Tak 
Scan result of Farbar Recovery Scan Tool Version: 03-06-2012
Ran by SYSTEM at 04-06-2012 15:11:38
Running from G:\
Windows 7 Home Premium (X64) OS Language: Danish
The current controlset is ControlSet003
========================== Registry (Whitelisted) =============
HKLM\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background [611896 2010-09-15] ()
HKLM\...\Run: [MSC] “c:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] “C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun [98304 2010-11-23] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe [2068992 2009-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe [385024 2009-04-03] (Hewlett-Packard)
HKLM-x32\...\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-08-30] (EasyBits Software AS)
HKLM-x32\...\Run: [Microsoft Default Manager] “C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe” -resume [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe” [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [Adobe ARM] “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe [567320 2011-02-08] (PDF Complete Inc)
HKLM-x32\...\Run: [Malwarebytes’ Anti-Malware] “C:\Program Files (x86)\Malwarebytes’ Anti-Malware\mbamgui.exe” /starttray [462408 2012-04-04] (Malwarebytes Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Snapfish PictureMover.lnk
ShortcutTarget: Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
==================== Services (Whitelisted) ======
2 ezSharedSvc; C:\Windows\SysWow64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS)
2 HP Support Assistant Service; “C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe” [85560 2011-06-21] (Hewlett-Packard Company)
2 MBAMService; “C:\Program Files (x86)\Malwarebytes’ Anti-Malware\mbamservice.exe” [654408 2012-04-04] (Malwarebytes Corporation)
2 UNS; “C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe” [2320920 2009-09-30] (Intel Corporation)
2 LightScribeService; “c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe” [x]
2 MsMpSvc; “c:\Program Files\Microsoft Security Client\MsMpEng.exe” [x]
3 NisSrv; “c:\Program Files\Microsoft Security Client\NisSrv.exe” [x]
========================== Drivers (Whitelisted) =============
3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [116752 2010-09-24] (ATI Technologies, Inc.)
1 cbfs3; C:\Windows\System32\Drivers\cbfs3.sys [349072 2011-11-04] (EldoS Corporation)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-04-04] (Malwarebytes Corporation)
========================== NetSvcs (Whitelisted) ===========
============ One Month Created Files and Folders ==============
2012-06-04 15:11 - 2012-06-04 15:11 - 0000000 ____D C:\FRST
2012-06-04 03:07 - 2012-06-04 03:07 - 0000040 ____A C:\Users\Ulrik\Desktop\slet.txt
2012-06-04 02:10 - 2012-06-04 02:10 - 0001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-04 02:10 - 2012-06-04 02:10 - 0000000 ____D C:\Users\Ulrik\AppData\Roaming\Malwarebytes
2012-06-04 02:10 - 2012-06-04 02:10 - 0000000 ____D C:\Users\All Users\Malwarebytes
2012-06-04 02:10 - 2012-06-04 02:10 - 0000000 ____D C:\Program Files (x86)\Malwarebytes’ Anti-Malware
2012-06-04 02:10 - 2012-04-04 05:56 - 0024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-06-04 01:38 - 2012-06-04 04:36 - 1540732 ____A C:\Windows\ntbtlog.txt
2012-06-04 01:10 - 2012-06-04 01:10 - 0000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2012-06-04 01:10 - 2012-06-04 01:10 - 0000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2012-06-04 01:09 - 2012-02-29 22:46 - 0023408 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-06-04 01:09 - 2012-02-29 22:38 - 0220672 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-06-04 01:09 - 2012-02-29 22:33 - 0081408 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-06-04 01:09 - 2012-02-29 22:28 - 0005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-06-04 01:09 - 2012-02-29 21:37 - 0172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-06-04 01:09 - 2012-02-29 21:33 - 0159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2012-06-04 01:09 - 2012-02-29 21:29 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2012-06-04 01:06 - 2012-03-30 03:35 - 1918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-06-04 01:06 - 2012-03-16 23:58 - 0075120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2012-06-04 01:06 - 2012-02-27 22:39 - 1494016 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-04 01:06 - 2012-02-27 22:39 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-04 01:06 - 2012-02-27 22:39 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-04 01:06 - 2012-02-27 22:36 - 9020928 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-04 01:06 - 2012-02-27 22:36 - 0702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-06-04 01:06 - 2012-02-27 22:36 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-04 01:06 - 2012-02-27 22:35 - 2453504 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-04 01:06 - 2012-02-27 22:35 - 12264448 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-04 01:06 - 2012-02-27 22:35 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-04 01:06 - 2012-02-27 22:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-04 01:06 - 2012-02-27 21:38 - 1231360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-04 01:06 - 2012-02-27 21:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-04 01:06 - 2012-02-27 21:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-04 01:06 - 2012-02-27 21:35 - 5998080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-04 01:06 - 2012-02-27 21:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-06-04 01:06 - 2012-02-27 21:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-04 01:06 - 2012-02-27 21:34 - 2073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-04 01:06 - 2012-02-27 21:34 - 10992640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-04 01:06 - 2012-02-27 21:34 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-04 01:06 - 2012-02-27 21:34 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-04 01:06 - 2012-02-27 20:31 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-04 01:06 - 2012-02-27 19:52 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-04 01:06 - 2012-02-16 22:38 - 1031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-06-04 01:06 - 2012-02-16 21:34 - 0826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-06-04 01:06 - 2012-02-16 20:58 - 0210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-04 01:06 - 2012-02-16 20:57 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-06-04 01:06 - 2011-12-16 00:46 - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2012-06-04 01:06 - 2011-12-15 23:52 - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2012-06-04 01:05 - 2011-12-27 19:59 - 0498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2012-06-04 01:03 - 2012-06-04 01:03 - 0000000 __SHD C:\Windows\System32\%APPDATA%
2012-06-04 00:58 - 2012-06-04 00:58 - 0306176 ____A C:\Users\Ulrik\AppData\Local\ydgqsvtkz.exe
2012-05-29 22:36 - 2012-05-29 22:36 - 0000000 ____D C:\Windows\System32\Macromed
2012-05-15 23:57 - 2012-05-15 23:57 - 0185816 ____A C:\Users\Ulrik\Desktop\Finansnyt 10-2012 v3 0.docx
2012-05-15 05:20 - 2012-05-15 05:20 - 0027639 ____A C:\Users\Ulrik\Desktop\JK1.pdf
2012-05-15 05:20 - 2012-05-15 05:20 - 0023524 ____A C:\Users\Ulrik\Desktop\JK2.pdf
2012-05-08 23:30 - 2012-05-08 23:30 - 0026591 ____A C:\Users\Ulrik\Desktop\Regnskab SBS.pdf
2012-05-07 04:59 - 2012-05-07 04:59 - 0000162 ___AH C:\Users\Ulrik\Desktop\~$häcksdorf V.docx
2012-05-07 04:49 - 2012-05-07 06:08 - 0014149 ____A C:\Users\Ulrik\Desktop\Virksomhedsmål og politik BOLICO A.docx
2012-05-07 03:28 - 2012-05-07 03:56 - 0015561 ____A C:\Users\Ulrik\Desktop\Schäcksdorf V.docx
============ 3 Months Modified Files and Folders =============
2012-06-04 05:02 - 2012-01-03 02:31 - 0000926 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-06-04 05:02 - 2011-05-25 08:36 - 429215744 __ASH C:\hiberfil.sys
2012-06-04 05:02 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-06-04 05:02 - 2009-07-13 20:51 - 0042697 ____A C:\Windows\setupact.log
2012-06-04 04:49 - 2009-07-13 21:08 - 0032658 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-06-04 04:46 - 2012-01-03 02:31 - 0000930 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-06-04 04:38 - 2012-01-05 04:06 - 0000000 ____D C:\Users\Ulrik\AppData\Local\CrashDumps
2012-06-04 04:36 - 2012-06-04 01:38 - 1540732 ____A C:\Windows\ntbtlog.txt
2012-06-04 03:07 - 2012-06-04 03:07 - 0000040 ____A C:\Users\Ulrik\Desktop\slet.txt
2012-06-04 02:10 - 2012-06-04 02:10 - 0001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-04 02:10 - 2012-06-04 02:10 - 0000000 ____D C:\Users\Ulrik\AppData\Roaming\Malwarebytes
2012-06-04 02:10 - 2012-06-04 02:10 - 0000000 ____D C:\Users\All Users\Malwarebytes
2012-06-04 02:10 - 2012-06-04 02:10 - 0000000 ____D C:\Program Files (x86)\Malwarebytes’ Anti-Malware
2012-06-04 01:27 - 2012-01-11 07:06 - 0000000 __SHD C:\Users\Ulrik\AppData\Local\{ad31e31d-949d-07e6-90bf-d25edf9ef8b3}
2012-06-04 01:15 - 2011-05-25 08:36 - 0271904 ____A C:\Windows\PFRO.log
2012-06-04 01:12 - 2011-05-25 05:50 - 0644730 ____A C:\Windows\System32\perfh006.dat
2012-06-04 01:12 - 2011-05-25 05:50 - 0118632 ____A C:\Windows\System32\perfc006.dat
2012-06-04 01:12 - 2009-07-13 21:13 - 1502630 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-04 01:11 - 2011-12-09 05:01 - 0000000 ____D C:\Users\All Users\Microsoft Help
2012-06-04 01:10 - 2012-06-04 01:10 - 0000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2012-06-04 01:10 - 2012-06-04 01:10 - 0000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2012-06-04 01:09 - 2011-12-09 04:06 - 0001912 ____A C:\Windows\epplauncher.mif
2012-06-04 01:09 - 2011-12-09 04:05 - 1502594 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-06-04 01:09 - 2011-12-09 04:05 - 0000000 ____D C:\Program Files\Microsoft Security Client
2012-06-04 01:09 - 2011-12-09 04:05 - 0000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-06-04 01:08 - 2011-05-25 05:56 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-06-04 01:08 - 2009-07-13 23:45 - 0000000 ____D C:\Program Files\Windows Journal
2012-06-04 01:07 - 2011-05-25 05:36 - 1721272 ____A C:\Windows\WindowsUpdate.log
2012-06-04 01:03 - 2012-06-04 01:03 - 0000000 __SHD C:\Windows\System32\%APPDATA%
2012-06-04 00:58 - 2012-06-04 00:58 - 0306176 ____A C:\Users\Ulrik\AppData\Local\ydgqsvtkz.exe
2012-06-03 23:21 - 2011-12-12 00:57 - 0000000 ____D C:\Users\Ulrik\Documents\Outlook-filer
2012-06-03 22:41 - 2009-07-13 20:45 - 0015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-06-03 22:41 - 2009-07-13 20:45 - 0015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-05-29 22:36 - 2012-05-29 22:36 - 0000000 ____D C:\Windows\System32\Macromed
2012-05-29 22:30 - 2011-05-25 05:50 - 0000000 ____D C:\Users\All Users\PDFC
2012-05-29 03:47 - 2011-12-20 23:56 - 0000052 ____A C:\Windows\SysWOW64\DOErrors.log
2012-05-29 03:46 - 2012-01-10 04:17 - 0000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2012-05-15 23:57 - 2012-05-15 23:57 - 0185816 ____A C:\Users\Ulrik\Desktop\Finansnyt 10-2012 v3 0.docx
2012-05-15 05:20 - 2012-05-15 05:20 - 0027639 ____A C:\Users\Ulrik\Desktop\JK1.pdf
2012-05-15 05:20 - 2012-05-15 05:20 - 0023524 ____A C:\Users\Ulrik\Desktop\JK2.pdf
2012-05-15 05:20 - 2011-12-09 03:59 - 0000000 ____D C:\Users\Ulrik\AppData\Local\PDFC
2012-05-10 22:39 - 2012-01-09 23:39 - 0000350 ____A C:\Windows\Tasks\HPCeeScheduleForULRIK-BOLICO$.job
2012-05-10 03:27 - 2011-12-21 00:27 - 0000332 ____A C:\Windows\Tasks\HPCeeScheduleForUlrik.job
2012-05-08 23:30 - 2012-05-08 23:30 - 0026591 ____A C:\Users\Ulrik\Desktop\Regnskab SBS.pdf
2012-05-07 06:08 - 2012-05-07 04:49 - 0014149 ____A C:\Users\Ulrik\Desktop\Virksomhedsmål og politik BOLICO A.docx
2012-05-07 04:59 - 2012-05-07 04:59 - 0000162 ___AH C:\Users\Ulrik\Desktop\~$häcksdorf V.docx
2012-05-07 03:56 - 2012-05-07 03:28 - 0015561 ____A C:\Users\Ulrik\Desktop\Schäcksdorf V.docx
2012-05-02 04:54 - 2012-05-02 04:54 - 0152772 ____A C:\Users\Ulrik\Desktop\Bolico - Finansnyt Aktuel Anbefaling 1-2012.pdf
2012-05-02 04:23 - 2012-05-02 04:23 - 0451152 ___AT C:\Users\Ulrik\Desktop\Bolico_Finansnyt_9-2012.pdf
2012-04-27 00:12 - 2012-04-27 00:12 - 0388775 ____A C:\Users\Ulrik\Desktop\Tillæg 1 til Aftale af 17 januar 2012.pdf
2012-04-26 02:54 - 2012-04-26 02:54 - 0135202 ____A C:\Users\Ulrik\Desktop\Tillæg 1 til aftale om køb og salg af anparter (underskr af TT).pdf
2012-04-22 22:46 - 2012-01-03 02:31 - 0000000 ____D C:\Program Files (x86)\Google
2012-04-19 03:03 - 2012-04-19 03:03 - 0009430 ____A C:\Users\Ulrik\Desktop\Accunia Europa Energy AS.xlsx
2012-04-19 03:03 - 2012-04-19 03:03 - 0000165 ___AH C:\Users\Ulrik\Desktop\~$Accunia Europa Energy AS.xlsx
2012-04-17 05:54 - 2012-04-19 00:34 - 0177152 ____A C:\Users\Ulrik\Desktop\BF TEMA 2-2012.pub
2012-04-17 00:19 - 2012-04-17 00:19 - 0328672 ____A C:\Users\Ulrik\Desktop\Meiner0001.pdf
2012-04-17 00:19 - 2012-04-17 00:19 - 0328672 ____A C:\Users\Ulrik\Desktop\Meiner.pdf
2012-04-17 00:07 - 2012-04-17 00:07 - 0160263 ____A C:\Users\Ulrik\Desktop\Annex A ii to broker frame agreement - EE - EEM Energy - signed - 13 04 2012 - EEM Energy (2).pdf
2012-04-12 03:15 - 2012-04-12 03:15 - 0011552 ____A C:\Users\Ulrik\Desktop\portal4_erhverv_sydbank_dk_wps_myportal_erhverv_sydbank.pdf
2012-04-12 03:09 - 2012-04-12 03:09 - 0000000 ____D C:\Sydbank
2012-04-12 02:53 - 2012-04-11 04:00 - 0087320 ____A C:\Users\Ulrik\danid.log
2012-04-12 00:38 - 2012-04-12 00:38 - 0300311 ____A C:\Users\Ulrik\Desktop\Aftale.pdf
2012-04-11 04:00 - 2012-04-11 04:00 - 0000000 ____D C:\Users\Ulrik\.oces2
2012-04-11 04:00 - 2011-12-09 03:43 - 0000000 ____D C:\users\Ulrik
2012-04-11 03:45 - 2012-04-11 03:45 - 0000000 ____D C:\Users\Ulrik\Sydbank
2012-04-04 05:56 - 2012-06-04 02:10 - 0024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-03-30 03:35 - 2012-06-04 01:06 - 1918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-03-29 05:28 - 2012-03-29 05:28 - 0835188 ____A C:\Users\Ulrik\Desktop\EMM EWF 2 7 Udkast 2 0 Final_R12 PLR (lån 31 03 2012) (2) 2.pptx
2012-03-28 01:45 - 2012-03-28 01:45 - 0138016 ____A C:\Users\Ulrik\Desktop\Referat møde 28.03 - 2012.pdf
2012-03-28 01:45 - 2012-03-28 01:45 - 0022469 ____A C:\Users\Ulrik\Desktop\Referat møde 28.03 - 2012.docx
2012-03-28 01:44 - 2012-03-28 00:49 - 0022465 ____A C:\Users\Ulrik\Desktop\Referat møde 28.03 - 12 UM.docx
2012-03-28 00:50 - 2012-03-28 00:50 - 0138263 ____A C:\Users\Ulrik\Desktop\Referat møde 27.03 - 12 UM.pdf
2012-03-28 00:48 - 2012-03-28 00:48 - 0138263 ____A C:\Users\Ulrik\Desktop\Referat møde 28.03 UM.pdf
2012-03-28 00:47 - 2012-03-28 00:42 - 0048640 ____A C:\Users\Ulrik\Desktop\Prützke-Rohlsdorf_Udestående per 28 03 2012 (2) UM.doc
2012-03-27 00:05 - 2012-03-27 00:05 - 0137458 ____A C:\Users\Ulrik\Desktop\Referat møde .pdf
2012-03-27 00:05 - 2012-03-27 00:05 - 0021925 ____A C:\Users\Ulrik\Desktop\Referat møde (HOB 26-03-2012).docx
2012-03-26 06:35 - 2012-03-26 00:44 - 0018271 ____A C:\Users\Ulrik\Desktop\Referat møde PR.docx
2012-03-26 05:23 - 2012-03-26 05:23 - 0179864 ____A C:\Users\Ulrik\Desktop\Kalkulation Schäcksdorf 2 7-0001-R22 PLR (lån per 31.03.12).xlsx
2012-03-26 05:08 - 2012-03-26 05:08 - 0534358 ____A C:\Users\Ulrik\Desktop\EMM EWF 2 7 Udkast 2 0 Final_R12 PLR (lån 31 03 2012) (2).pdf
2012-03-26 05:07 - 2012-03-26 04:46 - 0835277 ____A C:\Users\Ulrik\Desktop\EMM EWF 2 7 Udkast 2 0 Final_R12 PLR (lån 31 03 2012) (2).pptx
2012-03-26 04:59 - 2012-01-05 01:27 - 0000000 ____D C:\Users\Ulrik\AppData\Roaming\Wuala
2012-03-26 04:40 - 2012-03-26 04:40 - 0230918 ____A C:\Users\Ulrik\Desktop\Kopi af Kalkulation Schäcksdorf 2 7-0001-R22 PLR (lån per 31 03 12).pdf
2012-03-20 10:44 - 2011-04-27 06:25 - 0098688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NisDrvWFP.sys
2012-03-20 10:44 - 2011-04-18 04:18 - 0203888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys
2012-03-16 23:58 - 2012-06-04 01:06 - 0075120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2012-03-16 02:07 - 2012-03-16 02:04 - 0031075 ____A C:\Users\Ulrik\Desktop\Export16032012.csv
2012-03-13 01:42 - 2012-03-13 01:42 - 0039494 ____A C:\Users\Ulrik\Documents\Ulrik & Sigurd.jpg
2012-03-13 01:42 - 2012-03-13 01:42 - 0000000 ____D C:\Users\Ulrik\AppData\Local\PowerCinema
2012-03-13 01:42 - 2012-03-13 01:42 - 0000000 ____D C:\Users\Ulrik\AppData\Local\CyberLink
2012-03-08 00:25 - 2012-03-08 00:25 - 16975422 ____A C:\Users\Ulrik\Desktop\06.03.2012 - Referat.pdf
========================= Known DLLs (Whitelisted) ============
========================= Bamital & volsnap Check ============
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: “%1” %* => OK
========================= Memory info ======================
Percentage of memory in use: 15%
Total physical RAM: 6007.11 MB
Available physical RAM: 5053.55 MB
Total Pagefile: 6005.26 MB
Available Pagefile: 5004.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
======================= Partitions =========================
1 Drive c: (OS) (Fixed) (Total:1381.46 GB) (Free:1325.45 GB) NTFS
2 Drive e: (HP_RECOVERY) (Fixed) (Total:15.71 GB) (Free:1.95 GB) NTFS
4 Drive g: (KINGSTON) (Removable) (Total:14.63 GB) (Free:14.63 GB) FAT32
9 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
10 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Disk ### Status Str. Ledig Dyn GPT
——————————- ———- ———- —- —-
Disk 0 Online 1397 GB 0 B
Disk 1 Online 14 GB 0 B
Disk 2 Intet medie 0 B 0 B
Disk 3 Intet medie 0 B 0 B
Disk 4 Intet medie 0 B 0 B
Disk 5 Intet medie 0 B 0 B
Partitions of Disk 0:
===============
Partition ### Type Str. Forskydning
——————- ———————————- —————-
Partition 1 Prim‘r 100 MB 1024 KB
Partition 2 Prim‘r 1381 GB 101 MB
Partition 3 Prim‘r 15 GB 1381 GB
======================================================================================================
Disk: 0
Partition 1
Type : 07
Skjult: Nej
Aktiv : Ja
Forskydning i byte: 1048576
Diskenhed Bogs. Navn Fs Type Str. Status Oplysn.
————- —————————- ————————- ————- ————
* Diskenhed 1 Y SYSTEM NTFS Partition 100 MB I orden
======================================================================================================
Disk: 0
Partition 2
Type : 07
Skjult: Nej
Aktiv : Nej
Forskydning i byte: 105906176
Diskenhed Bogs. Navn Fs Type Str. Status Oplysn.
————- —————————- ————————- ————- ————
* Diskenhed 2 C OS NTFS Partition 1381 GB I orden
======================================================================================================
Disk: 0
Partition 3
Type : 07
Skjult: Nej
Aktiv : Nej
Forskydning i byte: 1483436195840
Diskenhed Bogs. Navn Fs Type Str. Status Oplysn.
————- —————————- ————————- ————- ————
* Diskenhed 3 E HP_RECOVERY NTFS Partition 15 GB I orden
======================================================================================================
Partitions of Disk 1:
===============
Partition ### Type Str. Forskydning
——————- ———————————- —————-
Partition 1 Prim‘r 14 GB 4032 KB
======================================================================================================
Disk: 1
Partition 1
Type : 0C
Skjult: Nej
Aktiv : Nej
Forskydning i byte: 4128768
Diskenhed Bogs. Navn Fs Type Str. Status Oplysn.
————- —————————- ————————- ————- ————
* Diskenhed 4 G KINGSTON FAT32 Flytbar 14 GB I orden
======================================================================================================
==========================================================
Last Boot: 2012-05-30 03:05
======================= End Of Log ==========================
