Hej

Jeg flytter dit Spørgsmål til rense kategorien.

———

Download OTL af OldTimer og gem den på dit skrivebord.

Start OTL

Øverst sætter du flueben i “Scan All Users”

I boksen “Custom Scans/Fixes” kopierer du det fremhævede ind.

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
WSHELPER.*
services.exe
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
CREATERESTOREPOINT

Luk alle åbne vinduer og klik på “Quick Scan”  og lad programmet køre.

Det vil give to logfiler på skrivebordet, OTL.txt og Extras.txt.

Så kopier følgende ind i dit næste indlæg (i rækkefølge):

Indholdet af OTL.txt
Indholdet af Extras.txt

Da de er forholdsvis lange, kan du blive nødt til at sende dem i flere indlæg.

Hej Administrator.

I ca. 1½ time har skærmen stået stille og OLT billedet ser sådan ud.
Den startede fint ud med at vise hvilke filer der blev scannet i bunden, men
nu står den stille i bunden.
Har vedhæftet screendump

Screendump laves normalt ikke som Docx filer.

Hvis du endelig skal vedhæfte er Screendump, så gør det som billedfil

Ok, men screendump er lagt ind som billede i word dokumentet

Hvis du vil ha’ hjælp, skal du gøre som jeg skriver

Naturligvis, vedhæftet screendump som billedefil.

Jeg har rettet vejledningen, så vil du godt prøve nu.

OTL logfile created on: 18-06-2012 15:01:31 - Run 1
OTL by OldTimer - Version 3.2.49.0   Folder = C:\Documents and Settings\kdp.DOMAIN\Skrivebord
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

3,50 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 68,94% Memory free
5,34 Gb Paging File | 4,45 Gb Available in Paging File | 83,39% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmer
Drive C: | 465,76 Gb Total Space | 226,68 Gb Free Space | 48,67% Space Free | Partition Type: NTFS
Drive K: | 1024,00 Gb Total Space | 114,94 Gb Free Space | 11,22% Space Free | Partition Type: NTFS
Drive L: | 1024,00 Gb Total Space | 114,94 Gb Free Space | 11,22% Space Free | Partition Type: NTFS
Drive N: | 1024,00 Gb Total Space | 114,94 Gb Free Space | 11,22% Space Free | Partition Type: NTFS
Drive P: | 1024,00 Gb Total Space | 114,94 Gb Free Space | 11,22% Space Free | Partition Type: NTFS
Drive Q: | 1024,00 Gb Total Space | 114,94 Gb Free Space | 11,22% Space Free | Partition Type: NTFS
Drive R: | 1024,00 Gb Total Space | 114,94 Gb Free Space | 11,22% Space Free | Partition Type: NTFS
Drive X: | 1024,00 Gb Total Space | 114,94 Gb Free Space | 11,22% Space Free | Partition Type: NTFS
Drive Z: | 1024,00 Gb Total Space | 114,94 Gb Free Space | 11,22% Space Free | Partition Type: NTFS

Computer Name: KURT01 | User Name: kdp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-06-17 17:50:49 | 000,595,968 |——| M] (OldTimer Tools)—C:\Documents and Settings\kdp.DOMAIN\Skrivebord\OTL.exe
PRC - [2012-06-08 15:12:13 | 000,488,104 |——| M] (F-Secure Corporation)—C:\Programmer\F-Secure\Anti-Virus\fsav32.exe
PRC - [2012-06-08 15:11:52 | 000,061,088 |——| M] (F-Secure Corporation)—C:\Programmer\F-Secure\ORSP Client\fsorsp.exe
PRC - [2012-06-08 15:10:58 | 001,028,776 |——| M] (F-Secure Corporation)—C:\Programmer\F-Secure\Anti-Virus\fssm32.exe
PRC - [2012-06-08 15:10:58 | 000,561,832 |——| M] (F-Secure Corporation)—C:\Programmer\F-Secure\Anti-Virus\fsgk32.exe
PRC - [2012-05-31 18:20:02 | 000,296,056 |——| M] (RealNetworks, Inc.)—C:\Programmer\Real\RealPlayer\Update\realsched.exe
PRC - [2012-05-30 13:56:52 | 003,048,136 |——| M] (Skype Technologies S.A.)—C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-05-15 15:46:35 | 000,779,264 |——| M] (PTC)—C:\Programmer\proeWildfire 5.0\i486_nt\nms\nmsd.exe
PRC - [2012-04-04 15:56:40 | 000,654,408 |——| M] (Malwarebytes Corporation)—C:\Programmer\Malwarebytes’ Anti-Malware\mbamservice.exe
PRC - [2012-02-27 01:15:42 | 000,055,144 |——| M] (Apple Inc.)—C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011-12-05 21:17:44 | 024,242,056 |——| M] (Dropbox, Inc.)—C:\Documents and Settings\kdp\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2011-10-07 11:40:42 | 001,387,288 |——| M] (Logitech, Inc.)—C:\Programmer\Logitech\SetPointP\SetPoint.exe
PRC - [2011-09-27 21:05:24 | 000,149,784 |——| M] (Logitech, Inc.)—C:\Programmer\Fælles filer\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2010-03-16 10:22:44 | 000,475,136 |——| M] ()—C:\Programmer\Fælles filer\Materialise\LicenseFiles\LicSrv52.exe
PRC - [2010-03-16 10:22:44 | 000,036,864 |——| M] ()—C:\Programmer\Fælles filer\Materialise\LicenseFiles\LicSrv50.exe
PRC - [2010-03-04 23:38:00 | 000,071,096 |——| M] ()—C:\Programmer\CDBurnerXP\NMSAccessU.exe
PRC - [2010-03-03 10:36:46 | 000,082,432 |——| M] (PTC)—C:\Programmer\PTC\WindchillSharePointProducts\ClientManager\ProductPointService.exe
PRC - [2009-11-26 11:36:42 | 000,166,512 |——| M] (F-Secure Corporation)—C:\Programmer\F-Secure\common\FNRB32.exe
PRC - [2009-11-26 11:36:42 | 000,129,648 |——| M] (F-Secure Corporation)—C:\Programmer\F-Secure\common\FIH32.exe
PRC - [2009-11-26 11:36:38 | 000,186,992 |——| M] (F-Secure Corporation)—C:\Programmer\F-Secure\common\FSMA32.EXE
PRC - [2009-11-26 11:36:36 | 000,301,680 |——| M] (F-Secure Corporation)—C:\Programmer\F-Secure\common\FSM32.EXE
PRC - [2009-11-26 11:36:36 | 000,088,688 |——| M] (F-Secure Corporation)—C:\Programmer\F-Secure\common\FSHDLL32.EXE
PRC - [2009-11-26 11:35:58 | 000,522,864 |——| M] (F-Secure Corporation)—C:\Programmer\F-Secure\FWES\program\fsdfwd.exe
PRC - [2009-11-26 11:35:14 | 000,219,760 |——| M] (F-Secure Corporation)—C:\Programmer\F-Secure\Anti-Virus\fsgk32st.exe
PRC - [2009-11-03 15:48:54 | 000,874,768 |——| M] (Intel(R) Corporation)—C:\Programmer\Intel\WiFi\bin\EvtEng.exe
PRC - [2009-11-03 15:45:52 | 000,348,160 |——| M] (Intel(R) Corporation)—C:\Programmer\Intel\WiFi\bin\WLKEEPER.exe
PRC - [2009-11-03 15:45:48 | 001,372,160 |——| M] (Intel(R) Corporation)—C:\Programmer\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2009-11-03 15:42:00 | 000,909,312 |——| M] (Intel(R) Corporation)—C:\Programmer\Intel\WiFi\bin\S24EvMon.exe
PRC - [2009-11-03 15:35:14 | 001,202,448 |——| M] (Intel(R) Corporation)—C:\Programmer\Fælles filer\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2009-11-03 15:33:48 | 000,473,360 |——| M] (Intel(R) Corporation)—C:\Programmer\Fælles filer\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009-03-06 10:40:10 | 000,656,696 |——| M] (Wave Systems Corp.)—C:\Programmer\Wave Systems Corp\SecureUpgrade.exe
PRC - [2009-03-06 10:39:10 | 000,145,408 |——| M] (Wave Systems Corp.)—C:\Programmer\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
PRC - [2009-02-18 14:10:14 | 000,991,232 |——| M] (Wave Systems Corp.)—C:\Programmer\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
PRC - [2008-04-14 18:05:49 | 001,034,752 |——| M] (Microsoft Corporation)—C:\WINDOWS\explorer.exe
PRC - [2008-04-14 18:05:45 | 000,391,680 |——| M] (Microsoft Corporation)—C:\WINDOWS\system32\cmd.exe
PRC - [2008-03-20 08:25:43 | 000,025,256 |——| M] ()—C:\Programmer\Lexmark 3600-4600 Series\lxdxmsdmon.exe
PRC - [2008-03-20 08:25:42 | 000,668,328 |——| M] ()—C:\Programmer\Lexmark 3600-4600 Series\lxdxmon.exe
PRC - [2008-02-28 02:53:25 | 000,594,600 |——| M] ( )—C:\WINDOWS\system32\lxdxcoms.exe
PRC - [2007-06-20 14:30:18 | 000,079,168 |——| M] (Broadcom Corporation)—C:\Programmer\Broadcom\ASFIPMon\AsfIpMon.exe
PRC - [2007-05-10 10:22:32 | 000,405,504 |——| M] (SigmaTel, Inc.)—C:\Programmer\SigmaTel\C-Major Audio\WDM\stsystra.exe
PRC - [2007-01-11 20:43:46 | 002,150,400 |——| M] (TOSHIBA CORPORATION.)—C:\Programmer\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2006-12-18 15:22:14 | 000,278,528 |——| M] (TOSHIBA CORPORATION.)—C:\Programmer\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2006-12-15 11:41:30 | 002,170,880 |——| M] (TOSHIBA CORPORATION.)—C:\Programmer\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
PRC - [2006-11-03 11:01:16 | 000,319,488 |——| M] (PixArt Imaging Incorporation)—C:\WINDOWS\PixArt\Pac7302\Monitor.exe
PRC - [2006-10-27 20:13:48 | 000,270,336 |——| M] (TOSHIBA CORPORATION.)—C:\Programmer\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2006-02-06 23:00:20 | 000,311,296 |——| M] (TOSHIBA CORPORATION.)—C:\Programmer\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
PRC - [2006-01-23 23:14:10 | 000,069,632 |——| M] (TOSHIBA CORPORATION.)—C:\Programmer\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2004-02-11 09:00:00 | 000,118,784 |——| M] (WinZip Computing, Inc.)—C:\Programmer\WinZip\WZQKPICK.EXE


========== Modules (No Company Name) ==========

MOD - [2012-06-13 03:20:54 | 000,212,992 |——| M] ()—C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012-06-13 03:20:52 | 011,817,472 |——| M] ()—C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012-06-13 03:19:18 | 012,433,920 |——| M] ()—C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012-06-13 03:19:07 | 001,592,320 |——| M] ()—C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012-06-13 03:17:04 | 000,372,736 |——| M] ()—C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2012-06-08 15:12:04 | 000,030,888 |——| M] ()—C:\Programmer\F-Secure\Anti-Virus\minifilter\hashlib_x86.dll
MOD - [2012-06-08 15:10:58 | 000,768,712 |——| M] ()—C:\Programmer\F-Secure\Anti-Virus\fm4av.dll
MOD - [2012-05-14 09:04:19 | 001,706,496 |——| M] ()—C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\97d635f5c656ae43d94b55e67fc4ab50\System.ServiceModel.Web.ni.dll
MOD - [2012-05-14 09:03:26 | 000,256,000 |——| M] ()—C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\660c4d6dd69ef22bc05587e1998cd135\SMDiagnostics.ni.dll
MOD - [2012-05-14 09:03:18 | 017,403,904 |——| M] ()—C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\bc254d2fa26664898ae21d45643bc194\System.ServiceModel.ni.dll
MOD - [2012-05-14 09:03:03 | 002,345,472 |——| M] ()—C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll
MOD - [2012-05-14 09:02:27 | 000,971,264 |——| M] ()—C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012-05-14 08:48:03 | 005,450,752 |——| M] ()—C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012-05-14 08:46:03 | 007,953,408 |——| M] ()—C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012-05-14 08:45:55 | 011,492,352 |——| M] ()—C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012-04-04 07:54:00 | 000,300,544 |——| M] ()—C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\PDFShell.DAN
MOD - [2012-01-08 15:41:12 | 000,093,696 |——| M] ()—C:\Programmer\FileZilla FTP Client\fzshellext.dll
MOD - [2011-10-07 11:41:16 | 000,879,896 |——| M] ()—C:\Programmer\Logitech\SetPointP\Macros\MacroCore.dll
MOD - [2011-06-24 22:56:36 | 000,087,328 |——| M] ()—C:\Programmer\Fælles filer\Apple\Apple Application Support\zlib1.dll
MOD - [2011-06-24 22:56:14 | 001,241,888 |——| M] ()—C:\Programmer\Fælles filer\Apple\Apple Application Support\libxml2.dll
MOD - [2011-02-24 02:57:18 | 000,555,112 |——| M] ()—C:\Programmer\NVIDIA Corporation\nView\nvShell.dll
MOD - [2010-11-01 22:33:24 | 000,048,936 |——| M] ()—C:\WINDOWS\system32\pdf995mon.dll
MOD - [2010-03-16 10:22:44 | 000,475,136 |——| M] ()—C:\Programmer\Fælles filer\Materialise\LicenseFiles\LicSrv52.exe
MOD - [2010-03-16 10:22:44 | 000,036,864 |——| M] ()—C:\Programmer\Fælles filer\Materialise\LicenseFiles\LicSrv50.exe
MOD - [2010-03-16 10:17:16 | 000,319,488 |——| M] ()—C:\Programmer\Fælles filer\Materialise\LicenseFiles\MatSAX.14.00.dll
MOD - [2010-03-16 10:17:02 | 000,339,968 |——| M] ()—C:\Programmer\Fælles filer\Materialise\LicenseFiles\MatBase.14.00.dll
MOD - [2010-03-16 10:15:36 | 000,102,400 |——| M] ()—C:\Programmer\Fælles filer\Materialise\LicenseFiles\MatResString.14.01.dll
MOD - [2010-03-16 10:13:50 | 000,061,440 |——| M] ()—C:\Programmer\Fælles filer\Materialise\LicenseFiles\_MatDll.14.00.dll
MOD - [2010-03-04 23:38:00 | 000,071,096 |——| M] ()—C:\Programmer\CDBurnerXP\NMSAccessU.exe
MOD - [2010-02-04 00:28:27 | 000,589,824 |——| M] ()—C:\Programmer\Lexmark 3600-4600 Series\lxdxdatr.dll
MOD - [2009-11-26 11:36:38 | 000,088,688 |——| M] ()—C:\Programmer\F-Secure\common\OnDemandInstallWatcher.dll
MOD - [2009-11-26 11:36:28 | 000,236,144 |——| M] ()—\\?\c:\programmer\f-secure\hips\fsumi.dll
MOD - [2009-11-26 11:35:44 | 000,086,016 |——| M] ()—C:\Programmer\F-Secure\FSGUI\strres.eng
MOD - [2009-11-26 11:35:40 | 000,551,536 |——| M] ()—C:\Programmer\F-Secure\FSGUI\gres.dll
MOD - [2009-11-26 11:35:36 | 000,045,056 |——| M] ()—C:\Programmer\F-Secure\FSGUI\fsavures.eng
MOD - [2009-11-26 11:35:34 | 000,143,360 |——| M] ()—C:\Programmer\F-Secure\FSGUI\flyerres.eng
MOD - [2009-11-26 11:35:30 | 000,440,944 |——| M] ()—C:\Programmer\F-Secure\FSGUI\about.dll
MOD - [2009-11-26 11:35:30 | 000,088,688 |——| M] ()—C:\Programmer\F-Secure\FSGUI\aboutres.dll
MOD - [2009-11-26 11:35:12 | 000,036,864 |——| M] ()—C:\Programmer\F-Secure\Anti-Virus\fsavhres.eng
MOD - [2009-11-03 15:35:46 | 000,200,704 |——| M] ()—C:\Programmer\Intel\WiFi\bin\iWMSProv.dll
MOD - [2009-10-16 13:12:44 | 000,147,968 |——| M] ()—C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdxdrpp.dll
MOD - [2009-03-06 10:39:10 | 000,249,856 |——| M] ()—C:\WINDOWS\system32\wxvault.dll
MOD - [2008-03-20 08:25:43 | 000,025,256 |——| M] ()—C:\Programmer\Lexmark 3600-4600 Series\lxdxmsdmon.exe
MOD - [2008-03-20 08:25:42 | 000,668,328 |——| M] ()—C:\Programmer\Lexmark 3600-4600 Series\lxdxmon.exe
MOD - [2008-03-20 07:24:19 | 000,081,920 |——| M] ()—C:\Programmer\Lexmark 3600-4600 Series\lxdxcaps.dll
MOD - [2008-03-20 07:24:12 | 000,380,928 |——| M] ()—C:\Programmer\Lexmark 3600-4600 Series\lxdxscw.dll
MOD - [2008-03-20 07:24:11 | 000,782,336 |——| M] ()—C:\Programmer\Lexmark 3600-4600 Series\lxdxdrs.dll
MOD - [2008-03-20 07:17:07 | 000,069,632 |——| M] ()—C:\Programmer\Lexmark 3600-4600 Series\lxdxcnv4.dll
MOD - [2008-02-28 01:40:55 | 000,036,864 |——| M] ()—C:\Programmer\Lexmark 3600-4600 Series\app4r.monitor.core.dll
MOD - [2008-02-28 01:40:54 | 000,028,672 |——| M] ()—C:\Programmer\Lexmark 3600-4600 Series\app4r.monitor.common.dll
MOD - [2008-02-28 01:40:02 | 000,061,440 |——| M] ()—C:\Programmer\Lexmark 3600-4600 Series\app4r.devmons.mcmdevmon.dll
MOD - [2007-11-22 18:55:48 | 000,011,776 |——| M] ()—C:\Programmer\Lexmark 3600-4600 Series\app4r.devmons.mcmdevmon.autoplayutil.dll
MOD - [2007-09-20 18:34:58 | 000,129,024 |——| M] ()—C:\Programmer\WinRAR\RarExt.dll
MOD - [2005-07-22 21:30:20 | 000,065,536 |——| M] ()—C:\WINDOWS\system32\TosCommAPI.dll
MOD - [2005-05-07 15:14:56 | 000,090,112 |——| M] ()—C:\WINDOWS\system32\custmon2k.dll
MOD - [2004-10-14 10:18:24 | 000,040,960 |——| M] ()—C:\Programmer\Toshiba\Bluetooth Toshiba Stack\TosBtAfh.dll
MOD - [2004-07-20 17:04:02 | 000,094,208 |——| M] ()—C:\WINDOWS\system32\TosBtHcrpAPI.dll


========== Win32 Services (SafeList) ==========

SRV - [2012-06-08 15:11:52 | 000,061,088 |——| M] (F-Secure Corporation) [On_Demand | Running]—C:\Programmer\F-Secure\ORSP Client\fsorsp.exe—(FSORSPClient)
SRV - [2012-05-30 13:56:52 | 003,048,136 |——| M] (Skype Technologies S.A.) [Auto | Running]—C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe—(Skype C2C Service)
SRV - [2012-05-08 09:40:49 | 000,257,696 |——| M] (Adobe Systems Incorporated) [On_Demand | Stopped]—C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe—(AdobeFlashPlayerUpdateSvc)
SRV - [2012-04-04 15:56:40 | 000,654,408 |——| M] (Malwarebytes Corporation) [Auto | Running]—C:\Programmer\Malwarebytes’ Anti-Malware\mbamservice.exe—(MBAMService)
SRV - [2012-02-27 01:15:42 | 000,055,144 |——| M] (Apple Inc.) [Auto | Running]—C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe—(Apple Mobile Device)
SRV - [2011-09-27 21:03:28 | 000,295,192 |——| M] (Logitech, Inc.) [On_Demand | Stopped]—C:\Programmer\Fælles filer\LogiShrd\Bluetooth\LBTServ.exe—(LBTServ)
SRV - [2011-07-20 05:18:24 | 000,440,696 |——| M] (Microsoft Corporation) [On_Demand | Stopped]—C:\Programmer\Fælles filer\Microsoft Shared\OFFICE12\ODSERV.EXE—(odserv)
SRV - [2011-05-30 11:21:41 | 000,079,360 |——| M] (SolidWorks) [On_Demand | Stopped]—C:\Programmer\Fælles filer\SolidWorks Shared\Service\SolidWorksLicensing.exe—(SolidWorks Licensing Service)
SRV - [2010-03-16 10:22:44 | 000,475,136 |——| M] () [Auto | Running]—C:\Programmer\Fælles filer\Materialise\LicenseFiles\LicSrv52.exe—(MatLocalLicenceServer52)
SRV - [2010-03-16 10:22:44 | 000,036,864 |——| M] () [Auto | Running]—C:\Programmer\Fælles filer\Materialise\LicenseFiles\LicSrv50.exe—(MatLocalLicenceServer50)
SRV - [2010-03-04 23:38:00 | 000,071,096 |——| M] () [Auto | Running]—C:\Programmer\CDBurnerXP\NMSAccessU.exe—(NMSAccess)
SRV - [2009-11-26 11:36:42 | 000,166,512 |——| M] (F-Secure Corporation) [On_Demand | Running]—C:\Programmer\F-Secure\common\FNRB32.exe—(F-Secure Network Request Broker)
SRV - [2009-11-26 11:36:38 | 000,186,992 |——| M] (F-Secure Corporation) [Auto | Running]—C:\Programmer\F-Secure\common\FSMA32.EXE—(FSMA)
SRV - [2009-11-26 11:35:58 | 000,522,864 |——| M] (F-Secure Corporation) [On_Demand | Running]—C:\Programmer\F-Secure\FWES\program\fsdfwd.exe—(FSDFWD)
SRV - [2009-11-26 11:35:14 | 000,219,760 |——| M] (F-Secure Corporation) [Auto | Running]—C:\Programmer\F-Secure\Anti-Virus\fsgk32st.exe—(F-Secure Gatekeeper Handler Starter)
SRV - [2009-11-03 15:48:54 | 000,874,768 |——| M] (Intel(R) Corporation) [Auto | Running]—C:\Programmer\Intel\WiFi\bin\EvtEng.exe—(EvtEng) Intel(R)
SRV - [2009-11-03 15:45:52 | 000,348,160 |——| M] (Intel(R) Corporation) [Auto | Running]—C:\Programmer\Intel\WiFi\bin\WLKEEPER.exe—(WLANKEEPER) Intel(R)
SRV - [2009-11-03 15:42:00 | 000,909,312 |——| M] (Intel(R) Corporation) [Auto | Running]—C:\Programmer\Intel\WiFi\bin\S24EvMon.exe—(S24EventMonitor) Intel(R)
SRV - [2009-11-03 15:33:48 | 000,473,360 |——| M] (Intel(R) Corporation) [Auto | Running]—C:\Programmer\Fælles filer\Intel\WirelessCommon\RegSrvc.exe—(RegSrvc) Intel(R)
SRV - [2009-10-16 13:00:50 | 000,094,208 |——| M] () [Auto | Stopped]—C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe—(lxdxCATSCustConnectService)
SRV - [2009-05-06 15:32:02 | 000,249,856 |——| M] (SMServer) [On_Demand | Stopped]—C:\WINDOWS\system32\snmvtsvc.exe—(SMServer)
SRV - [2009-02-18 14:10:14 | 000,991,232 |——| M] (Wave Systems Corp.) [Auto | Running]—C:\Programmer\Wave Systems Corp\Trusted Drive Manager\TdmService.exe—(TdmService)
SRV - [2008-12-12 09:54:00 | 000,638,976 |——| M] (Wave Systems Corp.) [On_Demand | Stopped]—C:\Programmer\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe—(SecureStorageService)
SRV - [2008-11-12 13:25:48 | 001,273,856 |——| M] () [Auto | Stopped]—C:\Programmer\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe—(tcsd_win32.exe)
SRV - [2008-02-28 02:53:25 | 000,594,600 |——| M] ( ) [Auto | Running]—C:\WINDOWS\system32\lxdxcoms.exe—(lxdx_device)
SRV - [2007-06-20 14:30:18 | 000,079,168 |——| M] (Broadcom Corporation) [Auto | Running]—C:\Programmer\Broadcom\ASFIPMon\AsfIpMon.exe—(ASFIPmon)
SRV - [2006-10-26 14:03:08 | 000,145,184 |——| M] (Microsoft Corporation) [On_Demand | Stopped]—C:\Programmer\Fælles filer\Microsoft Shared\Source Engine\OSE.EXE—(ose)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped]——(WDICA)
DRV - File not found [Kernel | System | Stopped]—C:\WINDOWS\system32\drivers\SBREdrv.sys—(SBRE)
DRV - File not found [Kernel | On_Demand | Stopped]——(PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped]——(PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped]——(PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped]——(PDCOMP)
DRV - File not found [Kernel | System | Stopped]——(PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped]—system32\DRIVERS\pccsmcfd.sys—(pccsmcfd)
DRV - File not found [Kernel | System | Stopped]—C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS—(OMCI)
DRV - File not found [Kernel | System | Stopped]——(lbrtfdc)
DRV - File not found [Kernel | System | Stopped]——(i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped]—system32\DRIVERS\ewusbfake.sys—(hwusbfake)
DRV - File not found [Kernel | On_Demand | Stopped]—system32\DRIVERS\ewusbmdm.sys—(hwdatacard)
DRV - File not found [Kernel | System | Stopped]——(Changer)
DRV - [2012-06-08 15:14:26 | 000,044,184 |——| M] () [Kernel | Boot | Running]—C:\WINDOWS\system32\drivers\fsbts.sys—(fsbts)
DRV - [2012-06-08 15:12:05 | 000,149,672 |——| M] () [Kernel | On_Demand | Running]—C:\Programmer\F-Secure\Anti-Virus\minifilter\fsgk.sys—(F-Secure Gatekeeper)
DRV - [2012-04-04 15:56:40 | 000,022,344 |——| M] (Malwarebytes Corporation) [File_System | On_Demand | Running]—C:\WINDOWS\system32\drivers\mbam.sys—(MBAMProtector)
DRV - [2011-12-16 17:53:00 | 000,025,088 |——| M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped]—C:\WINDOWS\system32\drivers\teamviewervpn.sys—(teamviewervpn)
DRV - [2011-09-02 08:31:28 | 000,039,192 |——| M] (Logitech, Inc.) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\LMouFilt.Sys—(LMouFilt)
DRV - [2011-09-02 08:31:28 | 000,030,360 |——| M] (Logitech, Inc.) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\LUsbFilt.sys—(LUsbFilt)
DRV - [2011-09-02 08:31:20 | 000,041,240 |——| M] (Logitech, Inc.) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\LHidFilt.Sys—(LHidFilt)
DRV - [2011-09-02 08:31:10 | 000,042,648 |——| M] (Logitech, Inc.) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\LEqdUsb.sys—(LEqdUsb)
DRV - [2011-09-02 08:31:10 | 000,012,184 |——| M] (Logitech, Inc.) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\LHidEqd.sys—(LHidEqd)
DRV - [2011-09-02 08:30:58 | 000,012,184 |——| M] (Logitech, Inc.) [Kernel | Auto | Running]—C:\WINDOWS\system32\drivers\LBeepKE.sys—(LBeepKE)
DRV - [2011-05-10 08:06:14 | 000,018,432 |——| M] (Apple Inc.) [Kernel | On_Demand | Stopped]—C:\WINDOWS\system32\drivers\netaapl.sys—(Netaapl)
DRV - [2009-12-07 17:12:36 | 000,078,336 |——| M] (PC Dynamics, Inc.) [Kernel | System | Running]—C:\WINDOWS\system32\drivers\SafDskNT.sys—(SafDskNT)
DRV - [2009-11-26 11:36:28 | 000,068,080 |——| M] (F-Secure Corporation) [Kernel | System | Running]—C:\Programmer\F-Secure\HIPS\drivers\fshs.sys—(F-Secure HIPS)
DRV - [2009-11-26 11:35:58 | 000,080,016 |——| M] (F-Secure Corporation) [Kernel | Boot | Running]—C:\WINDOWS\system32\drivers\fsdfw.sys—(FSFW)
DRV - [2009-11-26 11:35:16 | 000,039,792 |——| M] () [Kernel | Disabled | Stopped]—C:\Programmer\F-Secure\Anti-Virus\win2k\fsfilter.sys—(F-Secure Filter)
DRV - [2009-11-26 11:35:16 | 000,025,200 |——| M] () [Kernel | Disabled | Stopped]—C:\Programmer\F-Secure\Anti-Virus\win2k\fsrec.sys—(F-Secure Recognizer)
DRV - [2009-11-12 14:48:56 | 000,005,504 |——| M] () [File_System | Auto | Running]—C:\WINDOWS\System32\drivers\StarOpen.sys—(StarOpen)
DRV - [2009-10-26 05:47:30 | 004,221,952 |——| M] (Intel Corporation) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\NETw5x32.sys—(NETw5x32) Intel(R)
DRV - [2009-05-06 13:11:22 | 000,023,096 |——| M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\SndTAudio.sys—(SndTAudio)
DRV - [2009-03-11 17:51:00 | 000,050,448 |——| M] (Basler AG) [Kernel | Auto | Running]—C:\WINDOWS\system32\drivers\pynwagnt.sys—(PYNWAGNT)
DRV - [2009-03-06 10:39:10 | 000,208,824 |——| M] (Wave Systems Corp.) [File_System | Auto | Running]—C:\WINDOWS\system32\drivers\WavxDMgr.sys—(WavxDMgr)
DRV - [2009-03-06 10:39:00 | 000,026,608 |——| M] (Dell Inc) [Kernel | Boot | Running]—C:\WINDOWS\system32\drivers\PBADRV.sys—(PBADRV)
DRV - [2009-02-03 19:13:30 | 000,049,552 |——| M] (Basler AG) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\pynwflt.sys—(PyNwFlt)
DRV - [2008-08-13 16:23:56 | 000,011,904 |——| M] (Intel Corporation) [Kernel | Auto | Running]—C:\WINDOWS\system32\drivers\s24trans.sys—(s24trans)
DRV - [2007-12-23 17:18:48 | 000,068,696 |——| M] (O2Micro) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\oz776.sys—(guardian2)
DRV - [2007-08-02 17:35:12 | 000,989,952 | R—- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\HSF_DPV.sys—(HSF_DPV)
DRV - [2007-08-02 17:34:30 | 000,211,200 | R—- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\HSFHWAZL.sys—(HSFHWAZL)
DRV - [2007-08-02 17:34:26 | 000,731,136 | R—- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\HSF_CNXT.sys—(winachsf)
DRV - [2007-06-20 14:30:20 | 000,010,480 |——| M] (Broadcom Corporation) [Kernel | Auto | Running]—C:\Programmer\Broadcom\ASFIPMon\BASFND.sys—(BASFND)
DRV - [2007-06-14 15:29:08 | 000,457,856 |——| M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped]—C:\WINDOWS\system32\drivers\PAC7302.SYS—(PAC7302)
DRV - [2007-06-06 12:51:04 | 000,161,792 |——| M] (Broadcom Corporation) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\b57xp32.sys—(b57w2k)
DRV - [2007-05-10 10:24:34 | 001,222,840 |——| M] (SigmaTel, Inc.) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\sthda.sys—(STHDA)
DRV - [2007-04-23 16:39:00 | 000,113,920 |——| M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\tosrfbd.sys—(tosrfbd)
DRV - [2007-04-10 20:29:42 | 000,041,856 |——| M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\tosrfusb.sys—(Tosrfusb)
DRV - [2007-03-21 22:02:04 | 000,037,376 |——| M] (REDC) [Kernel | Auto | Running]—C:\WINDOWS\system32\drivers\rixdptsk.sys—(rismxdp)
DRV - [2007-02-24 14:42:22 | 000,039,936 |——| M] (REDC) [Kernel | Auto | Running]—C:\WINDOWS\system32\drivers\rimmptsk.sys—(rimmptsk)
DRV - [2007-01-23 16:40:20 | 000,042,496 |——| M] (REDC) [Kernel | Auto | Running]—C:\WINDOWS\system32\drivers\rimsptsk.sys—(rimsptsk)
DRV - [2007-01-16 10:22:00 | 000,031,744 |——| M] (CSR, plc) [Kernel | On_Demand | Stopped]—C:\WINDOWS\system32\drivers\csrbcxp.sys—(CSRBC)
DRV - [2006-11-22 16:09:22 | 000,053,504 |——| M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped]—C:\WINDOWS\system32\drivers\TosRfSnd.sys—(TosRfSnd)
DRV - [2006-11-22 06:20:00 | 000,072,704 |——| M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running]—C:\WINDOWS\system32\drivers\WibuKey.sys—(WIBUKEY)
DRV - [2006-11-20 17:55:16 | 000,036,480 |——| M] (TOSHIBA Corporation) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\tosrfbnp.sys—(tosrfbnp)
DRV - [2006-11-09 06:20:00 | 000,016,384 |——| M] (WIBU-SYSTEMS AG) [Kernel | On_Demand | Stopped]—C:\WINDOWS\system32\drivers\Wibukey2.sys—(Wibukey2)
DRV - [2006-10-10 19:33:00 | 000,041,600 |——| M] (TOSHIBA Corporation) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\tosporte.sys—(tosporte)
DRV - [2006-10-05 16:07:46 | 000,073,600 |——| M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\Tosrfhid.sys—(Tosrfhid)
DRV - [2005-08-12 16:50:46 | 000,016,128 |——| M] (Dell Inc) [Kernel | System | Running]—C:\WINDOWS\system32\drivers\APPDRV.SYS—(APPDRV)
DRV - [2005-08-01 16:45:00 | 000,064,896 |——| M] (TOSHIBA Corporation) [Kernel | System | Running]—C:\WINDOWS\system32\drivers\tosrfcom.sys—(Tosrfcom)
DRV - [2005-01-06 13:42:00 | 000,018,612 |——| M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running]—C:\WINDOWS\system32\drivers\tosrfnds.sys—(tosrfnds)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://search.live.com/results.aspx?q={searchTerms}&src;={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0



IE - HKU\S-1-5-21-2585336296-2683178579-560321132-1125\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mit.tdc.dk/
IE - HKU\S-1-5-21-2585336296-2683178579-560321132-1125\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://dk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2585336296-2683178579-560321132-1125\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da
IE - HKU\S-1-5-21-2585336296-2683178579-560321132-1125\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 26 6D 9D 9D 91 D6 CC 01 [binary data]
IE - HKU\S-1-5-21-2585336296-2683178579-560321132-1125\..\SearchScopes,DefaultScope = {9FDEE07F-1220-4EC1-A5E9-D5C11F9FF3E0}
IE - HKU\S-1-5-21-2585336296-2683178579-560321132-1125\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2585336296-2683178579-560321132-1125\..\SearchScopes\{9FDEE07F-1220-4EC1-A5E9-D5C11F9FF3E0}: “URL” = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie;={inputEncoding?}&oe;={outputEncoding?}
IE - HKU\S-1-5-21-2585336296-2683178579-560321132-1125\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKU\S-1-5-21-2585336296-2683178579-560321132-1125\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” = <local>


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programmer\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Programmer\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programmer\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programmer\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ptc.com/ProductViewLite: C:\Programmer\Fælles filer\PTC\np6_pvapplite9.dll (PTC)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\programmer\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\programmer\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\programmer\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmer\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmer\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmer\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-31 18:22:37 | 000,000,000 |—-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Programmer\F-Secure\NRS\litmus-ff@f-secure.com [2012-06-08 15:11:54 | 000,000,000 |—-D | M]

[2011-12-09 21:22:56 | 000,002,047 |——| M] ()—C:\Programmer\mozilla firefox\searchplugins\fcmdSrch.xml

O1 HOSTS File: ([2012-05-31 17:43:02 | 000,000,355 |——| M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1   localhost
O1 - Hosts: ::1         localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Programmer\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Programmer\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2585336296-2683178579-560321132-1125\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Programmer\Fælles filer\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ChangeTPMAuth] C:\Programmer\Wave Systems Corp\Common\ChangeTPMAuth.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [EmbassySecurityCheck] C:\Programmer\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [EvtMgr6] C:\Programmer\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [F-Secure Manager] C:\Programmer\F-Secure\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Programmer\F-Secure\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Programmer\Fælles filer\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Programmer\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [lxdxamon] C:\Programmer\Lexmark 3600-4600 Series\lxdxamon.exe ()
O4 - HKLM..\Run: [lxdxmon.exe] C:\Programmer\Lexmark 3600-4600 Series\lxdxmon.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programmer\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [SecureUpgrade] C:\Programmer\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Programmer\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\programmer\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WavXMgr] C:\Programmer\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\Bluetooth Manager.lnk = C:\Programmer\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\Windchill ProductPoint Client Manager.lnk = C:\WINDOWS\Installer\{129024FF-A6C9-4696-91BC-570C6C05193A}\_F5BCEE176F60B4DABC6DF8.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\WinZip Quick Pick.lnk = C:\Programmer\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
O4 - Startup: C:\Documents and Settings\kdp\Menuen Start\Programmer\Start\GoogleCalendarSync.exe (Google)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2585336296-2683178579-560321132-1125\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O9 - Extra Button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Programmer\SoundTaxi\YouTubeRipper.dll ()
O9 - Extra ‘Tools’ menuitem : Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Programmer\SoundTaxi\YouTubeRipper.dll ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra ‘Tools’ menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programmer\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {1ED48504-8834-11D5-AC75-0008C73FD642} file:///C:/Programmer/proeWildfire 3.0/i486_nt/obj/pvx_install.exe (ProductView Express)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {640373B0-6978-4FA5-A9FC-420ECBBC61C7} http://www.3d-sd.dk/general/3dmodels/TCC/Plan12/Komplet 3D-model - 12102009/dll/zkitlib.dll (Web Viewer Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1287304315765 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} https://www2.gotomeeting.com/default/applets/g2mdlax.cab (GoToMeeting Web Starter)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.euro.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}  (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.30 10.0.0.31
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Domain.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0AFBA613-A5B8-4D51-95D0-414234000AA9}: DhcpNameServer = 10.0.0.30 10.0.0.31
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47068BAE-2166-4969-AC51-F95631FA372C}: DhcpNameServer = 10.0.0.30 10.0.0.31
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7F3BAC3-B40C-4D72-922E-C9BA7A0F3CF0}: DhcpNameServer = 62.44.166.69 62.44.166.197
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmer\Fælles filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmer\Fælles filer\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmer\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmer\Fælles filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\programmer\fælles filer\logishrd\bluetooth\LBTWlgn.dll) - c:\Programmer\Fælles filer\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\NavLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programmer\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-05-09 14:48:32 | 000,000,000 |—-D | M] - C:\Autodesk—[ NTFS ]
O32 - AutoRun File - [2010-10-15 23:32:08 | 000,000,000 |——| M] () - C:\AUTOEXEC.BAT—[ NTFS ]
O32 - AutoRun File - [1999-05-25 10:35:16 | 000,001,788 |——| M] () - N:\AUTORUN.INF—[ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open]—“%1” %*
O35 - HKLM\..exefile [open]—“%1” %*
O37 - HKLM\...com [@ = comfile]—“%1” %*
O37 - HKLM\...exe [@ = exefile]—“%1” %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: Sharedaccess -  File not found
NetSvcs: WmdmPmSp -  File not found

CREATERESTOREPOINT
System Restore Service not available.

========== Files/Folders - Created Within 30 Days ==========

[2012-06-18 13:29:01 | 000,000,000 |—-D | C]—C:\Documents and Settings\kdp.DOMAIN\Skrivebord\novo foto
[2012-06-17 17:50:40 | 000,595,968 |——| C] (OldTimer Tools)—C:\Documents and Settings\kdp.DOMAIN\Skrivebord\OTL.exe
[2012-06-17 16:55:03 | 000,000,000 |—-D | C]—C:\Programmer\Trend Micro
[2012-06-17 16:55:03 | 000,000,000 |—-D | C]—C:\Documents and Settings\kdp.DOMAIN\Menuen Start\Programmer\HiJackThis
[2012-06-16 13:10:58 | 000,000,000 |—-D | C]—C:\Documents and Settings\kdp.DOMAIN\Dokumenter\Ny mappe (2)
[2012-06-16 13:10:57 | 000,000,000 |—-D | C]—C:\Documents and Settings\kdp.DOMAIN\Dokumenter\Dell
[2012-06-16 13:10:11 | 000,000,000 |—-D | C]—C:\Documents and Settings\kdp.DOMAIN\Menuen Start\Programmer\Dell Inc
[2012-06-16 12:49:17 | 000,000,000 |—-D | C]—C:\Documents and Settings\kdp.DOMAIN\Skrivebord\backups
[2012-06-16 12:36:13 | 000,000,000 | RH-D | C]—C:\Documents and Settings\kdp.DOMAIN\Recent
[2012-06-16 11:52:44 | 000,000,000 |—-D | C]—C:\Programmer\Desktop
[2012-06-13 22:15:25 | 000,000,000 |—-D | C]—C:\Documents and Settings\kdp.DOMAIN\Lokale indstillinger\Application Data\Secunia PSI
[2012-06-13 22:15:02 | 000,000,000 |—-D | C]—C:\Programmer\Secunia
[2012-06-12 21:37:36 | 000,000,000 |—-D | C]—C:\Programmer\ESET
[2012-06-11 14:45:29 | 000,000,000 |—-D | C]—C:\Programmer\Fælles filer\DESIGNER
[2012-06-11 14:44:31 | 000,000,000 |—-D | C]—C:\Programmer\Microsoft Visual Studio
[2012-06-08 15:06:22 | 000,000,000 |—-D | C]—C:\Documents and Settings\All Users\Menuen Start\Programmer\F-Secure Client Security
[2012-06-08 14:25:32 | 000,000,000 |—-D | C]—C:\Documents and Settings\NetworkService\Lokale indstillinger\Application Data\F-Secure
[2012-06-08 14:24:55 | 000,080,016 |——| C] (F-Secure Corporation)—C:\WINDOWS\System32\drivers\fsdfw.sys
[2012-06-08 14:18:26 | 000,000,000 |—-D | C]—C:\Documents and Settings\All Users\Application Data\fssg
[2012-06-08 14:17:34 | 000,000,000 |—-D | C]—C:\Programmer\F-Secure
[2012-06-08 14:16:44 | 000,000,000 |—-D | C]—C:\Documents and Settings\kdp.DOMAIN\Skrivebord\Fsecure
[2012-06-06 21:18:53 | 000,000,000 |—-D | C]—C:\Documents and Settings\kdp.DOMAIN\Lokale indstillinger\Application Data\Deployment
[2012-06-06 18:59:01 | 000,000,000 |—-D | C]—C:\Documents and Settings\kdp.DOMAIN\Dokumenter\Sommerferie
[2012-06-04 10:24:48 | 000,000,000 |—-D | C]—C:\adobeTemp
[2012-06-01 06:43:13 | 000,000,000 |—-D | C]—C:\Documents and Settings\kdp.DOMAIN\Application Data\Malwarebytes
[2012-06-01 06:43:03 | 000,000,000 |—-D | C]—C:\Documents and Settings\All Users\Menuen Start\Programmer\Malwarebytes’ Anti-Malware
[2012-06-01 06:43:00 | 000,022,344 |——| C] (Malwarebytes Corporation)—C:\WINDOWS\System32\drivers\mbam.sys
[2012-06-01 06:43:00 | 000,000,000 |—-D | C]—C:\Programmer\Malwarebytes’ Anti-Malware
[2012-06-01 06:43:00 | 000,000,000 |—-D | C]—C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012-05-31 21:56:46 | 000,000,000 |—-D | C]—C:\Documents and Settings\kdp.DOMAIN\Application Data\QuickScan
[2012-05-31 21:08:06 | 000,000,000 |—-D | C]—C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2012-05-31 20:46:19 | 000,000,000 |—-D | C]—C:\Documents and Settings\All Users\Application Data\GFI Software
[2012-05-31 18:30:15 | 000,000,000 |—-D | C]—C:\Documents and Settings\kdp.DOMAIN\Application Data\Ad-Aware Antivirus
[2012-05-31 18:27:59 | 000,000,000 |—-D | C]—C:\Documents and Settings\NetworkService\Application Data\Ad-Aware Antivirus
[2012-05-31 18:23:21 | 000,000,000 |—-D | C]—C:\Programmer\Fælles filer\xing shared
[2012-05-31 18:23:17 | 000,000,000 |—-D | C]—C:\Documents and Settings\All Users\Application Data\Lavasoft
[2012-05-31 18:23:16 | 000,000,000 |—-D | C]—C:\Programmer\Ad-Aware Antivirus
[2012-05-31 18:20:07 | 000,000,000 |—-D | C]—C:\Documents and Settings\All Users\Menuen Start\Programmer\RealNetworks
[2012-05-31 17:32:08 | 000,000,000 |—-D | C]—C:\Documents and Settings\kdp.DOMAIN\Application Data\f-secure
[2012-05-31 17:31:49 | 000,000,000 |—-D | C]—C:\Documents and Settings\All Users\Application Data\F-Secure
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-06-18 15:08:00 | 000,000,410 | -H—| M] ()—C:\WINDOWS\tasks\User_Feed_Synchronization-{1BA29A02-51F6-4C03-99DF-E445CA6AF43E}.job
[2012-06-18 15:07:00 | 000,000,410 | -H—| M] ()—C:\WINDOWS\tasks\User_Feed_Synchronization-{AA14B53C-C34E-4453-AD51-5FFC7D7EB41B}.job
[2012-06-18 15:07:00 | 000,000,410 | -H—| M] ()—C:\WINDOWS\tasks\User_Feed_Synchronization-{7FC6C589-A425-49F0-9FD5-1ACBF095F1C7}.job
[2012-06-18 14:41:00 | 000,000,914 |——| M] ()—C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cc240fc5b0f11e.job
[2012-06-18 14:36:00 | 000,000,830 |——| M] ()—C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-06-18 14:08:45 | 000,000,982 |——| M] ()—C:\Documents and Settings\kdp.DOMAIN\Skrivebord\Genvej til Dropbox.exe.lnk
[2012-06-18 11:15:00 | 000,000,964 |——| M] ()—C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-746137067-879983540-725345543-1003Core.job
[2012-06-18 10:55:10 | 000,002,585 |——| M] ()—C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\Windchill ProductPoint Client Manager.lnk
[2012-06-18 10:54:45 | 000,000,000 |——| M] ()—C:\Documents and Settings\kdp.DOMAIN\Lokale indstillinger\Application Data\WavXMapDrive.bat
[2012-06-18 10:54:21 | 000,002,206 |——| M] ()—C:\WINDOWS\System32\wpa.dbl
[2012-06-18 10:54:19 | 000,000,910 |——| M] ()—C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc240fc539bb8a.job
[2012-06-18 10:54:17 | 000,000,422 |——| M] ()—C:\WINDOWS\tasks\SyncToy 2.job
[2012-06-18 10:54:17 | 000,000,268 |——| M] ()—C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-746137067-879983540-725345543-1003.job
[2012-06-18 10:54:17 | 000,000,268 |——| M] ()—C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2585336296-2683178579-560321132-1125.job
[2012-06-18 10:54:17 | 000,000,268 |——| M] ()—C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1275210071-1614895754-839522115-1175.job
[2012-06-18 10:45:49 | 000,002,048 |—S- | M] ()—C:\WINDOWS\bootstat.dat
[2012-06-17 22:17:05 | 000,076,933 |——| M] ()—C:\Documents and Settings\kdp.DOMAIN\Skrivebord\screen.jpg
[2012-06-17 22:13:06 | 002,073,654 |——| M] ()—C:\Documents and Settings\kdp.DOMAIN\Skrivebord\screen.bmp
[2012-06-17 17:50:49 | 000,595,968 |——| M] (OldTimer Tools)—C:\Documents and Settings\kdp.DOMAIN\Skrivebord\OTL.exe
[2012-06-17 16:55:27 | 000,002,439 |——| M] ()—C:\Documents and Settings\kdp.DOMAIN\Skrivebord\HiJackThis.lnk
[2012-06-17 16:42:17 | 000,002,535 |——| M] ()—C:\Documents and Settings\kdp.DOMAIN\Skrivebord\Microsoft Office Word 2007.lnk
[2012-06-16 12:47:01 | 000,002,187 |——| M] ()—C:\Documents and Settings\kdp.DOMAIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012-06-15 10:09:52 | 000,000,301 |——| M] ()—C:\WINDOWS\AllegroClient.INI
[2012-06-13 12:50:24 | 000,001,824 | -H—| M] ()—C:\Documents and Settings\kdp.DOMAIN\Dokumenter\Default.rdp
[2012-06-13 03:35:39 | 003,646,344 |——| M] ()—C:\WINDOWS\System32\FNTCACHE.DAT
[2012-06-13 03:17:26 | 000,543,802 |——| M] ()—C:\WINDOWS\System32\perfh006.dat
[2012-06-13 03:17:26 | 000,504,494 |——| M] ()—C:\WINDOWS\System32\perfh009.dat
[2012-06-13 03:17:26 | 000,110,374 |——| M] ()—C:\WINDOWS\System32\perfc006.dat
[2012-06-13 03:17:26 | 000,089,094 |——| M] ()—C:\WINDOWS\System32\perfc009.dat
[2012-06-12 21:04:19 | 000,000,276 |——| M] ()—C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2585336296-2683178579-560321132-1125.job
[2012-06-12 17:41:04 | 000,000,276 |——| M] ()—C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1275210071-1614895754-839522115-1175.job
[2012-06-12 13:23:23 | 000,073,176 | -H—| M] ()—C:\WINDOWS\System32\mlfcache.dat
[2012-06-12 12:01:00 | 000,000,272 |——| M] ()—C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012-06-11 15:01:56 | 000,000,777 |——| M] ()—C:\Documents and Settings\kdp.DOMAIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2012-06-11 08:10:07 | 000,002,329 |——| M] ()—C:\Documents and Settings\All Users\Skrivebord\Axon 2.lnk
[2012-06-08 15:14:26 | 000,044,184 |——| M] ()—C:\WINDOWS\System32\drivers\fsbts.sys
[2012-06-06 15:46:55 | 000,009,728 |——| M] ()—C:\Documents and Settings\kdp.DOMAIN\Lokale indstillinger\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-06-05 20:00:04 | 000,060,304 |——| M] ()—C:\Documents and Settings\kdp.DOMAIN\g2mdlhlpx.exe
[2012-06-05 13:54:38 | 017,748,594 |——| M] ()—C:\Documents and Settings\kdp.DOMAIN\Dokumenter\tv manual.pdf
[2012-06-04 21:50:00 | 000,000,276 |——| M] ()—C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-746137067-879983540-725345543-1003.job
[2012-06-04 13:55:08 | 000,000,763 |——| M] ()—C:\Documents and Settings\All Users\Skrivebord\Malwarebytes Anti-Malware.lnk
[2012-05-31 21:00:17 | 000,000,664 |——| M] ()—C:\WINDOWS\System32\d3d9caps.dat
[2012-05-31 18:32:04 | 000,000,940 |——| M] ()—C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2012-05-31 18:23:51 | 000,000,733 |——| M] ()—C:\Documents and Settings\kdp.DOMAIN\Skrivebord\RealPlayer.lnk
[2012-05-31 18:20:06 | 000,272,896 |——| M] (Progressive Networks)—C:\WINDOWS\System32\pncrt.dll
[2012-05-31 18:17:37 | 000,000,211 | -HS- | M] ()—C:\boot.ini
[2012-05-31 17:43:02 | 000,000,355 |——| M] ()—C:\WINDOWS\System32\drivers\etc\hosts
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-06-18 14:08:45 | 000,000,982 |——| C] ()—C:\Documents and Settings\kdp.DOMAIN\Skrivebord\Genvej til Dropbox.exe.lnk
[2012-06-17 22:16:41 | 000,076,933 |——| C] ()—C:\Documents and Settings\kdp.DOMAIN\Skrivebord\screen.jpg
[2012-06-17 22:13:03 | 002,073,654 |——| C] ()—C:\Documents and Settings\kdp.DOMAIN\Skrivebord\screen.bmp
[2012-06-17 16:55:03 | 000,002,439 |——| C] ()—C:\Documents and Settings\kdp.DOMAIN\Skrivebord\HiJackThis.lnk
[2012-06-08 14:25:16 | 000,044,184 |——| C] ()—C:\WINDOWS\System32\drivers\fsbts.sys
[2012-06-06 22:05:20 | 002,344,352 |——| C] ()—C:\Documents and Settings\LocalService\Lokale indstillinger\Application Data\FontCache3.0.0.0.dat
[2012-06-06 21:49:34 | 000,000,268 |——| C] ()—C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2585336296-2683178579-560321132-1125.job
[2012-06-05 13:54:39 | 017,748,594 |——| C] ()—C:\Documents and Settings\kdp.DOMAIN\Dokumenter\tv manual.pdf
[2012-06-05 13:03:36 | 000,002,303 |——| C] ()—C:\Documents and Settings\All Users\Menuen Start\Programmer\Adobe Reader X.lnk
[2012-06-04 13:55:08 | 000,000,763 |——| C] ()—C:\Documents and Settings\All Users\Skrivebord\Malwarebytes Anti-Malware.lnk
[2012-05-31 18:32:04 | 000,000,940 |——| C] ()—C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2012-05-31 18:23:51 | 000,000,733 |——| C] ()—C:\Documents and Settings\kdp.DOMAIN\Skrivebord\RealPlayer.lnk
[2012-05-09 14:27:33 | 000,000,566 |——| C] ()—C:\WINDOWS\System32\SP7302.INI
[2012-03-10 18:03:59 | 000,000,552 |——| C] ()—C:\WINDOWS\System32\d3d8caps.dat
[2012-02-16 18:56:46 | 000,003,072 |——| C] ()—C:\WINDOWS\System32\iacenc.dll
[2012-01-23 14:35:04 | 000,009,728 |——| C] ()—C:\Documents and Settings\kdp.DOMAIN\Lokale indstillinger\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-01-18 18:27:53 | 001,829,618 |——| C] ()—C:\Documents and Settings\LocalService\Lokale indstillinger\Application Data\WPFFontCache_v0400-S-1-5-21-2585336296-2683178579-560321132-1125-0.dat
[2012-01-18 18:27:53 | 000,418,254 |——| C] ()—C:\Documents and Settings\LocalService\Lokale indstillinger\Application Data\WPFFontCache_v0400-S-1-5-21-2585336296-2683178579-560321132-500-0.dat
[2012-01-18 17:16:59 | 000,000,000 |——| C] ()—C:\Documents and Settings\kdp.DOMAIN\Lokale indstillinger\Application Data\WavXMapDrive.bat
[2012-01-18 16:34:00 | 000,418,254 |——| C] ()—C:\Documents and Settings\LocalService\Lokale indstillinger\Application Data\WPFFontCache_v0400-S-1-5-21-746137067-879983540-725345543-500-0.dat
[2011-05-30 16:34:09 | 001,204,974 |——| C] ()—C:\Documents and Settings\LocalService\Lokale indstillinger\Application Data\WPFFontCache_v0400-S-1-5-21-746137067-879983540-725345543-1003-0.dat
[2011-05-30 16:34:08 | 000,412,738 |——| C] ()—C:\Documents and Settings\LocalService\Lokale indstillinger\Application Data\WPFFontCache_v0400-System.dat
[2011-05-30 11:21:41 | 000,000,000 |——| C] ()—C:\WINDOWS\eDrawingOfficeAutomator.INI
[2011-05-10 08:49:05 | 000,260,808 |——| C] ()—C:\WINDOWS\System32\nvdrsdb1.bin
[2011-05-10 08:49:05 | 000,260,808 |——| C] ()—C:\WINDOWS\System32\nvdrsdb0.bin
[2011-05-10 08:49:05 | 000,000,001 |——| C] ()—C:\WINDOWS\System32\nvdrssel.bin
[2011-05-10 08:48:42 | 002,116,894 |——| C] ()—C:\WINDOWS\System32\nvdata.bin
[2011-05-04 13:13:05 | 000,073,176 | -H—| C] ()—C:\WINDOWS\System32\mlfcache.dat
[2011-03-01 10:43:45 | 000,005,504 |——| C] ()—C:\WINDOWS\System32\drivers\StarOpen.sys
[2011-02-28 14:32:33 | 000,090,112 |——| C] ()—C:\WINDOWS\System32\custmon2k.dll
[2011-02-28 14:32:33 | 000,053,248 |——| C] ()—C:\WINDOWS\System32\uninstpw.exe
[2010-12-27 03:33:31 | 000,000,664 |——| C] ()—C:\WINDOWS\System32\d3d9caps.dat
[2010-11-30 12:24:46 | 000,000,099 |——| C] ()—C:\WINDOWS\WirelessFTP.INI
[2010-11-24 15:31:20 | 000,053,248 |——| C] ()—C:\WINDOWS\System32\ZLIB.DLL
[2010-11-19 14:53:53 | 000,000,043 |——| C] ()—C:\WINDOWS\gswin32.ini
[2010-11-19 14:05:19 | 000,000,032 |——| C] ()—C:\WINDOWS\PrintPreview.INI
[2010-11-15 13:03:10 | 000,057,552 |——| C] ()—C:\WINDOWS\System32\WkDos.exe
[2010-11-04 09:50:04 | 000,000,144 |——| C] ()—C:\WINDOWS\VCVI_vui.ini
[2010-11-04 09:50:04 | 000,000,000 |——| C] ()—C:\WINDOWS\VCVI_vui_ftb.ini
[2010-11-02 15:56:33 | 000,000,056 | -H—| C] ()—C:\WINDOWS\System32\ezsidmv.dat
[2010-11-01 22:33:25 | 000,127,026 |——| C] ()—C:\WINDOWS\System32\pdfmona.dll
[2010-11-01 22:33:24 | 000,048,936 |——| C] ()—C:\WINDOWS\System32\pdf995mon.dll
[2010-11-01 21:18:55 | 000,000,000 |——| C] ()—C:\WINDOWS\communicator_NextDay.ini
[2010-10-31 12:36:27 | 000,000,044 |——| C] ()—C:\WINDOWS\System32\lxdxrwrd.ini
[2010-10-25 21:40:11 | 000,040,960 |——| C] ()—C:\WINDOWS\System32\lxdxvs.dll
[2010-10-25 21:40:10 | 000,409,600 |——| C] ( )—C:\WINDOWS\System32\lxdxcoin.dll
[2010-10-25 21:39:51 | 000,782,336 |——| C] ()—C:\WINDOWS\System32\lxdxdrs.dll
[2010-10-25 21:39:51 | 000,081,920 |——| C] ()—C:\WINDOWS\System32\lxdxcaps.dll
[2010-10-25 21:39:51 | 000,069,632 |——| C] ()—C:\WINDOWS\System32\lxdxcnv4.dll
[2010-10-25 21:39:28 | 001,105,920 |——| C] ( )—C:\WINDOWS\System32\lxdxserv.dll
[2010-10-25 21:39:28 | 000,843,776 |——| C] ( )—C:\WINDOWS\System32\lxdxusb1.dll
[2010-10-25 21:39:28 | 000,663,552 |——| C] ( )—C:\WINDOWS\System32\lxdxhbn3.dll
[2010-10-25 21:39:28 | 000,647,168 |——| C] ( )—C:\WINDOWS\System32\lxdxpmui.dll
[2010-10-25 21:39:28 | 000,569,344 |——| C] ( )—C:\WINDOWS\System32\lxdxlmpm.dll
[2010-10-25 21:39:28 | 000,438,272 |——| C] ( )—C:\WINDOWS\System32\LXDXhcp.dll
[2010-10-25 21:39:28 | 000,364,544 |——| C] ( )—C:\WINDOWS\System32\lxdxinpa.dll
[2010-10-25 21:39:28 | 000,348,160 |——| C] ()—C:\WINDOWS\System32\LXDXinst.dll
[2010-10-25 21:39:28 | 000,339,968 |——| C] ( )—C:\WINDOWS\System32\lxdxiesc.dll
[2010-10-25 21:39:28 | 000,320,168 |——| C] ( )—C:\WINDOWS\System32\lxdxih.exe
[2010-10-25 21:39:28 | 000,208,896 |——| C] ()—C:\WINDOWS\System32\lxdxgrd.dll
[2010-10-25 21:39:28 | 000,106,496 |——| C] ()—C:\WINDOWS\System32\lxdxinsr.dll
[2010-10-25 21:39:28 | 000,053,248 |——| C] ( )—C:\WINDOWS\System32\lxdxprox.dll
[2010-10-25 21:39:27 | 000,851,968 |——| C] ( )—C:\WINDOWS\System32\lxdxcomc.dll
[2010-10-25 21:39:27 | 000,594,600 |——| C] ( )—C:\WINDOWS\System32\lxdxcoms.exe
[2010-10-25 21:39:27 | 000,376,832 |——| C] ( )—C:\WINDOWS\System32\lxdxcomm.dll
[2010-10-25 21:39:27 | 000,365,224 |——| C] ( )—C:\WINDOWS\System32\lxdxcfg.exe
[2010-10-25 09:20:10 | 000,000,301 |——| C] ()—C:\WINDOWS\AllegroClient.INI
[2010-10-24 17:00:05 | 000,000,352 |——| C] ()—C:\WINDOWS\modelcheck.INI
[2010-10-18 15:17:07 | 000,000,000 |——| C] ()—C:\WINDOWS\vpc32.INI
[2010-10-17 09:29:14 | 000,000,376 |——| C] ()—C:\WINDOWS\ODBC.INI
[2010-10-16 20:18:06 | 000,080,368 |——| C] ()—C:\WINDOWS\System32\pbadrvdll.dll
[2010-10-16 20:18:02 | 000,143,360 |——| C] ()—C:\WINDOWS\System32\bioapi_mds300.dll.bak
[2010-10-16 20:18:02 | 000,143,360 |——| C] ()—C:\WINDOWS\System32\bioapi_mds300.dll
[2010-10-16 20:18:02 | 000,106,496 |——| C] ()—C:\WINDOWS\System32\bioapi100.dll.bak
[2010-10-16 20:18:02 | 000,106,496 |——| C] ()—C:\WINDOWS\System32\bioapi100.dll
[2010-10-16 11:46:32 | 000,000,000 |——| C] ()—C:\WINDOWS\tosOBEX.INI
[2010-10-16 11:19:53 | 000,016,480 |——| C] ()—C:\WINDOWS\System32\rixdicon.dll
[2010-10-16 10:01:31 | 000,106,113 |——| C] ()—C:\WINDOWS\System32\nvModes.dat
[2010-10-16 00:53:59 | 000,004,161 |——| C] ()—C:\WINDOWS\ODBCINST.INI
[2010-10-16 00:52:51 | 003,646,344 |——| C] ()—C:\WINDOWS\System32\FNTCACHE.DAT
[2010-10-15 23:35:26 | 000,002,048 |—S- | C] ()—C:\WINDOWS\bootstat.dat
[2010-10-15 23:29:18 | 000,021,644 |——| C] ()—C:\WINDOWS\System32\emptyregdb.dat
[2010-09-17 11:00:30 | 000,106,208 |——| C] ()—C:\WINDOWS\System32\CprIf.dll
[2004-08-27 12:00:00 | 000,002,048 | -HS- | C] ()—C:\WINDOWS\Installer\{bcda107f-ad12-95a3-75a1-058bac59bc77}\@
[2004-08-27 12:00:00 | 000,002,048 | -HS- | C] ()—C:\Documents and Settings\kdp.DOMAIN\Lokale indstillinger\Application Data\{bcda107f-ad12-95a3-75a1-058bac59bc77}\@

========== LOP Check ==========

[2012-01-18 16:29:38 | 000,000,000 |—-D | M]—C:\Documents and Settings\Administrator\Application Data\Garmin
[2010-10-24 15:00:04 | 000,000,000 |—-D | M]—C:\Documents and Settings\Administrator\Application Data\Wave Systems Corp
[2010-10-24 14:46:01 | 000,000,000 |—-D | M]—C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search
[2012-01-18 17:15:29 | 000,000,000 |—-D | M]—C:\Documents and Settings\administrator.DOMAIN\Application Data\Garmin
[2012-01-18 17:20:15 | 000,000,000 |—-D | M]—C:\Documents and Settings\administrator.DOMAIN\Application Data\Wave Systems Corp
[2012-01-18 17:15:34 | 000,000,000 |—-D | M]—C:\Documents and Settings\administrator.DOMAIN\Application Data\Windows Desktop Search
[2012-01-20 11:52:25 | 000,000,000 |—-D | M]—C:\Documents and Settings\administrator.DOMAIN\Application Data\Windows Search
[2012-05-09 15:09:14 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\Autodesk
[2011-03-01 10:43:55 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2011-02-09 14:22:32 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\Ecrion
[2012-06-08 14:24:53 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\F-Secure
[2011-12-09 21:22:51 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\Freemake
[2012-06-08 14:18:26 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\fssg
[2012-06-11 08:11:43 | 000,000,000 |—-D | M]—C:\Documents and Settings\All

[2012-06-11 08:11:43 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\Garmin
[2010-11-15 13:49:55 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\genicam
[2012-05-31 20:46:19 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\GFI Software
[2011-04-06 08:21:26 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\Installations
[2012-01-19 22:50:52 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\iRinger
[2012-01-29 15:24:42 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\Lexmark 3600-4600 Series
[2011-05-12 08:20:26 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\livepim
[2010-11-04 09:49:38 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\Marcam Engineering
[2010-10-17 21:05:51 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\Materialise
[2010-10-27 21:05:10 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\MyHeritage
[2010-10-24 17:11:45 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\Nokia
[2010-10-24 16:48:24 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2010-10-16 20:17:04 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\NTRU Cryptosystems
[2011-01-23 14:00:26 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\ODIR
[2010-10-24 17:09:09 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\PC Suite
[2010-10-26 09:41:14 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\PTC
[2011-11-23 16:18:09 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2011-04-06 15:00:46 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\TEMP
[2010-10-16 11:34:09 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\UIB
[2010-10-16 20:26:39 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\Wave Systems Corp
[2010-10-17 10:13:50 | 000,000,000 |—-D | M]—C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012-02-29 17:09:41 | 000,000,000 | -H-D | M]—C:\Documents and Settings\All Users\Application Data\{D442AA21-2974-4780-8B76-C1F4E006B47A}
[2011-12-10 12:54:19 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp\Application Data\.minecraft
[2011-08-10 15:40:25 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp\Application Data\Canneverbe Limited
[2012-01-12 08:48:38 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp\Application Data\Dropbox
[2011-05-30 11:22:15 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp\Application Data\EDrawings
[2011-12-02 09:14:16 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp\Application Data\FileZilla
[2012-01-06 09:19:56 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp\Application Data\GARMIN
[2011-07-28 10:20:30 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp\Application Data\gcaltoolkit
[2011-11-09 10:49:57 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp\Application Data\Geomagic
[2010-10-17 21:08:28 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp\Application Data\Materialise
[2011-05-24 14:51:15 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp\Application Data\netfabb
[2011-05-25 12:40:17 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp\Application Data\PTC
[2012-01-08 13:32:50 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp\Application Data\TeamViewer
[2010-10-16 20:24:20 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp\Application Data\Wave Systems Corp
[2010-10-17 10:26:04 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp\Application Data\Windows Desktop Search
[2010-10-17 16:25:30 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp\Application Data\Windows Search
[2011-05-30 11:51:32 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp\Application Data\Wings3D
[2010-11-16 15:46:36 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\Autodesk
[2011-03-01 10:43:55 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\Canneverbe Limited
[2011-02-24 21:13:32 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\Dropbox
[2011-04-06 08:28:18 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\Easeware
[2011-02-09 14:23:16 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\Ecrion
[2011-02-24 09:10:26 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\FileZilla
[2010-10-25 21:47:12 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\Geomagic
[2011-05-03 14:14:12 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\Krak
[2010-10-26 10:11:19 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\Leadertech
[2010-10-31 12:43:01 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\Lexmark Productivity Studio
[2011-01-04 16:58:40 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\Local
[2011-03-03 00:05:11 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\Materialise
[2010-10-27 21:01:29 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\MyHeritage
[2011-03-11 14:17:52 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\netfabb
[2011-04-06 08:22:27 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\Nokia
[2011-04-06 08:22:27 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\Nokia Ovi Suite
[2011-02-20 18:23:22 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\PC Suite
[2010-10-24 17:00:58 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\PTC
[2011-05-06 15:21:53 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\TeamViewer
[2011-05-04 14:51:01 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\ToDo Sync Helper
[2010-12-13 15:55:20 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\Uniblue
[2010-10-24 13:06:46 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\Wave Systems Corp
[2010-10-24 13:05:38 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\Windows Desktop Search
[2010-10-26 11:03:25 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.BNVNT\Application Data\Windows Search
[2012-03-08 20:04:34 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\.minecraft
[2012-05-31 20:42:24 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\Ad-Aware Antivirus
[2012-06-18 14:05:49 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\Autodesk
[2012-01-27 14:26:34 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\Canneverbe Limited
[2012-03-14 17:58:12 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012-03-14 18:18:55 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\com.adobe.DC3Module.AdobeADC
[2012-06-18 14:53:04 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\Dropbox
[2012-06-12 21:37:22 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\f-secure
[2012-05-11 15:38:13 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\FileZilla
[2012-06-11 08:11:44 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\Garmin
[2012-03-26 08:26:43 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\Geomagic
[2012-01-18 22:37:22 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\Leadertech
[2012-03-20 15:22:45 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\Lexmark Productivity Studio
[2012-01-19 00:08:25 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\Materialise
[2012-01-18 22:02:58 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\netfabb
[2012-05-23 21:27:54 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\PriceGong
[2012-01-18 22:03:47 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\PTC
[2012-05-31 22:00:00 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\QuickScan
[2012-03-23 12:49:07 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\TeamViewer
[2012-01-18 17:27:20 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\Wave Systems Corp
[2012-04-26 19:59:33 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\webex
[2012-01-18 17:17:05 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\Windows Desktop Search
[2012-01-18 22:31:50 | 000,000,000 |—-D | M]—C:\Documents and Settings\kdp.DOMAIN\Application Data\Windows Search
[2012-05-31 18:27:59 | 000,000,000 |—-D | M]—C:\Documents and Settings\NetworkService\Application Data\Ad-Aware Antivirus
[2010-12-15 22:11:43 | 000,000,000 |—-D | M]—C:\Documents and Settings\TEMP\Application Data\Wave Systems Corp
[2010-12-15 22:11:43 | 000,000,000 |—-D | M]—C:\Documents and Settings\TEMP\Application Data\Windows Desktop Search
[2012-05-31 18:32:04 | 000,000,940 |——| M] ()—C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job
[2012-04-26 20:16:17 | 000,000,258 |——| M] ()—C:\WINDOWS\Tasks\prismDowngrade.job
[2012-04-26 20:16:17 | 000,000,258 |——| M] ()—C:\WINDOWS\Tasks\prismShakeIcon.job
[2012-06-18 10:54:17 | 000,000,422 |——| M] ()—C:\WINDOWS\Tasks\SyncToy 2.job
[2012-06-18 15:08:00 | 000,000,410 | -H—| M] ()—C:\WINDOWS\Tasks\User_Feed_Synchronization-{1BA29A02-51F6-4C03-99DF-E445CA6AF43E}.job
[2012-06-18 15:07:00 | 000,000,410 | -H—| M] ()—C:\WINDOWS\Tasks\User_Feed_Synchronization-{7FC6C589-A425-49F0-9FD5-1ACBF095F1C7}.job
[2012-06-18 15:07:00 | 000,000,410 | -H—| M] ()—C:\WINDOWS\Tasks\User_Feed_Synchronization-{AA14B53C-C34E-4453-AD51-5FFC7D7EB41B}.job

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008-04-14 18:05:49 | 001,034,752 |——| M] (Microsoft Corporation) MD5=1D9BD1CAA1E4CF63370F201DF742DC7D—C:\WINDOWS\explorer.exe
[2008-04-14 18:05:49 | 001,034,752 |——| M] (Microsoft Corporation) MD5=1D9BD1CAA1E4CF63370F201DF742DC7D—C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004-08-27 12:00:00 | 001,033,216 |——| M] (Microsoft Corporation) MD5=DA77B9561CC9AC54584C86CAB36EBF25—C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SERVICES.EXE >
[2009-02-09 11:53:36 | 000,110,592 |——| M] (Microsoft Corporation) MD5=113BF3D1FDE0813E955381C137BA8F33—C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009-02-09 13:25:40 | 000,110,592 |——| M] (Microsoft Corporation) MD5=32F091E3425759B126760F44B5E931C9—C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009-02-09 13:25:40 | 000,110,592 |——| M] (Microsoft Corporation) MD5=32F091E3425759B126760F44B5E931C9—C:\WINDOWS\system32\dllcache\services.exe
[2009-02-09 13:25:40 | 000,110,592 |——| M] (Microsoft Corporation) MD5=32F091E3425759B126760F44B5E931C9—C:\WINDOWS\system32\services.exe
[2004-08-27 12:00:00 | 000,108,032 |——| M] (Microsoft Corporation) MD5=55BBE54A196B1A9F99EC2E01F4AC1215—C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
[2008-04-14 18:06:01 | 000,108,544 |——| M] (Microsoft Corporation) MD5=AB2B6ABF3FCDA803FF0E2251F9A5274E—C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008-04-14 18:06:01 | 000,108,544 |——| M] (Microsoft Corporation) MD5=AB2B6ABF3FCDA803FF0E2251F9A5274E—C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009-02-09 13:18:41 | 000,110,592 |——| M] (Microsoft Corporation) MD5=F8BCC407FCB4CDBF17163FAE3C820D80—C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe

< MD5 for: SVCHOST.EXE >
[2012-04-04 15:56:38 | 000,199,240 |——| M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D—C:\Programmer\Malwarebytes’ Anti-Malware\Chameleon\svchost.exe
[2004-08-27 12:00:00 | 000,014,336 |——| M] (Microsoft Corporation) MD5=46FE2ED518FDFBFD289F014A3078575C—C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2008-04-14 18:06:03 | 000,014,336 |——| M] (Microsoft Corporation) MD5=555F8F4CB284FE94059DCACF6074F9EC—C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008-04-14 18:06:03 | 000,014,336 |——| M] (Microsoft Corporation) MD5=555F8F4CB284FE94059DCACF6074F9EC—C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2004-08-27 12:00:00 | 000,024,576 |——| M] (Microsoft Corporation) MD5=3A03D6433E4E5FD3430DD3431FC6AC54—C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008-04-14 18:06:05 | 000,026,112 |——| M] (Microsoft Corporation) MD5=7B3770DB760FBBA068454EAFCAA89772—C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008-04-14 18:06:05 | 000,026,112 |——| M] (Microsoft Corporation) MD5=7B3770DB760FBBA068454EAFCAA89772—C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012-04-04 15:56:38 | 000,199,240 |——| M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D—C:\Programmer\Malwarebytes’ Anti-Malware\Chameleon\winlogon.exe
[2004-08-27 12:00:00 | 000,502,272 |——| M] (Microsoft Corporation) MD5=713AD65B9FF9CEE0A43181B442D846EB—C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 18:06:06 | 000,507,904 |——| M] (Microsoft Corporation) MD5=E0339362391BF6AC04D1622EF8E3A61B—C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 18:06:06 | 000,507,904 |——| M] (Microsoft Corporation) MD5=E0339362391BF6AC04D1622EF8E3A61B—C:\WINDOWS\system32\winlogon.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >

OTL Extras logfile created on: 18-06-2012 15:01:31 - Run 1
OTL by OldTimer - Version 3.2.49.0   Folder = C:\Documents and Settings\kdp.DOMAIN\Skrivebord
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

3,50 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 68,94% Memory free
5,34 Gb Paging File | 4,45 Gb Available in Paging File | 83,39% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmer
Drive C: | 465,76 Gb Total Space | 226,68 Gb Free Space | 48,67% Space Free | Partition Type: NTFS
Drive K: | 1024,00 Gb Total Space | 114,94 Gb Free Space | 11,22% Space Free | Partition Type: NTFS
Drive L: | 1024,00 Gb Total Space | 114,94 Gb Free Space | 11,22% Space Free | Partition Type: NTFS
Drive N: | 1024,00 Gb Total Space | 114,94 Gb Free Space | 11,22% Space Free | Partition Type: NTFS
Drive P: | 1024,00 Gb Total Space | 114,94 Gb Free Space | 11,22% Space Free | Partition Type: NTFS
Drive Q: | 1024,00 Gb Total Space | 114,94 Gb Free Space | 11,22% Space Free | Partition Type: NTFS
Drive R: | 1024,00 Gb Total Space | 114,94 Gb Free Space | 11,22% Space Free | Partition Type: NTFS
Drive X: | 1024,00 Gb Total Space | 114,94 Gb Free Space | 11,22% Space Free | Partition Type: NTFS
Drive Z: | 1024,00 Gb Total Space | 114,94 Gb Free Space | 11,22% Space Free | Partition Type: NTFS

Computer Name: KURT01 | User Name: kdp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile]—rundll32.exe shell32.dll,Control_RunDLL “%1”,%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open]—“%1” %*
cmdfile [open]—“%1” %*
comfile [open]—“%1” %*
cplfile [cplopen]—rundll32.exe shell32.dll,Control_RunDLL “%1”,%*
exefile [open]—“%1” %*
piffile [open]—“%1” %*
regfile [merge]—Reg Error: Key error.
scrfile [config]—“%1”
scrfile [install]—rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open]—“%1” /S
txtfile [edit]—Reg Error: Key error.
Unknown [openas]—%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open]—%SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore]—%SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
“FirstRunDisabled” = 1
“AntiVirusDisableNotify” = 0
“FirewallDisableNotify” = 0
“UpdatesDisableNotify” = 0
“AntiVirusOverride” = 0
“FirewallOverride” = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
“DisableSR” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
“Start” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
“Start” = 2

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“{00060000-0000-1004-8002-0000C06B5161}” = WIBU-KEY Setup (WIBU-KEY Remove)
“{024521CF-C07E-4F8E-8481-0D75695E03AF}” = PxMergeModule
“{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}” = Microsoft_VC90_ATL_x86
“{06457533-2B9A-406F-9325-4F61DDB6C987}” = MiniMagics 2.0
“{07350D41-6AEF-4FD9-B81F-DA1D3C25CEF2}” = 3D Modeling Accelerator
“{07D618CD-B016-438A-ADC9-A75BD23F85CE}” = Wave Support Software
“{087E06A0-4514-4CEA-918A-D6A9AB0F8433}” = upekmsi
“{08D2E121-7F6A-43EB-97FD-629B44903403}” = Microsoft_VC90_CRT_x86
“{0A0CADCF-78DA-33C4-A350-CD51849B9702}” = Microsoft .NET Framework 4 Extended
“{0B0A2153-58A6-4244-B458-25EDF5FCD809}” = Private Information Manager
“{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}” = Adobe Community Help
“{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}” = Microsoft_VC80_ATL_x86
“{0FBAFFD8-BCBA-4631-97E8-433DE7D1D753}” = Garmin MapInstall
“{10812DE7-2E57-4740-B226-6B3BE34AF9D7}” = Lexmark Tools for Office
“{129024FF-A6C9-4696-91BC-570C6C05193A}” = Windchill ProductPoint Client Manager
“{1687A8A1-F0F3-44AA-9DA8-ABAE6654AAF4}” = Start Menu Cleanup
“{177D1318-3E4B-4A7C-A300-AC4E21BE090B}” = Broadcom Management Programs
“{196BB40D-1578-3D01-B289-BEFC77A11A1E}” = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
“{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
“{23B8A91D-680B-462B-87AD-3D70F7341731}” = iTunes
“{24A494F3-5B5F-4183-9F7D-9CE82812C1FC}” = tsp patch
“{26A24AE4-039D-4CA4-87B4-2F83216013F0}” = Java(TM) 6 Update 13
“{26A24AE4-039D-4CA4-87B4-2F83216022FF}” = Java(TM) 6 Update 24
“{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}” = RealUpgrade 1.1
“{28E82311-8616-11E1-BEB0-B8AC6F97B88E}” = Google Earth
“{2E295B5B-1AD4-4d36-97C2-A316084722CF}” = Python 2.7.2
“{3208CA1F-5A1C-4854-872C-2F575EFF65C2}” = Geomagic Qualify 12
“{3248F0A8-6813-11D6-A77B-00B0D0150100}” = J2SE Runtime Environment 5.0 Update 10
“{350C9406-3D7C-4EE8-BAA9-00BCB3D54227}” = WebFldrs XP
“{35748B06-FCFC-4700-8285-DAD41689E4FE}” = Broadcom TPM Driver Installer
“{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}” = Preboot Manager
“{3C3901C5-3455-3E0A-A214-0B093A5070A6}” = Microsoft .NET Framework 4 Client Profile
“{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}” = eReg
“{3F92ABBB-6BBF-11D5-B229-002078017FBF}” = NetWaiting
“{41A00174-B4EA-4E79-9CAF-DC118A878B92}” = Garmin City Navigator Europe NT 2012.10 Update
“{42929F0F-CE14-47AF-9FC7-FF297A603021}” = Dell Resource CD
“{45A66726-69BC-466B-A7A4-12FCBA4883D7}” = HiJackThis
“{4723f199-fa64-4233-8e6e-9fccc95a18ee}” = Python 2.6.5
“{4A03706F-666A-4037-7777-5F2748764D10}” = Java Auto Updater
“{4AB6A079-178B-4144-B21F-4D1AE71666A2}” = Microsoft SQL Server 2008 R2 Native Client
“{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}” = Document Manager Lite
“{53333479-6A52-4816-8497-5C52B67ED339}” = EMBASSY Security Setup
“{536C134A-4885-4677-8480-E31E3A9B767A}” = eDrawings for Pro/ENGINEER
“{546DEFE8-1E6D-4078-8E9B-5961414493CC}” = PTC ProductView Express - Wildfire 3.0 (M110)
“{54C6FCC1-8C36-4E08-B598-700CAE3489FE}” = Network Recording Player
“{578145B3-3831-4D85-BB53-4A9D90F821DE}” = WebEx Recorder and Player
“{58855CE6-98A7-48CD-A402-DC6E9D6FF216}” = ToDo Sync Helper
“{59F6A514-9813-47A3-948C-8A155460CC2A}” = RICOH R5C83x/84x Media Driver x86 Ver.3.34.03
“{5AA08D9F-3BE3-4A34-B53E-858A1895589E}” = Microsoft SQL Server 2008 R2 Command Line Utilities
“{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}” = Microsoft_VC90_MFC_x86
“{6C94A234-CA2C-4D3C-81E6-6AAA8069825D}” = Garmin WebUpdater
“{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}” = MSVC80_x86_v2
“{710BF966-43C8-4216-A8EC-BC4E169FF7C1}” = MobileMe Control Panel
“{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}” = Microsoft Visual C++ 2005 Redistributable
“{71401465-5DAD-4E95-BCFC-B13DFDD9771E}” = Garmin City Navigator Europe NT 2012.30 Update
“{74BBB1FB-9468-4F77-9799-232B783DA3B3}” = Geomagic Qualify 2012
“{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}” = RealNetworks - Microsoft Visual C++ 2008 Runtime
“{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}” = Apple Software Update
“{79155F2B-9895-49D7-8612-D92580E0DE5B}” = Bonjour
“{7BE15435-2D3E-4B58-867F-9C75BED0208C}” = QuickTime
“{7E265513-8CDA-4631-B696-F40D983F3B07}_is1” = CDBurnerXP
“{8048F0F3-C5AB-4C3C-8518-2B5E41DDFABA}” = AuthenTec Fingerprint Sensor Minimum Install
“{80F701C1-3B2B-47F6-93DA-FCC91624FAF8}” = GCalToolkit
“{82CE6B7B-9665-4E29-8CE0-DD993484B38D}” = Intel(R) PROSet/Wireless WiFi software
“{837b34e3-7c30-493c-8f6a-2b0f04e2912c}” = Microsoft Visual C++ 2005 Redistributable
“{86A8FD76-3268-4102-9674-7118881EC2C0}” = Wave Infrastructure Installer
“{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}” = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
“{8A158B7D-A6E3-49B6-8702-A6A10CCC6323}” = Garmin POI Loader
“{8E4B4330-1CE8-4725-9C7F-BD4CC995FF54}” = Garmin City Navigator Europe (Unicode) NT 2013.10 Update
“{8E7D7400-4F4F-409D-8F8A-43BF1DAC575A}” = TouchChip USB Driver 2.6
“{8ED02445-D491-414C-A56D-2ED6BBB7239A}” = Garmin Communicator Plugin
“{90120000-0010-0406-0000-0000000FF1CE}” = Microsoft Software Update for Web Folders (Danish) 12
“{90120000-0015-0406-0000-0000000FF1CE}” = Microsoft Office Access MUI (Danish) 2007
“{90120000-0015-0406-0000-0000000FF1CE}_PROPLUSR_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}” = Microsoft Office 2007 Service Pack 3 (SP3)
“{90120000-0016-0406-0000-0000000FF1CE}” = Microsoft Office Excel MUI (Danish) 2007
“{90120000-0016-0406-0000-0000000FF1CE}_PROPLUSR_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}” = Microsoft Office 2007 Service Pack 3 (SP3)
“{90120000-0018-0406-0000-0000000FF1CE}” = Microsoft Office PowerPoint MUI (Danish) 2007
“{90120000-0018-0406-0000-0000000FF1CE}_PROPLUSR_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}” = Microsoft Office 2007 Service Pack 3 (SP3)
“{90120000-0019-0406-0000-0000000FF1CE}” = Microsoft Office Publisher MUI (Danish) 2007
“{90120000-0019-0406-0000-0000000FF1CE}_PROPLUSR_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}” = Microsoft Office 2007 Service Pack 3 (SP3)
“{90120000-001A-0406-0000-0000000FF1CE}” = Microsoft Office Outlook MUI (Danish) 2007
“{90120000-001A-0406-0000-0000000FF1CE}_PROPLUSR_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}” = Microsoft Office 2007 Service Pack 3 (SP3)
“{90120000-001B-0406-0000-0000000FF1CE}” = Microsoft Office Word MUI (Danish) 2007
“{90120000-001B-0406-0000-0000000FF1CE}_PROPLUSR_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}” = Microsoft Office 2007 Service Pack 3 (SP3)
“{90120000-001F-0406-0000-0000000FF1CE}” = Microsoft Office Proof (Danish) 2007
“{90120000-001F-0406-0000-0000000FF1CE}_PROPLUSR_{8F771259-9037-4097-AA88-8613F3BE5627}” = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
“{90120000-001F-0407-0000-0000000FF1CE}” = Microsoft Office Proof (German) 2007
“{90120000-001F-0407-0000-0000000FF1CE}_PROPLUSR_{928D7B99-2BEA-49F9-83B8-20FA57860643}” = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
“{90120000-001F-0409-0000-0000000FF1CE}” = Microsoft Office Proof (English) 2007
“{90120000-001F-0409-0000-0000000FF1CE}_PROPLUSR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}” = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
“{90120000-002C-0406-0000-0000000FF1CE}” = Microsoft Office Proofing (Danish) 2007
“{90120000-0044-0406-0000-0000000FF1CE}” = Microsoft Office InfoPath MUI (Danish) 2007
“{90120000-0044-0406-0000-0000000FF1CE}_PROPLUSR_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}” = Microsoft Office 2007 Service Pack 3 (SP3)
“{90120000-006E-0406-0000-0000000FF1CE}” = Microsoft Office Shared MUI (Danish) 2007
“{90120000-006E-0406-0000-0000000FF1CE}_PROPLUSR_{11584158-91C7-4B1B-BFD1-F47D680F13CF}” = Microsoft Office 2007 Service Pack 3 (SP3)
“{90140000-2005-0000-0000-0000000FF1CE}” = Microsoft Office File Validation Add-In
“{91120000-0011-0000-0000-0000000FF1CE}” = Microsoft Office Professional Plus 2007
“{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}” = Microsoft Office 2007 Service Pack 3 (SP3)
“{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}” = Microsoft_VC80_CRT_x86
“{933B4015-4618-4716-A828-5289FC03165F}” = VC80CRTRedist - 8.0.50727.6195
“{9593C6E5-205E-45C3-B785-05CF146CA76A}” = biolsp patch
“{9A25302D-30C0-39D9-BD6F-21E6EC160475}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
“{9BE518E6-ECC6-35A9-88E4-87755C07200F}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
“{9BF745FA-1118-44D2-9362-179DA4B27AC6}” = Webcam 2200
“{A066194B-DC8F-449A-8E0F-B57BDD3A2072}” = SyncToy 2.1 (x86)
“{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}” = Trusted Drive Manager
“{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}” = Microsoft .NET Framework 3.0 Service Pack 2
“{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}” = SigmaTel Audio
“{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}” = Google Update Helper
“{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}” = Garmin USB Drivers
“{ABBA2EA4-740E-4052-902B-9CA70B081E3F}” = Dell Embassy Trust Suite by Wave Systems
“{AC76BA86-7AD7-1030-7B44-AA1000000001}” = Adobe Reader X (10.1.3) - Dansk
“{AC76BA86-7AD7-5464-3428-900000000004}” = Spelling Dictionaries Support For Adobe Reader 9
“{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}” = ABBYY FineReader 6.0 Sprint
“{AEB9948B-4FF2-47C9-990E-47014492A0FE}” = MSXML 6.0 Parser
“{AF111648-99A1-453E-81DD-80DBBF6DAD0D}” = MSVC90_x86
“{B21C0606-04CD-4D80-A6C8-6F8BA8C4F4F2}” = Axon 2
“{B2544A03-10D0-4E5E-BA69-0362FFC20D18}” = OGA Notifier 2.0.0048.0
“{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel” = NVIDIA Kontrolpanel 270.71
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver” = NVIDIA Grafikdriver 270.71
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView” = NVIDIA NView 135.70
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer” = NVIDIA Install Application
“{B3F1E526-180B-4480-9FEC-3E2DCB8EA9CE}” = F-Secure PSC Prerequisites
“{B6CF2967-C81E-40C0-9815-C05774FEF120}” = Skype Click to Call
“{BB93D30B-B395-44BB-A9ED-A0E057F07E53}” = NTRU TCG Software Stack
“{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}” = Adobe Flash Player 10 Plugin
“{BC52E419-B185-488F-9973-049A88E5DCBE}” = Gemalto
“{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}” = Microsoft .NET Framework 2.0 Service Pack 2
“{C6ACDDD2-D586-44B9-9855-DF9E43F80AF1}” = PDFill Form Filler 4.0 with FREE Writer and Tools (Unicode)
“{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}” = Microsoft .NET Framework 3.5 SP1
“{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}” = Bluetooth Stack for Windows by Toshiba
“{CEE742C4-98F9-4B0B-A0A2-772A78C4A378}” = Mapaz ERP 6
“{D1A19B02-817E-4296-A45B-07853FD74D57}” = Microsoft_VC80_MFC_x86
“{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}” = Secure Update
“{D3A80508-CD83-4CA3-8671-914A1BC78B61}” = Microsoft Sync Framework 2.0 Provider Services (x86) ENU
“{D58D1297-B2FA-4C6F-B6D4-E1819368ED2E}” = Pro/ENGINEER Thumbnail Viewer 1.0
“{D642E38E-0D24-486C-9A2D-E316DD696F4B}” = Microsoft XML Parser
“{D6EA3D43-F7CA-4928-9595-DEE095176971}” = Basler pylon Runtime x86 (GEV) 2.1.0.1658
“{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}” = Microsoft_VC80_MFCLOC_x86
“{DBB976B9-37A8-40B1-AE21-7A7D2806E74F}” = Geomagic Studio 12
“{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}” = Adobe Media Player
“{E56D5DC8-4C73-44B1-B650-AAD75C7A2701}” = Broadcom ASF Management Applications
“{E646DCF0-5A68-11D5-B229-002078017FBF}” = Digital Line Detect
“{E7183C37-1B08-4D29-A4B6-E5BC19272ABE}” = Lantronix CPR 4.3.0.0 (x86)
“{E738A392-F690-4A9D-808E-7BAF80E0B398}” = ESC Home Page Plugin
“{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}” = Apple Application Support
“{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}” = Security Wizards
“{EDC2B89F-3F72-48EA-B63E-985BC51622E4}” = OZ776 SCR Driver V1.1.4.202
“{EDEFC3A2-350F-45F1-AC8E-2B3A2D352235}” = ProductView Express 9.1
“{EE9CD743-0F2B-4E68-A671-04A545918BAE}” = Microsoft Component Installer 2.0 SDK
“{EEAFE1E5-076B-430A-96D9-B567792AFA88}” = EMBASSY Security Center
“{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}” = Apple Mobile Device Support
“{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}” = Safari
“{F4D25BB5-65B1-4AD0-A526-9D1BB91E0C53}” = Geomagic Studio 2012
“{F63A3748-B93D-4360-9AD4-B064481A5C7B}” = Modem Diagnostic Tool
“{FC57FC53-104C-415C-98D7-B05E659461A9}” = Broadcom Gigabit Integrated Controller
“{FDB3B167-F4FA-461D-976F-286304A57B2A}” = Adobe AIR
“{FF63121D-91C6-42CC-B341-F1AA729728E7}” = Microsoft Sync Framework 2.0 Core Components (x86) ENU
“{AA59DDE4-B672-4621-A016-4C248204957A}” = Skype™ 5.5
“98157A226B40B173301B0F53C8E98C47805D5152” = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
“9D57DE505B6D8C710EF3B74BE638DBB936EED8A3” = Windows-driverpakke - Dell Inc. PBADRV System (01/07/2008 1.0.1.5)
“ActiveTouchMeetingClient” = Cisco WebEx Meetings
“Adobe AIR” = Adobe AIR
“Adobe Flash Player ActiveX” = Adobe Flash Player 11 ActiveX
“Adobe Flash Player Plugin” = Adobe Flash Player 11 Plugin
“AFPL Ghostscript 8.14” = AFPL Ghostscript 8.14
“AFPL Ghostscript Fonts” = AFPL Ghostscript Fonts
“BfB Axon 1.11” = BfB Axon 1.11
“CCleaner” = CCleaner
“CDBurnerXP Pro ” = CDBurnerXP Pro
“chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1” = Adobe Community Help
“CNXT_MODEM_HDAUDIO_VEN_14F1&DEV;_2C06&SUBSYS;_14F1000F” = Conexant HDA D330 MDC V.92 Modem
“com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1” = Adobe Media Player
“ESET Online Scanner” = ESET Online Scanner v3
“FileZilla Client” = FileZilla Client 3.5.3
“F-Secure Anti-Virus” = F-Secure Client Security - Virus/spyware-beskyttelse
“F-Secure E-mail Scanning” = F-Secure Client Security - Scanning af e-mail
“F-Secure ExploitShield” = F-Secure Client Security - Browserbeskyttelse
“F-Secure HIPS” = F-Secure Client Security - DeepGuard
“F-Secure Internet Shield” = F-Secure Client Security - Internetskjold
“F-Secure Protocol Scanner” = F-Secure Client Security - Scanning af internettrafikken
“Google Calendar Sync” = Google Calendar Sync
“GSview 4.7” = GSview 4.7
“ie8” = Windows Internet Explorer 8
“InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}” = Wave Support Software
“InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}” = Private Information Manager
“InstallShield_{1687A8A1-F0F3-44AA-9DA8-ABAE6654AAF4}” = Start Menu Cleanup
“InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}” = Document Manager Lite
“InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}” = EMBASSY Security Setup
“InstallShield_{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}” = Secure Update
“InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}” = ESC Home Page Plugin
“InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}” = Security Wizards
“InstallShield_{EDC2B89F-3F72-48EA-B63E-985BC51622E4}” = OZ776 SCR Driver V1.1.4.202
“InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}” = EMBASSY Security Center
“Lexmark 3600-4600 Series” = Lexmark 3600-4600 Series
“Malwarebytes’ Anti-Malware_is1” = Malwarebytes Anti-Malware version 1.61.0.1400
“Mapaz ERP 6” = Mapaz ERP 6
“Microsoft .NET Framework 3.5 SP1” = Microsoft .NET Framework 3.5 SP1
“Microsoft .NET Framework 4 Client Profile” = Microsoft .NET Framework 4 Client Profile
“Microsoft .NET Framework 4 Extended” = Microsoft .NET Framework 4 Extended
“MSCompPackV1” = Microsoft Compression Client Pack 1.0 for Windows XP
“NVIDIA nView Desktop Manager” = NVIDIA nView Desktop Manager
“PDFill PDF Writer” = PDFill PDF Writer
“Prism” = Prism Video File Converter
“Pro/ENGINEER Release Wildfire 3.0 Datecode M110” = Pro/ENGINEER Release Wildfire 3.0 Datecode M110
“Pro/ENGINEER Release Wildfire 5.0 Datecode M040” = Pro/ENGINEER Release Wildfire 5.0 Datecode M040
“ProInst” = Intel PROSet Wireless
“PROPLUSR” = Microsoft Office Professional Plus 2007
“QTSculptor” = QTSculptor 3.6.1425
“RealPlayer 15.0” = RealPlayer
“SafeHouseExplorer” = SafeHouse Explorer 3.01
“SLABCOMM&10C4;&EA60;” = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
“SoundTaxi_is1” = SoundTaxi 3.8.3
“SP6” = Logitech SetPoint 6.32
“SynTPDeinstKey” = Dell Touchpad
“SystemRequirementsLab” = System Requirements Lab
“TeamViewer 7” = TeamViewer 7
“Wdf01009” = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
“Windows Media Format Runtime” = Windows Media Format 11 runtime
“Windows Media Player” = Windows Media Player 11
“Windows XP Service Pack” = Windows XP Service Pack 3
“WinRAR archiver” = WinRAR arkivering
“WinZip” = WinZip
“WMFDist11” = Windows Media Format 11 runtime
“wmp11” = Windows Media Player 11
“Wudf01009” = Microsoft User-Mode Driver Framework Feature Pack 1.9
“ZPrint Software7.10” = ZPrint Software 7.10

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2585336296-2683178579-560321132-1125\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“Akamai” = Akamai NetSession Interface
“bd4d3a0508d364f5” = Dell Driver Download Manager
“GoToMeeting” = GoToMeeting 5.1.0.880

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 18-06-2012 04:54:56 | Computer Name = KURT01 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM

Error - 18-06-2012 04:54:59 | Computer Name = KURT01 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM

Error - 18-06-2012 06:29:24 | Computer Name = KURT01 | Source = Userenv | ID = 1058
Description = Der er ikke adgang til filen gpt.ini for gruppepolitikobjektet CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=Domain,DC=local.
Filen skal findes på placeringen <\\Domain.local\sysvol\Domain.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini>.
(Netværksstien blev ikke fundet. ). Behandling af gruppepolitik blev afbrudt.

Error - 18-06-2012 06:29:24 | Computer Name = KURT01 | Source = Userenv | ID = 1030
Description = Der kan ikke forespørges om listen over gruppepolitikobjekter. En
meddelelse, der beskriver årsagen, blev tidligere logført af politikprogrammet.

Error - 18-06-2012 06:45:24 | Computer Name = KURT01 | Source = Userenv | ID = 1058
Description = Der er ikke adgang til filen gpt.ini for gruppepolitikobjektet CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=Domain,DC=local.
Filen skal findes på placeringen <\\Domain.local\sysvol\Domain.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini>.
(Netværksstien blev ikke fundet. ). Behandling af gruppepolitik blev afbrudt.

Error - 18-06-2012 06:45:24 | Computer Name = KURT01 | Source = Userenv | ID = 1030
Description = Der kan ikke forespørges om listen over gruppepolitikobjekter. En
meddelelse, der beskriver årsagen, blev tidligere logført af politikprogrammet.

Error - 18-06-2012 08:25:32 | Computer Name = KURT01 | Source = Userenv | ID = 1058
Description = Der er ikke adgang til filen gpt.ini for gruppepolitikobjektet CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=Domain,DC=local.
Filen skal findes på placeringen <\\Domain.local\sysvol\Domain.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini>.
(Netværksstien blev ikke fundet. ). Behandling af gruppepolitik blev afbrudt.

Error - 18-06-2012 08:25:32 | Computer Name = KURT01 | Source = Userenv | ID = 1030
Description = Der kan ikke forespørges om listen over gruppepolitikobjekter. En
meddelelse, der beskriver årsagen, blev tidligere logført af politikprogrammet.

Error - 18-06-2012 08:39:32 | Computer Name = KURT01 | Source = Userenv | ID = 1058
Description = Der er ikke adgang til filen gpt.ini for gruppepolitikobjektet CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=Domain,DC=local.
Filen skal findes på placeringen <\\Domain.local\sysvol\Domain.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini>.
(Netværksstien blev ikke fundet. ). Behandling af gruppepolitik blev afbrudt.

Error - 18-06-2012 08:39:32 | Computer Name = KURT01 | Source = Userenv | ID = 1030
Description = Der kan ikke forespørges om listen over gruppepolitikobjekter. En
meddelelse, der beskriver årsagen, blev tidligere logført af politikprogrammet.

[ OSession Events ]
Error - 21-03-2012 14:57:26 | Computer Name = KURT01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3046
seconds with 1140 seconds of active time.  This session ended with a crash.

Error - 27-03-2012 02:43:15 | Computer Name = KURT01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2199
seconds with 1320 seconds of active time.  This session ended with a crash.

Error - 09-04-2012 05:40:56 | Computer Name = KURT01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7158
seconds with 480 seconds of active time.  This session ended with a crash.

Error - 18-04-2012 04:15:02 | Computer Name = KURT01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7794
seconds with 3180 seconds of active time.  This session ended with a crash.

Error - 23-04-2012 08:58:39 | Computer Name = KURT01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2577
seconds with 1260 seconds of active time.  This session ended with a crash.

Error - 25-04-2012 08:30:10 | Computer Name = KURT01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8858
seconds with 2460 seconds of active time.  This session ended with a crash.

Error - 02-05-2012 03:30:09 | Computer Name = KURT01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4743
seconds with 720 seconds of active time.  This session ended with a crash.

Error - 08-05-2012 09:01:29 | Computer Name = KURT01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 18653
seconds with 5760 seconds of active time.  This session ended with a crash.

Error - 15-05-2012 05:55:55 | Computer Name = KURT01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13924
seconds with 6240 seconds of active time.  This session ended with a crash.

Error - 16-05-2012 06:13:06 | Computer Name = KURT01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9725
seconds with 1680 seconds of active time.  This session ended with a crash.

[ System Events ]
Error - 17-06-2012 11:44:25 | Computer Name = KURT01 | Source = NETLOGON | ID = 5719
Description = Der er ingen tilgængelig domænecontroller til domænet DOMAIN af følgende
årsag:  .  Kontroller, at computeren har forbindelse til netværket, og prøv igen.
Kontakt domæneadministratoren, hvis problemet fortsætter.

Error - 17-06-2012 11:46:06 | Computer Name = KURT01 | Source = W32Time | ID = 39452701
Description = Tidsprovideren NtpClient er konfigureret til at hente tid fra en eller
flere tidskilder, men ingen af kilderne er tilgængelige i øjeblikket.  Der forsøges
ikke at oprette forbindelse til en kilde i 14 minutter.  NtpClient har ingen kilde
til korrekt tid.

Error - 17-06-2012 12:01:08 | Computer Name = KURT01 | Source = W32Time | ID = 39452701
Description = Tidsprovideren NtpClient er konfigureret til at hente tid fra en eller
flere tidskilder, men ingen af kilderne er tilgængelige i øjeblikket.  Der forsøges
ikke at oprette forbindelse til en kilde i 29 minutter.  NtpClient har ingen kilde
til korrekt tid.

Error - 17-06-2012 12:31:08 | Computer Name = KURT01 | Source = W32Time | ID = 39452701
Description = Tidsprovideren NtpClient er konfigureret til at hente tid fra en eller
flere tidskilder, men ingen af kilderne er tilgængelige i øjeblikket.  Der forsøges
ikke at oprette forbindelse til en kilde i 59 minutter.  NtpClient har ingen kilde
til korrekt tid.

Error - 17-06-2012 13:31:08 | Computer Name = KURT01 | Source = W32Time | ID = 39452701
Description = Tidsprovideren NtpClient er konfigureret til at hente tid fra en eller
flere tidskilder, men ingen af kilderne er tilgængelige i øjeblikket.  Der forsøges
ikke at oprette forbindelse til en kilde i 119 minutter.  NtpClient har ingen kilde
til korrekt tid.

Error - 17-06-2012 15:31:08 | Computer Name = KURT01 | Source = W32Time | ID = 39452701
Description = Tidsprovideren NtpClient er konfigureret til at hente tid fra en eller
flere tidskilder, men ingen af kilderne er tilgængelige i øjeblikket.  Der forsøges
ikke at oprette forbindelse til en kilde i 239 minutter.  NtpClient har ingen kilde
til korrekt tid.

Error - 17-06-2012 15:47:03 | Computer Name = KURT01 | Source = NETLOGON | ID = 5719
Description = Der er ingen tilgængelig domænecontroller til domænet DOMAIN af følgende
årsag:  .  Kontroller, at computeren har forbindelse til netværket, og prøv igen.
Kontakt domæneadministratoren, hvis problemet fortsætter.

Error - 17-06-2012 16:07:02 | Computer Name = KURT01 | Source = NETLOGON | ID = 5719
Description = Der er ingen tilgængelig domænecontroller til domænet DOMAIN af følgende
årsag:  .  Kontroller, at computeren har forbindelse til netværket, og prøv igen.
Kontakt domæneadministratoren, hvis problemet fortsætter.

Error - 17-06-2012 16:08:35 | Computer Name = KURT01 | Source = W32Time | ID = 39452701
Description = Tidsprovideren NtpClient er konfigureret til at hente tid fra en eller
flere tidskilder, men ingen af kilderne er tilgængelige i øjeblikket.  Der forsøges
ikke at oprette forbindelse til en kilde i 14 minutter.  NtpClient har ingen kilde
til korrekt tid.

Error - 17-06-2012 16:23:37 | Computer Name = KURT01 | Source = W32Time | ID = 39452701
Description = Tidsprovideren NtpClient er konfigureret til at hente tid fra en eller
flere tidskilder, men ingen af kilderne er tilgængelige i øjeblikket.  Der forsøges
ikke at oprette forbindelse til en kilde i 29 minutter.  NtpClient har ingen kilde
til korrekt tid.


< End of report >

Det lader til du har et ZeroAccess/Sirefef Rootkit, så jeg vil gerne advare dig.

Det er, en af de mest bøvlede infektioner at slippe af med, så det kan ta’ sin tid at fjerne

Det er samtidigt næsten umuligt at sikre, at et Rootkit ikke efterlader sårbarheder i Systemet.

Det synes jeg du skal vide, inden vi fortsætter

Ønsker du vi skal fortsætte

———

Hvis du ønsker at fortsætte, vil jeg gerne vide om du har en Windows XP Professional CD

Jeg vil også gerne ha’ du henter og installer ERUNT: http://www.derfisch.de/lars/erunt-setup.exe

Start den og lad den lave en Backup af Registreringsdatabasen.

Du skal ikke la’ den starte Automatisk

La’ os vide hvad du beslutter

Det lyder skidt :-( Jeg vil gerne fortsætte med rensning. Jeg har ikke Win XP cd, da XP ligger preinstalleret på maskinen. Jeg har lavet en backup af Reg. basen nu.

Så la’ os starte med dette ->

Du skal deaktivere dine sikkkerheds programmer mens du kører disse

Download Tdsskiller.zip på dit skrivebord og pak den ud i en mappe.

Start TDSSKiller.exe.

Under “Change parameters” sætter du flueben ved “Detect TDLFS file system”

Klik på “Start Scan”

Hvis en inficeret fil bliver fundet, vil ”Default action” være Cure, klik på Continue
Hvis den finder TDLFS file system, klikker du på Delete.
Hvis en mistænkelig fil opdages, vil ”Default action” være Skip, klik på Continue
Hvis den ikke spørger om ”Reboot” (genstart) så klik på ”Report”, kopier den tekst herind i tråden.

Genstart hvis den kræver det.

Hvis den genstarter kan du finde logfilen her :
C:\TDSSKiller.[Version]_[Dato]_[Tidspunkt]_log.txt.

Kopier den tekst herind I denne tråd. (Den skal nok deles i to)

———

Hent og gem aswMBR på dit Skrivebord.

Start aswMBR og klik på “Scan”

Hvis den spørger efter “Avast virus definitioner” klikker du “Yes”

Når den er færdig med at scanne, klikker du på “SAVE LOG” og sender loggen herind.

———

PS Vil du godt gøre det, i den rækkefølge jeg anfører

Tdsskiller fandt ikke noget:

22:36:25.0640 4348   TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
22:36:25.0828 4348   ============================================================
22:36:25.0828 4348   Current date / time: 2012/06/18 22:36:25.0828
22:36:25.0828 4348   SystemInfo:
22:36:25.0828 4348  
22:36:25.0828 4348   OS Version: 5.1.2600 ServicePack: 3.0
22:36:25.0828 4348   Product type: Workstation
22:36:25.0828 4348   ComputerName: KURT01
22:36:25.0828 4348   UserName: Kdp
22:36:25.0828 4348   Windows directory: C:\WINDOWS
22:36:25.0828 4348   System windows directory: C:\WINDOWS
22:36:25.0828 4348   Processor architecture: Intel x86
22:36:25.0828 4348   Number of processors: 2
22:36:25.0828 4348   Page size: 0x1000
22:36:25.0828 4348   Boot type: Normal boot
22:36:25.0828 4348   ============================================================
22:36:27.0812 4348   Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘K0’, Flags 0x00000054
22:36:27.0828 4348   ============================================================
22:36:27.0828 4348   \Device\Harddisk0\DR0:
22:36:27.0828 4348   MBR partitions:
22:36:27.0828 4348   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
22:36:27.0828 4348   ============================================================
22:36:28.0109 4348   C: <-> \Device\Harddisk0\DR0\Partition0
22:36:28.0109 4348   ============================================================
22:36:28.0109 4348   Initialize success
22:36:28.0109 4348   ============================================================
22:36:47.0890 4732   ============================================================
22:36:47.0890 4732   Scan started
22:36:47.0890 4732   Mode: Manual; TDLFS;
22:36:47.0890 4732   ============================================================
22:36:48.0250 4732   Abiosdsk - ok
22:36:48.0265 4732   abp480n5 - ok
22:36:48.0328 4732   ACPI         (991b6d6fe2a4d70caf76c41334e60926) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:36:48.0343 4732   ACPI - ok
22:36:48.0375 4732   ACPIEC       (6f99fe216de8c4875dbb12937620da0c) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:36:48.0390 4732   ACPIEC - ok
22:36:48.0500 4732   AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:36:48.0515 4732   AdobeFlashPlayerUpdateSvc - ok
22:36:48.0515 4732   adpu160m - ok
22:36:48.0578 4732   aec         (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:36:48.0593 4732   aec - ok
22:36:48.0656 4732   AFD         (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:36:48.0656 4732   AFD - ok
22:36:48.0671 4732   Aha154x - ok
22:36:48.0671 4732   aic78u2 - ok
22:36:48.0671 4732   aic78xx - ok
22:36:48.0734 4732   Alerter       (6642db68b97ecb8088fba2d2539fdb7e) C:\WINDOWS\system32\alrsvc.dll
22:36:48.0734 4732   Alerter - ok
22:36:48.0765 4732   ALG         (ab74a1b7500aca7d43d84804cbdf11fb) C:\WINDOWS\System32\alg.exe
22:36:48.0765 4732   ALG - ok
22:36:48.0765 4732   AliIde - ok
22:36:48.0765 4732   amsint - ok
22:36:48.0828 4732   APPDRV       (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
22:36:48.0828 4732   APPDRV - ok
22:36:48.0953 4732   Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:36:48.0953 4732   Apple Mobile Device - ok
22:36:48.0984 4732   AppMgmt       (e39274e0be87e672211392a4176c4ee6) C:\WINDOWS\System32\appmgmts.dll
22:36:49.0000 4732   AppMgmt - ok
22:36:49.0031 4732   Arp1394       (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:36:49.0031 4732   Arp1394 - ok
22:36:49.0031 4732   asc - ok
22:36:49.0046 4732   asc3350p - ok
22:36:49.0046 4732   asc3550 - ok
22:36:49.0078 4732   ASFIPmon - ok
22:36:49.0203 4732   aspnet_state   (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:36:49.0203 4732   aspnet_state - ok
22:36:49.0234 4732   AsyncMac     (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:36:49.0234 4732   AsyncMac - ok
22:36:49.0281 4732   atapi       (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:36:49.0281 4732   atapi - ok
22:36:49.0281 4732   Atdisk - ok
22:36:49.0296 4732   Atmarpc       (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:36:49.0296 4732   Atmarpc - ok
22:36:49.0312 4732   AudioSrv     (f6c00138b3f637dde807005b16e61dcc) C:\WINDOWS\System32\audiosrv.dll
22:36:49.0328 4732   AudioSrv - ok
22:36:49.0375 4732   audstub       (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:36:49.0375 4732   audstub - ok
22:36:49.0437 4732   b57w2k       (d0692f7b8217e3b82d2bfac535816117) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
22:36:49.0437 4732   b57w2k - ok
22:36:49.0437 4732   BASFND       (5c68ac6f3e5b3e6d6a78e97d05e42c3a) C:\Programmer\Broadcom\ASFIPMon\BASFND.sys
22:36:49.0437 4732   BASFND - ok
22:36:49.0515 4732   Beep         (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:36:49.0515 4732   Beep - ok
22:36:49.0546 4732   BITS         (51c84408e87a52187e25d839c58bdc45) C:\WINDOWS\system32\qmgr.dll
22:36:49.0671 4732   BITS - ok
22:36:49.0828 4732   Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programmer\Bonjour\mDNSResponder.exe
22:36:49.0828 4732   Bonjour Service - ok
22:36:49.0843 4732   Browser       (58ad7404c7fee33eb0f3fc2bacd04ff6) C:\WINDOWS\System32\browser.dll
22:36:49.0843 4732   Browser - ok
22:36:49.0890 4732   cbidf2k       (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:36:49.0890 4732   cbidf2k - ok
22:36:49.0921 4732   CCDECODE     (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:36:49.0937 4732   CCDECODE - ok
22:36:49.0937 4732   cd20xrnt - ok
22:36:49.0953 4732   Cdaudio       (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:36:49.0953 4732   Cdaudio - ok
22:36:49.0953 4732   Cdfs         (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:36:49.0953 4732   Cdfs - ok
22:36:49.0968 4732   Cdrom       (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:36:49.0968 4732   Cdrom - ok
22:36:50.0046 4732   cercsr6       (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
22:36:50.0046 4732   cercsr6 - ok
22:36:50.0046 4732   Changer - ok
22:36:50.0062 4732   CiSvc       (1838615c98afa3a0ac1f4b15a113a82f) C:\WINDOWS\system32\cisvc.exe
22:36:50.0078 4732   CiSvc - ok
22:36:50.0140 4732   ClipSrv       (5cea9fbc68fbd66a91e7ef09900ab566) C:\WINDOWS\system32\clipsrv.exe
22:36:50.0140 4732   ClipSrv - ok
22:36:50.0250 4732   clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:36:50.0265 4732   clr_optimization_v2.0.50727_32 - ok
22:36:50.0343 4732   clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:36:50.0421 4732   clr_optimization_v4.0.30319_32 - ok
22:36:50.0421 4732   CmBatt       (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:36:50.0421 4732   CmBatt - ok
22:36:50.0421 4732   CmdIde - ok
22:36:50.0437 4732   Compbatt     (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:36:50.0437 4732   Compbatt - ok
22:36:50.0437 4732   COMSysApp - ok
22:36:50.0453 4732   Cpqarray - ok
22:36:50.0500 4732   CryptSvc     (325d42794a21d1717b98f354acf499e2) C:\WINDOWS\System32\cryptsvc.dll
22:36:50.0515 4732   CryptSvc - ok
22:36:50.0578 4732   CSRBC       (8e1945984e147562f9f08e1d344a69cc) C:\WINDOWS\system32\Drivers\csrbcxp.sys
22:36:50.0578 4732   CSRBC - ok
22:36:50.0578 4732   dac2w2k - ok
22:36:50.0593 4732   dac960nt - ok
22:36:50.0671 4732   DcomLaunch     (059187b38452a01bb3b397691ddf3552) C:\WINDOWS\system32\rpcss.dll
22:36:50.0687 4732   DcomLaunch - ok
22:36:50.0718 4732   Dhcp         (a6e52fa9ada7f92def4206c0f64f6784) C:\WINDOWS\System32\dhcpcsvc.dll
22:36:50.0718 4732   Dhcp - ok
22:36:50.0718 4732   Disk         (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:36:50.0734 4732   Disk - ok
22:36:50.0734 4732   dmadmin - ok
22:36:50.0812 4732   dmboot       (8a3088f97b2caa3340bbb068f314e596) C:\WINDOWS\system32\drivers\dmboot.sys
22:36:50.0828 4732   dmboot - ok
22:36:50.0859 4732   dmio         (6d152a2781ffbd6a63a1e58801240e8e) C:\WINDOWS\system32\drivers\dmio.sys
22:36:50.0859 4732   dmio - ok
22:36:50.0906 4732   dmload       (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:36:50.0906 4732   dmload - ok
22:36:50.0937 4732   dmserver     (6428446df3fe5c3b439973fb4c43d38e) C:\WINDOWS\System32\dmserver.dll
22:36:50.0937 4732   dmserver - ok
22:36:51.0000 4732   DMusic       (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:36:51.0000 4732   DMusic - ok
22:36:51.0062 4732   Dnscache     (42970873bc779a19c2baad3fc0d5833a) C:\WINDOWS\System32\dnsrslvr.dll
22:36:51.0062 4732   Dnscache - ok
22:36:51.0140 4732   Dot3svc       (0b8193a12175eae5bc34063a63c49cff) C:\WINDOWS\System32\dot3svc.dll
22:36:51.0156 4732   Dot3svc - ok
22:36:51.0156 4732   dpti2o - ok
22:36:51.0187 4732   drmkaud       (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:36:51.0203 4732   drmkaud - ok
22:36:51.0250 4732   EapHost       (95885ec4562461d3ad78aa6ac714d32f) C:\WINDOWS\System32\eapsvc.dll
22:36:51.0250 4732   EapHost - ok
22:36:51.0265 4732   ERSvc       (396038f82cb672d83e792092319024aa) C:\WINDOWS\System32\ersvc.dll
22:36:51.0265 4732   ERSvc - ok
22:36:51.0281 4732   Eventlog     (32f091e3425759b126760f44b5e931c9) C:\WINDOWS\system32\services.exe
22:36:51.0296 4732   Eventlog - ok
22:36:51.0359 4732   EventSystem   (72b9667d6f9ff2a85fcc43fdd7c8ed9f) C:\WINDOWS\system32\es.dll
22:36:51.0375 4732   EventSystem - ok
22:36:51.0609 4732   EvtEng       (c37b83b51cdf10e5bb6f78a7e4fed11a) C:\Programmer\Intel\WiFi\bin\EvtEng.exe
22:36:51.0671 4732   EvtEng - ok
22:36:51.0734 4732   F-Secure Filter (5fd21f8d96f01a29680d350ed32f49d9) C:\Programmer\F-Secure\Anti-Virus\Win2K\FSfilter.sys
22:36:51.0734 4732   F-Secure Filter - ok
22:36:51.0828 4732   F-Secure Gatekeeper (66422dc3faa1de433371816056d28270) C:\Programmer\F-Secure\Anti-Virus\minifilter\fsgk.sys
22:36:51.0843 4732   F-Secure Gatekeeper - ok
22:36:51.0906 4732   F-Secure Gatekeeper Handler Starter (d8d246f6f64c8115c771589879d966bf) C:\Programmer\F-Secure\Anti-Virus\fsgk32st.exe
22:36:51.0906 4732   F-Secure Gatekeeper Handler Starter - ok
22:36:51.0984 4732   F-Secure HIPS   (6137a461cea0277ef62f53df4badf7d0) C:\Programmer\F-Secure\HIPS\drivers\fshs.sys
22:36:51.0984 4732   F-Secure HIPS - ok
22:36:52.0062 4732   F-Secure Network Request Broker (b17fa57bb3085e0cfdf233e4dbd9b30f) C:\Programmer\F-Secure\Common\FNRB32.EXE
22:36:52.0062 4732   F-Secure Network Request Broker - ok
22:36:52.0093 4732   F-Secure Recognizer (8190a84e30091c2c5ceb56ffbc9f2b49) C:\Programmer\F-Secure\Anti-Virus\Win2K\FSrec.sys
22:36:52.0093 4732   F-Secure Recognizer - ok
22:36:52.0203 4732   Fastfat       (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:36:52.0218 4732   Fastfat - ok
22:36:52.0265 4732   FastUserSwitchingCompatibility (a17d630fabfe7b796cbdbee79f9e6612) C:\WINDOWS\System32\shsvcs.dll
22:36:52.0265 4732   FastUserSwitchingCompatibility - ok
22:36:52.0281 4732   Fdc         (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
22:36:52.0281 4732   Fdc - ok
22:36:52.0296 4732   Fips         (bb52a20854cf3e8e0474ee7167c7a3a5) C:\WINDOWS\system32\drivers\Fips.sys
22:36:52.0312 4732   Fips - ok
22:36:52.0312 4732   Flpydisk     (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
22:36:52.0312 4732   Flpydisk - ok
22:36:52.0390 4732   FltMgr       (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:36:52.0390 4732   FltMgr - ok
22:36:52.0531 4732   FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:36:52.0531 4732   FontCache3.0.0.0 - ok
22:36:52.0578 4732   fsbts       (1d2de58a837e6909f98ca35103d10739) C:\WINDOWS\system32\Drivers\fsbts.sys
22:36:52.0578 4732   fsbts - ok
22:36:52.0656 4732   FSDFWD       (accb19d7c58c4ca908904934efc5b236) C:\Programmer\F-Secure\FWES\Program\fsdfwd.exe
22:36:52.0656 4732   FSDFWD - ok
22:36:52.0671 4732   FSFW         (3b40b0703059461f6f739f4d88faa6f8) C:\WINDOWS\system32\drivers\fsdfw.sys
22:36:52.0687 4732   FSFW - ok
22:36:52.0765 4732   FSMA         (bca5577b0c300524bbc61cb19d89a582) C:\Programmer\F-Secure\Common\FSMA32.EXE
22:36:52.0781 4732   FSMA - ok
22:36:52.0859 4732   FSORSPClient   (42aef6a385354aca65fc210ce7ce4d7c) C:\Programmer\F-Secure\ORSP Client\fsorsp.exe
22:36:52.0859 4732   FSORSPClient - ok
22:36:52.0906 4732   Fs_Rec       (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:36:52.0906 4732   Fs_Rec - ok
22:36:52.0937 4732   Ftdisk       (0a58505b5d0aba661d2ff59cd8cf79b9) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:36:52.0937 4732   Ftdisk - ok
22:36:53.0000 4732   GEARAspiWDM   (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:36:53.0000 4732   GEARAspiWDM - ok
22:36:53.0062 4732   Gpc         (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:36:53.0062 4732   Gpc - ok
22:36:53.0125 4732   grmnusb       (6003bc70f1a8307262bd3c941bda0b7e) C:\WINDOWS\system32\drivers\grmnusb.sys
22:36:53.0125 4732   grmnusb - ok
22:36:53.0187 4732   guardian2     (c0bdab85f3e8b2138c513255e2bcc4d8) C:\WINDOWS\system32\Drivers\oz776.sys
22:36:53.0187 4732   guardian2 - ok
22:36:53.0281 4732   gupdate       (f02a533f517eb38333cb12a9e8963773) C:\Programmer\Google\Update\GoogleUpdate.exe
22:36:53.0312 4732   gupdate - ok
22:36:53.0312 4732   gupdatem     (f02a533f517eb38333cb12a9e8963773) C:\Programmer\Google\Update\GoogleUpdate.exe
22:36:53.0312 4732   gupdatem - ok
22:36:53.0343 4732   HDAudBus     (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:36:53.0343 4732   HDAudBus - ok
22:36:53.0437 4732   helpsvc       (9e256613b0a999ddd2aa889e340cd402) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:36:53.0437 4732   helpsvc - ok
22:36:53.0500 4732   HidServ       (8dbcd76c2a538c26357831dd14cd792f) C:\WINDOWS\System32\hidserv.dll
22:36:53.0500 4732   HidServ - ok
22:36:53.0531 4732   HidUsb       (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:36:53.0531 4732   HidUsb - ok
22:36:53.0609 4732   hkmsvc       (8751c1091af19d3787798da90ffb0902) C:\WINDOWS\System32\kmsvc.dll
22:36:53.0609 4732   hkmsvc - ok
22:36:53.0609 4732   hpn - ok
22:36:53.0687 4732   HSFHWAZL     (290cdbb05903742ea06b7203c5a662f5) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
22:36:53.0703 4732   HSFHWAZL - ok
22:36:53.0750 4732   HSF_DPV       (7ab812355f98858b9ecdd46e6fcc221f) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
22:36:53.0765 4732   HSF_DPV - ok
22:36:53.0828 4732   HTTP         (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:36:53.0828 4732   HTTP - ok
22:36:53.0859 4732   HTTPFilter     (8e23b6943d42d0be0419f3fffde93a31) C:\WINDOWS\System32\w3ssl.dll
22:36:53.0859 4732   HTTPFilter - ok
22:36:53.0875 4732   hwdatacard - ok
22:36:53.0875 4732   hwusbfake - ok
22:36:53.0890 4732   i2omgmt - ok
22:36:53.0890 4732   i2omp - ok
22:36:53.0906 4732   i8042prt     (42f890598efb480076558ca3cc151107) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:36:53.0906 4732   i8042prt - ok
22:36:54.0093 4732   idsvc       (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:36:54.0156 4732   idsvc - ok
22:36:54.0171 4732   Imapi       (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:36:54.0171 4732   Imapi - ok
22:36:54.0218 4732   ImapiService   (f73c9c37d4b7453c2cb7dcfd2640c75f) C:\WINDOWS\system32\imapi.exe
22:36:54.0234 4732   ImapiService - ok
22:36:54.0234 4732   ini910u - ok
22:36:54.0250 4732   IntelIde - ok
22:36:54.0265 4732   intelppm     (d1cd31b6cd4a99f3b82aec84cfdd4cba) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:36:54.0265 4732   intelppm - ok
22:36:54.0281 4732   Ip6Fw       (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:36:54.0296 4732   Ip6Fw - ok
22:36:54.0343 4732   IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:36:54.0343 4732   IpFilterDriver - ok
22:36:54.0375 4732   IpInIp       (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:36:54.0375 4732   IpInIp - ok
22:36:54.0406 4732   IpNat       (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:36:54.0421 4732   IpNat - ok
22:36:54.0593 4732   iPod Service   (57edb35ea2feca88f8b17c0c095c9a56) C:\Programmer\iPod\bin\iPodService.exe
22:36:54.0625 4732   iPod Service - ok
22:36:54.0656 4732   IPSec       (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:36:54.0656 4732   IPSec - ok
22:36:54.0671 4732   IRENUM       (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:36:54.0671 4732   IRENUM - ok
22:36:54.0687 4732   isapnp       (3ce6ec5903c59223b61f6a0b9b84b022) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:36:54.0703 4732   isapnp - ok
22:36:54.0812 4732   JavaQuickStarterService (5e06a9d23727daf96faa796f1135fdcd) C:\Programmer\Java\jre6\bin\jqs.exe
22:36:54.0812 4732   JavaQuickStarterService - ok
22:36:54.0875 4732   Kbdclass     (32e823dfd0a7f18cf3b024f78c7aa7dd) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:36:54.0875 4732   Kbdclass - ok
22:36:54.0890 4732   kbdhid       (530d40f58095397b6b8aa5a0fdd074a5) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:36:54.0890 4732   kbdhid - ok
22:36:54.0968 4732   kmixer       (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:36:54.0968 4732   kmixer - ok
22:36:55.0015 4732   KSecDD       (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:36:55.0015 4732   KSecDD - ok
22:36:55.0062 4732   lanmanserver   (f429b46a773ed6b84025c8ea9949188f) C:\WINDOWS\System32\srvsvc.dll
22:36:55.0078 4732   lanmanserver - ok
22:36:55.0093 4732   lanmanworkstation (62d286f1131aad51b6d8d8249a27b8ca) C:\WINDOWS\System32\wkssvc.dll
22:36:55.0093 4732   lanmanworkstation - ok
22:36:55.0140 4732   LBeepKE       (be2dc24d403643a2d1d98f33c7087b38) C:\WINDOWS\system32\Drivers\LBeepKE.sys
22:36:55.0140 4732   LBeepKE - ok
22:36:55.0140 4732   lbrtfdc - ok
22:36:55.0265 4732   LBTServ       (910344e2a984010435ae84783b25e5eb) C:\Programmer\Fælles filer\LogiShrd\Bluetooth\lbtserv.exe
22:36:55.0281 4732   LBTServ - ok
22:36:55.0359 4732   LEqdUsb       (717e6714bca808f2a372e636aff3d15a) C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
22:36:55.0359 4732   LEqdUsb - ok
22:36:55.0359 4732   LHidEqd       (2786f7b4003adff88ce28bc1800b5407) C:\WINDOWS\system32\Drivers\LHidEqd.Sys
22:36:55.0359 4732   LHidEqd - ok
22:36:55.0406 4732   LHidFilt     (01cc7fb6e790ef044b411377f3a1ff41) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
22:36:55.0406 4732   LHidFilt - ok
22:36:55.0453 4732   LmHosts       (508c79641eb2256d7b8fd9ed64aa7b53) C:\WINDOWS\System32\lmhsvc.dll
22:36:55.0453 4732   LmHosts - ok
22:36:55.0500 4732   LMouFilt     (a2e7eae8898d7b4b8c302b8f4e836bb5) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
22:36:55.0500 4732   LMouFilt - ok
22:36:55.0515 4732   LUsbFilt     (ddfa88e36d5f8db5fbdbdddc4969db0a) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
22:36:55.0515 4732   LUsbFilt - ok
22:36:55.0593 4732   lxdxCATSCustConnectService (4a0b6533f035d74729942ee1d19c35c5) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe
22:36:55.0609 4732   lxdxCATSCustConnectService - ok
22:36:55.0609 4732   lxdx_device - ok
22:36:55.0687 4732   MatLocalLicenceServer50 (5f19eee5124d7ee515e36ff3ba20aa26) C:\Programmer\Fælles filer\Materialise\LicenseFiles\LicSrv50.exe
22:36:55.0687 4732   MatLocalLicenceServer50 - ok
22:36:55.0718 4732   MatLocalLicenceServer52 (84584b6a6bcb231410392cf09be2b717) C:\Programmer\Fælles filer\Materialise\LicenseFiles\LicSrv52.exe
22:36:55.0734 4732   MatLocalLicenceServer52 - ok
22:36:55.0796 4732   MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
22:36:55.0796 4732   MBAMProtector - ok
22:36:55.0921 4732   MBAMService   (ba400ed640bca1eae5c727ae17c10207) C:\Programmer\Malwarebytes’ Anti-Malware\mbamservice.exe
22:36:55.0937 4732   MBAMService - ok
22:36:56.0000 4732   mdmxsdk       (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:36:56.0000 4732   mdmxsdk - ok
22:36:56.0046 4732   Messenger     (6c585d70d270607ff861d762494b25e2) C:\WINDOWS\System32\msgsvc.dll
22:36:56.0062 4732   Messenger - ok
22:36:56.0109 4732   mnmdd       (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:36:56.0109 4732   mnmdd - ok
22:36:56.0187 4732   mnmsrvc       (8184e5463ab9bb8cfb37a28852db16c5) C:\WINDOWS\system32\mnmsrvc.exe
22:36:56.0187 4732   mnmsrvc - ok
22:36:56.0203 4732   Modem       (67ac997db66fdfd07738df58b45cd1b9) C:\WINDOWS\system32\drivers\Modem.sys
22:36:56.0203 4732   Modem - ok
22:36:56.0250 4732   Mouclass     (22774a2ab832972eca2ce227819f5af0) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:36:56.0250 4732   Mouclass - ok
22:36:56.0265 4732   mouhid       (39f0a46109b167707018e8889d5fec93) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:36:56.0265 4732   mouhid - ok
22:36:56.0265 4732   MountMgr     (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:36:56.0281 4732   MountMgr - ok
22:36:56.0281 4732   mraid35x - ok
22:36:56.0312 4732   MRxDAV       (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:36:56.0312 4732   MRxDAV - ok
22:36:56.0406 4732   MRxSmb       (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:36:56.0406 4732   MRxSmb - ok
22:36:56.0453 4732   MSDTC       (5375122a1c3abf51a9dbe222398e3a25) C:\WINDOWS\system32\msdtc.exe
22:36:56.0453 4732   MSDTC - ok
22:36:56.0468 4732   Msfs         (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:36:56.0468 4732   Msfs - ok
22:36:56.0468 4732   MSIServer - ok
22:36:56.0531 4732   MSKSSRV       (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:36:56.0531 4732   MSKSSRV - ok
22:36:56.0546 4732   MSPCLOCK     (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:36:56.0546 4732   MSPCLOCK - ok
22:36:56.0562 4732   MSPQM       (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:36:56.0562 4732   MSPQM - ok
22:36:56.0625 4732   mssmbios     (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:36:56.0625 4732   mssmbios - ok
22:36:56.0671 4732   MSTEE       (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:36:56.0671 4732   MSTEE - ok
22:36:56.0703 4732   Mup         (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:36:56.0718 4732   Mup - ok
22:36:56.0765 4732   NABTSFEC     (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:36:56.0765 4732   NABTSFEC - ok
22:36:56.0843 4732   napagent     (8ff76bff355b66e320bc1e4429c22657) C:\WINDOWS\System32\qagentrt.dll
22:36:56.0859 4732   napagent - ok
22:36:56.0921 4732   NDIS         (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:36:56.0937 4732   NDIS - ok
22:36:56.0984 4732   NdisIP       (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:36:56.0984 4732   NdisIP - ok
22:36:57.0031 4732   NdisTapi     (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:36:57.0031 4732   NdisTapi - ok
22:36:57.0046 4732   Ndisuio       (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:36:57.0046 4732   Ndisuio - ok
22:36:57.0093 4732   NdisWan       (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:36:57.0093 4732   NdisWan - ok
22:36:57.0140 4732   NDProxy       (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:36:57.0140 4732   NDProxy - ok
22:36:57.0171 4732   Netaapl       (1352e1648213551923a0a822e441553c) C:\WINDOWS\system32\DRIVERS\netaapl.sys
22:36:57.0187 4732   Netaapl - ok
22:36:57.0187 4732   NetBIOS       (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:36:57.0187 4732   NetBIOS - ok
22:36:57.0234 4732   NetBT       (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:36:57.0234 4732   NetBT - ok
22:36:57.0281 4732   NetDDE       (1b81d1d833268a82f979cb4cc8f7a4ef) C:\WINDOWS\system32\netdde.exe
22:36:57.0296 4732   NetDDE - ok
22:36:57.0296 4732   NetDDEdsdm     (1b81d1d833268a82f979cb4cc8f7a4ef) C:\WINDOWS\system32\netdde.exe
22:36:57.0296 4732   NetDDEdsdm - ok
22:36:57.0343 4732   Netlogon     (ac9fca8bcd685abdb9928b1964b731a2) C:\WINDOWS\system32\lsass.exe
22:36:57.0343 4732   Netlogon - ok
22:36:57.0421 4732   Netman       (7b4a4a94389364565c2334a82fcddf67) C:\WINDOWS\System32\netman.dll
22:36:57.0421 4732   Netman - ok
22:36:57.0625 4732   NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:36:57.0640 4732   NetTcpPortSharing - ok
22:36:57.0937 4732   NETw5x32     (91f027c242d3ff6e5c09f92a0518297f) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
22:36:58.0062 4732   NETw5x32 - ok
22:36:58.0187 4732   NIC1394       (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:36:58.0187 4732   NIC1394 - ok
22:36:58.0250 4732   Nla         (3b0979e9506755266c100f43d3700ca7) C:\WINDOWS\System32\mswsock.dll
22:36:58.0265 4732   Nla - ok
22:36:58.0390 4732   NMSAccess     (7aea4df1ca68fd45dd4bbe1f0243ce7f) C:\Programmer\CDBurnerXP\NMSAccessU.exe
22:36:58.0406 4732   NMSAccess - ok
22:36:58.0421 4732   Npfs         (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:36:58.0421 4732   Npfs - ok
22:36:58.0453 4732   Ntfs         (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:36:58.0484 4732   Ntfs - ok
22:36:58.0500 4732   NtLmSsp       (ac9fca8bcd685abdb9928b1964b731a2) C:\WINDOWS\system32\lsass.exe
22:36:58.0500 4732   NtLmSsp - ok
22:36:58.0546 4732   NtmsSvc       (1fe8446399f6044504f569014a2599b3) C:\WINDOWS\system32\ntmssvc.dll
22:36:58.0562 4732   NtmsSvc - ok
22:36:58.0625 4732   Null         (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:36:58.0625 4732   Null - ok
22:36:59.0421 4732   nv         (757662da491ef135169f5db185bdc975) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:36:59.0796 4732   nv - ok
22:36:59.0953 4732   NVSvc       (9ea2d74e1f17fe27d1adf97c3da730cc) C:\WINDOWS\system32\nvsvc32.exe
22:36:59.0953 4732   NVSvc - ok
22:37:00.0015 4732   NwlnkFlt     (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:37:00.0015 4732   NwlnkFlt - ok
22:37:00.0031 4732   NwlnkFwd     (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:37:00.0031 4732   NwlnkFwd - ok
22:37:00.0234 4732   odserv       (785f487a64950f3cb8e9f16253ba3b7b) C:\Programmer\Fælles filer\Microsoft Shared\OFFICE12\ODSERV.EXE
22:37:00.0250 4732   odserv - ok
22:37:00.0296 4732   ohci1394     (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:37:00.0312 4732   ohci1394 - ok
22:37:00.0312 4732   OMCI - ok
22:37:00.0359 4732   ose         (5a432a042dae460abe7199b758e8606c) C:\Programmer\Fælles filer\Microsoft Shared\Source Engine\OSE.EXE
22:37:00.0375 4732   ose - ok
22:37:00.0453 4732   PAC7302       (aff9a1986555e4592de8092f9a5fa2d2) C:\WINDOWS\system32\DRIVERS\PAC7302.SYS
22:37:00.0484 4732   PAC7302 - ok
22:37:00.0515 4732   Parport       (9e048790f33fe5f4fa9d27b5650a1dd5) C:\WINDOWS\system32\DRIVERS\parport.sys
22:37:00.0515 4732   Parport - ok
22:37:00.0546 4732   PartMgr       (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:37:00.0546 4732   PartMgr - ok
22:37:00.0593 4732   ParVdm       (48e97af5b876301131e9d1b0c43212c3) C:\WINDOWS\system32\drivers\ParVdm.sys
22:37:00.0593 4732   ParVdm - ok
22:37:00.0625 4732   PBADRV       (4088c1ecd1f54281a92fa663b0fdc36f) C:\WINDOWS\system32\DRIVERS\PBADRV.sys
22:37:00.0625 4732   PBADRV - ok
22:37:00.0640 4732   pccsmcfd - ok
22:37:00.0656 4732   PCI         (5d756da95bd1e2f6e495704715532fdc) C:\WINDOWS\system32\DRIVERS\pci.sys
22:37:00.0656 4732   PCI - ok
22:37:00.0656 4732   PCIDump - ok
22:37:00.0734 4732   PCIIde       (69ce0d409c11347196147ea4c6c02364) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:37:00.0734 4732   PCIIde - ok
22:37:00.0765 4732   Pcmcia       (e980b6d0ca6acba679a0ac810ab9a57c) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:37:00.0765 4732   Pcmcia - ok
22:37:00.0765 4732   PDCOMP - ok
22:37:00.0781 4732   PDFRAME - ok
22:37:00.0781 4732   PDRELI - ok
22:37:00.0796 4732   PDRFRAME - ok
22:37:00.0796 4732   perc2 - ok
22:37:00.0796 4732   perc2hib - ok
22:37:00.0859 4732   PlugPlay     (32f091e3425759b126760f44b5e931c9) C:\WINDOWS\system32\services.exe
22:37:00.0875 4732   PlugPlay - ok
22:37:00.0906 4732   PolicyAgent   (ac9fca8bcd685abdb9928b1964b731a2) C:\WINDOWS\system32\lsass.exe
22:37:00.0906 4732   PolicyAgent - ok
22:37:00.0937 4732   PptpMiniport   (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:37:00.0937 4732   PptpMiniport - ok
22:37:00.0953 4732   ProtectedStorage (ac9fca8bcd685abdb9928b1964b731a2) C:\WINDOWS\system32\lsass.exe
22:37:00.0953 4732   ProtectedStorage - ok
22:37:00.0953 4732   PSched       (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:37:00.0968 4732   PSched - ok
22:37:01.0000 4732   Ptilink       (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:37:01.0000 4732   Ptilink - ok
22:37:01.0015 4732   PxHelp20     (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:37:01.0015 4732   PxHelp20 - ok
22:37:01.0062 4732   PYNWAGNT     (b8f667895fe24967ea88dfa44b6a2b90) C:\WINDOWS\System32\Drivers\pynwagnt.sys
22:37:01.0062 4732   PYNWAGNT - ok
22:37:01.0093 4732   PyNwFlt       (76cdec5cb938fe77e393fc3e9377a77a) C:\WINDOWS\system32\DRIVERS\pynwflt.sys
22:37:01.0093 4732   PyNwFlt - ok
22:37:01.0109 4732   ql1080 - ok
22:37:01.0109 4732   Ql10wnt - ok
22:37:01.0125 4732   ql12160 - ok
22:37:01.0125 4732   ql1240 - ok
22:37:01.0125 4732   ql1280 - ok
22:37:01.0171 4732   RasAcd       (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:37:01.0171 4732   RasAcd - ok
22:37:01.0187 4732   RasAuto       (82c008ec993aba0bbc9d178b25f71746) C:\WINDOWS\System32\rasauto.dll
22:37:01.0187 4732   RasAuto - ok
22:37:01.0203 4732   Rasl2tp       (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:37:01.0218 4732   Rasl2tp - ok
22:37:01.0296 4732   RasMan       (8a18f96203be26ad7e6a4af765610527) C:\WINDOWS\System32\rasmans.dll
22:37:01.0312 4732   RasMan - ok
22:37:01.0328 4732   RasPppoe     (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:37:01.0328 4732   RasPppoe - ok
22:37:01.0328 4732   Raspti       (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:37:01.0328 4732   Raspti - ok
22:37:01.0390 4732   Rdbss       (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:37:01.0390 4732   Rdbss - ok
22:37:01.0406 4732   RDPCDD       (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:37:01.0406 4732   RDPCDD - ok
22:37:01.0437 4732   rdpdr       (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:37:01.0453 4732   rdpdr - ok
22:37:01.0500 4732   RDPWD       (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
22:37:01.0515 4732   RDPWD - ok
22:37:01.0546 4732   RDSessMgr     (2c0ab39d91e3c9118a191a48f7bd67f6) C:\WINDOWS\system32\sessmgr.exe
22:37:01.0562 4732   RDSessMgr - ok
22:37:01.0578 4732   redbook       (d2ea9dae9a9f1bf40c0ea1d1d7c5592c) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:37:01.0578 4732   redbook - ok
22:37:01.0734 4732   RegSrvc       (c96980cccf84329824623b0b50383703) C:\Programmer\Fælles filer\Intel\WirelessCommon\RegSrvc.exe
22:37:01.0796 4732   RegSrvc - ok
22:37:01.0828 4732   RemoteAccess   (bd3ea2fca2d32b003874ba4819f1818c) C:\WINDOWS\System32\mprdim.dll
22:37:01.0843 4732   RemoteAccess - ok
22:37:01.0890 4732   RemoteRegistry (13bcbc0acf9dc7f3192034bd858cc1ad) C:\WINDOWS\system32\regsvc.dll
22:37:01.0890 4732   RemoteRegistry - ok
22:37:01.0953 4732   rimmptsk     (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
22:37:01.0953 4732   rimmptsk - ok
22:37:02.0000 4732   rimsptsk     (a4216c71dd4f60b26418ccfd99cd0815) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
22:37:02.0000 4732   rimsptsk - ok
22:37:02.0015 4732   rismxdp       (d231b577024aa324af13a42f3a807d10) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
22:37:02.0015 4732   rismxdp - ok
22:37:02.0031 4732   RpcLocator     (9fabc6add7a3212ea934e62943de252c) C:\WINDOWS\system32\locator.exe
22:37:02.0031 4732   RpcLocator - ok
22:37:02.0093 4732   RpcSs       (059187b38452a01bb3b397691ddf3552) C:\WINDOWS\system32\rpcss.dll
22:37:02.0109 4732   RpcSs - ok
22:37:02.0171 4732   RSVP         (72309905945d7eaab911b376f86b95e6) C:\WINDOWS\system32\rsvp.exe
22:37:02.0187 4732   RSVP - ok
22:37:02.0312 4732   S24EventMonitor (0fcb7eeb0e81a777735a5af185f56c2b) C:\Programmer\Intel\WiFi\bin\S24EvMon.exe
22:37:02.0328 4732   S24EventMonitor - ok
22:37:02.0375 4732   s24trans     (96b4494d4734970f47c566e098c4f527) C:\WINDOWS\system32\DRIVERS\s24trans.sys
22:37:02.0375 4732   s24trans - ok
22:37:02.0437 4732   SafDskNT     (b002949486a5186471803e4ddfa42502) C:\WINDOWS\system32\drivers\SAFDSKNT.SYS
22:37:02.0437 4732   SafDskNT - ok
22:37:02.0453 4732   SamSs       (ac9fca8bcd685abdb9928b1964b731a2) C:\WINDOWS\system32\lsass.exe
22:37:02.0453 4732   SamSs - ok
22:37:02.0453 4732   SBRE - ok
22:37:02.0546 4732   SCardSvr     (c8bf6ae55768820130ecf35a6e4d64cc) C:\WINDOWS\System32\SCardSvr.exe
22:37:02.0546 4732   SCardSvr - ok
22:37:02.0953 4732   Schedule     (7d53dc5de342af26401a3cbbbc8cafb8) C:\WINDOWS\system32\schedsvc.dll
22:37:02.0953 4732   Schedule - ok
22:37:02.0984 4732   sdbus       (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
22:37:02.0984 4732   sdbus - ok
22:37:03.0000 4732   Secdrv       (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:37:03.0000 4732   Secdrv - ok
22:37:03.0015 4732   seclogon     (31c48478030803c99a050c47c22d4a9d) C:\WINDOWS\System32\seclogon.dll
22:37:03.0031 4732   seclogon - ok
22:37:03.0187 4732   SecureStorageService (27d53cd650cc77123faf2f07023dabc7) C:\Programmer\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
22:37:03.0265 4732   SecureStorageService - ok
22:37:03.0281 4732   SENS         (1dda52fbbd05d3fa61a209447fa54aef) C:\WINDOWS\system32\sens.dll
22:37:03.0296 4732   SENS - ok
22:37:03.0296 4732   Serenum       (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:37:03.0296 4732   Serenum - ok
22:37:03.0312 4732   Serial       (680ed46039ebd4c23eb708f1af6b9e5d) C:\WINDOWS\system32\DRIVERS\serial.sys
22:37:03.0312 4732   Serial - ok
22:37:03.0406 4732   sffdisk       (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
22:37:03.0406 4732   sffdisk - ok
22:37:03.0406 4732   sffp_sd       (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
22:37:03.0406 4732   sffp_sd - ok
22:37:03.0453 4732   Sfloppy       (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:37:03.0453 4732   Sfloppy - ok
22:37:03.0515 4732   ShellHWDetection (a17d630fabfe7b796cbdbee79f9e6612) C:\WINDOWS\System32\shsvcs.dll
22:37:03.0515 4732   ShellHWDetection - ok
22:37:03.0531 4732   Simbad - ok
22:37:03.0843 4732   Skype C2C Service (4ca43b85f22c7739311788b651a779cb) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
22:37:03.0953 4732   Skype C2C Service - ok
22:37:04.0125 4732   SLIP         (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:37:04.0125 4732   SLIP - ok
22:37:04.0203 4732   SMServer     (e5b8e0468fb096447212888151399769) C:\WINDOWS\system32\snmvtsvc.exe
22:37:04.0218 4732   SMServer - ok
22:37:04.0265 4732   SndTAudio     (498bf05ef261565c2789cf1826f2361b) C:\WINDOWS\system32\drivers\SndTAudio.sys
22:37:04.0265 4732   SndTAudio - ok
22:37:04.0390 4732   SolidWorks Licensing Service (4945020bc094c322571184a6e8056b3a) C:\Programmer\Fælles filer\SolidWorks Shared\Service\SolidWorksLicensing.exe
22:37:04.0390 4732   SolidWorks Licensing Service - ok
22:37:04.0406 4732   Sparrow - ok
22:37:04.0500 4732   splitter     (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:37:04.0500 4732   splitter - ok
22:37:04.0562 4732   Spooler       (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
22:37:04.0562 4732   Spooler - ok
22:37:04.0625 4732   sr         (b3ecb8b07f7991132c71c1b16a82ffe3) C:\WINDOWS\system32\DRIVERS\sr.sys
22:37:04.0625 4732   sr - ok
22:37:04.0703 4732   srservice     (1e8f91a7cd08bdb7482746f97365e12e) C:\WINDOWS\system32\srsvc.dll
22:37:04.0703 4732   srservice - ok
22:37:04.0781 4732   Srv         (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:37:04.0781 4732   Srv - ok
22:37:04.0828 4732   SSDPSRV       (b1d1003d618961eb936a0717e74cb147) C:\WINDOWS\System32\ssdpsrv.dll
22:37:04.0843 4732   SSDPSRV - ok
22:37:04.0875 4732   StarOpen     (e57b778208c783d8debab320c16a1b82) C:\WINDOWS\system32\drivers\StarOpen.sys
22:37:04.0875 4732   StarOpen - ok
22:37:04.0984 4732   STHDA       (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
22:37:05.0000 4732   STHDA - ok
22:37:05.0062 4732   stisvc       (787e2a34b0be4b102843d0659811c7ac) C:\WINDOWS\system32\wiaservc.dll
22:37:05.0078 4732   stisvc - ok
22:37:05.0171 4732   streamip     (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:37:05.0171 4732   streamip - ok
22:37:05.0203 4732   swenum       (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:37:05.0203 4732   swenum - ok
22:37:05.0281 4732   swmidi       (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:37:05.0281 4732   swmidi - ok
22:37:05.0281 4732   SwPrv - ok
22:37:05.0296 4732   symc810 - ok
22:37:05.0296 4732   symc8xx - ok
22:37:05.0312 4732   sym_hi - ok
22:37:05.0312 4732   sym_u3 - ok
22:37:05.0406 4732   SynTP       (dc1e7ee0a6494cd79d624bd8d5da8bfb) C:\WINDOWS\system32\DRIVERS\SynTP.sys
22:37:05.0406 4732   SynTP - ok
22:37:05.0468 4732   sysaudio     (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:37:05.0468 4732   sysaudio - ok
22:37:05.0484 4732   SysmonLog     (6453945e83873cdc17e81b0e6a71e707) C:\WINDOWS\system32\smlogsvc.exe
22:37:05.0500 4732   SysmonLog - ok
22:37:05.0531 4732   TapiSrv       (dd04ba74cf4d5d223675b1bd8326648e) C:\WINDOWS\System32\tapisrv.dll
22:37:05.0546 4732   TapiSrv - ok
22:37:05.0640 4732   Tcpip       (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:37:05.0640 4732   Tcpip - ok
22:37:05.0859 4732   tcsd_win32.exe (69f1a38a6dbfe682491cb61a596662e3) C:\Programmer\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
22:37:05.0906 4732   tcsd_win32.exe - ok
22:37:06.0046 4732   TdmService     (d9ec6a4b1a94cbcab47098f5aab3a780) C:\Programmer\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
22:37:06.0078 4732   TdmService - ok
22:37:06.0265 4732   TDPIPE       (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:37:06.0265 4732   TDPIPE - ok
22:37:06.0281 4732   TDTCP       (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:37:06.0281 4732   TDTCP - ok
22:37:06.0328 4732   teamviewervpn   (9101fffcfccd1a30e870a5b8a9091b10) C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys
22:37:06.0375 4732   teamviewervpn - ok
22:37:06.0390 4732   TermDD       (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:37:06.0390 4732   TermDD - ok
22:37:06.0468 4732   TermService   (14c8ec0aa06a33ccc5407e4324f91312) C:\WINDOWS\System32\termsrv.dll
22:37:06.0484 4732   TermService - ok
22:37:06.0546 4732   Themes       (a17d630fabfe7b796cbdbee79f9e6612) C:\WINDOWS\System32\shsvcs.dll
22:37:06.0562 4732   Themes - ok
22:37:06.0625 4732   TlntSvr       (5ca8ca112235e9178f20422a07135f0e) C:\WINDOWS\system32\tlntsvr.exe
22:37:06.0625 4732   TlntSvr - ok
22:37:06.0640 4732   TosIde - ok
22:37:06.0687 4732   tosporte     (8d624d3bd1f2d78bd1c01a2d4e954b4e) C:\WINDOWS\system32\DRIVERS\tosporte.sys
22:37:06.0687 4732   tosporte - ok
22:37:06.0734 4732   tosrfbd       (435ac6cc2abed508ac5a495658cbaf0f) C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
22:37:06.0734 4732   tosrfbd - ok
22:37:06.0734 4732   tosrfbnp     (90c8525bc578aaffe87c2d0ed4379e9e) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
22:37:06.0734 4732   tosrfbnp - ok
22:37:06.0796 4732   Tosrfcom     (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys
22:37:06.0796 4732   Tosrfcom - ok
22:37:06.0828 4732   Tosrfhid     (28099a4e52148319afa685d93a2244d0) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
22:37:06.0828 4732   Tosrfhid - ok
22:37:06.0828 4732   tosrfnds     (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
22:37:06.0828 4732   tosrfnds - ok
22:37:06.0890 4732   TosRfSnd     (1ff09b64d1e0c82ee81026718d8d47c2) C:\WINDOWS\system32\drivers\tosrfsnd.sys
22:37:06.0890 4732   TosRfSnd - ok
22:37:06.0906 4732   Tosrfusb     (6bc529c5eca0c7654943fd6fab21c5fa) C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
22:37:06.0906 4732   Tosrfusb - ok
22:37:06.0984 4732   TrkWks       (f9d5ffa46cde05c235ea258c02ba8a66) C:\WINDOWS\system32\trkwks.dll
22:37:06.0984 4732   TrkWks - ok
22:37:07.0031 4732   Udfs         (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:37:07.0031 4732   Udfs - ok
22:37:07.0046 4732   ultra - ok
22:37:07.0109 4732   Update       (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:37:07.0109 4732   Update - ok
22:37:07.0171 4732   upnphost     (d091aa5963c06afec8bfc3d5b1b24647) C:\WINDOWS\System32\upnphost.dll
22:37:07.0203 4732   upnphost - ok
22:37:07.0218 4732   UPS         (925edcae2170355679e1d2d1e638f68e) C:\WINDOWS\System32\ups.exe
22:37:07.0218 4732   UPS - ok
22:37:07.0265 4732   USBAAPL       (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
22:37:07.0265 4732   USBAAPL - ok
22:37:07.0421 4732   usbaudio     (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:37:07.0468 4732   usbaudio - ok
22:37:07.0562 4732   usbccgp       (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:37:07.0562 4732   usbccgp - ok
22:37:07.0687 4732   usbehci       (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:37:07.0687 4732   usbehci - ok
22:37:07.0703 4732   usbhub       (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:37:07.0703 4732   usbhub - ok
22:37:07.0734 4732   usbprint     (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:37:07.0734 4732   usbprint - ok
22:37:07.0765 4732   usbscan       (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:37:07.0765 4732   usbscan - ok
22:37:07.0812 4732   usbser       (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
22:37:07.0812 4732   usbser - ok
22:37:07.0875 4732   USBSTOR       (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:37:07.0875 4732   USBSTOR - ok
22:37:07.0875 4732   usbuhci       (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:37:07.0875 4732   usbuhci - ok
22:37:07.0921 4732   VgaSave       (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:37:07.0937 4732   VgaSave - ok
22:37:07.0937 4732   ViaIde - ok
22:37:07.0953 4732   VolSnap       (69d9e1de5f897580f8b1d1957528b0b2) C:\WINDOWS\system32\drivers\VolSnap.sys
22:37:07.0953 4732   VolSnap - ok
22:37:07.0984 4732   VSS         (3f5d90c4bb1c6a75e264e8d7148eb3ce) C:\WINDOWS\System32\vssvc.exe
22:37:07.0984 4732   VSS - ok
22:37:08.0015 4732   W32Time       (1c398054ba3d3e75e991f548ab8d763f) C:\WINDOWS\system32\w32time.dll
22:37:08.0015 4732   W32Time - ok
22:37:08.0031 4732   Wanarp       (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:37:08.0031 4732   Wanarp - ok
22:37:08.0093 4732   WavxDMgr     (dee09de5c10b329567b17e879fa8c4bd) C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
22:37:08.0093 4732   WavxDMgr - ok
22:37:08.0109 4732   wceusbsh     (4a954a20a4c73d6db13c0fe25f3f1b0c) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
22:37:08.0125 4732   wceusbsh - ok
22:37:08.0203 4732   Wdf01000     (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
22:37:08.0203 4732   Wdf01000 - ok
22:37:08.0203 4732   WDICA - ok
22:37:08.0265 4732   wdmaud       (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:37:08.0265 4732   wdmaud - ok
22:37:08.0281 4732   WebClient     (1a85ad583cd64227203bdc1fe2afa520) C:\WINDOWS\System32\webclnt.dll
22:37:08.0296 4732   WebClient - ok
22:37:08.0375 4732   WIBUKEY       (afcea7939925378f867dde6af76f3924) C:\WINDOWS\system32\DRIVERS\WibuKey.sys
22:37:08.0375 4732   WIBUKEY - ok
22:37:08.0375 4732   Wibukey2     (1ac50e90995649803bacab62f5f48e2a) C:\WINDOWS\system32\drivers\wibukey2.sys
22:37:08.0375 4732   Wibukey2 - ok
22:37:08.0468 4732   winachsf     (a8596cf86d445269a42ecc08b7066a4c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:37:08.0484 4732   winachsf - ok
22:37:08.0625 4732   winmgmt       (c16c23396f1c1ba7d170c54ec4e78f1b) C:\WINDOWS\system32\wbem\WMIsvc.dll
22:37:08.0625 4732   winmgmt - ok
22:37:08.0796 4732   WLANKEEPER     (c9b9942eeca0b82e35d60627e365510a) C:\Programmer\Intel\WiFi\bin\WLKeeper.exe
22:37:08.0828 4732   WLANKEEPER - ok
22:37:08.0875 4732   WmdmPmSN     (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
22:37:08.0890 4732   WmdmPmSN - ok
22:37:08.0984 4732   Wmi         (031ae33d8f143d37f53e122375950396) C:\WINDOWS\System32\advapi32.dll
22:37:09.0015 4732   Wmi - ok
22:37:09.0093 4732   WmiAcpi       (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:37:09.0093 4732   WmiAcpi - ok
22:37:09.0109 4732   WmiApSrv     (a11d7a4dbabbf29bd66e189905c21d4e) C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:37:09.0125 4732   WmiApSrv - ok
22:37:09.0281 4732   WMPNetworkSvc   (6ee45ad8dbef8785b8cd312736626ebe) C:\Programmer\Windows Media Player\WMPNetwk.exe
22:37:09.0328 4732   WMPNetworkSvc - ok
22:37:09.0390 4732   WpdUsb       (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:37:09.0390 4732   WpdUsb - ok
22:37:09.0531 4732   WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:37:09.0609 4732   WPFFontCache_v0400 - ok
22:37:09.0625 4732   WSearch - ok
22:37:09.0687 4732   WSTCODEC     (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:37:09.0687 4732   WSTCODEC - ok
22:37:09.0750 4732   wuauserv     (2bc349942c6ce07736f78bec266816ce) C:\WINDOWS\system32\wuauserv.dll
22:37:09.0781 4732   wuauserv - ok
22:37:09.0828 4732   WudfPf       (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:37:09.0828 4732   WudfPf - ok
22:37:09.0843 4732   WudfSvc       (ddee3682fe97037c45f4d7ab467cb8b6) C:\WINDOWS\System32\WUDFSvc.dll
22:37:09.0937 4732   WudfSvc - ok
22:37:10.0015 4732   WZCSVC       (f335fb0f45374c2ea9c3eba798eb550d) C:\WINDOWS\System32\wzcsvc.dll
22:37:10.0078 4732   WZCSVC - ok
22:37:10.0109 4732   xmlprov       (3fee6c536d5bfc0f1b6bca56f97d1f80) C:\WINDOWS\System32\xmlprov.dll
22:37:10.0187 4732   xmlprov - ok
22:37:10.0250 4732   MBR (0x1B8)    (b8e6c11ca5664dbeda85d7507526e0f4) \Device\Harddisk0\DR0
22:37:10.0843 4732   \Device\Harddisk0\DR0 - ok
22:37:10.0843 4732   Boot (0x1200)  (33a76e59109310e52013cca9df487b2d) \Device\Harddisk0\DR0\Partition0
22:37:10.0843 4732   \Device\Harddisk0\DR0\Partition0 - ok
22:37:10.0843 4732   ============================================================
22:37:10.0843 4732   Scan finished
22:37:10.0843 4732   ============================================================
22:37:10.0859 2480   Detected object count: 0
22:37:10.0859 2480   Actual detected object count: 0

asmMBR log fil:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-18 22:41:13
——————————————-
22:41:13.468   OS Version: Windows 5.1.2600 Service Pack 3
22:41:13.468   Number of processors: 2 586 0x1706
22:41:13.468   ComputerName: KURT01 UserName: Kdp
22:41:15.046   Initialize success
22:41:21.125   Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e
22:41:21.140   Disk 0 Vendor: ST9500420AS 0002SDM1 Size: 476940MB BusType: 3
22:41:21.140   Disk 0 MBR read successfully
22:41:21.140   Disk 0 MBR scan
22:41:21.140   Disk 0 Windows XP default MBR code
22:41:21.140   Disk 0 Partition 1 80 (A) 07   HPFS/NTFS NTFS     476937 MB offset 63
22:41:21.140   Disk 0 scanning sectors +976768065
22:41:21.203   Disk 0 scanning C:\WINDOWS\system32\drivers
22:41:32.000   Service scanning
22:41:48.703   Modules scanning
22:41:53.906   Disk 0 trace - called modules:
22:41:53.921   ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
22:41:53.921   1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b196ab8]
22:41:53.921   3 CLASSPNP.SYS[b8108fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-e[0x8b172940]
22:41:53.937   Scan finished successfully
22:42:03.062   Disk 0 MBR has been saved successfully to “C:\Documents and Settings\kdp.DOMAIN\Skrivebord\MBR.dat”
22:42:03.062   The log file has been saved successfully to “C:\Documents and Settings\kdp.DOMAIN\Skrivebord\aswMBR.txt”