Hey there RKinner, and thanks for helping us out! Sorry about posting the HijackThis log; it's been a while since I last had to deal with virus problems (I bought a Norton subscription for my own computer, a couple of years ago -- perhaps I could use that on my parents' laptop as well?). Anyway, I've followed all the steps now, so below you'll find the logs
MBAM log:Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4103
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
2010-05-15 13:23:25
mbam-log-2010-05-15 (13-23-25).txt
Scan type: Quick scan
Objects scanned: 131549
Time elapsed: 5 minute(s), 11 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER log:GMER 1.0.15.15281 -
http://www.gmer.netRootkit scan 2010-05-15 14:28:24
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\Hanne\LOKALA~1\Temp\pxtdrpod.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwConnectPort [0xAACEAE60]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateFile [0xAACE7820]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateKey [0xAACF2690]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreatePort [0xAACEB1F0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateProcess [0xAACF1480]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateProcessEx [0xAACF16B0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateSection [0xAACF4CE0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateWaitablePort [0xAACEB2D0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteFile [0xAACE7EA0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteKey [0xAACF36A0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteValueKey [0xAACF32E0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDuplicateObject [0xAACF11F0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwLoadKey [0xAACF39E0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenFile [0xAACE7CF0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenProcess [0xAACF0F40]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenThread [0xAACF0D60]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwReplaceKey [0xAACF3CD0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRequestWaitReplyPort [0xAACEAB00]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRestoreKey [0xAACF3F80]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSecureConnectPort [0xAACEB010]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSetInformationFile [0xAACE8010]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSetValueKey [0xAACF2E67]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwTerminateProcess [0xAACF18E0]
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwCallbackReturn + 2C80 805044EC 12 Bytes [F0, B1, CE, AA, 80, 14, CF, ...]
? srescan.sys Det går inte att hitta filen. !
.text ntkrnlpa.exe!ZwYieldExecution + 3228 805044EC 12 Bytes [F0, B1, CE, AA, 80, 14, CF, ...]
---- User code sections - GMER 1.0.15 ----
.text C:\Program\Internet Explorer\iexplore.exe[2372] ole32.dll!OleLoadFromStream 7751A257 5 Bytes JMP 7E2A486D C:\WINDOWS\system32\SHDOCVW.dll (Shell Doc Object och Control Library/Microsoft Corporation)
.text C:\WINDOWS\SMINST\Scheduler.exe[3644] USER32.dll!GetSysColor 7E368E78 5 Bytes JMP 00418ED0 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3644] USER32.dll!GetSysColorBrush 7E368EAB 5 Bytes JMP 00418F40 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3644] USER32.dll!SetScrollInfo 7E369056 7 Bytes JMP 00418DC0 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3644] USER32.dll!GetScrollInfo 7E370DA2 7 Bytes JMP 00418D10 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3644] USER32.dll!ShowScrollBar 7E37F2B3 5 Bytes JMP 00418E90 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3644] USER32.dll!GetScrollPos 7E37F6C4 5 Bytes JMP 00418D50 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3644] USER32.dll!SetScrollPos 7E37F710 5 Bytes JMP 00418E00 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3644] USER32.dll!GetScrollRange 7E37F747 5 Bytes JMP 00418D80 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3644] USER32.dll!SetScrollRange 7E37F95B 5 Bytes JMP 00418E40 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3644] USER32.dll!EnableScrollBar 7E3B7DDD 7 Bytes JMP 00418CD0 C:\WINDOWS\SMINST\Scheduler.exe
---- Devices - GMER 1.0.15 ----
Device \Driver\Tcpip \Device\Ip vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 eabfiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Development Company, L.P.)
Device \Driver\Tcpip \Device\Tcp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\Tcpip \Device\Udp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\Tcpip \Device\RawIp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\Tcpip \Device\IPMULTICAST vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
---- EOF - GMER 1.0.15 ----
OTL log:OTL logfile created on: 2010-05-15 15:00:26 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Hanne\Skrivbord
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd
1 015,00 Mb Total Physical Memory | 554,00 Mb Available Physical Memory | 55,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program
Drive C: | 66,70 Gb Total Space | 47,94 Gb Free Space | 71,87% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 7,81 Gb Total Space | 0,55 Gb Free Space | 7,03% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ADAM
Current User Name: Hanne
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2010-05-15 14:29:16 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hanne\Skrivbord\OTL.exe
PRC - [2010-04-03 01:06:33 | 002,046,816 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program\AVG\AVG8\avgtray.exe
PRC - [2009-10-28 23:21:16 | 000,939,920 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exe
PRC - [2009-08-23 13:15:24 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program\AVG\AVG8\avgcsrvx.exe
PRC - [2009-08-23 13:15:24 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program\AVG\AVG8\avgrsx.exe
PRC - [2009-08-23 13:15:21 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program\AVG\AVG8\avgnsx.exe
PRC - [2009-08-23 13:15:16 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program\AVG\AVG8\avgemc.exe
PRC - [2009-08-23 13:15:13 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program\AVG\AVG8\avgwdsvc.exe
PRC - [2007-10-30 22:58:41 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007-09-25 02:11:35 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Java\jre1.6.0_03\bin\jusched.exe
PRC - [2007-06-13 15:23:56 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-03-09 00:02:00 | 000,919,280 | ---- | M] (Zone Labs, LLC) -- C:\Program\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2007-03-09 00:01:58 | 000,075,568 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2006-11-10 17:12:30 | 000,099,936 | ---- | M] () -- C:\Program\Canon\IJPLM\ijplmsvc.exe
PRC - [2006-06-20 21:08:48 | 000,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program\Delade filer\LightScribe\LSSrvc.exe
PRC - [2006-02-15 17:16:02 | 000,581,693 | ---- | M] (Broadcom Corporation.) -- C:\Program\WIDCOMM\Bluetooth-programvara\BTTray.exe
PRC - [2006-02-15 17:09:20 | 000,258,103 | ---- | M] (Broadcom Corporation.) -- C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe
PRC - [2006-02-15 15:43:16 | 000,892,928 | ---- | M] () -- C:\WINDOWS\SMINST\Scheduler.exe
PRC - [2006-02-14 11:56:08 | 000,122,880 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program\HPQ\HP ProtectTools Security Manager\pthosttr.exe
PRC - [2006-02-10 08:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program\Hp\Digital Imaging\bin\hpqimzone.exe
PRC - [2005-12-23 12:44:26 | 000,491,606 | ---- | M] () -- C:\Program\HPQ\Shared\HpqToaster.exe
PRC - [2005-09-23 22:05:26 | 000,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe
PRC - [2005-08-31 05:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005-06-29 21:06:54 | 000,043,008 | ---- | M] (Cognizance Corporation) -- C:\Program\HPQ\IAM\Bin\asghost.exe
PRC - [2005-05-20 10:11:06 | 000,925,696 | ---- | M] (Analog Devices, Inc.) -- C:\Program\Analog Devices\Core\smax4pnp.exe
========== Modules (SafeList) ========== MOD - [2010-05-15 14:29:16 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hanne\Skrivbord\OTL.exe
MOD - [2006-08-25 17:53:58 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004-08-04 10:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ========== SRV - [2009-08-23 13:15:16 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009-08-23 13:15:13 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2007-03-09 00:01:58 | 000,075,568 | ---- | M] (Zone Labs, LLC) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2006-11-10 17:12:30 | 000,099,936 | ---- | M] () [Auto | Running] -- C:\Program\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2006-06-20 21:08:48 | 000,049,152 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program\Delade filer\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006-02-15 17:09:20 | 000,258,103 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe -- (btwdins)
SRV - [2004-10-22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- c:\Program\Delade filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ========== DRV - [2009-08-23 13:15:24 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009-08-23 13:15:24 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009-05-17 22:23:29 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008-06-19 17:24:30 | 000,028,544 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2007-03-09 00:02:10 | 000,394,192 | ---- | M] (Zone Labs, LLC) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2007-01-18 05:39:20 | 000,050,416 | ---- | M] (Zone Labs, LLC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan)
DRV - [2006-07-31 03:00:08 | 001,155,584 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006-02-28 15:36:20 | 000,176,128 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2006-02-15 16:59:52 | 000,401,664 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006-02-15 16:56:58 | 001,342,570 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006-02-15 16:54:46 | 000,030,363 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006-02-15 16:54:40 | 000,030,189 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006-02-15 16:54:10 | 000,057,096 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006-02-15 16:51:22 | 000,148,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006-02-06 04:00:06 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006-01-19 15:50:40 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2005-11-10 19:50:38 | 000,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005-10-12 14:07:12 | 000,874,240 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2005-09-19 13:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005-09-19 13:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005-09-19 13:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2005-08-31 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005-08-31 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005-08-31 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005-08-31 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005-08-31 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005-08-31 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005-08-31 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005-08-30 03:30:00 | 000,088,752 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005-08-25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005-08-25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005-08-12 05:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005-07-26 11:46:54 | 000,065,152 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbser.sys -- (hwusbser)
DRV - [2005-07-26 11:46:54 | 000,065,152 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbapp.sys -- (hwusbapp)
DRV - [2005-07-26 11:46:54 | 000,065,152 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwcdcmdm0)
DRV - [2005-01-07 17:07:18 | 000,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2001-09-06 20:13:08 | 000,036,425 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2001-08-17 16:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.hp.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://google.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2004-08-04 10:00:00 | 000,000,710 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (HP Credential Manager for ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program\HPQ\IAM\Bin\ItIeAddIN.dll (Infineon Technologies AG)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CognizanceTS] C:\Program\HPQ\IAM\Bin\AsTsVcc.DLL (Cognizance Corporation)
O4 - HKLM..\Run: [Cpqset] C:\Program\HPQ\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [PTHOSTTR] C:\Program\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\WINDOWS\CREATOR\Remind_XP.exe ()
O4 - HKLM..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe ()
O4 - HKLM..\Run: [SoundMAX] C:\Program\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WatchDog] C:\Program\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)
O4 - HKCU..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BTTray.lnk = C:\Program\WIDCOMM\Bluetooth-programvara\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\DVD Check.lnk = C:\Program\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\HP Photosmart Premier Snabbstart.lnk = C:\Program\Hp\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.54.122.199 195.54.122.204
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\OneCard: DllName - C:\Program\HPQ\IAM\Bin\AsWlnPkg.dll - C:\Program\HPQ\IAM\Bin\AsWlnPkg.dll (Cognizance Corporation)
O24 - Desktop Components:0 (Min aktuella startsida) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Hanne\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Hanne\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001-07-27 23:07:00 | 000,000,000 | -HS- | M] () - E:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004-04-30 15:01:00 | 000,000,053 | -HS- | M] () - E:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{b46d8084-e81a-11de-9fb8-001641b963a6}\Shell - "" = AutoRun
O33 - MountPoints2\{b46d8084-e81a-11de-9fb8-001641b963a6}\Shell\AutoRun\command - "" = F:\hwpcassistant.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2006-11-19 08:25:26 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)
========== Files/Folders - Created Within 90 Days ========== [2010-05-15 14:29:13 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Hanne\Skrivbord\OTL.exe
[2010-05-15 13:15:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanne\Application Data\Malwarebytes
[2010-05-15 13:15:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-05-15 13:15:36 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-05-15 13:15:36 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware
[2010-05-15 13:15:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010-05-15 13:14:24 | 006,153,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Hanne\Skrivbord\mbam-setup.exe
[2010-05-15 13:14:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-05-15 13:13:21 | 000,000,000 | ---D | C] -- C:\Program\ERUNT
[2010-05-15 13:11:35 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Hanne\Skrivbord\erunt_setup.exe
[2010-05-14 21:57:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hanne\Skrivbord\backups
[2010-05-09 19:41:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Lokala inställningar\Application Data\Temp
[2010-05-09 18:24:30 | 000,000,000 | ---D | C] -- C:\Program\CleanUp!
[2010-05-09 18:11:12 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Hanne\Skrivbord\HiJackThis.exe
[2010-05-09 18:04:59 | 000,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 90 Days ========== [2010-05-15 14:57:27 | 000,049,617 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010-05-15 14:57:03 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-05-15 14:57:03 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-05-15 14:56:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-05-15 14:56:51 | 1064,751,104 | -HS- | M] () -- C:\hiberfil.sys
[2010-05-15 14:47:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-05-15 14:29:16 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hanne\Skrivbord\OTL.exe
[2010-05-15 13:23:55 | 002,883,584 | ---- | M] () -- C:\Documents and Settings\Hanne\ntuser.dat
[2010-05-15 13:23:55 | 000,000,192 | -HS- | M] () -- C:\Documents and Settings\Hanne\ntuser.ini
[2010-05-15 13:15:39 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes' Anti-Malware.lnk
[2010-05-15 13:14:32 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Hanne\Skrivbord\mbam-setup.exe
[2010-05-15 13:13:21 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\Hanne\Skrivbord\NTREGOPT.lnk
[2010-05-15 13:13:21 | 000,000,560 | ---- | M] () -- C:\Documents and Settings\Hanne\Skrivbord\ERUNT.lnk
[2010-05-15 13:11:36 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Hanne\Skrivbord\erunt_setup.exe
[2010-05-13 16:16:21 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-05-09 18:24:17 | 000,339,257 | ---- | M] () -- C:\Documents and Settings\Hanne\Skrivbord\CleanUp452.exe
[2010-05-09 18:11:14 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Hanne\Skrivbord\HiJackThis.exe
[2010-05-07 22:38:06 | 059,673,903 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010-05-02 12:25:40 | 000,001,726 | ---- | M] () -- C:\Documents and Settings\Hanne\Mina dokument\HUAWEI 3G Data Card.lnk
[2010-05-02 12:25:40 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Hanne\Mina dokument\Den här datorn (2).lnk
[2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-04-29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-04-16 00:06:59 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-04-05 00:05:40 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Hanne\Mina dokument\Den här datorn.lnk
[2010-03-28 22:33:46 | 000,889,438 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-03-28 22:33:46 | 000,384,018 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat
[2010-03-28 22:33:46 | 000,380,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-03-28 22:33:46 | 000,063,134 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat
[2010-03-28 22:33:46 | 000,053,098 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-03-22 20:07:50 | 000,357,704 | ---- | M] () -- C:\Documents and Settings\Hanne\Mina dokument\upsidedownwp.jpg
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2010-05-15 13:29:59 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Hanne\Skrivbord\gmer.exe
[2010-05-15 13:15:39 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes' Anti-Malware.lnk
[2010-05-15 13:13:21 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\Hanne\Skrivbord\NTREGOPT.lnk
[2010-05-15 13:13:21 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Hanne\Skrivbord\ERUNT.lnk
[2010-05-09 18:24:13 | 000,339,257 | ---- | C] () -- C:\Documents and Settings\Hanne\Skrivbord\CleanUp452.exe
[2010-05-02 12:25:40 | 000,001,726 | ---- | C] () -- C:\Documents and Settings\Hanne\Mina dokument\HUAWEI 3G Data Card.lnk
[2010-05-02 12:25:40 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Hanne\Mina dokument\Den här datorn (2).lnk
[2010-04-05 00:05:39 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Hanne\Mina dokument\Den här datorn.lnk
[2010-03-22 20:07:35 | 000,357,704 | ---- | C] () -- C:\Documents and Settings\Hanne\Mina dokument\upsidedownwp.jpg
[2007-04-03 22:36:52 | 000,796,312 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2006-11-19 00:14:25 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006-11-19 00:14:25 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006-11-19 00:14:25 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006-11-19 00:14:25 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006-11-19 00:14:25 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006-11-19 00:14:25 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006-08-21 21:40:47 | 000,000,172 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006-08-21 21:39:26 | 000,028,516 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006-02-15 17:04:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005-12-01 21:11:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004-09-08 12:31:40 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004-09-08 12:24:58 | 000,000,788 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004-06-01 11:39:56 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2002-05-15 23:29:04 | 000,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2001-11-23 18:18:00 | 000,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001-11-14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1998-05-07 04:10:00 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\ODMA32.dll
========== LOP Check ========== [2007-12-11 22:18:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009-05-17 22:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2008-12-28 00:09:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hanne\Application Data\Personal
[2006-11-19 08:24:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hanne\Application Data\SampleView
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2006-11-19 00:07:27 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2004-08-04 10:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-05-15 14:56:51 | 1064,751,104 | -HS- | M] () -- C:\hiberfil.sys
[2004-08-04 10:00:00 | 000,047,564 | -HS- | M] () -- C:\NTDETECT.COM
[2004-08-04 10:00:00 | 000,250,032 | -HS- | M] () -- C:\NTLDR
[2010-05-15 14:56:50 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles >[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav >[2004-09-08 14:00:32 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004-09-08 14:00:32 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004-09-08 14:00:32 | 000,434,176 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\drivers\*.sys /90 >[2010-04-29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
[2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
[2010-02-24 14:31:30 | 000,454,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys
< End of report >
OTLextras log:OTL Extras logfile created on: 2010-05-15 15:00:26 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Hanne\Skrivbord
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd
1 015,00 Mb Total Physical Memory | 554,00 Mb Available Physical Memory | 55,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program
Drive C: | 66,70 Gb Total Space | 47,94 Gb Free Space | 71,87% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 7,81 Gb Total Space | 0,55 Gb Free Space | 7,03% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ADAM
Current User Name: Hanne
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\SMINST\Scheduler.exe" = C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler -- ()
"C:\Program\Huawei technologies\Huawei UMTS Data Card\HUAWEI 3G Data Card.exe" = C:\Program\Huawei technologies\Huawei UMTS Data Card\HUAWEI 3G Data Card.exe:*:Enabled:Huawei 3G Data Card -- (Huawei Technologies)
"C:\Program\AVG\AVG8\avgemc.exe" = C:\Program\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program\AVG\AVG8\avgupd.exe" = C:\Program\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program\AVG\AVG8\avgnsx.exe" = C:\Program\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2500_series" = Canon iP2500 series
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{22C28506-B1E0-4050-B0B7-B97AEB061381}" = HP User Guides 0029
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.00 D2
"{350C941d-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology
"{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = Installationsprogram för HPs hanterare för säkerhetskopiering och återställning
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 2.00 E1
"{452622B2-CFF1-4373-B773-141FC10A2AB6}" = hpicamDrvQFolder
"{4596FA5B-2966-44E6-9DA3-998001CA71DC}" = Unload
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{85F0360D-5B3B-4371-9517-62A5A47F4A5E}" = CameraDrivers
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{914E1AB1-DCA0-4A7D-935F-B58C4B887A2B}" = HP ProtectTools Security Manager 2.00 C3
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{992A2DB1-4ABC-4738-BD71-045C5FFE00D1}" = Microsoft .NET Framework 1.1 Swedish Language Pack
"{9F7AF7CD-E3D0-4C68-A3BA-C76C359B3AA8}" = LightScribe 1.4.105.1
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A7AD8CEF-72D7-4FE4-8A14-DDD09DC86074}" = HP Notebook Accessories Product Tour
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module
"{AC76BA86-7AD7-1053-7B44-A70500000002}" = Adobe Reader 7.0.5 - Svenska
"{AE052EF7-2640-48D7-8915-69B810D975CB}" = HP BIOS Configuration for ProtectTools 2.00 C3
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B9F4C05D-E42F-4E9A-A73F-FDD9355319FB}" = HP Credential Manager for ProtectTools
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{C023CABF-1FDF-4d84-8E0F-11F30417923E}" = CameraUserGuides
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E0DBC47C-ED3F-4A1B-A929-9A26DAAA14B3}" = Application Installer 4.00.B5
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F257CFED-560C-4491-BD60-92EE51A706B8}" = HP Photosmart-kameror 7.0
"{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}" = Windows Media Connect
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AVG8Uninstall" = AVG Free 8.5
"BitTornado" = BitTornado 0.3.17
"Canon iP2500 series användarregistrering" = Canon iP2500 series användarregistrering
"CANONIJPLM100" = PIXMA Extended Survey Program
"CleanUp!" = CleanUp!
"DECCHECK" = Microsoft Windows XP Video Decoder Checkup Utility
"Easy-LayoutPrint" = Canon Utilities Easy-LayoutPrint
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"ERUNT_is1" = ERUNT 1.1j
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HUAWEI 3G Data Card Management" = HUAWEI 3G Data Card Management
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Personal" = BankID säkerhetsprogram 4.10.4
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WGA" = Windows Genuine Advantage Validation Tool
"Windows Media Connect" = Windows Media Connect
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"ZoneAlarm" = ZoneAlarm
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 2010-05-15 07:19:06 | Computer Name = ADAM | Source = Google Update | ID = 20
Description =
Error - 2010-05-15 08:30:15 | Computer Name = ADAM | Source = Application Hang | ID = 1002
Description = Stoppat program iexplore.exe, version 6.0.2900.2180, stoppad modul
hungapp, version 0.0.0.0, stoppad adress 0x00000000.
Error - 2010-05-15 08:53:11 | Computer Name = ADAM | Source = Application Hang | ID = 1002
Description = Stoppat program OTL.exe, version 3.2.4.1, stoppad modul hungapp, version
0.0.0.0, stoppad adress 0x00000000.
Error - 2010-05-15 08:54:19 | Computer Name = ADAM | Source = Application Hang | ID = 1002
Description = Stoppat program iexplore.exe, version 6.0.2900.2180, stoppad modul
hungapp, version 0.0.0.0, stoppad adress 0x00000000.
Error - 2010-05-15 08:54:53 | Computer Name = ADAM | Source = Application Hang | ID = 1002
Description = Stoppat program OTL.exe, version 3.2.4.1, stoppad modul hungapp, version
0.0.0.0, stoppad adress 0x00000000.
Error - 2010-05-15 08:54:58 | Computer Name = ADAM | Source = Application Hang | ID = 1002
Description = Stoppat program iexplore.exe, version 6.0.2900.2180, stoppad modul
hungapp, version 0.0.0.0, stoppad adress 0x00000000.
Error - 2010-05-15 08:55:02 | Computer Name = ADAM | Source = Application Hang | ID = 1002
Description = Stoppat program iexplore.exe, version 6.0.2900.2180, stoppad modul
hungapp, version 0.0.0.0, stoppad adress 0x00000000.
Error - 2010-05-15 08:55:10 | Computer Name = ADAM | Source = Application Hang | ID = 1002
Description = Stoppat program iexplore.exe, version 6.0.2900.2180, stoppad modul
hungapp, version 0.0.0.0, stoppad adress 0x00000000.
Error - 2010-05-15 08:55:14 | Computer Name = ADAM | Source = Application Hang | ID = 1002
Description = Stoppat program OTL.exe, version 3.2.4.1, stoppad modul hungapp, version
0.0.0.0, stoppad adress 0x00000000.
Error - 2010-05-15 08:55:26 | Computer Name = ADAM | Source = Application Hang | ID = 1002
Description = Stoppat program iexplore.exe, version 6.0.2900.2180, stoppad modul
hungapp, version 0.0.0.0, stoppad adress 0x00000000.
[ System Events ]
Error - 2010-04-27 13:27:26 | Computer Name = ADAM | Source = Cdrom | ID = 262155
Description = Drivrutinen hittade ett styrenhetsfel på \Device\CdRom0.
Error - 2010-04-27 13:27:26 | Computer Name = ADAM | Source = Cdrom | ID = 262155
Description = Drivrutinen hittade ett styrenhetsfel på \Device\CdRom0.
Error - 2010-04-29 14:36:51 | Computer Name = ADAM | Source = Cdrom | ID = 262155
Description = Drivrutinen hittade ett styrenhetsfel på \Device\CdRom0.
Error - 2010-05-03 11:22:03 | Computer Name = ADAM | Source = DCOM | ID = 10010
Description = Servern {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} registrerades inte
med DCOM inom erforderlig timeout.
Error - 2010-05-08 17:38:23 | Computer Name = ADAM | Source = Service Control Manager | ID = 7022
Description = Tjänsten hpqwmiex stannade under start.
Error - 2010-05-09 13:08:18 | Computer Name = ADAM | Source = Dhcp | ID = 1000
Description = Lånet av IP-adressen 85.224.152.224 för kortet med nätverksadressen
00170839E773 har förlorats.
Error - 2010-05-09 13:41:34 | Computer Name = ADAM | Source = Service Control Manager | ID = 7009
Description = En timeout (30000 ms) inträffade vid väntan på att tjänsten TrueVector
Internet Monitor ska ansluta.
Error - 2010-05-09 13:41:34 | Computer Name = ADAM | Source = Service Control Manager | ID = 7000
Description = Tjänsten TrueVector Internet Monitor kunde inte startas på grund av
följande fel: %%1053
Error - 2010-05-15 07:25:56 | Computer Name = ADAM | Source = Service Control Manager | ID = 7009
Description = En timeout (30000 ms) inträffade vid väntan på att tjänsten TrueVector
Internet Monitor ska ansluta.
Error - 2010-05-15 07:25:56 | Computer Name = ADAM | Source = Service Control Manager | ID = 7000
Description = Tjänsten TrueVector Internet Monitor kunde inte startas på grund av
följande fel: %%1053
< End of report >