Hej                      

Lad os kigge nærmere på tingene…....

Download OTL af Oldtimer, gem den på dit skrivebord: http://oldtimer.geekstogo.com/OTL.exe

Luk alle åbne vinduer. Klik på OTL ikonet (for Vista/win7, skal du højreklikke på ikonet og Kør som Administrator) for at starte programmet.
Når vinduet vises, under Output i toppen skift til Minimal Output.
Marker felterne ud for LOP check og Purity Check.

Klik så på Quick Scan.
• 

Det vil give to (2) logfiler på skrivebordet, en kaldet OTL.txt, den anden vil blive navngivet Extras.txt.
Husk, hvor du har gemt disse 2 filer.

Da de er forholdsvis lange, kan du blive nødt til at sende dem i flere indlæg.

Her er loggen fra OTL.txt

OTL logfile created on: 07-08-2012 06:57:13 - Run 1
OTL by OldTimer - Version 3.2.56.0   Folder = C:\Users\Milos\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

3,98 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 57,11% Memory free
7,95 Gb Paging File | 5,25 Gb Available in Paging File | 65,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,30 Gb Total Space | 43,67 Gb Free Space | 23,44% Space Free | Partition Type: NTFS
Drive D: | 254,45 Gb Total Space | 253,97 Gb Free Space | 99,81% Space Free | Partition Type: NTFS
Drive E: | 6,30 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive R: | 24,98 Gb Total Space | 13,58 Gb Free Space | 54,33% Space Free | Partition Type: FAT32

Computer Name: MILOS-PC | User Name: Milos | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Milos\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
PRC - C:\Users\Milos\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe (Facebook)
PRC - C:\Users\Milos\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
PRC - C:\Program Files (x86)\Heimdal\Client\HeimdalAgent.exe (CSIS Security Group)
PRC - C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe (CSIS Security Group)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
PRC - C:\Users\Milos\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe ()
PRC - C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Prey\platform\windows\cronsvc.exe (Fork Ltd.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe ()
PRC - C:\Users\Milos\Local Settings\Apps\F.lux\flux.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Windows\STK02N\STK02NM.exe (Syntek Ltd.)


========== Modules (No Company Name) ==========

MOD - C:\Users\Milos\AppData\Local\Temp\YTMP7MC8AA\TAAB8A5.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\YTMP7MC8AA\TAAB836.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMAA5E.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMABAC.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMAB7B.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMAB6A.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA9A0.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA921.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA8A3.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA853.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA7E3.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA765.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA6E6.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA6A5.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA674.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA644.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA613.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA5D2.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA592.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA561.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA521.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA4E0.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA4A0.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA450.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA41F.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA3DF.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA312.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA18A.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA10B.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA06D.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEMA01C.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM9FEB.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM9EBD.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM9F5D.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM9F3C.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM9E00.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM9CF1.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM9D91.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM9D60.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM9A31.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM988D.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM9A0F.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM99EE.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM999C.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM998B.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM994A.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM9751.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM9711.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM96D0.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM9420.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM9772.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM99BD.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM9391.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM9303.tmp ()
MOD - C:\Users\Milos\AppData\Local\Temp\XTMP1MC3VE\DEM917B.tmp ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Users\Milos\AppData\Local\Facebook\Messenger\2.1.4590.0\libcef.dll ()
MOD - C:\Users\Milos\AppData\Local\Facebook\Messenger\2.1.4590.0\CefSharp.WinForms.dll ()
MOD - C:\Users\Milos\AppData\Local\Facebook\Messenger\2.1.4590.0\CefSharp.dll ()
MOD - C:\Users\Milos\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
MOD - C:\Program Files (x86)\ManyCam\Bin\CrashRpt.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\09c2f8f606e09d85cfe6e0ad89fbe729\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bd28f26b18b8ffeee1a0fbaa98f5810e\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\cfece6f67593b4d8bb58d23b7fdcc470\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\94b346f2ab12d38efb1331ded5783396\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\79ac99fe5274fb82ffcff2c15f71854c\System.Runtime.DurableInstancing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\bb97517e4ca64e02282fca24612ce8ad\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe ()
MOD - C:\Program Files (x86)\Roxio\CinePlayer\5.0\Filters\SonicHDDemuxer.dll ()
MOD - C:\Program Files (x86)\K-Lite Codec Pack\ffdshow\ffdshow.ax ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_da_b77a5c561934e089\System.resources.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_objdetect220.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_highgui220.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_video220.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_da_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
MOD - C:\Users\Milos\Local Settings\Apps\F.lux\flux.exe ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (avast! Firewall)—C:\Program Files\AVAST Software\Avast\afwServ.exe File not found
SRV:64bit: - (avast! Antivirus)—C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (cmdAgent)—C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV:64bit: - (AFBAgent)—C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (AsusUacSvc)—C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe ()
SRV:64bit: - (TurboBoost)—C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (WinDefend)—C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (Steam Client Service)—C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc)—C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (HeimdalSecureDNS)—C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe (Microsoft)
SRV - (HeimdalService)—C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe (CSIS Security Group)
SRV - (SkypeUpdate)—C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MozillaMaintenance)—C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (TeamViewer7)—C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (TeamViewer6)—C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (sftvsa)—C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist)—C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (PnkBstrA)—C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (PassThru Service)—C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (Creative Audio Engine Licensing Service)—C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (Creative ALchemy AL6 Licensing Service)—C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (Stereo Service)—C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Atheros Bt&Wlan; Coex Agent)—C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc)—C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
SRV - (CronService)—C:\Prey\platform\windows\cronsvc.exe (Fork Ltd.)
SRV - (UNS)—C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS)—C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32)—C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard)—C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (ATKGFNEXSrv)—C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService)—C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32)—C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (aswSnx)—C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP)—C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt)—C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswTdi)—C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRdr)—C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswFsBlk)—C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (Fs_Rec)—C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (mcaudrv_simple)—C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC)
DRV:64bit: - (ManyCam)—C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC)
DRV:64bit: - (ggsemc)—C:\Windows\SysNative\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt)—C:\Windows\SysNative\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (athr)—C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Sftvol)—C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay)—C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir)—C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs)—C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64)—C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (iaStor)—C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RTL8167)—C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                             )
DRV:64bit: - (FLxHCIc)—C:\Windows\SysNative\drivers\FLxHCIc.sys (Fresco Logic)
DRV:64bit: - (FLxHCIh)—C:\Windows\SysNative\drivers\FLxHCIh.sys (Fresco Logic)
DRV:64bit: - (RSUSBVSTOR)—C:\Windows\SysNative\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (BtFilter)—C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_HCRP)—C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (BTATH_RCP)—C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT)—C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP)—C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (AthBTPort)—C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS)—C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (amdsata)—C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata)—C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (NVHDA)—C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (HpSAMD)—C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt)—C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD)—C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64)—C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (SynTP)—C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (htcnprot)—C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (TurboB)—C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (PxHlpa64)—C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (MBfilt)—C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.)
DRV:64bit: - (HTCAND64)—C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (kbfiltr)—C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs)—C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2)—C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor)—C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usb_rndisx)—C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (SiSGbeLH)—C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv)—C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv)—C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a)—C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (L1C)—C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (hcw85cir)—C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM)—C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (hamachi)—C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (WimFltr)—C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ATKWMIACPIIO_)—C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount)—C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie;={inputEncoding}&oe;={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: “URL” = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie;={inputEncoding}&oe;={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie;={inputEncoding}&oe;={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyServer” = :80

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: “google.dk”
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Milos\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Milos\AppData\Local\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-07-06 18:43:58 | 000,000,000 |—-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-18 14:01:27 | 000,000,000 |—-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-07-16 17:11:18 | 000,000,000 |—-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-06-24 14:55:00 | 000,000,000 |—-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-18 14:01:27 | 000,000,000 |—-D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-07-16 17:11:18 | 000,000,000 |—-D | M]

[2011-09-21 14:22:44 | 000,000,000 |—-D | M] (No name found)—C:\Users\Milos\AppData\Roaming\mozilla\Extensions
[2012-07-30 16:55:38 | 000,000,000 |—-D | M] (No name found)—C:\Users\Milos\AppData\Roaming\mozilla\Firefox\Profiles\k86quq7d.default\extensions
[2011-10-08 19:15:33 | 000,000,000 |—-D | M] (Battlefield Heroes Updater)—C:\Users\Milos\AppData\Roaming\mozilla\Firefox\Profiles\k86quq7d.default\extensions\battlefieldheroespatcher@ea.com
[2012-05-30 15:41:49 | 000,000,000 |—-D | M] (No name found)—C:\Program Files (x86)\mozilla firefox\extensions
[2012-05-30 15:41:49 | 000,000,000 |—-D | M] (Skype Click to Call)—C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-07-06 18:43:58 | 000,000,000 |—-D | M] (avast! WebRep)—C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011-11-16 18:29:34 | 000,122,406 |——| M] () (No name found)—C:\USERS\MILOS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K86QUQ7D.DEFAULT\EXTENSIONS\GIORGIO@GILESTRO.TK.XPI
[2012-06-18 14:01:27 | 000,085,472 |——| M] (Mozilla Foundation)—C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-02-16 12:59:56 | 000,001,525 |——| M] ()—C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-co-uk.xml
[2012-02-16 12:48:01 | 000,002,252 |——| M] ()—C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012-02-16 12:59:56 | 000,001,178 |——| M] ()—C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-da.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie;={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl;={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.127.0_0\npBFHUpdater.dll
CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.127.0_0\BFHUpdater.exe
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Milos\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Milos\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - Extension: YouTube = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Unsubscribe.com = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmlljeodbjmdnpcphkfofnongoedempc\4.0.0_0\
CHR - Extension: Unsubscribe.com = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmlljeodbjmdnpcphkfofnongoedempc\4.0.0_0\old_
CHR - Extension: Google-s\u00F8gning = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: imgur = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehoopddfhgaehhmphfcooacjdpmbjlao\1.1.3_0\
CHR - Extension: AdBlock = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.38_0\
CHR - Extension: Battlefield Heroes = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.127.0_0\
CHR - Extension: avast! WebRep = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Skype Click to Call = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\
CHR - Extension: Gmail = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 |——| M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo “C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs” File not found
O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [THXCfg64] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe ()
O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows (R) Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [THX TruStudio NB Settings] C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [F.lux] C:\Users\Milos\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKCU..\Run: [Facebook Update] C:\Users\Milos\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Milos\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\debug.log ()
O4 - Startup: C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Milos\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Milos\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver; - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver; - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra ‘Tools’ menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra ‘Tools’ menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra ‘Tools’ menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.162.153.164 194.239.134.83
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{29108A8B-D55C-4CE9-9AC4-99C6B2779C9C}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{64748ADB-E593-437F-A472-1EF7592DC05C}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F4790E5E-2991-4732-924A-D257EA1836CE}: DhcpNameServer = 193.162.153.164 194.239.134.83
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-08-08 03:10:59 | 000,000,044 | R—- | M] () - E:\AUTORUN.INF—[ UDF ]
O33 - MountPoints2\{560c384b-c046-11e0-83f4-806e6f6e6963}\Shell - “” = AutoRun
O33 - MountPoints2\{560c384b-c046-11e0-83f4-806e6f6e6963}\Shell\AutoRun\command - “” = E:\shellexec.exe rom\index.html
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open]—“%1” %*
O35:64bit: - HKLM\..exefile [open]—“%1” %*
O35 - HKLM\..comfile [open]—“%1” %*
O35 - HKLM\..exefile [open]—“%1” %*
O37:64bit: - HKLM\...com [@ = comfile]—“%1” %*
O37:64bit: - HKLM\...exe [@ = exefile]—“%1” %*
O37 - HKLM\...com [@ = comfile]—“%1” %*
O37 - HKLM\...exe [@ = exefile]—“%1” %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-08-06 12:24:19 | 000,000,000 |—-D | C]—C:\Users\Milos\AppData\Roaming\.minecraft
[2012-08-05 22:39:44 | 000,000,000 |—-D | C]—C:\Users\Milos\Desktop\Tiffany
[2012-08-04 09:22:13 | 000,000,000 |—-D | C]—C:\Users\Milos\Desktop\mappe
[2012-08-03 07:23:45 | 000,000,000 |—-D | C]—C:\Users\Milos\Desktop\Mods
[2012-07-30 17:09:53 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
[2012-07-30 17:09:36 | 000,000,000 |—-D | C]—C:\ProgramData\ManyCam
[2012-07-30 16:25:43 | 000,000,000 |—-D | C]—C:\Users\Milos\Desktop\Untitled
[2012-07-30 15:12:27 | 000,000,000 |—-D | C]—C:\Users\Milos\jagexcache
[2012-07-27 12:35:41 | 000,000,000 |—-D | C]—C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012-07-16 17:12:01 | 000,000,000 |—-D | C]—C:\Program Files (x86)\Common Files\Java
[2012-07-16 17:11:42 | 000,000,000 |—-D | C]—C:\Program Files (x86)\Oracle
[2012-07-16 17:05:24 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CSIS Heimdal
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-08-07 07:02:51 | 000,000,029 |——| M] ()—C:\Windows\SysWow64\TempWmicBatchFile.bat
[2012-08-07 06:53:22 | 000,000,946 |——| M] ()—C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-08-07 06:53:10 | 000,000,962 |——| M] ()—C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1295617616-3083882431-3701152012-1000UA.job
[2012-08-07 06:53:08 | 000,000,830 |——| M] ()—C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-08-07 06:52:44 | 000,067,584 |—S- | M] ()—C:\Windows\bootstat.dat
[2012-08-06 17:10:54 | 000,009,920 | -H—| M] ()—C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-08-06 17:10:54 | 000,009,920 | -H—| M] ()—C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-08-06 17:02:16 | 000,000,942 |——| M] ()—C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-08-06 16:10:39 | 3203,260,416 | -HS- | M] ()—C:\hiberfil.sys
[2012-08-06 07:21:00 | 000,000,940 |——| M] ()—C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1295617616-3083882431-3701152012-1000Core.job
[2012-08-05 22:58:57 | 001,405,704 |——| M] ()—C:\Windows\SysNative\PerfStringBackup.INI
[2012-08-05 22:58:57 | 000,664,224 |——| M] ()—C:\Windows\SysNative\perfh009.dat
[2012-08-05 22:58:57 | 000,519,326 |——| M] ()—C:\Windows\SysNative\perfh006.dat
[2012-08-05 22:58:57 | 000,125,238 |——| M] ()—C:\Windows\SysNative\perfc009.dat
[2012-08-05 22:58:57 | 000,101,638 |——| M] ()—C:\Windows\SysNative\perfc006.dat
[2012-08-04 21:54:39 | 000,397,456 |——| M] ()—C:\Users\Milos\Desktop\Untitled.png
[2012-08-03 21:15:30 | 000,011,776 |——| M] ()—C:\Users\Milos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-08-01 20:54:45 | 000,003,425 |——| M] ()—C:\Users\Milos\Desktop\sn.png
[2012-08-01 20:52:52 | 000,044,863 |——| M] ()—C:\Users\Milos\Desktop\pvd8C.png
[2012-07-31 17:13:31 | 000,002,646 |——| M] ()—C:\Windows\SysNative\AutoRunFilter.ini
[2012-07-30 17:09:53 | 000,001,107 |——| M] ()—C:\Users\Milos\Application Data\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk
[2012-07-30 17:09:53 | 000,001,083 |——| M] ()—C:\Users\Public\Desktop\ManyCam.lnk
[2012-07-30 15:46:08 | 000,000,024 |——| M] ()—C:\Users\Milos\random.dat
[2012-07-30 15:29:31 | 000,000,044 |——| M] ()—C:\Users\Milos\jagex_cl_runescape_LIVE.dat
[2012-07-27 12:35:42 | 000,001,340 |——| M] ()—C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2012-07-20 19:14:28 | 000,002,116 |——| M] ()—C:\Users\Milos\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2012-07-18 23:37:48 | 000,137,461 |——| M] ()—C:\Users\Milos\Desktop\lol.png
[2012-07-13 19:12:59 | 000,045,056 |——| M] ()—C:\Windows\SysNative\acovcnt.exe
[2012-07-13 19:12:11 | 004,897,536 |——| M] ()—C:\Windows\SysNative\FNTCACHE.DAT
[2012-07-10 19:01:14 | 000,042,091 |——| M] ()—C:\Users\Milos\Desktop\lol.jpg
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-07-31 07:26:43 | 000,397,456 |——| C] ()—C:\Users\Milos\Desktop\Untitled.png
[2012-07-30 17:09:53 | 000,001,107 |——| C] ()—C:\Users\Milos\Application Data\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk
[2012-07-30 17:09:53 | 000,001,083 |——| C] ()—C:\Users\Public\Desktop\ManyCam.lnk
[2012-07-30 15:12:27 | 000,000,044 |——| C] ()—C:\Users\Milos\jagex_cl_runescape_LIVE.dat
[2012-07-30 15:12:27 | 000,000,024 |——| C] ()—C:\Users\Milos\random.dat
[2012-07-18 23:37:46 | 000,137,461 |——| C] ()—C:\Users\Milos\Desktop\lol.png
[2012-07-18 21:49:28 | 000,003,425 |——| C] ()—C:\Users\Milos\Desktop\sn.png
[2012-07-10 19:01:09 | 000,042,091 |——| C] ()—C:\Users\Milos\Desktop\lol.jpg
[2012-05-04 18:56:13 | 000,000,213 |——| C] ()—C:\Users\Milos\_netrc
[2012-03-08 17:57:23 | 000,000,040 |——| C] ()—C:\ProgramData\ra3.ini
[2011-12-27 20:23:48 | 000,197,120 |——| C] ()—C:\Windows\patchw32.dll
[2011-11-20 00:26:36 | 000,000,132 |——| C] ()—C:\Users\Milos\AppData\Roaming\Adobe PNG-muodon CS5 -oletusasetukset
[2011-10-21 22:05:00 | 000,021,870 |——| C] ()—C:\Windows\cscmondump.bin
[2011-10-11 17:11:47 | 000,004,873 |——| C] ()—C:\ProgramData\qjaxlkio.dss
[2011-10-06 17:43:11 | 000,165,376 |——| C] ()—C:\Windows\SysWow64\unrar.dll
[2011-09-24 15:47:29 | 000,011,776 |——| C] ()—C:\Users\Milos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-09-22 14:27:17 | 000,000,024 |——| C] ()—C:\Windows\ATKPF.ini
[2011-09-21 16:02:28 | 000,270,240 |——| C] ()—C:\Windows\SysWow64\PnkBstrB.exe
[2011-09-21 16:02:21 | 000,075,136 |——| C] ()—C:\Windows\SysWow64\PnkBstrA.exe
[2011-09-21 14:59:48 | 003,326,156 |——| C] ()—C:\Windows\SysWow64\PerfStringBackup.INI
[2011-08-06 18:21:27 | 000,001,313 |——| C] ()—C:\Windows\THXCfg_SP_APOIM.ini
[2011-08-06 18:21:27 | 000,001,212 |——| C] ()—C:\Windows\THXCfg_HP_APOIM.ini
[2011-08-06 18:21:27 | 000,001,212 |——| C] ()—C:\Windows\THXCfg_APOIM.ini
[2011-08-06 18:21:26 | 000,181,760 |——| C] ()—C:\Windows\SysWow64\APOMngr.DLL
[2011-08-06 18:21:26 | 000,073,728 |——| C] ()—C:\Windows\SysWow64\CmdRtr.DLL
[2011-08-06 18:09:17 | 000,008,192 |——| C] ()—C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011-04-01 00:58:03 | 000,131,472 |——| C] ()—C:\ProgramData\FullRemove.exe

========== LOP Check ==========

[2012-08-06 13:01:11 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\.minecraft
[2012-04-14 19:31:08 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\.Nitrous
[2011-09-22 14:27:43 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\asus
[2011-12-27 21:05:16 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\Atari
[2012-05-26 21:35:05 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\Audacity
[2011-11-19 23:01:03 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012-08-06 17:04:16 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\Dropbox
[2011-10-11 17:04:49 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\DVDVideoSoft
[2012-07-22 07:49:07 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\FileZilla
[2012-03-04 20:39:56 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\HTC
[2011-12-25 01:23:44 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011-10-15 13:56:43 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\Macro Recorder
[2012-03-19 20:17:57 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\ManyCam
[2011-10-11 17:13:07 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\MOVAVI
[2012-05-22 20:38:04 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\Mumble
[2011-10-18 21:18:49 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\Notepad++
[2011-09-21 14:24:33 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\Nuance
[2012-02-05 02:01:48 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\Origin
[2012-03-22 21:24:48 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\PDAppFlex
[2012-02-04 12:20:18 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\PhotoScape
[2012-05-26 21:50:32 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\Publish Providers
[2012-03-08 17:59:09 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\Red Alert 3
[2012-08-04 10:35:54 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\SoftGrid Client
[2012-05-26 21:51:14 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\Sony
[2011-09-25 09:47:52 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\SPORE
[2012-08-06 19:16:13 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\Spotify
[2011-09-21 16:01:38 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\Stardock
[2011-11-20 20:39:44 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\SystemRequirementsLab
[2011-09-22 19:33:19 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\TeamViewer
[2012-02-25 20:32:26 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\Thunderbird
[2011-09-21 15:00:58 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\TP
[2011-09-21 18:54:48 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\Windows Live Writer
[2011-09-21 14:24:31 | 000,000,000 |—-D | M]—C:\Users\Milos\AppData\Roaming\Zeon
[2012-08-06 07:21:00 | 000,000,940 |——| M] ()—C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1295617616-3083882431-3701152012-1000Core.job
[2012-08-07 06:53:10 | 000,000,962 |——| M] ()—C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1295617616-3083882431-3701152012-1000UA.job
[2011-12-19 14:50:05 | 000,032,652 |——| M] ()—C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Her er Exstra.txt

OTL Extras logfile created on: 07-08-2012 06:57:13 - Run 1
OTL by OldTimer - Version 3.2.56.0   Folder = C:\Users\Milos\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

3,98 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 57,11% Memory free
7,95 Gb Paging File | 5,25 Gb Available in Paging File | 65,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,30 Gb Total Space | 43,67 Gb Free Space | 23,44% Space Free | Partition Type: NTFS
Drive D: | 254,45 Gb Total Space | 253,97 Gb Free Space | 99,81% Space Free | Partition Type: NTFS
Drive E: | 6,30 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive R: | 24,98 Gb Total Space | 13,58 Gb Free Space | 54,33% Space Free | Partition Type: FAT32

Computer Name: MILOS-PC | User Name: Milos | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut]—C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile]—C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML]—Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open]—“%1” %*
cmdfile [open]—“%1” %*
comfile [open]—“%1” %*
exefile [open]—“%1” %*
helpfile [open]—Reg Error: Key error.
htmlfile [edit]—Reg Error: Key error.
htmlfile [print]—rundll32.exe %windir%\system32\mshtml.dll,PrintHTML “%1”
inffile [install]—%SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation)
InternetShortcut [open]—“C:\Windows\System32\rundll32.exe” “C:\Windows\System32\ieframe.dll”,OpenURL %l (Microsoft Corporation)
InternetShortcut [print]—“C:\Windows\System32\rundll32.exe” “C:\Windows\System32\mshtml.dll”,PrintHTML “%1” (Microsoft Corporation)
piffile [open]—“%1” %*
regfile [merge]—Reg Error: Key error.
scrfile [config]—“%1”
scrfile [install]—rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open]—“%1” /S
txtfile [edit]—Reg Error: Key error.
Unknown [openas]—%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge]—C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe “%L” (Adobe Systems, Inc.)
Directory [cmd]—cmd.exe /s /k pushd “%V” (Microsoft Corporation)
Directory [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore]—Reg Error: Value error.
Drive [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open]—“%1” %*
cmdfile [open]—“%1” %*
comfile [open]—“%1” %*
cplfile [cplopen]—%SystemRoot%\System32\control.exe “%1”,%* (Microsoft Corporation)
exefile [open]—“%1” %*
helpfile [open]—Reg Error: Key error.
htmlfile [edit]—Reg Error: Key error.
htmlfile [print]—rundll32.exe %windir%\system32\mshtml.dll,PrintHTML “%1”
inffile [install]—%SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation)
piffile [open]—“%1” %*
regfile [merge]—Reg Error: Key error.
scrfile [config]—“%1”
scrfile [install]—rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open]—“%1” /S
txtfile [edit]—Reg Error: Key error.
Unknown [openas]—%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge]—C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe “%L” (Adobe Systems, Inc.)
Directory [cmd]—cmd.exe /s /k pushd “%V” (Microsoft Corporation)
Directory [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore]—Reg Error: Value error.
Drive [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
“cval” = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
“VistaSp1” = 28 4D B2 76 41 04 CA 01 [binary data]
“AntiVirusOverride” = 0
“AntiSpywareOverride” = 0
“FirewallOverride” = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
“DisableNotifications” = 0
“EnableFirewall” = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
“DisableNotifications” = 0
“EnableFirewall” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
“DisableNotifications” = 0
“EnableFirewall” = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“{14FAE1EF-9CB2-4ED4-A7F6-51AA3FEDA779}” = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary |
“{1F3B2111-AFB7-4DE0-89C4-314C79455018}” = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
“{24CE4DAE-E118-4BE7-AAD8-0196D2AF0A13}” = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
“{376DE997-BE58-42D3-A91F-D121901FB159}” = rport=139 | protocol=6 | dir=out | app=system |
“{3FAA2DD9-67D3-41E2-92D1-1C0086F7AD33}” = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
“{43BC4547-E1DD-4A46-A565-9E33D763AF94}” = lport=139 | protocol=6 | dir=in | app=system |
“{5A91E706-18BA-4A0D-AC4D-9F5C2D15BBC9}” = rport=138 | protocol=17 | dir=out | app=system |
“{79C6E34D-08B0-45B8-831D-468F5DF68D4A}” = lport=138 | protocol=17 | dir=in | app=system |
“{8826B21F-6579-482D-94F5-AED597E4C225}” = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
“{8B96F214-CDA0-4F8A-A9C2-9C3617AC55B0}” = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
“{979A8345-2BA8-4060-88C0-84129752E1D3}” = rport=137 | protocol=17 | dir=out | app=system |
“{A58C3DBC-B020-4A9D-B10E-BA61B4A3BA01}” = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary |
“{C34CB1AD-CE9B-4BD2-804A-669747E1F8DC}” = lport=137 | protocol=17 | dir=in | app=system |
“{C579FEF8-FDAA-4114-8D7C-6D1FAC0C4633}” = rport=445 | protocol=6 | dir=out | app=system |
“{D9949134-A63C-43A4-B740-B462FFA259A5}” = lport=445 | protocol=6 | dir=in | app=system |
“{F5515171-D08B-4B68-874C-9F0BC99FE540}” = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
“{AA55CDB2-679A-4A6C-BF87-67FD00DDC75D}” = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“{064CB8A8-B915-442B-931A-EF85A75D792F}” = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
“{06897298-A65E-4DE0-BC61-97CEA6E0309D}” = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
“{084FB645-59C3-4DF0-858B-6B602E43AA02}” = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
“{1A886724-04C5-44F9-A523-9426867552CC}” = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
“{1D2DB3DB-F535-4741-9309-6268A504090A}” = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
“{1EAA0730-DC17-41EC-A833-0E2EA3105B4A}” = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
“{304ED3F1-3646-42C7-8A6D-BAF43534985C}” = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
“{398C4E6E-42C4-441E-803E-560E44A78F3B}” = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
“{3E92BA16-19BA-431E-AE50-246F502803A8}” = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{42032D24-FFAF-40BD-BB17-97C5590BF842}” = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
“{43F8299D-EB2B-47FD-8654-E818041BBCF2}” = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
“{4B45425C-8D69-425C-9904-658D254703F4}” = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
“{52CF514A-75AF-4DB0-B735-AB281927DDA6}” = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
“{54DD57BD-6F88-440F-90AF-6EC32DE4F9A5}” = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
“{57622EAC-147C-4C9A-9C4E-3E1BC3562BCE}” = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
“{5E90EC77-8D6D-40D4-A0F6-14FFB845D8BD}” = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{5F73F3AB-DC38-4690-9DFC-00410CE2A8D5}” = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
“{6421849E-5DA8-4647-96F3-56744A06DCFE}” = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
“{64432D2A-C09D-483D-8952-9B2D29323FF4}” = protocol=17 | dir=in | app=c:\users\milos\appdata\roaming\dropbox\bin\dropbox.exe |
“{652D4F15-02FC-4FED-9A7C-1B64B00F7600}” = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
“{6C5B2E0E-540D-4E52-9D3B-D4EBB030AFD0}” = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
“{753C0AA6-42F7-4591-A9C8-8606A6C16A0B}” = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
“{7A413621-A97F-409E-91E6-2F1A5B81E283}” = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
“{7F57BAF7-F2E6-4F3C-A3B0-4BE102BE02B1}” = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
“{8DB56C2D-96FA-41E5-9C49-269DA70EEC1F}” = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
“{95BACAED-4EF4-465E-B723-2A95BA3DE5F6}” = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
“{9A83DFF4-FF0E-41A7-B64A-EB9DF4A6D5DB}” = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
“{9B461867-4BFA-4548-82AB-1F8F3F920A30}” = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
“{9B4B28FD-5D72-415D-ABA9-0E13EB61613B}” = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
“{A0B824DA-F7AD-48FF-B6F1-B7060BCB226E}” = dir=in | app=c:\users\milos\appdata\local\facebook\video\skype\facebookvideocalling.exe |
“{A1332280-4577-49B7-8662-B389AB726F91}” = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
“{A98E7228-3FD3-4889-BA07-59A3843254FF}” = protocol=6 | dir=in | app=c:\users\milos\appdata\roaming\dropbox\bin\dropbox.exe |
“{B4CE876B-E834-4539-95B6-62007B553006}” = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
“{CB15B575-C78A-41FF-B497-4D64D1CDB08C}” = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
“{D071F403-2062-4932-9FAB-A4FDC608ACD6}” = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
“{D1979260-D7DC-4D02-8FE0-BB51FD16F7DC}” = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
“{D5CE24DF-767D-4E75-8F39-8D4D87BE89AB}” = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
“{E601621F-BCF8-416B-AC3D-2A619893FC80}” = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
“{E6C4EB64-E299-4A6E-82F7-DA7F652DD926}” = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
“{E9353AE8-F5A6-4CAA-ADB3-1CC28A069165}” = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
“{FEC399AF-91F0-4EA1-B3A6-7DC03D3D7684}” = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
“TCP Query User{11E17E23-E989-45DD-BEBA-39487185D23E}C:\program files (x86)\steam\steamapps\gentofte123\team fortress 2\hl2.exe” = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\gentofte123\team fortress 2\hl2.exe |
“TCP Query User{2F21B00D-CE6F-490B-B4E1-5C67F83997FF}C:\users\milos\appdata\roaming\spotify\spotify.exe” = protocol=6 | dir=in | app=c:\users\milos\appdata\roaming\spotify\spotify.exe |
“TCP Query User{31CB72A3-8E01-433F-8446-B67F8F386BFA}C:\program files (x86)\java\jre7\bin\java.exe” = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
“TCP Query User{91E5297C-E936-4AF3-A8DD-33797A51FDFC}C:\program files (x86)\java\jre7\bin\javaw.exe” = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
“TCP Query User{B431AA34-D853-4DF4-8E16-0BCEA5B446E0}C:\users\milos\appdata\roaming\dropbox\bin\dropbox.exe” = protocol=6 | dir=in | app=c:\users\milos\appdata\roaming\dropbox\bin\dropbox.exe |
“UDP Query User{0F5B11B4-3543-4C77-B4A1-E6E017C9FF97}C:\users\milos\appdata\roaming\dropbox\bin\dropbox.exe” = protocol=17 | dir=in | app=c:\users\milos\appdata\roaming\dropbox\bin\dropbox.exe |
“UDP Query User{227732F7-23C3-4DC1-8167-A64E8C2B8ADD}C:\program files (x86)\steam\steamapps\gentofte123\team fortress 2\hl2.exe” = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\gentofte123\team fortress 2\hl2.exe |
“UDP Query User{279C8504-93C2-45F4-82AA-A95E82AAC2F1}C:\users\milos\appdata\roaming\spotify\spotify.exe” = protocol=17 | dir=in | app=c:\users\milos\appdata\roaming\spotify\spotify.exe |
“UDP Query User{3644D340-0394-4B74-8D7D-C9FA93739EC5}C:\program files (x86)\java\jre7\bin\javaw.exe” = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
“UDP Query User{37116B7D-5854-4637-BF83-AFD1CD324884}C:\program files (x86)\java\jre7\bin\java.exe” = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“{071c9b48-7c32-4621-a0ac-3f809523288f}” = Microsoft Visual C++ 2005 Redistributable (x64)
“{10CD364B-FFCC-48BE-B469-B9622A033075}” = Fences
“{13F4A7F3-EABC-4261-AF6B-1317777F0755}” = Fast Boot
“{180C8888-50F1-426B-A9DC-AB83A1989C65}” = Windows Live Language Selector
“{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}” = Windows Live ID Sign-in Assistant
“{1D8E6291-B0D5-35EC-8441-6616F567A0F7}” = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
“{1E9FC118-651D-4934-97BE-E53CAE5C7D45}” = Microsoft_VC80_MFCLOC_x86_x64
“{230D1595-57DA-4933-8C4E-375797EBB7E1}” = Bluetooth Win7 Suite (64)
“{29AFE1B0-26A4-11E1-BFD4-F04DA23A5C58}” = MSVCRT Redists
“{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}” = Intel(R) Turbo Boost Technology Monitor
“{43EBA222-8DF7-11E1-862B-F04DA23A5C58}” = Vegas Pro 11.0 (64-bit)
“{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}” = Microsoft_VC80_CRT_x86_x64
“{49F6DFDE-8DF7-11E1-9E5F-F04DA23A5C58}” = MSVCRT Redists
“{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}” = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
“{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}” = Paint.NET v3.5.10
“{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}” = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
“{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}” = Microsoft Visual C++ 2005 Redistributable (x64)
“{6CFB1B20-ECAE-488F-9FFB-6AD420882E71}” = iTunes
“{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}” = Bonjour
“{75104836-CAC7-444E-A39E-3F54151942F5}” = Apple Mobile Device Support
“{8220EEFE-38CD-377E-8595-13398D740ACE}” = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
“{8557397C-A42D-486F-97B3-A2CBC2372593}” = Microsoft_VC90_ATL_x86_x64
“{8E34682C-8118-31F1-BC4C-98CD9675E1C2}” = Microsoft .NET Framework 4 Extended
“{90140000-006D-0406-1000-0000000FF1CE}” = Microsoft Office Klik og kør 2010
“{90BF0360-A1DB-4599-A643-95AB90A52C1E}” = Microsoft_VC90_MFCLOC_x86_x64
“{925D058B-564A-443A-B4B2-7E90C6432E55}” = Microsoft_VC80_ATL_x86_x64
“{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}” = Microsoft_VC90_CRT_x86_x64
“{95120000-00B9-0409-1000-0000000FF1CE}” = Microsoft Application Error Reporting
“{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}” = ASUS Power4Gear Hybrid
“{A1F2C608-32D6-467D-B035-BBEF509042BA}_is1” = Free Opener
“{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}” = Microsoft_VC90_MFC_x86_x64
“{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}” = Microsoft Visual C++ 2005 Redistributable (x64)
“{B1E301A1-C2B4-4B0B-AF31-C71F8A53DCDA}” = Fresco Logic USB3.0 Host Controller
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision” = NVIDIA 3D Vision Driver 268.56
“{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel” = NVIDIA Control Panel 268.56
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver” = NVIDIA Graphics Driver 268.56
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver” = NVIDIA HD Audio Driver 1.2.22.1
“{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer” = NVIDIA Install Application
“{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}” = Microsoft_VC80_MFC_x86_x64
“{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}” = Microsoft .NET Framework 4 Client Profile
“{FD8E178D-8B4E-42DA-B434-EFF270329B1C}” = COMODO Internet Security
“{FE51C8DE-03A7-11E1-88F8-F04DA23A5C58}” = MSVCRT Redists
“CCleaner” = CCleaner
“Defraggler” = Defraggler
“GameFast_is1” = GameFast.exe
“Microsoft .NET Framework 4 Client Profile” = Microsoft .NET Framework 4 Client Profile
“Microsoft .NET Framework 4 Extended” = Microsoft .NET Framework 4 Extended
“Rotation Desktop for G Series_is1” = Rotation Desktop for G Series.exe
“SynTPDeinstKey” = Synaptics Pointing Device Driver
“WinRAR archiver” = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}” = Microsoft_VC90_ATL_x86
“{048298C9-A4D3-490B-9FF9-AB023A9238F3}” = Steam
“{08D2E121-7F6A-43EB-97FD-629B44903403}” = Microsoft_VC90_CRT_x86
“{0969AF05-4FF6-4C00-9406-43599238DE0D}” = ASUS Splendid Video Enhancement Technology
“{09B7C7EB-3140-4B5E-842F-9C79A7137139}” = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
“{0B0F231F-CE6A-483D-AA23-77B364F75917}” = Windows Live Installer
“{0C4FF2FE-9E75-4DBF-B2DA-11CE1F10C4B5}” = Roxio AACS Certificate
“{0E64B098-8018-4256-BA23-C316A43AD9B0}” = QuickTime
“{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}” = Microsoft_VC80_ATL_x86
“{1111706F-666A-4037-7777-211328764D10}” = JavaFX 2.1.1
“{133D9D67-D475-4407-AC3C-D558087B2453}” = Windows Live Movie Maker
“{196467F1-C11F-4F76-858B-5812ADC83B94}” = MSXML 4.0 SP3 Parser
“{19BA08F7-C728-469C-8A35-BFBD3633BE08}” = Windows Live Movie Maker
“{1A72337E-D126-4BAF-AC89-E6122DB71866}” = Windows Liven valokuvavalikoima
“{1D106581-6726-4D1B-ABEC-0CA02410F24F}” = Adobe Photoshop CS6
“{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}” = ASUS LifeFrame3
“{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
“{200FEC62-3C34-4D60-9CE8-EC372E01C08F}” = Windows Live SOXE Definitions
“{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}” = Wireless Console 3
“{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}” = Windows Live UX Platform Language Pack
“{24DF33E0-F924-4D0D-9B96-11F28F0D602D}” = Windows Live UX Platform Language Pack
“{26A24AE4-039D-4CA4-87B4-2F83217005FF}” = Java(TM) 7 Update 5
“{28006915-2739-4EBE-B5E8-49B25D32EB33}” = Atheros Client Installation Program
“{28B9D2D8-4304-483F-AD71-51890A063A74}” = Windows Live Photo Common
“{2902F983-B4C1-44BA-B85D-5C6D52E2C441}” = Windows Live Mesh ActiveX Control for Remote Connections
“{296D8550-CB06-48E4-9A8B-E5034FB64715}” = Command & Conquer™ Red Alert™ 3
“{31A559C1-9E4D-423B-9DD3-34A6C5398752}” = HTC BMP USB Driver
“{3336F667-9049-4D46-98B6-4C743EEBC5B1}” = Windows Live Photo Gallery
“{341697D8-9923-445E-B42A-529E5A99CB7A}” = syncables desktop SE
“{34F4D9A4-42C2-4348-BEF4-E553C84549E7}” = Windows Live Photo Gallery
“{3521BDBD-D453-5D9F-AA55-44B75D214629}” = Adobe Community Help
“{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}” = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
“{38253529-D97D-4901-AE53-5CC9736D3A2E}” = ASUS AI Recovery
“{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}” = NVIDIA PhysX
“{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}” = Windows Live Photo Gallery
“{47FA2C44-D148-4DBC-AF60-B91934AA4842}” = Adobe AIR
“{4A03706F-666A-4037-7777-5F2748764D10}” = Java Auto Updater
“{4A04DB63-8F81-4EF4-9D09-61A2057EF419}” = Windows Live Essentials
“{4A423411-E28A-4A13-BDB0-8E8BC42FFA29}” = HTC Sync
“{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}” = Windows Live Meshin etäyhteyksien ActiveX-komponentti
“{57220148-3B2B-412A-A2E0-82B9DF423696}” = Windows Live Mesh ActiveX-objekt til fjernforbindelser
“{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}” = Windows Live UX Platform Language Pack
“{5C2F5C1B-9732-4F81-8FBF-6711627DC508}” = Windows Live Fotogalleri
“{62BBB2F0-E220-4821-A564-730807D2C34D}” = Realtek USB 2.0 Reader Driver
“{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}” = Microsoft_VC90_MFC_x86
“{65153EA5-8B6E-43B6-857B-C6E4FC25798A}” = Intel(R) Management Engine Components
“{682B3E4F-696A-42DE-A41C-4C07EA1678B4}” = Windows Live SOXE
“{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}” = Windows Media Player Firefox Plugin
“{6D6664A9-3342-4948-9B7E-034EFE366F0F}” = HTC Driver Installer
“{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}” = Windows Live Movie Maker
“{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}” = Microsoft Visual C++ 2005 Redistributable
“{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}” = Apple Software Update
“{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}” = Windows Live Photo Common
“{7BB5E925-A3DD-48C2-9A82-017AF5982FFE}” = Facebook Messenger 2.1.4590.0
“{7CAC6A44-C3DE-4153-ACA6-7524602C789E}” = Facebook Video Calling 1.2.0.159
“{827D3E4A-0186-48B7-9801-7D1E9DD40C07}” = Windows Live Essentials
“{837b34e3-7c30-493c-8f6a-2b0f04e2912c}” = Microsoft Visual C++ 2005 Redistributable
“{83C292B7-38A5-440B-A731-07070E81A64F}” = Windows Live PIMT Platform
“{85725958-E3A1-4D0F-862B-4CE4EDC71A5E}_is1” = Minecraft Note Block Studio version 3.1.3
“{8833FFB6-5B0C-4764-81AA-06DFEED9A476}” = Realtek Ethernet Controller Driver
“{885F1BCD-C344-4758-85BD-09640CF449A5}” = Windows Live Photo Gallery
“{8909CFA8-97BF-4077-AC0F-6925243FFE08}” = Windows Liven asennustyökalu
“{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}” = Microsoft Silverlight
“{8CF5D47D-27B7-49D6-A14F-10550B92749D}” = Windows Live UX Platform Language Pack
“{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}” = MSVCRT
“{8F21291E-0444-4B1D-B9F9-4370A73E346D}” = WinFlash
“{90140011-0066-0406-0000-0000000FF1CE}” = Microsoft Office Starter 2010 - dansk
“{907B4640-266B-4A21-92FB-CD1A86CD0F63}” = RollerCoaster Tycoon 3
“{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}” = Microsoft_VC80_CRT_x86
“{92EA4134-10D1-418A-91E1-5A0453131A38}” = Windows Live Movie Maker
“{95140000-0070-0000-0000-0000000FF1CE}” = Microsoft Office 2010
“{9580813D-94B1-4C28-9426-A441E2BB29A5}” = Counter-Strike: Source
“{9A25302D-30C0-39D9-BD6F-21E6EC160475}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
“{9BE518E6-ECC6-35A9-88E4-87755C07200F}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
“{9DF0196F-B6B8-4C3A-8790-DE42AA530101}” = SPORE™
“{A83279FD-CA4B-4206-9535-90974DE76654}” = Apple Application Support
“{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}” = Google Update Helper
“{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}” = Windows Live Photo Common
“{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}” = ATK Package
“{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}” = DirectX 9 Runtime
“{B11AB9C8-18A6-41DC-98B4-4988CC030136}” = THX TruStudio
“{B480904D-F73F-4673-B034-8A5F492C9184}” = Nuance PDF Reader
“{B6CF2967-C81E-40C0-9815-C05774FEF120}” = Skype Click to Call
“{B6D38690-755E-4F40-A35A-23F8BC2B86AC}” = Microsoft_VC90_MFCLOC_x86
“{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}” = The Sims™ 3 Verdenseventyr
“{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}” = PDF Settings CS6
“{C03F3D5B-0D83-4F81-A324-32F4E7F1BF6A}” = Roxio CinePlayer
“{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}” = The Sims™ 3
“{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1” = Auto Clicker v1.2
“{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}” = Camtasia Studio 7
“{CD442136-9115-4236-9C14-278F6A9DCB3F}” = Windows Live Movie Maker
“{CD7CB1E6-267A-408F-877D-B532AD2C882E}” = Windows Live Photo Common
“{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}” = Windows Live UX Platform
“{CF671BFE-6BA3-44E7-98C1-500D9C51D947}” = Windows Live Photo Gallery
“{D1A19B02-817E-4296-A45B-07853FD74D57}” = Microsoft_VC80_MFC_x86
“{D436F577-1695-4D2F-8B44-AC76C99E0002}” = Windows Live Photo Common
“{D45240D3-B6B3-4FF9-B243-54ECE3E10066}” = Windows Live Communications Platform
“{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}” = Microsoft_VC80_MFCLOC_x86
“{D9F6885F-E0EC-4CD9-BF15-49577590D5ED}” = Politikens Første Engelsk Ordbog
“{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}” = Windows Live Movie Maker
“{E09C4DB7-630C-4F06-A631-8EA7239923AF}” = D3DX10
“{E1845F1C-068C-F8F4-D31D-D3540D47C453}” = Adobe Download Assistant
“{E3E71D07-CD27-46CB-8448-16D4FB29AA13}” = Microsoft WSE 3.0 Runtime
“{E42E07F5-5A90-4BA9-B55A-79FCF9EAF9B5}” = STK02N 2.3
“{E5DD4723-FE0B-436E-A815-DC23CF902A0B}” = Windows Live UX Platform Language Pack
“{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}” = ASUS Live Update
“{EA926717-CE5A-4CB4-AB21-9E6E9565A458}” = RCT3 Soaked
“{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}” = ASUS Virtual Camera
“{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}” = Skype™ 5.10
“{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}” = Microsoft SQL Server 2005 Compact Edition [ENU]
“{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}” = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
“{F0F9505B-3ACF-4158-9311-D0285136AA00}” = Windows Live Essentials
“{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}” = Realtek High Definition Audio Driver
“{F6D8331A-FC4F-4EC6-834E-BAE578E5D93F}” = Roxio CinePlayer
“{F8A9085D-4C7A-41a9-8A77-C8998A96C421}” = Intel(R) Control Center
“{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}” = Windows Live Essentials
“{FFC047A8-CD71-477A-9929-700B75F8686F}” = Mumble 1.2.3
“Adobe AIR” = Adobe AIR
“Adobe Flash Player ActiveX” = Adobe Flash Player 11 ActiveX
“Adobe Flash Player Plugin” = Adobe Flash Player 11 Plugin
“Asus Vibe2.0” = AsusVibe2.0
“ASUS WebStorage” = ASUS WebStorage
“Asus_GSeries_Screensaver” = Asus_GSeries_Screensaver
“Audacity 1.3 Beta (Unicode)_is1” = Audacity 1.3.13 (Unicode)
“avast” = avast! Free Antivirus
“AVS Update Manager_is1” = AVS Update Manager 1.0
“AVS4YOU Software Navigator_is1” = AVS4YOU Software Navigator 1.4
“chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1” = Adobe Community Help
“com.adobe.downloadassistant.AdobeDownloadAssistant” = Adobe Download Assistant
“Debut” = Debut Video Capture Software
“Fences” = Fences
“Git_is1” = Git version 1.7.9-preview20120201
“Google Chrome” = Google Chrome
“Heimdal” = Heimdal
“Heroku_is1” = Heroku version 2.25.0
“KLiteCodecPack_is1” = K-Lite Codec Pack 7.0.0 (Standard)
“ManyCam” = ManyCam 3.0.80 (remove only)
“Mozilla Firefox 13.0.1 (x86 da)” = Mozilla Firefox 13.0.1 (x86 da)
“Mozilla Thunderbird 14.0 (x86 da)” = Mozilla Thunderbird 14.0 (x86 da)
“MozillaMaintenanceService” = Mozilla Maintenance Service
“Notepad++” = Notepad++
“NVIDIAStereo” = NVIDIA Stereoscopic 3D Driver
“Office14.Click2Run” = Microsoft Office Klik og kør 2010
“Origin” = Origin
“Picasa 3” = Picasa 3
“PunkBusterSvc” = PunkBuster Services
“Revo Uninstaller” = Revo Uninstaller 1.93
“Silke - Kan du klokken” = Silke - Kan du klokken
“Steam App 240” = Counter-Strike: Source
“Steam App 260” = Counter-Strike: Source Beta
“Steam App 300” = Day of Defeat: Source
“Steam App 320” = Half-Life 2: Deathmatch
“Steam App 340” = Half-Life 2: Lost Coast
“Steam App 500” = Left 4 Dead
“TeamViewer 6” = TeamViewer 6
“TeamViewer 7” = TeamViewer 7
“Update Engine” = Sony Ericsson Update Engine
“WinLiveSuite” = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}” = Battlefield Heroes
“Dropbox” = Dropbox
“FileZilla Client” = FileZilla Client 3.5.1
“Flux” = F.lux
“Spotify” = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11-07-2012 03:54:04 | Computer Name = Milos-Pc | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 11-07-2012 10:14:28 | Computer Name = Milos-Pc | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 12-07-2012 13:00:33 | Computer Name = Milos-Pc | Source = CVHSVC | ID = 100
Description = Kun oplysninger.  (Patch task for {90140011-0066-0406-0000-0000000FF1CE}):
DownloadLatest Failed:

Error - 12-07-2012 13:21:17 | Computer Name = Milos-Pc | Source = Google Update | ID = 20
Description =

Error - 12-07-2012 13:28:26 | Computer Name = Milos-Pc | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 12-07-2012 16:21:32 | Computer Name = Milos-Pc | Source = Google Update | ID = 20
Description =

Error - 13-07-2012 13:13:08 | Computer Name = Milos-Pc | Source = Google Update | ID = 20
Description =

Error - 13-07-2012 13:18:25 | Computer Name = Milos-Pc | Source = Google Update | ID = 20
Description =

Error - 13-07-2012 13:21:06 | Computer Name = Milos-Pc | Source = Google Update | ID = 20
Description =

Error - 13-07-2012 13:22:37 | Computer Name = Milos-Pc | Source = CVHSVC | ID = 100
Description = Kun oplysninger.  (Patch task for {90140011-0066-0406-0000-0000000FF1CE}):
DownloadLatest Failed:

Error - 13-07-2012 14:38:17 | Computer Name = Milos-Pc | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(7c:c5:37:a6:21:a5@fe80::7ec5:37ff:fea6:21a5._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 14-07-2012 16:21:05 | Computer Name = Milos-Pc | Source = Google Update | ID = 20
Description =

Error - 15-07-2012 09:23:51 | Computer Name = Milos-Pc | Source = Customer Experience Improvement Program | ID = 1008
Description =

[ Media Center Events ]
Error - 17-10-2011 07:58:05 | Computer Name = Milos-Pc | Source = MCUpdate | ID = 0
Description = 13:58:01 - Det lykkedes ikke at hente MCESpotlight. Fejl: Handlingen
fik timeout

Error - 16-03-2012 14:38:58 | Computer Name = Milos-Pc | Source = MCUpdate | ID = 0
Description = 19:38:56 - Det lykkedes ikke at hente MCEClientUX. Fejl: Den underliggende
forbindelse blev lukket: Der kunne ikke etableres et tillidsforhold til den sikre
SSL/TLS-kanal. 

Error - 01-04-2012 07:11:40 | Computer Name = Milos-Pc | Source = MCUpdate | ID = 0
Description = 13:11:39 - Fejl under oprettelse af forbindelse til internettet.  13:11:40
-    Der kunne ikke oprettes forbindelse til serveren.. 

Error - 01-04-2012 08:11:48 | Computer Name = Milos-Pc | Source = MCUpdate | ID = 0
Description = 14:11:48 - Fejl under oprettelse af forbindelse til internettet.  14:11:48
-    Der kunne ikke oprettes forbindelse til serveren.. 

[ System Events ]
Error - 27-02-2012 11:16:20 | Computer Name = Milos-Pc | Source = Service Control Manager | ID = 7001
Description = Tjenesten Heimdal Service afhænger af tjenesten Heimdal Secure DNS
Service, der ikke kunne starte pga. følgende fejl:  S

Error - 27-02-2012 11:17:04 | Computer Name = Milos-Pc | Source = Server | ID = 2505
Description = Serveren blev ikke bundet til transportprotokollen \Device\NetBT_Tcpip_{F4790E5E-2991-4732-924A-D257EA1836CE},
fordi en anden computer i netværket har det samme navn. Serveren blev ikke startet.

Error - 27-02-2012 11:17:04 | Computer Name = Milos-Pc | Source = NetBT | ID = 4321
Description = Navnet “MILOS-PC     :20” kunne ikke registreres på grænsefladen
med IP-adressen 192.168.1.105.  Computeren med IP-adressen 192.168.1.112 tillod ikke,
at navnet blev brugt af denne computer.

Error - 27-02-2012 13:13:14 | Computer Name = Milos-Pc | Source = Server | ID = 2505
Description = Serveren blev ikke bundet til transportprotokollen \Device\NetBT_Tcpip_{F4790E5E-2991-4732-924A-D257EA1836CE},
fordi en anden computer i netværket har det samme navn. Serveren blev ikke startet.

Error - 27-02-2012 13:13:14 | Computer Name = Milos-Pc | Source = NetBT | ID = 4321
Description = Navnet “MILOS-PC     :20” kunne ikke registreres på grænsefladen
med IP-adressen 192.168.1.105.  Computeren med IP-adressen 192.168.1.112 tillod ikke,
at navnet blev brugt af denne computer.

Error - 27-02-2012 13:13:27 | Computer Name = Milos-Pc | Source = BTHUSB | ID = 327697
Description = Der opstod en ukendt fejl i den lokale Bluetooth-adapter og den vil
derfor ikke blive brugt. Driveren vil ikke blive indlæst.

Error - 28-02-2012 13:57:56 | Computer Name = Milos-Pc | Source = Service Control Manager | ID = 7003
Description = Tjenesten ATKGFNEX Service afhænger af følgende tjeneste: ASMMAP64.
Tjenesten er muligvis ikke installeret.

Error - 28-02-2012 13:58:59 | Computer Name = Milos-Pc | Source = Service Control Manager | ID = 7009
Description = Der opstod timeout (30000 millisekunder), mens systemet ventede på,
at der blev oprettet forbindelse til tjenesten Heimdal Secure DNS Service.

Error - 28-02-2012 13:58:59 | Computer Name = Milos-Pc | Source = Service Control Manager | ID = 7000
Description = Tjenesten Heimdal Secure DNS Service kunne ikke starte pga. følgende
fejl:  S

Error - 28-02-2012 13:58:59 | Computer Name = Milos-Pc | Source = Service Control Manager | ID = 7001
Description = Tjenesten Heimdal Service afhænger af tjenesten Heimdal Secure DNS
Service, der ikke kunne starte pga. følgende fejl:  S


< End of report >

Hov, jeg så ikke at jeg skulle køre den fra mit skrivebord, har kørt den fra min download mapppe.
Har det nogle betydning?

Nej, det er helt i orden.

•  Start OTL
•  Kopier nedenstånde med fed skrift ind i Custom Scan feltet

:Services
:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [F.lux] C:\Users\Milos\Local Settings\Apps\F.lux\flux.exe ()
[2011-10-11 17:11:47 | 000,004,873 |——| C] ()—C:\ProgramData\qjaxlkio.dss
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
:Reg
:Files
ipconfig /flushdns /c
C:\ProgramData\qjaxlkio.dss
:Commands
[purity]
[resethosts]
[CreateRestorePoint]
[emptytemp]
[EMPTYFLASH]
[EMPTYJAVA]

•  Klik på  Run Fix - Knappen
•  Hvis OTL spørger om at genstarte, så sig ja.
•  Klik på OK.
•  En log vil åbne, kopier den herind i dit næste svar.
• 
•  Ellers kan den findes her:
•    C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss

Hent Combofix, og gem den på dit skrivebord:
Her

NB -> Deaktiver dit antivirus/antispyware program. Da det/de kan ”forstyrre” og konflikte med combofix, eller fjerne vigtige combofix filer, hvilket kan få computeren til fryse.

Kør så combofix.exe, og følg anvisningerne.

Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.

Når combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt
Indholdet af denne fil må du gerne lægge herind.

Den kan også findes her - > C: combofix txt

Den første log Er igang med Combofix

All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\F.lux deleted successfully.
C:\Users\Milos\Local Settings\Apps\F.lux\flux.exe moved successfully.
File 11-10-11 17:11:47 | 000,004,873 |——| C] ()—C:\ProgramData\qjaxlkio.dss not found.
C:\Windows\SysWow64\shoAF63.tmp deleted successfully.
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP-konfiguration
DNS Resolver Cache blev t›mt.
C:\Users\Milos\Downloads\cmd.bat deleted successfully.
C:\Users\Milos\Downloads\cmd.txt deleted successfully.
C:\ProgramData\qjaxlkio.dss moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: buildbot
->Temp folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Gæst
->Temp folder emptied: 50175 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 30604054 bytes
->Flash cache emptied: 651 bytes

User: Milos
->Temp folder emptied: 1068553270 bytes
->Temporary Internet Files folder emptied: 72873639 bytes
->Java cache emptied: 41504137 bytes
->FireFox cache emptied: 684936458 bytes
->Google Chrome cache emptied: 203669683 bytes
->Flash cache emptied: 106274 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 212726498 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33395 bytes
RecycleBin emptied: 11220400889 bytes

Total Files Cleaned = 12.909,00 mb


[EMPTYFLASH]

User: All Users

User: buildbot

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Gæst
->Flash cache emptied: 0 bytes

User: Milos
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: buildbot

User: Default

User: Default User

User: Gæst

User: Milos
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.56.0 log created on 08072012_111625

Files\Folders moved on Reboot…
C:\Users\Milos\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files…
File C:\Users\Milos\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
[2012-08-07 11:25:57 | 000,000,000 |——| M] () C:\Windows\temp\_avast_\Webshlock.txt : Unable to obtain MD5

Registry entries deleted on Reboot…

ComboFix 12-08-07.01 - Milos 07-08-2012 11:35:32.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.45.1030.18.4073.2029 [GMT 2:00]
Kører fra: c:\users\Milos\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\msvcr71.dll
c:\windows\SysWow64\DEBUG.log
.
.
(((((((((((((((((((((((((((((  Filer skabt fra 2012-07-07 til 2012-08-07 )))))))))))))))))))))))))))))))))))
.
.
2012-08-07 09:16 . 2012-08-07 09:16   ————  d——-w-  C:\_OTL
2012-08-06 10:24 . 2012-08-06 11:01   ————  d——-w-  c:\users\Milos\AppData\Roaming\.minecraft
2012-08-03 15:01 . 2012-06-29 10:04   9133488   ——a-w-  c:\programdata\Microsoft\Windows Defender\Definition Updates\{58F69A4C-8C82-4DD7-AE12-52BD9A5666AF}\mpengine.dll
2012-08-02 20:32 . 2012-08-03 05:32   9827016   ——a-w-  c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-07-30 15:09 . 2012-07-30 15:09   ————  d——-w-  c:\programdata\ManyCam
2012-07-30 13:12 . 2012-07-30 13:12   ————  d——-w-  c:\users\Milos\jagexcache
2012-07-17 15:11 . 2012-05-04 11:00   366592   ——a-w-  c:\windows\system32\qdvd.dll
2012-07-17 15:11 . 2012-05-04 09:59   514560   ——a-w-  c:\windows\SysWow64\qdvd.dll
2012-07-16 15:12 . 2012-07-16 15:12   ————  d——-w-  c:\program files (x86)\Common Files\Java
2012-07-16 15:11 . 2012-07-16 15:11   ————  d——-w-  c:\program files (x86)\Oracle
2012-07-16 15:11 . 2012-07-05 20:06   772544   ——a-w-  c:\windows\SysWow64\npDeployJava1.dll
2012-07-12 21:22 . 2012-06-12 03:08   3148800   ——a-w-  c:\windows\system32\win32k.sys
2012-07-12 05:19 . 2012-06-02 11:57   2382848   ——a-w-  c:\windows\system32\mshtml.tlb
2012-07-12 05:19 . 2012-06-02 08:16   2382848   ——a-w-  c:\windows\SysWow64\mshtml.tlb
2012-07-12 05:19 . 2012-06-02 11:57   96768   ——a-w-  c:\windows\system32\mshtmled.dll
2012-07-12 05:19 . 2012-06-02 12:52   174200   ——a-w-  c:\program files\Internet Explorer\sqmapi.dll
2012-07-12 05:19 . 2012-06-02 09:08   140920   ——a-w-  c:\program files (x86)\Internet Explorer\sqmapi.dll
2012-07-11 07:43 . 2012-06-06 06:06   2004480   ——a-w-  c:\windows\system32\msxml6.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-07 09:36 . 2011-09-21 17:42   29   ——a-w-  c:\windows\SysWow64\TempWmicBatchFile.bat
2012-08-03 05:32 . 2012-04-01 15:33   426184   ——a-w-  c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-03 05:32 . 2011-09-21 12:55   70344   ——a-w-  c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-13 17:12 . 2011-08-06 16:22   45056   ——a-w-  c:\windows\system32\acovcnt.exe
2012-07-12 05:21 . 2011-09-21 15:26   59701280   ——a-w-  c:\windows\system32\MRT.exe
2012-07-05 20:06 . 2011-09-21 12:53   687544   ——a-w-  c:\windows\SysWow64\deployJava1.dll
2012-07-03 16:21 . 2012-02-24 18:26   54072   ——a-w-  c:\windows\system32\drivers\aswRdr2.sys
2012-07-03 16:21 . 2011-09-21 12:40   355856   ——a-w-  c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2011-09-21 12:40   958400   ——a-w-  c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2011-09-21 12:40   59728   ——a-w-  c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2011-09-21 12:40   71064   ——a-w-  c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21 . 2011-09-21 12:40   25232   ——a-w-  c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2011-09-21 12:40   41224   ——a-w-  c:\windows\avastSS.scr
2012-07-03 16:21 . 2011-09-21 12:40   227648   ——a-w-  c:\windows\SysWow64\aswBoot.exe
2012-07-03 16:21 . 2011-09-21 12:40   285328   ——a-w-  c:\windows\system32\aswBoot.exe
2012-06-25 14:04 . 2012-06-25 14:04   1394248   ——a-w-  c:\windows\SysWow64\msxml4.dll
2012-06-02 22:19 . 2012-06-19 11:19   38424   ——a-w-  c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-19 11:20   2428952   ——a-w-  c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-19 11:20   57880   ——a-w-  c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-19 11:20   44056   ——a-w-  c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-19 11:19   701976   ——a-w-  c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-19 11:20   2622464   ——a-w-  c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-19 11:19   99840   ——a-w-  c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-19 11:19   186752   ——a-w-  c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-19 11:19   36864   ——a-w-  c:\windows\system32\wuapp.exe
2012-05-31 10:25 . 2011-09-21 12:46   279656   ———w-  c:\windows\system32\MpSigStub.exe
2012-05-24 21:18 . 2012-05-24 21:18   4472832   ——a-w-  c:\windows\SysWow64\GPhotos.scr
2012-05-20 11:30 . 2012-05-20 11:30   163048   ——a-w-  c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
.
.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@=”{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}”
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ——a-w-  c:\users\Milos\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@=”{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}”
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ——a-w-  c:\users\Milos\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@=”{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}”
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ——a-w-  c:\users\Milos\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“Steam”=“c:\program files (x86)\Steam\steam.exe” [2012-08-04 1353080]
“ISUSPM”=“c:\programdata\FLEXnet\Connect\11\ISUSPM.exe” [2009-05-05 222496]
“Facebook Update”=“c:\users\Milos\AppData\Local\Facebook\Update\FacebookUpdate.exe” [2012-07-12 138096]
“Spotify Web Helper”=“c:\users\Milos\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe” [2012-07-20 1193176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
“Nuance PDF Reader-reminder”=“c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe” [2008-11-03 328992]
“ASUSPRP”=“c:\program files (x86)\ASUS\APRP\APRP.EXE” [2011-03-31 2018032]
“FLxHCIm”=“c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe” [2011-04-08 43008]
“ATKOSD2”=“c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe” [2010-08-17 5732992]
“ATKMEDIA”=“c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe” [2010-10-07 170624]
“HControlUser”=“c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe” [2009-06-19 105016]
“CPMonitor”=“c:\program files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe” [2011-04-01 84464]
“THX TruStudio NB Settings”=“c:\program files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe” [2011-03-17 909312]
“UpdReg”=“c:\windows\UpdReg.EXE” [2000-05-11 90112]
“avast”=“c:\program files\AVAST Software\Avast\avastUI.exe” [2012-07-03 4273976]
“Wireless Console 3”=“c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe” [2010-09-23 1601536]
“APSDaemon”=“c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe” [2011-09-27 59240]
“SwitchBoard”=“c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe” [2010-02-19 517096]
“AdobeCS6ServiceManager”=“c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe” [2012-02-22 1073312]
“QuickTime Task”=“c:\program files (x86)\QuickTime\QTTask.exe” [2012-04-18 421888]
“SunJavaUpdateSched”=“c:\program files (x86)\Common Files\Java\Java Update\jusched.exe” [2012-01-17 252296]
.
c:\users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
debug.log [2012-7-26 264]
Dropbox.lnk - c:\users\Milos\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
Facebook Messenger.lnk - c:\users\Milos\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe [2012-7-26 244656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
STK02N 2.3 PNP Monitor.lnk - c:\windows\STK02N\STK02NM.exe [2011-10-20 163840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
“AppInit_DLLs”=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages   REG_MULTI_SZ     kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-31 135664]
R2 HeimdalSecureDNS;Heimdal Secure DNS Service;c:\program files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe [2012-07-09 89232]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-08-06 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-08-06 79360]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-10-31 13352]
R3 gupdatem;Google Update Tjeneste (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-31 135664]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-18 113120]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
R3 WatAdminSvc;Tjenesten Windows Aktivering;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-21 1255736]
R3 X6va006;X6va006;c:\users\Milos\AppData\Local\Temp\0065D7.tmp [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO_;ATKWMIACPI Driver_;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-26 17536]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-03-11 577824]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2012-03-11 43248]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520]
S2 AsusUacSvc;Asus process privilege adjust service;c:\program files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe [2010-07-27 113840]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 Atheros Bt&Wlan; Coex Agent;Atheros Bt&Wlan; Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe [2011-02-15 19968]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 HeimdalService;Heimdal Service;c:\program files (x86)\Heimdal\Service\HeimdalAgentService.exe [2012-07-09 135312]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-11 378472]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-11-03 2358656]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-16 13832]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2011-04-08 177152]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2011-04-08 56320]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-01-11 34304]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2012-02-22 28160]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-03-03 174184]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2011-03-15 311400]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-21 471144]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
Indhold af mappen ‘Planlagte Opgaver’
.
2012-08-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 05:32]
.
2012-08-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1295617616-3083882431-3701152012-1000Core.job
- c:\users\Milos\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-30 05:15]
.
2012-08-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1295617616-3083882431-3701152012-1000UA.job
- c:\users\Milos\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-30 05:15]
.
2012-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-31 22:45]
.
2012-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-31 22:45]
.
.
————- X64 Entries—————-
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@=”{472083B0-C522-11CF-8763-00608CC02F24}”
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21   133400   ——a-w-  c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@=”{6D4133E5-0742-4ADC-8A8C-9303440F7190}”
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41   220160   ——a-w-  c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@=”{64174815-8D98-4CE6-8646-4C039977D808}”
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41   220160   ——a-w-  c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@=”{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}”
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   97792   ——a-w-  c:\users\Milos\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@=”{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}”
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   97792   ——a-w-  c:\users\Milos\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@=”{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}”
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   97792   ——a-w-  c:\users\Milos\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@=”{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}”
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   97792   ——a-w-  c:\users\Milos\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“AtherosBtStack”=“c:\program files (x86)\Bluetooth Suite\BtvStack.exe” [2011-03-13 617120]
“AthBtTray”=“c:\program files (x86)\Bluetooth Suite\AthBtTray.exe” [2011-03-13 379552]
“IntelTBRunOnce”=“wscript.exe” [2009-07-14 168960]
“THXCfg64”=“c:\windows\system32\THXCfg64.dll” [2010-09-14 25600]
“COMODO Internet Security”=“c:\program files\COMODO\COMODO Internet Security\cfp.exe” [2012-03-11 9569096]
“AdobeAAMUpdater-1.0”=“c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe” [2012-02-01 446392]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
“{1984DD45-52CF-49cd-AB77-18F378FEA264}”= “c:\program files (x86)\Stardock\Fences\FencesMenu64.dll” [2010-06-22 253288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
“LoadAppInit_DLLs”=0x1
“AppInit_DLLs”=c:\windows\System32\guard64.dll
.
———- Yderligere scanning———-
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver; - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{29108A8B-D55C-4CE9-9AC4-99C6B2779C9C}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{F4790E5E-2991-4732-924A-D257EA1836CE}\078696C6960737: NameServer = 156.154.70.22,156.154.71.22
FF - ProfilePath - c:\users\Milos\AppData\Roaming\Mozilla\Firefox\Profiles\k86quq7d.default\
FF - prefs.js: browser.startup.homepage - google.dk
FF - prefs.js: network.proxy.type - 0
.
- - - - TOMME GENVEJE FJERNET - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va006]
“ImagePath”=”\??\c:\users\Milos\AppData\Local\Temp\0065D7.tmp”
.
——————————- LÅSTE REGISTRERINGS NØGLER——————————-
.
[HKEY_USERS\S-1-5-21-1295617616-3083882431-3701152012-1000\Software\SecuROM\License information*]
“datasecu”=hex:c7,4c,22,e6,1b,a9,90,c6,41,6c,0c,d4,80,aa,a2,20,d6,1c,8c,5f,a8,
  d0,37,eb,27,bb,9b,a1,8a,a7,7a,ff,b4,36,ad,bb,23,78,55,5c,99,61,a5,e9,39,a6,\
“rkeysecu”=hex:4e,f5,e9,03,c2,90,72,9d,98,65,35,cc,de,54,63,91
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=”@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
“Enabled”=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@=“Shockwave Flash Object”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx”
“ThreadingModel”=“Apartment”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@=“0”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@=“ShockwaveFlash.ShockwaveFlash.11”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@=”{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@=“1.0”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@=“ShockwaveFlash.ShockwaveFlash”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@=“Macromedia Flash Factory Object”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx”
“ThreadingModel”=“Apartment”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@=“FlashFactory.FlashFactory.1”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@=”{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@=“1.0”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@=“FlashFactory.FlashFactory”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@=“IFlashBroker4”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@=”{00020424-0000-0000-C000-000000000046}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Gennemført tid: 2012-08-07 11:46:32
ComboFix-quarantined-files.txt 2012-08-07 09:46
.
Pre-Kørsel: 60.058.251.264 byte ledig
Post-Kørsel: 59.084.140.544 byte ledig
.
- - End Of File - - 8C5DADF2500E318D7DD66BBB9488DBCB

Hvordan opfører computeren sig nu ?

Umiddelbart fint, men nogle gange slukker computeren lige pludselig, kan det være noget med virus at gøre?
‘‘Windows blev ikke lukket korrekt. Hvis dette skyldes, at systemet ikke svarede, eller hvis systemet blev lukket for at beskytte data, kan du muligvis genoprette systemet ed at vælge en af konfigurationerne for fejlsikret tilstand.

Det lyder lidt som om der er lidt udu i nogen filer, så tjek dem lige.

1.Åbn en kommandoprompt med administratorrettigheder.
Dette gøres ved at klikke på Start, klikke på Alle programmer, klikke på Tilbehør, højreklikke på Kommandoprompt, og derefter klikke på Kør som administrator.
Hvis du bliver bedt om at angive en administratoradgangskode eller en bekræftelse, skal du indtaste adgangskoden eller klikke på Tillad.
2.Skriv følgende kommando, og tryk derefter på Enter:
sfc /scannow

Kommandoen sfc /scannow scanner alle beskyttede systemfiler og erstatter forkerte versioner med korrekte versioner fra Microsoft.

Når det er gjort, så hent og kør whocrashed:
http://danish.downius.com/lv/group/view/kl226086/WhoCrashed.htm

Installer og kør den, så laver den log, send den herind i næste svar.

Der står den skulle ligge i Crash dump directory: C:\Windows\Minidump
men der er intet

Det er tegn på at den ikke har lavet Blå Skærme.

Windows blev ikke lukket korrekt

Sker det når du laver noget bestemt, eller       ?

Men prøv at se om SFC scanningen har gjort noget gavn…........

Jeg venter og ser om det sker igen, det kan ske hvor som helst og når som helst.
Der kommer ingen blå skærm, den slukker bare.

Ok.  Giv lige lyd fra dig, uanset hvad der sker, eller ikke sker.         

Det gør jeg