Hej og velkommen          

Fra fejlsikret tilstand med netværk ->

Download OTL af Oldtimer, gem den på dit skrivebord: http://oldtimer.geekstogo.com/OTL.exe
• 
Luk alle åbne vinduer. Klik på OTL ikonet (for Vista/win7, skal du højreklikke på ikonet og Kør som Administrator) for at starte programmet.
Når vinduet vises, under Output i toppen skift til Minimal Output.
Marker felterne ud for LOP check og Purity Check.
• 

I Custom Scan boxen, kopierer du nedestående ind:

netsvcs
drivers32
msconfig
safebootminimal
safebootnetwork
activex
set /c
/md5start
iexplore.exe
explorer.exe
winlogon.exe
userinit.exe
svchost.exe
volsnap.sys
wininit.exe
sfc.dll
/md5stop
%SYSTEMDRIVE%\*.*
%SYSTEMDRIVE%\*.
%CREATERESTOREPOINT
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

Klik så på Quick Scan.
• 

Det vil give to (2) logfiler på skrivebordet, en kaldet OTL.txt, den anden vil blive navngivet Extras.txt.
Husk, hvor du har gemt disse 2 filer.

Da de er forholdsvis lange, kan du blive nødt til at sende dem i flere indlæg.

OTL logfile created on: 7/1/2012 2:16:40 PM - Run 1
OTL by OldTimer - Version 3.2.53.0   Folder = C:\Users\Malene\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

3.60 Gb Total Physical Memory | 2.98 Gb Available Physical Memory | 82.72% Memory free
7.21 Gb Paging File | 6.66 Gb Available in Paging File | 92.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443.77 Gb Total Space | 397.83 Gb Free Space | 89.65% Space Free | Partition Type: NTFS
Drive D: | 17.83 Gb Total Space | 1.88 Gb Free Space | 10.56% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.08 Gb Free Space | 27.37% Space Free | Partition Type: FAT32

Computer Name: MALENE-PC | User Name: Malene | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Malene\Desktop\OTL.exe (OldTimer Tools)


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - (!SASCORE)—C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV:64bit: - (AMD External Events Utility)—C:\Windows\sysnative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service)—C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (HPAuto)—C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe (Hewlett-Packard)
SRV:64bit: - (HPClientSvc)—C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company)
SRV:64bit: - (wlcrasvc)—C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (AERTFilters)—C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (WinDefend)—C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (SvcOnlineArmor)—C:\Program Files (x86)\Online Armor\oasrv.exe (Emsi Software GmbH)
SRV - (OAcat)—C:\Program Files (x86)\Online Armor\OAcat.exe (Emsi Software GmbH)
SRV - (MBAMService)—C:\Program Files (x86)\Malwarebytes’ Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (vToolbarUpdater10.2.0)—C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe ()
SRV - (HPWMISVC)—C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
SRV - (AVGIDSAgent)—C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (sftvsa)—C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist)—C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (avgwd)—C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (HP Support Assistant Service)—C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
SRV - (HPDrvMntSvc.exe)—C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (BBSvc)—C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort)—C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (IconMan_R)—C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (GamesAppService)—C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v4.0.30319_32)—C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32)—C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMProtector)—C:\Windows\sysnative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Fs_Rec)—C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64)—C:\Windows\sysnative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (OAnet)—C:\Windows\sysnative\drivers\OAnet.sys (Emsisoft)
DRV:64bit: - (Avgldx64)—C:\Windows\sysnative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Sftvol)—C:\Windows\sysnative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay)—C:\Windows\sysnative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir)—C:\Windows\sysnative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs)—C:\Windows\sysnative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (Avgrkx64)—C:\Windows\sysnative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (amdsata)—C:\Windows\sysnative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata)—C:\Windows\sysnative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (Avgmfx64)—C:\Windows\sysnative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (SASDIFSV)—C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL)—C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (Avgtdia)—C:\Windows\sysnative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter)—C:\Windows\sysnative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSDriver)—C:\Windows\sysnative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSEH)—C:\Windows\sysnative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (amdkmdag)—C:\Windows\sysnative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap)—C:\Windows\sysnative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (SynTP)—C:\Windows\sysnative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (KeyScrambler)—C:\Windows\sysnative\drivers\keyscrambler.sys (QFX Software Corporation)
DRV:64bit: - (netr28x)—C:\Windows\sysnative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (amd_sata)—C:\Windows\sysnative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_xata)—C:\Windows\sysnative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8167)—C:\Windows\sysnative\drivers\Rt64win7.sys (Realtek                             )
DRV:64bit: - (RSPCIESTOR)—C:\Windows\sysnative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (usbfilter)—C:\Windows\sysnative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt)—C:\Windows\sysnative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus)—C:\Windows\sysnative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD)—C:\Windows\sysnative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD)—C:\Windows\sysnative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (clwvd)—C:\Windows\sysnative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (amdiox64)—C:\Windows\sysnative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs)—C:\Windows\sysnative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2)—C:\Windows\sysnative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor)—C:\Windows\sysnative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SrvHsfV92)—C:\Windows\sysnative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac)—C:\Windows\sysnative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA)—C:\Windows\sysnative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (NVENETFD)—C:\Windows\sysnative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (BCM43XX)—C:\Windows\sysnative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv)—C:\Windows\sysnative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv)—C:\Windows\sysnative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a)—C:\Windows\sysnative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir)—C:\Windows\sysnative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM)—C:\Windows\sysnative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (OAmon)—C:\Windows\SysWOW64\drivers\OAmon.sys (Emsisoft)
DRV - (OADevice)—C:\Windows\SysWOW64\drivers\OADriver.sys ()
DRV - (oahlpXX)—C:\Windows\SysWOW64\drivers\oahlp64.sys ()
DRV - (WIMMount)—C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQCON/5
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQCON/5
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: “URL” = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
IE:64bit: - HKLM\..\SearchScopes\{7B28842B-FC09-4CC9-BD49-171E637B63FC}: “URL” = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link;_code=qs&index=aps&field;-keywords={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: “URL” = http://dk.search.yahoo.com/search?p={searchTerms}&ei;={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: “URL” = http://da.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQCON/5
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQCON/5
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: “URL” = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
IE - HKLM\..\SearchScopes\{7B28842B-FC09-4CC9-BD49-171E637B63FC}: “URL” = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link;_code=qs&index=aps&field;-keywords={searchTerms}
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: “URL” = http://dk.search.yahoo.com/search?p={searchTerms}&ei;={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: “URL” = http://da.wikipedia.org/wiki/Special:Search?search={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQCON/5
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQCON/5
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: “URL” = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
IE - HKCU\..\SearchScopes\{7B28842B-FC09-4CC9-BD49-171E637B63FC}: “URL” = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link;_code=qs&index=aps&field;-keywords={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: “URL” = http://isearch.avg.com/search?cid={6E31EB81-121F-4FAD-BA10-6C2FA563756F}&mid=64c180cfa74b47d09eb89557e721318e-cb9f682b884d144e33f24880416a12fe6cce14d5&lang=da&ds=AVG&pr=fr&d=2012-03-18 21:30:32&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: “URL” = http://dk.search.yahoo.com/search?p={searchTerms}&ei;={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: “URL” = http://da.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Malene\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Malene\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/03/18 22:30:37 | 000,000,000 |—-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.2.0.3\ [2012/03/28 12:26:31 | 000,000,000 |—-D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie;={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl;={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Malene\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Malene\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Malene\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Malene\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Malene\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Malene\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Malene\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-s\u00F8gning = C:\Users\Malene\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Users\Malene\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: Gmail = C:\Users\Malene\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 |——| M]) - C:\Windows\sysnative\drivers\etc\hosts
O2:64bit: - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files (x86)\Online Armor\oaui.exe (Emsi Software GmbH)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe File not found
O4 - HKCU..\Run: [Spotify] C:\Users\Malene\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Malene\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Malene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Malene\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Malene\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9:64bit: - Extra ‘Tools’ menuitem : &KeyScrambler; Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra ‘Tools’ menuitem : &KeyScrambler; Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra ‘Tools’ menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3C16B68-2ACB-4BCA-A7A9-C0446005EA24}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\sysnative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open]—“%1” %*
O35:64bit: - HKLM\..exefile [open]—“%1” %*
O35 - HKLM\..comfile [open]—“%1” %*
O35 - HKLM\..exefile [open]—“%1” %*
O37:64bit: - HKLM\...com [@ = comfile]—“%1” %*
O37:64bit: - HKLM\...exe [@ = exefile]—“%1” %*
O37 - HKLM\...com [@ = comfile]—“%1” %*
O37 - HKLM\...exe [@ = exefile]—“%1” %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)


SafeBootMin:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - “%ProgramFiles%\Windows Mail\WinMail.exe” OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - “C:\Windows\System32\rundll32.exe” “C:\Windows\System32\iedkcs32.dll”,BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - “%ProgramFiles(x86)%\Windows Mail\WinMail.exe” OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - “C:\Windows\SysWOW64\rundll32.exe” “C:\Windows\SysWOW64\iedkcs32.dll”,BrandIEActiveSetup SIGNUP

%CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084

========== Files/Folders - Created Within 30 Days ==========

[2012/07/01 14:07:41 | 000,596,992 |——| C] (OldTimer Tools)—C:\Users\Malene\Desktop\OTL.exe
[2012/06/26 15:30:25 | 000,000,000 |—-D | C]—C:\Users\Malene\AppData\Roaming\Malwarebytes
[2012/06/26 15:30:19 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes’ Anti-Malware
[2012/06/26 15:30:19 | 000,000,000 |—-D | C]—C:\ProgramData\Malwarebytes
[2012/06/26 15:30:18 | 000,024,904 |——| C] (Malwarebytes Corporation)—C:\Windows\SysNative\drivers\mbam.sys
[2012/06/26 15:30:18 | 000,000,000 |—-D | C]—C:\Program Files (x86)\Malwarebytes’ Anti-Malware
[2012/06/07 22:17:03 | 000,000,000 |—-D | C]—C:\ProgramData\PopCap Games
[2012/06/07 22:17:03 | 000,000,000 |—-D | C]—C:\Program Files (x86)\PopCap Games
[2012/06/02 18:22:30 | 000,000,000 |—-D | C]—C:\Windows\Sun
[2012/06/01 22:06:57 | 000,000,000 |—-D | C]—C:\Users\Malene\AppData\Roaming\WildTangent

========== Files - Modified Within 30 Days ==========

[2012/07/01 14:07:48 | 000,596,992 |——| M] (OldTimer Tools)—C:\Users\Malene\Desktop\OTL.exe
[2012/06/30 22:49:37 | 001,292,160 |——| M] ()—C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/30 22:49:37 | 000,620,536 |——| M] ()—C:\Windows\SysNative\perfh009.dat
[2012/06/30 22:49:37 | 000,482,964 |——| M] ()—C:\Windows\SysNative\perfh006.dat
[2012/06/30 22:49:37 | 000,110,466 |——| M] ()—C:\Windows\SysNative\perfc009.dat
[2012/06/30 22:49:37 | 000,084,118 |——| M] ()—C:\Windows\SysNative\perfc006.dat
[2012/06/30 22:44:53 | 000,067,584 |—S- | M] ()—C:\Windows\bootstat.dat
[2012/06/30 22:44:51 | 2902,646,784 | -HS- | M] ()—C:\hiberfil.sys
[2012/06/30 22:34:15 | 000,000,946 |——| M] ()—C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1621226466-3871911349-4173100471-1001UA.job
[2012/06/30 22:30:44 | 000,032,064 | -H—| M] ()—C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/30 22:30:44 | 000,032,064 | -H—| M] ()—C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/26 15:30:19 | 000,001,113 |——| M] ()—C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/19 15:22:12 | 100,627,405 |——| M] ()—C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/06/19 15:16:26 | 000,067,584 |—S- | M] ()—C:\Windows\bootstat(70).dat
[2012/06/19 02:53:30 | 000,001,374 |——| M] ()—C:\Users\Malene\Documents\loveletter.rtf
[2012/06/07 20:55:11 | 000,001,662 |——| M] ()—C:\Users\Malene\Application Data\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - hp.lnk
[2012/06/07 20:55:10 | 000,002,532 |——| M] ()—C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
[2012/06/02 22:53:15 | 000,007,605 |——| M] ()—C:\Users\Malene\AppData\Local\Resmon.ResmonCfg
[2012/06/02 19:50:30 | 000,040,512 |——| M] (Emsisoft)—C:\Windows\SysWow64\drivers\OAmon.sys
[2012/06/02 19:41:22 | 000,061,624 |——| M] ()—C:\Windows\SysWow64\drivers\OADriver.sys
[2012/06/02 19:37:51 | 000,061,624 |——| M] ()—C:\Windows\SysWow64\drivers\oahlp64.sys
[2012/06/02 17:17:15 | 000,002,698 |——| M] ()—C:\Users\Malene\Application Data\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - wildgames.lnk
[2012/06/02 17:17:14 | 000,002,666 |——| M] ()—C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk

========== Files Created - No Company Name ==========

[2012/06/26 15:30:19 | 000,001,113 |——| C] ()—C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/19 01:56:16 | 000,001,374 |——| C] ()—C:\Users\Malene\Documents\loveletter.rtf
[2012/06/02 22:53:15 | 000,007,605 |——| C] ()—C:\Users\Malene\AppData\Local\Resmon.ResmonCfg
[2012/06/02 17:17:14 | 000,002,698 |——| C] ()—C:\Users\Malene\Application Data\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - wildgames.lnk
[2012/06/02 17:17:14 | 000,002,666 |——| C] ()—C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
[2012/06/02 17:16:15 | 000,002,532 |——| C] ()—C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
[2012/06/02 17:16:15 | 000,001,662 |——| C] ()—C:\Users\Malene\Application Data\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - hp.lnk
[2012/05/04 23:13:41 | 000,061,624 |——| C] ()—C:\Windows\SysWow64\drivers\oahlp64.sys
[2012/05/04 23:13:40 | 000,061,624 |——| C] ()—C:\Windows\SysWow64\drivers\OADriver.sys
[2011/12/24 01:39:26 | 003,031,218 |——| C] ()—C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/22 23:55:27 | 000,000,000 |——| C] ()—C:\Windows\ativpsrm.bin
[2011/09/22 23:46:55 | 000,014,119 |——| C] ()—C:\Windows\SysWow64\RaCoInst.dat
[2011/09/22 23:41:28 | 000,000,056 | -H—| C] ()—C:\Windows\SysWow64\ezsidmv.dat
[2011/08/10 08:32:30 | 000,000,068 |——| C] ()—C:\Windows\SysWow64\ezdigsgn.dat
[2011/07/05 20:47:06 | 000,059,904 |——| C] ()—C:\Windows\SysWow64\OVDecode.dll
[2011/06/10 04:17:36 | 000,066,856 |——| C] ()—C:\Windows\SysWow64\SynTPEnhPS.dll
[2011/05/13 16:33:18 | 000,007,736 |——| C] ()—C:\Windows\hpDSTRES.DLL
[2011/03/18 11:51:44 | 000,003,929 |——| C] ()—C:\Windows\SysWow64\atipblag.dat

========== LOP Check ==========

[2012/03/23 14:44:46 | 000,000,000 |—-D | M]—C:\Users\Malene\AppData\Roaming\AVG
[2012/03/18 22:48:06 | 000,000,000 |—-D | M]—C:\Users\Malene\AppData\Roaming\AVG2012
[2012/03/25 00:41:20 | 000,000,000 |—-D | M]—C:\Users\Malene\AppData\Roaming\DVDVideoSoft
[2012/03/25 00:41:09 | 000,000,000 |—-D | M]—C:\Users\Malene\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/04/23 00:34:20 | 000,000,000 |—-D | M]—C:\Users\Malene\AppData\Roaming\f-secure
[2011/12/25 23:41:06 | 000,000,000 |—-D | M]—C:\Users\Malene\AppData\Roaming\Flood Light Games
[2012/05/04 23:18:42 | 000,000,000 |—-D | M]—C:\Users\Malene\AppData\Roaming\OnlineArmor
[2012/04/04 21:46:36 | 000,000,000 |—-D | M]—C:\Users\Malene\AppData\Roaming\SoftGrid Client
[2012/06/25 05:56:03 | 000,000,000 |—-D | M]—C:\Users\Malene\AppData\Roaming\Spotify
[2011/12/24 01:30:42 | 000,000,000 |—-D | M]—C:\Users\Malene\AppData\Roaming\Synaptics
[2011/12/24 01:40:27 | 000,000,000 |—-D | M]—C:\Users\Malene\AppData\Roaming\TP
[2012/06/25 05:58:52 | 000,000,000 |—-D | M]—C:\Users\Malene\AppData\Roaming\WildTangent
[2011/12/24 13:46:48 | 000,000,000 |—-D | M]—C:\Users\Malene\AppData\Roaming\_MDLogs
[2009/07/14 07:08:49 | 000,015,538 |——| M] ()—C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< set /c >
ALLUSERSPROFILE=C:\ProgramData
AMDAPPSDKROOT=C:\Program Files (x86)\AMD APP\
APPDATA=C:\Users\Malene\AppData\Roaming
asl.log=Destination=file
CommonProgramFiles=C:\Program Files (x86)\Common Files
CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
CommonProgramW6432=C:\Program Files\Common Files
COMPUTERNAME=MALENE-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Malene
LOCALAPPDATA=C:\Users\Malene\AppData\Local
LOGONSERVER=\\MALENE-PC
NUMBER_OF_PROCESSORS=2
OnlineServices=Online Services
OS=Windows_NT
Path=C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PCBRAND=Presario
Platform=MCD
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_ARCHITEW6432=AMD64
PROCESSOR_IDENTIFIER=AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=20
PROCESSOR_REVISION=0200
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files (x86)
ProgramFiles(x86)=C:\Program Files (x86)
ProgramW6432=C:\Program Files
PROMPT=$P$G
PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
PUBLIC=C:\Users\Public
SAFEBOOT_OPTION=NETWORK
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\Malene\AppData\Local\Temp
TMP=C:\Users\Malene\AppData\Local\Temp
USERDOMAIN=Malene-pc
USERNAME=Malene
USERPROFILE=C:\Users\Malene
windir=C:\Windows
windows_tracing_flags=3
windows_tracing_logfile=C:\BVTBin\Tests\installpackage\csilogfile.log

< MD5 for: EXPLORER.EXE >
[2011/08/10 07:13:40 | 002,616,320 |——| M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746—C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/08/10 07:13:40 | 002,871,808 |——| M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3—C:\Windows\explorer.exe
[2011/08/10 07:13:40 | 002,871,808 |——| M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3—C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/08/10 07:13:40 | 002,871,808 |——| M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48—C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 |——| M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493—C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/08/10 07:13:40 | 002,616,320 |——| M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E—C:\Windows\SysWOW64\explorer.exe
[2011/08/10 07:13:40 | 002,616,320 |——| M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E—C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 |——| M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24—C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: IEXPLORE.EXE >
[2012/05/18 01:21:54 | 000,748,664 |——| M] (Microsoft Corporation) MD5=0129BB16161C2FD9A6B19111AB047198—C:\Windows\SoftwareDistribution\Download\73e9a7ddd6196cb56056e9ee7c90cdc1\inst\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16446_none_1798a687b4d6030f\iexplore.exe
[2012/04/04 15:56:38 | 000,199,240 |——| M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D—C:\Program Files (x86)\Malwarebytes’ Anti-Malware\Chameleon\iexplore.exe
[2012/05/18 00:59:46 | 000,748,664 |——| M] (Microsoft Corporation) MD5=268982F1FD671A077C6A2AF41E351436—C:\Windows\SoftwareDistribution\Download\73e9a7ddd6196cb56056e9ee7c90cdc1\inst\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20551_none_181271f4ce004017\iexplore.exe
[2012/05/18 04:51:05 | 000,754,808 |——| M] (Microsoft Corporation) MD5=4E99F42504A99D5024C2EFA015001937—C:\Windows\SoftwareDistribution\Download\73e9a7ddd6196cb56056e9ee7c90cdc1\inst\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16446_none_0d43fc3580754114\iexplore.exe
[2010/11/21 05:24:43 | 000,695,056 |——| M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1196a9003b674a92\iexplore.exe
[2011/08/10 07:58:41 | 000,748,336 |——| M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639—C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2011/08/10 07:58:41 | 000,748,336 |——| M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_17a944edb4ca4c7a\iexplore.exe
[2010/11/21 05:25:08 | 000,673,040 |——| M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe
[2011/08/10 07:58:40 | 000,754,480 |——| M] (Microsoft Corporation) MD5=F1424C1B9B1813BF825E45DF3790BC8A—C:\Program Files\Internet Explorer\iexplore.exe
[2011/08/10 07:58:40 | 000,754,480 |——| M] (Microsoft Corporation) MD5=F1424C1B9B1813BF825E45DF3790BC8A—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_0d549a9b80698a7f\iexplore.exe
[2012/05/18 03:37:57 | 000,754,808 |——| M] (Microsoft Corporation) MD5=F8B2D47ED17C1D087D14EC747E5AC57A—C:\Windows\SoftwareDistribution\Download\73e9a7ddd6196cb56056e9ee7c90cdc1\inst\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20551_none_0dbdc7a2999f7e1c\iexplore.exe

< MD5 for: SFC.DLL >
[2009/07/14 03:10:22 | 000,002,560 |——| M] (Microsoft Corporation) MD5=40CAEEE0EAF1B8569F7C8DF6420F2CB9—C:\Windows\SysWOW64\sfc.dll
[2009/07/14 03:10:22 | 000,002,560 |——| M] (Microsoft Corporation) MD5=40CAEEE0EAF1B8569F7C8DF6420F2CB9—C:\Windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_a70c196fbd853ae9\sfc.dll
[2009/07/14 03:33:06 | 000,003,072 |——| M] (Microsoft Corporation) MD5=C6DCD1D11ED6827F05C00773C3E7053C—C:\Windows\SysNative\sfc.dll
[2009/07/14 03:33:06 | 000,003,072 |——| M] (Microsoft Corporation) MD5=C6DCD1D11ED6827F05C00773C3E7053C—C:\Windows\sysnative\sfc.dll
[2009/07/14 03:33:06 | 000,003,072 |——| M] (Microsoft Corporation) MD5=C6DCD1D11ED6827F05C00773C3E7053C—C:\Windows\winsxs\amd64_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_032ab4f375e2ac1f\sfc.dll

< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 |——| M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D—C:\Program Files (x86)\Malwarebytes’ Anti-Malware\Chameleon\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 |——| M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866—C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 |——| M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866—C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 |——| M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D—C:\Windows\sysnative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 |——| M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D—C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 |——| M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D—C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/21 05:23:55 | 000,026,624 |——| M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223—C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 |——| M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223—C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 |——| M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53—C:\Windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 |——| M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53—C:\Windows\sysnative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 |——| M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53—C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: VOLSNAP.SYS >
[2010/11/21 05:23:47 | 000,295,808 |——| M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639—C:\Windows\sysnative\drivers\volsnap.sys
[2010/11/21 05:23:47 | 000,295,808 |——| M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639—C:\Windows\SysNative\drivers\volsnap.sys
[2010/11/21 05:23:47 | 000,295,808 |——| M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639—C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys
[2010/11/21 05:23:47 | 000,295,808 |——| M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639—C:\Windows\sysnative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys
[2010/11/21 05:23:47 | 000,295,808 |——| M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639—C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys

< MD5 for: WININIT.EXE >
[2009/07/14 03:39:52 | 000,129,024 |——| M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA—C:\Windows\sysnative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 |——| M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA—C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 |——| M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA—C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 |——| M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665—C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 |——| M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665—C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 |——| M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D—C:\Program Files (x86)\Malwarebytes’ Anti-Malware\Chameleon\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 |——| M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457—C:\Windows\sysnative\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 |——| M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457—C:\Windows\SysNative\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 |——| M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457—C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< %SYSTEMDRIVE%\*.* >
[2010/11/21 05:23:51 | 000,383,786 | RHS- | M] ()—C:\bootmgr
[2012/06/30 22:44:51 | 2902,646,784 | -HS- | M] ()—C:\hiberfil.sys
[2012/06/30 22:44:50 | 3870,195,712 | -HS- | M] ()—C:\pagefile.sys

< %SYSTEMDRIVE%\*. >
[2012/04/05 13:21:01 | 000,000,000 | -H-D | M]—C:\$AVG
[2012/03/25 15:05:51 | 000,000,000 | -HSD | M]—C:\$Recycle.Bin
[2012/06/25 05:58:28 | 000,000,000 |—-D | M]—C:\59cbc5a0fdf09ae809ff
[2011/08/10 09:48:19 | 000,000,000 | -HSD | M]—C:\boot
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M]—C:\Documents and Settings
[2011/09/23 00:10:40 | 000,000,000 | -H-D | M]—C:\HP
[2012/03/27 20:46:08 | 000,000,000 | RH-D | M]—C:\MSOCache
[2009/07/14 05:20:08 | 000,000,000 |—-D | M]—C:\PerfLogs
[2012/05/04 20:05:50 | 000,000,000 | R—D | M]—C:\Program Files
[2012/06/26 15:30:18 | 000,000,000 | R—D | M]—C:\Program Files (x86)
[2012/06/26 15:30:19 | 000,000,000 | -H-D | M]—C:\ProgramData
[2011/12/24 01:26:18 | 000,000,000 | -HSD | M]—C:\Recovery
[2012/05/06 22:31:42 | 000,000,000 |—-D | M]—C:\SWSetup
[2012/06/30 22:31:34 | 000,000,000 | -HSD | M]—C:\System Volume Information
[2011/12/24 01:26:25 | 000,000,000 | -H-D | M]—C:\SYSTEM.SAV
[2011/12/24 01:25:09 | 000,000,000 | R—D | M]—C:\Users
[2012/06/25 05:59:08 | 000,000,000 |—-D | M]—C:\Windows

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: “C:\Users\Malene\AppData\Local\Google\Chrome\Application\chrome.exe”—show-icons [2012/05/23 03:56:51 | 001,240,088 |——| M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: “C:\Users\Malene\AppData\Local\Google\Chrome\Application\chrome.exe”—hide-icons [2012/05/23 03:56:51 | 001,240,088 |——| M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: “C:\Users\Malene\AppData\Local\Google\Chrome\Application\chrome.exe”—make-default-browser [2012/05/23 03:56:51 | 001,240,088 |——| M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: “C:\Users\Malene\AppData\Local\Google\Chrome\Application\chrome.exe” [2012/05/23 03:56:51 | 001,240,088 |——| M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: “C:\Windows\System32\ie4uinit.exe” -show [2011/08/10 07:58:40 | 000,074,240 |——| M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: “C:\Windows\System32\ie4uinit.exe” -reinstall [2011/08/10 07:58:40 | 000,074,240 |——| M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: “C:\Windows\System32\ie4uinit.exe” -hide [2011/08/10 07:58:40 | 000,074,240 |——| M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: “C:\Program Files (x86)\Internet Explorer\iexplore.exe” -extoff [2011/08/10 07:58:41 | 000,748,336 |——| M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/08/10 07:58:41 | 000,748,336 |——| M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_

OTL Extras logfile created on: 7/1/2012 2:16:40 PM - Run 1
OTL by OldTimer - Version 3.2.53.0   Folder = C:\Users\Malene\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

3.60 Gb Total Physical Memory | 2.98 Gb Available Physical Memory | 82.72% Memory free
7.21 Gb Paging File | 6.66 Gb Available in Paging File | 92.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443.77 Gb Total Space | 397.83 Gb Free Space | 89.65% Space Free | Partition Type: NTFS
Drive D: | 17.83 Gb Total Space | 1.88 Gb Free Space | 10.56% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.08 Gb Free Space | 27.37% Space Free | Partition Type: FAT32

Computer Name: MALENE-PC | User Name: Malene | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut]—C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile]—C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open]—“%1” %*
cmdfile [open]—“%1” %*
comfile [open]—“%1” %*
exefile [open]—“%1” %*
helpfile [open]—Reg Error: Key error.
htmlfile [edit]—Reg Error: Key error.
htmlfile [print]—rundll32.exe %windir%\system32\mshtml.dll,PrintHTML “%1”
inffile [install]—%SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation)
InternetShortcut [open]—“C:\Windows\System32\rundll32.exe” “C:\Windows\System32\ieframe.dll”,OpenURL %l (Microsoft Corporation)
InternetShortcut [print]—“C:\Windows\System32\rundll32.exe” “C:\Windows\System32\mshtml.dll”,PrintHTML “%1” (Microsoft Corporation)
piffile [open]—“%1” %*
regfile [merge]—Reg Error: Key error.
scrfile [config]—“%1”
scrfile [install]—rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open]—“%1” /S
txtfile [edit]—Reg Error: Key error.
Unknown [openas]—%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC]—“C:\Program Files (x86)\VideoLAN\VLC\vlc.exe”—started-from-file—playlist-enqueue “%1” ()
Directory [cmd]—cmd.exe /s /k pushd “%V” (Microsoft Corporation)
Directory [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC]—“C:\Program Files (x86)\VideoLAN\VLC\vlc.exe”—started-from-file—no-playlist-enqueue “%1” ()
Folder [open]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore]—Reg Error: Value error.
Drive [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open]—“%1” %*
cmdfile [open]—“%1” %*
comfile [open]—“%1” %*
cplfile [cplopen]—%SystemRoot%\System32\control.exe “%1”,%* (Microsoft Corporation)
exefile [open]—“%1” %*
helpfile [open]—Reg Error: Key error.
htmlfile [edit]—Reg Error: Key error.
htmlfile [print]—rundll32.exe %windir%\system32\mshtml.dll,PrintHTML “%1”
inffile [install]—%SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation)
piffile [open]—“%1” %*
regfile [merge]—Reg Error: Key error.
scrfile [config]—“%1”
scrfile [install]—rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open]—“%1” /S
txtfile [edit]—Reg Error: Key error.
Unknown [openas]—%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC]—“C:\Program Files (x86)\VideoLAN\VLC\vlc.exe”—started-from-file—playlist-enqueue “%1” ()
Directory [cmd]—cmd.exe /s /k pushd “%V” (Microsoft Corporation)
Directory [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC]—“C:\Program Files (x86)\VideoLAN\VLC\vlc.exe”—started-from-file—no-playlist-enqueue “%1” ()
Folder [open]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore]—Reg Error: Value error.
Drive [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
“cval” = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
“VistaSp1” = 28 4D B2 76 41 04 CA 01 [binary data]
“AntiVirusOverride” = 0
“AntiSpywareOverride” = 0
“FirewallOverride” = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
“EnableFirewall” = 0
“DisableNotifications” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
“EnableFirewall” = 0
“DisableNotifications” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
“EnableFirewall” = 0
“DisableNotifications” = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“{041318EE-FF76-4375-8973-3B1D4D0F774F}” = rport=445 | protocol=6 | dir=out | app=system |
“{1B9BC96D-4CEF-4A3F-984D-5CAC0A0FF0DD}” = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
“{24837D54-9C5C-43DF-8F3A-5ACC4BED157A}” = lport=138 | protocol=17 | dir=in | app=system |
“{2DE43111-3395-42A0-A2C9-951FBFAE5557}” = lport=445 | protocol=6 | dir=in | app=system |
“{2EFCC0D7-734C-449E-8E22-601B0A3428D9}” = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
“{3D85B482-C861-4BC1-A875-85D226C61CEB}” = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
“{41D413D6-A721-4475-9DF3-14479FB42C85}” = rport=138 | protocol=17 | dir=out | app=system |
“{649AF76F-B291-4FF6-AC2E-203BFE483C2E}” = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
“{698FF842-1511-4DA4-B753-A8F73C32C0AE}” = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{6E786295-A382-4227-AAAE-9E4D63194997}” = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
“{7BE65250-7A13-49F3-94FB-4D58A00E25AB}” = rport=10243 | protocol=6 | dir=out | app=system |
“{7D5F7944-B0B9-46AB-BAF6-277D30B11DF7}” = lport=137 | protocol=17 | dir=in | app=system |
“{7F01267D-FB2B-4267-A17B-51C18F6D3ABF}” = lport=2869 | protocol=6 | dir=in | app=system |
“{82EC6C9B-C6B7-48B9-89EE-E5678963ADFB}” = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
“{897A8891-2810-4EDF-AAA9-E619B793F14E}” = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
“{91F762A4-A130-4A86-A78E-1BE5371B4F9C}” = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{BA0F9C90-704D-4727-A7EA-C12078FD2E41}” = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{BD73EB16-4B9C-4817-8EBE-D3AF54375197}” = lport=139 | protocol=6 | dir=in | app=system |
“{C2113012-C0D8-4418-A801-5AC5D98B360A}” = lport=10243 | protocol=6 | dir=in | app=system |
“{C34F6D42-E326-417F-B46D-511334B1F344}” = rport=137 | protocol=17 | dir=out | app=system |
“{D673D7A4-9FBD-4FF4-B2C7-E6D43B5438E8}” = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{F09F003A-446A-4C4A-92AF-645B412F0F67}” = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
“{FFAE945D-F0F9-47B5-8CD9-C03E681FB3A7}” = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“{056CAD7E-6059-4037-8DC5-A49C49FC194B}” = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
“{08A19724-98B3-4E42-9A20-F713A824E5B4}” = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
“{096D04A1-D35C-46F4-A9F0-F30CB830192D}” = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{0FF0C813-110E-4221-9D13-67275B5C6BC1}” = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
“{1067D522-EE2A-4FE2-8D9F-390E7EB0F4F8}” = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
“{208B2975-9F82-499B-87A0-E535162ACA74}” = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
“{29429AA0-4346-441E-9EE2-6FBB79CEB047}” = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
“{2B30E655-0BC5-4CDB-B7B7-F3326E2976D8}” = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
“{2DA32FBB-AE98-4AD5-8BAA-3495DB514D94}” = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
“{362DE5CB-2F64-40E2-88ED-C1B10BA56FDA}” = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{398F17F3-2089-42C5-8B1B-BCF8641AF208}” = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
“{3ABC88B1-1700-4522-A643-7C2EB706550B}” = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
“{521A9A7F-0107-4DAA-BF46-E4AFD9C043C3}” = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
“{5D2D34BB-AE5B-48F9-9C1D-9F361EDB4B73}” = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
“{62B34203-2A01-4375-87DD-D98838DD2F7F}” = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
“{6C1F9F6A-A0ED-4FEC-A4E7-6E063E2A65DC}” = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
“{6E1F6C6D-2FE6-4968-AB0E-ED97DF84B574}” = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
“{796D2945-6B57-4595-AA79-4826F35CD87B}” = dir=in | app=c:\windows\system32\ezsharedsvchost.exe |
“{85E54D40-CFD6-46F2-9FEA-5DE340433E62}” = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
“{87B41898-A262-441F-A36E-7570E8BDC3A9}” = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
“{94DCB958-DED7-41AC-B7EE-1B2927BFBDF3}” = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
“{9D032353-721F-401B-B911-A4E1E5A89D4E}” = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
“{ABF974D6-BE30-4BD6-A8E6-BAE80F87C1FC}” = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
“{BE05DA59-E446-409F-844F-4D8D2D8F327A}” = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
“{C78A1DF1-23EF-4551-A260-52D4093AEF2E}” = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
“{C7AD8033-370B-451B-B06A-26D547BE9C74}” = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
“{CBBFA4EF-0CE8-4CBA-849D-2C0F81D080B6}” = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
“{CFBB3D88-79A6-4D6D-81E7-75B1A0734BE8}” = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
“{D2F7F7D9-4483-4298-9AE9-FAC47C585F3A}” = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
“{D3B8583F-AD09-421F-8BBB-751DEC1D2B4B}” = protocol=6 | dir=out | app=system |
“{DA450384-7585-44BF-BAB7-D40CD024AC50}” = dir=in | app=c:\program files (x86)\easybits for kids\ezdesktop.exe |
“{DD78B74C-CE4C-425C-9538-60A482AF4B2E}” = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
“{E54C3CC2-4EA9-45CF-8D97-740E42A598C1}” = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{EE3AA4A4-1406-47F3-94C3-C3708E84C97B}” = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
“{EF0966B3-BFCC-497E-A625-A2DFD5B3AFDE}” = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
“{F1002B10-E632-4F57-885A-93A2B24DDE46}” = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{F7A52B88-646D-4C02-86CD-350026104CE8}” = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
“{FFFE9A29-23F0-4B7E-A96E-10321E4A99B5}” = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
“TCP Query User{4A30A0B7-E491-4FB3-9553-7DB5A5DE005B}C:\users\malene\appdata\roaming\spotify\spotify.exe” = protocol=6 | dir=in | app=c:\users\malene\appdata\roaming\spotify\spotify.exe |
“TCP Query User{8A20C83D-172C-4EEB-80E1-07CA0A3BCFCE}C:\users\malene\appdata\roaming\spotify\spotify.exe” = protocol=6 | dir=in | app=c:\users\malene\appdata\roaming\spotify\spotify.exe |
“UDP Query User{076D18AB-3057-47F1-BB4C-1841C763C2EE}C:\users\malene\appdata\roaming\spotify\spotify.exe” = protocol=17 | dir=in | app=c:\users\malene\appdata\roaming\spotify\spotify.exe |
“UDP Query User{F331198C-0DF0-4EF7-A829-B5C129D17E01}C:\users\malene\appdata\roaming\spotify\spotify.exe” = protocol=17 | dir=in | app=c:\users\malene\appdata\roaming\spotify\spotify.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“{1685AE50-97ED-485B-80F6-145071EE14B0}” = Windows Live Remote Service Resources
“{1B8ABA62-74F0-47ED-B18C-A43128E591B8}” = Windows Live ID Sign-in Assistant
“{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}” = HP Client Services
“{2C1A6191-9804-4FDC-AB01-6F9183C91A13}” = Windows Live Remote Client Resources
“{2CDD9D22-AD67-4588-93AD-147C979F6E7C}” = AVG 2012
“{48C46F0E-7B86-AC31-ACFC-2B40F1C90ACE}” = ccc-utility64
“{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}” = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
“{4C2E49C0-9276-4324-841D-774CCCE5DB48}” = Windows Live Remote Client Resources
“{503F672D-6C84-448A-8F8F-4BC35AC83441}” = AMD APP SDK Runtime
“{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}” = Windows Live Remote Service Resources
“{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}” = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
“{6153098B-60DB-6A9F-EA0F-B006A96B57D5}” = ATI Catalyst Install Manager
“{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}” = Windows Live Remote Service Resources
“{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}” = Bonjour
“{7AEC844D-448A-455E-A34E-E1032196BBCD}” = Windows Live Remote Service Resources
“{8220EEFE-38CD-377E-8595-13398D740ACE}” = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
“{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}” = Windows Live Remote Client Resources
“{850B8072-2EA7-4EDC-B930-7FE569495E76}” = Windows Live Remote Client Resources
“{90140000-006D-0406-1000-0000000FF1CE}” = Microsoft Office Klik og kør 2010
“{95120000-00B9-0409-1000-0000000FF1CE}” = Microsoft Application Error Reporting
“{9CAB2212-0732-4827-8EC4-61D8EF0AA65B}” = HP Launch Box
“{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}” = Windows Live Remote Client Resources
“{AADE02D5-DCBF-04C3-CD05-ABA83D28BC4A}” = AMD Fuel
“{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}” = Apple Mobile Device Support
“{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}” = HP Auto
“{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}” = SUPERAntiSpyware
“{CF8FFD12-602B-422D-AF1D-511B411E7632}” = iTunes
“{D050583D-5CEC-47B1-88AA-8B328CAA8621}” = AVG 2012
“{D07A61E5-A59C-433C-BCBD-22025FA2287B}” = Windows Live Language Selector
“{DA54F80E-261C-41A2-A855-549A144F2F59}” = Windows Live MIME IFilter
“{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}” = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
“{DBA2849B-6C95-9FD2-7ACC-BF456F1958AA}” = AMD Media Foundation Decoders
“{DF6D988A-EEA0-4277-AAB8-158E086E439B}” = Windows Live Remote Client
“{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}” = Windows Live Remote Service
“{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}” = Microsoft .NET Framework 4 Client Profile
“{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}” = Windows Live Remote Service Resources
“{F83E9BF0-B8D8-3D68-9E07-7505290C2202}” = Microsoft .NET Framework 4 Client Profile DAN Language Pack
“AVG” = AVG 2012
“Microsoft .NET Framework 4 Client Profile” = Microsoft .NET Framework 4 Client Profile
“Microsoft .NET Framework 4 Client Profile DAN Language Pack” = Microsoft .NET Framework 4 Client Profile DAN sprogpakke
“SynTPDeinstKey” = Synaptics TouchPad Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“{00884F14-05BD-4D8E-90E5-1ABF78948CA4}” = Windows Live Mesh
“{00A42832-B21A-4296-B5F4-D296D0BC4A3E}” = HP Quick Launch
“{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}” = Windows Live Messenger
“{01FB4998-33C4-4431-85ED-079E3EEFE75D}” = CyberLink YouCam
“{07FA4960-B038-49EB-891B-9F95930AA544}” = HP Customer Experience Enhancements
“{09B7C7EB-3140-4B5E-842F-9C79A7137139}” = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
“{0B0F231F-CE6A-483D-AA23-77B364F75917}” = Windows Live Installer
“{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}” = Windows Liven sähköposti
“{10186F1A-6A14-43DF-A404-F0105D09BB07}” = Windows Live Mail
“{110668B7-54C6-47C9-BAC4-1CE77F156AF5}” = Windows Live Mesh
“{11417707-1F72-4279-95A3-01E0B898BBF5}” = Windows Live Mesh
“{133D9D67-D475-4407-AC3C-D558087B2453}” = Windows Live Movie Maker
“{15412249-0AFA-D2A1-E7E2-E57AE1A96781}” = CCC Help Swedish
“{19BA08F7-C728-469C-8A35-BFBD3633BE08}” = Windows Live Movie Maker
“{19EAB36E-A979-0870-F58F-6F4F34017D29}” = CCC Help Chinese Traditional
“{1A72337E-D126-4BAF-AC89-E6122DB71866}” = Windows Liven valokuvavalikoima
“{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}” = Bing Bar
“{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
“{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}” = Junk Mail filter update
“{200FEC62-3C34-4D60-9CE8-EC372E01C08F}” = Windows Live SOXE Definitions
“{2070F457-B044-FCEE-B6DA-CB2C12CD76A5}” = CCC Help German
“{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}” = Windows Live UX Platform Language Pack
“{224CA902-F494-FD2A-4211-771454ED464B}” = CCC Help English
“{24DF33E0-F924-4D0D-9B96-11F28F0D602D}” = Windows Live UX Platform Language Pack
“{252FC4D1-4056-7237-6B19-4C66D0CF45A9}” = CCC Help Dutch
“{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}” = Windows Live Writer
“{26A24AE4-039D-4CA4-87B4-2F83216031FF}” = Java(TM) 6 Update 31
“{28B9D2D8-4304-483F-AD71-51890A063A74}” = Windows Live Photo Common
“{2902F983-B4C1-44BA-B85D-5C6D52E2C441}” = Windows Live Mesh ActiveX Control for Remote Connections
“{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}” = Windows Live Writer Resources
“{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App” = Update Installer for WildTangent Games App
“{3336F667-9049-4D46-98B6-4C743EEBC5B1}” = Windows Live Photo Gallery
“{34F4D9A4-42C2-4348-BEF4-E553C84549E7}” = Windows Live Photo Gallery
“{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}” = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
“{39BDD209-5704-480C-9F4A-B69D0370DDBB}” = Windows Live Messenger
“{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}” = Windows Live Mesh
“{3BE2E4AA-C164-FEB5-6C82-BBBC90C88915}” = CCC Help Hungarian
“{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}” = Windows Live Photo Gallery
“{44D822AA-DA6D-1915-4B64-60D06AE613CE}” = CCC Help Danish
“{4A03706F-666A-4037-7777-5F2748764D10}” = Java Auto Updater
“{4A04DB63-8F81-4EF4-9D09-61A2057EF419}” = Windows Live Essentials
“{4A917E5E-2567-C01E-7F41-AF09DAE523A1}” = AMD VISION Engine Control Center
“{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}” = Windows Live Meshin etäyhteyksien ActiveX-komponentti
“{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1” = AVG PC Tuneup
“{5036764A-435D-40C9-869C-31085A3D741D}” = HP Setup
“{5377D0E6-0B77-5C94-A3F8-2A7C0E5791A1}” = CCC Help French
“{57220148-3B2B-412A-A2E0-82B9DF423696}” = Windows Live Mesh ActiveX-objekt til fjernforbindelser
“{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}” = Windows Live UX Platform Language Pack
“{5C2F5C1B-9732-4F81-8FBF-6711627DC508}” = Windows Live Fotogalleri
“{5FE625A7-E8D6-2E41-4693-F6AC6310C467}” = CCC Help Polish
“{682B3E4F-696A-42DE-A41C-4C07EA1678B4}” = Windows Live SOXE
“{68A55875-B6DD-41E8-8CF6-F193D9C47051}” = HP Documentation
“{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}” = Windows Live Writer Resources
“{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}” = Windows Live Movie Maker
“{6F076041-F337-5F67-75E7-6C1324D43EC6}” = CCC Help Japanese
“{6F340107-F9AA-47C6-B54C-C3A19F11553F}” = Hewlett-Packard ACLM.NET v1.1.1.0
“{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp” = WildTangent Games App (HP Games)
“{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames” = WildTangent Games App
“{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}” = Microsoft Visual C++ 2005 Redistributable
“{734104DE-C2BF-412F-BB97-FCCE1EC94229}” = Windows Live Writer Resources
“{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}” = Apple Software Update
“{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}” = Windows Live Photo Common
“{7F6021AE-E688-4D03-843A-C2260482BA0D}” = Windows Live Messenger
“{7FA82763-D04B-A656-159B-BD8847176377}” = CCC Help Russian
“{80956555-A512-4190-9CAD-B000C36D6B6B}” = Windows Live Messenger
“{827D3E4A-0186-48B7-9801-7D1E9DD40C07}” = Windows Live Essentials
“{83C292B7-38A5-440B-A731-07070E81A64F}” = Windows Live PIMT Platform
“{872B1C80-38EC-4A31-A25C-980820593900}” = HP Power Manager
“{8833FFB6-5B0C-4764-81AA-06DFEED9A476}” = Realtek Ethernet Controller Driver
“{885F1BCD-C344-4758-85BD-09640CF449A5}” = Windows Live Photo Gallery
“{8909CFA8-97BF-4077-AC0F-6925243FFE08}” = Windows Liven asennustyökalu
“{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}” = Microsoft Silverlight
“{8B52057C-15DB-433E-957C-E279BC7D07E3}” = HP QuickWeb
“{8C6D6116-B724-4810-8F2D-D047E6B7D68E}” = Mesh Runtime
“{8CF5D47D-27B7-49D6-A14F-10550B92749D}” = Windows Live UX Platform Language Pack
“{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}” = MSVCRT
“{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}” = Ralink RT5390 802.11b/g/n WiFi Adapter
“{90140011-0066-0406-0000-0000000FF1CE}” = Microsoft Office Starter 2010 - dansk
“{924B4D82-1B97-48EB-8F1E-55C4353C22DB}” = Windows Live Mail
“{92EA4134-10D1-418A-91E1-5A0453131A38}” = Windows Live Movie Maker
“{95140000-0070-0000-0000-0000000FF1CE}” = Microsoft Office 2010
“{955CB8C1-F5F9-B649-FC65-FD65F9EC0459}” = CCC Help Korean
“{97E33108-2206-087B-9399-29F5201AAC98}” = CCC Help Portuguese
“{9B3CC933-5EF7-A868-7B74-1A227394566E}” = CCC Help Finnish
“{9BE518E6-ECC6-35A9-88E4-87755C07200F}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
“{9D56775A-93F3-44A3-8092-840E3826DE30}” = Windows Live Mail
“{A0C91188-C88F-4E86-93E6-CD7C9A266649}” = Windows Live Mesh
“{A1ACD45F-0D8E-0566-0EC0-530CDCD7E8F4}” = Catalyst Control Center Graphics Previews Common
“{A3D1D38D-9C85-7BEB-5AC8-EC2D90E2882A}” = CCC Help Czech
“{A440179F-D169-B9DA-B478-6CE97FDB3D4C}” = CCC Help Greek
“{A726AE06-AAA3-43D1-87E3-70F510314F04}” = Windows Live Writer
“{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}” = Windows Live Photo Common
“{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}” = Windows Live Writer
“{AAF454FC-82CA-4F29-AB31-6A109485E76E}” = Windows Live Writer
“{AC76BA86-7AD7-FFFF-7B44-AA0000000001}” = Adobe Reader X MUI
“{AE856388-AFAD-4753-81DF-D96B19D0A17C}” = Compaq Setup Manager
“{B898ABBB-4723-84B5-04C4-32A15F9DBD48}” = CCC Help Chinese Standard
“{B91459FD-63A9-71E3-68F1-82352B0892B3}” = Catalyst Control Center Localization All
“{B976E52C-93A3-5CD1-FF67-658877850EDD}” = CCC Help Italian
“{BEDC570A-C947-D0C8-3014-A1EAA042779D}” = CCC Help Turkish
“{BFD1ABD7-9417-41CB-B1F6-04BE4CB9820D}” = HP Software Framework
“{C1594429-8296-4652-BF54-9DBE4932A44C}” = Realtek PCIE Card Reader
“{C2EE0EA6-826F-63EA-8751-E2F3714DBA40}” = CCC Help Thai
“{C66824E4-CBB3-4851-BB3F-E8CFD6350923}” = Windows Live Mail
“{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}” = HP Support Assistant
“{CD442136-9115-4236-9C14-278F6A9DCB3F}” = Windows Live Movie Maker
“{CD7CB1E6-267A-408F-877D-B532AD2C882E}” = Windows Live Photo Common
“{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}” = Windows Live UX Platform
“{CF671BFE-6BA3-44E7-98C1-500D9C51D947}” = Windows Live Photo Gallery
“{D0B44725-3666-492D-BEF6-587A14BD9BD9}” = MSVCRT_amd64
“{D31169F2-CD71-4337-B783-3E53F29F4CAD}” = Windows Live Mail
“{D436F577-1695-4D2F-8B44-AC76C99E0002}” = Windows Live Photo Common
“{D45240D3-B6B3-4FF9-B243-54ECE3E10066}” = Windows Live Communications Platform
“{D7670221-BF9B-4DFF-B26B-5BE55A87329F}” = HP On Screen Display
“{DA29F644-2420-4448-8128-1331BE588999}” = Windows Live Writer
“{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}” = Windows Live Movie Maker
“{DBCD5E64-7379-4648-9444-8A6558DCB614}” = Recovery Manager
“{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}” = Windows Live Writer
“{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}” = Windows Live Writer Resources
“{DECDCB7C-58CC-4865-91AF-627F9798FE48}” = Windows Live Mesh
“{E09C4DB7-630C-4F06-A631-8EA7239923AF}” = D3DX10
“{E5441D19-417C-8C34-3F31-CCBD563C946E}” = Catalyst Control Center InstallProxy
“{E5DD4723-FE0B-436E-A815-DC23CF902A0B}” = Windows Live UX Platform Language Pack
“{E8524B28-3BBB-4763-AC83-0E83FE31C350}” = Windows Live Writer
“{E96CAA2A-0244-4A2A-8403-0C3C9534778B}” = ESU for Microsoft Windows 7 SP1
“{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}” = Windows Live Writer Resources
“{EA8CC2F2-BC30-141C-92B6-CC870B4B2977}” = CCC Help Spanish
“{EB4DF488-AAEF-406F-A341-CB2AAA315B90}” = Windows Live Messenger
“{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}” = Apple Application Support
“{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}” = Microsoft SQL Server 2005 Compact Edition [ENU]
“{F0F9505B-3ACF-4158-9311-D0285136AA00}” = Windows Live Essentials
“{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}” = Realtek High Definition Audio Driver
“{F30403FF-0146-4633-AAC5-D5CD5C50AE70}” = Catalyst Control Center - Branding
“{F694D1F7-1F12-4550-9B7A-C871273ABAD5}” = Windows Live Messenger
“{F761359C-9CED-45AE-9A51-9D6605CD55C4}” = Evernote v. 4.2.3
“{F8FBF4C7-5ADA-66B1-6509-09E05C257963}” = CCC Help Norwegian
“{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}” = Visual Studio 2008 x64 Redistributables
“{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}” = Windows Live Essentials
“Adobe Flash Player ActiveX” = Adobe Flash Player 10 ActiveX
“Adobe Shockwave Player” = Adobe Shockwave Player 11.5
“EasyBits Magic Desktop” = Magic Desktop
“Free YouTube to MP3 Converter_is1” = Free YouTube to MP3 Converter version 3.11.17.319
“HijackThis” = HijackThis 2.0.2
“InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}” = CyberLink YouCam
“KeyScrambler” = KeyScrambler
“Malwarebytes’ Anti-Malware_is1” = Malwarebytes Anti-Malware version 1.61.0.1400
“Office14.Click2Run” = Microsoft Office Klik og kør 2010
“OnlineArmor_is1” = Online Armor 5.5
“VLC media player” = VLC media player 1.1.11
“WildTangent hp Master Uninstall” = HP Games
“WinLiveSuite” = Windows Live Essentials
“WinRAR archiver” = WinRAR 4.11 (32-bit)
“WTA-0f00e17f-7167-455f-8d56-19f09539758d” = Zuma Deluxe
“WTA-2f19dfd5-8e4d-4b61-b53a-397ec0d7b8b0” = FATE
“WTA-3d7bf64c-3271-40f9-b596-e9f906a3f6ac” = Mah Jong Medley
“WTA-5f6eb3aa-95a0-4cbe-95a9-06e597a3073c” = Chronicles of Albian
“WTA-5ff2e58e-abfd-4947-8a24-c643ce4cf93f” = Mystery of Mortlake Mansion
“WTA-6a013018-1250-43e5-924a-ff2b7c6b335d” = Plants vs. Zombies - Game of the Year
“WTA-7498f1b4-794f-4ddb-8a3f-62f941446320” = Slingo Supreme
“WTA-7c6618ae-7e0d-4c34-8164-e473b4b5053b” = Poker Superstars III
“WTA-8789e2f7-2524-4a61-82db-188702b10ba7” = Farm Frenzy
“WTA-93d9806d-88fd-4668-9118-aa97f5736241” = Polar Bowler
“WTA-a5ae61da-7016-4c0e-b412-371686167f79” = Polar Golfer
“WTA-a9725563-757e-420e-b7c6-c89d3bd706cd” = Blasterball 3
“WTA-b95f6e91-d827-4502-99a3-c967f107abec” = Governor of Poker 2 Premium Edition
“WTA-be512f73-eb46-4a35-9236-6e4633521755” = Namco All-Stars: PAC-MAN
“WTA-c6276ab0-2f4b-4bc4-ba50-09bd991ca2d0” = Agatha Christie - Peril at End House
“WTA-c74daff5-1912-4e53-9dbf-ddbf99848417” = Jewel Quest: The Sleepless Star - Collector’s Edition
“WTA-d739a570-1829-4013-ad91-334e35a69449” = Bounce Symphony
“WTA-d74ae78a-5e83-4f88-afe4-f28cf6b4b2f7” = Cradle of Rome 2
“WTA-d8ee110d-5802-4bd2-82c7-6b3408fbc47f” = Final Drive: Nitro
“WTA-d9045b85-8118-4022-851d-db64e4908ac0” = Virtual Villagers 5 - New Believers
“WTA-da314a88-44a0-45e2-8e27-d65647ea6977” = Bejeweled 3
“WTA-dc878b5e-fadc-4f2d-aa43-1c58fcfb7e33” = Vacation Quest - The Hawaiian Islands
“WTA-dcac4f4b-d369-4654-9e13-440507bb1c15” = Chuzzle Deluxe
“WTA-e6d719a0-e34b-4650-869c-4ac21cdac663” = Cake Mania
“WTA-f12c4b2e-db6d-41e0-8d72-3987fd1477c6” = Penguins!
“WTA-f6da2deb-f7ed-487b-88d0-7d53bc0f7416” = Blackhawk Striker 2

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“Google Chrome” = Google Chrome
“Spotify” = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/15/2012 12:29:22 PM | Computer Name = Malene-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 5/15/2012 12:29:22 PM | Computer Name = Malene-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2713013

Error - 5/15/2012 12:29:22 PM | Computer Name = Malene-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2713013

Error - 5/15/2012 12:29:24 PM | Computer Name = Malene-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 5/15/2012 12:29:24 PM | Computer Name = Malene-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2714714

Error - 5/15/2012 12:29:24 PM | Computer Name = Malene-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2714714

Error - 5/15/2012 12:35:33 PM | Computer Name = Malene-pc | Source = CVHSVC | ID = 100
Description = Kun oplysninger.  (Patch task for {90140011-0066-0406-0000-0000000FF1CE}):
DownloadLatest Failed:

Error - 5/15/2012 6:16:48 PM | Computer Name = Malene-pc | Source = WinMgmt | ID = 10
Description =

Error - 5/15/2012 6:42:12 PM | Computer Name = Malene-pc | Source = Application Error | ID = 1000
Description = Navn på program med fejl: iexplore.exe, version: 9.0.8112.16421, tidsstempel:
0x4d76255d Navn på modul med fejl: msvcrt.dll, version: 7.0.7601.17744, tidsstempel:
0x4eeaf722 Undtagelseskode: 0xc0000005 Forskydning med fejl 0x00009b60 Proces-id 0x1b4c
Programmets
starttidspunkt 0x01cd32ebf03d9f7b Programsti: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Modulsti:
C:\Windows\syswow64\msvcrt.dll Rapport-id: 35bc5dc1-9edf-11e1-84e7-441ea1c5d87d

Error - 5/15/2012 7:54:27 PM | Computer Name = Malene-pc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

[ Hewlett-Packard Events ]
Error - 3/18/2012 2:56:10 PM | Computer Name = Malene-pc | Source = HPSF.exe | ID = 4000
Description =

Error - 3/18/2012 3:45:46 PM | Computer Name = Malene-pc | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088   ved HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category)    ved HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

  ved HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan)  Message: Failed to perform update.  StackTrace:  ved HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category)    ved HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

  ved HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan)  Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Objektet ‘/51ade539_b01f_454d_83b9_5316d06802b2/tdcqpo15f_u1n+raojigwhgg_5.rem’
er blevet afbrudt eller findes ikke på serveren.  Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
da-DK RAM: 3690 Ram Utilization: 40 TargetSite: Void UpdateDetail(System.String) 

Error - 3/18/2012 3:47:00 PM | Computer Name = Malene-pc | Source = HPSF.exe | ID = 4000
Description =

Error - 3/18/2012 3:47:00 PM | Computer Name = Malene-pc | Source = HPSF.exe | ID = 4000
Description =

Error - 4/5/2012 6:35:39 AM | Computer Name = Malene-pc | Source = HPSF.exe | ID = 4000
Description =

Error - 4/5/2012 6:45:25 AM | Computer Name = Malene-pc | Source = HPSF.exe | ID = 4000
Description =

Error - 4/5/2012 6:45:55 AM | Computer Name = Malene-pc | Source = HPSF.exe | ID = 4000
Description =

Error - 5/6/2012 11:27:30 AM | Computer Name = Malene-pc | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088   ved HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category)    ved HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

  ved HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan)  Message: Failed to perform update.  StackTrace:  ved HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category)    ved HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

  ved HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan)  Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Adgang til stien ‘C:\Windows\TEMP/ACLM/HP.ActiveCheckLocalMode.UpdateEngine.UpdateManager_9e98ea05-9a19-40bf-ae66-3a4112694391\HP.ActiveCheckLocalMode.SessionManager.dll’
blev nægtet.  Name: hpsa_service.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\hpsa_service.exe Format: da-DK RAM: 3690 Ram Utilization: 60 TargetSite:
Void UpdateDetail(System.String) 

Error - 5/6/2012 4:25:18 PM | Computer Name = Malene-pc | Source = HPSF.exe | ID = 4000
Description =

Error - 5/6/2012 4:26:41 PM | Computer Name = Malene-pc | Source = HPSF.exe | ID = 4000
Description =

[ System Events ]
Error - 5/9/2012 10:29:32 AM | Computer Name = Malene-pc | Source = Schannel | ID = 36874
Description = Der blev modtaget en anmodning om SSL 3.0-forbindelse fra et eksternt
klientprogram, men ingen af krypteringsprogrammerne, som understøttes af klientprogrammet,
understøttes af serveren. Anmodningen om SSL-forbindelse mislykkedes.

Error - 5/9/2012 10:29:32 AM | Computer Name = Malene-pc | Source = Schannel | ID = 36888
Description = Der blev genereret følgende alvorlige fejl: 40. Den interne fejltilstand
er 107.

Error - 5/9/2012 10:29:32 AM | Computer Name = Malene-pc | Source = Schannel | ID = 36874
Description = Der blev modtaget en anmodning om SSL 3.0-forbindelse fra et eksternt
klientprogram, men ingen af krypteringsprogrammerne, som understøttes af klientprogrammet,
understøttes af serveren. Anmodningen om SSL-forbindelse mislykkedes.

Error - 5/9/2012 10:29:32 AM | Computer Name = Malene-pc | Source = Schannel | ID = 36888
Description = Der blev genereret følgende alvorlige fejl: 40. Den interne fejltilstand
er 107.

Error - 5/9/2012 10:29:32 AM | Computer Name = Malene-pc | Source = Schannel | ID = 36874
Description = Der blev modtaget en anmodning om SSL 3.0-forbindelse fra et eksternt
klientprogram, men ingen af krypteringsprogrammerne, som understøttes af klientprogrammet,
understøttes af serveren. Anmodningen om SSL-forbindelse mislykkedes.

Error - 5/9/2012 10:29:32 AM | Computer Name = Malene-pc | Source = Schannel | ID = 36888
Description = Der blev genereret følgende alvorlige fejl: 40. Den interne fejltilstand
er 107.

Error - 5/9/2012 10:29:32 AM | Computer Name = Malene-pc | Source = Schannel | ID = 36874
Description = Der blev modtaget en anmodning om SSL 3.0-forbindelse fra et eksternt
klientprogram, men ingen af krypteringsprogrammerne, som understøttes af klientprogrammet,
understøttes af serveren. Anmodningen om SSL-forbindelse mislykkedes.

Error - 5/9/2012 10:29:32 AM | Computer Name = Malene-pc | Source = Schannel | ID = 36888
Description = Der blev genereret følgende alvorlige fejl: 40. Den interne fejltilstand
er 107.

Error - 5/9/2012 10:30:33 AM | Computer Name = Malene-pc | Source = Schannel | ID = 36874
Description = Der blev modtaget en anmodning om SSL 3.0-forbindelse fra et eksternt
klientprogram, men ingen af krypteringsprogrammerne, som understøttes af klientprogrammet,
understøttes af serveren. Anmodningen om SSL-forbindelse mislykkedes.

Error - 5/9/2012 10:30:33 AM | Computer Name = Malene-pc | Source = Schannel | ID = 36888
Description = Der blev genereret følgende alvorlige fejl: 40. Den interne fejltilstand
er 107.


< End of report >

•  Start OTL
•  Kopier nedenstånde med fed skrift ind i Custom Scan feltet

:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
[2012/06/30 22:49:37 | 000,620,536 |——| M] ()—C:\Windows\SysNative\perfh009.dat
[2012/06/30 22:49:37 | 000,482,964 |——| M] ()—C:\Windows\SysNative\perfh006.dat
[2012/06/30 22:49:37 | 000,110,466 |——| M] ()—C:\Windows\SysNative\perfc009.dat
[2012/06/30 22:49:37 | 000,084,118 |——| M] ()—C:\Windows\SysNative\perfc006.dat
:files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
[CLEARALLRESTOREPOINTS]

•  Klik på  Run Fix - Knappen
•  Hvis OTL spørger om at genstarte, så sig ja.
•  Klik på OK.
•  En log vil åbne, kopier den herind i dit næste svar.
• 
•  Ellers kan den findes her:
•    C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss

Hent Combofix, og gem den på dit skrivebord:
Her

NB -> Deaktiver dit antivirus/antispyware program. Da det/de kan ”forstyrre” og konflikte med combofix, eller fjerne vigtige combofix filer, hvilket kan få computeren til fryse.

Kør så combofix.exe, og følg anvisningerne.

Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.

Når combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt
Indholdet af denne fil må du gerne lægge herind.

Den kan også findes her - > C: combofix txt

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.
File 12/06/30 22:49:37 | 000,620,536 |——| M] ()—C:\Windows\SysNative\perfh009.dat not found.
File 12/06/30 22:49:37 | 000,482,964 |——| M] ()—C:\Windows\SysNative\perfh006.dat not found.
File 12/06/30 22:49:37 | 000,110,466 |——| M] ()—C:\Windows\SysNative\perfc009.dat not found.
File 12/06/30 22:49:37 | 000,084,118 |——| M] ()—C:\Windows\SysNative\perfc006.dat not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP-konfiguration
DNS Resolver Cache blev t›mt.
C:\Users\Malene\Desktop\cmd.bat deleted successfully.
C:\Users\Malene\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Malene
->Temp folder emptied: 772669759 bytes
->Temporary Internet Files folder emptied: 934652294 bytes
->Java cache emptied: 1049075 bytes
->Google Chrome cache emptied: 220105230 bytes
->Flash cache emptied: 21193 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 252275947 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67730 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2,080.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Malene
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Unable to stop System Restore Service. Error code 1084. Restore points not cleared.
Unable to start System Restore Service. Error code 1084. Restore point not created.

OTL by OldTimer - Version 3.2.53.0 log created on 07092012_184542

Har du Combofix til windows 7?

Combofix virker til alle Windows versioner…............

Men jeg får denne fejlmeddelelse hver gang: incompatible OS. ComboFix only works for workstation with Windows 2000 and XP

Lyder underligt, så lad os lige tjekke om der er noget der blokerer for den.

Genstart til fejlsikret til med netværk.

Download filen Tdsskiller.zip fra dette link, pak den ud i en mappe.
http://support.kaspersky.com/downloads/utils/tdsskiller.zip
Kør TDSSKiller.exe > Klik på Start Scan

Hvis en inficeret fil bliver fundet, vil ”Default action” være Cure, klik på Continue
Hvis en mistænkelig fil opdages, vil ”Default action” være Skip, klik på Continue

Hvis den skriver “Reboot the computer to complete the process”. Klik på Reboot Now.
Hvis den ikke spørger om ”Reboot” (genstart) så klik på ”Report”, kopier den tekst herind i tråden.

Hvis den genstarter kan du find logfilen her >
C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt.
Kopier den tekst herind I denne tråd.

00:49:13.0051 2844   TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
00:49:13.0219 2844   ============================================================
00:49:13.0219 2844   Current date / time: 2012/07/21 00:49:13.0219
00:49:13.0219 2844   SystemInfo:
00:49:13.0219 2844  
00:49:13.0219 2844   OS Version: 6.1.7601 ServicePack: 1.0
00:49:13.0219 2844   Product type: Workstation
00:49:13.0219 2844   ComputerName: MALENE-PC
00:49:13.0220 2844   UserName: Malene
00:49:13.0220 2844   Windows directory: C:\Windows
00:49:13.0220 2844   System windows directory: C:\Windows
00:49:13.0220 2844   Running under WOW64
00:49:13.0220 2844   Processor architecture: Intel x64
00:49:13.0220 2844   Number of processors: 2
00:49:13.0220 2844   Page size: 0x1000
00:49:13.0220 2844   Boot type: Safe boot with network
00:49:13.0220 2844   ============================================================
00:49:14.0097 2844   Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘K0’, Flags 0x00000040
00:49:14.0105 2844   ============================================================
00:49:14.0105 2844   \Device\Harddisk0\DR0:
00:49:14.0105 2844   MBR partitions:
00:49:14.0105 2844   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
00:49:14.0105 2844   \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37789800
00:49:14.0105 2844   \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x377ED800, BlocksNum 0x23A8800
00:49:14.0105 2844   \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x39B96000, BlocksNum 0x7EF830
00:49:14.0105 2844   ============================================================
00:49:14.0138 2844   C: <-> \Device\Harddisk0\DR0\Partition1
00:49:14.0321 2844   D: <-> \Device\Harddisk0\DR0\Partition2
00:49:14.0337 2844   E: <-> \Device\Harddisk0\DR0\Partition3
00:49:14.0337 2844   ============================================================
00:49:14.0337 2844   Initialize success
00:49:14.0337 2844   ============================================================
00:49:20.0823 2548   ============================================================
00:49:20.0823 2548   Scan started
00:49:20.0823 2548   Mode: Manual;
00:49:20.0823 2548   ============================================================
00:49:21.0298 2548   !SASCORE     (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
00:49:21.0301 2548   !SASCORE - ok
00:49:21.0614 2548   1394ohci     (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
00:49:21.0619 2548   1394ohci - ok
00:49:21.0754 2548   ACPI         (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
00:49:21.0759 2548   ACPI - ok
00:49:21.0833 2548   AcpiPmi       (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
00:49:21.0835 2548   AcpiPmi - ok
00:49:21.0920 2548   adp94xx       (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
00:49:21.0928 2548   adp94xx - ok
00:49:21.0976 2548   adpahci       (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
00:49:21.0983 2548   adpahci - ok
00:49:22.0031 2548   adpu320       (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
00:49:22.0046 2548   adpu320 - ok
00:49:22.0100 2548   AeLookupSvc   (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
00:49:22.0103 2548   AeLookupSvc - ok
00:49:22.0231 2548   AERTFilters   (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
00:49:22.0235 2548   AERTFilters - ok
00:49:22.0295 2548   AFD         (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
00:49:22.0304 2548   AFD - ok
00:49:22.0355 2548   agp440       (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
00:49:22.0357 2548   agp440 - ok
00:49:22.0411 2548   ALG         (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
00:49:22.0413 2548   ALG - ok
00:49:22.0484 2548   aliide       (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
00:49:22.0486 2548   aliide - ok
00:49:22.0544 2548   AMD External Events Utility (715b02b892c5ba46471efc8dcd2ae934) C:\Windows\system32\atiesrxx.exe
00:49:22.0549 2548   AMD External Events Utility - ok
00:49:22.0596 2548   AMD FUEL Service - ok
00:49:22.0609 2548   amdide       (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
00:49:22.0611 2548   amdide - ok
00:49:22.0632 2548   amdiox64     (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
00:49:22.0633 2548   amdiox64 - ok
00:49:22.0671 2548   AmdK8       (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
00:49:22.0673 2548   AmdK8 - ok
00:49:23.0190 2548   amdkmdag     (7054d5d028b6ca727d0575192d633fa9) C:\Windows\system32\DRIVERS\atikmdag.sys
00:49:23.0413 2548   amdkmdag - ok
00:49:23.0645 2548   amdkmdap     (1cd2bc11467fd5fc7be9827a9f3d8566) C:\Windows\system32\DRIVERS\atikmpag.sys
00:49:23.0653 2548   amdkmdap - ok
00:49:23.0736 2548   AmdPPM       (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
00:49:23.0738 2548   AmdPPM - ok
00:49:23.0839 2548   amdsata       (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
00:49:23.0842 2548   amdsata - ok
00:49:23.0872 2548   amdsbs       (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
00:49:23.0876 2548   amdsbs - ok
00:49:23.0919 2548   amdxata       (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
00:49:23.0921 2548   amdxata - ok
00:49:23.0967 2548   amd_sata     (f9d46b6b322708bd5afcc8767ebdc901) C:\Windows\system32\DRIVERS\amd_sata.sys
00:49:23.0969 2548   amd_sata - ok
00:49:23.0997 2548   amd_xata     (329cc9c7e20deebcd4cd10816193ef14) C:\Windows\system32\DRIVERS\amd_xata.sys
00:49:23.0999 2548   amd_xata - ok
00:49:24.0072 2548   AppID       (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
00:49:24.0075 2548   AppID - ok
00:49:24.0125 2548   AppIDSvc     (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
00:49:24.0127 2548   AppIDSvc - ok
00:49:24.0145 2548   Appinfo       (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
00:49:24.0147 2548   Appinfo - ok
00:49:24.0292 2548   Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:49:24.0296 2548   Apple Mobile Device - ok
00:49:24.0377 2548   arc         (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
00:49:24.0380 2548   arc - ok
00:49:24.0432 2548   arcsas       (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
00:49:24.0435 2548   arcsas - ok
00:49:24.0473 2548   AsyncMac     (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
00:49:24.0475 2548   AsyncMac - ok
00:49:24.0528 2548   atapi       (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
00:49:24.0531 2548   atapi - ok
00:49:24.0633 2548   AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
00:49:24.0655 2548   AudioEndpointBuilder - ok
00:49:24.0677 2548   AudioSrv     (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
00:49:24.0685 2548   AudioSrv - ok
00:49:25.0085 2548   AVGIDSAgent   (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
00:49:25.0151 2548   AVGIDSAgent - ok
00:49:25.0331 2548   AVGIDSDriver   (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
00:49:25.0334 2548   AVGIDSDriver - ok
00:49:25.0347 2548   AVGIDSEH     (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
00:49:25.0349 2548   AVGIDSEH - ok
00:49:25.0359 2548   AVGIDSFilter   (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
00:49:25.0361 2548   AVGIDSFilter - ok
00:49:25.0395 2548   Avgldx64     (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
00:49:25.0401 2548   Avgldx64 - ok
00:49:25.0421 2548   Avgmfx64     (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
00:49:25.0423 2548   Avgmfx64 - ok
00:49:25.0495 2548   Avgrkx64     (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
00:49:25.0498 2548   Avgrkx64 - ok
00:49:25.0541 2548   Avgtdia       (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
00:49:25.0546 2548   Avgtdia - ok
00:49:25.0742 2548   avgwd       (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
00:49:25.0747 2548   avgwd - ok
00:49:25.0808 2548   AxInstSV     (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
00:49:25.0811 2548   AxInstSV - ok
00:49:25.0893 2548   b06bdrv       (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
00:49:25.0902 2548   b06bdrv - ok
00:49:25.0972 2548   b57nd60a     (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
00:49:25.0978 2548   b57nd60a - ok
00:49:26.0033 2548   BBSvc       (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
00:49:26.0038 2548   BBSvc - ok
00:49:26.0124 2548   BCM43XX       (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
00:49:26.0145 2548   BCM43XX - ok
00:49:26.0217 2548   BDESVC       (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
00:49:26.0220 2548   BDESVC - ok
00:49:26.0291 2548   Beep         (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
00:49:26.0292 2548   Beep - ok
00:49:26.0382 2548   BFE         (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
00:49:26.0405 2548   BFE - ok
00:49:26.0496 2548   BITS         (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
00:49:26.0512 2548   BITS - ok
00:49:26.0593 2548   blbdrive     (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
00:49:26.0594 2548   blbdrive - ok
00:49:26.0741 2548   Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
00:49:26.0749 2548   Bonjour Service - ok
00:49:26.0831 2548   bowser       (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
00:49:26.0834 2548   bowser - ok
00:49:26.0881 2548   BrFiltLo     (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
00:49:26.0883 2548   BrFiltLo - ok
00:49:26.0908 2548   BrFiltUp     (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
00:49:26.0910 2548   BrFiltUp - ok
00:49:26.0978 2548   BridgeMP     (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
00:49:26.0981 2548   BridgeMP - ok
00:49:27.0014 2548   Browser       (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
00:49:27.0017 2548   Browser - ok
00:49:27.0059 2548   Brserid       (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
00:49:27.0065 2548   Brserid - ok
00:49:27.0094 2548   BrSerWdm     (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
00:49:27.0096 2548   BrSerWdm - ok
00:49:27.0155 2548   BrUsbMdm     (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
00:49:27.0157 2548   BrUsbMdm - ok
00:49:27.0169 2548   BrUsbSer     (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
00:49:27.0171 2548   BrUsbSer - ok
00:49:27.0208 2548   BTHMODEM     (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
00:49:27.0211 2548   BTHMODEM - ok
00:49:27.0292 2548   bthserv       (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
00:49:27.0295 2548   bthserv - ok
00:49:27.0321 2548   cdfs         (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
00:49:27.0324 2548   cdfs - ok
00:49:27.0384 2548   cdrom       (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
00:49:27.0388 2548   cdrom - ok
00:49:27.0431 2548   CertPropSvc   (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
00:49:27.0434 2548   CertPropSvc - ok
00:49:27.0495 2548   circlass     (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
00:49:27.0497 2548   circlass - ok
00:49:27.0549 2548   CLFS         (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
00:49:27.0557 2548   CLFS - ok
00:49:27.0622 2548   clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:49:27.0626 2548   clr_optimization_v2.0.50727_32 - ok
00:49:27.0683 2548   clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:49:27.0688 2548   clr_optimization_v2.0.50727_64 - ok
00:49:27.0790 2548   clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:49:27.0814 2548   clr_optimization_v4.0.30319_32 - ok
00:49:27.0859 2548   clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:49:27.0865 2548   clr_optimization_v4.0.30319_64 - ok
00:49:27.0911 2548   clwvd       (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
00:49:27.0913 2548   clwvd - ok
00:49:27.0968 2548   CmBatt       (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
00:49:27.0969 2548   CmBatt - ok
00:49:28.0004 2548   cmdide       (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
00:49:28.0006 2548   cmdide - ok
00:49:28.0065 2548   CNG         (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
00:49:28.0074 2548   CNG - ok
00:49:28.0121 2548   Compbatt     (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
00:49:28.0124 2548   Compbatt - ok
00:49:28.0198 2548   CompositeBus   (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
00:49:28.0200 2548   CompositeBus - ok
00:49:28.0237 2548   COMSysApp - ok
00:49:28.0283 2548   crcdisk       (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
00:49:28.0285 2548   crcdisk - ok
00:49:28.0349 2548   CryptSvc     (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
00:49:28.0353 2548   CryptSvc - ok
00:49:28.0512 2548   cvhsvc       (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
00:49:28.0526 2548   cvhsvc - ok
00:49:28.0617 2548   DcomLaunch     (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
00:49:28.0628 2548   DcomLaunch - ok
00:49:28.0683 2548   defragsvc     (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
00:49:28.0689 2548   defragsvc - ok
00:49:28.0758 2548   DfsC         (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
00:49:28.0761 2548   DfsC - ok
00:49:28.0825 2548   Dhcp         (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
00:49:28.0831 2548   Dhcp - ok
00:49:28.0848 2548   discache     (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
00:49:28.0851 2548   discache - ok
00:49:28.0912 2548   Disk         (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
00:49:28.0915 2548   Disk - ok
00:49:28.0989 2548   Dnscache     (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
00:49:28.0993 2548   Dnscache - ok
00:49:29.0046 2548   dot3svc       (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
00:49:29.0051 2548   dot3svc - ok
00:49:29.0066 2548   DPS         (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
00:49:29.0070 2548   DPS - ok
00:49:29.0106 2548   drmkaud       (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
00:49:29.0107 2548   drmkaud - ok
00:49:29.0200 2548   DXGKrnl       (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
00:49:29.0216 2548   DXGKrnl - ok
00:49:29.0240 2548   EapHost       (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
00:49:29.0243 2548   EapHost - ok
00:49:29.0460 2548   ebdrv       (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
00:49:29.0535 2548   ebdrv - ok
00:49:29.0679 2548   EFS         (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
00:49:29.0682 2548   EFS - ok
00:49:29.0816 2548   ehRecvr       (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
00:49:29.0827 2548   ehRecvr - ok
00:49:29.0844 2548   ehSched       (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
00:49:29.0848 2548   ehSched - ok
00:49:29.0927 2548   elxstor       (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
00:49:29.0938 2548   elxstor - ok
00:49:29.0992 2548   ErrDev       (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
00:49:29.0994 2548   ErrDev - ok
00:49:30.0068 2548   EventSystem   (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
00:49:30.0076 2548   EventSystem - ok
00:49:30.0109 2548   exfat       (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
00:49:30.0114 2548   exfat - ok
00:49:30.0138 2548   ezSharedSvc - ok
00:49:30.0170 2548   fastfat       (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
00:49:30.0174 2548   fastfat - ok
00:49:30.0255 2548   Fax         (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
00:49:30.0266 2548   Fax - ok
00:49:30.0317 2548   fdc         (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
00:49:30.0319 2548   fdc - ok
00:49:30.0361 2548   fdPHost       (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
00:49:30.0364 2548   fdPHost - ok
00:49:30.0406 2548   FDResPub     (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
00:49:30.0409 2548   FDResPub - ok
00:49:30.0428 2548   FileInfo     (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
00:49:30.0431 2548   FileInfo - ok
00:49:30.0464 2548   Filetrace     (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
00:49:30.0466 2548   Filetrace - ok
00:49:30.0488 2548   flpydisk     (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
00:49:30.0491 2548   flpydisk - ok
00:49:30.0555 2548   FltMgr       (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
00:49:30.0561 2548   FltMgr - ok
00:49:30.0670 2548   FontCache     (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
00:49:30.0689 2548   FontCache - ok
00:49:30.0739 2548   FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:49:30.0742 2548   FontCache3.0.0.0 - ok
00:49:30.0822 2548   FsDepends     (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
00:49:30.0825 2548   FsDepends - ok
00:49:30.0863 2548   Fs_Rec       (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
00:49:30.0865 2548   Fs_Rec - ok
00:49:30.0920 2548   fvevol       (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
00:49:30.0925 2548   fvevol - ok
00:49:30.0963 2548   gagp30kx     (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
00:49:30.0966 2548   gagp30kx - ok
00:49:31.0107 2548   GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
00:49:31.0112 2548   GamesAppService - ok
00:49:31.0178 2548   GEARAspiWDM   (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:49:31.0179 2548   GEARAspiWDM - ok
00:49:31.0285 2548   gpsvc       (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
00:49:31.0302 2548   gpsvc - ok
00:49:31.0340 2548   hcw85cir     (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
00:49:31.0342 2548   hcw85cir - ok
00:49:31.0422 2548   HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
00:49:31.0429 2548   HdAudAddService - ok
00:49:31.0494 2548   HDAudBus     (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
00:49:31.0497 2548   HDAudBus - ok
00:49:31.0527 2548   HidBatt       (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
00:49:31.0530 2548   HidBatt - ok
00:49:31.0549 2548   HidBth       (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
00:49:31.0552 2548   HidBth - ok
00:49:31.0567 2548   HidIr       (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
00:49:31.0570 2548   HidIr - ok
00:49:31.0627 2548   hidserv       (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
00:49:31.0629 2548   hidserv - ok
00:49:31.0664 2548   HidUsb       (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
00:49:31.0666 2548   HidUsb - ok
00:49:31.0695 2548   hkmsvc       (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
00:49:31.0699 2548   hkmsvc - ok
00:49:31.0720 2548   HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
00:49:31.0726 2548   HomeGroupListener - ok
00:49:31.0782 2548   HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
00:49:31.0788 2548   HomeGroupProvider - ok
00:49:31.0969 2548   HP Support Assistant Service (170233b8d743efe35f462a5d516b93e3) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
00:49:31.0973 2548   HP Support Assistant Service - ok
00:49:32.0086 2548   HPAuto       (7b8c1b09c11e8db7c4480abd7d17e821) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
00:49:32.0101 2548   HPAuto - ok
00:49:32.0162 2548   HPClientSvc   (6a181452d4e240b8ecc7614b9a19bde9) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
00:49:32.0168 2548   HPClientSvc - ok
00:49:32.0264 2548   HPDrvMntSvc.exe (6f4a95d54243572deb7e7439c917f875) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
00:49:32.0268 2548   HPDrvMntSvc.exe - ok
00:49:32.0381 2548   hpqwmiex     (5ec22cec65aa3c2c38327472fd5a27d2) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
00:49:32.0394 2548   hpqwmiex - ok
00:49:32.0556 2548   HpSAMD       (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
00:49:32.0559 2548   HpSAMD - ok
00:49:32.0647 2548   HPWMISVC     (77c15d7e8f002a173eebff0b20cd697d) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
00:49:32.0649 2548   HPWMISVC - ok
00:49:32.0723 2548   HTTP         (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
00:49:32.0735 2548   HTTP - ok
00:49:32.0753 2548   hwpolicy     (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
00:49:32.0755 2548   hwpolicy - ok
00:49:32.0830 2548   i8042prt     (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
00:49:32.0833 2548   i8042prt - ok
00:49:32.0889 2548   iaStorV       (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
00:49:32.0896 2548   iaStorV - ok
00:49:33.0160 2548   IconMan_R     (e4693409d06785477a49fb34afae1b92) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
00:49:33.0196 2548   IconMan_R - ok
00:49:33.0384 2548   idsvc       (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:49:33.0399 2548   idsvc - ok
00:49:33.0532 2548   iirsp       (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
00:49:33.0534 2548   iirsp - ok
00:49:33.0595 2548   IKEEXT       (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
00:49:33.0609 2548   IKEEXT - ok
00:49:33.0810 2548   IntcAzAudAddService (336c3a6bf14d5a9af35af07c6b6b29cd) C:\Windows\system32\drivers\RTKVHD64.sys
00:49:33.0878 2548   IntcAzAudAddService - ok
00:49:34.0026 2548   intelide     (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
00:49:34.0029 2548   intelide - ok
00:49:34.0080 2548   intelppm     (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
00:49:34.0083 2548   intelppm - ok
00:49:34.0131 2548   IPBusEnum     (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
00:49:34.0135 2548   IPBusEnum - ok
00:49:34.0168 2548   IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:49:34.0171 2548   IpFilterDriver - ok
00:49:34.0219 2548   iphlpsvc     (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
00:49:34.0257 2548   iphlpsvc - ok
00:49:34.0327 2548   IPMIDRV       (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
00:49:34.0330 2548   IPMIDRV - ok
00:49:34.0377 2548   IPNAT       (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
00:49:34.0381 2548   IPNAT - ok
00:49:34.0531 2548   iPod Service   (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
00:49:34.0559 2548   iPod Service - ok
00:49:34.0617 2548   IRENUM       (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
00:49:34.0630 2548   IRENUM - ok
00:49:34.0657 2548   isapnp       (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
00:49:34.0659 2548   isapnp - ok
00:49:34.0695 2548   iScsiPrt     (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
00:49:34.0701 2548   iScsiPrt - ok
00:49:34.0721 2548   kbdclass     (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
00:49:34.0722 2548   kbdclass - ok
00:49:34.0759 2548   kbdhid       (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
00:49:34.0761 2548   kbdhid - ok
00:49:34.0791 2548   KeyIso       (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:49:34.0794 2548   KeyIso - ok
00:49:34.0886 2548   KeyScrambler   (af49e415e4743afd1de45edfae1659ef) C:\Windows\system32\drivers\keyscrambler.sys
00:49:34.0890 2548   KeyScrambler - ok
00:49:34.0920 2548   KSecDD       (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
00:49:34.0923 2548   KSecDD - ok
00:49:34.0963 2548   KSecPkg       (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
00:49:34.0967 2548   KSecPkg - ok
00:49:34.0986 2548   ksthunk       (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
00:49:35.0001 2548   ksthunk - ok
00:49:35.0054 2548   KtmRm       (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
00:49:35.0063 2548   KtmRm - ok
00:49:35.0128 2548   LanmanServer   (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
00:49:35.0135 2548   LanmanServer - ok
00:49:35.0164 2548   LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
00:49:35.0170 2548   LanmanWorkstation - ok
00:49:35.0243 2548   lltdio       (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
00:49:35.0245 2548   lltdio - ok
00:49:35.0305 2548   lltdsvc       (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
00:49:35.0313 2548   lltdsvc - ok
00:49:35.0348 2548   lmhosts       (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
00:49:35.0351 2548   lmhosts - ok
00:49:35.0418 2548   LSI_FC       (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
00:49:35.0421 2548   LSI_FC - ok
00:49:35.0479 2548   LSI_SAS       (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
00:49:35.0482 2548   LSI_SAS - ok
00:49:35.0523 2548   LSI_SAS2     (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
00:49:35.0526 2548   LSI_SAS2 - ok
00:49:35.0552 2548   LSI_SCSI     (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
00:49:35.0555 2548   LSI_SCSI - ok
00:49:35.0594 2548   luafv       (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
00:49:35.0598 2548   luafv - ok
00:49:35.0655 2548   MBAMProtector   (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
00:49:35.0658 2548   MBAMProtector - ok
00:49:35.0753 2548   MBAMService   (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes’ Anti-Malware\mbamservice.exe
00:49:35.0765 2548   MBAMService - ok
00:49:35.0815 2548   Mcx2Svc       (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
00:49:35.0819 2548   Mcx2Svc - ok
00:49:35.0849 2548   megasas       (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
00:49:35.0851 2548   megasas - ok
00:49:35.0927 2548   MegaSR       (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
00:49:35.0943 2548   MegaSR - ok
00:49:35.0999 2548   MMCSS       (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
00:49:36.0003 2548   MMCSS - ok
00:49:36.0033 2548   Modem       (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
00:49:36.0036 2548   Modem - ok
00:49:36.0095 2548   monitor       (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
00:49:36.0097 2548   monitor - ok
00:49:36.0155 2548   mouclass     (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
00:49:36.0157 2548   mouclass - ok
00:49:36.0201 2548   mouhid       (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
00:49:36.0203 2548   mouhid - ok
00:49:36.0227 2548   mountmgr     (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
00:49:36.0230 2548   mountmgr - ok
00:49:36.0272 2548   mpio         (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
00:49:36.0276 2548   mpio - ok
00:49:36.0299 2548   mpsdrv       (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
00:49:36.0302 2548   mpsdrv - ok
00:49:36.0379 2548   MpsSvc       (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
00:49:36.0393 2548   MpsSvc - ok
00:49:36.0419 2548   MRxDAV       (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
00:49:36.0423 2548   MRxDAV - ok
00:49:36.0467 2548   mrxsmb       (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:49:36.0471 2548   mrxsmb - ok
00:49:36.0537 2548   mrxsmb10     (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:49:36.0543 2548   mrxsmb10 - ok
00:49:36.0597 2548   mrxsmb20     (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:49:36.0600 2548   mrxsmb20 - ok
00:49:36.0637 2548   msahci       (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
00:49:36.0639 2548   msahci - ok
00:49:36.0691 2548   msdsm       (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
00:49:36.0696 2548   msdsm - ok
00:49:36.0757 2548   MSDTC       (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
00:49:36.0763 2548   MSDTC - ok
00:49:36.0801 2548   Msfs         (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
00:49:36.0802 2548   Msfs - ok
00:49:36.0827 2548   mshidkmdf     (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
00:49:36.0829 2548   mshidkmdf - ok
00:49:36.0857 2548   msisadrv     (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
00:49:36.0859 2548   msisadrv - ok
00:49:36.0909 2548   MSiSCSI       (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
00:49:36.0915 2548   MSiSCSI - ok
00:49:36.0942 2548   msiserver - ok
00:49:37.0017 2548   MSKSSRV       (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
00:49:37.0018 2548   MSKSSRV - ok
00:49:37.0041 2548   MSPCLOCK     (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
00:49:37.0043 2548   MSPCLOCK - ok
00:49:37.0071 2548   MSPQM       (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
00:49:37.0072 2548   MSPQM - ok
00:49:37.0102 2548   MsRPC       (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
00:49:37.0109 2548   MsRPC - ok
00:49:37.0156 2548   mssmbios     (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
00:49:37.0157 2548   mssmbios - ok
00:49:37.0165 2548   MSTEE       (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
00:49:37.0167 2548   MSTEE - ok
00:49:37.0195 2548   MTConfig     (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
00:49:37.0197 2548   MTConfig - ok
00:49:37.0251 2548   Mup         (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
00:49:37.0254 2548   Mup - ok
00:49:37.0313 2548   napagent     (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
00:49:37.0322 2548   napagent - ok
00:49:37.0413 2548   NativeWifiP   (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
00:49:37.0419 2548   NativeWifiP - ok
00:49:37.0530 2548   NDIS         (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
00:49:37.0564 2548   NDIS - ok
00:49:37.0582 2548   NdisCap       (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
00:49:37.0584 2548   NdisCap - ok
00:49:37.0628 2548   NdisTapi     (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
00:49:37.0630 2548   NdisTapi - ok
00:49:37.0644 2548   Ndisuio       (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
00:49:37.0646 2548   Ndisuio - ok
00:49:37.0688 2548   NdisWan       (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
00:49:37.0692 2548   NdisWan - ok
00:49:37.0713 2548   NDProxy       (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
00:49:37.0716 2548   NDProxy - ok
00:49:37.0760 2548   NetBIOS       (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
00:49:37.0762 2548   NetBIOS - ok
00:49:37.0793 2548   NetBT       (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
00:49:37.0797 2548   NetBT - ok
00:49:37.0825 2548   Netlogon     (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:49:37.0827 2548   Netlogon - ok
00:49:37.0911 2548   Netman       (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
00:49:37.0919 2548   Netman - ok
00:49:37.0949 2548   netprofm     (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
00:49:37.0959 2548   netprofm - ok
00:49:38.0087 2548   netr28x       (5758fd37bf31e759f8610311e4d08eca) C:\Windows\system32\DRIVERS\netr28x.sys
00:49:38.0103 2548   netr28x - ok
00:49:38.0233 2548   NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:49:38.0236 2548   NetTcpPortSharing - ok
00:49:38.0346 2548   nfrd960       (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
00:49:38.0348 2548   nfrd960 - ok
00:49:38.0420 2548   NlaSvc       (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
00:49:38.0427 2548   NlaSvc - ok
00:49:38.0457 2548   Npfs         (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
00:49:38.0459 2548   Npfs - ok
00:49:38.0485 2548   nsi         (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
00:49:38.0489 2548   nsi - ok
00:49:38.0518 2548   nsiproxy     (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
00:49:38.0520 2548   nsiproxy - ok
00:49:38.0646 2548   Ntfs         (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
00:49:38.0672 2548   Ntfs - ok
00:49:38.0830 2548   Null         (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
00:49:38.0831 2548   Null - ok
00:49:38.0892 2548   NVENETFD     (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
00:49:38.0901 2548   NVENETFD - ok
00:49:38.0928 2548   nvraid       (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
00:49:38.0932 2548   nvraid - ok
00:49:38.0981 2548   nvstor       (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
00:49:38.0985 2548   nvstor - ok
00:49:39.0026 2548   nv_agp       (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
00:49:39.0030 2548   nv_agp - ok
00:49:39.0198 2548   OAcat       (faef7b156e073f0450c5087f57696f0b) C:\Program Files (x86)\Online Armor\OAcat.exe
00:49:39.0203 2548   OAcat - ok
00:49:39.0333 2548   OADevice     (9c78f13766ab2629e11fb0dfb162ee33) C:\Windows\SysWow64\Drivers\OADriver.sys
00:49:39.0336 2548   OADevice - ok
00:49:39.0427 2548   oahlpXX       (6cdb036083ef969210d2f747c8ab5771) C:\Windows\syswow64\drivers\oahlp64.sys
00:49:39.0430 2548   oahlpXX - ok
00:49:39.0469 2548   OAmon       (c2b6a1ccee9669119a7fc9dab2008b68) C:\Windows\SysWOW64\Drivers\OAmon.sys
00:49:39.0470 2548   OAmon - ok
00:49:39.0513 2548   OAnet       (f99c170cf63de515c51bb11e76ea23ec) C:\Windows\system32\DRIVERS\oanet.sys
00:49:39.0515 2548   OAnet - ok
00:49:39.0547 2548   ohci1394     (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
00:49:39.0550 2548   ohci1394 - ok
00:49:39.0601 2548   ose         (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:49:39.0608 2548   ose - ok
00:49:39.0988 2548   osppsvc       (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:49:40.0098 2548   osppsvc - ok
00:49:40.0284 2548   p2pimsvc     (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
00:49:40.0292 2548   p2pimsvc - ok
00:49:40.0379 2548   p2psvc       (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
00:49:40.0389 2548   p2psvc - ok
00:49:40.0459 2548   Parport       (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
00:49:40.0463 2548   Parport - ok
00:49:40.0517 2548   partmgr       (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
00:49:40.0520 2548   partmgr - ok
00:49:40.0545 2548   PcaSvc       (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
00:49:40.0550 2548   PcaSvc - ok
00:49:40.0593 2548   pci         (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
00:49:40.0597 2548   pci - ok
00:49:40.0627 2548   pciide       (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
00:49:40.0629 2548   pciide - ok
00:49:40.0667 2548   pcmcia       (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
00:49:40.0683 2548   pcmcia - ok
00:49:40.0723 2548   pcw         (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
00:49:40.0726 2548   pcw - ok
00:49:40.0785 2548   PEAUTH       (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
00:49:40.0796 2548   PEAUTH - ok
00:49:40.0894 2548   PerfHost     (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
00:49:40.0910 2548   PerfHost - ok
00:49:41.0058 2548   pla         (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
00:49:41.0081 2548   pla - ok
00:49:41.0152 2548   PlugPlay     (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
00:49:41.0161 2548   PlugPlay - ok
00:49:41.0201 2548   PNRPAutoReg   (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
00:49:41.0205 2548   PNRPAutoReg - ok
00:49:41.0240 2548   PNRPsvc       (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
00:49:41.0246 2548   PNRPsvc - ok
00:49:41.0321 2548   PolicyAgent   (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
00:49:41.0331 2548   PolicyAgent - ok
00:49:41.0386 2548   Power       (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
00:49:41.0392 2548   Power - ok
00:49:41.0496 2548   PptpMiniport   (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
00:49:41.0499 2548   PptpMiniport - ok
00:49:41.0535 2548   Processor     (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
00:49:41.0537 2548   Processor - ok
00:49:41.0599 2548   ProfSvc       (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
00:49:41.0605 2548   ProfSvc - ok
00:49:41.0647 2548   ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:49:41.0649 2548   ProtectedStorage - ok
00:49:41.0712 2548   Psched       (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
00:49:41.0715 2548   Psched - ok
00:49:41.0832 2548   ql2300       (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
00:49:41.0856 2548   ql2300 - ok
00:49:41.0992 2548   ql40xx       (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
00:49:41.0995 2548   ql40xx - ok
00:49:42.0033 2548   QWAVE       (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
00:49:42.0040 2548   QWAVE - ok
00:49:42.0085 2548   QWAVEdrv     (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
00:49:42.0087 2548   QWAVEdrv - ok
00:49:42.0107 2548   RasAcd       (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
00:49:42.0109 2548   RasAcd - ok
00:49:42.0175 2548   RasAgileVpn   (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
00:49:42.0177 2548   RasAgileVpn - ok
00:49:42.0203 2548   RasAuto       (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
00:49:42.0208 2548   RasAuto - ok
00:49:42.0247 2548   Rasl2tp       (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:49:42.0250 2548   Rasl2tp - ok
00:49:42.0292 2548   RasMan       (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
00:49:42.0301 2548   RasMan - ok
00:49:42.0317 2548   RasPppoe     (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
00:49:42.0320 2548   RasPppoe - ok
00:49:42.0330 2548   RasSstp       (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
00:49:42.0333 2548   RasSstp - ok
00:49:42.0361 2548   rdbss       (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
00:49:42.0367 2548   rdbss - ok
00:49:42.0386 2548   rdpbus       (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
00:49:42.0388 2548   rdpbus - ok
00:49:42.0407 2548   RDPCDD       (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:49:42.0408 2548   RDPCDD - ok
00:49:42.0441 2548   RDPENCDD     (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
00:49:42.0442 2548   RDPENCDD - ok
00:49:42.0469 2548   RDPREFMP     (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
00:49:42.0471 2548   RDPREFMP - ok
00:49:42.0515 2548   RDPWD       (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
00:49:42.0519 2548   RDPWD - ok
00:49:42.0550 2548   rdyboost     (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
00:49:42.0555 2548   rdyboost - ok
00:49:42.0596 2548   RemoteAccess   (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
00:49:42.0601 2548   RemoteAccess - ok
00:49:42.0638 2548   RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
00:49:42.0644 2548   RemoteRegistry - ok
00:49:42.0688 2548   RpcEptMapper   (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
00:49:42.0692 2548   RpcEptMapper - ok
00:49:42.0718 2548   RpcLocator     (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
00:49:42.0720 2548   RpcLocator - ok
00:49:42.0764 2548   RpcSs       (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
00:49:42.0772 2548   RpcSs - ok
00:49:42.0861 2548   RSPCIESTOR     (546d7f426776090b90ef5f195b6ae662) C:\Windows\system32\DRIVERS\RtsPStor.sys
00:49:42.0868 2548   RSPCIESTOR - ok
00:49:42.0907 2548   rspndr       (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
00:49:42.0910 2548   rspndr - ok
00:49:42.0967 2548   RTL8167       (3372196f61af48503656ef6aa3e92d1b) C:\Windows\system32\DRIVERS\Rt64win7.sys
00:49:42.0973 2548   RTL8167 - ok
00:49:43.0002 2548   SamSs       (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:49:43.0005 2548   SamSs - ok
00:49:43.0140 2548   SASDIFSV     (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
00:49:43.0142 2548   SASDIFSV - ok
00:49:43.0179 2548   SASKUTIL     (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
00:49:43.0181 2548   SASKUTIL - ok
00:49:43.0222 2548   sbp2port     (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
00:49:43.0225 2548   sbp2port - ok
00:49:43.0273 2548   SCardSvr     (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
00:49:43.0279 2548   SCardSvr - ok
00:49:43.0299 2548   scfilter     (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
00:49:43.0301 2548   scfilter - ok
00:49:43.0371 2548   Schedule     (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
00:49:43.0391 2548   Schedule - ok
00:49:43.0443 2548   SCPolicySvc   (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
00:49:43.0445 2548   SCPolicySvc - ok
00:49:43.0483 2548   sdbus       (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
00:49:43.0504 2548   sdbus - ok
00:49:43.0539 2548   SDRSVC       (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
00:49:43.0545 2548   SDRSVC - ok
00:49:43.0659 2548   SeaPort       (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
00:49:43.0663 2548   SeaPort - ok
00:49:43.0705 2548   secdrv       (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
00:49:43.0707 2548   secdrv - ok
00:49:43.0728 2548   seclogon     (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
00:49:43.0742 2548   seclogon - ok
00:49:43.0761 2548   SENS         (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
00:49:43.0766 2548   SENS - ok
00:49:43.0835 2548   SensrSvc     (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
00:49:43.0840 2548   SensrSvc - ok
00:49:43.0880 2548   Serenum       (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
00:49:43.0882 2548   Serenum - ok
00:49:43.0940 2548   Serial       (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
00:49:43.0943 2548   Serial - ok
00:49:43.0976 2548   sermouse     (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
00:49:43.0979 2548   sermouse - ok
00:49:44.0032 2548   SessionEnv     (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
00:49:44.0037 2548   SessionEnv - ok
00:49:44.0070 2548   sffdisk       (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
00:49:44.0081 2548   sffdisk - ok
00:49:44.0106 2548   sffp_mmc     (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
00:49:44.0108 2548   sffp_mmc - ok
00:49:44.0138 2548   sffp_sd       (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
00:49:44.0140 2548   sffp_sd - ok
00:49:44.0154 2548   sfloppy       (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
00:49:44.0156 2548   sfloppy - ok
00:49:44.0235 2548   Sftfs       (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
00:49:44.0251 2548   Sftfs - ok
00:49:44.0357 2548   sftlist       (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
00:49:44.0367 2548   sftlist - ok
00:49:44.0401 2548   Sftplay       (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
00:49:44.0408 2548   Sftplay - ok
00:49:44.0443 2548   Sftredir     (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
00:49:44.0446 2548   Sftredir - ok
00:49:44.0482 2548   Sftvol       (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
00:49:44.0484 2548   Sftvol - ok
00:49:44.0516 2548   sftvsa       (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
00:49:44.0521 2548   sftvsa - ok
00:49:44.0576 2548   SharedAccess   (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
00:49:44.0584 2548   SharedAccess - ok
00:49:44.0668 2548   ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
00:49:44.0677 2548   ShellHWDetection - ok
00:49:44.0699 2548   SiSRaid2     (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
00:49:44.0701 2548   SiSRaid2 - ok
00:49:44.0732 2548   SiSRaid4     (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
00:49:44.0735 2548   SiSRaid4 - ok
00:49:44.0798 2548   Smb         (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
00:49:44.0801 2548   Smb - ok
00:49:44.0856 2548   SNMPTRAP     (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
00:49:44.0859 2548   SNMPTRAP - ok
00:49:44.0883 2548   spldr       (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
00:49:44.0885 2548   spldr - ok
00:49:44.0950 2548   Spooler       (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
00:49:44.0962 2548   Spooler - ok
00:49:45.0161 2548   sppsvc       (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
00:49:45.0218 2548   sppsvc - ok
00:49:45.0417 2548   sppuinotify   (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
00:49:45.0421 2548   sppuinotify - ok
00:49:45.0558 2548   srv         (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
00:49:45.0568 2548   srv - ok
00:49:45.0617 2548   srv2         (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
00:49:45.0625 2548   srv2 - ok
00:49:45.0686 2548   SrvHsfHDA     (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
00:49:45.0692 2548   SrvHsfHDA - ok
00:49:45.0785 2548   SrvHsfV92     (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
00:49:45.0810 2548   SrvHsfV92 - ok
00:49:45.0984 2548   SrvHsfWinac   (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
00:49:45.0996 2548   SrvHsfWinac - ok
00:49:46.0054 2548   srvnet       (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
00:49:46.0058 2548   srvnet - ok
00:49:46.0130 2548   SSDPSRV       (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
00:49:46.0139 2548   SSDPSRV - ok
00:49:46.0151 2548   SstpSvc       (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
00:49:46.0156 2548   SstpSvc - ok
00:49:46.0196 2548   stexstor     (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
00:49:46.0198 2548   stexstor - ok
00:49:46.0266 2548   stisvc       (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
00:49:46.0278 2548   stisvc - ok
00:49:46.0665 2548   SvcOnlineArmor (578a7d52c4f7ca65e109b4e7c7ac5cb3) C:\Program Files (x86)\Online Armor\oasrv.exe
00:49:46.0854 2548   SvcOnlineArmor - ok
00:49:47.0031 2548   swenum       (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
00:49:47.0032 2548   swenum - ok
00:49:47.0106 2548   swprv       (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
00:49:47.0117 2548   swprv - ok
00:49:47.0255 2548   SynTP       (c447977ed2a4ae9346fe3a0579a34d7c) C:\Windows\system32\DRIVERS\SynTP.sys
00:49:47.0271 2548   SynTP - ok
00:49:47.0533 2548   SysMain       (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
00:49:47.0562 2548   SysMain - ok
00:49:47.0606 2548   TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
00:49:47.0611 2548   TabletInputService - ok
00:49:47.0635 2548   TapiSrv       (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
00:49:47.0644 2548   TapiSrv - ok
00:49:47.0657 2548   TBS         (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
00:49:47.0662 2548   TBS - ok
00:49:47.0865 2548   Tcpip       (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
00:49:47.0894 2548   Tcpip - ok
00:49:48.0176 2548   TCPIP6       (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
00:49:48.0196 2548   TCPIP6 - ok
00:49:48.0263 2548   tcpipreg     (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
00:49:48.0266 2548   tcpipreg - ok
00:49:48.0314 2548   TDPIPE       (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
00:49:48.0316 2548   TDPIPE - ok
00:49:48.0343 2548   TDTCP       (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
00:49:48.0345 2548   TDTCP - ok
00:49:48.0388 2548   tdx         (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
00:49:48.0391 2548   tdx - ok
00:49:48.0434 2548   TermDD       (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
00:49:48.0435 2548   TermDD - ok
00:49:48.0509 2548   TermService   (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
00:49:48.0522 2548   TermService - ok
00:49:48.0540 2548   Themes       (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
00:49:48.0544 2548   Themes - ok
00:49:48.0577 2548   THREADORDER   (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
00:49:48.0580 2548   THREADORDER - ok
00:49:48.0611 2548   TrkWks       (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
00:49:48.0617 2548   TrkWks - ok
00:49:48.0682 2548   TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
00:49:48.0686 2548   TrustedInstaller - ok
00:49:48.0729 2548   tssecsrv     (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:49:48.0731 2548   tssecsrv - ok
00:49:48.0769 2548   TsUsbFlt     (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
00:49:48.0772 2548   TsUsbFlt - ok
00:49:48.0804 2548   TsUsbGD       (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
00:49:48.0806 2548   TsUsbGD - ok
00:49:48.0856 2548   tunnel       (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
00:49:48.0859 2548   tunnel - ok
00:49:48.0877 2548   uagp35       (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
00:49:48.0880 2548   uagp35 - ok
00:49:48.0923 2548   udfs         (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
00:49:48.0930 2548   udfs - ok
00:49:48.0978 2548   UI0Detect     (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
00:49:48.0983 2548   UI0Detect - ok
00:49:49.0020 2548   uliagpkx     (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
00:49:49.0023 2548   uliagpkx - ok
00:49:49.0057 2548   umbus       (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
00:49:49.0059 2548   umbus - ok
00:49:49.0081 2548   UmPass       (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
00:49:49.0083 2548   UmPass - ok
00:49:49.0127 2548   upnphost     (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
00:49:49.0136 2548   upnphost - ok
00:49:49.0176 2548   USBAAPL64     (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
00:49:49.0178 2548   USBAAPL64 - ok
00:49:49.0202 2548   usbccgp       (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
00:49:49.0205 2548   usbccgp - ok
00:49:49.0258 2548   usbcir       (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
00:49:49.0262 2548   usbcir - ok
00:49:49.0271 2548   usbehci       (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
00:49:49.0273 2548   usbehci - ok
00:49:49.0340 2548   usbfilter     (76e2ffad301490ba27b947c6507752fb) C:\Windows\system32\DRIVERS\usbfilter.sys
00:49:49.0341 2548   usbfilter - ok
00:49:49.0391 2548   usbhub       (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
00:49:49.0397 2548   usbhub - ok
00:49:49.0441 2548   usbohci       (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
00:49:49.0443 2548   usbohci - ok
00:49:49.0480 2548   usbprint     (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
00:49:49.0482 2548   usbprint - ok
00:49:49.0508 2548   USBSTOR       (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:49:49.0510 2548   USBSTOR - ok
00:49:49.0524 2548   usbuhci       (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
00:49:49.0527 2548   usbuhci - ok
00:49:49.0572 2548   usbvideo     (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
00:49:49.0577 2548   usbvideo - ok
00:49:49.0627 2548   UxSms       (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
00:49:49.0632 2548   UxSms - ok
00:49:49.0669 2548   VaultSvc     (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:49:49.0672 2548   VaultSvc - ok
00:49:49.0712 2548   vdrvroot     (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
00:49:49.0715 2548   vdrvroot - ok
00:49:49.0766 2548   vds         (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
00:49:49.0778 2548   vds - ok
00:49:49.0841 2548   vga         (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
00:49:49.0844 2548   vga - ok
00:49:49.0880 2548   VgaSave       (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
00:49:49.0882 2548   VgaSave - ok
00:49:49.0928 2548   vhdmp       (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
00:49:49.0933 2548   vhdmp - ok
00:49:49.0954 2548   viaide       (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
00:49:49.0956 2548   viaide - ok
00:49:49.0979 2548   volmgr       (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
00:49:49.0982 2548   volmgr - ok
00:49:50.0032 2548   volmgrx       (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
00:49:50.0039 2548   volmgrx - ok
00:49:50.0090 2548   volsnap       (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
00:49:50.0106 2548   volsnap - ok
00:49:50.0141 2548   vsmraid       (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
00:49:50.0145 2548   vsmraid - ok
00:49:50.0282 2548   VSS         (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
00:49:50.0308 2548   VSS - ok
00:49:50.0519 2548   vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
00:49:50.0535 2548   vToolbarUpdater10.2.0 - ok
00:49:50.0681 2548   vwifibus     (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
00:49:50.0683 2548   vwifibus - ok
00:49:50.0701 2548   vwififlt     (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
00:49:50.0704 2548   vwififlt - ok
00:49:50.0770 2548   W32Time       (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
00:49:50.0780 2548   W32Time - ok
00:49:50.0829 2548   WacomPen     (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
00:49:50.0832 2548   WacomPen - ok
00:49:50.0867 2548   WANARP       (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:49:50.0870 2548   WANARP - ok
00:49:50.0881 2548   Wanarpv6     (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:49:50.0883 2548   Wanarpv6 - ok
00:49:51.0020 2548   WatAdminSvc   (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
00:49:51.0041 2548   WatAdminSvc - ok
00:49:51.0160 2548   wbengine     (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
00:49:51.0198 2548   wbengine - ok
00:49:51.0351 2548   WbioSrvc     (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
00:49:51.0358 2548   WbioSrvc - ok
00:49:51.0406 2548   wcncsvc       (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
00:49:51.0416 2548   wcncsvc - ok
00:49:51.0454 2548   WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
00:49:51.0459 2548   WcsPlugInService - ok
00:49:51.0505 2548   Wd         (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
00:49:51.0507 2548   Wd - ok
00:49:51.0587 2548   Wdf01000     (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
00:49:51.0599 2548   Wdf01000 - ok
00:49:51.0641 2548   WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
00:49:51.0646 2548   WdiServiceHost - ok
00:49:51.0654 2548   WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
00:49:51.0658 2548   WdiSystemHost - ok
00:49:51.0722 2548   WebClient     (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
00:49:51.0729 2548   WebClient - ok
00:49:51.0775 2548   Wecsvc       (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
00:49:51.0782 2548   Wecsvc - ok
00:49:51.0794 2548   wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
00:49:51.0809 2548   wercplsupport - ok
00:49:51.0874 2548   WerSvc       (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
00:49:51.0879 2548   WerSvc - ok
00:49:52.0200 2548   WfpLwf       (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
00:49:52.0202 2548   WfpLwf - ok
00:49:52.0265 2548   WIMMount     (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
00:49:52.0268 2548   WIMMount - ok
00:49:52.0300 2548   WinDefend - ok
00:49:52.0314 2548   WinHttpAutoProxySvc - ok
00:49:52.0405 2548   Winmgmt       (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
00:49:52.0410 2548   Winmgmt - ok
00:49:52.0576 2548   WinRM       (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
00:49:52.0611 2548   WinRM - ok
00:49:52.0842 2548   Wlansvc       (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
00:49:52.0859 2548   Wlansvc - ok
00:49:52.0950 2548   wlcrasvc     (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:49:52.0953 2548   wlcrasvc - ok
00:49:53.0192 2548   wlidsvc       (7e47c328fc4768cb8beafbcfafa70362) C:\Prog

Jeg mangler det nederste af loggen fra:

00:49:52.0953 2548   wlcrasvc - ok
00:49:53.0192 2548   wlidsvc     (7e47c328fc4768cb8beafbcfafa70362) C:\Prog

00:49:53.0688 2548   WmiAcpi       (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
00:49:53.0691 2548   WmiAcpi - ok
00:49:53.0780 2548   wmiApSrv     (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
00:49:53.0785 2548   wmiApSrv - ok
00:49:53.0871 2548   WMPNetworkSvc - ok
00:49:53.0912 2548   WPCSvc       (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
00:49:53.0916 2548   WPCSvc - ok
00:49:53.0952 2548   WPDBusEnum     (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
00:49:53.0958 2548   WPDBusEnum - ok
00:49:54.0003 2548   ws2ifsl       (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
00:49:54.0004 2548   ws2ifsl - ok
00:49:54.0050 2548   wscsvc       (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
00:49:54.0056 2548   wscsvc - ok
00:49:54.0063 2548   WSearch - ok
00:49:54.0235 2548   wuauserv     (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
00:49:54.0278 2548   wuauserv - ok
00:49:54.0441 2548   WudfPf       (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
00:49:54.0445 2548   WudfPf - ok
00:49:54.0518 2548   WUDFRd       (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:49:54.0523 2548   WUDFRd - ok
00:49:54.0563 2548   wudfsvc       (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
00:49:54.0568 2548   wudfsvc - ok
00:49:54.0608 2548   WwanSvc       (ce8cf9de9cbfdaa318bd04d8be3fcada) C:\Windows\System32\wwansvc.dll
00:49:54.0615 2548   WwanSvc - ok
00:49:54.0666 2548   MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
00:49:55.0031 2548   \Device\Harddisk0\DR0 - ok
00:49:55.0037 2548   Boot (0x1200)  (5e3066cd890048378522827e026dc5f8) \Device\Harddisk0\DR0\Partition0
00:49:55.0040 2548   \Device\Harddisk0\DR0\Partition0 - ok
00:49:55.0057 2548   Boot (0x1200)  (acd0b138673646c23686a005aac9b71f) \Device\Harddisk0\DR0\Partition1
00:49:55.0060 2548   \Device\Harddisk0\DR0\Partition1 - ok
00:49:55.0096 2548   Boot (0x1200)  (341e638f7b68a1f575b9ab509c23bfba) \Device\Harddisk0\DR0\Partition2
00:49:55.0099 2548   \Device\Harddisk0\DR0\Partition2 - ok
00:49:55.0117 2548   Boot (0x1200)  (f1eac720ff3b7d6426c3d49d5b69e10b) \Device\Harddisk0\DR0\Partition3
00:49:55.0119 2548   \Device\Harddisk0\DR0\Partition3 - ok
00:49:55.0120 2548   ============================================================
00:49:55.0120 2548   Scan finished
00:49:55.0120 2548   ============================================================
00:49:55.0145 1716   Detected object count: 0
00:49:55.0145 1716   Actual detected object count: 0
00:54:28.0010 1928   Deinitialize success

Fint        

Prøv om du kan hente og køre combofix nu.

NB. Vær sikker på at du får hentet hele filen.
Det er muligt at du skal deaktivere dit antivirus program så længe…........