Fremmede burgerkonti på diske
Antal indlæg: 12

Der er oprettet to fremmede brugerkonti på flere af mine diske. Disse kan kun ses når jeg højreklikker i stifinder og vælger egenskaber/sikkerhed.
Umiddelbart kan de ikke slettes eller ændres. Det lykkedes mig dog umiddelbart i går at slette på nogle af harddiskene (jeg er ikke helt klar over hvordan jeg gjorde…), men de findes stadig på min netværksharddisk.

Hvordan fjerner jeg dem og sikre mig jeg fik fjernet alt igår?

Vedhæftet er diverse scanlogs fra Eset, Malwarebytes, SUPERAntiSpyware og DDS.

Vedhæftede filer
Div.scan_logs.zip  (Filstørrelse: 12 - Downloads: 47)
Administrator
Antal indlæg: 8590

Hej, og velkommen til smile

Du kører med to Antivitus. Du skal afinstallerer et af dem excaim

Download OTL af OldTimer og gem den på dit skrivebord.

Start OTL

Vista og Windows 7 - højreklik på filen - Kør som Administrator.

Når vinduet vises, skal du under Output i toppen skifte til “Minimal Output”.
Øverst sætter du flueben i “Scan All Users

I boksen “Custom Scans/Fixes” kopierer du det fremhævede ind.

%SYSTEMDRIVE%\*.*
%HOMEPATH%\..\*.
%USERPROFILE%\..|smtmp;true;true;true /FP
%programfiles%\*.
CREATERESTOREPOINT

Luk alle åbne vinduer og klik på “Run Scan” øverst til venstre og lad programmet køre. Scanningen kan tage 5-10 minutter.

Det vil give to logfiler på skrivebordet, OTL.txt og Extras.txt.

Så kopier følgende ind i dit næste indlæg (i rækkefølge):

Indholdet af OTL.txt
Indholdet af Extras.txt

Da de er forholdsvis lange, kan du blive nødt til at sende dem i flere indlæg.

Signatur

Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

Antal indlæg: 12

De kunne begge være der.
_________________________________
Indhold af OTL.txt

OTL logfile created on: 12-02-2012 14:13:36 - Run 1
OTL by OldTimer - Version 3.2.31.0   Folder = C:\Users\Jacob From\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

15,98 Gb Total Physical Memory | 14,07 Gb Available Physical Memory | 88,06% Memory free
31,97 Gb Paging File | 28,79 Gb Available in Paging File | 90,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,30 Gb Total Space | 27,48 Gb Free Space | 24,69% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 850,19 Gb Free Space | 91,27% Space Free | Partition Type: NTFS
Drive E: | 1853,01 Gb Total Space | 1347,07 Gb Free Space | 72,70% Space Free | Partition Type: NTFS
Drive F: | 647,28 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1397,27 Gb Total Space | 503,85 Gb Free Space | 36,06% Space Free | Partition Type: NTFS

Computer Name: JF-NY_PC | User Name: Jacob From | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Jacob From\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Jacob From\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
PRC - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
PRC - C:\Users\Jacob From\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - D:\Program_Files\Malwarebytes’ Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - D:\Program_Files\Malwarebytes’ Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.)
PRC - D:\Program_Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - D:\Program_Files\DAEMON Tools Lite\DTShellHlp.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
PRC - D:\Program_Files\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe (ACD Systems International Inc.)
PRC - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - D:\Program_Files\SuperCopier2\SuperCopier2.exe (SFX TEAM)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Evernote\Evernote\libtidy.dll ()
MOD - C:\Program Files (x86)\Evernote\Evernote\libxml2.dll ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (cmdAgent)—C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV:64bit: - (CLPSLS)—C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe (COMODO)
SRV:64bit: - (wlcrasvc)—C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend)—C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (Akamai)—c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll ()
SRV - (MBAMService)—D:\Program_Files\Malwarebytes’ Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice)—C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Lavasoft Ad-Aware Service)—C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (nvUpdatusService)—C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service)—C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (KMService)—C:\Windows\SysWOW64\srvany.exe ()
SRV - (!SASCORE)—D:\Program_Files\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV - (IAStorDataMgrSvc) Intel(R)—C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (BBSvc)—C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort)—C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (HPSLPSVC)—C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (clr_optimization_v4.0.30319_32)—C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2)—c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (clr_optimization_v2.0.50727_32)—C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (cmderd)—C:\Windows\SysNative\drivers\cmderd.sys (COMODO)
DRV:64bit: - (dtsoftbus01)—C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (MBAMProtector)—C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Lbd)—C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB)
DRV:64bit: - (NVHDA)—C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (iaStor)—C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RTL8167)—C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                             )
DRV:64bit: - (Netaapl)—C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (USBAAPL64)—C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata)—C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata)—C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (EtronXHCI)—C:\Windows\SysNative\drivers\EtronXHCI.sys (Etron Technology Inc)
DRV:64bit: - (EtronHub3)—C:\Windows\SysNative\drivers\EtronHub3.sys (Etron Technology Inc)
DRV:64bit: - (PxHlpa64)—C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (WDC_SAM)—C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (TsUsbFlt)—C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD)—C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD)—C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (nusb3xhc)—C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub)—C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (MEIx64) Intel(R)—C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (fssfltr)—C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Impcd)—C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (amdsbs)—C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2)—C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor)—C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) Driver til serielt digitalt kamera (stillbilleder)—C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (dc21x4vm)—C:\Windows\SysNative\drivers\dc21x4vm.sys (Microsoft Corp.)
DRV:64bit: - (ebdrv)—C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv)—C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a)—C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir)—C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM)—C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (grmnusb)—C:\Windows\SysNative\drivers\grmnusb.sys (GARMIN Corp.)
DRV - (Lavasoft Kernexplorer)—C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys ()
DRV - (SASDIFSV)—D:\Program_Files\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL)—D:\Program_Files\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})—D:\Program_Files\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.)
DRV - (WIMMount)—C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASPI)—C:\Windows\SysWOW64\drivers\ASPI32.SYS (Adaptec)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://nmd.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0




IE - HKU\S-1-5-21-2964658577-4209496961-628298702-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nmd.msn.com
IE - HKU\S-1-5-21-2964658577-4209496961-628298702-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-2964658577-4209496961-628298702-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://tv2.dk/
IE - HKU\S-1-5-21-2964658577-4209496961-628298702-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKU\S-1-5-21-2964658577-4209496961-628298702-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” = *.local;127.0.0.1:9421;

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program_Files\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-08-10 18:01:49 | 000,000,000 |—-D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-08-10 18:01:49 | 000,000,000 |—-D | M]


O1 HOSTS File: ([2011-08-09 23:00:32 | 000,001,798 |——| M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1           activate.adobe.com
O1 - Hosts: 127.0.0.1           practivate.adobe.com
O1 - Hosts: 127.0.0.1           ereg.adobe.com
O1 - Hosts: 127.0.0.1           activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1           wip3.adobe.com
O1 - Hosts: 127.0.0.1           3dns-3.adobe.com
O1 - Hosts: 127.0.0.1           3dns-2.adobe.com
O1 - Hosts: 127.0.0.1           adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1           adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1           adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1           ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1           activate-sea.adobe.com
O1 - Hosts: 127.0.0.1           wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1           activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1                     adobe.activate.com
O1 - Hosts: 127.0.0.1                     adobeereg.com                
O1 - Hosts: 127.0.0.1                     http://www.adobeereg.com             
O1 - Hosts: 127.0.0.1                     wwis-dubc1-vip60.adobe.com      
O1 - Hosts: 127.0.0.1                     125.252.224.90              
O1 - Hosts: 127.0.0.1                     125.252.224.91
O1 - Hosts: 127.0.0.1                     hl2rcv.adobe.com
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [Malwarebytes’ Anti-Malware] D:\Program_Files\Malwarebytes’ Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [WinampAgent] D:\Program_Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [Akamai NetSession Interface] C:\Users\Jacob From\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [DAEMON Tools Lite] D:\Program_Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [Device Detector] DevDetect.exe -autorun File not found
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [SUPERAntiSpyware] D:\Program_Files\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [SuperCopier2.exe] D:\Program_Files\SuperCopier2\SuperCopier2.exe (SFX TEAM)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Jacob From\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Jacob From\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Jacob From\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: E&xport; to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd; to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: E&xport; to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd; to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra ‘Tools’ menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {7ECB1A47-6647-4B2C-A8DA-675569C9FF15} http://services.soft2print.com/Upload/Aurigma_7_0_37/ImageUploader7.cab (Image Uploader Control)
O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab (iCloud Web App Plugin)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab (e-Safekey)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/WBXclient-T27L10NSP25-10481/webex/ieatgpc1.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1F24CB4A-8DD2-477D-8338-915B03436A27}: DhcpNameServer = 80.251.201.177 80.251.201.178
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{76A2A537-EFA5-4F5E-99B5-14A00A7D4258}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) -C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-12-15 14:00:42 | 000,032,768 | R—- | M] (Steven Blackburn) - F:\autorun.exe—[ CDFS ]
O32 - AutoRun File - [2011-12-15 14:00:42 | 000,000,052 | R—- | M] () - F:\autorun.inf—[ CDFS ]
O32 - AutoRun File - [2009-09-17 12:26:15 | 000,000,000 | RH-D | M] - G:\autorun—[ NTFS ]
O32 - AutoRun File - [2002-10-17 03:56:50 | 000,000,036 | RH—| M] () - G:\autorun.inf—[ NTFS ]
O33 - MountPoints2\{d5c6c642-4854-11e1-9d72-50e5493a665f}\Shell - “” = AutoRun
O33 - MountPoints2\{d5c6c642-4854-11e1-9d72-50e5493a665f}\Shell\AutoRun\command - “” = “I:\WD SmartWare.exe” autoplay=true
O33 - MountPoints2\{d8c67050-be77-11e0-92ef-806e6f6e6963}\Shell - “” = AutoRun
O33 - MountPoints2\{d8c67050-be77-11e0-92ef-806e6f6e6963}\Shell\AutoRun\command - “” = F:\AUTORUN.EXE default.html
O33 - MountPoints2\{fd1fa839-c894-11e0-b1d3-50e5493a665f}\Shell - “” = AutoRun
O33 - MountPoints2\{fd1fa839-c894-11e0-b1d3-50e5493a665f}\Shell\AutoRun\command - “” = I:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open]—“%1” %*
O35:64bit: - HKLM\..exefile [open]—“%1” %*
O35 - HKLM\..comfile [open]—“%1” %*
O35 - HKLM\..exefile [open]—“%1” %*
O37:64bit: - HKLM\...com [@ = comfile]—“%1” %*
O37:64bit: - HKLM\...exe [@ = exefile]—“%1” %*
O37 - HKLM\...com [@ = comfile]—“%1” %*
O37 - HKLM\...exe [@ = exefile]—“%1” %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012-02-12 14:11:28 | 000,584,192 |——| C] (OldTimer Tools)—C:\Users\Jacob From\Desktop\OTL.exe
[2012-02-12 09:43:47 | 000,000,000 |—-D | C]—C:\Users\Jacob From\AppData\Roaming\SUPERAntiSpyware.com
[2012-02-12 09:43:21 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012-02-12 09:43:19 | 000,000,000 |—-D | C]—C:\ProgramData\SUPERAntiSpyware.com
[2012-02-12 08:44:48 | 000,000,000 |—-D | C]—C:\Users\Jacob From\AppData\Roaming\Malwarebytes
[2012-02-12 08:44:31 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes’ Anti-Malware
[2012-02-12 08:44:29 | 000,038,224 |——| C] (Malwarebytes Corporation)—C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2012-02-12 08:44:28 | 000,023,152 |——| C] (Malwarebytes Corporation)—C:\Windows\SysNative\drivers\mbam.sys
[2012-02-12 08:44:28 | 000,000,000 |—-D | C]—C:\ProgramData\Malwarebytes
[2012-02-11 11:41:21 | 000,000,000 |—-D | C]—C:\Program Files (x86)\ESET
[2012-02-11 11:40:22 | 000,000,000 |—-D | C]—C:\Users\Jacob From\Desktop\SWF
[2012-02-06 13:11:30 | 000,000,000 |—-D | C]—C:\Users\Jacob From\Documents\Ansøgninger
[2012-02-06 04:02:08 | 000,000,000 | -HSD | C]—C:\found.000
[2012-02-01 12:39:40 | 000,000,000 |—-D | C]—C:\Users\Jacob From\AppData\Local\{7265FA9C-C3B1-4CE2-AA62-24E832DF3BAA}
[2012-02-01 12:39:30 | 000,000,000 |—-D | C]—C:\Users\Jacob From\AppData\Local\{9DE32923-32D0-45C0-9D91-260CF1D5B7BE}
[2012-02-01 07:54:48 | 001,447,936 |——| C] (Microsoft Corporation)—C:\Windows\SysNative\lsasrv.dll
[2012-02-01 07:54:48 | 000,395,776 |——| C] (Microsoft Corporation)—C:\Windows\SysNative\webio.dll
[2012-02-01 07:54:48 | 000,314,880 |——| C] (Microsoft Corporation)—C:\Windows\SysWow64\webio.dll
[2012-02-01 07:54:48 | 000,136,192 |——| C] (Microsoft Corporation)—C:\Windows\SysNative\sspicli.dll
[2012-02-01 07:54:48 | 000,029,184 |——| C] (Microsoft Corporation)—C:\Windows\SysNative\sspisrv.dll
[2012-02-01 07:54:48 | 000,028,160 |——| C] (Microsoft Corporation)—C:\Windows\SysNative\secur32.dll
[2012-01-26 21:09:14 | 000,000,000 |—-D | C]—C:\Windows\Minidump
[2012-01-26 21:06:45 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2012-01-25 08:33:00 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SE-DesktopConstructor
[2012-01-20 19:35:37 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012-01-20 19:35:29 | 000,000,000 |—-D | C]—C:\Program Files\iTunes
[2012-01-20 19:35:29 | 000,000,000 |—-D | C]—C:\Program Files\iPod
[2012-01-17 16:34:15 | 000,000,000 |—-D | C]—C:\Users\Jacob From\AppData\Roaming\webex
[2012-01-17 16:32:20 | 000,000,000 |—-D | C]—C:\ProgramData\WebEx
[2012-01-15 14:31:53 | 000,000,000 |—-D | C]—C:\Users\Jacob From\Documents\Budget_2012
[2012-01-15 13:45:23 | 000,000,000 |—-D | C]—C:\Users\Jacob From\AppData\Roaming\Google
[2012-01-15 13:45:03 | 000,000,000 |—-D | C]—C:\Program Files\Google
[2012-01-15 13:44:56 | 000,000,000 |—-D | C]—C:\ProgramData\Google
[2012-01-15 13:29:08 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 8
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-02-12 14:11:31 | 000,584,192 |——| M] (OldTimer Tools)—C:\Users\Jacob From\Desktop\OTL.exe
[2012-02-12 14:08:36 | 000,000,940 |——| M] ()—C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-02-12 14:08:30 | 000,067,584 |—S- | M] ()—C:\Windows\bootstat.dat
[2012-02-12 14:08:29 | 001,474,832 |——| M] ()—C:\Windows\SysNative\drivers\sfi.dat
[2012-02-12 12:06:17 | 000,026,112 |——| M] ()—C:\Users\Jacob From\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-02-12 11:20:44 | 000,020,512 | -H—| M] ()—C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-02-12 11:20:44 | 000,020,512 | -H—| M] ()—C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-02-12 11:18:27 | 001,273,032 |——| M] ()—C:\Windows\SysNative\PerfStringBackup.INI
[2012-02-12 11:18:27 | 000,618,714 |——| M] ()—C:\Windows\SysNative\perfh009.dat
[2012-02-12 11:18:27 | 000,473,120 |——| M] ()—C:\Windows\SysNative\perfh006.dat
[2012-02-12 11:18:27 | 000,107,034 |——| M] ()—C:\Windows\SysNative\perfc009.dat
[2012-02-12 11:18:27 | 000,080,728 |——| M] ()—C:\Windows\SysNative\perfc006.dat
[2012-02-12 11:13:35 | 000,000,936 |——| M] ()—C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-02-12 11:13:33 | 4281,683,966 | -HS- | M] ()—C:\hiberfil.sys
[2012-02-11 10:13:31 | 000,000,064 |——| M] ()—C:\Windows\SysWow64\rp_stats.dat
[2012-02-11 10:13:31 | 000,000,044 |——| M] ()—C:\Windows\SysWow64\rp_rules.dat
[2012-02-05 13:56:13 | 000,000,132 |——| M] ()—C:\Windows\wininit.ini
[2012-02-05 13:56:10 | 000,001,040 |——| M] ()—C:\Users\Jacob From\Desktop\Dropbox.lnk
[2012-02-05 13:56:10 | 000,001,020 |——| M] ()—C:\Users\Jacob From\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012-02-01 12:37:59 | 000,013,425 |——| M] ()—C:\Users\Jacob From\Desktop\Essilor_A_C.jpg
[2012-02-01 11:59:30 | 000,069,277 |——| M] ()—C:\Users\Jacob From\Desktop\https___mail.essilor.com_exchange_FROMJ_Sendt post_SV_ Warranty Card and folders.pdf
[2012-02-01 08:57:00 | 003,351,182 |——| M] ()—C:\Users\Jacob From\Desktop\Marketingplan 2012_DK_v1.pdf
[2012-01-26 21:07:19 | 000,020,054 |——| M] ()—C:\Windows\Q-Dir.ini
[2012-01-16 19:29:20 | 000,002,025 |——| M] ()—C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012-01-15 13:29:08 | 000,002,031 |——| M] ()—C:\Users\Public\Desktop\Google SketchUp 8.lnk
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-02-05 13:56:13 | 000,000,132 |——| C] ()—C:\Windows\wininit.ini
[2012-02-01 12:37:59 | 000,013,425 |——| C] ()—C:\Users\Jacob From\Desktop\Essilor_A_C.jpg
[2012-02-01 11:59:29 | 000,069,277 |——| C] ()—C:\Users\Jacob From\Desktop\https___mail.essilor.com_exchange_FROMJ_Sendt post_SV_ Warranty Card and folders.pdf
[2012-02-01 08:57:00 | 003,351,182 |——| C] ()—C:\Users\Jacob From\Desktop\Marketingplan 2012_DK_v1.pdf
[2012-01-15 13:45:01 | 000,000,940 |——| C] ()—C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-01-15 13:45:01 | 000,000,936 |——| C] ()—C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-01-15 13:29:08 | 000,002,031 |——| C] ()—C:\Users\Public\Desktop\Google SketchUp 8.lnk
[2011-12-14 22:05:09 | 001,289,942 |——| C] ()—C:\Windows\SysWow64\PerfStringBackup.INI
[2011-12-09 19:16:34 | 000,000,064 |——| C] ()—C:\Windows\SysWow64\rp_stats.dat
[2011-12-09 19:16:34 | 000,000,044 |——| C] ()—C:\Windows\SysWow64\rp_rules.dat
[2011-11-03 11:58:12 | 000,761,856 |——| C] ()—C:\Windows\SysWow64\xvidcore.dll
[2011-11-03 11:58:12 | 000,159,744 |——| C] ()—C:\Windows\SysWow64\xvidvfw.dll
[2011-11-03 11:58:12 | 000,074,752 |——| C] ()—C:\Windows\SysWow64\ff_vfw.dll
[2011-10-19 21:25:26 | 000,162,440 |——| C] ()—C:\Windows\SysWow64\AirfoilInject3.dll
[2011-10-14 23:54:52 | 000,321,856 |——| C] ()—C:\Windows\SysWow64\nvStreaming.exe
[2011-08-31 18:55:38 | 000,008,192 |——| C] ()—C:\Windows\SysWow64\srvany.exe
[2011-08-25 18:21:11 | 000,020,054 |——| C] ()—C:\Windows\Q-Dir.ini
[2011-08-23 20:51:54 | 000,026,112 |——| C] ()—C:\Users\Jacob From\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-08-10 17:59:31 | 000,216,675 |——| C] ()—C:\Windows\hpoins43.dat
[2011-08-10 17:59:31 | 000,000,601 |——| C] ()—C:\Windows\hpomdl43.dat
[2011-08-08 09:33:42 | 000,175,616 |——| C] ()—C:\Windows\SysWow64\unrar.dll
[2011-08-06 13:36:10 | 000,020,992 |——| C] ()—C:\Windows\jestertb.dll
[2011-08-04 09:59:33 | 000,008,192 |——| C] ()—C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011-02-10 05:03:48 | 000,000,326 |——| C] ()—C:\Windows\primopdf.ini
[2009-07-14 06:38:36 | 000,067,584 |—S- | C] ()—C:\Windows\bootstat.dat
[2009-07-14 03:35:51 | 000,000,741 |——| C] ()—C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 03:34:42 | 000,215,943 |——| C] ()—C:\Windows\SysWow64\dssec.dat
[2009-07-14 01:10:29 | 000,043,131 |——| C] ()—C:\Windows\mib.bin
[2009-07-14 00:42:10 | 000,064,000 |——| C] ()—C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 22:03:59 | 000,364,544 |——| C] ()—C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 22:26:10 | 000,673,088 |——| C] ()—C:\Windows\SysWow64\mlang.dat

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2012-02-12 11:13:33 | 000,030,295 |——| M] ()—C:\aaw7boot.log
[2010-11-21 04:23:51 | 000,383,786 | RHS- | M] ()—C:\bootmgr
[2011-05-30 13:55:55 | 000,008,192 | RHS- | M] ()—C:\BOOTSECT.BAK
[2012-02-12 11:13:33 | 4281,683,966 | -HS- | M] ()—C:\hiberfil.sys
[2012-02-12 11:13:34 | 4277,256,189 | -HS- | M] ()—C:\pagefile.sys
[2011-11-04 10:55:42 | 000,000,055 |——| M] ()—C:\winamp.ini
[1 C:\*.tmp files -> C:\*.tmp -> ]

<  %HOMEPATH%\..\*. >
[2011-10-20 19:41:54 | 000,000,000 |—-D | M]—\Users\Jacob From\..\Administrator
[2009-07-14 06:08:56 | 000,000,000 | -HSD | M]—\Users\Jacob From\..\All Users
[2009-07-14 08:07:31 | 000,000,000 | RH-D | M]—\Users\Jacob From\..\Default
[2009-07-14 06:08:56 | 000,000,000 | -HSD | M]—\Users\Jacob From\..\Default User
[2011-10-20 19:41:54 | 000,000,000 |—-D | M]—\Users\Jacob From\..\Gæst
[2011-10-20 19:41:54 | 000,000,000 |—-D | M]—\Users\Jacob From\..\HomeGroupUser$
[2012-01-28 11:51:46 | 000,000,000 |—-D | M]—\Users\Jacob From\..\Jacob From
[2011-08-17 07:16:51 | 000,000,000 | R—D | M]—\Users\Jacob From\..\Public
[2012-02-06 04:05:40 | 000,000,000 |—-D | M]—\Users\Jacob From\..\UpdatusUser

<  %USERPROFILE%\..|smtmp;true;true;true /FP >

<  %programfiles%\*. >
[2011-12-15 21:36:20 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Adobe
[2011-08-06 01:40:30 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Apple Software Update
[2011-08-12 01:14:24 | 000,000,000 |—-D | M]—C:\Program Files (x86)\AviSynth 2.5
[2011-12-15 21:36:13 | 000,000,000 |—-D | M]—C:\Program Files (x86)\AVS4YOU
[2011-10-15 09:53:39 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Bonjour
[2011-08-25 20:24:57 | 000,000,000 |—-D | M]—C:\Program Files (x86)\CieoNetUtilities_0eEI
[2011-11-09 17:51:35 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Common Files
[2011-11-09 17:51:46 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Cyberlink
[2012-02-11 11:41:21 | 000,000,000 |—-D | M]—C:\Program Files (x86)\ESET
[2011-12-05 15:21:35 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Evernote
[2011-08-12 01:14:24 | 000,000,000 |—-D | M]—C:\Program Files (x86)\ffdshow
[2011-09-25 09:28:59 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Garmin
[2012-01-15 13:45:03 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Google
[2011-08-06 01:39:13 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Handbrake
[2011-08-10 18:01:54 | 000,000,000 |—-D | M]—C:\Program Files (x86)\HP
[2011-11-09 17:51:35 | 000,000,000 | -H-D | M]—C:\Program Files (x86)\InstallShield Installation Information
[2011-08-04 09:59:32 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Intel
[2011-12-15 17:01:49 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Internet Explorer
[2011-10-24 09:07:25 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Java
[2011-11-03 11:56:19 | 000,000,000 |—-D | M]—C:\Program Files (x86)\K-Lite Codec Pack
[2011-12-05 21:16:12 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Lavasoft
[2011-10-31 17:37:11 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Logitech
[2011-05-30 13:02:37 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Microsoft
[2011-08-06 15:15:42 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Microsoft Analysis Services
[2011-08-06 15:16:59 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Microsoft Office
[2011-10-14 10:44:52 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Microsoft Silverlight
[2011-08-06 15:16:57 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011-08-06 15:16:57 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Microsoft Sync Framework
[2011-08-06 15:17:17 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Microsoft Synchronization Services
[2011-08-06 15:16:04 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Microsoft Visual Studio 8
[2011-08-06 15:16:57 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Microsoft.NET
[2011-08-06 15:17:39 | 000,000,000 |—-D | M]—C:\Program Files (x86)\MSBuild
[2011-08-11 02:00:41 | 000,000,000 |—-D | M]—C:\Program Files (x86)\MSXML 4.0
[2011-08-11 23:02:31 | 000,000,000 |—-D | M]—C:\Program Files (x86)\My Company Name
[2011-08-22 15:52:17 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Nitro PDF
[2011-10-25 13:26:42 | 000,000,000 |—-D | M]—C:\Program Files (x86)\NVIDIA Corporation
[2011-11-22 10:32:20 | 000,000,000 |—-D | M]—C:\Program Files (x86)\QuickTime
[2009-07-14 06:32:38 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Reference Assemblies
[2011-12-11 10:08:18 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Samsung
[2011-08-07 13:28:21 | 000,000,000 |—-D | M]—C:\Program Files (x86)\SmartSound Software
[2011-08-31 21:17:09 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Turning Technologies
[2009-07-14 05:57:06 | 000,000,000 | -H-D | M]—C:\Program Files (x86)\Uninstall Information
[2011-08-06 13:36:24 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Western Digital
[2011-08-07 11:11:19 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Windows Defender
[2011-08-11 18:04:15 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Windows Live
[2011-08-07 11:11:20 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Windows Mail
[2011-08-07 13:27:03 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Windows Media Components
[2011-08-07 11:11:20 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Windows Media Player
[2009-07-14 06:32:38 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Windows NT
[2011-08-07 11:11:20 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Windows Photo Viewer
[2010-11-21 04:31:38 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Windows Portable Devices
[2011-08-07 11:11:20 | 000,000,000 |—-D | M]—C:\Program Files (x86)\Windows Sidebar

< End of report >
___________________________________
Indhold af Extras

OTL Extras logfile created on: 12-02-2012 14:13:37 - Run 1
OTL by OldTimer - Version 3.2.31.0   Folder = C:\Users\Jacob From\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

15,98 Gb Total Physical Memory | 14,07 Gb Available Physical Memory | 88,06% Memory free
31,97 Gb Paging File | 28,79 Gb Available in Paging File | 90,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,30 Gb Total Space | 27,48 Gb Free Space | 24,69% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 850,19 Gb Free Space | 91,27% Space Free | Partition Type: NTFS
Drive E: | 1853,01 Gb Total Space | 1347,07 Gb Free Space | 72,70% Space Free | Partition Type: NTFS
Drive F: | 647,28 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1397,27 Gb Total Space | 503,85 Gb Free Space | 36,06% Space Free | Partition Type: NTFS

Computer Name: JF-NY_PC | User Name: Jacob From | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut]—C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile]—C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open]—“%1” %*
cmdfile [open]—“%1” %*
comfile [open]—“%1” %*
exefile [open]—“%1” %*
helpfile [open]—Reg Error: Key error.
inffile [install]—%SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation)
InternetShortcut [open]—“C:\Windows\System32\rundll32.exe” “C:\Windows\System32\ieframe.dll”,OpenURL %l (Microsoft Corporation)
InternetShortcut [print]—“C:\Windows\System32\rundll32.exe” “C:\Windows\System32\mshtml.dll”,PrintHTML “%1” (Microsoft Corporation)
piffile [open]—“%1” %*
regfile [merge]—Reg Error: Key error.
scrfile [config]—“%1”
scrfile [install]—rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open]—“%1” /S
txtfile [edit]—Reg Error: Key error.
Unknown [openas]—%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage]—“D:\Program_Files\ACDSee\ACDSee\12.0\ACDSeeQV12.exe” “%1” (ACD Systems International Inc.)
Directory [AddToPlaylistVLC]—“D:\Program_Files\VLC\vlc.exe”—started-from-file—playlist-enqueue “%1” ()
Directory [cmd]—cmd.exe /s /k pushd “%V” (Microsoft Corporation)
Directory [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC]—“D:\Program_Files\VLC\vlc.exe”—started-from-file—no-playlist-enqueue “%1” ()
Directory [Winamp.Bookmark]—“D:\Program_Files\Winamp\winamp.exe” /BOOKMARK “%1” (Nullsoft, Inc.)
Directory [Winamp.Enqueue]—“D:\Program_Files\Winamp\winamp.exe” /ADD “%1” (Nullsoft, Inc.)
Directory [Winamp.Play]—“D:\Program_Files\Winamp\winamp.exe” “%1” (Nullsoft, Inc.)
Folder [open]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore]—Reg Error: Value error.
Drive [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open]—“%1” %*
cmdfile [open]—“%1” %*
comfile [open]—“%1” %*
cplfile [cplopen]—%SystemRoot%\System32\control.exe “%1”,%* (Microsoft Corporation)
exefile [open]—“%1” %*
helpfile [open]—Reg Error: Key error.
inffile [install]—%SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation)
piffile [open]—“%1” %*
regfile [merge]—Reg Error: Key error.
scrfile [config]—“%1”
scrfile [install]—rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open]—“%1” /S
txtfile [edit]—Reg Error: Key error.
Unknown [openas]—%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage]—“D:\Program_Files\ACDSee\ACDSee\12.0\ACDSeeQV12.exe” “%1” (ACD Systems International Inc.)
Directory [AddToPlaylistVLC]—“D:\Program_Files\VLC\vlc.exe”—started-from-file—playlist-enqueue “%1” ()
Directory [cmd]—cmd.exe /s /k pushd “%V” (Microsoft Corporation)
Directory [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC]—“D:\Program_Files\VLC\vlc.exe”—started-from-file—no-playlist-enqueue “%1” ()
Directory [Winamp.Bookmark]—“D:\Program_Files\Winamp\winamp.exe” /BOOKMARK “%1” (Nullsoft, Inc.)
Directory [Winamp.Enqueue]—“D:\Program_Files\Winamp\winamp.exe” /ADD “%1” (Nullsoft, Inc.)
Directory [Winamp.Play]—“D:\Program_Files\Winamp\winamp.exe” “%1” (Nullsoft, Inc.)
Folder [open]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore]—Reg Error: Value error.
Drive [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
“cval” = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
“VistaSp1” = 28 4D B2 76 41 04 CA 01 [binary data]
“AntiVirusOverride” = 0
“AntiSpywareOverride” = 0
“FirewallOverride” = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
“EnableFirewall” = 0
“DisableNotifications” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
“EnableFirewall” = 0
“DisableNotifications” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
“EnableFirewall” = 0
“DisableNotifications” = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
“C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe” = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7—()
“C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe” = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7—()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
“C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe” = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7—()
“C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe” = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7—()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“{056B9C5B-2E8D-4EBC-941C-06C78A30ABB3}” = Microsoft_VC80_ATL_x86_x64
“{138D2BE4-7981-4F34-BA23-81B6B99D0DE6}” = Microsoft_VC80_MFCLOC_x86_x64
“{180C8888-50F1-426B-A9DC-AB83A1989C65}” = Windows Live Language Selector
“{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}” = Windows Live ID Sign-in Assistant
“{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}” = Windows Live Family Safety
“{23170F69-40C1-2702-0920-000001000000}” = 7-Zip 9.20 (x64 edition)
“{26A24AE4-039D-4CA4-87B4-2F86416027FF}” = Java(TM) 6 Update 27 (64-bit)
“{3D46855F-7B71-4CF7-A270-62E0E4F05037}” = Microsoft_VC80_CRT_x86_x64
“{47A70BC0-BB3E-468B-9E01-56CCD6F2A911}” = Microsoft_VC80_MFC_x86_x64
“{48C0866E-57EB-444C-8371-8E4321066BC3}” = Network64
“{5E11C972-1E76-45FE-8F92-14E0D1140B1B}” = iTunes
“{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}” = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
“{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}” = Windows Live Remote Service Resources
“{68550918-63B5-4762-85CB-3C160AA4B213}” = HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6
“{699204D1-231D-45FB-98AE-8BC89A32B04F}” = Windows Live Family Safety
“{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}” = Network64
“{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}” = MobileMe Control Panel
“{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}” = Bonjour
“{75104836-CAC7-444E-A39E-3F54151942F5}” = Apple Mobile Device Support
“{7E265513-8CDA-4631-B696-F40D983F3B07}_is1” = CDBurnerXP
“{8220EEFE-38CD-377E-8595-13398D740ACE}” = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
“{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}” = Windows Live Remote Client Resources
“{850B8072-2EA7-4EDC-B930-7FE569495E76}” = Windows Live Remote Client Resources
“{8557397C-A42D-486F-97B3-A2CBC2372593}” = Microsoft_VC90_ATL_x86_x64
“{8BB347A7-68B5-4E46-9FCC-17F6172BA9E1}” = Share64
“{90140000-002A-0000-1000-0000000FF1CE}” = Microsoft Office Office 64-bit Components 2010
“{90140000-002A-0406-1000-0000000FF1CE}” = Microsoft Office Shared 64-bit MUI (Danish) 2010
“{90140000-002A-0409-1000-0000000FF1CE}” = Microsoft Office Shared 64-bit MUI (English) 2010
“{90140000-0116-0409-1000-0000000FF1CE}” = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
“{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}” = Microsoft_VC90_CRT_x86_x64
“{95120000-00B9-0409-1000-0000000FF1CE}” = Microsoft Application Error Reporting
“{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}” = Microsoft_VC90_MFC_x86_x64
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision” = NVIDIA 3D Vision-driver 285.62
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel” = NVIDIA Kontrolpanel 285.62
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver” = NVIDIA Grafikdriver 285.62
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB” = NVIDIA 3D Vision Controllerdriver 285.62
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX” = NVIDIA PhysX-systemsoftware 9.11.0621
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update” = NVIDIA Opdateringer 1.5.20
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver” = NVIDIA HD-lyddriver 1.2.24.0
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer” = NVIDIA Install Application
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update” = NVIDIA Update Components
“{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}” = SUPERAntiSpyware
“{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}” = Windows Live Family Safety
“{D1829BE5-F305-4576-9593-C66FC7E0B008}” = iCloud
“{D8CC254C-C671-4664-9A38-FA368D1E2C97}” = SES Driver
“{DA54F80E-261C-41A2-A855-549A144F2F59}” = Windows Live MIME IFilter
“{DF6D988A-EEA0-4277-AAB8-158E086E439B}” = Windows Live Remote Client
“{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}” = Windows Live Remote Service
“{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}” = Microsoft .NET Framework 4 Client Profile
“{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}” = Windows Live Remote Service Resources
“{FD8E178D-8B4E-42DA-B434-EFF270329B1C}” = COMODO Internet Security
“{FF21C3E6-97FD-474F-9518-8DCBE94C2854}” = 64 Bit HP CIO Components Installer
“49CF605F02C7954F4E139D18828DE298CD59217C” = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
“4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20” = Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0)
“Adobe Flash Player ActiveX” = Adobe Flash Player 11 ActiveX 64-bit
“Adobe Flash Player Plugin” = Adobe Flash Player 11 Plugin 64-bit
“CCleaner” = CCleaner
“HP Imaging Device Functions” = HP Imaging Device Functions 14.0
“HP Smart Web Printing” = HP Smart Web Printing 4.60
“HP Solution Center & Imaging Support Tools” = HP Solution Center 14.0
“HPExtendedCapabilities” = HP Customer Participation Program 14.0
“KLiteCodecPack64_is1” = K-Lite Codec Pack 5.1.0 (64-bit)
“Microsoft .NET Framework 4 Client Profile” = Microsoft .NET Framework 4 Client Profile
“Q-Dir” = Q-Dir
“Shop for HP Supplies” = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“_{AA902C31-B49D-4608-BCCF-2519EB77722D}” = Corel VideoStudio Pro X4
“{00884F14-05BD-4D8E-90E5-1ABF78948CA4}” = Windows Live Mesh
“{024521CF-C07E-4F8E-8481-0D75695E03AF}” = PxMergeModule
“{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}” = Microsoft_VC90_ATL_x86
“{048DB60B-5AD7-40D3-ACDA-6E8B233829FA}” = Logitech Harmony Remote Software 7
“{06A1D88C-E102-4527-AF70-29FFD7AF215A}” = Scan
“{08D2E121-7F6A-43EB-97FD-629B44903403}” = Microsoft_VC90_CRT_x86
“{0B0F231F-CE6A-483D-AA23-77B364F75917}” = Windows Live Installer
“{10186F1A-6A14-43DF-A404-F0105D09BB07}” = Windows Live Mail
“{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}” = DeviceDiscovery
“{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}” = HPProductAssistant
“{18455581-E099-4BA8-BC6B-F34B2F06600C}” = Google Toolbar for Internet Explorer
“{19BA08F7-C728-469C-8A35-BFBD3633BE08}” = Windows Live Movie Maker
“{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}” = Bing Bar
“{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}” = Junk Mail filter update
“{200FEC62-3C34-4D60-9CE8-EC372E01C08F}” = Windows Live SOXE Definitions
“{2318C2B1-4965-11d4-9B18-009027A5CD4F}” = Google Toolbar for Internet Explorer
“{26A24AE4-039D-4CA4-87B4-2F83216026FF}” = Java(TM) 6 Update 29
“{2902F983-B4C1-44BA-B85D-5C6D52E2C441}” = Windows Live Mesh ActiveX Control for Remote Connections
“{292F0F52-B62D-4E71-921B-89A682402201}” = Toolbox
“{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}” = Windows Live Messenger
“{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}” = SmartSound Quicktracks 5
“{2FB9EA69-51D4-4913-9AD5-762C034DE811}” = Status
“{324F388E-4F28-42D6-ADD1-9AB27D249523}” = WD Discovery Software
“{3336F667-9049-4D46-98B6-4C743EEBC5B1}” = Windows Live Photo Gallery
“{343666E2-A059-48AC-AD67-230BF74E2DB2}” = Apple Application Support
“{34F4D9A4-42C2-4348-BEF4-E553C84549E7}” = Windows Live Photo Gallery
“{3990E632-42C3-4A25-ADFF-1101E3D6DD47}” = VSClassic
“{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}” = Intel(R) Rapid Storage Technology
“{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}” = Windows Live Photo Gallery
“{47BBA5AA-CA6F-4A41-858D-A7A776F29A8B}” = Google SketchUp 8
“{491A580E-C3A0-4CA5-BD27-738CDDD123E6}_is1” = SE-DesktopConstructor 1.3.1.20
“{4A03706F-666A-4037-7777-5F2748764D10}” = Java Auto Updater
“{4B744C85-DBB1-4038-B989-4721EB22C582}” = Windows Live Messenger
“{510D2239-6C2E-457B-9590-485EC552D94D}” = Garmin USB Drivers
“{537DB9D6-1AB1-4CE9-8DE7-312256B49A98}” = PS_AIO_06_C4700_SW_Min
“{57220148-3B2B-412A-A2E0-82B9DF423696}” = Windows Live Mesh ActiveX-objekt til fjernforbindelser
“{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}” = Windows Live UX Platform Language Pack
“{5C6F884D-680C-448B-B4C9-22296EE1B206}” = Logitech Harmony Remote Software 7
“{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}” = SolutionCenter
“{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}” = Microsoft_VC90_MFC_x86
“{65153EA5-8B6E-43B6-857B-C6E4FC25798A}” = Intel(R) Management Engine Components
“{682B3E4F-696A-42DE-A41C-4C07EA1678B4}” = Windows Live SOXE
“{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}” = Microsoft Visual C++ 2005 Redistributable
“{7299052b-02a4-4627-81f2-1818da5d550d}” = Microsoft Visual C++ 2005 Redistributable
“{74DC0593-6BC6-4001-AD5F-D810AFB68D86}” = HP Update
“{770657D0-A123-3C07-8E44-1C83EC895118}” = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
“{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}” = Apple Software Update
“{7BE15435-2D3E-4B58-867F-9C75BED0208C}” = QuickTime
“{7BFD42CA-460A-11E1-AE58-984BE15F174E}” = Evernote v. 4.5.3
“{7C056FA6-E362-467B-8160-062E9474FEE5}” = SlimDX Redistributable for .NET 2.0 (March 2011)
“{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}” = NVIDIA PhysX
“{7FF0ACFE-4346-4D9D-B822-C69B99AAE1FC}” = Microsoft_VC80_MFCLOC_x86
“{827D3E4A-0186-48B7-9801-7D1E9DD40C07}” = Windows Live Essentials
“{83C292B7-38A5-440B-A731-07070E81A64F}” = Windows Live PIMT Platform
“{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}” = HPDiagnosticAlert
“{8471021C-F529-43DE-84DF-3612E10F58C4}” = Remote Control USB Driver
“{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}” = Microsoft Silverlight
“{8AE28FB8-B8AE-4B58-A5FE-77F45E462BAE}” = Microsoft_VC80_MFC_x86
“{8C6D6116-B724-4810-8F2D-D047E6B7D68E}” = Mesh Runtime
“{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}” = MSVCRT
“{8EE94FD8-5F52-4463-A340-185D16328158}” = WebReg
“{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}” = SmartWebPrinting
“{90140000-0011-0000-0000-0000000FF1CE}” = Microsoft Office Professional Plus 2010
“{90140000-0015-0406-0000-0000000FF1CE}” = Microsoft Office Access MUI (Danish) 2010
“{90140000-0015-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-0015-0409-0000-0000000FF1CE}” = Microsoft Office Access MUI (English) 2010
“{90140000-0016-0406-0000-0000000FF1CE}” = Microsoft Office Excel MUI (Danish) 2010
“{90140000-0016-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-0016-0409-0000-0000000FF1CE}” = Microsoft Office Excel MUI (English) 2010
“{90140000-0017-0406-0000-0000000FF1CE}” = Microsoft Office SharePoint Designer MUI (Danish) 2010
“{90140000-0017-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{7ED77DEC-F3CD-44D5-8B8A-508741757B1E}” = Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)
“{90140000-0018-0406-0000-0000000FF1CE}” = Microsoft Office PowerPoint MUI (Danish) 2010
“{90140000-0018-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-0018-0409-0000-0000000FF1CE}” = Microsoft Office PowerPoint MUI (English) 2010
“{90140000-0019-0406-0000-0000000FF1CE}” = Microsoft Office Publisher MUI (Danish) 2010
“{90140000-0019-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-0019-0409-0000-0000000FF1CE}” = Microsoft Office Publisher MUI (English) 2010
“{90140000-001A-0406-0000-0000000FF1CE}” = Microsoft Office Outlook MUI (Danish) 2010
“{90140000-001A-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-001A-0409-0000-0000000FF1CE}” = Microsoft Office Outlook MUI (English) 2010
“{90140000-001B-0406-0000-0000000FF1CE}” = Microsoft Office Word MUI (Danish) 2010
“{90140000-001B-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-001B-0409-0000-0000000FF1CE}” = Microsoft Office Word MUI (English) 2010
“{90140000-001F-0406-0000-0000000FF1CE}” = Microsoft Office Proof (Danish) 2010
“{90140000-001F-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{59BCA417-5095-450B-931A-AE6194728386}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-001F-0407-0000-0000000FF1CE}” = Microsoft Office Proof (German) 2010
“{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.da-dk_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-001F-0409-0000-0000000FF1CE}” = Microsoft Office Proof (English) 2010
“{90140000-001F-040C-0000-0000000FF1CE}” = Microsoft Office Proof (French) 2010
“{90140000-001F-041D-0000-0000000FF1CE}” = Microsoft Office Proof (Swedish) 2010
“{90140000-001F-041D-0000-0000000FF1CE}_Office14.OMUI.da-dk_{D00E944F-5ECB-42FF-B58E-8FDCF2219DE8}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-001F-0C0A-0000-0000000FF1CE}” = Microsoft Office Proof (Spanish) 2010
“{90140000-002A-0406-1000-0000000FF1CE}_Office14.OMUI.da-dk_{2AE96E9C-E4F4-4D18-8A54-C4FABBEA0CDD}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-002C-0406-0000-0000000FF1CE}” = Microsoft Office Proofing (Danish) 2010
“{90140000-002C-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{EC231F64-29AF-4FBD-85B8-EAFFFAE8B7A5}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-002C-0409-0000-0000000FF1CE}” = Microsoft Office Proofing (English) 2010
“{90140000-0044-0406-0000-0000000FF1CE}” = Microsoft Office InfoPath MUI (Danish) 2010
“{90140000-0044-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-0044-0409-0000-0000000FF1CE}” = Microsoft Office InfoPath MUI (English) 2010
“{90140000-006E-0406-0000-0000000FF1CE}” = Microsoft Office Shared MUI (Danish) 2010
“{90140000-006E-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{63CDEDB9-50F5-4C35-9219-72C4F31A61FE}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-006E-0409-0000-0000000FF1CE}” = Microsoft Office Shared MUI (English) 2010
“{90140000-00A1-0406-0000-0000000FF1CE}” = Microsoft Office OneNote MUI (Danish) 2010
“{90140000-00A1-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-00A1-0409-0000-0000000FF1CE}” = Microsoft Office OneNote MUI (English) 2010
“{90140000-00BA-0406-0000-0000000FF1CE}” = Microsoft Office Groove MUI (Danish) 2010
“{90140000-00BA-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-00BA-0409-0000-0000000FF1CE}” = Microsoft Office Groove MUI (English) 2010
“{90140000-0100-0406-0000-0000000FF1CE}” = Microsoft Office O MUI (Danish) 2010
“{90140000-0100-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{3C9024A8-26A9-4769-B3EE-C1489421B8E5}” = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
“{90140000-0101-0406-0000-0000000FF1CE}” = Microsoft Office X MUI (Danish) 2010
“{90140000-0101-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{1ED268C2-9EA5-462D-A303-1EB550953ACB}” = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
“{90140000-0115-0409-0000-0000000FF1CE}” = Microsoft Office Shared Setup Metadata MUI (English) 2010
“{90140000-0117-0409-0000-0000000FF1CE}” = Microsoft Office Access Setup Metadata MUI (English) 2010
“{92EA4134-10D1-418A-91E1-5A0453131A38}” = Windows Live Movie Maker
“{932D0FC7-6DF1-4

Administrator
Antal indlæg: 8590
BjarneIb - 12.02.2012 15:21:35

De kunne begge være der.

Det kunne de nu ikke, for Extras.txt er ikke komplet. Vil du godt kopiere den herind igen.

Hent og gem CKScanner på dit skrivebord.
Det skal være på dit skrivebord.
Start CKScanner og klik på “Search for files”.
Når markøren forsvinder, skal du gemme resultatet til en fil.
Kopier CKFiles.txt herind i dit næste indlæg.

Signatur

Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

Antal indlæg: 12

Beklager downer

Her kommer Extras i fuld længde.

_______________________________________

OTL Extras logfile created on: 12-02-2012 14:13:37 - Run 1
OTL by OldTimer - Version 3.2.31.0   Folder = C:\Users\Jacob From\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

15,98 Gb Total Physical Memory | 14,07 Gb Available Physical Memory | 88,06% Memory free
31,97 Gb Paging File | 28,79 Gb Available in Paging File | 90,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,30 Gb Total Space | 27,48 Gb Free Space | 24,69% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 850,19 Gb Free Space | 91,27% Space Free | Partition Type: NTFS
Drive E: | 1853,01 Gb Total Space | 1347,07 Gb Free Space | 72,70% Space Free | Partition Type: NTFS
Drive F: | 647,28 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1397,27 Gb Total Space | 503,85 Gb Free Space | 36,06% Space Free | Partition Type: NTFS

Computer Name: JF-NY_PC | User Name: Jacob From | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut]—C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile]—C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open]—“%1” %*
cmdfile [open]—“%1” %*
comfile [open]—“%1” %*
exefile [open]—“%1” %*
helpfile [open]—Reg Error: Key error.
inffile [install]—%SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation)
InternetShortcut [open]—“C:\Windows\System32\rundll32.exe” “C:\Windows\System32\ieframe.dll”,OpenURL %l (Microsoft Corporation)
InternetShortcut [print]—“C:\Windows\System32\rundll32.exe” “C:\Windows\System32\mshtml.dll”,PrintHTML “%1” (Microsoft Corporation)
piffile [open]—“%1” %*
regfile [merge]—Reg Error: Key error.
scrfile [config]—“%1”
scrfile [install]—rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open]—“%1” /S
txtfile [edit]—Reg Error: Key error.
Unknown [openas]—%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage]—“D:\Program_Files\ACDSee\ACDSee\12.0\ACDSeeQV12.exe” “%1” (ACD Systems International Inc.)
Directory [AddToPlaylistVLC]—“D:\Program_Files\VLC\vlc.exe”—started-from-file—playlist-enqueue “%1” ()
Directory [cmd]—cmd.exe /s /k pushd “%V” (Microsoft Corporation)
Directory [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC]—“D:\Program_Files\VLC\vlc.exe”—started-from-file—no-playlist-enqueue “%1” ()
Directory [Winamp.Bookmark]—“D:\Program_Files\Winamp\winamp.exe” /BOOKMARK “%1” (Nullsoft, Inc.)
Directory [Winamp.Enqueue]—“D:\Program_Files\Winamp\winamp.exe” /ADD “%1” (Nullsoft, Inc.)
Directory [Winamp.Play]—“D:\Program_Files\Winamp\winamp.exe” “%1” (Nullsoft, Inc.)
Folder [open]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore]—Reg Error: Value error.
Drive [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open]—“%1” %*
cmdfile [open]—“%1” %*
comfile [open]—“%1” %*
cplfile [cplopen]—%SystemRoot%\System32\control.exe “%1”,%* (Microsoft Corporation)
exefile [open]—“%1” %*
helpfile [open]—Reg Error: Key error.
inffile [install]—%SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation)
piffile [open]—“%1” %*
regfile [merge]—Reg Error: Key error.
scrfile [config]—“%1”
scrfile [install]—rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open]—“%1” /S
txtfile [edit]—Reg Error: Key error.
Unknown [openas]—%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage]—“D:\Program_Files\ACDSee\ACDSee\12.0\ACDSeeQV12.exe” “%1” (ACD Systems International Inc.)
Directory [AddToPlaylistVLC]—“D:\Program_Files\VLC\vlc.exe”—started-from-file—playlist-enqueue “%1” ()
Directory [cmd]—cmd.exe /s /k pushd “%V” (Microsoft Corporation)
Directory [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC]—“D:\Program_Files\VLC\vlc.exe”—started-from-file—no-playlist-enqueue “%1” ()
Directory [Winamp.Bookmark]—“D:\Program_Files\Winamp\winamp.exe” /BOOKMARK “%1” (Nullsoft, Inc.)
Directory [Winamp.Enqueue]—“D:\Program_Files\Winamp\winamp.exe” /ADD “%1” (Nullsoft, Inc.)
Directory [Winamp.Play]—“D:\Program_Files\Winamp\winamp.exe” “%1” (Nullsoft, Inc.)
Folder [open]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore]—Reg Error: Value error.
Drive [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
“cval” = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
“VistaSp1” = 28 4D B2 76 41 04 CA 01 [binary data]
“AntiVirusOverride” = 0
“AntiSpywareOverride” = 0
“FirewallOverride” = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
“EnableFirewall” = 0
“DisableNotifications” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
“EnableFirewall” = 0
“DisableNotifications” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
“EnableFirewall” = 0
“DisableNotifications” = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
“C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe” = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7—()
“C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe” = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7—()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
“C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe” = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7—()
“C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe” = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7—()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“{056B9C5B-2E8D-4EBC-941C-06C78A30ABB3}” = Microsoft_VC80_ATL_x86_x64
“{138D2BE4-7981-4F34-BA23-81B6B99D0DE6}” = Microsoft_VC80_MFCLOC_x86_x64
“{180C8888-50F1-426B-A9DC-AB83A1989C65}” = Windows Live Language Selector
“{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}” = Windows Live ID Sign-in Assistant
“{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}” = Windows Live Family Safety
“{23170F69-40C1-2702-0920-000001000000}” = 7-Zip 9.20 (x64 edition)
“{26A24AE4-039D-4CA4-87B4-2F86416027FF}” = Java(TM) 6 Update 27 (64-bit)
“{3D46855F-7B71-4CF7-A270-62E0E4F05037}” = Microsoft_VC80_CRT_x86_x64
“{47A70BC0-BB3E-468B-9E01-56CCD6F2A911}” = Microsoft_VC80_MFC_x86_x64
“{48C0866E-57EB-444C-8371-8E4321066BC3}” = Network64
“{5E11C972-1E76-45FE-8F92-14E0D1140B1B}” = iTunes
“{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}” = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
“{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}” = Windows Live Remote Service Resources
“{68550918-63B5-4762-85CB-3C160AA4B213}” = HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6
“{699204D1-231D-45FB-98AE-8BC89A32B04F}” = Windows Live Family Safety
“{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}” = Network64
“{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}” = MobileMe Control Panel
“{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}” = Bonjour
“{75104836-CAC7-444E-A39E-3F54151942F5}” = Apple Mobile Device Support
“{7E265513-8CDA-4631-B696-F40D983F3B07}_is1” = CDBurnerXP
“{8220EEFE-38CD-377E-8595-13398D740ACE}” = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
“{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}” = Windows Live Remote Client Resources
“{850B8072-2EA7-4EDC-B930-7FE569495E76}” = Windows Live Remote Client Resources
“{8557397C-A42D-486F-97B3-A2CBC2372593}” = Microsoft_VC90_ATL_x86_x64
“{8BB347A7-68B5-4E46-9FCC-17F6172BA9E1}” = Share64
“{90140000-002A-0000-1000-0000000FF1CE}” = Microsoft Office Office 64-bit Components 2010
“{90140000-002A-0406-1000-0000000FF1CE}” = Microsoft Office Shared 64-bit MUI (Danish) 2010
“{90140000-002A-0409-1000-0000000FF1CE}” = Microsoft Office Shared 64-bit MUI (English) 2010
“{90140000-0116-0409-1000-0000000FF1CE}” = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
“{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}” = Microsoft_VC90_CRT_x86_x64
“{95120000-00B9-0409-1000-0000000FF1CE}” = Microsoft Application Error Reporting
“{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}” = Microsoft_VC90_MFC_x86_x64
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision” = NVIDIA 3D Vision-driver 285.62
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel” = NVIDIA Kontrolpanel 285.62
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver” = NVIDIA Grafikdriver 285.62
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB” = NVIDIA 3D Vision Controllerdriver 285.62
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX” = NVIDIA PhysX-systemsoftware 9.11.0621
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update” = NVIDIA Opdateringer 1.5.20
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver” = NVIDIA HD-lyddriver 1.2.24.0
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer” = NVIDIA Install Application
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update” = NVIDIA Update Components
“{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}” = SUPERAntiSpyware
“{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}” = Windows Live Family Safety
“{D1829BE5-F305-4576-9593-C66FC7E0B008}” = iCloud
“{D8CC254C-C671-4664-9A38-FA368D1E2C97}” = SES Driver
“{DA54F80E-261C-41A2-A855-549A144F2F59}” = Windows Live MIME IFilter
“{DF6D988A-EEA0-4277-AAB8-158E086E439B}” = Windows Live Remote Client
“{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}” = Windows Live Remote Service
“{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}” = Microsoft .NET Framework 4 Client Profile
“{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}” = Windows Live Remote Service Resources
“{FD8E178D-8B4E-42DA-B434-EFF270329B1C}” = COMODO Internet Security
“{FF21C3E6-97FD-474F-9518-8DCBE94C2854}” = 64 Bit HP CIO Components Installer
“49CF605F02C7954F4E139D18828DE298CD59217C” = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
“4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20” = Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0)
“Adobe Flash Player ActiveX” = Adobe Flash Player 11 ActiveX 64-bit
“Adobe Flash Player Plugin” = Adobe Flash Player 11 Plugin 64-bit
“CCleaner” = CCleaner
“HP Imaging Device Functions” = HP Imaging Device Functions 14.0
“HP Smart Web Printing” = HP Smart Web Printing 4.60
“HP Solution Center & Imaging Support Tools” = HP Solution Center 14.0
“HPExtendedCapabilities” = HP Customer Participation Program 14.0
“KLiteCodecPack64_is1” = K-Lite Codec Pack 5.1.0 (64-bit)
“Microsoft .NET Framework 4 Client Profile” = Microsoft .NET Framework 4 Client Profile
“Q-Dir” = Q-Dir
“Shop for HP Supplies” = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“_{AA902C31-B49D-4608-BCCF-2519EB77722D}” = Corel VideoStudio Pro X4
“{00884F14-05BD-4D8E-90E5-1ABF78948CA4}” = Windows Live Mesh
“{024521CF-C07E-4F8E-8481-0D75695E03AF}” = PxMergeModule
“{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}” = Microsoft_VC90_ATL_x86
“{048DB60B-5AD7-40D3-ACDA-6E8B233829FA}” = Logitech Harmony Remote Software 7
“{06A1D88C-E102-4527-AF70-29FFD7AF215A}” = Scan
“{08D2E121-7F6A-43EB-97FD-629B44903403}” = Microsoft_VC90_CRT_x86
“{0B0F231F-CE6A-483D-AA23-77B364F75917}” = Windows Live Installer
“{10186F1A-6A14-43DF-A404-F0105D09BB07}” = Windows Live Mail
“{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}” = DeviceDiscovery
“{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}” = HPProductAssistant
“{18455581-E099-4BA8-BC6B-F34B2F06600C}” = Google Toolbar for Internet Explorer
“{19BA08F7-C728-469C-8A35-BFBD3633BE08}” = Windows Live Movie Maker
“{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}” = Bing Bar
“{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}” = Junk Mail filter update
“{200FEC62-3C34-4D60-9CE8-EC372E01C08F}” = Windows Live SOXE Definitions
“{2318C2B1-4965-11d4-9B18-009027A5CD4F}” = Google Toolbar for Internet Explorer
“{26A24AE4-039D-4CA4-87B4-2F83216026FF}” = Java(TM) 6 Update 29
“{2902F983-B4C1-44BA-B85D-5C6D52E2C441}” = Windows Live Mesh ActiveX Control for Remote Connections
“{292F0F52-B62D-4E71-921B-89A682402201}” = Toolbox
“{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}” = Windows Live Messenger
“{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}” = SmartSound Quicktracks 5
“{2FB9EA69-51D4-4913-9AD5-762C034DE811}” = Status
“{324F388E-4F28-42D6-ADD1-9AB27D249523}” = WD Discovery Software
“{3336F667-9049-4D46-98B6-4C743EEBC5B1}” = Windows Live Photo Gallery
“{343666E2-A059-48AC-AD67-230BF74E2DB2}” = Apple Application Support
“{34F4D9A4-42C2-4348-BEF4-E553C84549E7}” = Windows Live Photo Gallery
“{3990E632-42C3-4A25-ADFF-1101E3D6DD47}” = VSClassic
“{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}” = Intel(R) Rapid Storage Technology
“{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}” = Windows Live Photo Gallery
“{47BBA5AA-CA6F-4A41-858D-A7A776F29A8B}” = Google SketchUp 8
“{491A580E-C3A0-4CA5-BD27-738CDDD123E6}_is1” = SE-DesktopConstructor 1.3.1.20
“{4A03706F-666A-4037-7777-5F2748764D10}” = Java Auto Updater
“{4B744C85-DBB1-4038-B989-4721EB22C582}” = Windows Live Messenger
“{510D2239-6C2E-457B-9590-485EC552D94D}” = Garmin USB Drivers
“{537DB9D6-1AB1-4CE9-8DE7-312256B49A98}” = PS_AIO_06_C4700_SW_Min
“{57220148-3B2B-412A-A2E0-82B9DF423696}” = Windows Live Mesh ActiveX-objekt til fjernforbindelser
“{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}” = Windows Live UX Platform Language Pack
“{5C6F884D-680C-448B-B4C9-22296EE1B206}” = Logitech Harmony Remote Software 7
“{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}” = SolutionCenter
“{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}” = Microsoft_VC90_MFC_x86
“{65153EA5-8B6E-43B6-857B-C6E4FC25798A}” = Intel(R) Management Engine Components
“{682B3E4F-696A-42DE-A41C-4C07EA1678B4}” = Windows Live SOXE
“{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}” = Microsoft Visual C++ 2005 Redistributable
“{7299052b-02a4-4627-81f2-1818da5d550d}” = Microsoft Visual C++ 2005 Redistributable
“{74DC0593-6BC6-4001-AD5F-D810AFB68D86}” = HP Update
“{770657D0-A123-3C07-8E44-1C83EC895118}” = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
“{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}” = Apple Software Update
“{7BE15435-2D3E-4B58-867F-9C75BED0208C}” = QuickTime
“{7BFD42CA-460A-11E1-AE58-984BE15F174E}” = Evernote v. 4.5.3
“{7C056FA6-E362-467B-8160-062E9474FEE5}” = SlimDX Redistributable for .NET 2.0 (March 2011)
“{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}” = NVIDIA PhysX
“{7FF0ACFE-4346-4D9D-B822-C69B99AAE1FC}” = Microsoft_VC80_MFCLOC_x86
“{827D3E4A-0186-48B7-9801-7D1E9DD40C07}” = Windows Live Essentials
“{83C292B7-38A5-440B-A731-07070E81A64F}” = Windows Live PIMT Platform
“{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}” = HPDiagnosticAlert
“{8471021C-F529-43DE-84DF-3612E10F58C4}” = Remote Control USB Driver
“{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}” = Microsoft Silverlight
“{8AE28FB8-B8AE-4B58-A5FE-77F45E462BAE}” = Microsoft_VC80_MFC_x86
“{8C6D6116-B724-4810-8F2D-D047E6B7D68E}” = Mesh Runtime
“{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}” = MSVCRT
“{8EE94FD8-5F52-4463-A340-185D16328158}” = WebReg
“{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}” = SmartWebPrinting
“{90140000-0011-0000-0000-0000000FF1CE}” = Microsoft Office Professional Plus 2010
“{90140000-0015-0406-0000-0000000FF1CE}” = Microsoft Office Access MUI (Danish) 2010
“{90140000-0015-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-0015-0409-0000-0000000FF1CE}” = Microsoft Office Access MUI (English) 2010
“{90140000-0016-0406-0000-0000000FF1CE}” = Microsoft Office Excel MUI (Danish) 2010
“{90140000-0016-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-0016-0409-0000-0000000FF1CE}” = Microsoft Office Excel MUI (English) 2010
“{90140000-0017-0406-0000-0000000FF1CE}” = Microsoft Office SharePoint Designer MUI (Danish) 2010
“{90140000-0017-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{7ED77DEC-F3CD-44D5-8B8A-508741757B1E}” = Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)
“{90140000-0018-0406-0000-0000000FF1CE}” = Microsoft Office PowerPoint MUI (Danish) 2010
“{90140000-0018-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-0018-0409-0000-0000000FF1CE}” = Microsoft Office PowerPoint MUI (English) 2010
“{90140000-0019-0406-0000-0000000FF1CE}” = Microsoft Office Publisher MUI (Danish) 2010
“{90140000-0019-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-0019-0409-0000-0000000FF1CE}” = Microsoft Office Publisher MUI (English) 2010
“{90140000-001A-0406-0000-0000000FF1CE}” = Microsoft Office Outlook MUI (Danish) 2010
“{90140000-001A-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-001A-0409-0000-0000000FF1CE}” = Microsoft Office Outlook MUI (English) 2010
“{90140000-001B-0406-0000-0000000FF1CE}” = Microsoft Office Word MUI (Danish) 2010
“{90140000-001B-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-001B-0409-0000-0000000FF1CE}” = Microsoft Office Word MUI (English) 2010
“{90140000-001F-0406-0000-0000000FF1CE}” = Microsoft Office Proof (Danish) 2010
“{90140000-001F-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{59BCA417-5095-450B-931A-AE6194728386}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-001F-0407-0000-0000000FF1CE}” = Microsoft Office Proof (German) 2010
“{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.da-dk_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-001F-0409-0000-0000000FF1CE}” = Microsoft Office Proof (English) 2010
“{90140000-001F-040C-0000-0000000FF1CE}” = Microsoft Office Proof (French) 2010
“{90140000-001F-041D-0000-0000000FF1CE}” = Microsoft Office Proof (Swedish) 2010
“{90140000-001F-041D-0000-0000000FF1CE}_Office14.OMUI.da-dk_{D00E944F-5ECB-42FF-B58E-8FDCF2219DE8}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-001F-0C0A-0000-0000000FF1CE}” = Microsoft Office Proof (Spanish) 2010
“{90140000-002A-0406-1000-0000000FF1CE}_Office14.OMUI.da-dk_{2AE96E9C-E4F4-4D18-8A54-C4FABBEA0CDD}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-002C-0406-0000-0000000FF1CE}” = Microsoft Office Proofing (Danish) 2010
“{90140000-002C-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{EC231F64-29AF-4FBD-85B8-EAFFFAE8B7A5}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-002C-0409-0000-0000000FF1CE}” = Microsoft Office Proofing (English) 2010
“{90140000-0044-0406-0000-0000000FF1CE}” = Microsoft Office InfoPath MUI (Danish) 2010
“{90140000-0044-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-0044-0409-0000-0000000FF1CE}” = Microsoft Office InfoPath MUI (English) 2010
“{90140000-006E-0406-0000-0000000FF1CE}” = Microsoft Office Shared MUI (Danish) 2010
“{90140000-006E-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{63CDEDB9-50F5-4C35-9219-72C4F31A61FE}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-006E-0409-0000-0000000FF1CE}” = Microsoft Office Shared MUI (English) 2010
“{90140000-00A1-0406-0000-0000000FF1CE}” = Microsoft Office OneNote MUI (Danish) 2010
“{90140000-00A1-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-00A1-0409-0000-0000000FF1CE}” = Microsoft Office OneNote MUI (English) 2010
“{90140000-00BA-0406-0000-0000000FF1CE}” = Microsoft Office Groove MUI (Danish) 2010
“{90140000-00BA-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}” = Microsoft Office 2010 Service Pack 1 (SP1)
“{90140000-00BA-0409-0000-0000000FF1CE}” = Microsoft Office Groove MUI (English) 2010
“{90140000-0100-0406-0000-0000000FF1CE}” = Microsoft Office O MUI (Danish) 2010
“{90140000-0100-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{3C9024A8-26A9-4769-B3EE-C1489421B8E5}” = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
“{90140000-0101-0406-0000-0000000FF1CE}” = Microsoft Office X MUI (Danish) 2010
“{90140000-0101-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{1ED268C2-9EA5-462D-A303-1EB550953ACB}” = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
“{90140000-0115-0409-0000-0000000FF1CE}” = Microsoft Office Shared Setup Metadata MUI (English) 2010
“{90140000-0117-0409-0000-0000000FF1CE}” = Microsoft Office Access Setup Metadata MUI (English) 2010
“{92EA4134-10D1-418A-91E1-5A0453131A38}” = Windows Live Movie Maker
“{932D0FC7-6DF1-4136-A2EC-166E8DEFD6A4}” = Ad-Aware
“{95140000-0070-0000-0000-0000000FF1CE}” = Microsoft Office 2010
“{9A25302D-30C0-39D9-BD6F-21E6EC160475}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
“{9BE518E6-ECC6-35A9-88E4-87755C07200F}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
“{9D56775A-93F3-44A3-8092-840E3826DE30}” = Windows Live Mail
“{A0C91188-C88F-4E86-93E6-CD7C9A266649}” = Windows Live Mesh
“{A2BCA9F1-566C-4805-97D1-7FDC93386723}” = Adobe AIR
“{A567895C-1D23-48ED-BE83-FB3ED7D30442}” = IPM_VS_Pro
“{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}” = ACDSee Photo Manager 12
“{A726AE06-AAA3-43D1-87E3-70F510314F04}” = Windows Live Writer
“{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}” = Google Update Helper
“{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}” = Windows Live Photo Common
“{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}” = HPSSupply
“{AC76BA86-7AD7-FFFF-7B44-AA0000000001}” = Adobe Reader X (10.1.2) MUI
“{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}” = VSPro
“{B39177F9-269D-4A9B-82F2-7A48589CCCEF}” = Garmin WebUpdater
“{B5978DF3-8A04-4F22-AF67-8CCE52E04B13}” = C4700
“{B6FCAE72-20C8-44E8-B3CA-F9FB6B2210CF}” = TurningPoint 2008
“{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}” = Share
“{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}” = PureHD
“{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}” = SmartSound Common Data
“{BB3447F6-9553-4AA9-960E-0DB5310C5779}” = GPBaseService2
“{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}” = Destinations
“{C4778408-3268-45CE-AE15-772D1739A1F1}” = VIO
“{C6017EEA-9E51-4129-84BA-EFA9520E69D8}” = Common
“{C66824E4-CBB3-4851-BB3F-E8CFD6350923}” = Windows Live Mail
“{CAE4213F-F797-439D-BD9E-79B71D115BE3}” = HPPhotoGadget
“{CB07E706-5DD7-4093-83A1-1430D5B6FA75}” = Microsoft_VC80_ATL_x86
“{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}” = Contents
“{CD31E63D-47FD-491C-8117-CF201D0AFAB5}” = TrayApp
“{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}” = Windows Live UX Platform
“{CF671BFE-6BA3-44E7-98C1-500D9C51D947}” = Windows Live Photo Gallery
“{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}” = DeviceIO
“{D0B44725-3666-492D-BEF6-587A14BD9BD9}” = MSVCRT_amd64
“{D360FA88-17C8-4F14-B67F-13AAF9607B12}” = MarketResearch
“{D436F577-1695-4D2F-8B44-AC76C99E0002}” = Windows Live Photo Common
“{D45240D3-B6B3-4FF9-B243-54ECE3E10066}” = Windows Live Communications Platform
“{D68897FC-7E8D-4849-819A-726B2489713C}” = ISCOM
“{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}” = Microsoft_VC80_CRT_x86
“{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}” = Setup
“{DAF232B7-5749-4F36-A7E5-C7094062778D}” = ResultsManager
“{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}” = Windows Live Movie Maker
“{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}” = Windows Live Writer Resources
“{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}” = CyberLink PowerDVD 10
“{DECDCB7C-58CC-4865-91AF-627F9798FE48}” = Windows Live Mesh
“{E09C4DB7-630C-4F06-A631-8EA7239923AF}” = D3DX10
“{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}” = Windows Media Encoder 9 Series
“{E517094C-06B6-419F-8FFD-EF4F57972130}” = QuickTransfer
“{E5B21F11-6933-4E0B-A25C-7963E3C07D11}” = Windows Live Messenger
“{E5DD4723-FE0B-436E-A815-DC23CF902A0B}” = Windows Live UX Platform Language Pack
“{E8524B28-3BBB-4763-AC83-0E83FE31C350}” = Windows Live Writer
“{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}” = Windows Live Writer Resources
“{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}” = Microsoft SQL Server 2005 Compact Edition [ENU]
“{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}” = Realtek High Definition Audio Driver
“{F8A9085D-4C7A-41a9-8A77-C8998A96C421}” = Intel(R) Control Center
“{FA0FF682-CC70-4C57-93CD-E276F3E7537E}” = BufferChm
“{FBE87834-E5DB-41E6-8A11-0979F9DF8E12}” = TweakUI for Windows 64-Bit
“{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}” = Windows Live Essentials
“{AA902C31-B49D-4608-BCCF-2519EB77722D}” = ICA
“{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}” = Windows Live Writer
“{AAF454FC-82CA-4F29-AB31-6A109485E76E}” = Windows Live Writer
“ActiveTouchMeetingClient” = WebEx
“Adobe AIR” = Adobe AIR
“Airfoil” = Airfoil
“Akamai” = Akamai NetSession Interface Service
“Any Video Converter_is1” = Any Video Converter 3.2.7
“AVS Update Manager_is1” = AVS Update Manager 1.0
“BOXEE” = Boxee
“Comodo Dragon” = Comodo Dragon
“COMODO GeekBuddy” = COMODO GeekBuddy
“DAEMON Tools Lite” = DAEMON Tools Lite
“DFX for Winamp” = DFX for Winamp
“DivXLand Bitrate Calculator” = DivXLand Bitrate Calculator
“DivXLand Media Subtitler” = DivXLand Media Subtitler
“DVD Shrink_is1” = DVD Shrink 3.2
“ESET Online Scanner” = ESET Online Scanner v3
“Extra DVD Ripper Free_is1” = Extra DVD Ripper Free 8.21
“FileZilla Client” = FileZilla Client 3.5.3
“Free DVD Ripper 2.25_is1” = Free DVD Ripper Version 2.25
“HandBrake” = HandBrake 0.9.5
“HardCopy Pro” = HardCopy Pro
“InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}” = SmartSound Quicktracks 5
“InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}” = SmartSound Common Data
“InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}” = CyberLink PowerDVD 10
“KLiteCodecPack_is1” = K-Lite Codec Pack 7.9.0 (Full)
“KLS Backup 2011 Professional_is1” = KLS Backup 2011 Professional 6.2.1.0
“Malwarebytes’ Anti-Malware_is1” = Malwarebytes Anti-Malware version 1.60.1.1000
“NVIDIA StereoUSB Driver” = NVIDIA 3D Vision Controller Driver
“NVIDIAStereo” = NVIDIA Stereoscopic 3D Driver
“Office14.OMUI.da-dk” = Microsoft Office Language Pack 2010 - Danish/dansk
“Office14.PROPLUS” = Microsoft Office Professional Plus 2010
“PrimoPDF” = PrimoPDF—brought to you by Nitro PDF Software
“SuperCopier2” = SuperCopier2
“VLC media player” = VLC media player 1.1.11
“Winamp” = Winamp
“Windows Media Encoder 9” = Windows Media Encoder 9 Series
“WinLiveSuite” = Windows Live Essentials
“WinX DVD Ripper Platinum_is1” = WinX DVD Ripper Platinum 6.3.5
“WinX Free DVD to MPEG Ripper_is1” = WinX Free DVD to MPEG Ripper 4.4.16

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2964658577-4209496961-628298702-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“Akamai” = Akamai NetSession Interface
“Dropbox” = Dropbox
“Spotify” = Spotify
“Winamp Detect” = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 04-02-2012 09:24:00 | Computer Name = JF-Ny_PC | Source = Windows Search Service | ID = 7040
Description =

Error - 04-02-2012 09:24:00 | Computer Name = JF-Ny_PC | Source = Windows Search Service | ID = 7042
Description =

Error - 04-02-2012 09:24:00 | Computer Name = JF-Ny_PC | Source = Windows Search Service | ID = 9002
Description =

Error - 04-02-2012 09:24:00 | Computer Name = JF-Ny_PC | Source = Windows Search Service | ID = 3029
Description =

Error - 04-02-2012 09:24:00 | Computer Name = JF-Ny_PC | Source = Windows Search Service | ID = 3029
Description =

Error - 04-02-2012 09:24:00 | Computer Name = JF-Ny_PC | Source = Windows Search Service | ID = 3028
Description =

Error - 04-02-2012 09:24:00 | Computer Name = JF-Ny_PC | Source = Windows Search Service | ID = 3058
Description =

Error - 04-02-2012 09:24:00 | Computer Name = JF-Ny_PC | Source = Windows Search Service | ID = 7010
Description =

Error - 05-02-2012 08:55:22 | Computer Name = JF-Ny_PC | Source = WinMgmt | ID = 10
Description =

Error - 05-02-2012 11:36:17 | Computer Name = JF-Ny_PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 28-11-2011 03:05:52 | Computer Name = JF-Ny_PC | Source = Service Control Manager | ID = 7024
Description = Tjenesten Windows Search blev afbrudt med den tjenestespecifikke fejl
%%-1073473535.

Error - 28-11-2011 03:05:52 | Computer Name = JF-Ny_PC | Source = Service Control Manager | ID = 7031
Description = Tjenesten Windows Search blev afbrudt uventet. Dette er sket 1 gange.
Følgende korrigerende handling foretages om 30000 millisekunder: Genstart tjenesten.

Error - 28-11-2011 03:06:22 | Computer Name = JF-Ny_PC | Source = Service Control Manager | ID = 7032
Description = Tjenestekontrolstyring prøvede at foretage en korrigerende handling
(Genstart tjenesten) efter den uventede afbrydelse af tjenesten Windows Search,
men denne handling mislykkedes med følgende fejl:  V

Error - 28-11-2011 04:14:37 | Computer Name = JF-Ny_PC | Source = Disk | ID = 262155
Description = Driveren detekterede en controllerfejl på \Device\Harddisk3\DR3.

Error - 28-11-2011 11:43:14 | Computer Name = JF-Ny_PC | Source = Service Control Manager | ID = 7024
Description = Tjenesten Windows Search blev afbrudt med den tjenestespecifikke fejl
%%-1073473535.

Error - 28-11-2011 11:43:14 | Computer Name = JF-Ny_PC | Source = Service Control Manager | ID = 7031
Description = Tjenesten Windows Search blev afbrudt uventet. Dette er sket 1 gange.
Følgende korrigerende handling foretages om 30000 millisekunder: Genstart tjenesten.

Error - 30-11-2011 02:45:06 | Computer Name = JF-Ny_PC | Source = Service Control Manager | ID = 7024
Description = Tjenesten Windows Search blev afbrudt med den tjenestespecifikke fejl
%%-1073473535.

Error - 30-11-2011 02:45:06 | Computer Name = JF-Ny_PC | Source = Service Control Manager | ID = 7031
Description = Tjenesten Windows Search blev afbrudt uventet. Dette er sket 1 gange.
Følgende korrigerende handling foretages om 30000 millisekunder: Genstart tjenesten.

Error - 30-11-2011 02:45:36 | Computer Name = JF-Ny_PC | Source = Service Control Manager | ID = 7009
Description = Der opstod timeout (30000 millisekunder), mens systemet ventede på,
at der blev oprettet forbindelse til tjenesten Windows Search.

Error - 30-11-2011 02:45:36 | Computer Name = JF-Ny_PC | Source = Service Control Manager | ID = 7000
Description = Tjenesten Windows Search kunne ikke starte pga. følgende fejl:  S


< End of report >

Antal indlæg: 12

Og her er CKScanner filen:

CKScanner - Additional Security Risks - These are not necessarily bad
c:\users\jacob from\favorites\keygens.nl - adobe master suite cs5 keygen for mac by team-sol.rar keygen crack instant download.url
hosts 127.0.0.1           activate.adobe.com
hosts 127.0.0.1           practivate.adobe.com
hosts 127.0.0.1           ereg.adobe.com
hosts 127.0.0.1           activate.wip3.adobe.com
hosts 127.0.0.1           wip3.adobe.com
hosts 127.0.0.1           3dns-3.adobe.com
hosts 127.0.0.1           3dns-2.adobe.com
hosts 127.0.0.1           adobe-dns.adobe.com
hosts 127.0.0.1           adobe-dns-2.adobe.com
hosts 127.0.0.1           adobe-dns-3.adobe.com
hosts 127.0.0.1           ereg.wip3.adobe.com
hosts 127.0.0.1           activate-sea.adobe.com
hosts 127.0.0.1           wwis-dubc1-vip60.adobe.com
hosts 127.0.0.1           activate-sjc0.adobe.com
hosts 127.0.0.1                     adobe.activate.com
hosts 127.0.0.1                     wwis-dubc1-vip60.adobe.com      
hosts 127.0.0.1                     hl2rcv.adobe.com
scanner sequence 3.II.11.FEAPXA
——- EOF——-

Administrator
Antal indlæg: 8590

Start OTL

Vista og Windows 7 - højreklik på filen - Kør som Administrator.

Kopier nedenstånde med fed skrift ind i feltet “Custom Scans/Fixes

:processes

:files
c:\users\jacob from\favorites\keygens.nl - adobe master suite cs5 keygen for mac by team-sol.rar keygen crack instant download.url
D:\Downloads\cdbxp_setup_4.3.8.2631.exe
D:\Downloads\InternationalPrimoPDF.exe
D:\Program_Files\KLS Backup 2011 Professional\klsbservice.exe
G:\MATROX\Gammel slave backup\Gammel slave backup\$BACKUP\$D\Grokster\Grokster\magnet.exe
G:\Program_download\CyberLink PowerDirector 8.00.2013 + keygen-CORE
G:\Program_download\Microsoft Visio Premium 2010\en_visio_premium_2010_beta_x64_x16-19360.zip
G:\Program_download\Microsoft Visio Premium 2010\en_visio_premium_2010_beta_x86_x16-19353.zip
G:\Program_download\Microsoft Visio Premium 2010\en_visio_premium_2010_beta_x64_x16-19360\en_visio_premium_2010_beta_x64_x16-19360.exe
G:\Program_download\Microsoft Visio Premium 2010\en_visio_premium_2010_beta_x86_x16-19353\en_visio_premium_2010_beta_x86_x16-19353.exe
ipconfig /flushdns /c

:Commands
[resethosts]
[CREATERESTOREPOINT]
[EMPTYFLASH]
[EMPTYJAVA]
[emptytemp]
[Reboot]

Luk alle andre åbne vinduer og klik på “Run Fix

Efter genstart åbnes en logfil, kopier den tekst herind i denne tråd.

Ellers ligger den her: C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log

PS Deaktiver dine Sikkerheds programmer, mens “Fixet” kører.

PPS Hvilke brugere mener du er oprettet question

Signatur

Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

Antal indlæg: 12

Tak for tilbagemeldingen.
Brugerne findes stadig på netværksdrev Y: og Z: og hedder “root (Unix User\root)” og “jewab (Unix Group\jewab)”. De har begge “specielle tilladelser”
Men disse drev er ikke med i de fleste scanninger kan jeg se.
De fantes også på C: og D:, men måske lykkedes det mig alligevel at slette dem.

Ellers er her loggen:

OTL logfile created on: 13-02-2012 09:31:55 - Run 2
OTL by OldTimer - Version 3.2.31.0   Folder = C:\Users\Jacob From\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

15,98 Gb Total Physical Memory | 13,30 Gb Available Physical Memory | 83,20% Memory free
31,97 Gb Paging File | 29,40 Gb Available in Paging File | 91,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,30 Gb Total Space | 27,17 Gb Free Space | 24,41% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 849,20 Gb Free Space | 91,16% Space Free | Partition Type: NTFS
Drive E: | 1853,01 Gb Total Space | 1347,07 Gb Free Space | 72,70% Space Free | Partition Type: NTFS
Drive F: | 647,28 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1397,27 Gb Total Space | 503,85 Gb Free Space | 36,06% Space Free | Partition Type: NTFS
Drive J: | 931,48 Gb Total Space | 505,39 Gb Free Space | 54,26% Space Free | Partition Type: NTFS

Computer Name: JF-NY_PC | User Name: Jacob From | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Jacob From\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Jacob From\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
PRC - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
PRC - C:\Users\Jacob From\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - D:\Program_Files\Malwarebytes’ Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - D:\Program_Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - D:\Program_Files\DAEMON Tools Lite\DTShellHlp.exe (DT Soft Ltd)
PRC - D:\Program_Files\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe (ACD Systems International Inc.)
PRC - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - D:\Program_Files\SuperCopier2\SuperCopier2.exe (SFX TEAM)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Evernote\Evernote\libtidy.dll ()
MOD - C:\Program Files (x86)\Evernote\Evernote\libxml2.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (cmdAgent)—C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV:64bit: - (CLPSLS)—C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe (COMODO)
SRV:64bit: - (wlcrasvc)—C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend)—C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (Akamai)—c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll ()
SRV - (MBAMService)—D:\Program_Files\Malwarebytes’ Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice)—C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Lavasoft Ad-Aware Service)—C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (nvUpdatusService)—C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service)—C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (KMService)—C:\Windows\SysWOW64\srvany.exe ()
SRV - (!SASCORE)—D:\Program_Files\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV - (IAStorDataMgrSvc) Intel(R)—C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (BBSvc)—C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort)—C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (HPSLPSVC)—C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (clr_optimization_v4.0.30319_32)—C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2)—c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (clr_optimization_v2.0.50727_32)—C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (cmderd)—C:\Windows\SysNative\drivers\cmderd.sys (COMODO)
DRV:64bit: - (dtsoftbus01)—C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (MBAMProtector)—C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Lbd)—C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB)
DRV:64bit: - (NVHDA)—C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (iaStor)—C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RTL8167)—C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                             )
DRV:64bit: - (Netaapl)—C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (USBAAPL64)—C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata)—C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata)—C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (EtronXHCI)—C:\Windows\SysNative\drivers\EtronXHCI.sys (Etron Technology Inc)
DRV:64bit: - (EtronHub3)—C:\Windows\SysNative\drivers\EtronHub3.sys (Etron Technology Inc)
DRV:64bit: - (PxHlpa64)—C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (WDC_SAM)—C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (TsUsbFlt)—C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD)—C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD)—C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (nusb3xhc)—C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub)—C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (MEIx64) Intel(R)—C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (fssfltr)—C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Impcd)—C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (amdsbs)—C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2)—C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor)—C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) Driver til serielt digitalt kamera (stillbilleder)—C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (dc21x4vm)—C:\Windows\SysNative\drivers\dc21x4vm.sys (Microsoft Corp.)
DRV:64bit: - (ebdrv)—C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv)—C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a)—C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir)—C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM)—C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (grmnusb)—C:\Windows\SysNative\drivers\grmnusb.sys (GARMIN Corp.)
DRV - (SASDIFSV)—D:\Program_Files\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL)—D:\Program_Files\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})—D:\Program_Files\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.)
DRV - (WIMMount)—C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASPI)—C:\Windows\SysWOW64\drivers\ASPI32.SYS (Adaptec)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://nmd.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0




IE - HKU\S-1-5-21-2964658577-4209496961-628298702-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nmd.msn.com
IE - HKU\S-1-5-21-2964658577-4209496961-628298702-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-2964658577-4209496961-628298702-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://tv2.dk/
IE - HKU\S-1-5-21-2964658577-4209496961-628298702-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKU\S-1-5-21-2964658577-4209496961-628298702-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” = *.local;127.0.0.1:9421;

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program_Files\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-08-10 18:01:49 | 000,000,000 |—-D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-08-10 18:01:49 | 000,000,000 |—-D | M]


O1 HOSTS File: ([2011-08-09 23:00:32 | 000,001,798 |——| M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1           activate.adobe.com
O1 - Hosts: 127.0.0.1           practivate.adobe.com
O1 - Hosts: 127.0.0.1           ereg.adobe.com
O1 - Hosts: 127.0.0.1           activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1           wip3.adobe.com
O1 - Hosts: 127.0.0.1           3dns-3.adobe.com
O1 - Hosts: 127.0.0.1           3dns-2.adobe.com
O1 - Hosts: 127.0.0.1           adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1           adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1           adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1           ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1           activate-sea.adobe.com
O1 - Hosts: 127.0.0.1           wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1           activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1                     adobe.activate.com
O1 - Hosts: 127.0.0.1                     adobeereg.com                
O1 - Hosts: 127.0.0.1                     http://www.adobeereg.com             
O1 - Hosts: 127.0.0.1                     wwis-dubc1-vip60.adobe.com      
O1 - Hosts: 127.0.0.1                     125.252.224.90              
O1 - Hosts: 127.0.0.1                     125.252.224.91
O1 - Hosts: 127.0.0.1                     hl2rcv.adobe.com
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [Malwarebytes’ Anti-Malware] D:\Program_Files\Malwarebytes’ Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [WinampAgent] D:\Program_Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [Akamai NetSession Interface] C:\Users\Jacob From\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [DAEMON Tools Lite] D:\Program_Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [Device Detector] DevDetect.exe -autorun File not found
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [SUPERAntiSpyware] D:\Program_Files\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [SuperCopier2.exe] D:\Program_Files\SuperCopier2\SuperCopier2.exe (SFX TEAM)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Jacob From\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Jacob From\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Jacob From\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: E&xport; to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd; to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: E&xport; to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd; to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra ‘Tools’ menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {7ECB1A47-6647-4B2C-A8DA-675569C9FF15} http://services.soft2print.com/Upload/Aurigma_7_0_37/ImageUploader7.cab (Image Uploader Control)
O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab (iCloud Web App Plugin)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab (e-Safekey)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/WBXclient-T27L10NSP25-10481/webex/ieatgpc1.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1F24CB4A-8DD2-477D-8338-915B03436A27}: DhcpNameServer = 80.251.201.177 80.251.201.178
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{76A2A537-EFA5-4F5E-99B5-14A00A7D4258}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) -C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-12-15 14:00:42 | 000,032,768 | R—- | M] (Steven Blackburn) - F:\autorun.exe—[ CDFS ]
O32 - AutoRun File - [2011-12-15 14:00:42 | 000,000,052 | R—- | M] () - F:\autorun.inf—[ CDFS ]
O32 - AutoRun File - [2009-09-17 12:26:15 | 000,000,000 | RH-D | M] - G:\autorun—[ NTFS ]
O32 - AutoRun File - [2002-10-17 03:56:50 | 000,000,036 | RH—| M] () - G:\autorun.inf—[ NTFS ]
O33 - MountPoints2\{d5c6c642-4854-11e1-9d72-50e5493a665f}\Shell - “” = AutoRun
O33 - MountPoints2\{d5c6c642-4854-11e1-9d72-50e5493a665f}\Shell\AutoRun\command - “” = “I:\WD SmartWare.exe” autoplay=true
O33 - MountPoints2\{d8c67050-be77-11e0-92ef-806e6f6e6963}\Shell - “” = AutoRun
O33 - MountPoints2\{d8c67050-be77-11e0-92ef-806e6f6e6963}\Shell\AutoRun\command - “” = F:\AUTORUN.EXE default.html
O33 - MountPoints2\{fd1fa839-c894-11e0-b1d3-50e5493a665f}\Shell - “” = AutoRun
O33 - MountPoints2\{fd1fa839-c894-11e0-b1d3-50e5493a665f}\Shell\AutoRun\command - “” = I:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open]—“%1” %*
O35:64bit: - HKLM\..exefile [open]—“%1” %*
O35 - HKLM\..comfile [open]—“%1” %*
O35 - HKLM\..exefile [open]—“%1” %*
O37:64bit: - HKLM\...com [@ = comfile]—“%1” %*
O37:64bit: - HKLM\...exe [@ = exefile]—“%1” %*
O37 - HKLM\...com [@ = comfile]—“%1” %*
O37 - HKLM\...exe [@ = exefile]—“%1” %*

[CREATERESTOREPOINT]
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012-02-12 14:11:28 | 000,584,192 |——| C] (OldTimer Tools)—C:\Users\Jacob From\Desktop\OTL.exe
[2012-02-12 09:43:47 | 000,000,000 |—-D | C]—C:\Users\Jacob From\AppData\Roaming\SUPERAntiSpyware.com
[2012-02-12 09:43:21 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012-02-12 09:43:19 | 000,000,000 |—-D | C]—C:\ProgramData\SUPERAntiSpyware.com
[2012-02-12 08:44:48 | 000,000,000 |—-D | C]—C:\Users\Jacob From\AppData\Roaming\Malwarebytes
[2012-02-12 08:44:31 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes’ Anti-Malware
[2012-02-12 08:44:29 | 000,038,224 |——| C] (Malwarebytes Corporation)—C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2012-02-12 08:44:28 | 000,023,152 |——| C] (Malwarebytes Corporation)—C:\Windows\SysNative\drivers\mbam.sys
[2012-02-12 08:44:28 | 000,000,000 |—-D | C]—C:\ProgramData\Malwarebytes
[2012-02-11 11:41:21 | 000,000,000 |—-D | C]—C:\Program Files (x86)\ESET
[2012-02-11 11:40:22 | 000,000,000 |—-D | C]—C:\Users\Jacob From\Desktop\SWF
[2012-02-06 13:11:30 | 000,000,000 |—-D | C]—C:\Users\Jacob From\Documents\Ansøgninger
[2012-02-06 04:02:08 | 000,000,000 | -HSD | C]—C:\found.000
[2012-02-01 12:39:40 | 000,000,000 |—-D | C]—C:\Users\Jacob From\AppData\Local\{7265FA9C-C3B1-4CE2-AA62-24E832DF3BAA}
[2012-02-01 12:39:30 | 000,000,000 |—-D | C]—C:\Users\Jacob From\AppData\Local\{9DE32923-32D0-45C0-9D91-260CF1D5B7BE}
[2012-02-01 07:54:48 | 001,447,936 |——| C] (Microsoft Corporation)—C:\Windows\SysNative\lsasrv.dll
[2012-02-01 07:54:48 | 000,395,776 |——| C] (Microsoft Corporation)—C:\Windows\SysNative\webio.dll
[2012-02-01 07:54:48 | 000,314,880 |——| C] (Microsoft Corporation)—C:\Windows\SysWow64\webio.dll
[2012-02-01 07:54:48 | 000,136,192 |——| C] (Microsoft Corporation)—C:\Windows\SysNative\sspicli.dll
[2012-02-01 07:54:48 | 000,029,184 |——| C] (Microsoft Corporation)—C:\Windows\SysNative\sspisrv.dll
[2012-02-01 07:54:48 | 000,028,160 |——| C] (Microsoft Corporation)—C:\Windows\SysNative\secur32.dll
[2012-01-26 21:09:14 | 000,000,000 |—-D | C]—C:\Windows\Minidump
[2012-01-26 21:06:45 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2012-01-25 08:33:00 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SE-DesktopConstructor
[2012-01-20 19:35:37 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012-01-20 19:35:29 | 000,000,000 |—-D | C]—C:\Program Files\iTunes
[2012-01-20 19:35:29 | 000,000,000 |—-D | C]—C:\Program Files\iPod
[2012-01-17 16:34:15 | 000,000,000 |—-D | C]—C:\Users\Jacob From\AppData\Roaming\webex
[2012-01-17 16:32:20 | 000,000,000 |—-D | C]—C:\ProgramData\WebEx
[2012-01-15 14:31:53 | 000,000,000 |—-D | C]—C:\Users\Jacob From\Documents\Budget_2012
[2012-01-15 13:45:23 | 000,000,000 |—-D | C]—C:\Users\Jacob From\AppData\Roaming\Google
[2012-01-15 13:45:03 | 000,000,000 |—-D | C]—C:\Program Files\Google
[2012-01-15 13:44:56 | 000,000,000 |—-D | C]—C:\ProgramData\Google
[2012-01-15 13:29:08 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 8
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-02-13 09:32:22 | 001,474,832 |——| M] ()—C:\Windows\SysNative\drivers\sfi.dat
[2012-02-13 09:00:00 | 000,000,940 |——| M] ()—C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-02-13 08:39:07 | 001,273,032 |——| M] ()—C:\Windows\SysNative\PerfStringBackup.INI
[2012-02-13 08:39:07 | 000,618,714 |——| M] ()—C:\Windows\SysNative\perfh009.dat
[2012-02-13 08:39:07 | 000,473,120 |——| M] ()—C:\Windows\SysNative\perfh006.dat
[2012-02-13 08:39:07 | 000,107,034 |——| M] ()—C:\Windows\SysNative\perfc009.dat
[2012-02-13 08:39:07 | 000,080,728 |——| M] ()—C:\Windows\SysNative\perfc006.dat
[2012-02-13 08:10:52 | 000,020,512 | -H—| M] ()—C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-02-13 08:10:52 | 000,020,512 | -H—| M] ()—C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-02-13 07:42:26 | 000,000,936 |——| M] ()—C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-02-13 07:42:24 | 000,067,584 |—S- | M] ()—C:\Windows\bootstat.dat
[2012-02-13 07:42:23 | 4281,683,966 | -HS- | M] ()—C:\hiberfil.sys
[2012-02-12 18:28:43 | 000,458,240 |——| M] ()—C:\Users\Jacob From\Desktop\CKScanner.exe
[2012-02-12 18:28:23 | 000,000,163 |——| M] ()—C:\Users\Jacob From\Desktop\spywarefri_dk.htm
[2012-02-12 14:11:31 | 000,584,192 |——| M] (OldTimer Tools)—C:\Users\Jacob From\Desktop\OTL.exe
[2012-02-12 12:06:17 | 000,026,112 |——| M] ()—C:\Users\Jacob From\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-02-11 10:13:31 | 000,000,064 |——| M] ()—C:\Windows\SysWow64\rp_stats.dat
[2012-02-11 10:13:31 | 000,000,044 |——| M] ()—C:\Windows\SysWow64\rp_rules.dat
[2012-02-05 13:56:13 | 000,000,132 |——| M] ()—C:\Windows\wininit.ini
[2012-02-05 13:56:10 | 000,001,040 |——| M] ()—C:\Users\Jacob From\Desktop\Dropbox.lnk
[2012-02-05 13:56:10 | 000,001,020 |——| M] ()—C:\Users\Jacob From\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012-02-01 12:37:59 | 000,013,425 |——| M] ()—C:\Users\Jacob From\Desktop\Essilor_A_C.jpg
[2012-02-01 11:59:30 | 000,069,277 |——| M] ()—C:\Users\Jacob From\Desktop\https___mail.essilor.com_exchange_FROMJ_Sendt post_SV_ Warranty Card and folders.pdf
[2012-02-01 08:57:00 | 003,351,182 |——| M] ()—C:\Users\Jacob From\Desktop\Marketingplan 2012_DK_v1.pdf
[2012-01-26 21:07:19 | 000,020,054 |——| M] ()—C:\Windows\Q-Dir.ini
[2012-01-16 19:29:20 | 000,002,025 |——| M] ()—C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012-01-15 13:29:08 | 000,002,031 |——| M] ()—C:\Users\Public\Desktop\Google SketchUp 8.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-02-12 18:28:38 | 000,458,240 |——| C] ()—C:\Users\Jacob From\Desktop\CKScanner.exe
[2012-02-12 18:28:22 | 000,000,163 |——| C] ()—C:\Users\Jacob From\Desktop\spywarefri_dk.htm
[2012-02-05 13:56:13 | 000,000,132 |——| C] ()—C:\Windows\wininit.ini
[2012-02-01 12:37:59 | 000,013,425 |——| C] ()—C:\Users\Jacob From\Desktop\Essilor_A_C.jpg
[2012-02-01 11:59:29 | 000,069,277 |——| C] ()—C:\Users\Jacob From\Desktop\https___mail.essilor.com_exchange_FROMJ_Sendt post_SV_ Warranty Card and folders.pdf
[2012-02-01 08:57:00 | 003,351,182 |——| C] ()—C:\Users\Jacob From\Desktop\Marketingplan 2012_DK_v1.pdf
[2012-01-15 13:45:01 | 000,000,940 |——| C] ()—C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-01-15 13:45:01 | 000,000,936 |——| C] ()—C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-01-15 13:29:08 | 000,002,031 |——| C] ()—C:\Users\Public\Desktop\Google SketchUp 8.lnk
[2011-12-14 22:05:09 | 001,289,942 |——| C] ()—C:\Windows\SysWow64\PerfStringBackup.INI
[2011-12-09 19:16:34 | 000,000,064 |——| C] ()—C:\Windows\SysWow64\rp_stats.dat
[2011-12-09 19:16:34 | 000,000,044 |——| C] ()—C:\Windows\SysWow64\rp_rules.dat
[2011-11-03 11:58:12 | 000,761,856 |——| C] ()—C:\Windows\SysWow64\xvidcore.dll
[2011-11-03 11:58:12 | 000,159,744 |——| C] ()—C:\Windows\SysWow64\xvidvfw.dll
[2011-11-03 11:58:12 | 000,074,752 |——| C] ()—C:\Windows\SysWow64\ff_vfw.dll
[2011-10-19 21:25:26 | 000,162,440 |——| C] ()—C:\Windows\SysWow64\AirfoilInject3.dll
[2011-10-14 23:54:52 | 000,321,856 |——| C] ()—C:\Windows\SysWow64\nvStreaming.exe
[2011-08-31 18:55:38 | 000,008,192 |——| C] ()—C:\Windows\SysWow64\srvany.exe
[2011-08-25 18:21:11 | 000,020,054 |——| C] ()—C:\Windows\Q-Dir.ini
[2011-08-23 20:51:54 | 000,026,112 |——| C] ()—C:\Users\Jacob From\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-08-10 17:59:31 | 000,216,675 |——| C] ()—C:\Windows\hpoins43.dat
[2011-08-10 17:59:31 | 000,000,601 |——| C] ()—C:\Windows\hpomdl43.dat
[2011-08-08 09:33:42 | 000,175,616 |——| C] ()—C:\Windows\SysWow64\unrar.dll
[2011-08-06 13:36:10 | 000,020,992 |——| C] ()—C:\Windows\jestertb.dll
[2011-08-04 09:59:33 | 000,008,192 |——| C] ()—C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011-02-10 05:03:48 | 000,000,326 |——| C] ()—C:\Windows\primopdf.ini
[2009-07-14 06:38:36 | 000,067,584 |—S- | C] ()—C:\Windows\bootstat.dat
[2009-07-14 03:35:51 | 000,000,741 |——| C] ()—C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 03:34:42 | 000,215,943 |——| C] ()—C:\Windows\SysWow64\dssec.dat
[2009-07-14 01:10:29 | 000,043,131 |——| C] ()—C:\Windows\mib.bin
[2009-07-14 00:42:10 | 000,064,000 |——| C] ()—C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 22:03:59 | 000,364,544 |——| C] ()—C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 22:26:10 | 000,673,088 |——| C] ()—C:\Windows\SysWow64\mlang.dat

========== Custom Scans ==========


< :processes >

<  >

< :files >

<  c:\users\jacob from\favorites\keygens.nl - adobe master suite cs5 keygen for mac by team-sol.rar keygen crack instant download.url >
[2011-08-22 19:19:53 | 000,000,225 |——| M] ()—c:\users\jacob from\favorites\KEYGENS.NL - Adobe Master Suite CS5 Keygen For Mac by team-sol.rar keygen crack instant download.url

<  D:\Downloads\cdbxp_setup_4.3.8.2631.exe >
[2011-10-17 11:33:08 | 005,031,888 |——| M] (Canneverbe Limited                             )—D:\Downloads\cdbxp_setup_4.3.8.2631.exe

<  D:\Downloads\InternationalPrimoPDF.exe >
[2011-08-22 15:51:50 | 007,549,704 |——| M] ()—D:\Downloads\InternationalPrimoPDF.exe

<  D:\Program_Files\KLS Backup 2011 Professional\klsbservice.exe >
[2011-10-30 17:11:04 | 003,574,272 |——| M] (KirySoft)—D:\Program_Files\KLS Backup 2011 Professional\klsbservice.exe

<  G:\MATROX\Gammel slave backup\Gammel slave backup\$BACKUP\$D\Grokster\Grokster\magnet.exe >
[2003-12-10 12:25:46 | 000,212,992 |——| M] (magnetlink.org)—G:\MATROX\Gammel slave backup\Gammel slave backup\$BACKUP\$D\Grokster\Grokster\magnet.exe

<  G:\Program_download\CyberLink PowerDirector 8.00.2013 + keygen-CORE >

<  G:\Program_download\Microsoft Visio Premium 2010\en_visio_premium_2010_beta_x64_x16-19360.zip >
[2011-03-09 22:12:05 | 355,740,020 |——| M] ()—G:\Program_download\Microsoft Visio Premium 2010\en_visio_premium_2010_beta_x64_x16-19360.zip

<  G:\Program_download\Microsoft Visio Premium 2010\en_visio_premium_2010_beta_x86_x16-19353.zip >
[2011-03-09 22:12:05 | 304,852,422 |——| M] ()—G:\Program_download\Microsoft Visio Premium 2010\en_visio_premium_2010_beta_x86_x16-19353.zip

<  G:\Program_download\Microsoft Visio Premium 2010\en_visio_premium_2010_beta_x64_x16-19360\en_visio_premium_2010_beta_x64_x16-19360.exe >
[2010-02-10 23:06:30 | 355,694,870 |——| M] ()—G:\Program_download\Microsoft Visio Premium 2010\en_visio_premium_2010_beta_x64_x16-19360\en_visio_premium_2010_beta_x64_x16-19360.exe

<  G:\Program_download\Microsoft Visio Premium 2010\en_visio_premium_2010_beta_x86_x16-19353\en_visio_premium_2010_beta_x86_x16-19353.exe >
[2010-02-10 23:08:10 | 304,814,605 |——| M] ()—G:\Program_download\Microsoft Visio Premium 2010\en_visio_premium_2010_beta_x86_x16-19353\en_visio_premium_2010_beta_x86_x16-19353.exe

<  ipconfig /flushdns /c >
Windows IP-konfiguration
DNS Resolver Cache blev t›mt.

<  >

< :Commands >

<  [resethosts] >

<  [EMPTYFLASH] >

<  [EMPTYJAVA] >

<  [emptytemp] >

<  [Reboot] >

< End of report >

Administrator
Antal indlæg: 8590

Du har trykkrt på “Scan”, når jeg bad dig om at tryppe på “Run Fix
Vil du godt køre “Fixet” igwn

Signatur

Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

Antal indlæg: 12

Beklager. Jeg har aldrig været god til nærlæsning…  cheese

Her er loggen:
______________________
All processes killed
========== PROCESSES ==========
========== FILES ==========
c:\users\jacob from\favorites\KEYGENS.NL - Adobe Master Suite CS5 Keygen For Mac by team-sol.rar keygen crack instant download.url moved successfully.
D:\Downloads\cdbxp_setup_4.3.8.2631.exe moved successfully.
D:\Downloads\InternationalPrimoPDF.exe moved successfully.
D:\Program_Files\KLS Backup 2011 Professional\klsbservice.exe moved successfully.
G:\MATROX\Gammel slave backup\Gammel slave backup\$BACKUP\$D\Grokster\Grokster\magnet.exe moved successfully.
G:\Program_download\CyberLink PowerDirector 8.00.2013 + keygen-CORE\CyberLink PowerDirector 8.00.2013 + keygen\CyberLink PowerDirector 8.00.2013 + keygen folder moved successfully.
G:\Program_download\CyberLink PowerDirector 8.00.2013 + keygen-CORE\CyberLink PowerDirector 8.00.2013 + keygen folder moved successfully.
G:\Program_download\CyberLink PowerDirector 8.00.2013 + keygen-CORE folder moved successfully.
G:\Program_download\Microsoft Visio Premium 2010\en_visio_premium_2010_beta_x64_x16-19360.zip moved successfully.
G:\Program_download\Microsoft Visio Premium 2010\en_visio_premium_2010_beta_x86_x16-19353.zip moved successfully.
G:\Program_download\Microsoft Visio Premium 2010\en_visio_premium_2010_beta_x64_x16-19360\en_visio_premium_2010_beta_x64_x16-19360.exe moved successfully.
G:\Program_download\Microsoft Visio Premium 2010\en_visio_premium_2010_beta_x86_x16-19353\en_visio_premium_2010_beta_x86_x16-19353.exe moved successfully.
<  ipconfig /flushdns /c >
Windows IP-konfiguration
DNS Resolver Cache blev t›mt.
C:\Users\Jacob From\Desktop\cmd.bat deleted successfully.
C:\Users\Jacob From\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default
->Flash cache emptied: 41620 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Gæst

User: HomeGroupUser$

User: Jacob From
->Flash cache emptied: 483 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: Default

User: Default User

User: Gæst

User: HomeGroupUser$

User: Jacob From
->Java cache emptied: 2948435 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 3,00 mb


[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Gæst

User: HomeGroupUser$

User: Jacob From
->Temp folder emptied: 28043 bytes
->Temporary Internet Files folder emptied: 10897230 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 31950 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 2998554 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 13,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 02142012_082518

Files\Folders moved on Reboot…
C:\Users\Jacob From\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Jacob From\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JT4ARC2E\ads[1].htm moved successfully.
C:\Users\Jacob From\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DXIN48DO\si[1].htm moved successfully.
C:\Users\Jacob From\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Jacob From\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\Jacob From\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.

Registry entries deleted on Reboot…

Administrator
Antal indlæg: 8590
BjarneIb - 13.02.2012 10:49:27

Brugerne findes stadig på netværksdrev Y: og Z: og hedder “root (Unix User\root)” og “jewab (Unix Group\jewab)”. De har begge “specielle tilladelser”

De brugernavne er vel legale, så hvorfor tror du der er Malware involveret question

Signatur

Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

Antal indlæg: 12

De er ikke nogen jeg har oprettet og de findes ikke på min anden computer. Den anden computer har alle de samme programmer installeret og mere til. Så derfor tænkte jeg de ikke var legale.

Da denne computer så blev hurtigere efter jeg fik brugerne fjernet, tænkte jeg det var rigtigt.

Der er måske ikke noget der tyder på virus, malware etc?

Administrator
Antal indlæg: 8590

Det er netværks brugere, men prøv at sende en ny log fra OTL herind.

Signatur

Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

Antal indlæg: 12

Her kommer en ny scanning fra OTL.

Jeg har ikke skrevet noget i boksen “Custom Scans/Fixes”

Den spytter dog kun OTL loggen ud og ikke Extra?!?
_________________________________________________________

OTL logfile created on: 15-02-2012 20:14:26 - Run 6
OTL by OldTimer - Version 3.2.31.0   Folder = C:\Users\Jacob From\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

15,98 Gb Total Physical Memory | 13,04 Gb Available Physical Memory | 81,61% Memory free
31,97 Gb Paging File | 29,26 Gb Available in Paging File | 91,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,30 Gb Total Space | 26,49 Gb Free Space | 23,80% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 849,18 Gb Free Space | 91,16% Space Free | Partition Type: NTFS
Drive E: | 1853,01 Gb Total Space | 1343,81 Gb Free Space | 72,52% Space Free | Partition Type: NTFS
Drive F: | 647,28 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 1397,27 Gb Total Space | 505,54 Gb Free Space | 36,18% Space Free | Partition Type: NTFS

Computer Name: JF-NY_PC | User Name: Jacob From | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Jacob From\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Jacob From\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
PRC - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
PRC - C:\Users\Jacob From\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - D:\Program_Files\Malwarebytes’ Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - D:\Program_Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - D:\Program_Files\DAEMON Tools Lite\DTShellHlp.exe (DT Soft Ltd)
PRC - D:\Program_Files\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe (ACD Systems International Inc.)
PRC - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - D:\Program_Files\SuperCopier2\SuperCopier2.exe (SFX TEAM)


========== Modules (No Company Name) ==========

MOD - C:\Users\Jacob From\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Annots.DAN ()
MOD - C:\Users\Jacob From\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_EScript.DAN ()
MOD - C:\Users\Jacob From\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_PPKLite.DAN ()
MOD - C:\Users\Jacob From\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_DigSig.DAN ()
MOD - C:\Users\Jacob From\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_AcroForm.DAN ()
MOD - C:\Users\Jacob From\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.dan ()
MOD - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.DAN ()
MOD - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_dk\brdlang32.DAN ()
MOD - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll ()
MOD - C:\Program Files (x86)\Evernote\Evernote\libtidy.dll ()
MOD - C:\Program Files (x86)\Evernote\Evernote\libxml2.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (cmdAgent)—C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV:64bit: - (CLPSLS)—C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe (COMODO)
SRV:64bit: - (wlcrasvc)—C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend)—C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (Akamai)—c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll ()
SRV - (MBAMService)—D:\Program_Files\Malwarebytes’ Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice)—C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Lavasoft Ad-Aware Service)—C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (nvUpdatusService)—C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service)—C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (KMService)—C:\Windows\SysWOW64\srvany.exe ()
SRV - (!SASCORE)—D:\Program_Files\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV - (IAStorDataMgrSvc) Intel(R)—C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (BBSvc)—C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort)—C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (HPSLPSVC)—C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (clr_optimization_v4.0.30319_32)—C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2)—c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (clr_optimization_v2.0.50727_32)—C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (cmderd)—C:\Windows\SysNative\drivers\cmderd.sys (COMODO)
DRV:64bit: - (dtsoftbus01)—C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (MBAMProtector)—C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Lbd)—C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB)
DRV:64bit: - (NVHDA)—C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (iaStor)—C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RTL8167)—C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                             )
DRV:64bit: - (Netaapl)—C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (USBAAPL64)—C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata)—C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata)—C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (EtronXHCI)—C:\Windows\SysNative\drivers\EtronXHCI.sys (Etron Technology Inc)
DRV:64bit: - (EtronHub3)—C:\Windows\SysNative\drivers\EtronHub3.sys (Etron Technology Inc)
DRV:64bit: - (PxHlpa64)—C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (WDC_SAM)—C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (TsUsbFlt)—C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD)—C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD)—C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (nusb3xhc)—C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub)—C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (MEIx64) Intel(R)—C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (fssfltr)—C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Impcd)—C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (amdsbs)—C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2)—C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor)—C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) Driver til serielt digitalt kamera (stillbilleder)—C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (dc21x4vm)—C:\Windows\SysNative\drivers\dc21x4vm.sys (Microsoft Corp.)
DRV:64bit: - (ebdrv)—C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv)—C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a)—C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir)—C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM)—C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (grmnusb)—C:\Windows\SysNative\drivers\grmnusb.sys (GARMIN Corp.)
DRV - (SASDIFSV)—D:\Program_Files\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL)—D:\Program_Files\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})—D:\Program_Files\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.)
DRV - (WIMMount)—C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASPI)—C:\Windows\SysWOW64\drivers\ASPI32.SYS (Adaptec)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://nmd.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0




IE - HKU\S-1-5-21-2964658577-4209496961-628298702-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nmd.msn.com
IE - HKU\S-1-5-21-2964658577-4209496961-628298702-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-2964658577-4209496961-628298702-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://tv2.dk/
IE - HKU\S-1-5-21-2964658577-4209496961-628298702-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKU\S-1-5-21-2964658577-4209496961-628298702-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” = *.local;127.0.0.1:9421;

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program_Files\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-08-10 18:01:49 | 000,000,000 |—-D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-08-10 18:01:49 | 000,000,000 |—-D | M]


O1 HOSTS File: ([2012-02-14 08:26:17 | 000,000,098 |——| M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1     localhost
O1 - Hosts: ::1     localhost
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [Malwarebytes’ Anti-Malware] D:\Program_Files\Malwarebytes’ Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [WinampAgent] D:\Program_Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [Akamai NetSession Interface] C:\Users\Jacob From\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [DAEMON Tools Lite] D:\Program_Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [Device Detector] DevDetect.exe -autorun File not found
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [SUPERAntiSpyware] D:\Program_Files\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1002..\Run: [SuperCopier2.exe] D:\Program_Files\SuperCopier2\SuperCopier2.exe (SFX TEAM)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2964658577-4209496961-628298702-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Jacob From\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Jacob From\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Jacob From\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: E&xport; to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd; to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: E&xport; to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd; to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra ‘Tools’ menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {7ECB1A47-6647-4B2C-A8DA-675569C9FF15} http://services.soft2print.com/Upload/Aurigma_7_0_37/ImageUploader7.cab (Image Uploader Control)
O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab (iCloud Web App Plugin)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab (e-Safekey)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/WBXclient-T27L10NSP25-10481/webex/ieatgpc1.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1F24CB4A-8DD2-477D-8338-915B03436A27}: DhcpNameServer = 80.251.201.177 80.251.201.178
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{76A2A537-EFA5-4F5E-99B5-14A00A7D4258}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) -C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-12-15 14:00:42 | 000,032,768 | R—- | M] (Steven Blackburn) - F:\autorun.exe—[ CDFS ]
O32 - AutoRun File - [2011-12-15 14:00:42 | 000,000,052 | R—- | M] () - F:\autorun.inf—[ CDFS ]
O32 - AutoRun File - [2009-09-17 12:26:15 | 000,000,000 | RH-D | M] - G:\autorun—[ NTFS ]
O32 - AutoRun File - [2002-10-17 03:56:50 | 000,000,036 | RH—| M] () - G:\autorun.inf—[ NTFS ]
O33 - MountPoints2\{d5c6c642-4854-11e1-9d72-50e5493a665f}\Shell - “” = AutoRun
O33 - MountPoints2\{d5c6c642-4854-11e1-9d72-50e5493a665f}\Shell\AutoRun\command - “” = “I:\WD SmartWare.exe” autoplay=true
O33 - MountPoints2\{d8c67050-be77-11e0-92ef-806e6f6e6963}\Shell - “” = AutoRun
O33 - MountPoints2\{d8c67050-be77-11e0-92ef-806e6f6e6963}\Shell\AutoRun\command - “” = F:\AUTORUN.EXE default.html
O33 - MountPoints2\{fd1fa839-c894-11e0-b1d3-50e5493a665f}\Shell - “” = AutoRun
O33 - MountPoints2\{fd1fa839-c894-11e0-b1d3-50e5493a665f}\Shell\AutoRun\command - “” = I:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open]—“%1” %*
O35:64bit: - HKLM\..exefile [open]—“%1” %*
O35 - HKLM\..comfile [open]—“%1” %*
O35 - HKLM\..exefile [open]—“%1” %*
O37:64bit: - HKLM\...com [@ = comfile]—“%1” %*
O37:64bit: - HKLM\...exe [@ = exefile]—“%1” %*
O37 - HKLM\...com [@ = comfile]—“%1” %*
O37 - HKLM\...exe [@ = exefile]—“%1” %*

========== Files/Folders - Created Within 30 Days ==========

[2012-02-14 08:25:18 | 000,000,000 |—-D | C]—C:\_OTL
[2012-02-12 14:11:28 | 000,584,192 |——| C] (OldTimer Tools)—C:\Users\Jacob From\Desktop\OTL.exe
[2012-02-12 09:43:47 | 000,000,000 |—-D | C]—C:\Users\Jacob From\AppData\Roaming\SUPERAntiSpyware.com
[2012-02-12 09:43:21 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012-02-12 09:43:19 | 000,000,000 |—-D | C]—C:\ProgramData\SUPERAntiSpyware.com
[2012-02-12 08:44:48 | 000,000,000 |—-D | C]—C:\Users\Jacob From\AppData\Roaming\Malwarebytes
[2012-02-12 08:44:31 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes’ Anti-Malware
[2012-02-12 08:44:29 | 000,038,224 |——| C] (Malwarebytes Corporation)—C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2012-02-12 08:44:28 | 000,023,152 |——| C] (Malwarebytes Corporation)—C:\Windows\SysNative\drivers\mbam.sys
[2012-02-12 08:44:28 | 000,000,000 |—-D | C]—C:\ProgramData\Malwarebytes
[2012-02-11 11:41:21 | 000,000,000 |—-D | C]—C:\Program Files (x86)\ESET
[2012-02-11 11:40:22 | 000,000,000 |—-D | C]—C:\Users\Jacob From\Desktop\SWF
[2012-02-06 13:11:30 | 000,000,000 |—-D | C]—C:\Users\Jacob From\Documents\Ansøgninger
[2012-02-06 04:02:08 | 000,000,000 | -HSD | C]—C:\found.000
[2012-02-01 12:39:40 | 000,000,000 |—-D | C]—C:\Users\Jacob From\AppData\Local\{7265FA9C-C3B1-4CE2-AA62-24E832DF3BAA}
[2012-02-01 12:39:30 | 000,000,000 |—-D | C]—C:\Users\Jacob From\AppData\Local\{9DE32923-32D0-45C0-9D91-260CF1D5B7BE}
[2012-02-01 07:54:48 | 001,447,936 |——| C] (Microsoft Corporation)—C:\Windows\SysNative\lsasrv.dll
[2012-02-01 07:54:48 | 000,395,776 |——| C] (Microsoft Corporation)—C:\Windows\SysNative\webio.dll
[2012-02-01 07:54:48 | 000,314,880 |——| C] (Microsoft Corporation)—C:\Windows\SysWow64\webio.dll
[2012-02-01 07:54:48 | 000,136,192 |——| C] (Microsoft Corporation)—C:\Windows\SysNative\sspicli.dll
[2012-02-01 07:54:48 | 000,029,184 |——| C] (Microsoft Corporation)—C:\Windows\SysNative\sspisrv.dll
[2012-02-01 07:54:48 | 000,028,160 |——| C] (Microsoft Corporation)—C:\Windows\SysNative\secur32.dll
[2012-01-26 21:09:14 | 000,000,000 |—-D | C]—C:\Windows\Minidump
[2012-01-26 21:06:45 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2012-01-25 08:33:00 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SE-DesktopConstructor
[2012-01-20 19:35:37 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012-01-20 19:35:29 | 000,000,000 |—-D | C]—C:\Program Files\iTunes
[2012-01-20 19:35:29 | 000,000,000 |—-D | C]—C:\Program Files\iPod
[2012-01-17 16:34:15 | 000,000,000 |—-D | C]—C:\Users\Jacob From\AppData\Roaming\webex
[2012-01-17 16:32:20 | 000,000,000 |—-D | C]—C:\ProgramData\WebEx

========== Files - Modified Within 30 Days ==========

[2012-02-15 20:13:01 | 001,474,832 |——| M] ()—C:\Windows\SysNative\drivers\sfi.dat
[2012-02-15 20:10:11 | 000,020,512 | -H—| M] ()—C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-02-15 20:10:11 | 000,020,512 | -H—| M] ()—C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-02-15 20:09:30 | 001,273,032 |——| M] ()—C:\Windows\SysNative\PerfStringBackup.INI
[2012-02-15 20:09:30 | 000,618,714 |——| M] ()—C:\Windows\SysNative\perfh009.dat
[2012-02-15 20:09:30 | 000,473,120 |——| M] ()—C:\Windows\SysNative\perfh006.dat
[2012-02-15 20:09:30 | 000,107,034 |——| M] ()—C:\Windows\SysNative\perfc009.dat
[2012-02-15 20:09:30 | 000,080,728 |——| M] ()—C:\Windows\SysNative\perfc006.dat
[2012-02-15 20:03:06 | 000,000,936 |——| M] ()—C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-02-15 20:03:05 | 000,067,584 |—S- | M] ()—C:\Windows\bootstat.dat
[2012-02-15 20:03:04 | 4281,683,966 | -HS- | M] ()—C:\hiberfil.sys
[2012-02-15 20:00:00 | 000,000,940 |——| M] ()—C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-02-14 08:26:17 | 000,000,098 |——| M] ()—C:\Windows\SysNative\drivers\etc\Hosts
[2012-02-13 21:16:31 | 000,000,064 |——| M] ()—C:\Windows\SysWow64\rp_stats.dat
[2012-02-13 21:16:31 | 000,000,044 |——| M] ()—C:\Windows\SysWow64\rp_rules.dat
[2012-02-13 11:41:31 | 000,001,467 |——| M] ()—C:\Users\Jacob From\Desktop\iTunes.lnk
[2012-02-12 18:28:43 | 000,458,240 |——| M] ()—C:\Users\Jacob From\Desktop\CKScanner.exe
[2012-02-12 18:28:23 | 000,000,163 |——| M] ()—C:\Users\Jacob From\Desktop\spywarefri_dk.htm
[2012-02-12 14:11:31 | 000,584,192 |——| M] (OldTimer Tools)—C:\Users\Jacob From\Desktop\OTL.exe
[2012-02-12 12:06:17 | 000,026,112 |——| M] ()—C:\Users\Jacob From\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-02-05 13:56:13 | 000,000,132 |——| M] ()—C:\Windows\wininit.ini
[2012-02-05 13:56:10 | 000,001,040 |——| M] ()—C:\Users\Jacob From\Desktop\Dropbox.lnk
[2012-02-05 13:56:10 | 000,001,020 |——| M] ()—C:\Users\Jacob From\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012-02-01 12:37:59 | 000,013,425 |——| M] ()—C:\Users\Jacob From\Desktop\Essilor_A_C.jpg
[2012-02-01 11:59:30 | 000,069,277 |——| M] ()—C:\Users\Jacob From\Desktop\https___mail.essilor.com_exchange_FROMJ_Sendt post_SV_ Warranty Card and folders.pdf
[2012-02-01 08:57:00 | 003,351,182 |——| M] ()—C:\Users\Jacob From\Desktop\Marketingplan 2012_DK_v1.pdf
[2012-01-26 21:07:19 | 000,020,054 |——| M] ()—C:\Windows\Q-Dir.ini

========== Files Created - No Company Name ==========

[2012-02-13 11:41:31 | 000,001,467 |——| C] ()—C:\Users\Jacob From\Desktop\iTunes.lnk
[2012-02-12 18:28:38 | 000,458,240 |——| C] ()—C:\Users\Jacob From\Desktop\CKScanner.exe
[2012-02-12 18:28:22 | 000,000,163 |——| C] ()—C:\Users\Jacob From\Desktop\spywarefri_dk.htm
[2012-02-05 13:56:13 | 000,000,132 |——| C] ()—C:\Windows\wininit.ini
[2012-02-01 12:37:59 | 000,013,425 |——| C] ()—C:\Users\Jacob From\Desktop\Essilor_A_C.jpg
[2012-02-01 11:59:29 | 000,069,277 |——| C] ()—C:\Users\Jacob From\Desktop\https___mail.essilor.com_exchange_FROMJ_Sendt post_SV_ Warranty Card and folders.pdf
[2012-02-01 08:57:00 | 003,351,182 |——| C] ()—C:\Users\Jacob From\Desktop\Marketingplan 2012_DK_v1.pdf
[2011-12-14 22:05:09 | 001,289,942 |——| C] ()—C:\Windows\SysWow64\PerfStringBackup.INI
[2011-12-09 19:16:34 | 000,000,064 |——| C] ()—C:\Windows\SysWow64\rp_stats.dat
[2011-12-09 19:16:34 | 000,000,044 |——| C] ()—C:\Windows\SysWow64\rp_rules.dat
[2011-11-03 11:58:12 | 000,761,856 |——| C] ()—C:\Windows\SysWow64\xvidcore.dll
[2011-11-03 11:58:12 | 000,159,744 |——| C] ()—C:\Windows\SysWow64\xvidvfw.dll
[2011-11-03 11:58:12 | 000,074,752 |——| C] ()—C:\Windows\SysWow64\ff_vfw.dll
[2011-10-19 21:25:26 | 000,162,440 |——| C] ()—C:\Windows\SysWow64\AirfoilInject3.dll
[2011-10-14 23:54:52 | 000,321,856 |——| C] ()—C:\Windows\SysWow64\nvStreaming.exe
[2011-08-31 18:55:38 | 000,008,192 |——| C] ()—C:\Windows\SysWow64\srvany.exe
[2011-08-25 18:21:11 | 000,020,054 |——| C] ()—C:\Windows\Q-Dir.ini
[2011-08-23 20:51:54 | 000,026,112 |——| C] ()—C:\Users\Jacob From\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-08-10 17:59:31 | 000,216,675 |——| C] ()—C:\Windows\hpoins43.dat
[2011-08-10 17:59:31 | 000,000,601 |——| C] ()—C:\Windows\hpomdl43.dat
[2011-08-08 09:33:42 | 000,175,616 |——| C] ()—C:\Windows\SysWow64\unrar.dll
[2011-08-06 13:36:10 | 000,020,992 |——| C] ()—C:\Windows\jestertb.dll
[2011-08-04 09:59:33 | 000,008,192 |——| C] ()—C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011-02-10 05:03:48 | 000,000,326 |——| C] ()—C:\Windows\primopdf.ini
[2009-07-14 06:38:36 | 000,067,584 |—S- | C] ()—C:\Windows\bootstat.dat
[2009-07-14 03:35:51 | 000,000,741 |——| C] ()—C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 03:34:42 | 000,215,943 |——| C] ()—C:\Windows\SysWow64\dssec.dat
[2009-07-14 01:10:29 | 000,043,131 |——| C] ()—C:\Windows\mib.bin
[2009-07-14 00:42:10 | 000,064,000 |——| C] ()—C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 22:03:59 | 000,364,544 |——| C] ()—C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 22:26:10 | 000,673,088 |——| C] ()—C:\Windows\SysWow64\mlang.dat

< End of report >

Administrator
Antal indlæg: 8590

Den spytter dog kun OTL loggen ud og ikke Extra?!?

Den laver kun Ekstas.txt første gang excaim

———

Det ser stadig ud som om du kører med to antivirus question

———

Find og upload nedenstående hos Jotti eller Virustotal:

C:\Windows\SysWOW64\srvany.exe

http://virusscan.jotti.org/ - http://www.virustotal.com/

Kopier resultatet herind som link, eller MD5 Checksum.

———

Download Tdsskiller.zip på dit skrivebord og pak den ud i en mappe.

Kør TDSSKiller.exe -> Klik på “Start Scan”

Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator.

Hvis en inficeret fil bliver fundet, vil ”Default action” være Cure, klik på Continue
Hvis en mistænkelig fil opdages, vil ”Default action” være Skip, klik på Continue
Hvis den ikke spørger om ”Reboot” (genstart) så klik på ”Report”, kopier den tekst herind i tråden.

Genstart hvis den kræver det.

Hvis den genstarter kan du finde logfilen her :
C:\TDSSKiller.[Version]_[Dato]_[Tidspunkt]_log.txt.

Kopier den tekst herind I denne tråd.

Signatur

Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

Antal indlæg: 12

Jeg synes nu kun jeg kører med Comodo som antivirus. oh oh
Hvilket program er det andet du kan se question
____________________________

Jotti: Finder umiddelbart ikke noget.
MD5: 4635935fc972c582632bf45c26bfcb0e

Virustotal: TheHacker er den eneste der melder virus (Trojan/FlyStudio.bo))
link: https://www.virustotal.com/file/abd4afd71b3c2bd3f741bbe3cec52c4fa63ac78d353101d2e7dc4de2725d1ca1/analysis/1329408231/
____________________________

TDSSkiller finder ikke noget.

Her er loggen:
——————————————————————————————————————————
17:15:57.0980 5440   TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
17:15:58.0140 5440   ============================================================
17:15:58.0140 5440   Current date / time: 2012/02/16 17:15:58.0140
17:15:58.0140 5440   SystemInfo:
17:15:58.0140 5440  
17:15:58.0140 5440   OS Version: 6.1.7601 ServicePack: 1.0
17:15:58.0140 5440   Product type: Workstation
17:15:58.0140 5440   ComputerName: JF-NY_PC
17:15:58.0140 5440   UserName: Jacob From
17:15:58.0140 5440   Windows directory: C:\Windows
17:15:58.0140 5440   System windows directory: C:\Windows
17:15:58.0140 5440   Running under WOW64
17:15:58.0140 5440   Processor architecture: Intel x64
17:15:58.0140 5440   Number of processors: 8
17:15:58.0140 5440   Page size: 0x1000
17:15:58.0140 5440   Boot type: Normal boot
17:15:58.0140 5440   ============================================================
17:15:58.0450 5440   Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘K0’, Flags 0x00000040
17:15:58.0860 5440   Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘K0’, Flags 0x00000040
17:15:58.0870 5440   Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x8981, SectorsPerTrack: 0x1E, TracksPerCylinder: 0xDE, Type ‘K0’, Flags 0x00000040
17:15:58.0870 5440   Drive \Device\Harddisk3\DR3 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘W’
17:16:05.0210 5440   Drive \Device\Harddisk4\DR4 - Size: 0xE8DED00000 (931.48 Gb), SectorSize: 0x200, Cylinders: 0x1DAFD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘W’
17:16:05.0510 5440   \Device\Harddisk1\DR1:
17:16:05.0510 5440   MBR used
17:16:05.0510 5440   \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
17:16:05.0510 5440   \Device\Harddisk2\DR2:
17:16:05.0510 5440   MBR used
17:16:05.0510 5440   \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE7A07800
17:16:05.0510 5440   \Device\Harddisk0\DR0:
17:16:05.0510 5440   MBR used
17:16:05.0510 5440   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
17:16:05.0510 5440   \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0xDE99800
17:16:05.0510 5440   \Device\Harddisk3\DR3:
17:16:05.0510 5440   MBR used
17:16:05.0510 5440   \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xAEA87AF0
17:16:05.0510 5440   \Device\Harddisk4\DR4:
17:16:05.0510 5440   MBR used
17:16:05.0510 5440   \Device\Harddisk4\DR4\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x746F6000
17:16:05.0610 5440   Initialize success
17:16:05.0610 5440   ============================================================
17:16:13.0300 6956   ============================================================
17:16:13.0300 6956   Scan started
17:16:13.0300 6956   Mode: Manual;
17:16:13.0300 6956   ============================================================
17:16:13.0580 6956   1394ohci     (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
17:16:13.0580 6956   1394ohci - ok
17:16:13.0590 6956   ACPI         (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:16:13.0590 6956   ACPI - ok
17:16:13.0600 6956   AcpiPmi       (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:16:13.0600 6956   AcpiPmi - ok
17:16:13.0610 6956   adp94xx       (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:16:13.0610 6956   adp94xx - ok
17:16:13.0620 6956   adpahci       (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:16:13.0620 6956   adpahci - ok
17:16:13.0630 6956   adpu320       (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:16:13.0630 6956   adpu320 - ok
17:16:13.0650 6956   AFD         (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
17:16:13.0650 6956   AFD - ok
17:16:13.0660 6956   agp440       (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:16:13.0660 6956   agp440 - ok
17:16:13.0660 6956   aliide       (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:16:13.0670 6956   aliide - ok
17:16:13.0670 6956   amdide       (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:16:13.0670 6956   amdide - ok
17:16:13.0680 6956   AmdK8       (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:16:13.0680 6956   AmdK8 - ok
17:16:13.0690 6956   AmdPPM       (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
17:16:13.0690 6956   AmdPPM - ok
17:16:13.0700 6956   amdsata       (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:16:13.0700 6956   amdsata - ok
17:16:13.0700 6956   amdsbs       (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:16:13.0710 6956   amdsbs - ok
17:16:13.0710 6956   amdxata       (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:16:13.0710 6956   amdxata - ok
17:16:13.0720 6956   AppID       (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:16:13.0720 6956   AppID - ok
17:16:13.0730 6956   arc         (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:16:13.0740 6956   arc - ok
17:16:13.0740 6956   arcsas       (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:16:13.0740 6956   arcsas - ok
17:16:13.0750 6956   ASPI - ok
17:16:13.0760 6956   AsyncMac     (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:16:13.0760 6956   AsyncMac - ok
17:16:13.0760 6956   atapi       (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:16:13.0760 6956   atapi - ok
17:16:13.0780 6956   b06bdrv       (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:16:13.0790 6956   b06bdrv - ok
17:16:13.0800 6956   b57nd60a     (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:16:13.0800 6956   b57nd60a - ok
17:16:13.0810 6956   Beep         (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:16:13.0810 6956   Beep - ok
17:16:13.0820 6956   blbdrive     (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:16:13.0820 6956   blbdrive - ok
17:16:13.0830 6956   bowser       (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:16:13.0840 6956   bowser - ok
17:16:13.0840 6956   BrFiltLo     (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:16:13.0840 6956   BrFiltLo - ok
17:16:13.0850 6956   BrFiltUp     (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:16:13.0850 6956   BrFiltUp - ok
17:16:13.0860 6956   Brserid       (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:16:13.0860 6956   Brserid - ok
17:16:13.0870 6956   BrSerWdm     (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:16:13.0870 6956   BrSerWdm - ok
17:16:13.0880 6956   BrUsbMdm     (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:16:13.0880 6956   BrUsbMdm - ok
17:16:13.0880 6956   BrUsbSer     (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:16:13.0880 6956   BrUsbSer - ok
17:16:13.0890 6956   BTHMODEM     (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
17:16:13.0890 6956   BTHMODEM - ok
17:16:13.0900 6956   cdfs         (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:16:13.0900 6956   cdfs - ok
17:16:13.0910 6956   cdrom       (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:16:13.0910 6956   cdrom - ok
17:16:13.0920 6956   circlass     (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
17:16:13.0920 6956   circlass - ok
17:16:13.0930 6956   CLFS         (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:16:13.0940 6956   CLFS - ok
17:16:13.0950 6956   CmBatt       (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
17:16:13.0950 6956   CmBatt - ok
17:16:13.0960 6956   cmderd       (fa26df95bfbeccbd44c961834789c549) C:\Windows\system32\DRIVERS\cmderd.sys
17:16:13.0960 6956   cmderd - ok
17:16:13.0980 6956   cmdGuard     (755f1e440b6c90d83fe3e50331e55298) C:\Windows\system32\DRIVERS\cmdguard.sys
17:16:13.0980 6956   cmdGuard - ok
17:16:13.0990 6956   cmdHlp       (4b5b1688ab86ebced4bef8d337e9a722) C:\Windows\system32\DRIVERS\cmdhlp.sys
17:16:13.0990 6956   cmdHlp - ok
17:16:14.0000 6956   cmdide       (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:16:14.0000 6956   cmdide - ok
17:16:14.0010 6956   CNG         (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:16:14.0010 6956   CNG - ok
17:16:14.0020 6956   Compbatt     (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
17:16:14.0020 6956   Compbatt - ok
17:16:14.0030 6956   CompositeBus   (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:16:14.0030 6956   CompositeBus - ok
17:16:14.0040 6956   crcdisk       (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:16:14.0040 6956   crcdisk - ok
17:16:14.0050 6956   dc21x4vm     (ad227ce1e1a558853ffa1f7eb40e21e0) C:\Windows\system32\DRIVERS\dc21x4vm.sys
17:16:14.0050 6956   dc21x4vm - ok
17:16:14.0060 6956   DfsC         (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:16:14.0060 6956   DfsC - ok
17:16:14.0070 6956   discache     (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:16:14.0070 6956   discache - ok
17:16:14.0080 6956   Disk         (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:16:14.0080 6956   Disk - ok
17:16:14.0090 6956   drmkaud       (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:16:14.0090 6956   drmkaud - ok
17:16:14.0100 6956   dtsoftbus01   (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:16:14.0110 6956   dtsoftbus01 - ok
17:16:14.0120 6956   DXGKrnl       (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:16:14.0130 6956   DXGKrnl - ok
17:16:14.0170 6956   ebdrv       (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:16:14.0210 6956   ebdrv - ok
17:16:14.0220 6956   elxstor       (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:16:14.0230 6956   elxstor - ok
17:16:14.0240 6956   ErrDev       (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:16:14.0240 6956   ErrDev - ok
17:16:14.0250 6956   EtronHub3     (3663291d0d26001a2bb67678ab61d14c) C:\Windows\system32\Drivers\EtronHub3.sys
17:16:14.0250 6956   EtronHub3 - ok
17:16:14.0250 6956   EtronXHCI     (744420d6c062c38f7361870f010d6d4b) C:\Windows\system32\Drivers\EtronXHCI.sys
17:16:14.0260 6956   EtronXHCI - ok
17:16:14.0270 6956   exfat       (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:16:14.0270 6956   exfat - ok
17:16:14.0280 6956   fastfat       (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:16:14.0280 6956   fastfat - ok
17:16:14.0290 6956   fdc         (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:16:14.0290 6956   fdc - ok
17:16:14.0290 6956   FileInfo     (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:16:14.0300 6956   FileInfo - ok
17:16:14.0300 6956   Filetrace     (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:16:14.0300 6956   Filetrace - ok
17:16:14.0310 6956   flpydisk     (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:16:14.0310 6956   flpydisk - ok
17:16:14.0310 6956   FltMgr       (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:16:14.0320 6956   FltMgr - ok
17:16:14.0330 6956   FsDepends     (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:16:14.0330 6956   FsDepends - ok
17:16:14.0330 6956   fssfltr       (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
17:16:14.0330 6956   fssfltr - ok
17:16:14.0340 6956   Fs_Rec       (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:16:14.0340 6956   Fs_Rec - ok
17:16:14.0350 6956   fvevol       (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:16:14.0350 6956   fvevol - ok
17:16:14.0360 6956   gagp30kx     (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:16:14.0360 6956   gagp30kx - ok
17:16:14.0360 6956   GEARAspiWDM   (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:16:14.0370 6956   GEARAspiWDM - ok
17:16:14.0370 6956   grmnusb       (2ed7ff3e1ada4092632393781518b3a7) C:\Windows\system32\drivers\grmnusb.sys
17:16:14.0370 6956   grmnusb - ok
17:16:14.0380 6956   hcw85cir     (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:16:14.0380 6956   hcw85cir - ok
17:16:14.0390 6956   HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:16:14.0400 6956   HdAudAddService - ok
17:16:14.0400 6956   HDAudBus     (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:16:14.0410 6956   HDAudBus - ok
17:16:14.0410 6956   HidBatt       (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
17:16:14.0410 6956   HidBatt - ok
17:16:14.0420 6956   HidBth       (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
17:16:14.0420 6956   HidBth - ok
17:16:14.0420 6956   HidIr       (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:16:14.0420 6956   HidIr - ok
17:16:14.0430 6956   HidUsb       (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:16:14.0430 6956   HidUsb - ok
17:16:14.0450 6956   HpSAMD       (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:16:14.0450 6956   HpSAMD - ok
17:16:14.0460 6956   HTTP         (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:16:14.0470 6956   HTTP - ok
17:16:14.0470 6956   hwpolicy     (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:16:14.0480 6956   hwpolicy - ok
17:16:14.0480 6956   i8042prt     (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:16:14.0490 6956   i8042prt - ok
17:16:14.0500 6956   iaStor       (2fdaec4b02729c48c0fd1b0b4695995b) C:\Windows\system32\DRIVERS\iaStor.sys
17:16:14.0500 6956   iaStor - ok
17:16:14.0520 6956   iaStorV       (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:16:14.0520 6956   iaStorV - ok
17:16:14.0530 6956   iirsp       (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:16:14.0530 6956   iirsp - ok
17:16:14.0540 6956   Impcd       (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
17:16:14.0540 6956   Impcd - ok
17:16:14.0550 6956   inspect       (efff0afd27cc97bf0e5e0bab78419de7) C:\Windows\system32\DRIVERS\inspect.sys
17:16:14.0550 6956   inspect - ok
17:16:14.0590 6956   IntcAzAudAddService (26407a11d7e222afb7ce32700abbd9d1) C:\Windows\system32\drivers\RTKVHD64.sys
17:16:14.0610 6956   IntcAzAudAddService - ok
17:16:14.0620 6956   intelide     (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:16:14.0620 6956   intelide - ok
17:16:14.0620 6956   intelppm     (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:16:14.0630 6956   intelppm - ok
17:16:14.0630 6956   IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:16:14.0640 6956   IpFilterDriver - ok
17:16:14.0640 6956   IPMIDRV       (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:16:14.0650 6956   IPMIDRV - ok
17:16:14.0650 6956   IPNAT       (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:16:14.0650 6956   IPNAT - ok
17:16:14.0660 6956   IRENUM       (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:16:14.0660 6956   IRENUM - ok
17:16:14.0670 6956   isapnp       (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:16:14.0670 6956   isapnp - ok
17:16:14.0680 6956   iScsiPrt     (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:16:14.0680 6956   iScsiPrt - ok
17:16:14.0690 6956   kbdclass     (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:16:14.0690 6956   kbdclass - ok
17:16:14.0700 6956   kbdhid       (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
17:16:14.0700 6956   kbdhid - ok
17:16:14.0710 6956   KSecDD       (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:16:14.0710 6956   KSecDD - ok
17:16:14.0720 6956   KSecPkg       (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:16:14.0720 6956   KSecPkg - ok
17:16:14.0730 6956   ksthunk       (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:16:14.0730 6956   ksthunk - ok
17:16:14.0740 6956   Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
17:16:14.0740 6956   Lavasoft Kernexplorer - ok
17:16:14.0750 6956   Lbd         (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys
17:16:14.0750 6956   Lbd - ok
17:16:14.0760 6956   lltdio       (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:16:14.0760 6956   lltdio - ok
17:16:14.0770 6956   LSI_FC       (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:16:14.0780 6956   LSI_FC - ok
17:16:14.0780 6956   LSI_SAS       (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:16:14.0780 6956   LSI_SAS - ok
17:16:14.0790 6956   LSI_SAS2     (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:16:14.0790 6956   LSI_SAS2 - ok
17:16:14.0800 6956   LSI_SCSI     (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:16:14.0800 6956   LSI_SCSI - ok
17:16:14.0810 6956   luafv       (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:16:14.0810 6956   luafv - ok
17:16:14.0820 6956   MBAMProtector   (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
17:16:14.0820 6956   MBAMProtector - ok
17:16:14.0830 6956   megasas       (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:16:14.0830 6956   megasas - ok
17:16:14.0840 6956   MegaSR       (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:16:14.0850 6956   MegaSR - ok
17:16:14.0850 6956   MEIx64       (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
17:16:14.0860 6956   MEIx64 - ok
17:16:14.0870 6956   Modem       (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:16:14.0870 6956   Modem - ok
17:16:14.0870 6956   monitor       (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:16:14.0870 6956   monitor - ok
17:16:14.0880 6956   mouclass     (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:16:14.0880 6956   mouclass - ok
17:16:14.0890 6956   mouhid       (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:16:14.0890 6956   mouhid - ok
17:16:14.0900 6956   mountmgr     (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:16:14.0900 6956   mountmgr - ok
17:16:14.0910 6956   mpio         (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:16:14.0910 6956   mpio - ok
17:16:14.0920 6956   mpsdrv       (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:16:14.0920 6956   mpsdrv - ok
17:16:14.0930 6956   MRxDAV       (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:16:14.0930 6956   MRxDAV - ok
17:16:14.0940 6956   mrxsmb       (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:16:14.0940 6956   mrxsmb - ok
17:16:14.0950 6956   mrxsmb10     (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:16:14.0950 6956   mrxsmb10 - ok
17:16:14.0960 6956   mrxsmb20     (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:16:14.0960 6956   mrxsmb20 - ok
17:16:14.0970 6956   msahci       (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:16:14.0970 6956   msahci - ok
17:16:14.0980 6956   msdsm       (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:16:14.0980 6956   msdsm - ok
17:16:15.0000 6956   Msfs         (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:16:15.0000 6956   Msfs - ok
17:16:15.0000 6956   mshidkmdf     (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:16:15.0000 6956   mshidkmdf - ok
17:16:15.0010 6956   msisadrv     (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:16:15.0010 6956   msisadrv - ok
17:16:15.0020 6956   MSKSSRV       (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:16:15.0020 6956   MSKSSRV - ok
17:16:15.0030 6956   MSPCLOCK     (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:16:15.0030 6956   MSPCLOCK - ok
17:16:15.0040 6956   MSPQM       (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:16:15.0040 6956   MSPQM - ok
17:16:15.0050 6956   MsRPC       (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:16:15.0050 6956   MsRPC - ok
17:16:15.0060 6956   mssmbios     (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:16:15.0060 6956   mssmbios - ok
17:16:15.0070 6956   MSTEE       (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:16:15.0070 6956   MSTEE - ok
17:16:15.0080 6956   MTConfig     (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:16:15.0080 6956   MTConfig - ok
17:16:15.0080 6956   Mup         (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:16:15.0080 6956   Mup - ok
17:16:15.0100 6956   NativeWifiP   (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:16:15.0100 6956   NativeWifiP - ok
17:16:15.0120 6956   NDIS         (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:16:15.0130 6956   NDIS - ok
17:16:15.0130 6956   NdisCap       (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:16:15.0130 6956   NdisCap - ok
17:16:15.0140 6956   NdisTapi     (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:16:15.0140 6956   NdisTapi - ok
17:16:15.0150 6956   Ndisuio       (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:16:15.0150 6956   Ndisuio - ok
17:16:15.0160 6956   NdisWan       (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:16:15.0160 6956   NdisWan - ok
17:16:15.0170 6956   NDProxy       (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:16:15.0170 6956   NDProxy - ok
17:16:15.0180 6956   Netaapl       (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
17:16:15.0180 6956   Netaapl - ok
17:16:15.0190 6956   NetBIOS       (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:16:15.0190 6956   NetBIOS - ok
17:16:15.0200 6956   NetBT       (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:16:15.0200 6956   NetBT - ok
17:16:15.0220 6956   nfrd960       (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:16:15.0220 6956   nfrd960 - ok
17:16:15.0230 6956   Npfs         (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:16:15.0230 6956   Npfs - ok
17:16:15.0240 6956   nsiproxy     (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:16:15.0240 6956   nsiproxy - ok
17:16:15.0270 6956   Ntfs         (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:16:15.0290 6956   Ntfs - ok
17:16:15.0300 6956   Null         (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:16:15.0300 6956   Null - ok
17:16:15.0300 6956   nusb3hub     (a7127e86f9ffe2a53e271b56b2c4cedf) C:\Windows\system32\drivers\nusb3hub.sys
17:16:15.0310 6956   nusb3hub - ok
17:16:15.0310 6956   nusb3xhc     (49bbec6f48d5f9284b03abf3a959b19b) C:\Windows\system32\drivers\nusb3xhc.sys
17:16:15.0320 6956   nusb3xhc - ok
17:16:15.0320 6956   NVHDA       (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys
17:16:15.0330 6956   NVHDA - ok
17:16:15.0470 6956   nvlddmkm     (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:16:15.0540 6956   nvlddmkm - ok
17:16:15.0550 6956   nvraid       (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:16:15.0550 6956   nvraid - ok
17:16:15.0560 6956   nvstor       (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:16:15.0560 6956   nvstor - ok
17:16:15.0580 6956   nv_agp       (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:16:15.0580 6956   nv_agp - ok
17:16:15.0580 6956   ohci1394     (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:16:15.0580 6956   ohci1394 - ok
17:16:15.0600 6956   Parport       (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
17:16:15.0600 6956   Parport - ok
17:16:15.0610 6956   partmgr       (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:16:15.0610 6956   partmgr - ok
17:16:15.0620 6956   pci         (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:16:15.0620 6956   pci - ok
17:16:15.0630 6956   pciide       (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:16:15.0630 6956   pciide - ok
17:16:15.0630 6956   pcmcia       (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:16:15.0640 6956   pcmcia - ok
17:16:15.0640 6956   pcw         (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:16:15.0640 6956   pcw - ok
17:16:15.0660 6956   PEAUTH       (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:16:15.0660 6956   PEAUTH - ok
17:16:15.0700 6956   PptpMiniport   (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:16:15.0710 6956   PptpMiniport - ok
17:16:15.0710 6956   Processor     (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:16:15.0710 6956   Processor - ok
17:16:15.0730 6956   Psched       (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:16:15.0730 6956   Psched - ok
17:16:15.0740 6956   PxHlpa64     (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
17:16:15.0740 6956   PxHlpa64 - ok
17:16:15.0770 6956   ql2300       (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:16:15.0780 6956   ql2300 - ok
17:16:15.0790 6956   ql40xx       (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:16:15.0790 6956   ql40xx - ok
17:16:15.0800 6956   QWAVEdrv     (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:16:15.0800 6956   QWAVEdrv - ok
17:16:15.0810 6956   RasAcd       (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:16:15.0810 6956   RasAcd - ok
17:16:15.0820 6956   RasAgileVpn   (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:16:15.0820 6956   RasAgileVpn - ok
17:16:15.0830 6956   Rasl2tp       (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:16:15.0830 6956   Rasl2tp - ok
17:16:15.0840 6956   RasPppoe     (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:16:15.0850 6956   RasPppoe - ok
17:16:15.0850 6956   RasSstp       (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:16:15.0860 6956   RasSstp - ok
17:16:15.0870 6956   rdbss       (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:16:15.0870 6956   rdbss - ok
17:16:15.0880 6956   rdpbus       (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
17:16:15.0880 6956   rdpbus - ok
17:16:15.0890 6956   RDPCDD       (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:16:15.0890 6956   RDPCDD - ok
17:16:15.0900 6956   RDPENCDD     (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:16:15.0900 6956   RDPENCDD - ok
17:16:15.0910 6956   RDPREFMP     (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:16:15.0910 6956   RDPREFMP - ok
17:16:15.0920 6956   RDPWD       (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
17:16:15.0920 6956   RDPWD - ok
17:16:15.0930 6956   rdyboost     (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:16:15.0930 6956   rdyboost - ok
17:16:15.0960 6956   rspndr       (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:16:15.0960 6956   rspndr - ok
17:16:15.0970 6956   RTL8167       (e50cfb92986dcab49de93788fd695813) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:16:15.0980 6956   RTL8167 - ok
17:16:16.0020 6956   SASDIFSV     (3289766038db2cb14d07dc84392138d5) D:\Program_Files\SASDIFSV64.SYS
17:16:16.0020 6956   SASDIFSV - ok
17:16:16.0040 6956   SASKUTIL     (58a38e75f3316a83c23df6173d41f2b5) D:\Program_Files\SASKUTIL64.SYS
17:16:16.0040 6956   SASKUTIL - ok
17:16:16.0050 6956   sbp2port     (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:16:16.0050 6956   sbp2port - ok
17:16:16.0060 6956   scfilter     (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:16:16.0060 6956   scfilter - ok
17:16:16.0080 6956   secdrv       (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:16:16.0080 6956   secdrv - ok
17:16:16.0100 6956   Serenum       (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:16:16.0100 6956   Serenum - ok
17:16:16.0110 6956   Serial       (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:16:16.0110 6956   Serial - ok
17:16:16.0120 6956   sermouse     (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:16:16.0120 6956   sermouse - ok
17:16:16.0140 6956   sffdisk       (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:16:16.0140 6956   sffdisk - ok
17:16:16.0140 6956   sffp_mmc     (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:16:16.0140 6956   sffp_mmc - ok
17:16:16.0150 6956   sffp_sd       (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:16:16.0150 6956   sffp_sd - ok
17:16:16.0160 6956   sfloppy       (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:16:16.0160 6956   sfloppy - ok
17:16:16.0170 6956   SiSRaid2     (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:16:16.0180 6956   SiSRaid2 - ok
17:16:16.0180 6956   SiSRaid4     (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:16:16.0180 6956   SiSRaid4 - ok
17:16:16.0190 6956   Smb         (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:16:16.0190 6956   Smb - ok
17:16:16.0210 6956   spldr       (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:16:16.0210 6956   spldr - ok
17:16:16.0230 6956   srv         (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:16:16.0240 6956   srv - ok
17:16:16.0250 6956   srv2         (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:16:16.0260 6956   srv2 - ok
17:16:16.0270 6956   srvnet       (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:16:16.0270 6956   srvnet - ok
17:16:16.0280 6956   stexstor     (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:16:16.0280 6956   stexstor - ok
17:16:16.0290 6956   StillCam     (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
17:16:16.0290 6956   StillCam - ok
17:16:16.0300 6956   swenum       (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:16:16.0300 6956   swenum - ok
17:16:16.0340 6956   Tcpip       (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
17:16:16.0350 6956   Tcpip - ok
17:16:16.0380 6956   TCPIP6       (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
17:16:16.0390 6956   TCPIP6 - ok
17:16:16.0400 6956   tcpipreg     (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:16:16.0400 6956   tcpipreg - ok
17:16:16.0410 6956   TDPIPE       (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:16:16.0410 6956   TDPIPE - ok
17:16:16.0420 6956   TDTCP       (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
17:16:16.0420 6956   TDTCP - ok
17:16:16.0420 6956   tdx         (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:16:16.0430 6956   tdx - ok
17:16:16.0430 6956   TermDD       (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
17:16:16.0430 6956   TermDD - ok
17:16:16.0450 6956   tssecsrv     (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:16:16.0460 6956   tssecsrv - ok
17:16:16.0460 6956   TsUsbFlt     (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:16:16.0460 6956   TsUsbFlt - ok
17:16:16.0470 6956   TsUsbGD       (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
17:16:16.0470 6956   TsUsbGD - ok
17:16:16.0480 6956   tunnel       (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:16:16.0480 6956   tunnel - ok
17:16:16.0490 6956   uagp35       (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:16:16.0490 6956   uagp35 - ok
17:16:16.0500 6956   udfs         (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:16:16.0500 6956   udfs - ok
17:16:16.0520 6956   uliagpkx     (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:16:16.0530 6956   uliagpkx - ok
17:16:16.0530 6956   umbus       (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:16:16.0530 6956   umbus - ok
17:16:16.0540 6956   UmPass       (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:16:16.0540 6956   UmPass - ok
17:16:16.0550 6956   USBAAPL64     (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
17:16:16.0560 6956   USBAAPL64 - ok
17:16:16.0560 6956   usbccgp       (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:16:16.0570 6956   usbccgp - ok
17:16:16.0570 6956   usbcir       (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:16:16.0580 6956   usbcir - ok
17:16:16.0580 6956   usbehci       (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
17:16:16.0590 6956   usbehci - ok
17:16:16.0600 6956   usbhub       (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:16:16.0600 6956   usbhub - ok
17:16:16.0610 6956   usbohci       (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:16:16.0610 6956   usbohci - ok
17:16:16.0620 6956   usbprint     (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
17:16:16.0620 6956   usbprint - ok
17:16:16.0630 6956   USBSTOR       (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:16:16.0630 6956   USBSTOR - ok
17:16:16.0640 6956   usbuhci       (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:16:16.0640 6956   usbuhci - ok
17:16:16.0650 6956   usbvideo     (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
17:16:16.0650 6956   usbvideo - ok
17:16:16.0670 6956   vdrvroot     (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:16:16.0670 6956   vdrvroot - ok
17:16:16.0680 6956   vga         (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:16:16.0680 6956   vga - ok
17:16:16.0690 6956   VgaSave       (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:16:16.0690 6956   VgaSave - ok
17:16:16.0700 6956   vhdmp       (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:16:16.0700 6956   vhdmp - ok
17:16:16.0710 6956   viaide       (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:16:16.0710 6956   viaide - ok
17:16:16.0720 6956   volmgr       (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:16:16.0720 6956   volmgr - ok
17:16:16.0730 6956   volmgrx       (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:16:16.0740 6956   volmgrx - ok
17:16:16.0750 6956   volsnap       (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:16:16.0750 6956   volsnap - ok
17:16:16.0760 6956   vsmraid       (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:16:16.0760 6956   vsmraid - ok
17:16:16.0780 6956   vwifibus     (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
17:16:16.0780 6956   vwifibus - ok
17:16:16.0790 6956   WacomPen     (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:16:16.0790 6956   WacomPen - ok
17:16:16.0800 6956   WANARP       (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:16:16.0800 6956   WANARP - ok
17:16:16.0810 6956   Wanarpv6     (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:16:16.0810 6956   Wanarpv6 - ok
17:16:16.0830 6956   Wd         (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:16:16.0840 6956   Wd - ok
17:16:16.0840 6956   WDC_SAM       (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
17:16:16.0840 6956   WDC_SAM - ok
17:16:16.0860 6956   Wdf01000     (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:16:16.0870 6956   Wdf01000 - ok
17:16:16.0900 6956   WfpLwf       (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:16:16.0900 6956   WfpLwf - ok
17:16:16.0910 6956   WIMMount     (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:16:16.0910 6956   WIMMount - ok
17:16:16.0940 6956   WinUsb       (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:16:16.0940 6956   WinUsb - ok
17:16:16.0960 6956   WmiAcpi       (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:16:16.0970 6956   WmiAcpi - ok
17:16:16.0990 6956   ws2ifsl       (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:16:16.0990 6956   ws2ifsl - ok
17:16:17.0020 6956   WudfPf       (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:16:17.0020 6956   WudfPf - ok
17:16:17.0030 6956   WUDFRd       (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:16:17.0030 6956   WUDFRd - ok
17:16:17.0090 6956   {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74983addca2d9618512c088d856d6615) D:\Program_Files\PowerDVD10\NavFilter\000.fcl
17:16:17.0090 6956   {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
17:16:17.0110 6956   MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
17:16:17.0110 6956   \Device\Harddisk1\DR1 - ok
17:16:17.0120 6956   MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
17:16:17.0120 6956   \Device\Harddisk2\DR2 - ok
17:16:17.0120 6956   MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:16:17.0120 6956   \Device\Harddisk0\DR0 - ok
17:16:17.0120 6956   MBR (0x1B8)    (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
17:16:17.0130 6956   \Device\Harddisk3\DR3 - ok
17:16:17.0420 6956   MBR (0x1B8)    (8f558eb6672622401da993e1e865c861) \Device\Harddisk4\DR4
17:16:17.0430 6956   \Device\Harddisk4\DR4 - ok
17:16:17.0440 6956   Boot (0x1200)  (6179eedb14c7346f5bdffdac0b5e2c5b) \Device\Harddisk1\DR1\Partition0
17:16:17.0440 6956   \Device\Harddisk1\DR1\Partition0 - ok
17:16:17.0440 6956   Boot (0x1200)  (c7e6ab32a8af62951ad75f41aa610921) \Device\Harddisk2\DR2\Partition0
17:16:17.0450 6956   \Device\Harddisk2\DR2\Partition0 - ok
17:16:17.0450 6956   Boot (0x1200)  (d55482f9536e204337a86179f58a83a5) \Device\Harddisk0\DR0\Partition0
17:16:17.0450 6956   \Device\Harddisk0\DR0\Partition0 - ok
17:16:17.0450 6956   Boot (0x1200)  (86e7d8175c0a9c78b42462be872dfff5) \Device\Harddisk0\DR0\Partition1
17:16:17.0450 6956   \Device\Harddisk0\DR0\Partition1 - ok
17:16:17.0460 6956   Boot (0x1200)  (8c02d87148855a00672082466b5907a5) \Device\Harddisk3\DR3\Partition0
17:16:17.0460 6956   \Device\Harddisk3\DR3\Partition0 - ok
17:16:17.0460 6956   Boot (0x1200)  (e106c08c8107be1a082a6be8203dbec8) \Device\Harddisk4\DR4\Partition0
17:16:17.0460 6956   \Device\Harddisk4\DR4\Partition0 - ok
17:16:17.0460 6956   ============================================================
17:16:17.0460 6956   Scan finished
17:16:17.0460 6956   ============================================================
17:16:17.0470 5400   Detected object count: 0
17:16:17.0470 5400   Actual detected object count: 0