Runtime Environment, SE v1.4.2_03

"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable

"{74F7662C-B1DB-489E-A8AC-07A06B24978B}"=Dell System Restore

"{7F142D56-3326-11D5-B229-002078017FBF}"=Modem Helper

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}"=Adobe Type Support CS4

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}"=Adobe Bridge CS4

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}"=Suite Shared Configuration CS4

"{87441A59-5E64-4096-A170-14EFE67200C3}"=Picture Control Utility

"{8AC049F7-1383-45C3-9E7D-F93CA667F9E1}"=UMVPLStandalone

"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}"=mPfMgr

"{90B0D222-8C21-4B35-9262-53B042F18AF9}"=mPfWiz

"{924EB80F-C2BB-4B9F-8412-88BBA937393F}"=MobileMe Control Panel

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}"=Adobe Linguistics CS4

"{94658027-9F16-4509-BBD7-A59FE57C3023}"=mZConfig

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}"=Adobe CMaps CS4

"{987AE1EA-9AF0-484D-A0F9-11A2E0EB4AA0}"=OpenOffice.org 2.0

"{992A2DB1-4ABC-4738-BD71-045C5FFE00D1}"=Microsoft .NET Framework 1.1 Swedish Language Pack

"{9CC89556-3578-48DD-8408-04E66EBEF401}"=mXML

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}"=ALPS Touch Pad Driver

"{A4B31743-FC57-4DA6-944D-8195A36B344F}"=Microsoft Works 7.0

"{A899DA1F-D626-401C-8651-F2921E3B4CB3}"=3Connect

"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}"=Sonic RecordNow Audio

"{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}"=Dell Media Experience

"{AC76BA86-0000-0000-0000-6028747ADE01}"=Adobe Acrobat - Reader 6.0.2 Update

"{AC76BA86-7AD7-1033-7B44-A00000000001}"=Adobe Reader 6.0.1

"{AF06CAE4-C134-44B1-B699-14FBDB63BD37}"=Dell Picture Studio v3.0

"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}"=Windows Live inloggningsassistenten

"{B12665F4-4E93-4AB4-B7FC-37053B524629}"=Sonic RecordNow Copy

"{B29AD377-CC12-490A-A480-1452337C618D}"=Connect

"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}"=Adobe Photoshop CS4

"{B7A0CE06-068E-11D6-97FD-0050BACBF861}"=PowerProducer

"{B7EF4BD8-CA13-11D5-AE3D-005004B8E30C}"=Digital Photo Navigator 1.5

"{BAA6BD76-9B5A-4ED3-98BE-0127E8F14541}"=Windows Live Photo Gallery

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}"=Adobe Output Module

"{BEF726DD-4037-4214-8C6A-E625C02D2870}"=Logitech Audio Echo Cancellation Component

"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}"=Nokia Connectivity Cable Driver

"{C5074CC4-0E26-4716-A307-960272A90040}"=QuickSet

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}"=Adobe Default Language CS4

"{C6E91710-5BF5-43C5-AB81-C3E488133346}"=Sony Ericsson Drivers

"{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}"=mToolkit

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}"=Photoshop Camera Raw

"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}"=Nikon Message Center

"{E17F76BE-50E9-4E7C-ADF6-6D8F44A9C6F3}"=Windows Live installer

"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}"=Windows Media Encoder 9 Series

"{E4848436-0345-47E2-B648-8B522FCDA623}"=Adobe Photoshop CS4

"{E646DCF0-5A68-11D5-B229-002078017FBF}"=Digital Line Detect

"{E9757890-7EC5-46C8-99AB-B00F07B6525C}"=Nikon Transfer

"{EA516024-D84D-41F1-814F-83175A6188F2}"=Logitech Video Enumerator

"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}"=Apple Mobile Device Support

"{ED5761A3-C109-4E0E-8241-19DB67E66BED}"=CuteFTP 8 Lite

"{EDE721EC-870A-11D8-9D75-000129760D75}"=PowerDirector Express

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}"=Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}"=mMHouse

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}"=Adobe Search for Help

"{F6090A17-0967-4A8A-B3C3-422A1B514D49}"=mDrWiFi

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}"=Adobe ExtendScript Toolkit CS4

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}"=Adobe PDF Library Files CS4

"{F958CA02-BB40-4007-894B-258729456EE4}"=QuickTime

"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}"=mWlsSafe

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}"=Adobe Fonts All

"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F"=Windows-drivrutinspaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)

"Adobe AIR"=Adobe AIR

"Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin

"Adobe SVG Viewer"=Adobe SVG Viewer 3.0

"Adobe_faf656ef605427ee2f42989c3ad31b8"=Adobe Photoshop CS4

"ATI Display Driver"=ATI Display Driver

"BackWeb-1334833 Uninstaller"=Glocalnet Säkerhetspaket

"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD"=Windows-drivrutinspaket - Nokia Modem (05/22/2008 3.8)

"CAL"=Canon Camera Access Library

"CameraWindowDC"=Canon Utilities CameraWindow DC

"CameraWindowDVC5"=Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX

"CameraWindowDVC6"=Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX

"CameraWindowLauncher"=Canon Utilities CameraWindow

"Canon G.726 WMP-Decoder"=Canon G.726 WMP-Decoder

"CANON iMAGE GATEWAY Task"=CANON iMAGE GATEWAY Task for ZoomBrowser EX

"Canon Internet Library for ZoomBrowser EX"=Canon Internet Library for ZoomBrowser EX

"Canon RAW Codec"=Canon RAW Codec

"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1"=Conexant D110 MDC V.9x Modem

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1"=Adobe Media Player

"CSCLIB"=Canon Camera Support Core Library

"DAEMON Tools Toolbar"=DAEMON Tools Toolbar

"EOS Utility"=Canon Utilities EOS Utility

"Hauppauge WinTV2000"=Hauppauge WinTV2000

"Hauppauge WinTV-PVR USB 2 Drivers"=Hauppauge WinTV-PVR USB 2 Drivers

"HijackThis"=HijackThis 2.0.2

"Huawei Modems"=Huawei Modems

"huey 1.0"=huey 1.0

"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs

"ie7"=Windows Internet Explorer 7

"InstallShield_{64A77F14-0E08-4A97-A859-E93CFF428756}"=Broadcom Management Programs 2

"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware

"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1

"Microsoft .NET Framework 2.0"=Microsoft .NET Framework 2.0

"MovieEditTask"=Canon MovieEdit Task for ZoomBrowser EX

"Mozilla Firefox (3.0.6)"=Mozilla Firefox (3.0.6)

"MyCamera"=Canon Utilities MyCamera

"MyCameraDC"=Canon Utilities MyCamera DC

"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs

"Personal"=BankID säkerhetsprogram 4.9.3

"Photodex Presenter"=Photodex Presenter

"PhotoStitch"=Canon Utilities PhotoStitch

"Picasa 3"=Picasa 3

"PolderbitSRecorder"=PolderbitS Sound Recorder and Editor

"ProInst"=Intel® PROSet/Wireless Software

"ProShow Producer"=ProShow Producer

"QcDrv"=Drivrutiner till Logitech® Camera

"RAW Image Task"=Canon RAW Image Task for ZoomBrowser EX

"RemoteCaptureDC"=Canon Utilities RemoteCapture DC

"RemoteCaptureTask"=Canon Utilities RemoteCapture Task for ZoomBrowser EX

"Skype_is1"=Skype 3.0

"Wdf01005"=Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

"WGA"=Windows Genuine Advantage Validation Tool

"WIC"=Windows Imaging Component

"Windows Media Encoder 9"=Windows Media Encoder 9 Series

"Windows Media Format Runtime"=Windows Media Format Runtime

"Windows Media Player"=Windows Media Player 10

"WinRAR archiver"=WinRAR archiver

"VLC media player"=VideoLAN VLC media player 0.8.2

"Vodafone 804SS USB driver"=Vodafone 804SS USB driver Software

"ZoomBrowser EX"=Canon Utilities ZoomBrowser EX

"ZoomBrowser EX Memory Card Utility"=Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"uTorrent"=µTorrent

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4079634897-1812973651-4039670563-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"uTorrent"=µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 2009-02-12 14:14:02 | Computer Name = D49JTZ1J | Source = Userenv | ID = 1041

Description = Det går inte att läsa {7B849a69-220F-451E-B3FE-2CB811AF94AE} från

registerposten DllName Detta kommer inte att läsas in. Problemet beror antagligen

på fel i registret.

Error - 2009-02-12 14:14:02 | Computer Name = D49JTZ1J | Source = Userenv | ID = 1041

Description = Det går inte att läsa {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} från

registerposten DllName Detta kommer inte att läsas in. Problemet beror antagligen

på fel i registret.

Error - 2009-02-12 14:34:39 | Computer Name = D49JTZ1J | Source = Userenv | ID = 1041

Description = Det går inte att läsa {7B849a69-220F-451E-B3FE-2CB811AF94AE} från

registerposten DllName Detta kommer inte att läsas in. Problemet beror antagligen

på fel i registret.

Error - 2009-02-12 14:34:39 | Computer Name = D49JTZ1J | Source = Userenv | ID = 1041

Description = Det går inte att läsa {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} från

registerposten DllName Detta kommer inte att läsas in. Problemet beror antagligen

på fel i registret.

Error - 2009-02-12 15:50:22 | Computer Name = D49JTZ1J | Source = F-Secure Anti-Virus | ID = 103

Description = 1 2009-02-12 20:50:21+02:00 D49JTZ1J D49JTZ1J\Johanna F-Secure

Anti-Virus Malicious code found in file C:\SYSTEM VOLUME INFORMATION\_RESTORE{A2AF58B2-83EB-46DB-8FC8-B6CEAAE16AC0}\RP677\A0121399.DLL.

Infection: Trojan.Win32.Agent.awyk

Error - 2009-02-12 15:53:53 | Computer Name = D49JTZ1J | Source = F-Secure Anti-Virus | ID = 103

Description = 2 2009-02-12 20:53:53+02:00 D49JTZ1J D49JTZ1J\Johanna F-Secure

Anti-Virus Manual scanning was finished - workstation was found infected!

Error - 2009-02-12 16:09:12 | Computer Name = D49JTZ1J | Source = Userenv | ID = 1041

Description = Det går inte att läsa {7B849a69-220F-451E-B3FE-2CB811AF94AE} från

registerposten DllName Detta kommer inte att läsas in. Problemet beror antagligen

på fel i registret.

Error - 2009-02-12 16:09:12 | Computer Name = D49JTZ1J | Source = Userenv | ID = 1041

Description = Det går inte att läsa {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} från

registerposten DllName Detta kommer inte att läsas in. Problemet beror antagligen

på fel i registret.

Error - 2009-02-12 16:25:39 | Computer Name = D49JTZ1J | Source = Userenv | ID = 1041

Description = Det går inte att läsa {7B849a69-220F-451E-B3FE-2CB811AF94AE} från

registerposten DllName Detta kommer inte att läsas in. Problemet beror antagligen

på fel i registret.

Error - 2009-02-12 16:25:39 | Computer Name = D49JTZ1J | Source = Userenv | ID = 1041

Description = Det går inte att läsa {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} från

registerposten DllName Detta kommer inte att läsas in. Problemet beror antagligen

på fel i registret.

[ System Events ]

Error - 2009-02-11 15:49:05 | Computer Name = D49JTZ1J | Source = F-Secure Gatekeeper | ID = 327681

Description = Real-time scanning failure occurred. Intercepted file name=C:\DOCUMENTS

AND SETTIN...ROFILES.ENC.BAK. For more information, please visit the customer support

web pages at http://support.f-secure.com/enu/home/'>http://support.f-secure.com/enu/home/'>http://support.f-secure.com/enu/home/'>http://support.f-secure.com/enu/home/ for assistance.

Error - 2009-02-11 15:50:09 | Computer Name = D49JTZ1J | Source = F-Secure Gatekeeper | ID = 327681

Description = Real-time scanning failure occurred. Intercepted file name=C:\WINDOWS\SYSTEM32\TASKMGR.EXE.

For more information, please visit the customer support web pages at http://support.f-secure.com/enu/home/

for assistance.

Error - 2009-02-11 15:50:12 | Computer Name = D49JTZ1J | Source = F-Secure Gatekeeper | ID = 327681

Description = Real-time scanning failure occurred. Intercepted file name=C:\DOCUMENTS

AND SETTINGS\GUE...INDEX.DAT. For more information, please visit the customer support

web pages at http://support.f-secure.com/enu/home/ for assistance.

Error - 2009-02-11 15:50:12 | Computer Name = D49JTZ1J | Source = F-Secure Gatekeeper | ID = 327681

Description = Real-time scanning failure occurred. Intercepted file name=C:\WINDOWS\WINSXS\MANIF...3F9C03.MANIFEST.

For more information, please visit the customer support web pages at http://support.f-secure.com/enu/home/

for assistance.

Error - 2009-02-11 16:32:11 | Computer Name = D49JTZ1J | Source = Service Control Manager | ID = 7000

Description = Tjänsten Logitech Process Monitor kunde inte startas på grund av följande

fel: %%2

Error - 2009-02-11 16:32:11 | Computer Name = D49JTZ1J | Source = Service Control Manager | ID = 7024

Description = Tjänsten Bonjour-tjänst avbröts med det tjänstspecifika felet 4294967295

(0xFFFFFFFF).

Error - 2009-02-11 16:32:11 | Computer Name = D49JTZ1J | Source = Service Control Manager | ID = 7000

Description = Tjänsten Upload Manager kunde inte startas på grund av följande fel:

%%1079

Error - 2009-02-12 12:44:01 | Computer Name = D49JTZ1J | Source = Service Control Manager | ID = 7000

Description = Tjänsten Logitech Process Monitor kunde inte startas på grund av följande

fel: %%2

Error - 2009-02-12 12:44:01 | Computer Name = D49JTZ1J | Source = Service Control Manager | ID = 7024

Description = Tjänsten Bonjour-tjänst avbröts med det tjänstspecifika felet 4294967295

(0xFFFFFFFF).

Error - 2009-02-12 12:44:01 | Computer Name = D49JTZ1J | Source = Service Control Manager | ID = 7000

Description = Tjänsten Upload Manager kunde inte startas på grund av följande fel:

%%1079

< End of report >

[/log]

12 februari, 2009

Här kommer OTViewIt.txt filen:

[log]

OTViewIt logfile created on: 2009-02-12 21:27:03 - Run

OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Johanna\Skrivbord

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

1023,40 Mb Total Physical Memory | 465,33 Mb Available Physical Memory | 45,47% Memory free

2,40 Gb Paging File | 1,93 Gb Available in Paging File | 80,17% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 90,06 Gb Total Space | 35,61 Gb Free Space | 39,54% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

Drive E: | 13,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: D49JTZ1J

Current User Name: Johanna

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: On

File Age = 30 Days

========== Processes ==========

[2005-08-04 05:02:58 | 00,380,928 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe

[2004-09-07 17:02:40 | 00,086,016 | ---- | M] (Intel Corporation) -- C:\Program\Intel\Wireless\Bin\EvtEng.exe

[2004-09-07 17:05:10 | 00,360,521 | ---- | M] (Intel Corporation ) -- C:\Program\Intel\Wireless\Bin\S24EvMon.exe

[2004-09-07 17:12:32 | 00,225,353 | ---- | M] (Intel® Corporation) -- C:\Program\Intel\Wireless\Bin\WLKEEPER.exe

[2008-11-07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

[2007-02-19 17:30:16 | 00,032,807 | ---- | M] (BackWeb Technologies Inc. ) -- C:\Program\Glocalnet Säkerhetspaket\backweb\1334833\Program\ServiceWrapper-1334833.exe

[2005-07-13 15:43:48 | 00,036,947 | ---- | M] (F-Secure Corporation) -- C:\Program\Glocalnet Säkerhetspaket\Anti-Virus\fsgk32st.exe

[2007-02-19 17:30:20 | 00,278,581 | ---- | M] (F-Secure Corp.) -- C:\Program\Glocalnet Säkerhetspaket\backweb\1334833\Program\fsbwsys.exe

[2008-10-21 12:59:41 | 00,297,056 | ---- | M] (F-Secure Corp.) -- C:\Program\Glocalnet Säkerhetspaket\Anti-Virus\fsgk32.exe

[2005-10-26 02:51:58 | 00,061,490 | ---- | M] (F-Secure Corporation) -- C:\Program\Glocalnet Säkerhetspaket\Common\FSMA32.EXE

[2008-10-21 12:59:40 | 00,255,072 | ---- | M] (F-Secure Corp.) -- C:\Program\Glocalnet Säkerhetspaket\Anti-Virus\fssm32.exe

[2009-01-02 15:32:12 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Java\jre6\bin\jqs.exe

[2005-10-26 02:51:58 | 00,180,274 | ---- | M] (F-Secure Corporation) -- C:\Program\Glocalnet Säkerhetspaket\Common\FSMB32.EXE

[2005-06-09 09:53:18 | 00,356,352 | ---- | M] (Dell Inc.) -- C:\Program\Dell\NicConfigSvc\NicConfigSvc.exe

[2004-09-07 17:02:04 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program\Intel\Wireless\Bin\RegSrvc.exe

[2008-12-05 20:08:23 | 00,181,312 | ---- | M] () -- C:\Program\Photodex\ProShowProducer\scsiaccess.exe

[2003-11-12 04:48:20 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program\Delade filer\Ulead Systems\DVD\ULCDRSvr.exe

[2004-08-10 21:05:14 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe

[2005-10-26 02:52:00 | 00,065,585 | ---- | M] (F-Secure Corporation) -- C:\Program\Glocalnet Säkerhetspaket\Common\FCH32.EXE

[2007-01-31 14:55:42 | 00,096,370 | ---- | M] (Canon Inc.) -- C:\Program\Canon\CAL\CALMAIN.exe

[2005-10-26 02:51:58 | 00,270,387 | ---- | M] (F-Secure Corporation) -- C:\Program\Glocalnet Säkerhetspaket\Common\FAMEH32.EXE

[2005-06-13 17:19:34 | 00,032,826 | ---- | M] (F-Secure Corporation) -- C:\Program\Glocalnet Säkerhetspaket\Anti-Virus\fsqh.exe

[2005-10-03 14:10:44 | 00,159,804 | ---- | M] (F-Secure Corporation) -- C:\Program\Glocalnet Säkerhetspaket\Anti-Virus\FSRW.exe

[2005-11-18 16:03:56 | 00,204,863 | ---- | M] (F-Secure Corporation) -- C:\Program\Glocalnet Säkerhetspaket\FWES\program\fsdfwd.exe

[2004-08-04 13:00:00 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe

[2005-09-12 18:43:28 | 00,180,224 | ---- | M] (F-Secure Corporation) -- C:\Program\Glocalnet Säkerhetspaket\Anti-Virus\FSAV32.exe

[2004-09-07 17:08:02 | 00,389,120 | ---- | M] (Intel Corporation) -- C:\Program\Intel\Wireless\Bin\ZCfgSvc.exe

[2005-08-04 05:02:58 | 00,380,928 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe

[2004-09-07 17:03:40 | 00,245,760 | ---- | M] (Intel) -- C:\Program\Intel\Wireless\Bin\1XConfig.exe

[2005-08-05 22:05:00 | 00,344,064 | ---- | M] (ATI Technologies, Inc.) -- C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

[2004-10-30 15:59:54 | 00,385,024 | ---- | M] (Intel Corporation) -- C:\Program\Intel\Wireless\Bin\iFrmewrk.exe

[2005-09-01 18:24:08 | 00,684,032 | ---- | M] () -- C:\Program\Dell\QuickSet\quickset.exe

[2004-09-13 17:33:20 | 00,155,648 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program\Apoint\Apoint.exe

[2005-01-27 02:02:00 | 00,086,016 | ---- | M] () -- C:\Program\Dell\Media Experience\DMXLauncher.exe

[2004-12-06 02:05:00 | 00,127,035 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfswctrl.exe

[2004-08-19 15:40:08 | 00,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program\Apoint\ApntEx.exe

[2004-07-27 17:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program\Delade filer\InstallShield\UpdateService\issch.exe

[2005-10-26 02:51:58 | 00,122,929 | ---- | M] (F-Secure Corporation) -- C:\Program\Glocalnet Säkerhetspaket\Common\FSM32.EXE

[2005-05-31 13:45:06 | 00,356,352 | ---- | M] (F-Secure Corporation) -- C:\Program\Glocalnet Säkerhetspaket\FSGUI\ispnews.exe

[2004-06-28 20:29:42 | 00,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program\CyberLink\PowerDVD\PDVDServ.exe

[2008-11-20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program\iTunes\iTunesHelper.exe

[2008-11-07 14:16:58 | 00,111,936 | ---- | M] (Apple Inc.) -- C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[2009-01-02 15:32:13 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Java\jre6\bin\jusched.exe

[2005-08-22 13:16:52 | 00,086,064 | ---- | M] (F-Secure Corporation) -- C:\Program\Glocalnet Säkerhetspaket\Anti-Spyware\FSAW.exe

[2007-10-18 10:35:08 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\msnmsgr.exe

[2008-10-13 10:20:08 | 00,910,864 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exe

[2003-10-29 04:06:00 | 00,024,576 | ---- | M] (BVRP Software) -- C:\Program\Digital Line Detect\DLG.exe

[2007-02-19 17:30:16 | 00,032,807 | ---- | M] (BackWeb Technologies Inc. ) -- C:\Program\Glocalnet Säkerhetspaket\backweb\1334833\Program\fspex.exe

[2008-10-23 10:12:08 | 00,442,368 | ---- | M] (Birdstep Technology) -- C:\Program\3\3Connect\AutoUpdateSrv.exe

[2008-11-20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program\iPod\bin\iPodService.exe

[2007-06-14 18:39:18 | 00,479,232 | ---- | M] (Nikon Corporation) -- C:\Program\Delade filer\Nikon\Monitor\NkMonitor.exe

[2005-10-18 09:36:26 | 00,233,537 | ---- | M] (F-Secure Corporation) -- C:\Program\Glocalnet Säkerhetspaket\FSGUI\fsguidll.exe

[2009-02-12 21:25:22 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Johanna\Skrivbord\OTViewIt.exe

========== (O23) Win32 Services ==========

[2008-11-07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])

[2007-04-13 03:20:52 | 00,033,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])

[2005-08-04 05:02:58 | 00,380,928 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])

[2007-02-19 17:30:16 | 00,032,807 | ---- | M] (BackWeb Technologies Inc. ) -- C:\Program\Glocalnet Säkerhetspaket\backweb\1334833\Program\ServiceWrapper-1334833.exe -- (BackWeb Plug-in - 1334833 [Auto | Running])

[2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Stopped])

[2007-01-31 14:55:42 | 00,096,370 | ---- | M] (Canon Inc.) -- C:\Program\Canon\CAL\CALMAIN.exe -- (CCALib8 [Auto | Running])

[2007-04-13 03:21:18 | 00,068,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

[2004-09-07 17:02:40 | 00,086,016 | ---- | M] (Intel Corporation) -- C:\Program\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Auto | Running])

[2005-07-13 15:43:48 | 00,036,947 | ---- | M] (F-Secure Corporation) -- C:\Program\Glocalnet Säkerhetspaket\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter [Auto | Running])

[2008-11-18 13:42:29 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])

[2007-02-19 17:30:20 | 00,278,581 | ---- | M] (F-Secure Corp.) -- C:\Program\Glocalnet Säkerhetspaket\backweb\1334833\Program\fsbwsys.exe -- (fsbwsys [Auto | Running])

[2005-11-18 16:03:56 | 00,204,863 | ---- | M] (F-Secure Corporation) -- C:\Program\Glocalnet Säkerhetspaket\FWES\program\fsdfwd.exe -- (FSDFWD [On_Demand | Running])

[2005-10-26 02:51:58 | 00,061,490 | ---- | M] (F-Secure Corporation) -- C:\Program\Glocalnet Säkerhetspaket\Common\FSMA32.EXE -- (FSMA [Auto | Running])

[2007-01-26 17:41:53 | 00,138,168 | ---- | M] (Google) -- C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])

[2005-04-03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])

[2008-11-20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])

[2009-01-02 15:32:12 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])

File not found -- -- (LVPrcSrv [Auto | Stopped])

[2007-02-06 17:47:12 | 00,105,248 | ---- | M] (Logitech Inc.) -- C:\Program\Delade filer\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher [Auto | Stopped])

[2005-06-09 09:53:18 | 00,356,352 | ---- | M] (Dell Inc.) -- C:\Program\Dell\NicConfigSvc\NicConfigSvc.exe -- (NICCONFIGSVC [Auto | Running])

[2004-09-07 17:02:04 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Auto | Running])

[2004-09-07 17:05:10 | 00,360,521 | ---- | M] (Intel Corporation ) -- C:\Program\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor [Auto | Running])

[2008-12-05 20:08:23 | 00,181,312 | ---- | M] () -- C:\Program\Photodex\ProShowProducer\scsiaccess.exe -- (ScsiAccess [Auto | Running])

[2008-08-07 10:17:30 | 00,575,488 | ---- | M] (Nokia.) -- C:\Program\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])

[2003-11-12 04:48:20 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program\Delade filer\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper [Auto | Running])

[2004-08-10 21:05:14 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running])

[2007-10-18 10:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])

[2004-09-07 17:12:32 | 00,225,353 | ---- | M] (Intel® Corporation) -- C:\Program\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER [Auto | Running])

[2007-10-25 14:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])

========== Driver Services ==========

[2008-08-14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs [Auto | Running])

[2005-12-12 18:20:32 | 00,017,056 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP [Auto | Running])

[2001-08-17 22:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\drivers\aliide.sys -- (AliIde [Disabled | Stopped])

[2004-08-04 00:07:44 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\drivers\amdagp.sys -- (amdagp [Disabled | Stopped])

[2004-11-16 17:03:52 | 00,108,791 | ---- | M] (Alps Electric Co., Ltd.) -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService [On_Demand | Running])

[2005-08-03 11:44:16 | 00,016,128 | ---- | M] (Dell Inc) -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV [system | Running])

[2001-08-17 22:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\drivers\asc.sys -- (asc [Disabled | Stopped])

[2001-08-17 22:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\drivers\asc3550.sys -- (asc3550 [Disabled | Stopped])

[2005-08-04 05:10:18 | 01,273,344 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running])

[2004-05-26 21:18:18 | 00,044,928 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp [On_Demand | Running])

[2004-08-03 23:10:40 | 00,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthenum.sys -- (BthEnum [On_Demand | Running])

[2004-08-03 23:10:40 | 00,038,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthmodem.sys -- (BTHMODEM [On_Demand | Stopped])

[2004-08-03 22:58:40 | 00,100,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthpan.sys -- (BthPan [On_Demand | Running])

[2008-06-14 19:01:27 | 00,272,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthport.sys -- (BTHPORT [On_Demand | Stopped])

[2004-08-03 23:10:36 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthusb.sys -- (BTHUSB [On_Demand | Running])

[2001-09-06 20:54:56 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\drivers\cmdide.sys -- (CmdIde [Disabled | Stopped])

[2001-08-17 22:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\drivers\dac2w2k.sys -- (dac2w2k [Disabled | Stopped])

[2004-12-01 04:22:00 | 00,087,488 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb [boot | Running])

[2004-11-23 03:56:00 | 00,040,480 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm [Auto | Running])

[2001-09-06 21:03:10 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B [On_Demand | Stopped])

[2004-09-10 16:14:32 | 00,048,720 | ---- | M] () -- C:\Program\Glocalnet Säkerhetspaket\Anti-Virus\win2k\FSfilter.sys -- (F-Secure Filter [Auto | Running])

[2008-10-21 12:59:41 | 00,062,176 | ---- | M] () -- C:\Program\Glocalnet Säkerhetspaket\Anti-Virus\win2k\fsgk.sys -- (F-Secure Gatekeeper [Auto | Running])

[2004-06-01 10:03:40 | 00,016,816 | ---- | M] () -- C:\Program\Glocalnet Säkerhetspaket\Anti-Virus\win2k\FSrec.sys -- (F-Secure Recognizer [Auto | Running])

[2005-12-15 08:41:20 | 00,010,256 | ---- | M] (F5 Networks) -- C:\WINDOWS\system32\drivers\urfltw2k.sys -- (f5ipfw [On_Demand | Stopped])

[2005-11-18 16:04:06 | 00,070,896 | ---- | M] (F-Secure Corporation) -- C:\WINDOWS\system32\drivers\fsdfw.sys -- (FSFW [boot | Running])

[2008-04-17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])

[2004-08-04 01:11:54 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidbth.sys -- (HidBth [On_Demand | Stopped])

[2004-06-17 21:57:02 | 00,200,064 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH [On_Demand | Running])

[2004-06-17 21:55:04 | 01,041,536 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP [On_Demand | Running])

[2007-08-08 11:12:40 | 00,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard [On_Demand | Running])

[2004-11-24 18:35:14 | 01,434,944 | R--- | M] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\system32\drivers\HCWUSB2.sys -- (iComp [On_Demand | Stopped])

[2004-08-12 09:44:04 | 00,234,496 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA [On_Demand | Running])

[2004-08-04 01:18:48 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [system | Stopped])

[2007-02-06 17:42:40 | 01,691,808 | ---- | M] () -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap [On_Demand | Stopped])

[2007-02-06 17:44:36 | 01,964,064 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv [On_Demand | Stopped])

[2007-02-06 17:45:04 | 00,025,632 | ---- | M] () -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon [On_Demand | Stopped])

[2006-06-22 23:29:46 | 00,038,960 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Stopped])

[2004-03-17 19:04:14 | 00,013,059 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])

[2007-05-28 17:00:22 | 00,010,240 | ---- | M] () -- C:\WINDOWS\system32\drivers\mdvrmng.sys -- (mdvrmng [Auto | Running])

[2001-08-17 22:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\drivers\mraid35x.sys -- (mraid35x [Disabled | Stopped])

[2008-05-07 06:38:20 | 00,017,536 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd [On_Demand | Stopped])

[2008-05-07 06:38:20 | 00,020,864 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc [On_Demand | Stopped])

[2008-02-01 15:17:12 | 00,138,112 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu [On_Demand | Stopped])

[2008-02-01 15:17:06 | 00,008,320 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc [On_Demand | Stopped])

[2004-08-03 23:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Stopped])

[2004-02-13 17:46:00 | 00,017,153 | ---- | M] (Dell Inc) -- C:\WINDOWS\system32\drivers\omci.sys -- (omci [system | Running])

[2007-09-17 14:53:26 | 00,021,632 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped])

[2006-06-22 23:29:27 | 00,012,080 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter [On_Demand | Stopped])

[2006-06-22 23:29:28 | 00,720,176 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0 [On_Demand | Stopped])

[2004-08-04 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])

[2008-07-31 23:17:04 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [boot | Running])

[2001-08-17 22:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\drivers\ql1080.sys -- (ql1080 [Disabled | Stopped])

[2001-08-17 22:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\drivers\ql12160.sys -- (ql12160 [Disabled | Stopped])

[2001-08-17 22:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\drivers\ql1280.sys -- (ql1280 [Disabled | Stopped])

[2004-08-03 23:10:40 | 00,059,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rfcomm.sys -- (RFCOMM [On_Demand | Running])

[2004-08-31 09:53:04 | 00,011,354 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans [Auto | Running])

[2004-08-04 13:00:00 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sdbus.sys -- (sdbus [On_Demand | Running])

[2007-11-13 11:25:56 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])

[2004-08-04 13:00:00 | 00,011,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffdisk.sys -- (sffdisk [On_Demand | Stopped])

[2004-08-04 13:00:00 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])

[2004-08-04 00:07:44 | 00,041,088 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\sisagp.sys -- (sisagp [Disabled | Stopped])

[2001-11-05 08:23:14 | 00,006,097 | ---- | M] () -- C:\WINDOWS\system32\drivers\sonyhcb.sys -- (sonyhcb [boot | Running])

[2001-11-05 08:23:52 | 00,299,923 | ---- | M] () -- C:\WINDOWS\system32\drivers\sonyhcs.sys -- (sonyhcs [On_Demand | Stopped])

[2001-08-17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])

[2001-08-17 23:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\drivers\sparrow.sys -- (Sparrow [Disabled | Stopped])

[2008-11-18 20:43:12 | 00,717,296 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [boot | Running])

[2004-07-14 12:29:04 | 00,005,627 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5 [system | Running])

[2004-07-14 12:28:50 | 00,023,545 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln [system | Running])

[2005-03-10 23:56:06 | 00,273,168 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\drivers\STAC97.sys -- (STAC97 [On_Demand | Running])

[2001-08-17 23:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\drivers\symc810.sys -- (symc810 [Disabled | Stopped])

[2001-08-17 23:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\symc8xx.sys -- (symc8xx [Disabled | Stopped])

[2001-08-17 23:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\sym_hi.sys -- (sym_hi [Disabled | Stopped])

[2001-08-17 23:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\sym_u3.sys -- (sym_u3 [Disabled | Stopped])

[2004-12-06 02:05:00 | 00,025,883 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio [Auto | Running])

[2004-12-06 02:05:00 | 00,034,843 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs [Auto | Running])

[2004-12-06 02:05:00 | 00,004,123 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct [Auto | Running])

[2004-12-06 02:05:00 | 00,002,239 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres [Auto | Running])

[2004-12-06 02:05:00 | 00,086,586 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs [Auto | Running])

[2004-12-06 02:05:00 | 00,015,227 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio [Auto | Running])

[2004-12-06 02:05:00 | 00,006,363 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool [Auto | Running])

[2004-12-06 02:05:00 | 00,098,714 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf [Auto | Running])

[2004-12-06 02:05:00 | 00,100,603 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa [Auto | Running])

[2001-08-17 22:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\drivers\ultra.sys -- (ultra [Disabled | Stopped])

[2008-06-06 08:24:44 | 00,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev [On_Demand | Stopped])

[2007-02-23 04:29:01 | 00,028,160 | ---- | M] (F5 Networks) -- C:\WINDOWS\system32\drivers\urvpndrv.sys -- (urvpndrv [On_Demand | Running])

[2008-11-07 14:23:30 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])

[2004-08-03 22:07:56 | 00,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])

[2004-08-03 22:08:44 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbser.sys -- (usbser [On_Demand | Stopped])

[2008-05-07 06:38:36 | 00,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt [On_Demand | Stopped])

[2004-10-21 21:56:04 | 03,210,496 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51 [On_Demand | Running])

[2006-11-02 06:22:54 | 00,492,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdf01000.sys -- (Wdf01000 [On_Demand | Stopped])

[2004-06-17 21:55:38 | 00,685,056 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf [On_Demand | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157

"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896

"Default_Secondary_Page_URL"=

"Extensions Off Page"=about:NoAdd-ons

"Local Page"=%SystemRoot%\system32\blank.htm

"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896

"Security Risk Page"=about:SecurityRisk

"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]

"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

"Default_Search_URL"=http://www.google.com/ie

"SearchAssistant"=http://www.google.com/ie

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\WINDOWS\system32\blank.htm

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Start Page"=http://www.skandia.se/

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-21-4079634897-1812973651-4039670563-1006\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\WINDOWS\system32\blank.htm

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Start Page"=http://www.skandia.se/

[HKEY_USERS\S-1-5-21-4079634897-1812973651-4039670563-1006\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4079634897-1812973651-4039670563-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (708 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

First 25 entries...

127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

{5CA3D70E-1895-11CF-8E15-001234567890} (HKLM) -- C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

{AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- c:\Program\Google\GoogleToolbar5.dll (Google Inc.)

{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

{F1FABE79-25FC-46de-8C5A-2C6DB9D64333} (HKLM) -- C:\WINDOWS\system32\AlxTB1.dll File not found

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- c:\Program\Google\GoogleToolbar5.dll (Google Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program\Google\GoogleToolbar5.dll (Google Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-4079634897-1812973651-4039670563-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-4079634897-1812973651-4039670563-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program\Google\GoogleToolbar5.dll (Google Inc.)

[HKEY_USERS\S-1-5-21-4079634897-1812973651-4039670563-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AdobeCS4ServiceManager"="C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin (Adobe Systems Incorporated)

"Apoint"=C:\Program\Apoint\Apoint.exe (Alps Electric Co., Ltd.)

"AppleSyncNotifier"=C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)

"ATIPTA"="C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe" (ATI Technologies, Inc.)

"BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent (Microsoft Corporation)

"Dell QuickSet"=C:\Program\Dell\QuickSet\quickset.exe ()

"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)

"DMXLauncher"=C:\Program\Dell\Media Experience\DMXLauncher.exe ()

"DriveCleaner 2006 Free"="C:\Program\DriveCleaner 2006 Free\UDC2006.exe" /min File not found

"F-Secure Manager"="C:\Program\Glocalnet Säkerhetspaket\Common\FSM32.EXE" /splash (F-Secure Corporation)

"F-Secure Startup Wizard"="C:\Program\Glocalnet Säkerhetspaket\FSGUI\FSSW.EXE" /reboot (F-Secure Corporation)

"F-Secure TNB"="C:\Program\Glocalnet Säkerhetspaket\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW (F-Secure Corporation)

"IntelWireless"=C:\Program\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless (Intel Corporation)

"ISUSPM Startup"=C:\Program\DELADE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup (InstallShield Software Corporation)

"ISUSScheduler"="C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation)

"iTunesHelper"="C:\Program\iTunes\iTunesHelper.exe" (Apple Inc.)

"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k File not found

"News Service"="C:\Program\Glocalnet Säkerhetspaket\FSGUI\ispnews.exe" (F-Secure Corporation)

"QuickTime Task"="C:\Program\QuickTime\QTTask.exe" -atboottime (Apple Inc.)

"RemoteControl"=C:\Program\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)

"SunJavaUpdateSched"="C:\Program\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AdobeBridge"="C:\Program\Adobe\Adobe Bridge CS4\Bridge.exe" -stealth (Adobe Systems, Inc.)

"MsnMsgr"="C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4079634897-1812973651-4039670563-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AdobeBridge"="C:\Program\Adobe\Adobe Bridge CS4\Bridge.exe" -stealth (Adobe Systems, Inc.)

"MsnMsgr"="C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)

========== (O4) Startup Folders ==========

[1999-11-04 15:06:48 | 00,113,664 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

[2008-10-13 10:20:08 | 00,910,864 | ---- | M] (Technology Nexus AB) -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe

[2003-10-29 04:06:00 | 00,024,576 | ---- | M] (BVRP Software) -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Digital Line Detect.lnk = C:\Program\Digital Line Detect\DLG.exe

[2007-02-19 17:30:16 | 00,032,807 | ---- | M] (BackWeb Technologies Inc. ) -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Glocalnet Säkerhetspaket.lnk = C:\Program\Glocalnet Säkerhetspaket\backweb\1334833\Program\fspex.exe

[2005-12-22 09:03:52 | 00,913,408 | ---- | M] (Pantone & GretagMacbeth) -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\hueyTray.lnk = C:\Program\Pantone\huey\hueyTray.exe

[2008-10-23 10:12:08 | 00,442,368 | ---- | M] (Birdstep Technology) -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Uppdateringsagent.lnk = C:\Program\3\3Connect\AutoUpdateSrv.exe

[2007-06-14 18:39:18 | 00,479,232 | ---- | M] (Nikon Corporation) -- C:\Documents and Settings\Johanna\Start-meny\Program\Autostart\Nikon Monitor.lnk = C:\Program\Delade filer\Nikon\Monitor\NkMonitor.exe

[2005-12-14 17:01:20 | 00,061,440 | ---- | M] () -- C:\Documents and Settings\Johanna\Start-meny\Program\Autostart\OpenOffice.org 2.0.lnk = C:\Program\OpenOffice.org 2.0\program\quickstart.exe

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-4079634897-1812973651-4039670563-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]

&Blockera detta popup-fönster: C:\Program\Glocalnet Säkerhetspaket\Anti-Spyware\blockpopups.htm [2004-11-18 13:51:56 | 00,000,380 | ---- | M] ()

Add to Google Photos Screensa&ver: C:\WINDOWS\system32\GPhotos.scr [2009-01-05 23:33:03 | 03,751,995 | ---- | M] (Google Inc.)

Mail to a Friend...: File not found

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]

Add to Google Photos Screensa&ver: C:\WINDOWS\system32\GPhotos.scr [2009-01-05 23:33:03 | 03,751,995 | ---- | M] (Google Inc.)

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]

Add to Google Photos Screensa&ver: C:\WINDOWS\system32\GPhotos.scr [2009-01-05 23:33:03 | 03,751,995 | ---- | M] (Google Inc.)

[HKEY_USERS\S-1-5-21-4079634897-1812973651-4039670563-1006\Software\Microsoft\Internet Explorer\MenuExt\]

&Blockera detta popup-fönster: C:\Program\Glocalnet Säkerhetspaket\Anti-Spyware\blockpopups.htm [2004-11-18 13:51:56 | 00,000,380 | ---- | M] ()

Add to Google Photos Screensa&ver: C:\WINDOWS\system32\GPhotos.scr [2009-01-05 23:33:03 | 03,751,995 | ---- | M] (Google Inc.)

Mail to a Friend...: File not found

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

{300DB664-75B5-47c0-8B45-A44ACCF73C00}: Button: IE-sköld -- %ProgramFiles%\Glocalnet Säkerhetspaket\Anti-Spyware\ieshield.dll [2005-08-18 13:07:08 | 00,049,204 | ---- | M] (F-Secure Corporation)

{300DB664-75B5-47c0-8B45-A44ACCF73C00}: Menu: IE-sköld... -- %ProgramFiles%\Glocalnet Säkerhetspaket\Anti-Spyware\ieshield.dll [2005-08-18 13:07:08 | 00,049,204 | ---- | M] (F-Secure Corporation)

{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}: Button: PartyPoker.com -- %ProgramFiles%\PartyGaming\PartyPoker\RunApp.exe File not found

{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}: Menu: PartyPoker.com -- %ProgramFiles%\PartyGaming\PartyPoker\RunApp.exe File not found

{c95fe080-8f5d-11d2-a20b-00aa003c157a}: Button: @shdoclc.dll,-866 -- %SystemRoot%\web\related.htm File not found

{c95fe080-8f5d-11d2-a20b-00aa003c157a}: Menu: @shdoclc.dll,-864 -- %SystemRoot%\web\related.htm File not found

{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2006-10-10 13:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found

CmdMapping\\{300DB664-75B5-47c0-8B45-A44ACCF73C00} [HKLM] -> %ProgramFiles%\Glocalnet Säkerhetspaket\Anti-Spyware\ieshield.dll [iE-sköld] -> [2005-08-18 13:07:08 | 00,049,204 | ---- | M] (F-Secure Corporation)

CmdMapping\\{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

CmdMapping\\{E6073F93-9541-4be4-9800-109D378EB99B} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

[HKEY_USERS\S-1-5-21-4079634897-1812973651-4039670563-1006\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found

CmdMapping\\{300DB664-75B5-47c0-8B45-A44ACCF73C00} [HKLM] -> %ProgramFiles%\Glocalnet Säkerhetspaket\Anti-Spyware\ieshield.dll [iE-sköld] -> [2005-08-18 13:07:08 | 00,049,204 | ---- | M] (F-Secure Corporation)

CmdMapping\\{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

CmdMapping\\{E6073F93-9541-4be4-9800-109D378EB99B} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]

PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s

PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]

""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

1 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]

{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}: http://www.apple.com/qtactivex/qtplugin.cab -- QuickTime Object

{0F2F3121-75E2-4C60-9977-C1ADC3D5F3DC}: http://web03.ifi.fi/PhotoProducts/ActiveX/IfiUploader.cab -- IFIUploader Control

{230C3D02-DA27-11D2-8612-00A0C93EEA3C}: http://www.fujicolordigital.se/SAXFile/saxfile.cab -- SAXFile FileUpload ActiveX Control

{2A0B9B82-D5C8-4D3D-8338-AD55B23662B1}: https://ras.infodata.se/vdesk/cachecleaner.cab#version=6010,2007,0223,0315 -- F5 Networks CacheCleaner

{2BCDB465-81F9-41CB-832C-8037A4064446}: https://ras.infodata.se/vdesk/terminal/urxvpn.cab#version=6010,2007,0223,0327 -- F5 Networks VPN Manager

{45B69029-F3AB-4204-92DE-D5140C3E8E74}: https://ras.infodata.se/vdesk/terminal/InstallerControl.cab -- F5 Networks Auto Update

{474F00F5-3853-492C-AC3A-476512BBC336}: http://picasaweb.google.se/s/v/29.36/uploader2.cab -- UploadListView Class

{57C76689-F052-487B-A19F-855AFDDF28EE}: https://ras.infodata.se/vdesk/terminal/f5InspectionHost.cab#version=6010,2007,0223,0317 -- F5 Networks Policy Agent Host Class

{5F8469B4-B055-49DD-83F7-62B522420ECC}: http://upload.facebook.com/controls/FacebookPhotoUploader.cab -- Facebook Photo Uploader Control

{6C275925-A1ED-4DD2-9CEE-9823F5FDAA10}: https://ras.infodata.se/vdesk/terminal/urTermProxy.cab#version=6010,2007,0223,0314 -- F5 Networks SSLTunnel

{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab -- Reg Error: Key does not exist or could not be opened.

{A18962F6-E6ED-40B1-97C9-1FB36F38BFA8}: http://www.fujidirekt.se/aurigma/ImageUploader3.cab -- Aurigma Image Uploader 3.5 Control

{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}: http://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab -- Java Plug-in 1.4.2_03

{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11

{CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7}: https://ras.infodata.se/vdesk/terminal/urxshost.cab#version=6010,2007,0223,0320 -- F5 Networks SuperHost Class

{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object

{DC6FEBC5-0A2D-458A-A01B-5DB15EEC4305}: http://webc.gosiacervin.com/controls/IlosoftImageUpload.dll -- IlosoftImageUploadCtl Class

{E0FF21FA-B857-45C5-8621-F120A0C17FF2}: https://ras.infodata.se/vdesk/terminal/urxhost.cab#version=6010,2007,0223,0312 -- F5 Networks Host Control

{E615C9EA-AD69-4AE9-83C9-9D906A0ACA6D}: https://ras.infodata.se/policy/download_binary.php/win32/f5syschk.cab#Version=6010,2007,0223,0322 -- F5 Networks OS Policy Agent

========== (O17) DNS Name Servers ==========

{03030339-AB96-4CE3-92E3-EA5271D2D76A} (Servers: | Description: )

{66D1BD7F-D1A0-4FA3-AEBC-F86168B7C9BA} (Servers: | Description: Intel® PRO/Wireless 2200BG Network Connection)

{A8E1D8DE-B747-4890-8B07-EBDF6A117BE1} (Servers: | Description: 1394 Net Adapter)

{D984C5D6-16F0-4E7C-827C-EE7F31C791DF} (Servers: | Description: )

{F6B9D451-FFAB-4CAF-B122-3AB51AC75212} (Servers: | Description: Broadcom 440x 10/100 Integrated Controller)

========== (O19) User Style Sheets ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles]

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]

AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)

dimsntfy: "DllName" = Reg Error: Value DLLName does not exist or could not be read. -- File not found

IntelWireless: "DllName" = C:\Program\Intel\Wireless\Bin\LgNotify.dll -- C:\Program\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)

========== IFEO "Debugger" Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\]

iexplore.exe:"Debugger" = C:\WINDOWS\system32\klomp.exe File not found

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []

[2004-09-15 13:32:38 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

AutoRun.exe [MZ� | ]

[2007-10-15 15:26:26 | 00,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) -- E:\AutoRun.exe -- [ CDFS ]

Autorun.ico []

[2007-09-27 15:43:31 | 00,013,902 | R--- | M] () -- E:\Autorun.ico -- [ CDFS ]

AUTORUN.INF [[AutoRun] | open=AutoRun.exe | icon=Autorun.ico | ]

[2007-10-29 12:25:38 | 00,000,047 | R--- | M] () -- E:\AUTORUN.INF -- [ CDFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{06f48204-a293-11dd-89f6-0010c6db9eb9}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{06f48204-a293-11dd-89f6-0010c6db9eb9}\Shell\AutoRun\command]

""=E:\AutoRun.exe -- [2007-10-15 15:26:26 | 00,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{06f48205-a293-11dd-89f6-0010c6db9eb9}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{06f48205-a293-11dd-89f6-0010c6db9eb9}\Shell\AutoRun\command]

""=E:\AutoRun.exe -- [2007-10-15 15:26:26 | 00,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0c8c75f6-a27e-11dd-89f2-0010c6db9eb9}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0c8c75f6-a27e-11dd-89f2-0010c6db9eb9}\Shell\AutoRun\command]

""=E:\AutoRun.exe -- [2007-10-15 15:26:26 | 00,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d0b94d8-0b1d-11dd-88e9-0010c6db9eb9}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d0b94d8-0b1d-11dd-88e9-0010c6db9eb9}\Shell\AutoRun\command]

""=H:\Security.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24d19810-a2bc-11dd-89fd-0010c6db9eb9}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24d19810-a2bc-11dd-89fd-0010c6db9eb9}\Shell\AutoRun\command]

""=E:\AutoRun.exe -- [2007-10-15 15:26:26 | 00,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{344f47c4-00d7-11dd-88d5-0010c6db9eb9}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{344f47c4-00d7-11dd-88d5-0010c6db9eb9}\Shell\AutoRun\command]

""=E:\AutoRun.exe -- [2007-10-15 15:26:26 | 00,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{344f47d0-00d7-11dd-88d5-0010c6db9eb9}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{344f47d0-00d7-11dd-88d5-0010c6db9eb9}\Shell\AutoRun\command]

""=E:\AutoRun.exe -- [2007-10-15 15:26:26 | 00,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5f909820-a2a8-11dd-89fa-0010c6db9eb9}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5f909820-a2a8-11dd-89fa-0010c6db9eb9}\Shell\AutoRun\command]

""=E:\AutoRun.exe -- [2007-10-15 15:26:26 | 00,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5f909822-a2a8-11dd-89fa-0010c6db9eb9}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5f909822-a2a8-11dd-89fa-0010c6db9eb9}\Shell\AutoRun\command]

""=E:\AutoRun.exe -- [2007-10-15 15:26:26 | 00,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b15c082-a278-11dd-89f1-0010c6db9eb9}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b15c082-a278-11dd-89f1-0010c6db9eb9}\Shell\AutoRun\command]

""=E:\AutoRun.exe -- [2007-10-15 15:26:26 | 00,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b15c084-a278-11dd-89f1-0010c6db9eb9}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b15c084-a278-11dd-89f1-0010c6db9eb9}\Shell\AutoRun\command]

""=E:\AutoRun.exe -- [2007-10-15 15:26:26 | 00,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{940568ee-5d55-11dd-8965-0010c6db9eb9}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{940568ee-5d55-11dd-8965-0010c6db9eb9}\Shell\AutoRun\command]

""=E:\AutoRun.exe -- [2007-10-15 15:26:26 | 00,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bed1742c-c6fd-11dd-8a59-0010c6db9eb9}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bed1742c-c6fd-11dd-8a59-0010c6db9eb9}\Shell\AutoRun\command]

""=F:\LaunchU3.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bed1742d-c6fd-11dd-8a59-0010c6db9eb9}\Shell\AutoRun\command]

""=H:\.\Bin\ASSETUP.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c9a1c09e-a218-11dd-89ef-0010c6db9eb9}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c9a1c09e-a218-11dd-89ef-0010c6db9eb9}\Shell\AutoRun\command]

""=E:\AutoRun.exe -- [2007-10-15 15:26:26 | 00,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eeedc0aa-a2d1-11dd-8a00-0010c6db9eb9}\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eeedc0aa-a2d1-11dd-8a00-0010c6db9eb9}\Shell\AutoRun\command]

""=F:\AutoRun.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell]

""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\AutoRun\command]

""=E:\LaunchU3.exe -- File not found

========== Files/Folders - Created Within 30 Days ==========

[2 C:\WINDOWS\*.tmp files]

[2009-02-12 21:25:22 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Johanna\Skrivbord\OTViewIt.exe

[2009-02-12 21:05:35 | 00,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini

[2009-02-12 21:05:34 | 00,884,736 | ---- | C] () -- C:\WINDOWS\gmer.dll

[2009-02-12 21:05:34 | 00,811,008 | ---- | C] () -- C:\WINDOWS\gmer.exe

[2009-02-12 21:05:34 | 00,085,969 | ---- | C] (GMER) -- C:\WINDOWS\System32\drivers\gmer.sys

[2009-02-12 21:05:34 | 00,000,080 | ---- | C] () -- C:\WINDOWS\gmer_uninstall.cmd

[2009-02-12 21:01:25 | 00,811,008 | ---- | C] () -- C:\Documents and Settings\Johanna\Skrivbord\gmer.exe

[2009-02-12 17:47:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood

[2009-02-12 17:44:00 | 00,000,991 | ---- | C] () -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Glocalnet Säkerhetspaket.lnk

[2009-02-11 20:15:38 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2009-02-11 20:15:35 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2009-02-11 20:15:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2009-02-11 20:15:31 | 00,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware

[2009-02-11 15:10:30 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7

[2009-02-11 14:23:55 | 00,000,000 | ---D | C] -- C:\Program\Trend Micro

[2009-02-11 12:26:42 | 02,455,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dat

[2009-02-11 12:26:39 | 01,011,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll.mui

[2009-02-11 10:28:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2009-02-11 09:53:22 | 06,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll

[2009-02-11 09:53:22 | 01,831,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl

[2009-02-11 09:53:22 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll

[2009-02-11 09:53:22 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dll

[2009-02-11 09:53:22 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iertutil.dll

[2009-02-11 09:53:22 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll

[2009-02-11 09:53:22 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakui.dll

[2009-02-11 09:53:22 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll

[2009-02-11 09:53:22 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll

[2009-02-11 09:53:22 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe

[2009-02-11 09:53:22 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icardie.dll

[2009-02-11 09:53:22 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll

[2009-02-11 09:53:21 | 00,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll

[2009-02-11 09:53:21 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll

[2009-02-11 09:53:21 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll

[2009-02-11 09:53:21 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll

[2009-02-11 09:53:21 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll

========== Files - Modified Within 30 Days ==========

[2 C:\WINDOWS\System32\*.tmp files]

[2 C:\WINDOWS\*.tmp files]

[2009-02-12 21:25:22 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Johanna\Skrivbord\OTViewIt.exe

[2009-02-12 21:05:35 | 00,000,250 | ---- | M] () -- C:\WINDOWS\gmer.ini

[2009-02-12 21:05:34 | 00,884,736 | ---- | M] () -- C:\WINDOWS\gmer.dll

[2009-02-12 21:05:34 | 00,085,969 | ---- | M] (GMER) -- C:\WINDOWS\System32\drivers\gmer.sys

[2009-02-12 21:05:34 | 00,000,080 | ---- | M] () -- C:\WINDOWS\gmer_uninstall.cmd

[2009-02-12 17:44:50 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009-02-12 17:44:29 | 00,000,552 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled scanning task.job

[2009-02-12 17:44:00 | 00,000,991 | ---- | M] () -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Glocalnet Säkerhetspaket.lnk

[2009-02-12 17:44:00 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2009-02-12 17:43:55 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2009-02-12 17:43:52 | 10,731,80672 | -HS- | M] () -- C:\hiberfil.sys

[2009-02-11 14:04:12 | 00,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2009-02-11 14:03:59 | 00,956,996 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2009-02-11 14:03:59 | 00,405,884 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat

[2009-02-11 14:03:59 | 00,402,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2009-02-11 14:03:59 | 00,074,900 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat

[2009-02-11 14:03:59 | 00,063,350 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2009-02-11 14:03:05 | 00,000,057 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf

[2009-02-11 10:31:47 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx

[2009-02-11 10:30:52 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb

[2009-02-11 10:30:52 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

[2009-02-11 10:29:59 | 02,291,656 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2009-02-11 10:19:42 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2009-02-11 10:19:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2009-02-11 10:15:19 | 00,250,560 | RHS- | M] () -- C:\ntldr

[2009-02-08 15:00:21 | 00,000,601 | ---- | M] () -- C:\Documents and Settings\Johanna\Mina dokument\Mina delade mappar.lnk

[2009-02-03 15:21:14 | 21,244,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

[2009-02-02 22:05:05 | 00,020,394 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\räkningar.ods

[2009-01-27 22:13:16 | 00,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2009-01-16 23:45:41 | 00,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT

[2009-01-16 18:55:01 | 00,007,680 | -HS- | M] () -- C:\WINDOWS\Thumbs.db

@Alternate Data Stream - 0 bytes -> C:\WINDOWS\Thumbs.db:encryptable

< End of report >

[/log]

12 februari, 2009

Kopiera in följande i Anteckningar:

REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iexplore.exe]
"Debugger"=-

Kontrollera att det inom [] står på endast en rad och inte har delats upp på två rader.

Spara filen som fixMe.reg och för att det ska fungera så måste du ändra till alla filtyper i Sparafönstret.

Dubbelklicka på filen och svara ja på frågan som kommer upp.

Starta om datorn.

Klistra in en ny OTViewIt-logg.

[log]"{7148F0A8-6813-11D6-A77B-00B0D0142030}"=Java 2 Runtime Environment, SE v1.4.2_03

Gammal version med säkerhetshål som ska avinstalleras.

"{AC76BA86-0000-0000-0000-6028747ADE01}"=Adobe Acrobat - Reader 6.0.2 Update

"{AC76BA86-7AD7-1033-7B44-A00000000001}"=Adobe Reader 6.0.1

Det där är också en gammal version som möjligen innehåller säkerhetshål.

Det här felet har inträffat flera gånger idag:

Error - 2009-02-12 16:09:12 | Computer Name = D49JTZ1J | Source = Userenv | ID = 1041 Description = Det går inte att läsa {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} från registerposten DllName Detta kommer inte att läsas in. Problemet beror antagligen på fel i registret.

Ett fel i registret som ger upphov det sådana problem är inget som jag kan fixa utan då kan det vara bäst med en ominstallation. Eller har du haft någon beta-version av Internet Explorer version 8 installerad? I så fall kolla på

http://www.windowskb.com/Uwe/Forum.aspx/windowsxp/265334/help-IE8-uninstall-issues-my-friend-installed-it-on-both-computer

Det här en gång:

Error - 2009-02-12 12:44:01 | Computer Name = D49JTZ1J | Source = Service Control Manager | ID = 7024 Description = Tjänsten Bonjour-tjänst avbröts med det tjänstspecifika felet 4294967295 (0xFFFFFFFF).

Om du inte använder Bonjour så avinstallera det.[/log]

15 februari, 2009

Hej skapade fixMe.reg filen

Tog bort allt du nämnde ovan förutom instruktionerna för IE 8 beta. Vi hade den installerad ett tag, men den är avinstallerad sen en tag tillbaka.

Här kommer OTViewIt loggen.

[log]

OTViewIt logfile created on: 2009-02-15 13:21:08 - Run 2

OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Johanna\Skrivbord

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

1023,40 Mb Total Physical Memory | 498,52 Mb Available Physical Memory | 48,71% Memory free

2,40 Gb Paging File | 1,89 Gb Available in Paging File | 78,52% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 90,06 Gb Total Space | 34,89 Gb Free Space | 38,74% Space Free | Partition Type: NTFS

Unable to calculate disk information.

Drive E: | 13,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: D49JTZ1J

Current User Name: Johanna

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user