Virusborttagning, Internetanslutningen försvann

9 december, 2010

Hej,

jag behöver lite hjälp. Körde igenom min dator med virusscan som då hittade lite fel(vet dock ej exakt vilka mer än att ett hette något med WIN32. o trojan) programmet skulle reparera filer, men då bestämmer sig dator för att stänga av sig på grund av ändrade systeminställningar tror jag.

När dator sedan är omstartad är alla anslutningar till internet borta och det går inte att skapa någon ny. Det är en trådlös anslutning jag ska ha. Plus att typsnitt är ändrat nere i startmenyn. Det står även något med ATI inställningar o att jag inte har behörighet att ändra de, vilket jag inte försökt, men det kommer upp när man startar datorn.

Någon som kan ge mig ett tips på vad jag kan göra? Eller vad det är som har hänt?

Behöver verkligen få upp den på internet igen.

Tack på förhand!

9 december, 2010

Vilket Windows har datorn?

Vilket antivirusprogram gäller det?

Kan du hitta någon logg i det programmet som visar mer exakt vad det gjorde?

Kan du i så fall föra över loggen till datorn med fungerande internetanslutningen? I så fall klistra in loggen i ditt svar.

Under förutsättning att du kan få över filer mellan datorerna, ladda ner DDS och för över till den infekterade datorns Skrivbord.

http://download.bleepingcomputer.com/sUBs/dds.scr

Starta programmet genom att dubbelklicka på det.

Tryck Yes/Ja om frågan om Optional Scan dyker upp.

I ditt svar klistrar du in loggen DSS.txt. Medan du bifogar Attach.txt som en fil.

9 december, 2010

Problemet är att jag körde via internet på microsoftshemsida så jag tog ingen logg heller tyvärr. Jag har XP på den datorn.

ska testa det du skrev nedan om jag kan få över det. Tack så länge. Återkommer.

Vilket Windows har datorn?

Vilket antivirusprogram gäller det?

Kan du hitta någon logg i det programmet som visar mer exakt vad det gjorde?

Kan du i så fall föra över loggen till datorn med fungerande internetanslutningen? I så fall klistra in loggen i ditt svar.

Under förutsättning att du kan få över filer mellan datorerna, ladda ner DDS och för över till den infekterade datorns Skrivbord.

http://download.bleepingcomputer.com/sUBs/dds.scr

Starta programmet genom att dubbelklicka på det.

Tryck Yes/Ja om frågan om Optional Scan dyker upp.

I ditt svar klistrar du in loggen DSS.txt. Medan du bifogar Attach.txt som en fil.

9 december, 2010

Det händer tyvärr ingenting när jag kör DDS. Första gången hängde det sig. Ingen scan kör igång och det kommer inga loggfiler. Bara den första svartarutan med information =/

9 december, 2010

Se om du kan hitta något om vad som gjordes i den här mappen:

C:\Documents and Settings\<anv.namn>\Local Settings\Application Data\Microsoft\Windows Live OneCare safety scanner\

9 december, 2010

Starta om datorn i felsäkert läge (tryck F8 upprepade gånger under uppstarten och välj felsäkert läge i menyn) och se om det går bättre att köra DDS då.

PS. För att se mappen "Local Settings" kan du behöva slå på visning av dolda filer.

9 december, 2010

Gick tyvärr inte att köra DDS där heller den hängde sig igen.

O denna mapp Windows Live OneCare safety scanner fanns tyvärr inte heller.

9 december, 2010

Sök igenom datorn efter någon fil/mapp som heter något med "onecare".

En del skadliga program stoppar in en proxy-server. Se om internet kommer igång om du ändrar tillbaks:

Kontrollpanelen - Internetalternativ - Anslutningar - LAN-inställningar

Klicka på Avancerat

Ta bort innehållet där så att alla rutor under rubriken Servrar är tomma.

Klicka OK

Ta bort eventuellt innehåll i rutan Adress

Avbocka "Använd en proxyserver...."

9 december, 2010

När jag går in där under avancerat finns det ett fält där det står undantag, använd inte proxy som börjar med o så står det *.local ska jag ta bort denna?

Fanns tyvärr ingen onecare mapp i datorn när jag sökte igenom.

9 december, 2010

*.local kan stå kvar.

Prövar med ett annat program. Spara OTL på Skrivbordet.

http://oldtimer.geekstogo.com/OTL.exe

Stäng alla program.

Kör OTL (i Vista högerklicka och Kör som administratör).

Under Output högt upp så välj Minimal Output.

Under Standard Registry välj All.

Bocka för LOP Check och Purity Check.

Tryck på Run Scan och låt programmet köra ostört.

När det är klart så skapas två loggfiler på Skrivbordet, OTL.txt och Extras.txt. I ditt svar klistrar du in loggen OTL.txt. Medan du bifogar Extras.txt som en fil.

9 december, 2010

Yes nu gick det såhär kommer filerna. Får se om de säger nåt. Tack för dina svar och tålamod.

OTLfilen (hoppas inte allt det där är fel)

OTL logfile created on: 2010-12-09 15:22:36 - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Ullis\Skrivbord

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

446,00 Mb Total Physical Memory | 184,00 Mb Available Physical Memory | 41,00% Memory free

1,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free

Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 55,89 Gb Total Space | 9,83 Gb Free Space | 17,59% Space Free | Partition Type: NTFS

Computer Name: PLASTIC | User Name: Ullis | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Ullis\Skrivbord\OTL.exe (OldTimer Tools)

PRC - C:\Program\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()

PRC - C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)

PRC - C:\Program\Delade filer\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program\Delade filer\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)

PRC - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe (Acer Inc.)

PRC - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Ullis\Skrivbord\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (OMSI download service) -- C:\Program\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()

SRV - (FLEXnet Licensing Service) -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)

SRV - (SeaPort) -- C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)

SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program\Delade filer\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

SRV - (AcerMemUsageCheckService) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe (Acer Inc.)

SRV - (IDriverT) -- C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (ose) -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (pljbhqfe) -- C:\WINDOWS\System32\drivers\pljbhqfe.sys File not found

DRV - (hwdatacard) -- C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys File not found

DRV - (6c974c26) -- C:\WINDOWS\System32\drivers\6c974c26.sys File not found

DRV - (s1029unic) Sony Ericsson Device 1029 USB Ethernet Emulation (WDM) -- C:\WINDOWS\system32\drivers\s1029unic.sys (MCCI Corporation)

DRV - (s1029mdm) -- C:\WINDOWS\system32\drivers\s1029mdm.sys (MCCI Corporation)

DRV - (s1029bus) Sony Ericsson Device 1029 driver (WDM) -- C:\WINDOWS\system32\drivers\s1029bus.sys (MCCI Corporation)

DRV - (s1029mdfl) -- C:\WINDOWS\system32\drivers\s1029mdfl.sys (MCCI Corporation)

DRV - (s1029mgmt) Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s1029mgmt.sys (MCCI Corporation)

DRV - (s1029obex) -- C:\WINDOWS\system32\drivers\s1029obex.sys (MCCI Corporation)

DRV - (s1029nd5) Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS) -- C:\WINDOWS\system32\drivers\s1029nd5.sys (MCCI Corporation)

DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()

DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()

DRV - (usbaudio) USB-ljuddrivrutiner (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)

DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)

DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)

DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows ® Server 2003 DDK provider)

DRV - (speedfan) -- C:\WINDOWS\system32\speedfan.sys (Windows ® 2000 DDK provider)

DRV - (NTIDrvr) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)

DRV - (tvicport) -- C:\WINDOWS\system32\drivers\TVicPort.sys (EnTech Taiwan)

DRV - (int15) -- C:\WINDOWS\system32\drivers\int15.sys ()

DRV - (zntport) -- C:\WINDOWS\system32\drivers\zntport.sys (Zeal SoftStudio)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)

DRV - (AR5211) -- C:\WINDOWS\system32\drivers\ar5211.sys (Atheros Communications, Inc.)

DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )

DRV - (DritekPortIO) -- C:\Program\Launch Manager\DPortIO.sys (Dritek System Inc.)

DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)

DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)

DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)

DRV - (UBHelper) -- C:\WINDOWS\System32\drivers\UBHelper.sys ()

DRV - (DKbFltr) -- C:\WINDOWS\system32\drivers\DKbFltr.SYS (Dritek System Inc.)

DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)

DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)

DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)

DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)

DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)

DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)

DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)

DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)

DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)

DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)

DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)

DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)

DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)

DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)

DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)

DRV - (cdrbsvsd) -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys (B.H.A Corporation)

DRV - (sonypvs1) -- C:\WINDOWS\system32\drivers\sonypvs1.sys (Sony Corporation)

DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.se/

IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

O1 HOSTS File: ([2004-08-04 05:00:00 | 000,000,710 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (no name) - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - No CLSID value found.

O2 - BHO: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - No CLSID value found.

O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Windows Live inloggningshjälpen) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (no name) - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - No CLSID value found.

O2 - BHO: (no name) - {dbc80044-a445-435b-bc74-9c25c1c588a9} - No CLSID value found.

O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O2 - BHO: (no name) - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - No CLSID value found.

O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.

O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (&Adress) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Länkar) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe ()

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [ATICCC] C:\Program\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)

O4 - HKLM..\Run: [AzMixerSel] C:\Program\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe ()

O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()

O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)

O4 - HKLM..\Run: [LManager] C:\Program\Launch Manager\LManager.exe (Dritek System Inc.)

O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()

O4 - HKLM..\Run: [Net iD] C:\Program\Net iD\iid.exe (SecMaker AB)

O4 - HKLM..\Run: [ntiMUI] C:\Program\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe ()

O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [QuickTime Task] C:\Program\QuickTime\qttask.exe (Apple Inc.)

O4 - HKLM..\Run: [RemoteControl] C:\Program\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)

O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)

O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKCU..\Run: [sony Ericsson PC Companion] C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)

O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)

O4 - Startup: C:\Documents and Settings\Ullis\Start-meny\Program\Autostart\Nikon Monitor.lnk = C:\Program\Delade filer\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: E&xportera till Microsoft Excel - C:\Program\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)

O9 - Extra Button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab (Windows Live Safety Center Base Module)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1291806084562 (WUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1222636472524&h=4874c7c2d7cb20bce5a2d164cd0879e9/&filename=jinstall-6u7-windows-i586-jc.cab (Java Plug-in 1.6.0_07)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://62.181.87.189/activex/AxisCamControl.cab (CamImage Class)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)

O16 - DPF: {cafeefac-0016-0000-0014-abcdeffedcba} Reg Error: Value error. (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.26.227.3 192.168.0.1

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program\Delade filer\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program\Delade filer\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (wppkyq.dll) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (Min aktuella startsida) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Ullis\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ullis\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006-05-03 16:44:20 | 000,000,049 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{53b8964c-e010-11dd-8f0a-0016ce73ec9f}\Shell - "" = AutoRun

O33 - MountPoints2\{53b8964c-e010-11dd-8f0a-0016ce73ec9f}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found

O33 - MountPoints2\{86c4f48b-4542-11de-8ff1-0016ce73ec9f}\Shell - "" = AutoRun

O33 - MountPoints2\{86c4f48b-4542-11de-8ff1-0016ce73ec9f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found

O33 - MountPoints2\{86c4f48c-4542-11de-8ff1-0016ce73ec9f}\Shell\AutoRun\command - "" = G:\grantorino\avatar\winlogin.exe -- File not found

O33 - MountPoints2\{86c4f48c-4542-11de-8ff1-0016ce73ec9f}\Shell\Explore\Command - "" = G:\grantorino\avatar\winlogin.exe -- File not found

O33 - MountPoints2\{86c4f48c-4542-11de-8ff1-0016ce73ec9f}\Shell\open\command - "" = G:\grantorino\avatar\winlogin.exe -- File not found

O33 - MountPoints2\{a8661a74-e011-11dd-8f0b-0016ce73ec9f}\Shell - "" = AutoRun

O33 - MountPoints2\{a8661a74-e011-11dd-8f0b-0016ce73ec9f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found

O33 - MountPoints2\{c5aebd2e-0090-11e0-9333-0016ce73ec9f}\Shell\AutoRun\command - "" = F:\grantorino\avatar\winlogin.exe -- File not found

O33 - MountPoints2\{c5aebd2e-0090-11e0-9333-0016ce73ec9f}\Shell\Explore\Command - "" = F:\grantorino\avatar\winlogin.exe -- File not found

O33 - MountPoints2\{c5aebd2e-0090-11e0-9333-0016ce73ec9f}\Shell\open\command - "" = F:\grantorino\avatar\winlogin.exe -- File not found

O33 - MountPoints2\{e9ef2fe8-e609-11dd-8f1c-0016ce73ec9f}\Shell - "" = AutoRun

O33 - MountPoints2\{e9ef2fe9-e609-11dd-8f1c-0016ce73ec9f}\Shell - "" = AutoRun

O33 - MountPoints2\{fcc69da8-e592-11dd-8f1a-0016ce73ec9f}\Shell - "" = AutoRun

O33 - MountPoints2\{fcc69da9-e592-11dd-8f1a-0016ce73ec9f}\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-12-09 15:18:56 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ullis\Skrivbord\OTL.exe

[2010-11-26 16:32:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ullis\Skrivbord\önskelista

[2010-11-12 13:19:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ullis\Mina dokument\Smalsthlm

[2010-07-27 21:25:42 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Application Data\hpeCB.dll

[2006-02-22 11:20:14 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll

[535 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\*.tmp files -> C:\*.tmp -> ]

[14 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010-12-09 15:12:30 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ullis\Skrivbord\OTL.exe

[2010-12-09 14:19:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010-12-09 14:19:33 | 467,841,024 | -HS- | M] () -- C:\hiberfil.sys

[2010-12-09 13:01:34 | 000,624,128 | ---- | M] () -- C:\Documents and Settings\Ullis\Skrivbord\dds.scr

[2010-12-03 16:25:57 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010-11-22 23:44:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

[535 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010-12-09 14:19:33 | 467,841,024 | -HS- | C] () -- C:\hiberfil.sys

[2010-12-09 13:08:15 | 000,624,128 | ---- | C] () -- C:\Documents and Settings\Ullis\Skrivbord\dds.scr

[2010-01-08 23:07:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Standard Tool

[2009-06-09 20:45:19 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\Ullis\Application Data\wiaserva.log

[2009-04-08 14:18:05 | 000,002,528 | ---- | C] () -- C:\WINDOWS\FCIC.INI

[2009-02-26 22:26:50 | 000,000,356 | ---- | C] () -- C:\WINDOWS\ViewNX.INI

[2009-02-26 22:04:53 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT

[2009-02-26 22:04:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ullis\Application Data\SupportPrinters

[2009-02-26 21:57:14 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Sync Services

[2009-02-26 21:57:14 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Ullis\Application Data\Strings

[2009-02-26 21:57:14 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT

[2009-02-26 21:57:14 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\SystemConfiguration

[2009-01-23 21:14:20 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt

[2009-01-23 21:14:06 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2009-01-23 20:22:49 | 002,729,472 | ---- | C] () -- C:\WINDOWS\System32\fun_avcodec.dll

[2009-01-15 13:36:14 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2009-01-10 15:42:19 | 000,110,024 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\FontCache3.0.0.0.dat

[2009-01-09 21:35:19 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll

[2009-01-04 21:24:32 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini

[2008-12-31 17:04:42 | 000,691,560 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll

[2008-11-14 01:53:42 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll

[2008-11-14 01:53:42 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll

[2008-09-28 23:57:40 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\Ullis\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008-09-20 14:13:52 | 000,000,383 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2008-09-20 14:07:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AutoRun.INI

[2008-09-17 21:43:52 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Ullis\Lokala inställningar\Application Data\fusioncache.dat

[2008-09-12 09:48:49 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll

[2008-09-12 09:45:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NT.INI

[2006-05-03 17:41:26 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2006-05-03 16:44:48 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll

[2006-05-03 16:43:04 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll

[2006-05-03 16:43:04 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll

[2006-05-03 16:43:04 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll

[2006-05-03 16:43:04 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll

[2006-04-26 02:19:54 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2006-04-14 15:27:44 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys

[2006-04-14 15:27:44 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys

[2006-03-10 14:15:44 | 000,036,404 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2006-02-22 11:20:14 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll

[2005-12-14 20:59:52 | 000,000,038 | ---- | C] () -- C:\WINDOWS\Acer.ini

[2005-03-28 15:45:26 | 000,000,083 | ---- | C] () -- C:\WINDOWS\ALaunch.ini

[2004-12-17 16:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys

[2004-08-04 05:00:00 | 000,003,529 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

[2004-02-13 13:49:44 | 000,356,352 | ---- | C] () -- C:\WINDOWS\EMCRI.dll

[2003-04-08 11:35:24 | 000,005,414 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[2001-12-26 15:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll

[2001-09-03 22:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll

[2001-07-30 15:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll

[2001-07-23 21:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll

[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2009-01-15 13:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite

[2009-02-26 22:04:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp

[2009-04-08 14:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FirstClass

[2009-02-26 22:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon

[2009-01-03 23:14:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NtiDvdCopy

[2010-06-05 22:05:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe

[2009-02-26 22:04:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15

[2009-01-15 13:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ullis\Application Data\DAEMON Tools

[2009-01-15 13:46:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ullis\Application Data\DAEMON Tools Lite

[2009-01-15 13:45:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ullis\Application Data\DAEMON Tools Pro

[2010-03-22 13:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ullis\Application Data\Dropbox

[2009-03-27 19:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ullis\Application Data\iid

[2009-02-26 22:14:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ullis\Application Data\Nikon

[2009-01-23 21:19:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ullis\Application Data\Samsung

[2010-07-27 21:36:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ullis\Application Data\Sony

[2010-07-27 20:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ullis\Application Data\Sony Setup

[2010-12-07 14:10:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ullis\Application Data\Spotify

[2010-11-22 23:44:00 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

< End of report >

Extras.Txt

9 december, 2010

Inte bra att köra utan antivirusprogram som du märker.

1.

På sidan http://www.virustotal.com klickar du på Bläddra -knappen och klistrar in följande filnamn i rutan, klicka på Öppna och sedan på Skicka Fil. Vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in länken till resultatet här.

C:\Documents and Settings\All Users\Application Data\hpeCB.dll

2.

Stäng av alla program du ser så att de inte krockar med OTL.

Starta programmet OTL.

Kopiera alla raderna i rutan:

:OTL
DRV - (pljbhqfe) -- C:\WINDOWS\System32\drivers\pljbhqfe.sys File not found
DRV - (6c974c26) -- C:\WINDOWS\System32\drivers\6c974c26.sys File not found
O2 - BHO: (no name) - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - No CLSID value found.
O2 - BHO: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - No CLSID value found.
O2 - BHO: (no name) - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - No CLSID value found.
O2 - BHO: (no name) - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - No CLSID value found.
O2 - BHO: (no name) - {dbc80044-a445-435b-bc74-9c25c1c588a9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O16 - DPF: CabBuilder http://kiw.imgag.com...llerControl.cab (Reg Error: Key error.)
O20 - AppInit_DLLs: (wppkyq.dll) - File not found
O33 - MountPoints2\{53b8964c-e010-11dd-8f0a-0016ce73ec9f}\Shell - "" = AutoRun
O33 - MountPoints2\{53b8964c-e010-11dd-8f0a-0016ce73ec9f}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{86c4f48b-4542-11de-8ff1-0016ce73ec9f}\Shell - "" = AutoRun
O33 - MountPoints2\{86c4f48b-4542-11de-8ff1-0016ce73ec9f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{86c4f48c-4542-11de-8ff1-0016ce73ec9f}\Shell\AutoRun\command - "" = G:\grantorino\avatar\winlogin.exe -- File not found
O33 - MountPoints2\{86c4f48c-4542-11de-8ff1-0016ce73ec9f}\Shell\Explore\Command - "" = G:\grantorino\avatar\winlogin.exe -- File not found
O33 - MountPoints2\{86c4f48c-4542-11de-8ff1-0016ce73ec9f}\Shell\open\command - "" = G:\grantorino\avatar\winlogin.exe -- File not found
O33 - MountPoints2\{a8661a74-e011-11dd-8f0b-0016ce73ec9f}\Shell - "" = AutoRun
O33 - MountPoints2\{a8661a74-e011-11dd-8f0b-0016ce73ec9f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{c5aebd2e-0090-11e0-9333-0016ce73ec9f}\Shell\AutoRun\command - "" = F:\grantorino\avatar\winlogin.exe -- File not found
O33 - MountPoints2\{c5aebd2e-0090-11e0-9333-0016ce73ec9f}\Shell\Explore\Command - "" = F:\grantorino\avatar\winlogin.exe -- File not found
O33 - MountPoints2\{c5aebd2e-0090-11e0-9333-0016ce73ec9f}\Shell\open\command - "" = F:\grantorino\avatar\winlogin.exe -- File not found
O33 - MountPoints2\{e9ef2fe8-e609-11dd-8f1c-0016ce73ec9f}\Shell - "" = AutoRun
O33 - MountPoints2\{e9ef2fe9-e609-11dd-8f1c-0016ce73ec9f}\Shell - "" = AutoRun
O33 - MountPoints2\{fcc69da8-e592-11dd-8f1a-0016ce73ec9f}\Shell - "" = AutoRun
O33 - MountPoints2\{fcc69da9-e592-11dd-8f1a-0016ce73ec9f}\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
:Commands
[CREATERESTOREPOINT]
[EMPTYTEMP]
[REBOOT]

Klistra in dem i rutan Custom Scans/Fixes. Kontrollera att det ser exakt likadant ut, t ex när det gäller radbrytningar.

Tryck på Run Fix.

Om du blir tillfrågad om att starta om datorn så gör det.

Det kommer upp en logg i Anteckningar. Kopiera den och klistra in i ditt svar.

Om den inte kommer automatiskt så hittar du den i mappen c:\_OTL\Moved Files med ett namn som innehåller dagens datum och klockslaget för körningen.

3.

Jag ser att du har MBAM (Malwarebytes Anti-Malware) installerat. Starta programmet, uppdatera och skanna igenom datorn. Om något hittas så vill jag se loggen.

10 december, 2010

Nej vet att det inte va så smart, det komiska var att jag skulle lägga in det efter scanningen funkar sådär. Kan tyvärr inte klistra in länken kommer inte åt internet från den dator. o inte heller uppdatera malware pga av det. Men jag körde den versione jag hade och det reslutatet bifogar jag här.

OTL loggfilen, blev dock fel första gången

All processes killed

========== OTL ==========

Error: No service named pljbhqfe was found to stop!

Service\Driver key pljbhqfe not found.

File C:\WINDOWS\System32\drivers\pljbhqfe.sys File not found not found.

Error: No service named 6c974c26 was found to stop!

Service\Driver key 6c974c26 not found.

File C:\WINDOWS\System32\drivers\6c974c26.sys File not found not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e7e6f031-17ce-4c07-bc86-eabfe594f69c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e7e6f031-17ce-4c07-bc86-eabfe594f69c}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dbc80044-a445-435b-bc74-9c25c1c588a9}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dbc80044-a445-435b-bc74-9c25c1c588a9}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{C4069E3A-68F1-403E-B40E-20066696354B} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.

Starting removal of ActiveX control CabBuilder

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\CabBuilder\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\CabBuilder\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:wppkyq.dll deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53b8964c-e010-11dd-8f0a-0016ce73ec9f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53b8964c-e010-11dd-8f0a-0016ce73ec9f}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53b8964c-e010-11dd-8f0a-0016ce73ec9f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53b8964c-e010-11dd-8f0a-0016ce73ec9f}\ not found.

File E:\LaunchU3.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86c4f48b-4542-11de-8ff1-0016ce73ec9f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86c4f48b-4542-11de-8ff1-0016ce73ec9f}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86c4f48b-4542-11de-8ff1-0016ce73ec9f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86c4f48b-4542-11de-8ff1-0016ce73ec9f}\ not found.

File F:\LaunchU3.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86c4f48c-4542-11de-8ff1-0016ce73ec9f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86c4f48c-4542-11de-8ff1-0016ce73ec9f}\ not found.

File G:\grantorino\avatar\winlogin.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86c4f48c-4542-11de-8ff1-0016ce73ec9f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86c4f48c-4542-11de-8ff1-0016ce73ec9f}\ not found.

File G:\grantorino\avatar\winlogin.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86c4f48c-4542-11de-8ff1-0016ce73ec9f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86c4f48c-4542-11de-8ff1-0016ce73ec9f}\ not found.

File G:\grantorino\avatar\winlogin.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a8661a74-e011-11dd-8f0b-0016ce73ec9f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8661a74-e011-11dd-8f0b-0016ce73ec9f}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a8661a74-e011-11dd-8f0b-0016ce73ec9f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8661a74-e011-11dd-8f0b-0016ce73ec9f}\ not found.

File F:\LaunchU3.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5aebd2e-0090-11e0-9333-0016ce73ec9f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c5aebd2e-0090-11e0-9333-0016ce73ec9f}\ not found.

File F:\grantorino\avatar\winlogin.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5aebd2e-0090-11e0-9333-0016ce73ec9f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c5aebd2e-0090-11e0-9333-0016ce73ec9f}\ not found.

File F:\grantorino\avatar\winlogin.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5aebd2e-0090-11e0-9333-0016ce73ec9f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c5aebd2e-0090-11e0-9333-0016ce73ec9f}\ not found.

File F:\grantorino\avatar\winlogin.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9ef2fe8-e609-11dd-8f1c-0016ce73ec9f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e9ef2fe8-e609-11dd-8f1c-0016ce73ec9f}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9ef2fe9-e609-11dd-8f1c-0016ce73ec9f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e9ef2fe9-e609-11dd-8f1c-0016ce73ec9f}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcc69da8-e592-11dd-8f1a-0016ce73ec9f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fcc69da8-e592-11dd-8f1a-0016ce73ec9f}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcc69da9-e592-11dd-8f1a-0016ce73ec9f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fcc69da9-e592-11dd-8f1a-0016ce73ec9f}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.

File F:\LaunchU3.exe not found.

========== COMMANDS ==========

Error: Registry key for service SrServicemissing or inaccessible!

[EMPTYTEMP]

User: Administratör

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: All Users

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: Ullis

->Temp folder emptied: 575626 bytes

->Temporary Internet Files folder emptied: 64698 bytes

->Java cache emptied: 0 bytes

->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,00 mb

OTL by OldTimer - Version 3.2.17.3 log created on 12102010_142724

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

10 december, 2010

Hittade MBAM något?

Klistra in en ny OTL-logg.

10 december, 2010

Nej den hittade inget tyvärr=(

ska jag köra OTL som första gången alltså?

10 december, 2010

Japp

10 december, 2010

Sådär

OTL logfile created on: 2010-12-10 15:26:01 - Run 2

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Ullis\Skrivbord

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

446,00 Mb Total Physical Memory | 189,00 Mb Available Physical Memory | 42,00% Memory free

1,00 Gb Paging File | 1,00 Gb Available in Paging File | 77,00% Paging File free

Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 55,89 Gb Total Space | 10,70 Gb Free Space | 19,14% Space Free | Partition Type: NTFS

Computer Name: PLASTIC | User Name: Ullis | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Ullis\Skrivbord\OTL.exe (OldTimer Tools)

PRC - C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)

PRC - C:\Program\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()

PRC - C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)

PRC - C:\Program\Net iD\iid.exe (SecMaker AB)

PRC - C:\Program\Delade filer\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program\Delade filer\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)

PRC - C:\Program\Launch Manager\LManager.exe (Dritek System Inc.)