[InActive] computer slowing down

79nicklas · 27th November 2008

hi
lately it seems like my computer has really been slowing down, it starts ok, but after opening just 2 or so programs it really slows down, like something was running in the background eating memory, but i can't find anything, and i cant recall i have installed anything either that could have caused this.
i'm not really sure if i can do anything about it, can i?
i'm running windows xp professional on a hp laptop

regards nicklas

**Arie** · 27th November 2008

Hi,

Read this post as indicated at the top of this forum & follow the instructions.

79nicklas · 27th November 2008

sorry i missed that.

here is my log.txt

Logfile of random's system information tool 1.04 (written by random/random)
Run by Gideskog at 2008-11-27 11:01:08
Microsoft Windows XP Professional Service Pack 3
System drive C: has 42 GB (62%) free of 68 GB
Total RAM: 447 MB (7% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:01:56, on 2008-11-27
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Alwil Software\Avast4\aswUpdSv.exe
C:\Program\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\Explorer.EXE
C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\AskBarDis\bar\bin\AskService.exe
C:\Program\Bonjour\mDNSResponder.exe
C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\IFXSPMGT.exe
C:\WINDOWS\system32\IFXTCS.exe
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\Delade filer\LightScribe\LSSrvc.exe
C:\Program\ProtectTools\Embedded Security Software\PSDsrvc.EXE
C:\WINDOWS\system32\PSIService.exe
C:\Program\Telia\Supportassistent\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program\Analog Devices\Core\smax4pnp.exe
C:\Program\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\Program\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program\Google\Gmail Notifier\gnotify.exe
C:\Program\Java\jre6\bin\jusched.exe
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program\Alwil Software\Avast4\ashMaiSv.exe
C:\Program\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe
C:\Program\Alwil Software\Avast4\ashWebSv.exe
C:\Program\WIDCOMM\Bluetooth-programvara\BTTray.exe
C:\Program\hpq\Shared\HPQTOA~1.EXE
C:\Program\ProtectTools\Embedded Security Software\PSDrt.exe
C:\Program\Windows Live\Messenger\usnsvc.exe
C:\Program\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program\ATI Technologies\ATI.ACE\cli.exe
C:\Program\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Program\Microsoft Office\Office12\WINWORD.EXE
C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administratör\Mina dokument\Downloads\RSIT.exe
C:\Program\trend micro\Gideskog.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/ig?hl=sv&source=iglk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program\HPQ\IAM\Bin\ItIeAddIN.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [ATICCC] "C:\Program\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [HP Software Update] c:\Program\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\Program\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program\Delade filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\Program\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program\InterVideo\DVD Check\DVDCheck.exe
O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O15 - Trusted Zone: *.cdon.com
O15 - Trusted Zone: *.cdon.se
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite....x/qtplugin.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/ca..._2.3.6.108.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - http://www.symantec.com/techsupp/asa...bs/tgctlsr.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/...oUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1172831367000
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1188820621593
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.postfoto.se/aurigma/ImageUploader4.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://order.vsfl.se/orderbase/direc...eUploader3.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/.../en/crlocx.ocx
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = fjallsatra.local
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: OneCard - C:\Program\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKService - Unknown owner - C:\Program\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program\Delade filer\LightScribe\LSSrvc.exe
O23 - Service: MD Simple Burner Service (NetMDSB) - Sony Corporation - C:\Program\Sony\MD Simple Burner\NetMDSB.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program\ProtectTools\Embedded Security Software\PSDsrvc.EXE
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SAVRoam (SavRoam) - Unknown owner - C:\Program\Symantec AntiVirus\SavRoam.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (telia) (sprtsvc_telia) - SupportSoft, Inc. - C:\Program\Telia\Supportassistent\bin\sprtsvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program\Delade filer\SupportSoft\bin\ssrc.exe

--
End of file - 15143 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUser.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]
ShoppingReport - C:\Program\ShoppingReport\Bin\2.5.0\ShoppingReport.dll [2008-02-06 1173024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program\AskBarDis\bar\bin\askBar.dll [2008-11-24 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-02-06 1372160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-08-31 110652]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program\Java\jre6\bin\ssv.dll [2008-09-23 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live inloggningshjälpen - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program\Java\jre6\bin\jp2ssv.dll [2008-09-23 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
HP Credential Manager for ProtectTools - C:\Program\HPQ\IAM\Bin\ItIeAddIN.dll [2005-03-03 50688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-09-23 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program\AskBarDis\bar\bin\askBar.dll [2008-11-24 333192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"=regsvr32 /s mqrt.dll []
"SoundMAXPnP"=C:\Program\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696]
"SoundMAX"=C:\Program\Analog Devices\SoundMAX\Smax4.exe [2005-05-06 716800]
"ATICCC"=C:\Program\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112]
"PTHOSTTR"=C:\Program\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE [2006-02-14 122880]
"HP Software Update"=c:\Program\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-08-31 122940]
"SynTPEnh"=C:\Program\Synaptics\SynTP\SynTPEnh.exe [2006-03-31 761946]
"CognizanceTS"=C:\Program\HPQ\IAM\Bin\AsTsVcc.dll [2003-12-22 17920]
"QlbCtrl"=C:\Program\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-03-23 131072]
"Cpqset"=C:\Program\Hewlett-Packard\Default Settings\cpqset.exe [2006-04-21 40960]
"Recguard"=C:\WINDOWS\Sminst\Recguard.exe [2005-12-20 1187840]
"Reminder"=C:\WINDOWS\Creator\Remind_XP.exe [2006-03-09 806912]
"Scheduler"=C:\WINDOWS\SMINST\Scheduler.exe [2006-02-15 892928]
"WatchDog"=C:\Program\InterVideo\DVD Check\DVDCheck.exe [2006-03-31 184320]
"SSBkgdUpdate"=C:\Program\Delade filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-09-29 155648]
"OpwareSE4"=C:\Program\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-03-21 69632]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]
"SunJavaUpdateSched"=C:\Program\Java\jre6\bin\jusched.exe [2008-09-23 144792]
"TkBellExe"=C:\Program\Delade filer\Real\Update_OB\realsched.exe [2008-04-08 185896]
"hpWirelessAssistant"=C:\Program\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2006-03-28 454656]
"Adobe Reader Speed Launcher"=C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"AppleSyncNotifier"=C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"QuickTime Task"=C:\Program\QuickTime\QTTask.exe [2008-09-06 413696]
"avast!"=C:\Program\ALWILS~1\Avast4\ashDisp.exe [2008-11-18 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MsnMsgr"=C:\Program\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"Google Update"=C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program\iTunes\iTunesHelper.exe [2008-10-01 289576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Telia]
C:\Program\Telia\Supportassistent\bin\sprtcmd.exe [2008-10-16 201976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Symantec RemoteAssist"=3
"Symantec AntiVirus"=2
"SPBBCSvc"=3
"SNDSrvc"=3
"DefWatch"=2
"ccSetMgr"=2
"ccPwdSvc"=3
"ccEvtMgr"=2

C:\Documents and Settings\All Users\Start-meny\Program\Autostart
Adobe Gamma Loader.lnk - C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe
BTTray.lnk - C:\Program\WIDCOMM\Bluetooth-programvara\BTTray.exe
DVD Check.lnk - C:\Program\InterVideo\DVD Check\DVDCheck.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-04-27 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IfxWlxEN]
C:\WINDOWS\system32\IfxWlxEN.dll [2006-03-03 434176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2005-11-15 43760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OneCard]
C:\Program\HPQ\IAM\Bin\AsWlnPkg.dll [2005-07-25 40960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceOb jectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
AsWlnPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Suppor tSoft RemoteAssist]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Syste m]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explor er]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameter s\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@x psp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Me ssage Queuing"
"C:\WINDOWS\SMINST\Scheduler.exe"="C:\WINDOWS\SMINST\Scheduler.exe:*:Enable d:Scheduler "
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program\Messenger\msmsgs.exe"="C:\Program\Messenger\msmsgs.exe:*:Enable d:Windows Messenger"
"C:\Program\Internet Explorer\iexplore.exe"="C:\Program\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program\Windows Live\Messenger\msnmsgr.exe"="C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program\Windows Live\Messenger\livecall.exe"="C:\Program\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Documents and Settings\Administratör\Lokala inställningar\Temp\WZSE0.TMP\SymNRT.exe"="C:\Documents and Settings\Administratör\Lokala inställningar\Temp\WZSE0.TMP\SymNRT.exe:*:Enabled:Symantec Removal Utility"
"C:\WINDOWS\LMI1A.tmp\lmi_rescue.exe"="C:\WINDOWS\LMI1A.tmp\lmi_rescue.exe: *:Enabled:LogMeIn Rescue"
"C:\Program\Bonjour\mDNSResponder.exe"="C:\Program\Bonjour\mDNSResponder.ex e:*:Enabled:Bonjour"
"C:\Program\iTunes\iTunes.exe"="C:\Program\iTunes\iTunes.exe:*:Enabled:iTun es"
"C:\Program\Skype\Phone\Skype.exe"="C:\Program\Skype\Phone\Skype.exe:*:Enab led:Skype. Take a deep breath "
"C:\Program\Vuze\Azureus.exe"="C:\Program\Vuze\Azureus.exe:*:Enabled:Azureu s"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameter s\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@x psp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Me ssage Queuing"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program\Windows Live\Messenger\msnmsgr.exe"="C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program\Windows Live\Messenger\livecall.exe"="C:\Program\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\E]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\F]
shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{7708365f-232f-11dd-88bc-001a731a6def}]
shell\AutoRun\command - oufddh.exe
shell\explore\command - oufddh.exe
shell\open\command - oufddh.exe

======List of files/folders created in the last 3 months======

2008-11-27 11:01:08 ----D---- C:\rsit
2008-11-26 11:06:38 ----D---- C:\Documents and Settings\All Users\Application Data\Azureus
2008-11-26 11:06:04 ----D---- C:\Documents and Settings\Administratör\Application Data\Azureus
2008-11-26 11:06:03 ----D---- C:\Program\AskBarDis
2008-11-26 09:05:30 ----D---- C:\Program\LimeWire
2008-11-19 10:39:38 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-11-17 19:53:06 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2008-11-16 22:53:53 ----D---- C:\Documents and Settings\Administratör\Application Data\gtk-2.0
2008-11-16 22:51:33 ----D---- C:\Program\Gimp-2.0
2008-11-12 17:01:38 ----D---- C:\WINDOWS\pss
2008-11-12 16:49:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-12 16:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-12 16:49:08 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-05 10:09:03 ----D---- C:\Program\iPod
2008-11-05 10:08:45 ----D---- C:\Program\iTunes
2008-11-05 10:08:45 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-03 17:52:13 ----D---- C:\Documents and Settings\Administratör\Application Data\Sony Corporation
2008-10-30 14:06:52 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2008-10-30 14:04:08 ----D---- C:\Program\Apple Software Update
2008-10-30 13:59:12 ----D---- C:\Program\Windows Installer Clean Up
2008-10-30 13:49:37 ----D---- C:\Program\Bonjour
2008-10-30 13:47:37 ----D---- C:\Program\QuickTime
2008-10-26 19:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-20 19:36:11 ----D---- C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-10-16 10:12:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-16 10:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-16 10:11:46 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-16 10:10:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-16 10:09:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-09-30 16:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll
2008-09-29 16:58:20 ----D---- C:\Documents and Settings\Administratör\Application Data\HERMA
2008-09-29 16:55:30 ----D---- C:\Program\Herma Etikettassistent 3.0
2008-09-29 16:55:18 ----N---- C:\WINDOWS\Setup1.exe
2008-09-29 16:55:13 ----A---- C:\WINDOWS\ST6UNST.EXE
2008-09-23 15:19:41 ----D---- C:\Program\Sun
2008-09-23 15:19:25 ----A---- C:\WINDOWS\system32\javaws.exe
2008-09-23 15:19:25 ----A---- C:\WINDOWS\system32\javaw.exe
2008-09-23 15:19:25 ----A---- C:\WINDOWS\system32\java.exe
2008-09-23 15:19:25 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-09-21 18:38:56 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-09-10 20:40:09 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-10 20:38:27 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-09-06 20:42:13 ----D---- C:\Documents and Settings\Administratör\Application Data\Pingus
2008-08-29 10:18:58 ----A---- C:\WINDOWS\system32\dns-sd.exe
2008-08-29 09:53:50 ----A---- C:\WINDOWS\system32\dnssd.dll

======List of files/folders modified in the last 3 months======

2008-11-27 11:01:56 ----D---- C:\Program\Trend Micro
2008-11-27 11:01:10 ----D---- C:\WINDOWS\Prefetch
2008-11-27 10:19:47 ----D---- C:\Program\Mozilla Firefox
2008-11-27 10:18:06 ----D---- C:\WINDOWS
2008-11-27 08:51:47 ----D---- C:\WINDOWS\Temp
2008-11-27 08:49:31 ----D---- C:\WINDOWS\SMINST
2008-11-27 08:49:12 ----D---- C:\WINDOWS\system32
2008-11-27 08:47:06 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-27 08:47:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-27 00:09:20 ----D---- C:\Documents and Settings\Administratör\Application Data\FileZilla
2008-11-26 11:37:29 ----D---- C:\Documents and Settings\Administratör\Application Data\ShoppingReport
2008-11-26 11:19:47 ----RD---- C:\Program
2008-11-26 11:17:48 ----D---- C:\Documents and Settings\Administratör\Application Data\LimeWire
2008-11-26 11:12:25 ----D---- C:\Program\Incomplete
2008-11-25 15:13:55 ----RSD---- C:\WINDOWS\Fonts
2008-11-19 21:45:11 ----D---- C:\WINDOWS\Help
2008-11-19 21:37:04 ----SD---- C:\WINDOWS\Tasks
2008-11-19 10:40:09 ----D---- C:\WINDOWS\system32\drivers
2008-11-19 10:39:34 ----D---- C:\Program\Alwil Software
2008-11-19 10:34:15 ----A---- C:\WINDOWS\ntbtlog.txt
2008-11-17 19:55:19 ----D---- C:\Program\Delade filer\Symantec Shared
2008-11-17 19:07:38 ----SHD---- C:\WINDOWS\Installer
2008-11-17 10:56:47 ----D---- C:\Program\FileZilla FTP Client
2008-11-16 15:15:45 ----D---- C:\Program\DOSBox-0.63
2008-11-12 17:24:36 ----RASH---- C:\boot.ini
2008-11-12 17:24:36 ----A---- C:\WINDOWS\win.ini
2008-11-12 17:24:36 ----A---- C:\WINDOWS\system.ini
2008-11-12 17:07:28 ----SHD---- C:\WINDOWS\CSC
2008-11-12 16:51:02 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-11-12 16:50:01 ----HD---- C:\WINDOWS\inf
2008-11-12 16:49:59 ----RSHD---- C:\WINDOWS\system32\dllcache
2008-11-12 16:49:54 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-12 16:49:49 ----A---- C:\WINDOWS\imsins.BAK
2008-11-12 16:48:11 ----D---- C:\WINDOWS\WinSxS
2008-11-10 15:31:48 ----D---- C:\Program\spel
2008-11-09 14:55:56 ----D---- C:\Documents and Settings\Administratör\Application Data\Skype
2008-11-09 14:55:06 ----D---- C:\Documents and Settings\Administratör\Application Data\skypePM
2008-11-05 10:03:22 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-11-04 01:10:25 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-30 13:59:13 ----SD---- C:\Documents and Settings\Administratör\Application Data\Microsoft
2008-10-30 13:58:55 ----D---- C:\Program\MSECACHE
2008-10-30 13:47:49 ----D---- C:\Program\Delade filer\Apple
2008-10-30 13:47:31 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-10-30 13:27:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-29 00:06:25 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-16 10:11:11 ----D---- C:\Program\Internet Explorer
2008-10-16 10:10:54 ----D---- C:\WINDOWS\ie7updates
2008-10-15 17:38:27 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-03 18:26:34 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-10-01 10:22:36 ----D---- C:\WINDOWS\AppPatch
2008-10-01 10:22:03 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-09-29 16:55:35 ----D---- C:\Program\Delade filer\DESIGNER
2008-09-23 22:48:07 ----D---- C:\Program\Delade filer
2008-09-23 22:48:05 ----D---- C:\Program\Corel
2008-09-23 15:19:09 ----D---- C:\Program\Java
2008-09-21 18:39:45 ----D---- C:\Program\Delade filer\Adobe
2008-09-21 18:37:52 ----D---- C:\Program\Adobe
2008-09-10 02:16:22 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-09-05 23:31:12 ----A---- C:\WINDOWS\system32\WgaLogon.dll
2008-09-05 23:30:06 ----A---- C:\WINDOWS\system32\LegitCheckControl.dll
2008-09-05 23:30:02 ----N---- C:\WINDOWS\system32\WgaTray.exe
2008-09-04 18:17:38 ----A---- C:\WINDOWS\system32\msxml3.dll
2008-08-29 23:08:39 ----HD---- C:\Program\InstallShield Installation Information
2008-08-29 23:08:39 ----D---- C:\WINDOWS\system32\Macromed
2008-08-28 12:35:02 ----D---- C:\Documents and Settings\Administratör\Application Data\Mozilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-18 26944]
R1 AmdK8;AMD-processordrivrutin; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-18 110160]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-18 50864]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684]
R1 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
R1 kbdhid;HID-drivrutin för tangentbord; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [2005-11-29 36768]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-07-31 20747]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-18 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-18 94032]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-08-31 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-08-31 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-08-31 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-08-31 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-08-31 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-08-31 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-08-31 94332]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-01-30 13059]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-05-03 178176]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-06-07 152960]
R3 Arp1394;1394 ARP-klientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-18 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-04-27 1540096]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (AES2500); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2006-03-30 130432]
R3 b57w2k;Broadcom NetLink (TM) Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-02-09 142720]
R3 BCM43XX;Drivrutin för Broadcom 802.11 Nätverksadapter; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-12 604928]
R3 BTKRNL;Bluetooth-bussräknare; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-02-15 1342570]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344]
R3 HDAudBus;Microsoft UAA-bussdrivrutin för High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-01-30 1035008]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-01-30 201600]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2005-10-21 36352]
R3 MQAC;Message Queuing access control; \??\C:\WINDOWS\system32\drivers\mqac.sys []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RMCAST;Reliable Multicast Protocol driver; \??\C:\WINDOWS\system32\drivers\RMCast.sys []
R3 RT61;D-Link Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-05-04 380928]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-31 193056]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2-aktiverat nav; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-01-30 718464]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-02-15 57096]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\catchme.sys []
S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 NETMDUSB;Net MD; C:\WINDOWS\System32\Drivers\NETMD033.sys [2003-11-10 36232]
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-01-12 252928]
S3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-09-06 36425]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB-skrivarklass; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Drivrutin för USB-skanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Drivrutin för USB-masslagringsenheter; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 ASChannel;Local Communication Channel; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 ASKService;ASKService; C:\Program\AskBarDis\bar\bin\AskService.exe [2008-11-24 464264]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program\Alwil Software\Avast4\aswUpdSv.exe [2008-11-18 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-04-27 405504]
R2 avast! Antivirus;avast! Antivirus; C:\Program\Alwil Software\Avast4\ashServ.exe [2008-11-18 155160]
R2 Bonjour Service;Bonjour-tjänst; C:\Program\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 btwdins;Bluetooth Service; C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe [2006-02-15 258103]
R2 hpqwmiex;hpqwmiex; C:\Program\Hewlett-Packard\Shared\hpqwmiex.exe [2006-03-15 135168]
R2 IFXSpMgtSrv;Security Platform Management Service; C:\WINDOWS\system32\IFXSPMGT.exe [2006-03-03 507904]
R2 IFXTCS;Trusted Platform Core Service; C:\WINDOWS\system32\IFXTCS.exe [2006-03-03 741376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program\Java\jre6\bin\jqs.exe [2008-09-23 147456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program\Delade filer\LightScribe\LSSrvc.exe [2006-03-23 73728]
R2 MSMQ;Message Queuing; C:\WINDOWS\system32\mqsvc.exe [2008-04-14 4608]
R2 MSMQTriggers;Message Queuing Triggers; C:\WINDOWS\system32\mqtgsvc.exe [2008-04-14 117248]
R2 PersonalSecureDriveService;Personal Secure Drive Service; C:\Program\ProtectTools\Embedded Security Software\PSDsrvc.EXE [2005-11-29 99872]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
R2 sprtsvc_telia;SupportSoft Sprocket Service (telia); C:\Program\Telia\Supportassistent\bin\sprtsvc.exe [2008-10-16 202016]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program\Windows Media Player\WMPNetwk.exe [2006-11-15 912384]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program\Alwil Software\Avast4\ashMaiSv.exe [2008-11-18 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program\Alwil Software\Avast4\ashWebSv.exe [2008-11-18 352920]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader Service; C:\Program\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 ASKUpgrade;ASKUpgrade; C:\Program\AskBarDis\bar\bin\ASKUpgrade.exe [2008-11-24 234888]
S2 PCA;PC Angel; C:\WINDOWS\SMINST\PCAngel.exe [2006-01-12 294912]
S2 SavRoam;SAVRoam; C:\Program\Symantec AntiVirus\SavRoam.exe []
S2 SupportSoft RemoteAssist;SupportSoft RemoteAssist; C:\Program\Delade filer\SupportSoft\bin\ssrc.exe [2008-10-16 382320]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;iPod Service; C:\Program\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 NetMDSB;MD Simple Burner Service; C:\Program\Sony\MD Simple Burner\NetMDSB.exe [2004-04-21 778240]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program\Delade filer\Sony Shared\AVLib\Pacsptisvr.exe [2004-01-30 65625]
S3 SPTISRV;Sony SPTI Service; C:\Program\Delade filer\Sony Shared\AVLib\Sptisrv.exe [2004-01-30 65622]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program\Symantec AntiVirus\DefWatch.exe []
S4 Symantec AntiVirus;Symantec AntiVirus; C:\Program\Symantec AntiVirus\Rtvscan.exe []

-----------------EOF-----------------

79nicklas · 27th November 2008

and my info.txt

info.txt logfile of random's system information tool 1.04 2008-11-27 11:02:08

======Uninstall list======

-->C:\Program\Delade filer\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->MsiExec.exe /I{26DE0F0B-9CF1-4796-A1B5-01B912E35B46}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040B-0000-0000000FF1CE} /uninstall {F14C929B-E0E6-4EB5-8BFD-FC71AAC7D39C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-041D-0000-0000000FF1CE} /uninstall {A8626CEF-CB0A-4BC2-8F51-210A43B6158D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-041D-0000-0000000FF1CE} /uninstall {C41B2E34-C30E-4989-8A9D-6B0805B33EC1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop Elements 2.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program\Adobe\Photoshop Elements 2\Uninst.isu" -c"C:\Program\Adobe\Photoshop Elements 2\Uninst.dll"
Adobe Reader 9 - Svenska-->MsiExec.exe /I{AC76BA86-7AD7-1053-7B44-A90000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Application Installer 4.00.B6-->RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchS etup "C:\Program\InstallShield Installation Information\{E0DBC47C-ED3F-4A1B-A929-9A26DAAA14B3}\setup.exe" -l0x1d
ArcSoft PhotoStudio 5.5-->RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x9
ATI Catalyst Control Center-->MsiExec.exe /I{F6187F55-C11A-49CC-A901-1F4755B0C063}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class

ISPLAY -clean
avast! Antivirus-->C:\Program\Alwil Software\Avast4\aswRunDll.exe "C:\Program\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Backpacker 3-->RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{BBF8FA9C-23D9-4310-9AC7-A3A9AE7EE4D7}\setup.exe"
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Canon Camera Window for ZoomBrowser EX-->C:\Program\DELADE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{A833A505-4D7A-41F5-9362-A2F8DFFE6E9B}
Canon EOS Kiss REBEL 300D WIA Driver-->C:\Program\DELADE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{31A57C3E-30DD-421F-B5C7-974DACB0D05F}
Canon MP Navigator 3.0-->"C:\Program\Canon\MP Navigator 3.0\Maint.exe" /UninstallRemove C:\Program\Canon\MP Navigator 3.0\uninst.ini
Canon MP180 användarregistrering-->C:\Program\Canon\IJEREG\MP180\UNINST.EXE
Canon MP180-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP180\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP180 /L0x001d
Canon PhotoRecord-->C:\WINDOWS\IsUninst.exe -fC:\Program\Canon\PhotoRecord\Uninst.isu -c"C:\Program\Canon\PhotoRecord\Program\uninstdll.dll"
Canon Utilities Easy-PhotoPrint-->C:\Program\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
Canon Utilities File Viewer Utility 1.3-->C:\Program\DELADE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{74344F10-34CA-480E-BD02-B3F4FA692BFA}
Canon Utilities PhotoStitch 3.1-->C:\Program\DELADE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F11A403B-0DE9-4953-B790-7A2F014FBB2B}
Canon Utilities RemoteCapture 2.7-->C:\Program\DELADE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{EF91B23E-3819-43A1-AE47-043E1900EB2B}
Canon Utilities ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
DECAdry Express Business Cards 4-->C:\Program\DELADE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{95398D6D-E2A6-45BC-A9B2-C8C1D9D00E6E} /l1033
DECAdry Font Manager-->C:\WINDOWS\IsUninst.exe -fC:\Program\DECAdry\UnFont.isu
DivX Codec-->C:\Program\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader-->C:\Program\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->C:\Program\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Easy-WebPrint-->C:\WINDOWS\IsUninst.exe -fC:\Program\Canon\Easy-WebPrint\Uninst.isu
e-Sword-->MsiExec.exe /I{87791AF4-4D4C-43DC-97BF-05EEEE5187F2}
FileZilla Client 3.1.5.1-->C:\Program\FileZilla FTP Client\uninstall.exe
Gimp 2.6.2 Debug-->"C:\Program\Gimp-2.0\setup\unins000.exe"
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Gmail Notifier-->"C:\Program\Google\Gmail Notifier\UninstallGmail.exe"
Hama Wireless LAN Adapter-->RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,Launch Setup "C:\Program\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe" -l0x9 -removeonly
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA_hpq0033m\HXFSETUP .EXE -U -IHPQ0033M.INF
HijackThis 2.0.2-->"C:\Program\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP BIOS Configuration for ProtectTools 2.00 G1-->RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchS etup "C:\Program\InstallShield Installation Information\{AE052EF7-2640-48D7-8915-69B810D975CB}\Setup.exe" -l0x1d biosuninst
HP Credential Manager for ProtectTools-->MsiExec.exe /X{B9F4C05D-E42F-4E9A-A73F-FDD9355319FB}
HP Embedded Security for ProtectTools-->MsiExec.exe /I{4BA3DDD4-BC91-48B2-8896-7A02C34829D7}
HP Help and Support-->RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,Launch Setup "C:\Program\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x1d -removeonly
HP Integrated Module with Bluetooth wireless technology-->MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679}
HP Notebook Accessories Product Tour-->RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,Launch Setup "C:\Program\InstallShield Installation Information\{A7AD8CEF-72D7-4FE4-8A14-DDD09DC86074}\setup.exe" -l0x9 -removeonly
HP ProtectTools Security Manager 2.00 C3-->RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,Launch Setup "C:\Program\InstallShield Installation Information\{914E1AB1-DCA0-4A7D-935F-B58C4B887A2B}\Setup.exe" -l0x1d -removeonly hpquninst
HP Quick Launch Buttons 6.00 G2-->RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,Launch Setup "C:\Program\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x1d -removeonly uninst
HP Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP User Guides 0022-->RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,Launch Setup "C:\Program\InstallShield Installation Information\{E05C9D01-CCED-4328-9EE0-0B6893087C6F}\setup.exe" -l0x1d -removeonly
HP Wireless Assistant 2.00 F1-->RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchS etup "C:\Program\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\Setup.exe" -l0x1d hpquninst
HyperLoad - Golf Course-->RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,Launch Setup "C:\Program\InstallShield Installation Information\{3CDF4815-1334-4AF3-B780-1F6526011C5A}\setup.exe" -l0x9 -uninst -removeonly
Installationsprogram för HPs hanterare för säkerhetskopiering och återställning-->RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,Launch Setup "C:\Program\InstallShield Installation Information\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}\setup.exe" -l0x1d -uninst -removeonly
InterVideo DVD Check-->RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{5D97A4A7-C274-4B63-86D9-07A33435F505}\setup.exe" REMOVEALL
InterVideo WinDVD-->"C:\Program\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Kontrollpanelen MobileMe-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}
MD Simple Burner 2.0.03-->RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{47E09785-B2FB-11D5-B8EE-00B0D0D26B88}\setup.exe" -l0x9 UNINSTALL
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninst all.msp"
Microsoft .NET Framework 1.1 Swedish Language Pack-->MsiExec.exe /X{992A2DB1-4ABC-4738-BD71-045C5FFE00D1}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.ex e"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst. exe"
Microsoft Office Excel MUI (Swedish) 2007-->MsiExec.exe /X{90120000-0016-041D-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program\Delade filer\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Swedish) 2007-->MsiExec.exe /X{90120000-00A1-041D-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Swedish) 2007-->MsiExec.exe /X{90120000-0018-041D-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (Finnish) 2007-->MsiExec.exe /X{90120000-001F-040B-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Swedish) 2007-->MsiExec.exe /X{90120000-001F-041D-0000-0000000FF1CE}
Microsoft Office Proofing (Swedish) 2007-->MsiExec.exe /X{90120000-002C-041D-0000-0000000FF1CE}
Microsoft Office Shared MUI (Swedish) 2007-->MsiExec.exe /X{90120000-006E-041D-0000-0000000FF1CE}
Microsoft Office Word MUI (Swedish) 2007-->MsiExec.exe /X{90120000-001B-041D-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.4)-->C:\Program\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
OpenMG Limited Patch 3.4-04-17-06-01-->C:\Program\Delade filer\Sony Shared\OpenMG\HotFixes\HotFix3.4-04-17-06-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 3.4.01-->RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{26C849AB-1865-412D-B87D-B18BC5CB6C60}\setup.exe" -l0x9 UNINSTALL
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RealPlayer-->C:\Program\Delade filer\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
ScanSoft OmniPage SE 4.0-->MsiExec.exe /I{29D851C2-048C-4B5E-8D1F-25D473342BB5}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Visio 2007 (KB947590)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Serif PhotoPlus 8.0-->RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{0F6D55D8-89AA-4C1D-BC4C-ACBBDE8BE57A}\setup.exe"
Serif PhotoPlus Association File Formats-->RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{F8650CB3-89F1-4AE0-81AC-917423C58DB8}\setup.exe"
ShopperReports-->C:\Program\ShoppingReport\Uninst.exe
Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Snabbkorrigering för Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Snabbkorrigering för Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Snabbkorrigering för Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Sonic Audio Module-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic Copy Module-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic Data Module-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SonicStage 2.0.06-->RunDll32 C:\Program\DELADE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program\InstallShield Installation Information\{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}\setup.exe" -l0x9 UNINSTALL
SoundMAX-->RunDll32 C:\Program\DELADE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,Launch Setup "C:\Program\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" -l0x1d -removeonly
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Säkerhetsuppdatering för Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Säkerhetsuppdatering för Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Telia Supportassistent-->"C:\Program\Telia\Supportassistent\unins000.exe"
Texas Instruments PCIxx21/x515/xx12 drivers.-->c:\Program\DELADE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{48CF6549-B45D-4313-9927-EFCCC8A3493F} /l1033
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Uppdatering för Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Uppdatering för Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live inloggningsassistenten-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Live installer-->MsiExec.exe /X{E17F76BE-50E9-4E7C-ADF6-6D8F44A9C6F3}
Windows Live Messenger-->MsiExec.exe /I{2E55A582-4FFE-4FF2-8D4D-E7D275FF89BD}
Windows Live Messenger-->MsiExec.exe /X{20503DFE-E5B2-491E-B2C5-8BCB5BF5B9E9}
Windows Media Format 11 runtime-->"C:\Program\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Windows-drivrutinspaket - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\Program\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_65F8FAB708A3CB8FD56C795AF3124EB4DADB4453 \amdk8.inf
WinRAR archiver-->C:\Program\WinRAR\uninstall.exe
Vuze Toolbar-->"C:\Program\AskBarDis\unins000.exe"

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: avast! antivirus 4.8.1290 [VPS 081127-0]
AV: Symantec AntiVirus Corporate Edition (outdated)

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Pro gram\HPQ\IAM\bin;C:\Program\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 72 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4802
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program\Delade filer\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

**Geri** · 28th November 2008

Hi 79nicklas

Please download Flash_Disinfector.exe by sUBs and save it to your desktop:

http://www.techsupportforum.com/sect...isinfector.exe

NOTE: In the event you already have Flash_Disinfector, this is a new version that I need you to download.

Hold down the Shift key and insert your flash drive. (USB thumb drives)
It is important to hold the shift key while plugging in flash drive so the virus does not run and re-infect system.

Double-click Flash_Disinfector.exe to run it.
Follow any prompts that may appear.
Your desktop will vanish for a while, and then reappear. This is normal.
Wait until the program has finished scanning, then please exit the program.

Repeat this step if you have more than one flash drives.

Open “Notepad” Copy the contents of the code box below to the blank Notepad.
Click "File" > "Save as"
In the "Save In" box at the top click the down arrow and select DeskTop

In the “File name” type in: fix.reg
In the “Save As Type” select: All Files
Once saved, Go to your desktop double click “fix.reg file” and let it merge with the registry.

Code:

REGEDIT4

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7708365f-232f-11dd-88bc-001a731a6def}]

Now do this.

Download Malwarebytes' Anti-Malware (MBAM) from here or here and save the file to your desktop.

Double click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select 'Perform Quick Scan', then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note below)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Post the entire report in your next reply.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Please post the MBAM log and a new RSIT log.

Thanks
Geri

79nicklas · 28th November 2008

done

Malwarebytes' Anti-Malware 1.30
Databasversion: 1430
Windows 5.1.2600 Service Pack 3

2008-11-28 13:08:09
mbam-log-2008-11-28 (13-08-09).txt

Skanningstyp: Snabb skanning
Antal skannade objekt: 55439
Förfluten tid: 7 minute(s), 32 second(s)

Infekterade minnesprocesser: 0
Infekterade minnesmoduler: 0
Infekterade registernycklar: 33
Infekterade registervärden: 2
Infekterade registerdataposter: 1
Infekterade mappar: 9
Infekterade filer: 10

Infekterade minnesprocesser:
(Inga illasinnade poster hittades)

Infekterade minnesmoduler:
(Inga illasinnade poster hittades)

Infekterade registernycklar:
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100e b1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c542 8486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c542 8486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shop pingreport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.

Infekterade registervärden:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.

Infekterade registerdataposter:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanc ed\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infekterade mappar:
C:\Program\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program\ShoppingReport\Bin (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program\ShoppingReport\Bin\2.5.0 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administratör\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administratör\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administratör\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administratör\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administratör\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administratör\Application Data\ShoppingReport\cs\res2 (Adware.Shopping.Report) -> Quarantined and deleted successfully.

Infekterade filer:
C:\Program\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administratör\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administratör\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administratör\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administratör\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administratör\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administratör\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administratör\Application Data\ShoppingReport\cs\res2\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\WINDOWS\adaway.lic (Rogue.AdwareAway) -> Quarantined and deleted successfully.

79nicklas · 28th November 2008

Logfile of random's system information tool 1.04 (written by random/random)
Run by Gideskog at 2008-11-28 13:18:27
Microsoft Windows XP Professional Service Pack 3
System drive C: has 42 GB (62%) free of 68 GB
Total RAM: 447 MB (13% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:18:47, on 2008-11-28
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Alwil Software\Avast4\aswUpdSv.exe
C:\Program\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\AskBarDis\bar\bin\AskService.exe
C:\Program\Bonjour\mDNSResponder.exe
C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe
C:\Program\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\IFXSPMGT.exe
C:\Program\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\IFXTCS.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\Synaptics\SynTP\SynTPEnh.exe
C:\Program\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program\Delade filer\LightScribe\LSSrvc.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\Program\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program\Google\Gmail Notifier\gnotify.exe
C:\Program\Java\jre6\bin\jusched.exe
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\ProtectTools\Embedded Security Software\PSDsrvc.EXE
C:\WINDOWS\system32\PSIService.exe
C:\Program\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program\Telia\Supportassistent\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe
C:\Program\WIDCOMM\Bluetooth-programvara\BTTray.exe
C:\Program\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program\Alwil Software\Avast4\ashMaiSv.exe
C:\Program\ProtectTools\Embedded Security Software\PSDrt.exe
C:\Program\hpq\Shared\HPQTOA~1.EXE
C:\Program\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Program\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administratör\Mina dokument\Downloads\RSIT.exe
C:\Program\trend micro\Gideskog.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/ig?hl=sv&source=iglk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program\HPQ\IAM\Bin\ItIeAddIN.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [ATICCC] "C:\Program\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [HP Software Update] c:\Program\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\Program\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program\Delade filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\Program\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program\InterVideo\DVD Check\DVDCheck.exe
O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O15 - Trusted Zone: *.cdon.com
O15 - Trusted Zone: *.cdon.se
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite....x/qtplugin.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/ca..._2.3.6.108.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - http://www.symantec.com/techsupp/asa...bs/tgctlsr.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/...oUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1172831367000
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1188820621593
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.postfoto.se/aurigma/ImageUploader4.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://order.vsfl.se/orderbase/direc...eUploader3.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/.../en/crlocx.ocx
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = fjallsatra.local
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: OneCard - C:\Program\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKService - Unknown owner - C:\Program\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program\Delade filer\LightScribe\LSSrvc.exe
O23 - Service: MD Simple Burner Service (NetMDSB) - Sony Corporation - C:\Program\Sony\MD Simple Burner\NetMDSB.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program\ProtectTools\Embedded Security Software\PSDsrvc.EXE
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SAVRoam (SavRoam) - Unknown owner - C:\Program\Symantec AntiVirus\SavRoam.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (telia) (sprtsvc_telia) - SupportSoft, Inc. - C:\Program\Telia\Supportassistent\bin\sprtsvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program\Delade filer\SupportSoft\bin\ssrc.exe

--
End of file - 14687 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUser.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program\AskBarDis\bar\bin\askBar.dll [2008-11-24 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-02-06 1372160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-08-31 110652]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program\Java\jre6\bin\ssv.dll [2008-09-23 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live inloggningshjälpen - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program\Java\jre6\bin\jp2ssv.dll [2008-09-23 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
HP Credential Manager for ProtectTools - C:\Program\HPQ\IAM\Bin\ItIeAddIN.dll [2005-03-03 50688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-09-23 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program\AskBarDis\bar\bin\askBar.dll [2008-11-24 333192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"=regsvr32 /s mqrt.dll []
"SoundMAXPnP"=C:\Program\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696]
"SoundMAX"=C:\Program\Analog Devices\SoundMAX\Smax4.exe [2005-05-06 716800]
"ATICCC"=C:\Program\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112]
"PTHOSTTR"=C:\Program\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE [2006-02-14 122880]
"HP Software Update"=c:\Program\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-08-31 122940]
"SynTPEnh"=C:\Program\Synaptics\SynTP\SynTPEnh.exe [2006-03-31 761946]
"CognizanceTS"=C:\Program\HPQ\IAM\Bin\AsTsVcc.dll [2003-12-22 17920]
"QlbCtrl"=C:\Program\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-03-23 131072]
"Cpqset"=C:\Program\Hewlett-Packard\Default Settings\cpqset.exe [2006-04-21 40960]
"Recguard"=C:\WINDOWS\Sminst\Recguard.exe [2005-12-20 1187840]
"Reminder"=C:\WINDOWS\Creator\Remind_XP.exe [2006-03-09 806912]
"Scheduler"=C:\WINDOWS\SMINST\Scheduler.exe [2006-02-15 892928]
"WatchDog"=C:\Program\InterVideo\DVD Check\DVDCheck.exe [2006-03-31 184320]
"SSBkgdUpdate"=C:\Program\Delade filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-09-29 155648]
"OpwareSE4"=C:\Program\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-03-21 69632]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]
"SunJavaUpdateSched"=C:\Program\Java\jre6\bin\jusched.exe [2008-09-23 144792]
"TkBellExe"=C:\Program\Delade filer\Real\Update_OB\realsched.exe [2008-04-08 185896]
"hpWirelessAssistant"=C:\Program\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2006-03-28 454656]
"Adobe Reader Speed Launcher"=C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"AppleSyncNotifier"=C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"QuickTime Task"=C:\Program\QuickTime\QTTask.exe [2008-09-06 413696]
"avast!"=C:\Program\ALWILS~1\Avast4\ashDisp.exe [2008-11-18 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MsnMsgr"=C:\Program\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"Google Update"=C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program\iTunes\iTunesHelper.exe [2008-10-01 289576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Telia]
C:\Program\Telia\Supportassistent\bin\sprtcmd.exe [2008-10-16 201976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Symantec RemoteAssist"=3
"Symantec AntiVirus"=2
"SPBBCSvc"=3
"SNDSrvc"=3
"DefWatch"=2
"ccSetMgr"=2
"ccPwdSvc"=3
"ccEvtMgr"=2

C:\Documents and Settings\All Users\Start-meny\Program\Autostart
Adobe Gamma Loader.lnk - C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe
BTTray.lnk - C:\Program\WIDCOMM\Bluetooth-programvara\BTTray.exe
DVD Check.lnk - C:\Program\InterVideo\DVD Check\DVDCheck.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-04-27 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IfxWlxEN]
C:\WINDOWS\system32\IfxWlxEN.dll [2006-03-03 434176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2005-11-15 43760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OneCard]
C:\Program\HPQ\IAM\Bin\AsWlnPkg.dll [2005-07-25 40960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceOb jectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
AsWlnPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Suppor tSoft RemoteAssist]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Syste m]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explor er]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FFFFFFFF

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameter s\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@x psp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Me ssage Queuing"
"C:\WINDOWS\SMINST\Scheduler.exe"="C:\WINDOWS\SMINST\Scheduler.exe:*:Enable d:Scheduler "
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program\Messenger\msmsgs.exe"="C:\Program\Messenger\msmsgs.exe:*:Enable d:Windows Messenger"
"C:\Program\Internet Explorer\iexplore.exe"="C:\Program\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program\Windows Live\Messenger\msnmsgr.exe"="C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program\Windows Live\Messenger\livecall.exe"="C:\Program\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Documents and Settings\Administratör\Lokala inställningar\Temp\WZSE0.TMP\SymNRT.exe"="C:\Documents and Settings\Administratör\Lokala inställningar\Temp\WZSE0.TMP\SymNRT.exe:*:Enabled:Symantec Removal Utility"
"C:\WINDOWS\LMI1A.tmp\lmi_rescue.exe"="C:\WINDOWS\LMI1A.tmp\lmi_rescue.exe: *:Enabled:LogMeIn Rescue"
"C:\Program\Bonjour\mDNSResponder.exe"="C:\Program\Bonjour\mDNSResponder.ex e:*:Enabled:Bonjour"
"C:\Program\iTunes\iTunes.exe"="C:\Program\iTunes\iTunes.exe:*:Enabled:iTun es"
"C:\Program\Skype\Phone\Skype.exe"="C:\Program\Skype\Phone\Skype.exe:*:Enab led:Skype. Take a deep breath "
"C:\Program\Vuze\Azureus.exe"="C:\Program\Vuze\Azureus.exe:*:Enabled:Azureu s"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameter s\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@x psp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Me ssage Queuing"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program\Windows Live\Messenger\msnmsgr.exe"="C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program\Windows Live\Messenger\livecall.exe"="C:\Program\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\E]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\F]
shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{7708365f-232f-11dd-88bc-001a731a6def}]
shell\AutoRun\command - oufddh.exe
shell\explore\command - oufddh.exe
shell\open\command - oufddh.exe

======List of files/folders created in the last 3 months======

2008-11-28 12:58:10 ----D---- C:\Documents and Settings\Administratör\Application Data\Malwarebytes
2008-11-28 12:58:01 ----D---- C:\Program\Malwarebytes' Anti-Malware
2008-11-28 12:58:01 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-11-28 12:52:45 ----RASHD---- C:\autorun.inf
2008-11-27 11:01:08 ----D---- C:\rsit
2008-11-26 11:06:38 ----D---- C:\Documents and Settings\All Users\Application Data\Azureus
2008-11-26 11:06:04 ----D---- C:\Documents and Settings\Administratör\Application Data\Azureus
2008-11-26 11:06:03 ----D---- C:\Program\AskBarDis
2008-11-19 10:39:38 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-11-17 19:53:06 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2008-11-16 22:53:53 ----D---- C:\Documents and Settings\Administratör\Application Data\gtk-2.0
2008-11-16 22:51:33 ----D---- C:\Program\Gimp-2.0
2008-11-12 17:01:38 ----D---- C:\WINDOWS\pss
2008-11-12 16:49:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-12 16:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-12 16:49:08 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-05 10:09:03 ----D---- C:\Program\iPod
2008-11-05 10:08:45 ----D---- C:\Program\iTunes
2008-11-05 10:08:45 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-03 17:52:13 ----D---- C:\Documents and Settings\Administratör\Application Data\Sony Corporation
2008-10-30 14:06:52 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2008-10-30 14:04:08 ----D---- C:\Program\Apple Software Update
2008-10-30 13:59:12 ----D---- C:\Program\Windows Installer Clean Up
2008-10-30 13:49:37 ----D---- C:\Program\Bonjour
2008-10-30 13:47:37 ----D---- C:\Program\QuickTime
2008-10-26 19:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-20 19:36:11 ----D---- C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-10-16 10:12:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-16 10:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-16 10:11:46 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-16 10:10:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-16 10:09:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-09-30 16:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll
2008-09-29 16:58:20 ----D---- C:\Documents and Settings\Administratör\Application Data\HERMA
2008-09-29 16:55:30 ----D---- C:\Program\Herma Etikettassistent 3.0
2008-09-29 16:55:18 ----N---- C:\WINDOWS\Setup1.exe
2008-09-29 16:55:13 ----A---- C:\WINDOWS\ST6UNST.EXE
2008-09-23 15:19:41 ----D---- C:\Program\Sun
2008-09-23 15:19:25 ----A---- C:\WINDOWS\system32\javaws.exe
2008-09-23 15:19:25 ----A---- C:\WINDOWS\system32\javaw.exe
2008-09-23 15:19:25 ----A---- C:\WINDOWS\system32\java.exe
2008-09-23 15:19:25 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-09-21 18:38:56 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-09-10 20:40:09 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-10 20:38:27 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-09-06 20:42:13 ----D---- C:\Documents and Settings\Administratör\Application Data\Pingus
2008-08-29 10:18:58 ----A---- C:\WINDOWS\system32\dns-sd.exe
2008-08-29 09:53:50 ----A---- C:\WINDOWS\system32\dnssd.dll

======List of files/folders modified in the last 3 months======

2008-11-28 13:18:30 ----D---- C:\Program\Trend Micro
2008-11-28 13:16:36 ----D---- C:\WINDOWS
2008-11-28 13:15:18 ----D---- C:\WINDOWS\Temp
2008-11-28 13:12:25 ----D---- C:\WINDOWS\system32
2008-11-28 13:12:19 ----D---- C:\WINDOWS\SMINST
2008-11-28 13:11:15 ----D---- C:\WINDOWS\system32\drivers
2008-11-28 13:10:36 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-28 13:10:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-28 13:08:09 ----RD---- C:\Program
2008-11-28 10:45:18 ----D---- C:\Program\Mozilla Firefox
2008-11-27 21:40:31 ----D---- C:\Documents and Settings\Administratör\Application Data\FileZilla
2008-11-27 16:18:28 ----D---- C:\Documents and Settings\Administratör\Application Data\Real
2008-11-27 14:46:28 ----D---- C:\WINDOWS\Prefetch
2008-11-27 14:43:50 ----D---- C:\Documents and Settings\Administratör\Application Data\LimeWire
2008-11-27 14:42:19 ----D---- C:\Documents and Settings\Administratör\Application Data\DivX
2008-11-27 14:40:28 ----D---- C:\Program\Incomplete
2008-11-25 15:13:55 ----RSD---- C:\WINDOWS\Fonts
2008-11-19 21:45:11 ----D---- C:\WINDOWS\Help
2008-11-19 21:37:04 ----SD---- C:\WINDOWS\Tasks
2008-11-19 10:39:34 ----D---- C:\Program\Alwil Software
2008-11-19 10:34:15 ----A---- C:\WINDOWS\ntbtlog.txt
2008-11-17 19:55:19 ----D---- C:\Program\Delade filer\Symantec Shared
2008-11-17 19:07:38 ----SHD---- C:\WINDOWS\Installer
2008-11-17 10:56:47 ----D---- C:\Program\FileZilla FTP Client
2008-11-16 15:15:45 ----D---- C:\Program\DOSBox-0.63
2008-11-12 17:24:36 ----RASH---- C:\boot.ini
2008-11-12 17:24:36 ----A---- C:\WINDOWS\win.ini
2008-11-12 17:24:36 ----A---- C:\WINDOWS\system.ini
2008-11-12 17:07:28 ----SHD---- C:\WINDOWS\CSC
2008-11-12 16:51:02 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-11-12 16:50:01 ----HD---- C:\WINDOWS\inf
2008-11-12 16:49:59 ----RSHD---- C:\WINDOWS\system32\dllcache
2008-11-12 16:49:54 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-12 16:49:49 ----A---- C:\WINDOWS\imsins.BAK
2008-11-12 16:48:11 ----D---- C:\WINDOWS\WinSxS
2008-11-10 15:31:48 ----D---- C:\Program\spel
2008-11-09 14:55:56 ----D---- C:\Documents and Settings\Administratör\Application Data\Skype
2008-11-09 14:55:06 ----D---- C:\Documents and Settings\Administratör\Application Data\skypePM
2008-11-05 10:03:22 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-11-04 01:10:25 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-30 13:59:13 ----SD---- C:\Documents and Settings\Administratör\Application Data\Microsoft
2008-10-30 13:58:55 ----D---- C:\Program\MSECACHE
2008-10-30 13:47:49 ----D---- C:\Program\Delade filer\Apple
2008-10-30 13:47:31 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-10-30 13:27:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-29 00:06:25 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-16 10:11:11 ----D---- C:\Program\Internet Explorer
2008-10-16 10:10:54 ----D---- C:\WINDOWS\ie7updates
2008-10-15 17:38:27 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-03 18:26:34 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-10-01 10:22:36 ----D---- C:\WINDOWS\AppPatch
2008-10-01 10:22:03 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-09-29 16:55:35 ----D---- C:\Program\Delade filer\DESIGNER
2008-09-23 22:48:07 ----D---- C:\Program\Delade filer
2008-09-23 22:48:05 ----D---- C:\Program\Corel
2008-09-23 15:19:09 ----D---- C:\Program\Java
2008-09-21 18:39:45 ----D---- C:\Program\Delade filer\Adobe
2008-09-21 18:37:52 ----D---- C:\Program\Adobe
2008-09-10 02:16:22 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-09-05 23:31:12 ----A---- C:\WINDOWS\system32\WgaLogon.dll
2008-09-05 23:30:06 ----A---- C:\WINDOWS\system32\LegitCheckControl.dll
2008-09-05 23:30:02 ----N---- C:\WINDOWS\system32\WgaTray.exe
2008-09-04 18:17:38 ----A---- C:\WINDOWS\system32\msxml3.dll
2008-08-29 23:08:39 ----HD---- C:\Program\InstallShield Installation Information
2008-08-29 23:08:39 ----D---- C:\WINDOWS\system32\Macromed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-18 26944]
R1 AmdK8;AMD-processordrivrutin; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-18 110160]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-18 50864]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684]
R1 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
R1 kbdhid;HID-drivrutin för tangentbord; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [2005-11-29 36768]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-07-31 20747]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-18 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-18 94032]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-08-31 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-08-31 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-08-31 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-08-31 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-08-31 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-08-31 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-08-31 94332]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-01-30 13059]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-05-03 178176]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-06-07 152960]
R3 Arp1394;1394 ARP-klientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-18 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-04-27 1540096]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (AES2500); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2006-03-30 130432]
R3 b57w2k;Broadcom NetLink (TM) Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-02-09 142720]
R3 BCM43XX;Drivrutin för Broadcom 802.11 Nätverksadapter; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-12 604928]
R3 BTKRNL;Bluetooth-bussräknare; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-02-15 1342570]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344]
R3 HDAudBus;Microsoft UAA-bussdrivrutin för High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-01-30 1035008]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-01-30 201600]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2005-10-21 36352]
R3 MQAC;Message Queuing access control; \??\C:\WINDOWS\system32\drivers\mqac.sys []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RMCAST;Reliable Multicast Protocol driver; \??\C:\WINDOWS\system32\drivers\RMCast.sys []
R3 RT61;D-Link Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-05-04 380928]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-31 193056]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2-aktiverat nav; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Drivrutin för USB-masslagringsenheter; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-01-30 718464]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-02-15 57096]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\catchme.sys []
S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 NETMDUSB;Net MD; C:\WINDOWS\System32\Drivers\NETMD033.sys [2003-11-10 36232]
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-01-12 252928]
S3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-09-06 36425]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB-skrivarklass; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Drivrutin för USB-skanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 ASChannel;Local Communication Channel; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 ASKService;ASKService; C:\Program\AskBarDis\bar\bin\AskService.exe [2008-11-24 464264]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program\Alwil Software\Avast4\aswUpdSv.exe [2008-11-18 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-04-27 405504]
R2 avast! Antivirus;avast! Antivirus; C:\Program\Alwil Software\Avast4\ashServ.exe [2008-11-18 155160]
R2 Bonjour Service;Bonjour-tjänst; C:\Program\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 btwdins;Bluetooth Service; C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe [2006-02-15 258103]
R2 hpqwmiex;hpqwmiex; C:\Program\Hewlett-Packard\Shared\hpqwmiex.exe [2006-03-15 135168]
R2 IFXSpMgtSrv;Security Platform Management Service; C:\WINDOWS\system32\IFXSPMGT.exe [2006-03-03 507904]
R2 IFXTCS;Trusted Platform Core Service; C:\WINDOWS\system32\IFXTCS.exe [2006-03-03 741376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program\Java\jre6\bin\jqs.exe [2008-09-23 147456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program\Delade filer\LightScribe\LSSrvc.exe [2006-03-23 73728]
R2 MSMQ;Message Queuing; C:\WINDOWS\system32\mqsvc.exe [2008-04-14 4608]
R2 MSMQTriggers;Message Queuing Triggers; C:\WINDOWS\system32\mqtgsvc.exe [2008-04-14 117248]
R2 PersonalSecureDriveService;Personal Secure Drive Service; C:\Program\ProtectTools\Embedded Security Software\PSDsrvc.EXE [2005-11-29 99872]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
R2 sprtsvc_telia;SupportSoft Sprocket Service (telia); C:\Program\Telia\Supportassistent\bin\sprtsvc.exe [2008-10-16 202016]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program\Windows Media Player\WMPNetwk.exe [2006-11-15 912384]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program\Alwil Software\Avast4\ashMaiSv.exe [2008-11-18 254040]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader Service; C:\Program\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 ASKUpgrade;ASKUpgrade; C:\Program\AskBarDis\bar\bin\ASKUpgrade.exe [2008-11-24 234888]
S2 PCA;PC Angel; C:\WINDOWS\SMINST\PCAngel.exe [2006-01-12 294912]
S2 SavRoam;SAVRoam; C:\Program\Symantec AntiVirus\SavRoam.exe []
S2 SupportSoft RemoteAssist;SupportSoft RemoteAssist; C:\Program\Delade filer\SupportSoft\bin\ssrc.exe [2008-10-16 382320]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program\Alwil Software\Avast4\ashWebSv.exe [2008-11-18 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;iPod Service; C:\Program\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 NetMDSB;MD Simple Burner Service; C:\Program\Sony\MD Simple Burner\NetMDSB.exe [2004-04-21 778240]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program\Delade filer\Sony Shared\AVLib\Pacsptisvr.exe [2004-01-30 65625]
S3 SPTISRV;Sony SPTI Service; C:\Program\Delade filer\Sony Shared\AVLib\Sptisrv.exe [2004-01-30 65622]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program\Symantec AntiVirus\DefWatch.exe []
S4 Symantec AntiVirus;Symantec AntiVirus; C:\Program\Symantec AntiVirus\Rtvscan.exe []

-----------------EOF-----------------

79nicklas · 28th November 2008

i only got a log.txt this time when running RSIT and no info.txt
is that in order?
regards nicklas

**Geri** · 28th November 2008

Hi

Quote:

this time when running RSIT and no info.txt
is that in order?

Yes that's normal.

Please do this again and make sure you get a "merged successfully" message.

Open “Notepad” Copy the contents of the code box below to the blank Notepad.
Click "File" > "Save as"
In the "Save In" box at the top click the down arrow and select DeskTop

In the “File name” type in: fix.reg
In the “Save As Type” select: All Files
Once saved, Go to your desktop double click “fix.reg file” and let it merge with the registry.

Code:

REGEDIT4

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7708365f-232f-11dd-88bc-001a731a6def}]

Then please post a new RSIT log.

Thanks
Geri

79nicklas · 29th November 2008

Logfile of random's system information tool 1.04 (written by random/random)
Run by Gideskog at 2008-11-29 00:08:11
Microsoft Windows XP Professional Service Pack 3
System drive C: has 42 GB (62%) free of 68 GB
Total RAM: 447 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:08:41, on 2008-11-29
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Alwil Software\Avast4\aswUpdSv.exe
C:\Program\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\AskBarDis\bar\bin\AskService.exe
C:\Program\Bonjour\mDNSResponder.exe
C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe
C:\Program\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\IFXSPMGT.exe
C:\Program\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\IFXTCS.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\Synaptics\SynTP\SynTPEnh.exe
C:\Program\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program\Delade filer\LightScribe\LSSrvc.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\Program\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program\Google\Gmail Notifier\gnotify.exe
C:\Program\Java\jre6\bin\jusched.exe
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\ProtectTools\Embedded Security Software\PSDsrvc.EXE
C:\WINDOWS\system32\PSIService.exe
C:\Program\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program\Telia\Supportassistent\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe
C:\Program\WIDCOMM\Bluetooth-programvara\BTTray.exe
C:\Program\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program\Alwil Software\Avast4\ashMaiSv.exe
C:\Program\ProtectTools\Embedded Security Software\PSDrt.exe
C:\Program\hpq\Shared\HPQTOA~1.EXE
C:\Program\Alwil Software\Avast4\ashWebSv.exe
C:\Program\Windows Live\Messenger\usnsvc.exe
C:\Program\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administratör\Skrivbord\RSIT.exe
C:\Program\trend micro\Gideskog.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/ig?hl=sv&source=iglk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program\HPQ\IAM\Bin\ItIeAddIN.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [ATICCC] "C:\Program\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [HP Software Update] c:\Program\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\Program\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program\Delade filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\Program\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program\InterVideo\DVD Check\DVDCheck.exe
O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O15 - Trusted Zone: *.cdon.com
O15 - Trusted Zone: *.cdon.se
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite....x/qtplugin.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/ca..._2.3.6.108.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - http://www.symantec.com/techsupp/asa...bs/tgctlsr.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/...oUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1172831367000
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1188820621593
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.postfoto.se/aurigma/ImageUploader4.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://order.vsfl.se/orderbase/direc...eUploader3.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/.../en/crlocx.ocx
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = fjallsatra.local
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: OneCard - C:\Program\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKService - Unknown owner - C:\Program\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program\Delade filer\LightScribe\LSSrvc.exe
O23 - Service: MD Simple Burner Service (NetMDSB) - Sony Corporation - C:\Program\Sony\MD Simple Burner\NetMDSB.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program\ProtectTools\Embedded Security Software\PSDsrvc.EXE
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SAVRoam (SavRoam) - Unknown owner - C:\Program\Symantec AntiVirus\SavRoam.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (telia) (sprtsvc_telia) - SupportSoft, Inc. - C:\Program\Telia\Supportassistent\bin\sprtsvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program\Delade filer\SupportSoft\bin\ssrc.exe

--
End of file - 14601 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUser.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program\AskBarDis\bar\bin\askBar.dll [2008-11-24 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-02-06 1372160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-08-31 110652]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program\Java\jre6\bin\ssv.dll [2008-09-23 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live inloggningshjälpen - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program\Java\jre6\bin\jp2ssv.dll [2008-09-23 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
HP Credential Manager for ProtectTools - C:\Program\HPQ\IAM\Bin\ItIeAddIN.dll [2005-03-03 50688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-09-23 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program\AskBarDis\bar\bin\askBar.dll [2008-11-24 333192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"=regsvr32 /s mqrt.dll []
"SoundMAXPnP"=C:\Program\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696]
"SoundMAX"=C:\Program\Analog Devices\SoundMAX\Smax4.exe [2005-05-06 716800]
"ATICCC"=C:\Program\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112]
"PTHOSTTR"=C:\Program\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE [2006-02-14 122880]
"HP Software Update"=c:\Program\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-08-31 122940]
"SynTPEnh"=C:\Program\Synaptics\SynTP\SynTPEnh.exe [2006-03-31 761946]
"CognizanceTS"=C:\Program\HPQ\IAM\Bin\AsTsVcc.dll [2003-12-22 17920]
"QlbCtrl"=C:\Program\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-03-23 131072]
"Cpqset"=C:\Program\Hewlett-Packard\Default Settings\cpqset.exe [2006-04-21 40960]
"Recguard"=C:\WINDOWS\Sminst\Recguard.exe [2005-12-20 1187840]
"Reminder"=C:\WINDOWS\Creator\Remind_XP.exe [2006-03-09 806912]
"Scheduler"=C:\WINDOWS\SMINST\Scheduler.exe [2006-02-15 892928]
"WatchDog"=C:\Program\InterVideo\DVD Check\DVDCheck.exe [2006-03-31 184320]
"SSBkgdUpdate"=C:\Program\Delade filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-09-29 155648]
"OpwareSE4"=C:\Program\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-03-21 69632]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]
"SunJavaUpdateSched"=C:\Program\Java\jre6\bin\jusched.exe [2008-09-23 144792]
"TkBellExe"=C:\Program\Delade filer\Real\Update_OB\realsched.exe [2008-04-08 185896]
"hpWirelessAssistant"=C:\Program\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2006-03-28 454656]
"Adobe Reader Speed Launcher"=C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"AppleSyncNotifier"=C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"QuickTime Task"=C:\Program\QuickTime\QTTask.exe [2008-09-06 413696]
"avast!"=C:\Program\ALWILS~1\Avast4\ashDisp.exe [2008-11-18 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MsnMsgr"=C:\Program\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"Google Update"=C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program\iTunes\iTunesHelper.exe [2008-10-01 289576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Telia]
C:\Program\Telia\Supportassistent\bin\sprtcmd.exe [2008-10-16 201976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Symantec RemoteAssist"=3
"Symantec AntiVirus"=2
"SPBBCSvc"=3
"SNDSrvc"=3
"DefWatch"=2
"ccSetMgr"=2
"ccPwdSvc"=3
"ccEvtMgr"=2

C:\Documents and Settings\All Users\Start-meny\Program\Autostart
Adobe Gamma Loader.lnk - C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe
BTTray.lnk - C:\Program\WIDCOMM\Bluetooth-programvara\BTTray.exe
DVD Check.lnk - C:\Program\InterVideo\DVD Check\DVDCheck.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-04-27 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IfxWlxEN]
C:\WINDOWS\system32\IfxWlxEN.dll [2006-03-03 434176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2005-11-15 43760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OneCard]
C:\Program\HPQ\IAM\Bin\AsWlnPkg.dll [2005-07-25 40960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceOb jectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
AsWlnPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Suppor tSoft RemoteAssist]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Syste m]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explor er]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FFFFFFFF

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameter s\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@x psp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Me ssage Queuing"
"C:\WINDOWS\SMINST\Scheduler.exe"="C:\WINDOWS\SMINST\Scheduler.exe:*:Enable d:Scheduler "
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program\Messenger\msmsgs.exe"="C:\Program\Messenger\msmsgs.exe:*:Enable d:Windows Messenger"
"C:\Program\Internet Explorer\iexplore.exe"="C:\Program\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program\Windows Live\Messenger\msnmsgr.exe"="C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program\Windows Live\Messenger\livecall.exe"="C:\Program\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Documents and Settings\Administratör\Lokala inställningar\Temp\WZSE0.TMP\SymNRT.exe"="C:\Documents and Settings\Administratör\Lokala inställningar\Temp\WZSE0.TMP\SymNRT.exe:*:Enabled:Symantec Removal Utility"
"C:\WINDOWS\LMI1A.tmp\lmi_rescue.exe"="C:\WINDOWS\LMI1A.tmp\lmi_rescue.exe: *:Enabled:LogMeIn Rescue"
"C:\Program\Bonjour\mDNSResponder.exe"="C:\Program\Bonjour\mDNSResponder.ex e:*:Enabled:Bonjour"
"C:\Program\iTunes\iTunes.exe"="C:\Program\iTunes\iTunes.exe:*:Enabled:iTun es"
"C:\Program\Skype\Phone\Skype.exe"="C:\Program\Skype\Phone\Skype.exe:*:Enab led:Skype. Take a deep breath "
"C:\Program\Vuze\Azureus.exe"="C:\Program\Vuze\Azureus.exe:*:Enabled:Azureu s"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameter s\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@x psp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Me ssage Queuing"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program\Windows Live\Messenger\msnmsgr.exe"="C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program\Windows Live\Messenger\livecall.exe"="C:\Program\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\F]
shell\AutoRun\command - F:\LaunchU3.exe -a

======List of files/folders created in the last 3 months======

2008-11-28 12:58:10 ----D---- C:\Documents and Settings\Administratör\Application Data\Malwarebytes
2008-11-28 12:58:01 ----D---- C:\Program\Malwarebytes' Anti-Malware
2008-11-28 12:58:01 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-11-28 12:52:45 ----RASHD---- C:\autorun.inf
2008-11-27 11:01:08 ----D---- C:\rsit
2008-11-26 11:06:38 ----D---- C:\Documents and Settings\All Users\Application Data\Azureus
2008-11-26 11:06:04 ----D---- C:\Documents and Settings\Administratör\Application Data\Azureus
2008-11-26 11:06:03 ----D---- C:\Program\AskBarDis
2008-11-19 10:39:38 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-11-17 19:53:06 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2008-11-16 22:53:53 ----D---- C:\Documents and Settings\Administratör\Application Data\gtk-2.0
2008-11-16 22:51:33 ----D---- C:\Program\Gimp-2.0
2008-11-12 17:01:38 ----D---- C:\WINDOWS\pss
2008-11-12 16:49:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-12 16:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-12 16:49:08 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-05 10:09:03 ----D---- C:\Program\iPod
2008-11-05 10:08:45 ----D---- C:\Program\iTunes
2008-11-05 10:08:45 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-03 17:52:13 ----D---- C:\Documents and Settings\Administratör\Application Data\Sony Corporation
2008-10-30 14:06:52 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2008-10-30 14:04:08 ----D---- C:\Program\Apple Software Update
2008-10-30 13:59:12 ----D---- C:\Program\Windows Installer Clean Up
2008-10-30 13:49:37 ----D---- C:\Program\Bonjour
2008-10-30 13:47:37 ----D---- C:\Program\QuickTime
2008-10-26 19:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-20 19:36:11 ----D---- C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-10-16 10:12:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-16 10:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-16 10:11:46 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-16 10:10:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-16 10:09:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-09-30 16:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll
2008-09-29 16:58:20 ----D---- C:\Documents and Settings\Administratör\Application Data\HERMA
2008-09-29 16:55:30 ----D---- C:\Program\Herma Etikettassistent 3.0
2008-09-29 16:55:18 ----N---- C:\WINDOWS\Setup1.exe
2008-09-29 16:55:13 ----A---- C:\WINDOWS\ST6UNST.EXE
2008-09-23 15:19:41 ----D---- C:\Program\Sun
2008-09-23 15:19:25 ----A---- C:\WINDOWS\system32\javaws.exe
2008-09-23 15:19:25 ----A---- C:\WINDOWS\system32\javaw.exe
2008-09-23 15:19:25 ----A---- C:\WINDOWS\system32\java.exe
2008-09-23 15:19:25 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-09-21 18:38:56 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-09-10 20:40:09 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-10 20:38:27 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-09-06 20:42:13 ----D---- C:\Documents and Settings\Administratör\Application Data\Pingus

======List of files/folders modified in the last 3 months======

2008-11-29 00:08:24 ----D---- C:\Program\Trend Micro
2008-11-29 00:08:14 ----D---- C:\WINDOWS\Prefetch
2008-11-28 23:59:52 ----D---- C:\WINDOWS\Temp
2008-11-28 23:59:05 ----D---- C:\WINDOWS
2008-11-28 14:02:24 ----D---- C:\Program\Mozilla Firefox
2008-11-28 13:12:25 ----D---- C:\WINDOWS\system32
2008-11-28 13:12:19 ----D---- C:\WINDOWS\SMINST
2008-11-28 13:11:15 ----D---- C:\WINDOWS\system32\drivers
2008-11-28 13:10:36 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-28 13:10:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-28 13:08:09 ----RD---- C:\Program
2008-11-27 21:40:31 ----D---- C:\Documents and Settings\Administratör\Application Data\FileZilla
2008-11-27 16:18:28 ----D---- C:\Documents and Settings\Administratör\Application Data\Real
2008-11-27 14:43:50 ----D---- C:\Documents and Settings\Administratör\Application Data\LimeWire
2008-11-27 14:42:19 ----D---- C:\Documents and Settings\Administratör\Application Data\DivX
2008-11-27 14:40:28 ----D---- C:\Program\Incomplete
2008-11-25 15:13:55 ----RSD---- C:\WINDOWS\Fonts
2008-11-19 21:45:11 ----D---- C:\WINDOWS\Help
2008-11-19 21:37:04 ----SD---- C:\WINDOWS\Tasks
2008-11-19 10:39:34 ----D---- C:\Program\Alwil Software
2008-11-19 10:34:15 ----A---- C:\WINDOWS\ntbtlog.txt
2008-11-17 19:55:19 ----D---- C:\Program\Delade filer\Symantec Shared
2008-11-17 19:07:38 ----SHD---- C:\WINDOWS\Installer
2008-11-17 10:56:47 ----D---- C:\Program\FileZilla FTP Client
2008-11-16 15:15:45 ----D---- C:\Program\DOSBox-0.63
2008-11-12 17:24:36 ----RASH---- C:\boot.ini
2008-11-12 17:24:36 ----A---- C:\WINDOWS\win.ini
2008-11-12 17:24:36 ----A---- C:\WINDOWS\system.ini
2008-11-12 17:07:28 ----SHD---- C:\WINDOWS\CSC
2008-11-12 16:51:02 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-11-12 16:50:01 ----HD---- C:\WINDOWS\inf
2008-11-12 16:49:59 ----RSHD---- C:\WINDOWS\system32\dllcache
2008-11-12 16:49:54 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-12 16:49:49 ----A---- C:\WINDOWS\imsins.BAK
2008-11-12 16:48:11 ----D---- C:\WINDOWS\WinSxS
2008-11-10 15:31:48 ----D---- C:\Program\spel
2008-11-09 14:55:56 ----D---- C:\Documents and Settings\Administratör\Application Data\Skype
2008-11-09 14:55:06 ----D---- C:\Documents and Settings\Administratör\Application Data\skypePM
2008-11-05 10:03:22 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-11-04 01:10:25 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-30 13:59:13 ----SD---- C:\Documents and Settings\Administratör\Application Data\Microsoft
2008-10-30 13:58:55 ----D---- C:\Program\MSECACHE
2008-10-30 13:47:49 ----D---- C:\Program\Delade filer\Apple
2008-10-30 13:47:31 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-10-30 13:27:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-29 00:06:25 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-16 10:11:11 ----D---- C:\Program\Internet Explorer
2008-10-16 10:10:54 ----D---- C:\WINDOWS\ie7updates
2008-10-15 17:38:27 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-03 18:26:34 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-10-01 10:22:36 ----D---- C:\WINDOWS\AppPatch
2008-10-01 10:22:03 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-09-29 16:55:35 ----D---- C:\Program\Delade filer\DESIGNER
2008-09-23 22:48:07 ----D---- C:\Program\Delade filer
2008-09-23 22:48:05 ----D---- C:\Program\Corel
2008-09-23 15:19:09 ----D---- C:\Program\Java
2008-09-21 18:39:45 ----D---- C:\Program\Delade filer\Adobe
2008-09-21 18:37:52 ----D---- C:\Program\Adobe
2008-09-10 02:16:22 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-09-05 23:31:12 ----A---- C:\WINDOWS\system32\WgaLogon.dll
2008-09-05 23:30:06 ----A---- C:\WINDOWS\system32\LegitCheckControl.dll
2008-09-05 23:30:02 ----N---- C:\WINDOWS\system32\WgaTray.exe
2008-09-04 18:17:38 ----A---- C:\WINDOWS\system32\msxml3.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-18 26944]
R1 AmdK8;AMD-processordrivrutin; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-18 110160]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-18 50864]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684]
R1 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
R1 kbdhid;HID-drivrutin för tangentbord; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [2005-11-29 36768]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-07-31 20747]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-18 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-18 94032]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-08-31 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-08-31 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-08-31 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-08-31 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-08-31 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-08-31 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-08-31 94332]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-01-30 13059]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-05-03 178176]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-06-07 152960]
R3 Arp1394;1394 ARP-klientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-18 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-04-27 1540096]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (AES2500); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2006-03-30 130432]
R3 b57w2k;Broadcom NetLink (TM) Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-02-09 142720]
R3 BCM43XX;Drivrutin för Broadcom 802.11 Nätverksadapter; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-12 604928]
R3 BTKRNL;Bluetooth-bussräknare; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-02-15 1342570]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344]
R3 HDAudBus;Microsoft UAA-bussdrivrutin för High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-01-30 1035008]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-01-30 201600]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2005-10-21 36352]
R3 MQAC;Message Queuing access control; \??\C:\WINDOWS\system32\drivers\mqac.sys []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RMCAST;Reliable Multicast Protocol driver; \??\C:\WINDOWS\system32\drivers\RMCast.sys []
R3 RT61;D-Link Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-05-04 380928]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-31 193056]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2-aktiverat nav; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-01-30 718464]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-02-15 57096]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\catchme.sys []
S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 NETMDUSB;Net MD; C:\WINDOWS\System32\Drivers\NETMD033.sys [2003-11-10 36232]
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-01-12 252928]
S3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-09-06 36425]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB-skrivarklass; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Drivrutin för USB-skanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Drivrutin för USB-masslagringsenheter; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 ASChannel;Local Communication Channel; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 ASKService;ASKService; C:\Program\AskBarDis\bar\bin\AskService.exe [2008-11-24 464264]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program\Alwil Software\Avast4\aswUpdSv.exe [2008-11-18 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-04-27 405504]
R2 avast! Antivirus;avast! Antivirus; C:\Program\Alwil Software\Avast4\ashServ.exe [2008-11-18 155160]
R2 Bonjour Service;Bonjour-tjänst; C:\Program\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 btwdins;Bluetooth Service; C:\Program\WIDCOMM\Bluetooth-programvara\bin\btwdins.exe [2006-02-15 258103]
R2 hpqwmiex;hpqwmiex; C:\Program\Hewlett-Packard\Shared\hpqwmiex.exe [2006-03-15 135168]
R2 IFXSpMgtSrv;Security Platform Management Service; C:\WINDOWS\system32\IFXSPMGT.exe [2006-03-03 507904]
R2 IFXTCS;Trusted Platform Core Service; C:\WINDOWS\system32\IFXTCS.exe [2006-03-03 741376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program\Java\jre6\bin\jqs.exe [2008-09-23 147456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program\Delade filer\LightScribe\LSSrvc.exe [2006-03-23 73728]
R2 MSMQ;Message Queuing; C:\WINDOWS\system32\mqsvc.exe [2008-04-14 4608]
R2 MSMQTriggers;Message Queuing Triggers; C:\WINDOWS\system32\mqtgsvc.exe [2008-04-14 117248]
R2 PersonalSecureDriveService;Personal Secure Drive Service; C:\Program\ProtectTools\Embedded Security Software\PSDsrvc.EXE [2005-11-29 99872]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
R2 sprtsvc_telia;SupportSoft Sprocket Service (telia); C:\Program\Telia\Supportassistent\bin\sprtsvc.exe [2008-10-16 202016]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program\Windows Media Player\WMPNetwk.exe [2006-11-15 912384]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program\Alwil Software\Avast4\ashMaiSv.exe [2008-11-18 254040]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader Service; C:\Program\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 ASKUpgrade;ASKUpgrade; C:\Program\AskBarDis\bar\bin\ASKUpgrade.exe [2008-11-24 234888]
S2 PCA;PC Angel; C:\WINDOWS\SMINST\PCAngel.exe [2006-01-12 294912]
S2 SavRoam;SAVRoam; C:\Program\Symantec AntiVirus\SavRoam.exe []
S2 SupportSoft RemoteAssist;SupportSoft RemoteAssist; C:\Program\Delade filer\SupportSoft\bin\ssrc.exe [2008-10-16 382320]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program\Alwil Software\Avast4\ashWebSv.exe [2008-11-18 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;iPod Service; C:\Program\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 NetMDSB;MD Simple Burner Service; C:\Program\Sony\MD Simple Burner\NetMDSB.exe [2004-04-21 778240]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program\Delade filer\Sony Shared\AVLib\Pacsptisvr.exe [2004-01-30 65625]
S3 SPTISRV;Sony SPTI Service; C:\Program\Delade filer\Sony Shared\AVLib\Sptisrv.exe [2004-01-30 65622]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program\Symantec AntiVirus\DefWatch.exe []
S4 Symantec AntiVirus;Symantec AntiVirus; C:\Program\Symantec AntiVirus\Rtvscan.exe []

-----------------EOF-----------------

79nicklas · 29th November 2008

sorry i forgot to run the fix.reg file earlier, it's done now and merged succesfully.

**Geri** · 29th November 2008

Hi
How are things running?

Please do this.

Download ATF Cleaner by Atribune and save it to your Desktop.
This is a good tool to get rid of the temporary garbage you pick up while surfing the net.
Double click ATF-Cleaner.exe to run the program.
Check the boxes to the left of:

Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
Recycle bin

The rest are optional - if you want it to remove everything check "Select All".
Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.

Now lets get a on line scan.

Please do an online scan with Kaspersky WebScanner

It's best to disable real time protection applications as they sometimes interfere with the scan.
Check this link for any applicable programs you may have.

Click on “Accept” If your pop –up blocker blocks any windows from opening.

Click Run on the window that opens.
Windows Vista users you must open the web browser using the Run as Administrator command.

The program will launch and then begin downloading the latest definition files:
Under Scan on the left side.Click on My Computer
This will start the program and scan your system.
Click the “Scan Report” On the left side.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.
- Click the Save Report As button, and in the Browse dialog box, type a name for the scan report file that you want to create and select its type Text file. Click OK to save the file.:
Save the text file to your desktop.
Copy and paste that information in your next post.

Please post the Kaspersky results.

Thanks

79nicklas · 9th December 2008

hi there,
sorry i havent been on for a while...
i have now done the kaspersky scan and the results are as follows.
seems to be one infected file:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Tuesday, December 9, 2008
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Tuesday, December 09, 2008 07:35:57
Records in database: 1446104
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Files scanned: 92555
Threat name: 1
Infected objects: 1
Suspicious objects: 0
Duration of the scan: 03:54:47

File name / Threat name / Threats count
C:\Documents and Settings\Administratör\Mina dokument\Installera\symantec\CleanWipe.exe Infected: Trojan.Win32.MonaGray.f 1

The selected area was scanned.

**Geri** · 10th December 2008

Hi
OK did you run CleanWipe at one time?
It seems to be a Symantic removal tool.

If you did and no longer need it, then delete this folder.

C:\Documents and Settings\Administratör\Mina dokument\Installera\symantec

Let me know how things are running.

Thanks

79nicklas · 10th December 2008

hi
yes i did run cleanwipe once, i've had big troubles trying to get rid of all traces of symantec, using other programs as well.
i can see in the rsit log that there are still some lines refering to symantec, it's been interfering with my common antivirus program, is whats left anything to worry about?

thanks for your help!