Hi - personal.exe is used by my bank for a electronic-ID-service.
When I tried to run GMER Rootkit Scanner I got a ugly bluescreen and once again the BAD_POOL_HEADER message.
Here is the info from OTL-scan though.
OTL logfile created on: 2011-01-21 21:35:58 - Run 1
OTL by OldTimer - Version 3.2.20.3 Folder = C:\Documents and Settings\Magnus o Annelie\Skrivbord
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd
1 014,00 Mb Total Physical Memory | 608,00 Mb Available Physical Memory | 60,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program
Drive C: | 149,04 Gb Total Space | 45,03 Gb Free Space | 30,21% Space Free | Partition Type: NTFS
Computer Name: LILLSKIT | User Name: Magnus o Annelie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Magnus o Annelie\Skrivbord\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Magnus o Annelie\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)
PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - C:\Program\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Program\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe (TOSHIBA CORPORATION.)
PRC - C:\Program\Toshiba\Bluetooth Toshiba Stack\TosHdpProc.exe (TOSHIBA CORPORATION.)
PRC - C:\Program\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe (TOSHIBA CORPORATION.)
PRC - C:\Program\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Program\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - C:\Program\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe (TOSHIBA CORPORATION.)
PRC - C:\Program\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Technology Solutions)
PRC - C:\Program\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Magnus o Annelie\Skrivbord\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV - (PEVSystemStart) -- File not found
SRV - (HidServ) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (AntiVirSchedulerService) -- C:\Program\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Adobe LM Service) -- C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (TestHandler) -- C:\Program\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Technology Solutions)
========== Driver Services (SafeList) ========== DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Program\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (tosrfbd) -- C:\WINDOWS\system32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (Tosrfcom) -- C:\WINDOWS\system32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (Tosrfusb) -- C:\WINDOWS\system32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (TosRfSnd) -- C:\WINDOWS\system32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\WINDOWS\system32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (tosporte) -- C:\WINDOWS\system32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (tosrfbnp) -- C:\WINDOWS\system32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (Tosrfhid) -- C:\WINDOWS\system32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (RSUSBSTOR) -- C:\WINDOWS\system32\drivers\RTSUCR.sys (Realtek Semiconductor Corp.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (iaStor) -- C:\WINDOWS\System32\drivers\iaStor.cat ()
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (FUJ02E3) -- C:\WINDOWS\system32\drivers\fuj02e3.sys (FUJITSU LIMITED)
DRV - (FUJ02B1) -- C:\WINDOWS\system32\drivers\fuj02b1.sys (FUJITSU LIMITED)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1547161642-2000478354-527237240-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.se/IE - HKU\S-1-5-21-1547161642-2000478354-527237240-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems:
fbchathistory@firechm.com:1.1.5
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program\Mozilla Firefox\components [2010-10-08 10:14:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2010-12-01 08:12:53 | 000,000,000 | ---D | M]
[2010-10-08 10:14:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magnus o Annelie\Application Data\Mozilla\Extensions
[2010-10-14 09:05:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magnus o Annelie\Application Data\Mozilla\Firefox\Profiles\vmn3b1xt.default\extensions
[2010-10-08 10:16:02 | 000,000,000 | ---D | M] (Facebook Chat History Manager) -- C:\Documents and Settings\Magnus o Annelie\Application Data\Mozilla\Firefox\Profiles\vmn3b1xt.default\extensions\fbchathistory@firechm.com
[2010-12-01 08:12:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions
[2010-12-01 08:12:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MAGNUS O ANNELIE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VMN3B1XT.DEFAULT\EXTENSIONS\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}
[2010-09-16 22:45:40 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010-09-15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-09-14 22:32:13 | 000,001,470 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\allaannonser-sv-SE.xml
[2010-09-14 22:32:13 | 000,002,670 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\prisjakt-sv-SE.xml
[2010-09-14 22:32:13 | 000,000,948 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\tyda-sv-SE.xml
[2010-09-14 22:32:13 | 000,001,174 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\wikipedia-sv-SE.xml
[2010-09-14 22:32:13 | 000,000,951 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\yahoo-sv-SE.xml
O1 HOSTS File: ([2008-04-15 13:00:00 | 000,000,710 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Windows Live inloggningshjälpen) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Bluetooth Manager.lnk = C:\Program\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\Magnus o Annelie\Start-meny\Program\Autostart\Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1547161642-2000478354-527237240-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1547161642-2000478354-527237240-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program\PokerStars\PokerStarsUpdate.exe (PokerStars)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Min aktuella startsida) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Magnus o Annelie\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Magnus o Annelie\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-09-16 17:40:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a66dc8f2-c1bf-11df-b87e-806d6172696f}\Shell\AutoRun\command - "" = U:\MAMMA_O_BONUS\MAMMA_O_BONUSATi.exe
O33 - MountPoints2\{a66dc8f2-c1bf-11df-b87e-806d6172696f}\Shell\open\command - "" = U:\MAMMA_O_BONUS\MAMMA_O_BONUSATi.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011-01-21 21:34:22 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\OTL.exe
[2011-01-21 14:54:17 | 001,153,912 | ---- | C] (Emsi Software GmbH) -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\BlitzBlank.exe
[2011-01-21 14:23:57 | 000,000,000 | ---D | C] -- C:\MRU
[2011-01-21 14:17:32 | 000,000,000 | ---D | C] -- C:\sp3
[2011-01-21 00:06:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011-01-20 23:58:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011-01-20 23:57:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magnus o Annelie\Application Data\Avira
[2011-01-20 23:51:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Avira
[2011-01-20 23:50:56 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011-01-20 23:50:54 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011-01-20 23:50:54 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011-01-20 23:50:54 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011-01-20 23:50:54 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011-01-20 23:50:53 | 000,000,000 | ---D | C] -- C:\Program\Avira
[2011-01-20 23:50:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011-01-20 22:21:30 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011-01-20 22:17:48 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011-01-20 18:19:07 | 000,000,000 | ---D | C] -- C:\Program\Trend Micro
[2011-01-20 18:19:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magnus o Annelie\Start-meny\Program\HiJackThis
[2011-01-20 18:08:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011-01-20 17:35:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magnus o Annelie\Application Data\AVG10
[2011-01-20 17:26:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011-01-20 17:24:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011-01-20 17:18:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011-01-20 17:07:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011-01-19 23:56:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011-01-19 23:56:18 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011-01-19 23:56:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011-01-19 23:56:18 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011-01-19 23:54:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011-01-19 23:54:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011-01-19 23:15:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magnus o Annelie\Start-meny\Program\Google Chrome
[2011-01-19 22:36:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Rootkit Unhooker LE
[2011-01-19 22:05:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magnus o Annelie\Application Data\Malwarebytes
[2011-01-19 22:04:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011-01-19 22:04:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes' Anti-Malware
[2011-01-19 22:04:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011-01-19 22:04:02 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-01-19 22:04:02 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware
[2011-01-19 20:55:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011-01-19 20:03:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magnus o Annelie\Lokala inställningar\Application Data\Sunbelt Software
[2011-01-19 20:02:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2011-01-19 20:01:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011-01-09 22:09:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\Spel till Annelie
[2010-12-26 21:26:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Black Isle
[2010-12-26 21:21:22 | 000,000,000 | ---D | C] -- C:\Program\Black Isle
[2010-12-26 21:20:03 | 000,058,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\redbook.sys
[2010-12-26 21:17:19 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-12-26 21:17:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\DAEMON Tools Lite
[2010-12-26 21:17:11 | 000,000,000 | ---D | C] -- C:\Program\DAEMON Tools Lite
[2010-12-26 21:16:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magnus o Annelie\Application Data\DAEMON Tools Lite
[2010-12-26 21:16:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010-12-25 18:48:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\Stephen Lynch
[2010-12-25 18:44:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\Stephen Lynch-3 albums
[2010-12-24 23:43:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\Baldur's Gate II - SoA + ToB expansion
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011-01-21 21:34:38 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\kkt5814m.exe
[2011-01-21 21:34:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\OTL.exe
[2011-01-21 21:05:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-01-21 20:42:00 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-2000478354-527237240-1004UA.job
[2011-01-21 15:03:31 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2011-01-21 14:54:16 | 001,153,912 | ---- | M] (Emsi Software GmbH) -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\BlitzBlank.exe
[2011-01-21 12:04:16 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\SystemLook.exe
[2011-01-20 23:51:09 | 000,001,651 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Avira AntiVir Control Center.lnk
[2011-01-20 23:42:00 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-2000478354-527237240-1004Core.job
[2011-01-20 22:21:35 | 000,000,461 | RHS- | M] () -- C:\boot.ini
[2011-01-20 21:54:34 | 059,325,912 | ---- | M] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\avira_antivir_personal_en.exe
[2011-01-20 18:19:10 | 000,002,431 | ---- | M] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\HiJackThis.lnk
[2011-01-20 18:10:33 | 004,158,604 | R--- | M] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\ComboFix.exe
[2011-01-19 23:15:43 | 000,002,419 | ---- | M] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\Google Chrome.lnk
[2011-01-19 23:15:43 | 000,002,397 | ---- | M] () -- C:\Documents and Settings\Magnus o Annelie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011-01-19 23:13:12 | 000,001,564 | ---- | M] () -- C:\Documents and Settings\Magnus o Annelie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011-01-19 23:13:12 | 000,001,546 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Mozilla Firefox.lnk
[2011-01-19 22:31:02 | 000,000,020 | ---- | M] () -- C:\Documents and Settings\Magnus o Annelie\defogger_reenable
[2011-01-19 22:04:07 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes' Anti-Malware.lnk
[2011-01-19 21:59:44 | 000,000,454 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011-01-19 21:58:07 | 000,000,345 | ---- | M] () -- C:\Boot.bak
[2011-01-19 15:37:10 | 000,085,504 | ---- | M] () -- C:\Documents and Settings\Magnus o Annelie\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-01-17 21:56:02 | 003,971,318 | ---- | M] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\gammal_bild.jpg
[2011-01-13 15:11:55 | 000,019,116 | ---- | M] () -- C:\WINDOWS\MSTMON_S.INI
[2011-01-13 14:28:13 | 000,008,870 | ---- | M] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\Bookmarks.bak
[2011-01-13 14:28:13 | 000,008,870 | ---- | M] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\Bookmarks
[2010-12-26 21:18:36 | 000,100,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-12-26 21:17:19 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-12-25 10:42:12 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Bluetooth Manager.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ========== [2011-01-21 21:34:39 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\kkt5814m.exe
[2011-01-21 12:04:18 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\SystemLook.exe
[2011-01-20 23:51:09 | 000,001,651 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Avira AntiVir Control Center.lnk
[2011-01-20 22:21:35 | 000,000,345 | ---- | C] () -- C:\Boot.bak
[2011-01-20 22:21:33 | 000,260,784 | RHS- | C] () -- C:\cmldr
[2011-01-20 21:52:05 | 059,325,912 | ---- | C] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\avira_antivir_personal_en.exe
[2011-01-20 18:19:07 | 000,002,431 | ---- | C] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\HiJackThis.lnk
[2011-01-20 18:10:19 | 004,158,604 | R--- | C] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\ComboFix.exe
[2011-01-19 23:56:18 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011-01-19 23:56:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011-01-19 23:56:18 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011-01-19 23:56:18 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011-01-19 23:56:18 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011-01-19 23:15:43 | 000,002,419 | ---- | C] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\Google Chrome.lnk
[2011-01-19 23:15:43 | 000,002,397 | ---- | C] () -- C:\Documents and Settings\Magnus o Annelie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011-01-19 23:13:12 | 000,001,564 | ---- | C] () -- C:\Documents and Settings\Magnus o Annelie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011-01-19 23:13:12 | 000,001,546 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Mozilla Firefox.lnk
[2011-01-19 22:55:45 | 000,008,870 | ---- | C] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\Bookmarks.bak
[2011-01-19 22:55:05 | 000,008,870 | ---- | C] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\Bookmarks
[2011-01-19 22:30:49 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\Magnus o Annelie\defogger_reenable
[2011-01-19 22:04:07 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes' Anti-Malware.lnk
[2011-01-19 20:08:50 | 000,000,454 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011-01-17 21:55:58 | 003,971,318 | ---- | C] () -- C:\Documents and Settings\Magnus o Annelie\Skrivbord\gammal_bild.jpg
[2010-12-17 23:45:12 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-12-17 23:45:12 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-11-25 15:54:16 | 000,019,253 | ---- | C] () -- C:\WINDOWS\MSUMLT_S.ini
[2010-11-25 15:53:31 | 000,019,116 | ---- | C] () -- C:\WINDOWS\MSTMON_S.INI
[2010-09-17 21:28:25 | 000,085,504 | ---- | C] () -- C:\Documents and Settings\Magnus o Annelie\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-09-17 21:12:26 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010-09-17 21:12:26 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010-09-17 21:12:19 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Magnus o Annelie\Application Data\$_hpcst$.hpc
[2010-09-16 20:19:40 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2010-09-16 19:31:25 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-09-16 12:07:39 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\Property.dll
[2009-03-03 19:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008-04-25 12:23:38 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\EvOnlDiag.dll
[2007-10-25 16:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
< End of report >
OTL Extras logfile created on: 2011-01-21 21:35:58 - Run 1
OTL by OldTimer - Version 3.2.20.3 Folder = C:\Documents and Settings\Magnus o Annelie\Skrivbord
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd
1 014,00 Mb Total Physical Memory | 608,00 Mb Available Physical Memory | 60,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program
Drive C: | 149,04 Gb Total Space | 45,03 Gb Free Space | 30,21% Space Free | Partition Type: NTFS
Computer Name: LILLSKIT | User Name: Magnus o Annelie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-1547161642-2000478354-527237240-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Program\Spotify\spotify.exe" = C:\Program\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program\mIRC\mirc.exe" = C:\Program\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\Program\Sports Interactive\Football Manager 2010\fm.exe" = C:\Program\Sports Interactive\Football Manager 2010\fm.exe:*:Disabled:Football Manager 2010
"C:\Documents and Settings\Magnus o Annelie\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Documents and Settings\Magnus o Annelie\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client -- (Octoshape ApS)
"C:\Documents and Settings\Magnus o Annelie\Skrivbord\mIRC\mirc.exe" = C:\Documents and Settings\Magnus o Annelie\Skrivbord\mIRC\mirc.exe:*:Enabled:mIRC
"C:\Program\Steam\Steam.exe" = C:\Program\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program\Magic\Manalink.exe" = C:\Program\Magic\Manalink.exe:*:Enabled:manalink
"C:\Program\AVG\AVG10\avgmfapx.exe" = C:\Program\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0E93710D-31E5-477C-8A4B-5032B484BE74}" = Windows Live inloggningsassistenten
"{12724D97-D3B2-4884-8A60-E7C4E86F5A7D}" = Fujitsu Hotkey Utility
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 22
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{423B39E8-0A8E-4522-BB0A-FCCF86479977}_is1" = VVVVVV (Window v1.0)
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = USB2.0 Card Reader Software
"{9D71329D-95A5-4297-8F79-DCDBD156420A}" = Windows Live Essentials
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B8C3B479-1716-11D5-968A-0050BA84F5F7}" = Baldur's Gate(TM) II - Throne of Bhaal (TM)
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E1E502E2-C006-49DB-9C0C-F2196E51826F}_is1" = Rootkit Unhooker LE 3.8 SR 2
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EF59DB7F-7426-426E-B862-7031F83ED304}" = SystemDiagnostics
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F13225E2-6533-4923-A657-083A151E667E}" = Windows Live Messenger
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bejeweled 31.0" = Bejeweled 3
"CDisplay_is1" = CDisplay 1.8
"Foxit Reader" = Foxit Reader
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"KONICA MINOLTA magicolor 2400W" = KONICA MINOLTA magicolor 2400W
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"mIRC" = mIRC
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Personal" = BankID säkerhetsprogram 4.10.4
"PokerStars" = PokerStars
"Spotify" = Spotify
"Svenska Spels Poker" = Svenska Spels Poker
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"VLC media player" = VLC media player 1.1.4
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.2.2 final uninstall
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1547161642-2000478354-527237240-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Octoshape Streaming Services" = Octoshape Streaming Services
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 2010-12-08 07:25:32 | Computer Name = LILLSKIT | Source = Application Error | ID = 1000
Description = Felaktigt program facemaker.exe, version 0.0.0.0, felaktig modul facemaker.exe,
version 0.0.0.0, felaktig adress 0x0000927d.
Error - 2010-12-08 07:25:33 | Computer Name = LILLSKIT | Source = Application Error | ID = 1000
Description = Felaktigt program facemaker.exe, version 0.0.0.0, felaktig modul facemaker.exe,
version 0.0.0.0, felaktig adress 0x0000927d.
Error - 2010-12-08 07:25:34 | Computer Name = LILLSKIT | Source = Application Error | ID = 1000
Description = Felaktigt program facemaker.exe, version 0.0.0.0, felaktig modul facemaker.exe,
version 0.0.0.0, felaktig adress 0x0000927d.
Error - 2010-12-08 17:46:49 | Computer Name = LILLSKIT | Source = Application Error | ID = 1000
Description = Felaktigt program supermeatboy.exe, version 0.0.0.0, felaktig modul
unknown, version 0.0.0.0, felaktig adress 0x0002002b.
Error - 2010-12-18 15:07:07 | Computer Name = LILLSKIT | Source = Application Hang | ID = 1002
Description = Stoppat program chrome.exe, version 0.0.0.0, stoppad modul hungapp,
version 0.0.0.0, stoppad adress 0x00000000.
Error - 2010-12-25 05:41:53 | Computer Name = LILLSKIT | Source = MsiInstaller | ID = 11304
Description = Product: WebFldrs XP -- Error 1304. Error writing to file: C:\Program\Delade
filer\Microsoft Shared\Web Server Extensions\40\bin\FP4AWEC.DLL. Verify that you
have access to that directory.
Error - 2010-12-26 16:36:54 | Computer Name = LILLSKIT | Source = Application Hang | ID = 1002
Description = Stoppat program bgdxtest.exe, version 0.0.0.0, stoppad modul hungapp,
version 0.0.0.0, stoppad adress 0x00000000.
Error - 2010-12-26 16:36:59 | Computer Name = LILLSKIT | Source = Application Hang | ID = 1002
Description = Stoppat program BGConfig.exe, version 2.5.0.25, stoppad modul hungapp,
version 0.0.0.0, stoppad adress 0x00000000.
Error - 2011-01-19 15:03:15 | Computer Name = LILLSKIT | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 2011-01-20 20:36:58 | Computer Name = LILLSKIT | Source = Application Error | ID = 1000
Description = Felaktigt program chrome.exe, version 0.0.0.0, felaktig modul unknown,
version 0.0.0.0, felaktig adress 0x0015191b.
[ System Events ]
Error - 2010-11-26 11:58:42 | Computer Name = LILLSKIT | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: Den inbäddade styrenheten svarade inte inom den angivna
tidsgränsen. Detta kan bero på ett fel i maskinvaran, i den inbyggda programvaran,
eller en dåligt designad BIOS som har osäker åtkomst till den inbäddade styrenheten.
Drivrutinen för den inbäddade styrenheten kommer att försöka genomföra den misslyckade
transaktionen om möjligt.
Error - 2010-11-27 07:07:49 | Computer Name = LILLSKIT | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: Den inbäddade styrenheten svarade inte inom den angivna
tidsgränsen. Detta kan bero på ett fel i maskinvaran, i den inbyggda programvaran,
eller en dåligt designad BIOS som har osäker åtkomst till den inbäddade styrenheten.
Drivrutinen för den inbäddade styrenheten kommer att försöka genomföra den misslyckade
transaktionen om möjligt.
Error - 2010-11-29 03:54:21 | Computer Name = LILLSKIT | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: Den inbäddade styrenheten svarade inte inom den angivna
tidsgränsen. Detta kan bero på ett fel i maskinvaran, i den inbyggda programvaran,
eller en dåligt designad BIOS som har osäker åtkomst till den inbäddade styrenheten.
Drivrutinen för den inbäddade styrenheten kommer att försöka genomföra den misslyckade
transaktionen om möjligt.
Error - 2010-12-01 03:31:04 | Computer Name = LILLSKIT | Source = BROWSER | ID = 8032
Description = Tjänsten Browser har misslyckats för många gånger med att hämta backup-listan
på transporten \Device\NetBT_Tcpip_{D36DD1E1-1FA7-4D63-B521-E82730D1E780}. Backup-browsern
stoppas.
Error - 2010-12-01 05:08:19 | Computer Name = LILLSKIT | Source = Service Control Manager | ID = 7034
Description = Tjänsten Java Quick Starter avslutades oväntat. Detta har skett 1
gånger.
Error - 2010-12-03 06:58:37 | Computer Name = LILLSKIT | Source = Dhcp | ID = 1002
Description = IP-adresslånet 10.0.0.3 för det nätverkskort som har nätverksadressen
0017C4A30922 har nekats av DHCP-servern 10.0.0.1 (DHCP-servern skickade ett DHCPNACK-meddelande).
Error - 2010-12-05 04:51:23 | Computer Name = LILLSKIT | Source = BROWSER | ID = 8032
Description = Tjänsten Browser har misslyckats för många gånger med att hämta backup-listan
på transporten \Device\NetBT_Tcpip_{D36DD1E1-1FA7-4D63-B521-E82730D1E780}. Backup-browsern
stoppas.
Error - 2010-12-06 11:11:24 | Computer Name = LILLSKIT | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: Den inbäddade styrenheten svarade inte inom den angivna
tidsgränsen. Detta kan bero på ett fel i maskinvaran, i den inbyggda programvaran,
eller en dåligt designad BIOS som har osäker åtkomst till den inbäddade styrenheten.
Drivrutinen för den inbäddade styrenheten kommer att försöka genomföra den misslyckade
transaktionen om möjligt.
Error - 2010-12-12 12:20:41 | Computer Name = LILLSKIT | Source = Dhcp | ID = 1000
Description = Lånet av IP-adressen 10.0.0.6 för kortet med nätverksadressen 0017C4A30922
har förlorats.
Error - 2010-12-13 16:54:02 | Computer Name = LILLSKIT | Source = MRxSmb | ID = 8003
Description = Master browser har mottagit ett meddelande från datorn BUGDATOR som
tror att den är master browser för domänen på transporten NetBT_Tcpip_{D36DD1E1-1FA7-4D63-.
Master browser stannar eller ett val tvingas att göras.
< End of report >