Hej Pia            

Lad os kigge nærmere på tingene.

Download OTL af Oldtimer, gem den på dit skrivebord:
http://oldtimer.geekstogo.com/OTL.exe

Luk alle åbne vinduer. Klik på OTL ikonet (for Vista/win7, skal du højreklikke på ikonet og Kør som Administrator) for at starte programmet.
Når vinduet vises, under Output i toppen skift til Minimal Output.
Marker felterne ud for LOP check og Purity Check.
• 

Klik så på Quick Scan.
• 

Det vil give to (2) logfiler på skrivebordet, en kaldet OTL.txt, den anden vil blive navngivet Extras.txt.
Husk, hvor du har gemt disse 2 filer.

Da de er forholdsvis lange, kan du blive nødt til at sende dem i flere indlæg.

Hej igen,

Det lyder godt. Her kommer først OTL filen.

Hilsen Pia

OTL logfile created on: 22-08-2012 07:08:28 - Run 1
OTL by OldTimer - Version 3.2.58.1   Folder = C:\Users\Pia\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

3,18 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 69,23% Memory free
6,35 Gb Paging File | 5,32 Gb Available in Paging File | 83,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 424,66 Gb Total Space | 140,27 Gb Free Space | 33,03% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 23,21 Gb Free Space | 58,03% Space Free | Partition Type: NTFS

Computer Name: PIA-PC | User Name: Pia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Pia\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe (Macrovision                                   )
PRC - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
PRC - C:\Windows\System32\PSIService.exe ()
PRC - C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)


========== Modules (No Company Name) ==========

MOD - C:\Windows\System32\IccLibDll.dll ()

========== Win32 Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc)—C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate)—C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (LBTServ)—C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (WatAdminSvc)—C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (InstallShield Licensing Service)—C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe (Macrovision                                   )
SRV - (UNS)—C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS)—C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (EhttpSrv)—C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV - (ekrn)—C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
SRV - (WisLMSvc)—C:\Program Files\Launch Manager\WisLMSvc.exe (Wistron Corp.)
SRV - (IAStorDataMgrSvc)—C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (SensrSvc)—C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend)—C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ABBYY.Licensing.FineReader.Sprint.9.0)—C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
SRV - (ProtexisLicensing)—C:\Windows\System32\PSIService.exe ()
SRV - (EpsonBidirectionalService)—C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION)
SRV - (CCALib8)—C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)


========== Driver Services (SafeList) ==========

DRV - (USBCCID)—system32\DRIVERS\RtsUCcid.sys File not found
DRV - (RtsUIR)—system32\DRIVERS\Rts516xIR.sys File not found
DRV - (LMouFilt)—C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LUsbFilt)—C:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LHidFilt)—C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (TsUsbFlt)—C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb)—C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (rtl8192se)—C:\Windows\System32\drivers\rtl8192se.sys (Realtek Semiconductor Corporation                   )
DRV - (nvlddmkm)—C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (Epfwndis)—C:\Windows\System32\drivers\epfwndis.sys (ESET)
DRV - (epfw)—C:\Windows\System32\drivers\epfw.sys (ESET)
DRV - (epfwwfp)—C:\Windows\System32\drivers\epfwwfp.sys (ESET)
DRV - (IntcDAud)—C:\Windows\System32\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV - (ehdrv)—C:\Windows\System32\drivers\ehdrv.sys (ESET)
DRV - (eamon)—C:\Windows\System32\drivers\eamon.sys (ESET)
DRV - (L1C)—C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (HECI)—C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (RSUSBSTOR)—C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (vwifimp)—C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dr.dk/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{C567B12C-FFA0-4443-88AD-39DB7B1E94AB}: “URL” = http://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: “Wikipedia (en)”
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: “http://www.google.dk/”
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-05-22 21:26:45 | 000,000,000 |—-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-08-19 11:44:39 | 000,000,000 |—-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-03-02 18:57:32 | 000,000,000 |—-D | M]

[2010-03-02 19:28:45 | 000,000,000 |—-D | M] (No name found)—C:\Users\Pia\AppData\Roaming\mozilla\Extensions
[2012-05-27 19:45:51 | 000,000,000 |—-D | M] (No name found)—C:\Users\Pia\AppData\Roaming\mozilla\Firefox\Profiles\bmeel1a3.default\extensions
[2012-05-27 19:45:51 | 000,000,000 |—-D | M] (Разпознаване на устройство Logitech)—C:\Users\Pia\AppData\Roaming\mozilla\Firefox\Profiles\bmeel1a3.default\extensions\DeviceDetection@logitech.com
[2012-06-20 21:03:32 | 000,000,000 |—-D | M] (No name found)—C:\Program Files\Mozilla Firefox\extensions
[2012-04-22 17:45:37 | 000,000,000 |—-D | M] (Skype Click to Call)—C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-06-20 21:03:32 | 000,000,000 |—-D | M] (Java Console)—C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012-02-18 08:25:52 | 000,134,104 |——| M] (Mozilla Foundation)—C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-01-12 23:24:38 | 000,002,252 |——| M] ()—C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012-01-12 23:24:38 | 000,002,040 |——| M] ()—C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========


O1 HOSTS File: ([2009-06-11 00:39:37 | 000,000,824 |——| M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: eBay.co.uk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4 File not found
O9 - Extra ‘Tools’ menuitem : eBay.co.uk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra ‘Tools’ menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: http://www.dr.dk ([]https in Pålidelige websteder)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F15E1B0-ECE6-4732-9F75-24797D3D8B3C}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\Windows\system32\nvinit.dll) - C:\Windows\System32\nvinit.dll (NVIDIA Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-11 00:42:20 | 000,000,024 |——| M] () - C:\autoexec.bat—[ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open]—“%1” %*
O35 - HKLM\..exefile [open]—“%1” %*
O37 - HKLM\...com [@ = comfile]—“%1” %*
O37 - HKLM\...exe [@ = exefile]—“%1” %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-08-22 07:04:17 | 000,000,000 |—-D | C]—C:\Users\Pia\Desktop\Skrivebord
[2012-08-22 07:01:57 | 000,596,480 |——| C] (OldTimer Tools)—C:\Users\Pia\Desktop\OTL.exe
[2012-08-22 07:01:05 | 000,000,000 |—-D | C]—C:\Users\Pia\Desktop\Spywarefri
[2012-08-04 10:10:46 | 000,000,000 |—-D | C]—C:\Program Files\CCleaner
[2012-08-04 09:33:00 | 000,000,000 | -HSD | C]—C:\Config.Msi

========== Files - Modified Within 30 Days ==========

[2012-08-22 07:01:58 | 000,596,480 |——| M] (OldTimer Tools)—C:\Users\Pia\Desktop\OTL.exe
[2012-08-22 06:52:00 | 000,000,830 |——| M] ()—C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-08-22 06:37:53 | 000,009,920 | -H—| M] ()—C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-08-22 06:37:53 | 000,009,920 | -H—| M] ()—C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-08-22 06:30:26 | 000,067,584 |—S- | M] ()—C:\Windows\bootstat.dat
[2012-08-22 06:30:18 | 2559,467,520 | -HS- | M] ()—C:\hiberfil.sys
[2012-08-21 20:15:02 | 000,021,763 |——| M] ()—C:\Users\Pia\Desktop\WEEKEND.odt
[2012-08-20 23:11:14 | 353,007,957 |——| M] ()—C:\Windows\MEMORY.DMP
[2012-08-20 07:25:42 | 000,616,008 |——| M] ()—C:\Windows\System32\perfh009.dat
[2012-08-20 07:25:42 | 000,470,324 |——| M] ()—C:\Windows\System32\perfh006.dat
[2012-08-20 07:25:42 | 000,106,388 |——| M] ()—C:\Windows\System32\perfc009.dat
[2012-08-20 07:25:42 | 000,079,926 |——| M] ()—C:\Windows\System32\perfc006.dat
[2012-08-19 23:24:50 | 000,007,643 |——| M] ()—C:\Users\Pia\AppData\Local\Resmon.ResmonCfg
[2012-08-19 11:44:39 | 000,001,948 |——| M] ()—C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012-08-15 18:35:03 | 000,377,400 |——| M] ()—C:\Windows\System32\FNTCACHE.DAT
[2012-08-04 10:38:59 | 001,359,824 |——| M] ()—C:\Users\Pia\Desktop\pc-decrapifier-2.2.8.exe
[2012-08-04 10:10:47 | 000,000,929 |——| M] ()—C:\Users\Public\Desktop\CCleaner.lnk

========== Files Created - No Company Name ==========

[2012-08-20 23:11:14 | 353,007,957 |——| C] ()—C:\Windows\MEMORY.DMP
[2012-08-17 06:34:21 | 000,000,830 |——| C] ()—C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-08-04 10:38:59 | 001,359,824 |——| C] ()—C:\Users\Pia\Desktop\pc-decrapifier-2.2.8.exe
[2012-08-04 10:10:47 | 000,000,929 |——| C] ()—C:\Users\Public\Desktop\CCleaner.lnk
[2012-07-08 16:58:37 | 000,004,608 |——| C] ()—C:\Users\Pia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-03-27 21:03:40 | 000,060,304 |——| C] ()—C:\Users\Pia\g2mdlhlpx.exe
[2012-01-10 22:29:54 | 013,904,384 |——| C] ()—C:\Windows\System32\ig4icd32.dll
[2012-01-10 22:14:34 | 000,004,096 |——| C] ( )—C:\Windows\System32\IGFXDEVLib.dll
[2011-08-31 19:46:18 | 000,128,204 |——| C] ()—C:\Windows\System32\igcompkrng575.bin
[2011-08-31 19:46:12 | 000,105,608 |——| C] ()—C:\Windows\System32\igfcg575m.bin
[2011-08-31 19:46:10 | 000,867,020 |——| C] ()—C:\Windows\System32\igkrng575.bin
[2011-08-31 19:13:52 | 000,094,208 |——| C] ()—C:\Windows\System32\IccLibDll.dll
[2011-08-06 16:37:47 | 000,000,008 | RHS- | C] ()—C:\Windows\System32\8836BAA195.sys
[2010-10-07 07:47:09 | 000,007,643 |——| C] ()—C:\Users\Pia\AppData\Local\Resmon.ResmonCfg
[2010-03-09 21:03:02 | 000,000,056 | -H—| C] ()—C:\ProgramData\ezsidmv.dat

========== LOP Check ==========

[2010-02-25 16:14:46 | 000,000,000 |—-D | M]—C:\Users\Pia\AppData\Roaming\BullGuard
[2011-08-02 21:54:19 | 000,000,000 |—-D | M]—C:\Users\Pia\AppData\Roaming\Canon
[2012-07-08 17:18:39 | 000,000,000 |—-D | M]—C:\Users\Pia\AppData\Roaming\Epson
[2010-03-02 18:58:46 | 000,000,000 |—-D | M]—C:\Users\Pia\AppData\Roaming\ESET
[2010-06-23 22:01:23 | 000,000,000 |—-D | M]—C:\Users\Pia\AppData\Roaming\GARMIN
[2012-06-09 15:44:13 | 000,000,000 |—-D | M]—C:\Users\Pia\AppData\Roaming\Leadertech
[2010-03-02 19:26:19 | 000,000,000 |—-D | M]—C:\Users\Pia\AppData\Roaming\OpenOffice.org
[2010-03-02 14:39:22 | 000,000,000 |—-D | M]—C:\Users\Pia\AppData\Roaming\Temp
[2012-05-26 09:06:50 | 000,032,550 |——| M] ()—C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Og her er Extras filen:

OTL Extras logfile created on: 22-08-2012 07:08:28 - Run 1
OTL by OldTimer - Version 3.2.58.1   Folder = C:\Users\Pia\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

3,18 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 69,23% Memory free
6,35 Gb Paging File | 5,32 Gb Available in Paging File | 83,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 424,66 Gb Total Space | 140,27 Gb Free Space | 33,03% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 23,21 Gb Free Space | 58,03% Space Free | Partition Type: NTFS

Computer Name: PIA-PC | User Name: Pia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile]—C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile]—C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML]—C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open]—“%1” %*
cmdfile [open]—“%1” %*
comfile [open]—“%1” %*
cplfile [cplopen]—%SystemRoot%\System32\control.exe “%1”,%* (Microsoft Corporation)
exefile [open]—“%1” %*
helpfile [open]—Reg Error: Key error.
hlpfile [open]—%SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install]—%SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation)
piffile [open]—“%1” %*
regfile [merge]—Reg Error: Key error.
scrfile [config]—“%1”
scrfile [install]—rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open]—“%1” /S
txtfile [edit]—Reg Error: Key error.
Unknown [openas]—%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd]—cmd.exe /s /k pushd “%V” (Microsoft Corporation)
Directory [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore]—Reg Error: Value error.
Drive [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
“cval” = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
“VistaSp1” = Reg Error: Unknown registry data type—File not found
“AntiVirusOverride” = 0
“AntiSpywareOverride” = 0
“FirewallOverride” = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
“DisableNotifications” = 0
“EnableFirewall” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
“DisableNotifications” = 0
“EnableFirewall” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
“DisableNotifications” = 0
“EnableFirewall” = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“{8217AC07-659B-4891-9CAA-7CAB3AC2087B}” = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
“{C07573C6-F1F9-4BE4-A450-2F2733766C12}” = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“{059B2D73-B57A-46E1-818C-ADC38F2D353E}” = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
“{1EBFBFAF-6A14-4718-8030-1949F85DA615}” = dir=in | app=c:\program files\itunes\itunes.exe |
“{222CC27C-A0CE-4A6E-BDFA-7F0CC4D43A1F}” = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
“{29B7BFF9-CC37-4105-BE69-997BEDA556E5}” = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
“{887EBB6E-CCF6-47BC-8FE9-95DE7A917FA8}” = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
“{9306E12F-72A5-47A0-BBC2-BB7B1EF93CC9}” = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
“{A0443249-673A-45CD-9B21-CBF621A72229}” = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
“{A3D3650B-2693-45F4-B3A2-5DD7DB60F2B6}” = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
“{ACD76AB3-905B-4885-B227-71DA0BBDCA6D}” = dir=in | app=c:\program files\skype\phone\skype.exe |
“{F4D492C4-FD7C-448B-91AE-16E5ED9C1D61}” = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}” = CorelDRAW Essential Edition 3
“{00647366-8CB3-4B3A-92EB-31538B759F46}” = Windows Live Toolbar
“{01FB4998-33C4-4431-85ED-079E3EEFE75D}” = CyberLink YouCam
“{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}” = Epson Event Manager
“{0C42593A-B604-4A99-A0BE-F4AD9025F448}” = EN
“{0E64B098-8018-4256-BA23-C316A43AD9B0}” = QuickTime
“{122ADF8C-DDA1-480C-9936-C88F2825B265}” = Apple Application Support
“{205C6BDD-7B73-42DE-8505-9A093F35A238}” = Overførselsværktøj til Windows Live
“{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}” = MSVCRT
“{26A24AE4-039D-4CA4-87B4-2F83216022F0}” = Java(TM) 6 Update 22
“{26A24AE4-039D-4CA4-87B4-2F83216033FF}” = Java(TM) 6 Update 33
“{2A03B9F8-BE6D-43C6-A16A-B9998A194AF0}” = Garmin Training Center
“{2CDC68A4-3CE7-4F7B-A5BE-ECB05ABB8719}” = Windows Live Movie Maker
“{2F3082BF-4A3B-45CA-805F-52DBBFD3C645}” = Windows Live Essentials
“{3108C217-BE83-42E4-AE9E-A56A2A92E549}” = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
“{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}” = Epson Easy Photo Print 2
“{3B4E636E-9D65-4D67-BA61-189800823F52}” = Windows Live Communications Platform
“{3C3901C5-3455-3E0A-A214-0B093A5070A6}” = Microsoft .NET Framework 4 Client Profile
“{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}” = Intel(R) Rapid Storage Technology
“{3E31400D-274E-4647-916C-2CACC3741799}” = EpsonNet Print
“{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}” = eReg
“{40BF1E83-20EB-11D8-97C5-0009C5020658}” = CyberLink Power2Go
“{45A2D49C-8124-4015-A8B3-073A827EC5C1}” = Windows Live Sync
“{48657AA5-5A07-4C3A-8ED8-8B7CA4A9707C}” = OpenOffice.org 3.3
“{4A03706F-666A-4037-7777-5F2748764D10}” = Java Auto Updater
“{4AB1B007-F16A-4BCD-B3CF-4EE6732B4F68}” = ESET Smart Security
“{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}” = Microsoft Search Enhancement Pack
“{51C7AD07-C3F6-4635-8E8A-231306D810FE}” = Cisco LEAP Module
“{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}” = Microsoft Office Live Add-in 1.3
“{5B119660-1788-11D8-8EB8-0050BF643EE7}” = digestIT 2004
“{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}” = Cisco EAP-FAST Module
“{65153EA5-8B6E-43B6-857B-C6E4FC25798A}” = Intel(R) Management Engine Components
“{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}” = Activation Assistant for the 2007 Microsoft Office suites
“{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}” = Garmin USB Drivers
“{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}” = Windows Media Player Firefox Plugin
“{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}” = iTunes
“{7299052b-02a4-4627-81f2-1818da5d550d}” = Microsoft Visual C++ 2005 Redistributable
“{80E158EA-7181-40FE-A701-301CE6BE64AB}” = CyberLink MediaShow
“{837b34e3-7c30-493c-8f6a-2b0f04e2912c}” = Microsoft Visual C++ 2005 Redistributable
“{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}” = Microsoft Silverlight
“{8A74E887-8F0F-4017-AF53-CBA42211AAA5}” = Microsoft Sync Framework Runtime Native v1.0 (x86)
“{8EA24DB0-BB39-41B3-BFA5-019AC727C894}” = Inglise-eesti-inglise sõnaraamat
“{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}” = Apple Mobile Device Support
“{90120000-0016-0406-0000-0000000FF1CE}” = Microsoft Office Excel MUI (Danish) 2007
“{90120000-0016-0406-0000-0000000FF1CE}_HOMESTUDENTR_{652017DD-E99F-4420-9CC8-AC25CE8375A5}” = Microsoft Office 2007 Service Pack 2 (SP2)
“{90120000-0018-0406-0000-0000000FF1CE}” = Microsoft Office PowerPoint MUI (Danish) 2007
“{90120000-0018-0406-0000-0000000FF1CE}_HOMESTUDENTR_{652017DD-E99F-4420-9CC8-AC25CE8375A5}” = Microsoft Office 2007 Service Pack 2 (SP2)
“{90120000-001B-0406-0000-0000000FF1CE}” = Microsoft Office Word MUI (Danish) 2007
“{90120000-001B-0406-0000-0000000FF1CE}_HOMESTUDENTR_{652017DD-E99F-4420-9CC8-AC25CE8375A5}” = Microsoft Office 2007 Service Pack 2 (SP2)
“{90120000-001F-0406-0000-0000000FF1CE}” = Microsoft Office Proof (Danish) 2007
“{90120000-001F-0406-0000-0000000FF1CE}_HOMESTUDENTR_{25E093C2-374E-44A9-9BCE-3881BD442F3F}” = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
“{90120000-001F-0407-0000-0000000FF1CE}” = Microsoft Office Proof (German) 2007
“{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}” = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
“{90120000-001F-0409-0000-0000000FF1CE}” = Microsoft Office Proof (English) 2007
“{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}” = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
“{90120000-0020-0406-0000-0000000FF1CE}” = Kompatibilitetspakke til Office 2007-systemet
“{90120000-002C-0406-0000-0000000FF1CE}” = Microsoft Office Proofing (Danish) 2007
“{90120000-006E-0406-0000-0000000FF1CE}” = Microsoft Office Shared MUI (Danish) 2007
“{90120000-006E-0406-0000-0000000FF1CE}_HOMESTUDENTR_{50865937-2EBB-4BBF-8861-BF5972C95D4B}” = Microsoft Office 2007 Service Pack 2 (SP2)
“{90120000-00A1-0406-0000-0000000FF1CE}” = Microsoft Office OneNote MUI (Danish) 2007
“{90120000-00A1-0406-0000-0000000FF1CE}_HOMESTUDENTR_{652017DD-E99F-4420-9CC8-AC25CE8375A5}” = Microsoft Office 2007 Service Pack 2 (SP2)
“{91120000-002F-0000-0000-0000000FF1CE}” = Microsoft Office Home and Student 2007
“{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}” = Microsoft Office 2007 Service Pack 2 (SP2)
“{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}” = Security Update for Microsoft Office system 2007 (972581)
“{94B8F069-F223-4F48-BC88-7104CBA77F30}” = Windows Live Messenger
“{95120000-00AF-0406-0000-0000000FF1CE}” = Microsoft Office PowerPoint Viewer 2007 (Danish)
“{95120000-00B9-0409-0000-0000000FF1CE}” = Microsoft Application Error Reporting
“{96AE7E41-E34E-47D0-AC07-1091A8127911}” = Realtek USB 2.0 Card Reader
“{9A25302D-30C0-39D9-BD6F-21E6EC160475}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
“{9D3D8C60-A55F-4fed-B2B9-173F09590E16}” = REALTEK Wireless LAN Driver
“{A062A15F-9CAC-4B88-98DF-87628A0BD721}” = Corel MediaOne
“{A498D9EB-927B-459B-85D6-DD6EF8C2C564}” = erLT
“{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}” = CyberLink PowerDVD 9
“{AB770FDE-8087-4C98-9A85-BD64262C104C}” = Medion Home Cinema
“{AC76BA86-7AD7-1030-7B44-A95000000001}” = Adobe Reader 9.5.2 - Dansk
“{ADDBE07D-95B8-4789-9C76-187FFF9624B4}” = CorelDRAW Essential Edition 3
“{B238D61F-3EEF-4716-BFEA-9903DEF045D9}” = Microsoft Works
“{B2544A03-10D0-4E5E-BA69-0362FFC20D18}” = OGA Notifier 2.0.0048.0
“{B2D55EB8-32C5-4B43-9006-9E97DECBA178}” = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
“{B6CF2967-C81E-40C0-9815-C05774FEF120}” = Skype Click to Call
“{B7A0CE06-068E-11D6-97FD-0050BACBF861}” = CyberLink PowerProducer
“{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}” = Microsoft Sync Framework Services Native v1.0 (x86)
“{BFD09E5B-6D40-4CAD-A349-103BFEF1C574}” = Windows Live Mail
“{C59C179C-668D-49A9-B6EA-0121CCFC1243}” = CyberLink LabelPrint
“{C6579A65-9CAE-4B31-8B6B-3306E0630A66}” = Apple Software Update
“{C9D8A041-2963-4B31-8FFC-1500F3DB9293}” = EpsonNet Setup 3.2
“{CB099890-1D5F-11D5-9EA9-0050BAE317E1}” = CyberLink PowerDirector
“{D0846526-66DD-4DC9-A02C-98F9A2806812}” = Launch Manager V1.5.0.8
“{D36DD326-7280-11D8-97C8-000129760CBE}” = CyberLink PhotoNow
“{D7EC54D8-3D95-4F9D-A191-59C9BB7F5AC9}” = Windows Live Photo Gallery
“{E2019D64-E819-3B4F-9C85-95BE2688ABF9}” = Microsoft .NET Framework 4 Client Profile DAN Language Pack
“{E2DFE069-083E-4631-9B6C-43C48E991DE5}” = Junk Mail filter update
“{E3D04529-6EDB-11D8-A372-0050BAE317E1}” = CyberLink PowerDVD Copy
“{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
“{E80F9ABB-618D-4B9E-9EA0-5BF6A7C2FE9D}” = Tilmeldingsassistent til Windows Live
“{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}” = Cisco PEAP Module
“{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}” = Skype™ 5.10
“{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}” = Microsoft SQL Server 2005 Compact Edition [ENU]
“{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}” = Microsoft Choice Guard
“{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}” = Intel(R) Graphics Media Accelerator Driver
“{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}” = Realtek High Definition Audio Driver
“{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}” = Update Manager
“{F8E3C768-71F3-11E1-9DF7-70804824019B}” = Snagit 11
“{F9000000-0018-0000-0000-074957833700}” = ABBYY FineReader 9.0 Sprint
“{FC0C6E54-BCD4-42C5-BEAA-4FFFEC499EE0}” = Windows Live Writer
“49CF605F02C7954F4E139D18828DE298CD59217C” = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
“ABBYY FineReader 9.0 Sprint” = ABBYY FineReader 9.0 Sprint
“Activation Assistant for the 2007 Microsoft Office suites” = Activation Assistant for the 2007 Microsoft Office suites
“Adobe Flash Player ActiveX” = Adobe Flash Player 10 ActiveX
“Adobe Flash Player Plugin” = Adobe Flash Player 11 Plugin
“CAL” = Canon Camera Access Library
“CameraWindowDVC5” = Canon Camera Window DC_DV 5 for ZoomBrowser EX
“CameraWindowDVC6” = Canon Camera Window DC_DV 6 for ZoomBrowser EX
“CameraWindowMC” = Canon Camera Window MC 6 for ZoomBrowser EX
“CANON iMAGE GATEWAY Task” = CANON iMAGE GATEWAY Task for ZoomBrowser EX
“Canon Internet Library for ZoomBrowser EX” = Canon Internet Library for ZoomBrowser EX
“CCleaner” = CCleaner
“CSCLIB” = Canon Camera Support Core Library
“Digital Editions” = Adobe Digital Editions
“DPP” = Canon Utilities Digital Photo Professional 2.2
“EOS Utility” = Canon Utilities EOS Utility
“EPSON Scanner” = EPSON Scan
“EPSON SX420W Series” = EPSON SX420W Series Printer Uninstall
“EPSON SX420W Series Manual” = EPSON SX420W Series Håndbog
“EPSON SX420W Series Network Guide” = Netværksvejledning for EPSON SX420W Series
“HOMESTUDENTR” = Microsoft Office Home and Student 2007
“InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}” = CyberLink YouCam
“InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}” = CyberLink Power2Go
“InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}” = CyberLink MediaShow
“InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}” = CyberLink PowerDVD 9
“InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}” = Medion Home Cinema
“InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}” = CyberLink PowerProducer
“InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}” = CyberLink LabelPrint
“InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}” = CyberLink PowerDirector
“InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}” = CyberLink PhotoNow
“Malwarebytes’ Anti-Malware_is1” = Malwarebytes Anti-Malware version 1.60.0.1800
“Microsoft .NET Framework 4 Client Profile” = Microsoft .NET Framework 4 Client Profile
“Microsoft .NET Framework 4 Client Profile DAN Language Pack” = Microsoft .NET Framework 4 Client Profile DAN sprogpakke
“Mozilla Firefox 10.0.2 (x86 en-US)” = Mozilla Firefox 10.0.2 (x86 en-US)
“NVIDIA Drivers” = NVIDIA Drivers
“PhotoStitch” = Canon Utilities PhotoStitch
“RAW Image Task” = Canon RAW Image Task for ZoomBrowser EX
“RemoteCaptureTask” = Canon RemoteCapture Task for ZoomBrowser EX
“sp6” = Logitech SetPoint 6.32
“SynTPDeinstKey” = Synaptics Pointing Device Driver
“TVWiz” = Intel(R) TV Wizard
“WinLiveSuite_Wave3” = Windows Live Essentials
“ZoomBrowser EX” = Canon Utilities ZoomBrowser EX

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“GoToMeeting” = GoToMeeting 5.1.0.880

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 16-08-2012 15:33:47 | Computer Name = Pia-Pc | Source = Application Hang | ID = 1002
Description = Programmet iTunes.exe version 10.6.3.25 afbrød kommunikationen med
Windows og blev afsluttet. Hvis du vil se, om der findes flere oplysninger om problemet,
kan du læse om problemets historik via Løsningscenter.  Proces-id: 12b8   Starttidspunkt:
01cd7bc844523768   Afslutningstidspunkt: 44   Programsti: C:\Program Files\iTunes\iTunes.exe

Rapport-id:
 

Error - 17-08-2012 13:01:48 | Computer Name = Pia-Pc | Source = SideBySide | ID = 16842811
Description = Aktiveringskontekstgenereringen mislykkedes for “c:\program files\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll”. Der er en fejl i manifestet
eller politikfilen “c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll”
i linje 2.  Ugyldig Xml-syntaks.

Error - 18-08-2012 01:23:23 | Computer Name = Pia-Pc | Source = Application Error | ID = 1000
Description = Navn på program med fejl: CALMAIN.exe, version: 8.1.0.14, tidsstempel:
0x433d11f9 Navn på modul med fejl: msvcrt.dll, version: 7.0.7601.17744, tidsstempel:
0x4eeaf722 Undtagelseskode: 0xc0000005 Forskydning med fejl 0x00009966 Proces-id 0x668
Programmets
starttidspunkt 0x01cd7c8c67915f12 Programsti: C:\Program Files\Canon\CAL\CALMAIN.exe
Modulsti:
C:\Windows\system32\msvcrt.dll Rapport-id: d4158bc8-e8f4-11e1-9265-001f16389f1c

Error - 19-08-2012 06:48:53 | Computer Name = Pia-Pc | Source = Application Hang | ID = 1002
Description = Programmet iTunes.exe version 10.6.3.25 afbrød kommunikationen med
Windows og blev afsluttet. Hvis du vil se, om der findes flere oplysninger om problemet,
kan du læse om problemets historik via Løsningscenter.  Proces-id: f94   Starttidspunkt:
01cd7de98c8b0e4a   Afslutningstidspunkt: 39   Programsti: C:\Program Files\iTunes\iTunes.exe

Rapport-id:
 

Error - 19-08-2012 16:28:47 | Computer Name = Pia-Pc | Source = RasClient | ID = 20227
Description =

Error - 19-08-2012 16:28:47 | Computer Name = Pia-Pc | Source = RasClient | ID = 20227
Description =

Error - 19-08-2012 16:28:47 | Computer Name = Pia-Pc | Source = RasClient | ID = 20227
Description =

Error - 19-08-2012 16:28:47 | Computer Name = Pia-Pc | Source = RasClient | ID = 20227
Description =

Error - 20-08-2012 12:04:01 | Computer Name = Pia-Pc | Source = SideBySide | ID = 16842811
Description = Aktiveringskontekstgenereringen mislykkedes for “c:\program files\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll”. Der er en fejl i manifestet
eller politikfilen “c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll”
i linje 2.  Ugyldig Xml-syntaks.

Error - 21-08-2012 15:40:24 | Computer Name = Pia-Pc | Source = Application Hang | ID = 1002
Description = Programmet soffice.bin version 3.3.9556.500 afbrød kommunikationen
med Windows og blev afsluttet. Hvis du vil se, om der findes flere oplysninger
om problemet, kan du læse om problemets historik via Løsningscenter.  Proces-id: 5c8

Starttidspunkt:
01cd7fae98f737ad   Afslutningstidspunkt: 432   Programsti: C:\Program Files\OpenOffice.org
3\program\soffice.bin   Rapport-id: 

[ System Events ]
Error - 20-08-2012 22:22:47 | Computer Name = Pia-Pc | Source = iaStor | ID = 262153
Description = Enheden \Device\Ide\iaStor0 svarede ikke inden for timeoutperioden.

Error - 20-08-2012 22:24:48 | Computer Name = Pia-Pc | Source = iaStor | ID = 262153
Description = Enheden \Device\Ide\iaStor0 svarede ikke inden for timeoutperioden.

Error - 20-08-2012 23:19:26 | Computer Name = Pia-Pc | Source = iaStor | ID = 262153
Description = Enheden \Device\Ide\iaStor0 svarede ikke inden for timeoutperioden.

Error - 20-08-2012 23:21:28 | Computer Name = Pia-Pc | Source = iaStor | ID = 262153
Description = Enheden \Device\Ide\iaStor0 svarede ikke inden for timeoutperioden.

Error - 20-08-2012 23:23:28 | Computer Name = Pia-Pc | Source = iaStor | ID = 262153
Description = Enheden \Device\Ide\iaStor0 svarede ikke inden for timeoutperioden.

Error - 20-08-2012 23:25:29 | Computer Name = Pia-Pc | Source = iaStor | ID = 262153
Description = Enheden \Device\Ide\iaStor0 svarede ikke inden for timeoutperioden.

Error - 21-08-2012 00:19:26 | Computer Name = Pia-Pc | Source = iaStor | ID = 262153
Description = Enheden \Device\Ide\iaStor0 svarede ikke inden for timeoutperioden.

Error - 21-08-2012 00:21:57 | Computer Name = Pia-Pc | Source = iaStor | ID = 262153
Description = Enheden \Device\Ide\iaStor0 svarede ikke inden for timeoutperioden.

Error - 21-08-2012 00:23:58 | Computer Name = Pia-Pc | Source = iaStor | ID = 262153
Description = Enheden \Device\Ide\iaStor0 svarede ikke inden for timeoutperioden.

Error - 21-08-2012 00:25:59 | Computer Name = Pia-Pc | Source = iaStor | ID = 262153
Description = Enheden \Device\Ide\iaStor0 svarede ikke inden for timeoutperioden.


< End of report >

•  Start OTL
•  Kopier nedenstånde med fed skrift ind i Custom Scan feltet

:Services
:OTL
:Reg
:Files
C:\Windows\MEMORY.DMP
C:\Windows\System32\perfh009.dat
C:\Windows\System32\perfh006.dat
C:\Windows\System32\perfc009.dat
C:\Windows\System32\perfc006.dat
C:\Users\Pia\AppData\Roaming\BullGuard
ipconfig /flushdns /c
:Commands
[purity]
[resethosts]
[CreateRestorePoint]
[emptytemp]
[EMPTYFLASH]
[EMPTYJAVA]

•  Klik på  Run Fix - Knappen
•  Hvis OTL spørger om at genstarte, så sig ja.
•  Klik på OK.
•  En log vil åbne, kopier den herind i dit næste svar.
• 
•  Ellers kan den findes her:
•    C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss

Hent Combofix, og gem den på dit skrivebord:
Her

NB -> Deaktiver dit antivirus/antispyware program. Da det/de kan ”forstyrre” og konflikte med combofix, eller fjerne vigtige combofix filer, hvilket kan få computeren til fryse.

Kør så combofix.exe, og følg anvisningerne.

Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.

Når combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt
Indholdet af denne fil må du gerne lægge herind.

Den kan også findes her - > C: combofix txt

Så har jeg gjort som beskrevet og her or log filerne:

All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
========== REGISTRY ==========
========== FILES ==========
C:\Windows\MEMORY.DMP moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfh006.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
C:\Windows\System32\perfc006.dat moved successfully.
C:\Users\Pia\AppData\Roaming\BullGuard\AppDumps folder moved successfully.
C:\Users\Pia\AppData\Roaming\BullGuard\Antivirus\Profiles folder moved successfully.
C:\Users\Pia\AppData\Roaming\BullGuard\Antivirus folder moved successfully.
C:\Users\Pia\AppData\Roaming\BullGuard folder moved successfully.
< ipconfig /flushdns /c >
Windows IP-konfiguration
DNS Resolver Cache blev t›mt.
C:\Users\Pia\Desktop\cmd.bat deleted successfully.
C:\Users\Pia\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Pia
->Temp folder emptied: 11901637 bytes
->Temporary Internet Files folder emptied: 1031418 bytes
->Java cache emptied: 6463362 bytes
->FireFox cache emptied: 397932980 bytes
->Flash cache emptied: 126163 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6414 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 398,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Pia
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Pia
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.58.1 log created on 08222012_183436

Files\Folders moved on Reboot…

PendingFileRenameOperations files…

Registry entries deleted on Reboot…

ComboFix 12-08-22.01 - Pia 22-08-2012 18:46:56.1.4 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.45.1030.18.3255.2171 [GMT 3:00]
Kører fra: c:\users\Pia\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET Personlig firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Pia\AppData\Local\assembly\tmp
c:\users\Pia\g2mdlhlpx.exe
.
.
(((((((((((((((((((((((((((((  Filer skabt fra 2012-07-22 til 2012-08-22 )))))))))))))))))))))))))))))))))))
.
.
2012-08-22 15:52 . 2012-08-22 15:54   ————  d——-w-  c:\users\Pia\AppData\Local\temp
2012-08-22 15:52 . 2012-08-22 15:52   ————  d——-w-  c:\users\Default\AppData\Local\temp
2012-08-22 15:41 . 2012-08-22 15:41   5106   ——a-w-  c:\windows\system32\PerfStringBackup.TMP
2012-08-22 15:34 . 2012-08-22 15:34   ————  d——-w-  C:\_OTL
2012-08-15 15:20 . 2012-05-05 07:46   400896   ——a-w-  c:\windows\system32\srcore.dll
2012-08-15 15:20 . 2012-07-18 17:47   2345984   ——a-w-  c:\windows\system32\win32k.sys
2012-08-15 15:20 . 2012-02-11 05:43   492032   ——a-w-  c:\windows\system32\win32spl.dll
2012-08-15 15:20 . 2012-02-11 05:37   317440   ——a-w-  c:\windows\system32\spoolsv.exe
2012-08-15 15:20 . 2012-07-04 21:14   102912   ——a-w-  c:\windows\system32\browser.dll
2012-08-15 15:20 . 2012-07-04 21:14   41984   ——a-w-  c:\windows\system32\browcli.dll
2012-08-15 15:20 . 2012-05-14 04:33   769024   ——a-w-  c:\windows\system32\localspl.dll
2012-08-04 07:10 . 2012-08-04 07:10   ————  d——-w-  c:\program files\CCleaner
2012-08-03 15:12 . 2012-06-29 08:44   6891424   ——a-w-  c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{B00684C1-1DD4-4293-A0CE-97DB4ACA07FE}\mpengine.dll   ERROR(0x00000005)
2012-07-30 21:52 . 2012-07-30 21:52   103904   ——a-w-  c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-07-30 21:52 . 2012-07-30 21:52   103904   ——a-w-  c:\program files\Internet Explorer\Plugins\nppdf32.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-17 03:34 . 2012-04-05 04:11   426184   ——a-w-  c:\windows\system32\FlashPlayerApp.exe
2012-08-17 03:34 . 2011-08-06 07:59   70344   ——a-w-  c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-29 08:44 . 2010-01-17 07:05   6891424   ——a-w-  c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll   ERROR(0x00000005)
2012-06-20 18:03 . 2012-06-20 18:03   476936   ——a-w-  c:\windows\system32\npdeployJava1.dll
2012-06-20 18:03 . 2011-02-18 21:59   472840   ——a-w-  c:\windows\system32\deployJava1.dll
2012-06-17 17:57 . 2012-06-09 14:39   16400   ——a-w-  c:\windows\system32\drivers\LNonPnP.sys
2012-06-09 14:28 . 2012-06-09 14:28   53248   ——a-r-  c:\users\Pia\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-06-06 05:05 . 2012-07-14 06:45   1390080   ——a-w-  c:\windows\system32\msxml6.dll
2012-06-06 05:05 . 2012-07-14 06:45   1236992   ——a-w-  c:\windows\system32\msxml3.dll
2012-06-06 05:03 . 2012-07-14 06:43   805376   ——a-w-  c:\windows\system32\cdosys.dll
2012-06-02 22:19 . 2012-06-24 15:56   53784   ——a-w-  c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-24 15:56   45080   ——a-w-  c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-24 15:56   35864   ——a-w-  c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-24 15:56   577048   ——a-w-  c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-24 15:56   1933848   ——a-w-  c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-24 15:56   2422272   ——a-w-  c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-24 15:56   88576   ——a-w-  c:\windows\system32\wudriver.dll
2012-06-02 12:19 . 2012-06-24 15:56   171904   ——a-w-  c:\windows\system32\wuwebv.dll
2012-06-02 12:12 . 2012-06-24 15:56   33792   ——a-w-  c:\windows\system32\wuapp.exe
2012-06-02 04:45 . 2012-07-14 06:46   67440   ——a-w-  c:\windows\system32\drivers\ksecdd.sys
2012-06-02 04:45 . 2012-07-14 06:46   134000   ——a-w-  c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 04:40 . 2012-07-14 06:46   369336   ——a-w-  c:\windows\system32\drivers\cng.sys
2012-06-02 04:40 . 2012-07-14 06:46   225280   ——a-w-  c:\windows\system32\schannel.dll
2012-06-02 04:39 . 2012-07-14 06:46   219136   ——a-w-  c:\windows\system32\ncrypt.dll
2012-05-31 09:25 . 2010-01-13 11:34   237072   ———w-  c:\windows\system32\MpSigStub.exe
2012-02-18 05:25 . 2011-03-26 07:52   134104   ——a-w-  c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe” [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“UCam_Menu”=“c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe” [2009-05-19 222504]
“egui”=“c:\program files\ESET\ESET Smart Security\egui.exe” [2009-11-16 2054360]
“EEventManager”=“c:\program files\Epson Software\Event Manager\EEventManager.exe” [2009-12-03 976320]
“Persistence”=“c:\windows\system32\igfxpers.exe” [2012-01-10 177944]
“SunJavaUpdateSched”=“c:\program files\Common Files\Java\Java Update\jusched.exe” [2012-01-18 254696]
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2012-07-31 38872]
“Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [2012-07-11 919008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-09-27 19:03   66328   ——a-w-  c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
“AppInit_DLLs”=c:\windows\System32\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
“aux2”=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-11 19:00   919008   ——a-r-  c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-07-31 11:20   38872   ——a-w-  c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-05-30 17:06   59280   ——a-w-  c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2009-11-02 13:21   103720   ———w-  c:\program files\CyberLink\Power2Go\CLMLSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
2011-10-07 09:40   1387288   ——a-w-  c:\program files\Logitech\SetPointP\SetPoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyApp]
2009-12-14 10:25   200704   ——a-w-  c:\program files\Launch Manager\HotkeyApp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2012-01-10 20:44   177432   ——a-w-  c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-06-07 16:33   421776   ——a-w-  c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LMgrVolOSD]
2009-12-11 14:18   348960   ——a-w-  c:\program files\Launch Manager\OSD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
2010-01-05 17:07   678432   ———w-  c:\program files\Realtek\Audio\HDA\RtHDVBg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2010-01-05 17:07   8419872   ———w-  c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2009-12-10 18:22   1594664   ——a-w-  c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wbutton]
2010-01-13 09:18   413696   ——a-w-  c:\program files\Launch Manager\WButton.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl.sys [x]
R3 WatAdminSvc;Tjenesten Windows Aktivering;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 IntcDAud;Intel(R) lyd for skærm;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Indhold af mappen ‘Planlagte Opgaver’
.
2012-08-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 03:34]
.
.
———- Yderligere scanning———-
.
uStart Page = hxxp://www.dr.dk/
IE: E&ksporter; til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4
Trusted Zone: http://www.dr.dk
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\bmeel1a3.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (en)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.dk/
.
- - - - TOMME GENVEJE FJERNET - - - -
.
MSConfigStartUp-LMgrOSD - c:\program files\Launch Manager\OSDCtrl.exe
AddRemove-_{ADDBE07D-95B8-4789-9C76-187FFF9624B4} - c:\program files\Corel\CorelDRAW Essential Edition 3\Programs\MSILauncher {ADDBE07D-95B8-4789-9C76-187FFF9624B4}
.
.
.
——————————- LÅSTE REGISTRERINGS NØGLER——————————-
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
————————————Andre kørende processer————————————
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\PSIService.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Gennemført tid: 2012-08-22 18:59:52 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2012-08-22 15:59
.
Pre-Kørsel: 150.864.658.432 byte ledig
Post-Kørsel: 150.756.737.024 byte ledig
.
- - End Of File - - FA3B21D60311D9554FEB6C2E6D5D399C

Fint, hvordan opfører computeren sig nu ?

Meget meget bedre. Jeg har haft “Svarer ikke” på Firefox et par gange, men kun i få sekunder ved opstart. iTunes har hakket lidt i det - en gang med en lidt langsom opstart (men stadig meget hurtigere end før) og et par gange ved afspilning (kan det være en dårlig podcast?). Men jeg er godt tilfreds. Tusind tak for hjælpen. I er sgu hverdagens helte. “Kage” er på vej.

Hilsen Pia

Det lyder da godt    

Skal vi ikke lige tage et sidste tjek for at se om det ikke kan blive bedre…...

Hent og installer Ccleaner: Her
Klik på Download Latest Version

Fjern flueben ved -  Installer Yahoo toolbar

Når du åbner programmet for første gang, vil der være flueben i alle felter.
Hvis du ønsker at bevare cookies, kan du fjerne dette flueben.

Klik på Kør Cleaner, for at få renset din computer.

Du vil nu få en advarsel, om at disse filer slettes fuldstændigt fra dit system, og om du ønsker at fortsætte. Klik på Ok for at svare ja til det. Sæt flueben ved ->  Vis mig ikke denne besked igen.

Genstart.

Hent Malwarebytes Anti-Malware:
Her
Installer programmet - NB, du skal sørge for at der er et flueben placeret ved siden af Update Malwarebytes ‘Anti-Malware og Launch Malwarebytes’ Anti-Malware, og klik derefter på Udfør. .
Herefter åbner et vindue, hvor du skal flytte prikken til “Kør et fuldstændigt systemscan” - klik på Skan Knappen - lad programmet arbejde. Når det er færdig (det tager lidt tid afhængig af hvor meget du har på computeren).
Derefter - Tryk på “Vis resultater” knappen efter scanningen - og herefter tryk på “Fjern det valgte” - nu åbnes log’en og du skal gemme den et sted, hvor du kan finde den igen.

NB Hvis Malwarebytes Anti-Malware vil genstarte computeren for at fuldføre rensningen så lad den genstarte.

Hent nyeste version af HijackThis ned til skrivebordet:
http://sourceforge.net/projects/hjt/
2. Dobbeltklik på installationsfilen, og følg installationsvejledningen.
3. Dobbeltklik på det nye HijackThis ikon på skrivebordet.
4. På menuen der kommer op, klikker du på: Do a systemscan and save a logfile.
5. Efter et kort øjeblik åbner en logfil i notesblok, gem den.
5. Sådan kopieres loggen ind i et spørgsmål:
Mens loggen er åben, markeres al teksten med tastekombinationen CTRL + A.
For at kopiere den markerede tekst bruges tastekombinationen CTRL + C, som ”fastgør” det i udklipsholderen i Windows. Gå så ind i dit spørgsmål og klik på kommentér knappen. Her indsættes det kopierede i det hvide felt med tastekombinationen CTRL + V.

Send så hijackthis loggen herind, sammen med malwarebyte loggen.

Øv nu gik det lige så godt - indtil jeg skulle bruge Malwarebytes, så begyndte den at hænge igen. Jeg installerede (og afinstallerede) programmet et par gang før det lykkedes. Og jeg slettede nogle pdf filer, hvor den blev ved at hænge for at kunne genneføre fuld scan. Firefox er blevet langsom igen - ind imellem får jeg “Svarer ikke” beskeden, og nu tager det også meget lang tid at generere siderne. Jeg har også forsøgt at køre en scan på ESET. De første par gange stoppede jeg den igen, fordi jeg troede den hang, men jeg fandt ud af, at den også kører ekstremt langsomt. Den 3. scan (Smart scan ikke Tilpasset) har nu varet i over 24 timer, og den har nået 44%. Der er et hav af meddelelser - jeg har ikke talt men jeg gætter på flere hundrede. De første to “Fejl ved åbning af”. Resten er ved stort set hvert program en besked om “Dekomprimering kunne ikke fuldføres”

De to log filer fra Malware og Hijack er nedenfor.

Hilsen Pia

Malwarebytes Anti-Malware 1.62.0.1300
http://www.malwarebytes.org

Database version: v2012.08.25.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Pia :: PIA-PC [administrator]

26-08-2012 01:07:56
mbam-log-2012-08-26 (01-07-56).txt

Skanningstype: Fuldstændig skanning (C:\|D:\|E:\|)
Skanningsmuligheder valgt: Hukommelse | Opstart | Registreringsdatabasen | Filsystem | Heuristics/Ekstra | Heuristics/Shuriken | PUP | PUM
Skanningsmuligheder som er deaktiverede: P2P
Objekter skannet: 419922
Tid gået: 5 time(e), 39 minut(ter), 36 sekund(er)

Hukommelses Processorer Inficeret: 0
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret: 0
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret: 0
(Ingen skadelige objekter blev fundet)

Registreringsdatabaseværdier Inficeret: 0
(Ingen skadelige objekter blev fundet)

Registreringsdatabasedata Objekter Inficeret: 0
(Ingen skadelige objekter blev fundet)

Inficerede Mapper: 0
(Ingen skadelige objekter blev fundet)

Inficerede Filer: 0
(Ingen skadelige objekter blev fundet)

(færdig)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:20:17, on 26-08-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Users\Pia\Desktop\Spywarefri\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dr.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows; Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [UCam_Menu] “C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\YouCam” UpdateWithCreateOnce “Software\CyberLink\YouCam\3.0”
O4 - HKLM\..\Run: [egui] “C:\Program Files\ESET\ESET Smart Security\egui.exe” /hide /waitservice
O4 - HKLM\..\Run: [EEventManager] “C:\Program Files\Epson Software\Event Manager\EEventManager.exe”
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: [Adobe ARM] “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM] “C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe” -scheduler
O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: eBay.co.uk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4 (file missing)
O9 - Extra ‘Tools’ menuitem: eBay.co.uk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4 (file missing)
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &Blog; det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: S&end; til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra ‘Tools’ menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: eBay.co.uk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-72741-17534-1/4 (file missing) (HKCU)
O9 - Extra ‘Tools’ menuitem: eBay.co.uk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-72741-17534-1/4 (file missing) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\System32\nvinit.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallShield Licensing Service - Macrovision                                   - C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

—
End of file - 8224 bytes

Stop den ESET scan.

Start-kør-kopier:  %temp%  ind i Kør boxen

Tryk Enter. Slet alt hvad der er i den mappe.

Der er nogen filer, der ikke kan slettes, det er normalt.

Prøv så ESET igen. Hvis den kører lige så langsomt, så geninstaller ESET.

Det hjalp desværre ikke. :-( Lige et spørgsmål inden jeg laver re-install på ESET. Kan det, at jeg får uendelig mange meddelelser med “dekomprimering kunne ikke fuldføres (mulige årsager: utilstrækkelig ledig hukommelse eller diskplads eller et problem med midlertidige mapper”, have noget at gøre med, at jeg først får meddelelserne “C:\hiberfil.sys - fejl ved åbning af” og “C:\pagefile.sys - fejl ved åbning af”. Jeg har søgt på de to filer, men kan ikke finde dem.

Hilsen Pia

først får meddelelserne “C:\hiberfil.sys - fejl ved åbning af” og “C:\pagefile.sys - fejl ved åbning

Kommer de automatisk ?

Download filen Tdsskiller.zip fra dette link, pak den ud i en mappe.
http://support.kaspersky.com/downloads/utils/tdsskiller.zip
Kør TDSSKiller.exe > Klik på Start Scan

Hvis en inficeret fil bliver fundet, vil ”Default action” være Cure, klik på Continue
Hvis en mistænkelig fil opdages, vil ”Default action” være Skip, klik på Continue

Hvis den skriver “Reboot the computer to complete the process”. Klik på Reboot Now.
Hvis den ikke spørger om ”Reboot” (genstart) så klik på ”Report”, kopier den tekst herind i tråden.
Hvis den genstarter kan du find logfilen her >
C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt.
Kopier den tekst herind I denne tråd.

Nu ved jeg ikke helt, hvad du mener med automatisk. Hvis jeg vælger “Vis scanning med log i et nyt vindue” så er “C:\hiberfil.sys - fejl ved åbning af” og “C:\pagefile.sys - fejl ved åbning af” de første to linier i loggen. Derefter kommer de mange “dekomprimering” beskeder (jeg talte efter - næsten 100 beskeder/linier for det første program, og der er for temmelig mange programmer).

TDSSKiller fandt tilsyneladende ikke noget.

Mht. at Firefox hænger igen - skal jeg gentage proceduren fra først i tråden?

Hilsen Pia

NB: Nå jah - jeg fandt forresten de to .sys filer.

18:29:35.0089 4284 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
18:29:35.0916 4284 ============================================================
18:29:35.0916 4284 Current date / time: 2012/08/28 18:29:35.0916
18:29:35.0916 4284 SystemInfo:
18:29:35.0916 4284
18:29:35.0916 4284 OS Version: 6.1.7601 ServicePack: 1.0
18:29:35.0916 4284 Product type: Workstation
18:29:35.0916 4284 ComputerName: PIA-PC
18:29:35.0916 4284 UserName: Pia
18:29:35.0916 4284 Windows directory: C:\Windows
18:29:35.0916 4284 System windows directory: C:\Windows
18:29:35.0916 4284 Processor architecture: Intel x86
18:29:35.0916 4284 Number of processors: 4
18:29:35.0916 4284 Page size: 0x1000
18:29:35.0916 4284 Boot type: Normal boot
18:29:35.0916 4284 ============================================================
18:29:36.0728 4284 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘K0’, Flags 0x00000050
18:29:36.0728 4284 ============================================================
18:29:36.0728 4284 \Device\Harddisk0\DR0:
18:29:36.0728 4284 MBR partitions:
18:29:36.0728 4284 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:29:36.0728 4284 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x35152000
18:29:36.0728 4284 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x35184800, BlocksNum 0x5000000
18:29:36.0728 4284 ============================================================
18:29:36.0759 4284 C: <-> \Device\Harddisk0\DR0\Partition2
18:29:36.0790 4284 D: <-> \Device\Harddisk0\DR0\Partition3
18:29:36.0790 4284 ============================================================
18:29:36.0790 4284 Initialize success
18:29:36.0790 4284 ============================================================
18:30:25.0649 4204 ============================================================
18:30:25.0649 4204 Scan started
18:30:25.0649 4204 Mode: Manual;
18:30:25.0649 4204 ============================================================
18:30:27.0100 4204 ================ Scan system memory ========================
18:30:27.0100 4204 System memory - ok
18:30:27.0100 4204 ================ Scan services =============================
18:30:27.0287 4204 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci     C:\Windows\system32\drivers\1394ohci.sys
18:30:27.0350 4204 1394ohci - ok
18:30:27.0474 4204 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
18:30:27.0474 4204 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
18:30:27.0537 4204 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI         C:\Windows\system32\drivers\ACPI.sys
18:30:27.0537 4204 ACPI - ok
18:30:27.0584 4204 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi       C:\Windows\system32\drivers\acpipmi.sys
18:30:27.0615 4204 AcpiPmi - ok
18:30:27.0693 4204 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:30:27.0708 4204 AdobeFlashPlayerUpdateSvc - ok
18:30:27.0755 4204 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx       C:\Windows\system32\DRIVERS\adp94xx.sys
18:30:27.0880 4204 adp94xx - ok
18:30:27.0927 4204 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci       C:\Windows\system32\DRIVERS\adpahci.sys
18:30:27.0989 4204 adpahci - ok
18:30:28.0005 4204 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320       C:\Windows\system32\DRIVERS\adpu320.sys
18:30:28.0052 4204 adpu320 - ok
18:30:28.0067 4204 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc   C:\Windows\System32\aelupsvc.dll
18:30:28.0067 4204 AeLookupSvc - ok
18:30:28.0130 4204 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD         C:\Windows\system32\drivers\afd.sys
18:30:28.0176 4204 AFD - ok
18:30:28.0239 4204 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440       C:\Windows\system32\drivers\agp440.sys
18:30:28.0270 4204 agp440 - ok
18:30:28.0317 4204 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx       C:\Windows\system32\DRIVERS\djsvs.sys
18:30:28.0348 4204 aic78xx - ok
18:30:28.0395 4204 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG         C:\Windows\System32\alg.exe
18:30:28.0395 4204 ALG - ok
18:30:28.0457 4204 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide       C:\Windows\system32\drivers\aliide.sys
18:30:28.0473 4204 aliide - ok
18:30:28.0535 4204 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp       C:\Windows\system32\drivers\amdagp.sys
18:30:28.0566 4204 amdagp - ok
18:30:28.0582 4204 [ CD5914170297126B6266860198D1D4F0 ] amdide       C:\Windows\system32\drivers\amdide.sys
18:30:28.0613 4204 amdide - ok
18:30:28.0644 4204 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8       C:\Windows\system32\DRIVERS\amdk8.sys
18:30:28.0676 4204 AmdK8 - ok
18:30:28.0676 4204 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM       C:\Windows\system32\DRIVERS\amdppm.sys
18:30:28.0707 4204 AmdPPM - ok
18:30:28.0754 4204 [ D320BF87125326F996D4904FE24300FC ] amdsata       C:\Windows\system32\drivers\amdsata.sys
18:30:28.0785 4204 amdsata - ok
18:30:28.0816 4204 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs       C:\Windows\system32\DRIVERS\amdsbs.sys
18:30:28.0832 4204 amdsbs - ok
18:30:28.0847 4204 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata       C:\Windows\system32\drivers\amdxata.sys
18:30:28.0878 4204 amdxata - ok
18:30:28.0925 4204 [ AEA177F783E20150ACE5383EE368DA19 ] AppID       C:\Windows\system32\drivers\appid.sys
18:30:28.0988 4204 AppID - ok
18:30:29.0019 4204 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc     C:\Windows\System32\appidsvc.dll
18:30:29.0034 4204 AppIDSvc - ok
18:30:29.0066 4204 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo       C:\Windows\System32\appinfo.dll
18:30:29.0066 4204 Appinfo - ok
18:30:29.0159 4204 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:30:29.0159 4204 Apple Mobile Device - ok
18:30:29.0222 4204 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc         C:\Windows\system32\DRIVERS\arc.sys
18:30:29.0253 4204 arc - ok
18:30:29.0268 4204 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas       C:\Windows\system32\DRIVERS\arcsas.sys
18:30:29.0284 4204 arcsas - ok
18:30:29.0300 4204 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac     C:\Windows\system32\DRIVERS\asyncmac.sys
18:30:29.0331 4204 AsyncMac - ok
18:30:29.0378 4204 [ 338C86357871C167A96AB976519BF59E ] atapi       C:\Windows\system32\drivers\atapi.sys
18:30:29.0424 4204 atapi - ok
18:30:29.0471 4204 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:30:29.0471 4204 AudioEndpointBuilder - ok
18:30:29.0487 4204 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv     C:\Windows\System32\Audiosrv.dll
18:30:29.0487 4204 Audiosrv - ok
18:30:29.0534 4204 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV     C:\Windows\System32\AxInstSV.dll
18:30:29.0534 4204 AxInstSV - ok
18:30:29.0580 4204 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv       C:\Windows\system32\DRIVERS\bxvbdx.sys
18:30:29.0596 4204 b06bdrv - ok
18:30:29.0643 4204 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x     C:\Windows\system32\DRIVERS\b57nd60x.sys
18:30:29.0690 4204 b57nd60x - ok
18:30:29.0721 4204 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC       C:\Windows\System32\bdesvc.dll
18:30:29.0721 4204 BDESVC - ok
18:30:29.0736 4204 [ 505506526A9D467307B3C393DEDAF858 ] Beep         C:\Windows\system32\drivers\Beep.sys
18:30:29.0752 4204 Beep - ok
18:30:29.0814 4204 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE         C:\Windows\System32\bfe.dll
18:30:29.0830 4204 BFE - ok
18:30:29.0908 4204 [ E585445D5021971FAE10393F0F1C3961 ] BITS         C:\Windows\system32\qmgr.dll
18:30:29.0924 4204 BITS - ok
18:30:29.0955 4204 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive     C:\Windows\system32\DRIVERS\blbdrive.sys
18:30:29.0970 4204 blbdrive - ok
18:30:30.0017 4204 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser       C:\Windows\system32\DRIVERS\bowser.sys
18:30:30.0033 4204 bowser - ok
18:30:30.0048 4204 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo     C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:30:30.0048 4204 BrFiltLo - ok
18:30:30.0064 4204 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp     C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:30:30.0080 4204 BrFiltUp - ok
18:30:30.0126 4204 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP     C:\Windows\system32\DRIVERS\bridge.sys
18:30:30.0173 4204 BridgeMP - ok
18:30:30.0220 4204 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser       C:\Windows\System32\browser.dll
18:30:30.0236 4204 Browser - ok
18:30:30.0282 4204 [ 845B8CE732E67F3B4133164868C666EA ] Brserid       C:\Windows\System32\Drivers\Brserid.sys
18:30:30.0282 4204 Brserid - ok
18:30:30.0298 4204 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm     C:\Windows\System32\Drivers\BrSerWdm.sys
18:30:30.0298 4204 BrSerWdm - ok
18:30:30.0329 4204 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm     C:\Windows\System32\Drivers\BrUsbMdm.sys
18:30:30.0329 4204 BrUsbMdm - ok
18:30:30.0345 4204 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer     C:\Windows\System32\Drivers\BrUsbSer.sys
18:30:30.0345 4204 BrUsbSer - ok
18:30:30.0376 4204 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM     C:\Windows\system32\DRIVERS\bthmodem.sys
18:30:30.0392 4204 BTHMODEM - ok
18:30:30.0423 4204 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv       C:\Windows\system32\bthserv.dll
18:30:30.0438 4204 bthserv - ok
18:30:30.0532 4204 catchme - ok
18:30:30.0594 4204 [ 5753532C476B83119D85AA43B1B10AB3 ] CCALib8       C:\Program Files\Canon\CAL\CALMAIN.exe
18:30:30.0594 4204 CCALib8 - ok
18:30:30.0626 4204 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs         C:\Windows\system32\DRIVERS\cdfs.sys
18:30:30.0657 4204 cdfs - ok
18:30:30.0704 4204 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom       C:\Windows\system32\drivers\cdrom.sys
18:30:30.0750 4204 cdrom - ok
18:30:30.0782 4204 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc   C:\Windows\System32\certprop.dll
18:30:30.0797 4204 CertPropSvc - ok
18:30:30.0844 4204 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass     C:\Windows\system32\DRIVERS\circlass.sys
18:30:30.0844 4204 circlass - ok
18:30:30.0875 4204 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS         C:\Windows\system32\CLFS.sys
18:30:30.0891 4204 CLFS - ok
18:30:31.0078 4204 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:30:31.0078 4204 clr_optimization_v2.0.50727_32 - ok
18:30:31.0187 4204 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:30:31.0203 4204 clr_optimization_v4.0.30319_32 - ok
18:30:31.0218 4204 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt       C:\Windows\system32\DRIVERS\CmBatt.sys
18:30:31.0250 4204 CmBatt - ok
18:30:31.0296 4204 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide       C:\Windows\system32\drivers\cmdide.sys
18:30:31.0328 4204 cmdide - ok
18:30:31.0343 4204 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG         C:\Windows\system32\Drivers\cng.sys
18:30:31.0359 4204 CNG - ok
18:30:31.0374 4204 [ A6023D3823C37043986713F118A89BEE ] Compbatt     C:\Windows\system32\DRIVERS\compbatt.sys
18:30:31.0390 4204 Compbatt - ok
18:30:31.0437 4204 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus   C:\Windows\system32\drivers\CompositeBus.sys
18:30:31.0437 4204 CompositeBus - ok
18:30:31.0452 4204 COMSysApp - ok
18:30:31.0484 4204 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk       C:\Windows\system32\DRIVERS\crcdisk.sys
18:30:31.0499 4204 crcdisk - ok
18:30:31.0562 4204 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc     C:\Windows\system32\cryptsvc.dll
18:30:31.0577 4204 CryptSvc - ok
18:30:31.0624 4204 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch     C:\Windows\system32\rpcss.dll
18:30:31.0671 4204 DcomLaunch - ok
18:30:31.0702 4204 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc     C:\Windows\System32\defragsvc.dll
18:30:31.0702 4204 defragsvc - ok
18:30:31.0780 4204 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC         C:\Windows\system32\Drivers\dfsc.sys
18:30:31.0811 4204 DfsC - ok
18:30:31.0905 4204 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp         C:\Windows\system32\dhcpcore.dll
18:30:31.0920 4204 Dhcp - ok
18:30:31.0952 4204 [ 1A050B0274BFB3890703D490F330C0DA ] discache     C:\Windows\system32\drivers\discache.sys
18:30:31.0983 4204 discache - ok
18:30:32.0014 4204 [ 565003F326F99802E68CA78F2A68E9FF ] Disk         C:\Windows\system32\DRIVERS\disk.sys
18:30:32.0030 4204 Disk - ok
18:30:32.0061 4204 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache     C:\Windows\System32\dnsrslvr.dll
18:30:32.0076 4204 Dnscache - ok
18:30:32.0108 4204 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc       C:\Windows\System32\dot3svc.dll
18:30:32.0108 4204 dot3svc - ok
18:30:32.0154 4204 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS         C:\Windows\system32\dps.dll
18:30:32.0154 4204 DPS - ok
18:30:32.0186 4204 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud       C:\Windows\system32\drivers\drmkaud.sys
18:30:32.0217 4204 drmkaud - ok
18:30:32.0248 4204 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl       C:\Windows\System32\drivers\dxgkrnl.sys
18:30:32.0373 4204 DXGKrnl - ok
18:30:32.0420 4204 [ AF82DC664E3D8E2CBA3B95E68F6448A7 ] eamon       C:\Windows\system32\DRIVERS\eamon.sys
18:30:32.0420 4204 eamon - ok
18:30:32.0451 4204 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost       C:\Windows\System32\eapsvc.dll
18:30:32.0451 4204 EapHost - ok
18:30:32.0576 4204 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv       C:\Windows\system32\DRIVERS\evbdx.sys
18:30:32.0716 4204 ebdrv - ok
18:30:32.0747 4204 [ 81951F51E318AECC2D68559E47485CC4 ] EFS         C:\Windows\System32\lsass.exe
18:30:32.0747 4204 EFS - ok
18:30:32.0794 4204 [ 686A799C1BF1B18941994DAF9F45DB06 ] ehdrv       C:\Windows\system32\DRIVERS\ehdrv.sys
18:30:32.0825 4204 ehdrv - ok
18:30:32.0888 4204 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr       C:\Windows\ehome\ehRecvr.exe
18:30:32.0919 4204 ehRecvr - ok
18:30:32.0950 4204 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched       C:\Windows\ehome\ehsched.exe
18:30:32.0950 4204 ehSched - ok
18:30:32.0997 4204 [ 9329BA45C8B97485926A171E34C2ABB8 ] EhttpSrv     C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
18:30:32.0997 4204 EhttpSrv - ok
18:30:33.0028 4204 [ 3543C6195D5ED4EDA0316D3E1BA0E6EE ] ekrn         C:\Program Files\ESET\ESET Smart Security\ekrn.exe
18:30:33.0059 4204 ekrn - ok
18:30:33.0106 4204 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor       C:\Windows\system32\DRIVERS\elxstor.sys
18:30:33.0184 4204 elxstor - ok
18:30:33.0200 4204 [ 39F48A0784BE8465CD1AC80B36D61613 ] epfw         C:\Windows\system32\DRIVERS\epfw.sys
18:30:33.0215 4204 epfw - ok
18:30:33.0246 4204 [ 3B47010B2425B69826004767E59045BA ] Epfwndis     C:\Windows\system32\DRIVERS\Epfwndis.sys
18:30:33.0278 4204 Epfwndis - ok
18:30:33.0293 4204 [ 702A4695CA4EBDEFA30235DDA300C9D0 ] epfwwfp       C:\Windows\system32\DRIVERS\epfwwfp.sys
18:30:33.0293 4204 epfwwfp - ok
18:30:33.0371 4204 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
18:30:33.0371 4204 EpsonBidirectionalService - ok
18:30:33.0418 4204 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev       C:\Windows\system32\drivers\errdev.sys
18:30:33.0434 4204 ErrDev - ok
18:30:33.0480 4204 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem   C:\Windows\system32\es.dll
18:30:33.0480 4204 EventSystem - ok
18:30:33.0527 4204 [ 2DC9108D74081149CC8B651D3A26207F ] exfat       C:\Windows\system32\drivers\exfat.sys
18:30:33.0558 4204 exfat - ok
18:30:33.0574 4204 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat       C:\Windows\system32\drivers\fastfat.sys
18:30:33.0605 4204 fastfat - ok
18:30:33.0652 4204 [ 967EA5B213E9984CBE270205DF37755B ] Fax         C:\Windows\system32\fxssvc.exe
18:30:33.0668 4204 Fax - ok
18:30:33.0683 4204 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc         C:\Windows\system32\DRIVERS\fdc.sys
18:30:33.0730 4204 fdc - ok
18:30:33.0746 4204 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost       C:\Windows\system32\fdPHost.dll
18:30:33.0746 4204 fdPHost - ok
18:30:33.0761 4204 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub     C:\Windows\system32\fdrespub.dll
18:30:33.0777 4204 FDResPub - ok
18:30:33.0808 4204 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo     C:\Windows\system32\drivers\fileinfo.sys
18:30:33.0839 4204 FileInfo - ok
18:30:33.0855 4204 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace     C:\Windows\system32\drivers\filetrace.sys
18:30:33.0870 4204 Filetrace - ok
18:30:33.0902 4204 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk     C:\Windows\system32\DRIVERS\flpydisk.sys
18:30:33.0917 4204 flpydisk - ok
18:30:33.0933 4204 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr       C:\Windows\system32\drivers\fltmgr.sys
18:30:33.0964 4204 FltMgr - ok
18:30:34.0026 4204 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache     C:\Windows\system32\FntCache.dll
18:30:34.0058 4204 FontCache - ok
18:30:34.0104 4204 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:30:34.0104 4204 FontCache3.0.0.0 - ok
18:30:34.0136 4204 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends     C:\Windows\system32\drivers\FsDepends.sys
18:30:34.0167 4204 FsDepends - ok
18:30:34.0198 4204 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec       C:\Windows\system32\drivers\Fs_Rec.sys
18:30:34.0214 4204 Fs_Rec - ok
18:30:34.0245 4204 [ 8A73E79089B282100B9393B644CB853B ] fvevol       C:\Windows\system32\DRIVERS\fvevol.sys
18:30:34.0292 4204 fvevol - ok
18:30:34.0307 4204 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx     C:\Windows\system32\DRIVERS\gagp30kx.sys
18:30:34.0323 4204 gagp30kx - ok
18:30:34.0385 4204 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM   C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:30:34.0401 4204 GEARAspiWDM - ok
18:30:34.0432 4204 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc       C:\Windows\System32\gpsvc.dll
18:30:34.0463 4204 gpsvc - ok
18:30:34.0526 4204 [ CEC45180029F1012054A41CEEEA9CEAB ] grmnusb       C:\Windows\system32\drivers\grmnusb.sys
18:30:34.0557 4204 grmnusb - ok
18:30:34.0572 4204 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir     C:\Windows\system32\drivers\hcw85cir.sys
18:30:34.0588 4204 hcw85cir - ok
18:30:34.0650 4204 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:30:34.0713 4204 HdAudAddService - ok
18:30:34.0775 4204 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus     C:\Windows\system32\drivers\HDAudBus.sys
18:30:34.0775 4204 HDAudBus - ok
18:30:34.0822 4204 [ A88485DC6A7136C10D9A6C7E38FDFE3C ] HECI         C:\Windows\system32\DRIVERS\HECI.sys
18:30:34.0853 4204 HECI - ok
18:30:34.0884 4204 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt       C:\Windows\system32\DRIVERS\HidBatt.sys
18:30:34.0900 4204 HidBatt - ok
18:30:34.0931 4204 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth       C:\Windows\system32\DRIVERS\hidbth.sys
18:30:34.0947 4204 HidBth - ok
18:30:35.0009 4204 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr       C:\Windows\system32\DRIVERS\hidir.sys
18:30:35.0040 4204 HidIr - ok
18:30:35.0056 4204 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv       C:\Windows\System32\hidserv.dll
18:30:35.0072 4204 hidserv - ok
18:30:35.0134 4204 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb       C:\Windows\system32\DRIVERS\hidusb.sys
18:30:35.0165 4204 HidUsb - ok
18:30:35.0228 4204 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc       C:\Windows\system32\kmsvc.dll
18:30:35.0228 4204 hkmsvc - ok
18:30:35.0290 4204 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:30:35.0306 4204 HomeGroupListener - ok
18:30:35.0337 4204 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:30:35.0337 4204 HomeGroupProvider - ok
18:30:35.0384 4204 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD       C:\Windows\system32\drivers\HpSAMD.sys
18:30:35.0430 4204 HpSAMD - ok
18:30:35.0493 4204 [ 871917B07A141BFF43D76D8844D48106 ] HTTP         C:\Windows\system32\drivers\HTTP.sys
18:30:35.0555 4204 HTTP - ok
18:30:35.0586 4204 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy     C:\Windows\system32\drivers\hwpolicy.sys
18:30:35.0602 4204 hwpolicy - ok
18:30:35.0649 4204 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt     C:\Windows\system32\drivers\i8042prt.sys
18:30:35.0696 4204 i8042prt - ok
18:30:35.0742 4204 [ D5EDB998656E6ECF1A17C78DAB019A3C ] iaStor       C:\Windows\system32\DRIVERS\iaStor.sys
18:30:35.0742 4204 iaStor - ok
18:30:35.0820 4204 [ 7493EA4DE41348F7D3EDBF9DB298F56A ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:30:35.0820 4204 IAStorDataMgrSvc - ok
18:30:35.0852 4204 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV       C:\Windows\system32\drivers\iaStorV.sys
18:30:35.0898 4204 iaStorV - ok
18:30:35.0976 4204 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc       C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:30:36.0023 4204 idsvc - ok
18:30:36.0273 4204 [ 40F8A0F85BCE94F766808AEEE8F96FA8 ] igfx         C:\Windows\system32\DRIVERS\igdkmd32.sys
18:30:36.0538 4204 igfx - ok
18:30:36.0585 4204 [ 4173FF5708F3236CF25195FECD742915 ] iirsp       C:\Windows\system32\DRIVERS\iirsp.sys
18:30:36.0600 4204 iirsp - ok
18:30:36.0663 4204 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT       C:\Windows\System32\ikeext.dll
18:30:36.0678 4204 IKEEXT - ok
18:30:36.0756 4204 [ 3FF52353F30AFC313DA1D2E2FB75F892 ] InstallShield Licensing Service C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
18:30:36.0756 4204 InstallShield Licensing Service - ok
18:30:36.0866 4204 [ D5FC595475AC551D4FFF65D98E957A52 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:30:37.0006 4204 IntcAzAudAddService - ok
18:30:37.0053 4204 [ 2D79C681CE6D53A0C6C725A84594DF4C ] IntcDAud     C:\Windows\system32\DRIVERS\IntcDAud.sys
18:30:37.0053 4204 IntcDAud - ok
18:30:37.0084 4204 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide     C:\Windows\system32\drivers\intelide.sys
18:30:37.0100 4204 intelide - ok
18:30:37.0131 4204 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm     C:\Windows\system32\DRIVERS\intelppm.sys
18:30:37.0162 4204 intelppm - ok
18:30:37.0178 4204 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum     C:\Windows\system32\ipbusenum.dll
18:30:37.0178 4204 IPBusEnum - ok
18:30:37.0209 4204 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:30:37.0224 4204 IpFilterDriver - ok
18:30:37.0287 4204 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc     C:\Windows\System32\iphlpsvc.dll
18:30:37.0302 4204 iphlpsvc - ok
18:30:37.0334 4204 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV       C:\Windows\system32\drivers\IPMIDrv.sys
18:30:37.0380 4204 IPMIDRV - ok
18:30:37.0396 4204 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT       C:\Windows\system32\drivers\ipnat.sys
18:30:37.0427 4204 IPNAT - ok
18:30:37.0521 4204 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service   C:\Program Files\iPod\bin\iPodService.exe
18:30:37.0552 4204 iPod Service - ok
18:30:37.0583 4204 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM       C:\Windows\system32\drivers\irenum.sys
18:30:37.0599 4204 IRENUM - ok
18:30:37.0646 4204 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp       C:\Windows\system32\drivers\isapnp.sys
18:30:37.0708 4204 isapnp - ok
18:30:37.0739 4204 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt     C:\Windows\system32\drivers\msiscsi.sys
18:30:37.0770 4204 iScsiPrt - ok
18:30:37.0802 4204 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass     C:\Windows\system32\drivers\kbdclass.sys
18:30:37.0817 4204 kbdclass - ok
18:30:37.0864 4204 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid       C:\Windows\system32\drivers\kbdhid.sys
18:30:37.0895 4204 kbdhid - ok
18:30:37.0911 4204 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso       C:\Windows\system32\lsass.exe
18:30:37.0911 4204 KeyIso - ok
18:30:37.0942 4204 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD       C:\Windows\system32\Drivers\ksecdd.sys
18:30:37.0958 4204 KSecDD - ok
18:30:38.0004 4204 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg       C:\Windows\system32\Drivers\ksecpkg.sys
18:30:38.0051 4204 KSecPkg - ok
18:30:38.0067 4204 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm       C:\Windows\system32\msdtckrm.dll
18:30:38.0067 4204 KtmRm - ok
18:30:38.0098 4204 [ 3705B2273E8EFC9A707864AB7324B614 ] L1C         C:\Windows\system32\DRIVERS\L1C62x86.sys
18:30:38.0129 4204 L1C - ok
18:30:38.0160 4204 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer   C:\Windows\System32\srvsvc.dll
18:30:38.0176 4204 LanmanServer - ok
18:30:38.0192 4204 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:30:38.0192 4204 LanmanWorkstation - ok
18:30:38.0316 4204 [ 910344E2A984010435AE84783B25E5EB ] LBTServ       C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
18:30:38.0332 4204 LBTServ - ok
18:30:38.0363 4204 [ 01CC7FB6E790EF044B411377F3A1FF41 ] LHidFilt     C:\Windows\system32\DRIVERS\LHidFilt.Sys
18:30:38.0363 4204 LHidFilt - ok
18:30:38.0410 4204 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio       C:\Windows\system32\DRIVERS\lltdio.sys
18:30:38.0441 4204 lltdio - ok
18:30:38.0472 4204 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc       C:\Windows\System32\lltdsvc.dll
18:30:38.0488 4204 lltdsvc - ok
18:30:38.0504 4204 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts       C:\Windows\System32\lmhsvc.dll
18:30:38.0519 4204 lmhosts - ok
18:30:38.0550 4204 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] LMouFilt     C:\Windows\system32\DRIVERS\LMouFilt.Sys
18:30:38.0550 4204 LMouFilt - ok
18:30:38.0597 4204 [ 1E2F802846EB944E0333EFEE7C9532A8 ] LMS         C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:30:38.0613 4204 LMS - ok
18:30:38.0628 4204 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC       C:\Windows\system32\DRIVERS\lsi_fc.sys
18:30:38.0660 4204 LSI_FC - ok
18:30:38.0675 4204 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS       C:\Windows\system32\DRIVERS\lsi_sas.sys
18:30:38.0691 4204 LSI_SAS - ok
18:30:38.0722 4204 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2     C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:30:38.0753 4204 LSI_SAS2 - ok
18:30:38.0769 4204 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI     C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:30:38.0784 4204 LSI_SCSI - ok
18:30:38.0800 4204 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv       C:\Windows\system32\drivers\luafv.sys
18:30:38.0816 4204 luafv - ok
18:30:38.0862 4204 [ DDFA88E36D5F8DB5FBDBDDDC4969DB0A ] LUsbFilt     C:\Windows\system32\Drivers\LUsbFilt.Sys
18:30:38.0878 4204 LUsbFilt - ok
18:30:38.0909 4204 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc       C:\Windows\system32\Mcx2Svc.dll
18:30:38.0909 4204 Mcx2Svc - ok
18:30:38.0925 4204 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas       C:\Windows\system32\DRIVERS\megasas.sys
18:30:38.0956 4204 megasas - ok
18:30:38.0987 4204 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR       C:\Windows\system32\DRIVERS\MegaSR.sys
18:30:39.0018 4204 MegaSR - ok
18:30:39.0050 4204 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS       C:\Windows\system32\mmcss.dll
18:30:39.0050 4204 MMCSS - ok
18:30:39.0081 4204 [ F001861E5700EE84E2D4E52C712F4964 ] Modem       C:\Windows\system32\drivers\modem.sys
18:30:39.0112 4204 Modem - ok
18:30:39.0143 4204 [ 79D10964DE86B292320E9DFE02282A23 ] monitor       C:\Windows\system32\DRIVERS\monitor.sys
18:30:39.0174 4204 monitor - ok
18:30:39.0221 4204 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass     C:\Windows\system32\DRIVERS\mouclass.sys
18:30:39.0237 4204 mouclass - ok
18:30:39.0268 4204 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid       C:\Windows\system32\DRIVERS\mouhid.sys
18:30:39.0284 4204 mouhid - ok
18:30:39.0330 4204 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr     C:\Windows\system32\drivers\mountmgr.sys
18:30:39.0362 4204 mountmgr - ok
18:30:39.0408 4204 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio         C:\Windows\system32\drivers\mpio.sys
18:30:39.0440 4204 mpio - ok
18:30:39.0455 4204 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv       C:\Windows\system32\drivers\mpsdrv.sys
18:30:39.0471 4204 mpsdrv - ok
18:30:39.0518 4204 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc       C:\Windows\system32\mpssvc.dll
18:30:39.0549 4204 MpsSvc - ok
18:30:39.0596 4204 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV       C:\Windows\system32\drivers\mrxdav.sys
18:30:39.0627 4204 MRxDAV - ok
18:30:39.0674 4204 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb       C:\Windows\system32\DRIVERS\mrxsmb.sys
18:30:39.0689 4204 mrxsmb - ok
18:30:39.0720 4204 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10     C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:30:39.0736 4204 mrxsmb10 - ok
18:30:39.0767 4204 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20     C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:30:39.0783 4204 mrxsmb20 - ok
18:30:39.0814 4204 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci       C:\Windows\system32\drivers\msahci.sys
18:30:39.0830 4204 msahci - ok
18:30:39.0861 4204 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm       C:\Windows\system32\drivers\msdsm.sys
18:30:39.0876 4204 msdsm - ok
18:30:39.0892 4204 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC       C:\Windows\System32\msdtc.exe
18:30:39.0908 4204 MSDTC - ok
18:30:39.0923 4204 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs         C:\Windows\system32\drivers\Msfs.sys
18:30:39.0939 4204 Msfs - ok
18:30:39.0954 4204 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf     C:\Windows\System32\drivers\mshidkmdf.sys
18:30:39.0970 4204 mshidkmdf - ok
18:30:39.0970 4204 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv     C:\Windows\system32\drivers\msisadrv.sys
18:30:39.0986 4204 msisadrv - ok
18:30:40.0017 4204 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI       C:\Windows\system32\iscsiexe.dll
18:30:40.0017 4204 MSiSCSI - ok
18:30:40.0017 4204 msiserver - ok
18:30:40.0032 4204 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV       C:\Windows\system32\drivers\MSKSSRV.sys
18:30:40.0032 4204 MSKSSRV - ok
18:30:40.0048 4204 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK     C:\Windows\system32\drivers\MSPCLOCK.sys
18:30:40.0064 4204 MSPCLOCK - ok
18:30:40.0079 4204 [ F456E973590D663B1073E9C463B40932 ] MSPQM       C:\Windows\system32\drivers\MSPQM.sys
18:30:40.0095 4204 MSPQM - ok
18:30:40.0095 4204 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC       C:\Windows\system32\drivers\MsRPC.sys
18:30:40.0110 4204 MsRPC - ok
18:30:40.0157 4204 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios     C:\Windows\system32\drivers\mssmbios.sys
18:30:40.0173 4204 mssmbios - ok
18:30:40.0188 4204 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE       C:\Windows\system32\drivers\MSTEE.sys
18:30:40.0204 4204 MSTEE - ok
18:30:40.0220 4204 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig     C:\Windows\system32\DRIVERS\MTConfig.sys
18:30:40.0235 4204 MTConfig - ok
18:30:40.0251 4204 [ 159FAD02F64E6381758C990F753BCC80 ] Mup         C:\Windows\system32\Drivers\mup.sys
18:30:40.0251 4204 Mup - ok
18:30:40.0282 4204 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent     C:\Windows\system32\qagentRT.dll
18:30:40.0298 4204 napagent - ok
18:30:40.0329 4204 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP   C:\Windows\system32\DRIVERS\nwifi.sys
18:30:40.0376 4204 NativeWifiP - ok
18:30:40.0438 4204 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS         C:\Windows\system32\drivers\ndis.sys
18:30:40.0500 4204 NDIS - ok
18:30:40.0516 4204 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap       C:\Windows\system32\DRIVERS\ndiscap.sys
18:30:40.0532 4204 NdisCap - ok
18:30:40.0547 4204 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi     C:\Windows\system32\DRIVERS\ndistapi.sys
18:30:40.0563 4204 NdisTapi - ok
18:30:40.0594 4204 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio       C:\Windows\system32\DRIVERS\ndisuio.sys
18:30:40.0625 4204 Ndisuio - ok
18:30:40.0656 4204 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan       C:\Windows\system32\DRIVERS\ndiswan.sys
18:30:40.0688 4204 NdisWan - ok
18:30:40.0703 4204 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy       C:\Windows\system32\drivers\NDProxy.sys
18:30:40.0734 4204 NDProxy - ok
18:30:40.0750 4204 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS       C:\Windows\system32\DRIVERS\netbios.sys
18:30:40.0781 4204 NetBIOS - ok
18:30:40.0812 4204 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT       C:\Windows\system32\DRIVERS\netbt.sys
18:30:40.0859 4204 NetBT - ok
18:30:40.0875 4204 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon     C:\Windows\system32\lsass.exe
18:30:40.0875 4204 Netlogon - ok
18:30:40.0906 4204 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman       C:\Windows\System32\netman.dll
18:30:40.0922 4204 Netman - ok
18:30:40.0937 4204 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm     C:\Windows\System32\netprofm.dll
18:30:40.0953 4204 netprofm - ok
18:30:40.0984 4204 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:30:41.0000 4204 NetTcpPortSharing - ok
18:30:41.0015 4204 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960       C:\Windows\system32\DRIVERS\nfrd960.sys
18:30:41.0046 4204 nfrd960 - ok
18:30:41.0093 4204 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc       C:\Windows\System32\nlasvc.dll
18:30:41.0093 4204 NlaSvc - ok
18:30:41.0124 4204 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs         C:\Windows\system32\drivers\Npfs.sys
18:30:41.0156 4204 Npfs - ok
18:30:41.0171 4204 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi         C:\Windows\system32\nsisvc.dll
18:30:41.0187 4204 nsi - ok
18:30:41.0202 4204 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy     C:\Windows\system32\drivers\nsiproxy.sys
18:30:41.0218 4204 nsiproxy - ok
18:30:41.0296 4204 [ 81189C3D7763838E55C397759D49007A ] Ntfs         C:\Windows\system32\drivers\Ntfs.sys
18:30:41.0374 4204 Ntfs - ok
18:30:41.0405 4204 [ F9756A98D69098DCA8945D62858A812C ] Null         C:\Windows\system32\drivers\Null.sys
18:30:41.0421 4204 Null - ok
18:30:41.0655 4204 [ 79E32439C1BFF32890BF47724C3074FF ] nvlddmkm     C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:30:41.0889 4204 nvlddmkm - ok
18:30:41.0951 4204 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid       C:\Windows\system32\drivers\nvraid.sys
18:30:41.0982 4204 nvraid - ok
18:30:42.0014 4204 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor       C:\Windows\system32\drivers\nvstor.sys
18:30:42.0060 4204 nvstor - ok
18:30:42.0092 4204 [ 4878BAEB44A818E8C094809082D52E08 ] nvsvc       C:\Windows\system32\nvvsvc.exe
18:30:42.0107 4204 nvsvc - ok
18:30:42.0154 4204 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp       C:\Windows\system32\drivers\nv_agp.sys
18:30:42.0185 4204 nv_agp - ok
18:30:42.0248 4204 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv       C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:30:42.0263 4204 odserv - ok
18:30:42.0310 4204 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394     C:\Windows\system32\drivers\ohci1394.sys
18:30:42.0326 4204 ohci1394 - ok
18:30:42.0341 4204 [ 5A432A042DAE460ABE7199B758E8606C ] ose         C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:30:42.0357 4204 ose - ok
18:30:42.0388 4204 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc     C:\Windows\system32\pnrpsvc.dll
18:30:42.0404 4204 p2pimsvc - ok
18:30:42.0435 4204 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc       C:\Windows\system32\p2psvc.dll
18:30:42.0450 4204 p2psvc - ok
18:30:42.0497 4204 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport       C:\Windows\system32\DRIVERS\parport.sys
18:30:42.0513 4204 Parport - ok
18:30:42.0560 4204 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr       C:\Windows\system32\drivers\partmgr.sys
18:30:42.0591 4204 partmgr - ok
18:30:42.0606 4204 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm       C:\Windows\system32\DRIVERS\parvdm.sys
18:30:42.0622 4204 Parvdm - ok
18:30:42.0638 4204 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc       C:\Windows\System32\pcasvc.dll
18:30:42.0638 4204 PcaSvc - ok
18:30:42.0669 4204 [ 673E55C3498EB970088E812EA820AA8F ] pci         C:\Windows\system32\drivers\pci.sys
18:30:42.0716 4204 pci - ok
18:30:42.0747 4204 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide       C:\Windows\system32\drivers\pciide.sys
18:30:42.0778 4204 pciide - ok
18:30:42.0809 4204 [ F396431B31693E71E8A80687EF523506 ] pcmcia       C:\Windows\system32\DRIVERS\pcmcia.sys
18:30:42.0840 4204 pcmcia - ok
18:30:42.0872 4204 [ 250F6B43D2B613172035C6747AEEB19F ] pcw         C:\Windows\system32\drivers\pcw.sys
18:30:42.0887 4204 pcw - ok
18:30:42.0918 4204 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH       C:\Windows\system32\drivers\peauth.sys
18:30:42.0918 4204 PEAUTH - ok
18:30:43.0012 4204 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla         C:\Windows\system32\pla.dll
18:30:43.0074 4204 pla - ok
18:30:43.0121 4204 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay     C:\Windows\system32\umpnpmgr.dll
18:30:43.0137 4204 PlugPlay - ok
18:30:43.0168 4204 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg   C:\Windows\system32\pnrpauto.dll
18:30:43.0168 4204 PNRPAutoReg - ok
18:30:43.0184 4204 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc       C:\Windows\system32\pnrpsvc.dll
18:30:43.0199 4204 PNRPsvc - ok
18:30:43.0246 4204 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent   C:\Windows\System32\ipsecsvc.dll
18:30:43.0246 4204 PolicyAgent - ok
18:30:43.0293 4204 [ F87D30E72E03D579A5199CCB3831D6EA ] Power       C:\Windows\system32\umpo.dll
18:30:43.0293 4204 Power - ok
18:30:43.0340 4204 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport   C:\Windows\system32\DRIVERS\raspptp.sys
18:30:43.0371 4204 PptpMiniport - ok
18:30:43.0386 4204 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor     C:\Windows\system32\DRIVERS\processr.sys
18:30:43.0402 4204 Processor - ok
18:30:43.0449 4204 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc       C:\Windows\system32\profsvc.dll
18:30:43.0449 4204 ProfSvc - ok
18:30:43.0464 4204 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:30:43.0464 4204 ProtectedStorage - ok
18:30:43.0511 4204 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\system32\PSIService.exe
18:30:43.0511 4204 ProtexisLicensing - ok
18:30:43.0542 4204 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched       C:\Windows\system32\DRIVERS\pacer.sys
18:30:43.0574 4204 Psched - ok
18:30:43.0620 4204 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300       C:\Windows\system32\DRIVERS\ql2300.sys
18:30:43.0667 4204 ql2300 - ok
18:30:43.0698 4204 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx       C:\Windows\system32\DRIVERS\ql40xx.sys
18:30:43.0714 4204 ql40xx - ok
18:30:43.0730 4204 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE       C:\Windows\system32\qwave.dll
18:30:43.0745 4204 QWAVE - ok
18:30:43.0776 4204 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv     C:\Windows\system32\drivers\qwavedrv.sys
18:30:43.0792 4204 QWAVEdrv - ok
18:30:43.0792 4204 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd       C:\Windows\system32\DRIVERS\rasacd.sys
18:30:43.0823 4204 RasAcd - ok
18:30:43.0854 4204 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn   C:\Windows\system32\DRIVERS\AgileVpn.sys
18:30:43.0886 4204 RasAgileVpn - ok
18:30:43.0917 4204 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto       C:\Windows\System32\rasauto.dll
18:30:43.0917 4204 RasAuto - ok
18:30:43.0948 4204 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp       C:\Windows\system32\DRIVERS\rasl2tp.sys
18:30:43.0979 4204 Rasl2tp - ok
18:30:44.0026 4204 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan       C:\Windows\System32\rasmans.dll
18:30:44.0042 4204 RasMan - ok
18:30:44.0057 4204 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe     C:\Windows\system32\DRIVERS\raspppoe.sys
18:30:44.0088 4204 RasPppoe - ok
18:30:44.0104 4204 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp       C:\Windows\system32\DRIVERS\rassstp.sys
18:30:44.0120 4204 RasSstp - ok
18:30:44.0151 4204 [ D528BC58A489409BA40334EBF96A311B ] rdbss       C:\Windows\system32\DRIVERS\rdbss.sys
18:30:44.0229 4204 rdbss - ok
18:30:44.0244 4204 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus       C:\Windows\system32\DRIVERS\rdpbus.sys
18:30:44.0260 4204 rdpbus - ok
18:30:44.0291 4204 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD       C:\Windows\system32\DRIVERS\RDPCDD.sys
18:30:44.0338 4204 RDPCDD - ok
18:30:44.0369 4204 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD     C:\Windows\system32\drivers\rdpencdd.sys
18:30:44.0385 4204 RDPENCDD - ok
18:30:44.0400 4204 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP     C:\Windows\system32\drivers\rdprefmp.sys
18:30:44.0416 4204 RDPREFMP - ok
18:30:44.0463 4204 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD       C:\Windows\system32\drivers\RDPWD.sys
18:30:44.0510 4204 RDPWD - ok
18:30:44.0556 4204 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost     C:\Windows\system32\drivers\rdyboost.sys
18:30:44.0588 4204 rdyboost - ok
18:30:44.0619 4204 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess   C:\Windows\System32\mprdim.dll
18:30:44.0619 4204 RemoteAccess - ok
18:30:44.0650 4204 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:30:44.0666 4204 RemoteRegistry - ok
18:30:44.0728 4204 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo     C:\Program Files\CyberLink\Shared files\RichVideo.exe
18:30:44.0744 4204 RichVideo - ok
18:30:44.0775 4204 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper   C:\Windows\System32\RpcEpMap.dll
18:30:44.0775 4204 RpcEptMapper - ok
18:30:44.0806 4204 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator     C:\Windows\system32\locator.exe
18:30:44.0822 4204 RpcLocator - ok
18:30:44.0837 4204 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs       C:\Windows\system32\rpcss.dll
18:30:44.0853 4204 RpcSs - ok
18:30:44.0868 4204 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr       C:\Windows\system32\DRIVERS\rspndr.sys
18:30:44.0900 4204 rspndr - ok
18:30:44.0931 4204 [ EF8B2AFC3C0751C5E5A59983C8893260 ] RSUSBSTOR     C:\Windows\system32\Drivers\RtsUStor.sys
18:30:44.0946 4204 RSUSBSTOR - ok
18:30:45.0009 4204 [ B5E9979FBB26FC059BD87A81F763D5DA ] rtl8192se     C:\Windows\system32\DRIVERS\rtl8192se.sys
18:30:45.0071 4204 rtl8192se - ok
18:30:45.0087 4204 RtsUIR - ok
18:30:45.0102 4204 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs       C:\Windows\system32\lsass.exe
18:30:45.0102 4204 SamSs - ok
18:30:45.0149 4204 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port     C:\Windows\system32\drivers\sbp2port.sys
18:30:45.0180 4204 sbp2port - ok
18:30:45.0227 4204 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr     C:\Windows\System32\SCardSvr.dll
18:30:45.0243 4204 SCardSvr - ok
18:30:45.0258 4204 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter     C:\Windows\system32\DRIVERS\scfilter.sys
18:30:45.0258 4204 scfilter - ok
18:30:45.0305 4204 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule     C:\Windows\system32\schedsvc.dll
18:30:45.0336 4204 Schedule - ok
18:30:45.0368 4204 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc   C:\Windows\System32\certprop.dll
18:30:45.0368 4204 SCPolicySvc - ok
18:30:45.0399 4204 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC       C:\Windows\System32\SDRSVC.dll
18:30:45.0414 4204 SDRSVC - ok
18:30:45.0477 4204 [ 271077B91D7AD1B616F8AFDFE8E3F981 ] SeaPort       C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
18:30:45.0477 4204 SeaPort - ok
18:30:45.0524 4204 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv       C:\Windows\system32\drivers\secdrv.sys
18:30:45.0555 4204 secdrv - ok
18:30:45.0586 4204 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon     C:\Windows\system32\seclogon.dll
18:30:45.0586 4204 seclogon - ok
18:30:45.0602 4204 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS         C:\Windows\system32\sens.dll
18:30:45.0602 4204 SENS - ok
18:30:45.0633 4204 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc     C:\Windows\system32\sensrsvc.dll
18:30:45.0633 4204 SensrSvc - ok
18:30:45.0664 4204 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum       C:\Windows\system32\DRIVERS\serenum.sys
18:30:45.0680 4204 Serenum - ok
18:30:45.0695 4204 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial       C:\Windows\system32\DRIVERS\serial.sys
18:30:45.0711 4204 Serial - ok
18:30:45.0758 4204 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse     C:\Windows\system32\DRIVERS\sermouse.sys
18:30:45.0773 4204 sermouse - ok
18:30:45.0820 4204 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv     C:\Windows\system32\sessenv.dll
18:30:45.0820 4204 SessionEnv - ok
18:30:45.0851 4204 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk       C:\Windows\system32\drivers\sffdisk.sys
18:30:45.0882 4204 sffdisk - ok
18:30:45.0898 4204 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc     C:\Windows\system32\drivers\sffp_mmc.sys
18:30:45.0929 4204 sffp_mmc - ok
18:30:45.0945 4204 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd       C:\Windows\system32\drivers\sffp_sd.sys
18:30:45.0960 4204 sffp_sd - ok
18:30:45.0976 4204 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy       C:\Windows\system32\DRIVERS\sfloppy.sys
18:30:45.0992 4204 sfloppy - ok
18:30:46.0038 4204 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess   C:\Windows\System32\ipnathlp.dll
18:30:46.0038 4204 SharedAccess - ok
18:30:46.0054 4204 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:30:46.0070 4204 ShellHWDetection - ok
18:30:46.0116 4204 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp       C:\Windows\system32\drivers\sisagp.sys
18:30:46.0148 4204 sisagp - ok
18:30:46.0179 4204 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2     C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:30:46.0210 4204 SiSRaid2 - ok
18:30:46.0257 4204 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4     C:\Windows\system32\DRIVERS\sisraid4.sys
18:30:46.0304 4204 SiSRaid4 - ok
18:30:46.0366 4204 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate   C:\Program Files\Skype\Updater\Updater.exe
18:30:46.0413 4204 SkypeUpdate - ok
18:30:46.0428 4204 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb         C:\Windows\system32\DRIVERS\smb.sys
18:30:46.0460 4204 Smb - ok
18:30:46.0506 4204 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP     C:\Windows\System32\snmptrap.exe
18:30:46.0506 4204 SNMPTRAP - ok
18:30:46.0522 4204 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr       C:\Windows\system32\drivers\spldr.sys
18:30:46.0522 4204 spldr - ok
18:30:46.0569 4204 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler       C:\Windows\System32\spoolsv.exe
18:30:46.0584 4204 Spooler - ok
18:30:46.0662 4204 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc       C:\Windows\system32\sppsvc.exe
18:30:46.0772 4204 sppsvc - ok
18:30:46.0803 4204 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify   C:\Windows\system32\sppuinotify.dll
18:30:46.0818 4204 sppuinotify - ok
18:30:46.0850 4204 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv         C:\Windows\system32\DRIVERS\srv.sys
18:30:46.0881 4204 srv - ok
18:30:46.0912 4204 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2         C:\Windows\system32\DRIVERS\srv2.sys
18:30:46.0943 4204 srv2 - ok
18:30:46.0974 4204 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet       C:\Windows\system32\DRIVERS\srvnet.sys
18:30:47.0006 4204 srvnet - ok
18:30:47.0037 4204 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV       C:\Windows\System32\ssdpsrv.dll
18:30:47.0037 4204 SSDPSRV - ok
18:30:47.0052 4204 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc       C:\Windows\system32\sstpsvc.dll
18:30:47.0052 4204 SstpSvc - ok
18:30:47.0084 4204 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor     C:\Windows\system32\DRIVERS\stexstor.sys
18:30:47.0099 4204 stexstor - ok
18:30:47.0146 4204 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc       C:\Windows\System32\wiaservc.dll
18:30:47.0146 4204 StiSvc - ok
18:30:47.0177 4204 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum       C:\Windows\system32\drivers\swenum.sys
18:30:47.0193 4204 swenum - ok
18:30:47.0224 4204 [ A28BD92DF340E57B024BA433165D34D7 ] swprv       C:\Windows\System32\swprv.dll
18:30:47.0240 4204 swprv - ok
18:30:47.0302 4204 [ D776EB85A20696D9D43129CCF6E703E2 ] SynTP       C:\Windows\system32\DRIVERS\SynTP.sys
18:30:47.0349 4204 SynTP - ok
18:30:47.0411 4204 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain       C:\Windows\system32\sysmain.dll
18:30:47.0474 4204 SysMain - ok
18:30:47.0505 4204 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:30:47.0520 4204 TabletInputService - ok
18:30:47.0567 4204 [ 613BF4820361543956909043A265C6AC ] TapiSrv       C:\Windows\System32\tapisrv.dll
18:30:47.0567 4204 TapiSrv - ok
18:30:47.0598 4204 [ B799D9FDB26111737F58288D8DC172D9 ] TBS         C:\Windows\System32\tbssvc.dll
18:30:47.0614 4204 TBS - ok
18:30:47.0676 4204 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip       C:\Windows\system32\drivers\tcpip.sys
18:30:47.0739 4204 Tcpip - ok
18:30:47.0754 4204 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6       C:\Windows\system32\DRIVERS\tcpip.sys
18:30:47.0770 4204 TCPIP6 - ok
18:30:47.0817 4204 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg     C:\Windows\system32\drivers\tcpipreg.sys
18:30:47.0864 4204 tcpipreg - ok
18:30:47.0895 4204 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE       C:\Windows\system32\drivers\tdpipe.sys
18:30:47.0910 4204 TDPIPE - ok
18:30:47.0942 4204 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP       C:\Windows\system32\drivers\tdtcp.sys
18:30:47.0957 4204 TDTCP - ok
18:30:48.0004 4204 [ B459575348C20E8121D6039DA063C704 ] tdx         C:\Windows\system32\DRIVERS\tdx.sys
18:30:48.0051 4204 tdx - ok
18:30:48.0082 4204 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD       C:\Windows\system32\drivers\termdd.sys
18:30:48.0113 4204 TermDD - ok
18:30:48.0160 4204 [ 382C804C92811BE57829D8E550A900E2 ] TermService   C:\Windows\System32\termsrv.dll
18:30:48.0176 4204 TermService - ok
18:30:48.0207 4204 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes       C:\Windows\system32\themeservice.dll
18:30:48.0207 4204 Themes - ok
18:30:48.0222 4204 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER   C:\Windows\system32\mmcss.dll
18:30:48.0222 4204 THREADORDER - ok
18:30:48.0254 4204 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks       C:\Windows\System32\trkwks.dll
18:30:48.0254 4204 TrkWks - ok
18:30:48.0316 4204 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:30:48.0332 4204 TrustedInstaller - ok
18:30:48.0363 4204 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv     C:\Windows\system32\DRIVERS\tssecsrv.sys
18:30:48.0425 4204 tssecsrv - ok
18:30:48.0503 4204 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt     C:\Windows\system32\drivers\tsusbflt.sys
18:30:48.0534 4204 TsUsbFlt - ok
18:30:48.0566 4204 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel       C:\Windows\system32\DRIVERS\tunnel.sys
18:30:48.0581 4204 tunnel - ok
18:30:48.0612 4204 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35       C:\Windows\system32\DRIVERS\uagp35.sys
18:30:48.0628 4204 uagp35 - ok
18:30:48.0644 4204 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs         C:\Windows\system32\DRIVERS\udfs.sys
18:30:48.0690 4204 udfs - ok
18:30:48.0722 4204 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect     C:\Windows\system32\UI0Detect.exe
18:30:48.0722 4204 UI0Detect - ok
18:30:48.0768 4204 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx     C:\Windows\system32\drivers\uliagpkx.sys
18:30:48.0800 4204 uliagpkx - ok
18:30:48.0846 4204 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus       C:\Windows\system32\drivers\umbus.sys
18:30:48.0878 4204 umbus - ok
18:30:48.0924 4204 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass       C:\Windows\system32\DRIVERS\umpass.sys
18:30:48.0956 4204 UmPass - ok
18:30:49.0034 4204 [ AF905F4966CFC8B973623AB150CD4B2B ] UNS         C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:30:49.0143 4204 UNS - ok
18:30:49.0158 4204 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost     C:\Windows\System32\upnphost.dll
18:30:49.0174 4204 upnphost - ok
18:30:49.0205 4204 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL       C:\Windows\system32\Drivers\usbaapl.sys
18:30:49.0236 4204 USBAAPL - ok
18:30:49.0283 4204 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio     C:\Windows\system32\drivers\usbaudio.sys
18:30:49.0299 4204 usbaudio - ok
18:30:49.0330 4204 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp       C:\Windows\system32\DRIVERS\usbccgp.sys
18:30:49.0377 4204 usbccgp - ok
18:30:49.0392 4204 USBCCID - ok
18:30:49.0439 4204 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir       C:\Windows\system32\drivers\usbcir.sys
18:30:49.0470 4204 usbcir - ok
18:30:49.0470 4204 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci       C:\Windows\system32\drivers\usbehci.sys
18:30:49.0502 4204 usbehci - ok
18:30:49.0533 4204 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub       C:\Windows\system32\DRIVERS\usbhub.sys
18:30:49.0564 4204 usbhub - ok
18:30:49.0595 4204 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci       C:\Windows\system32\drivers\usbohci.sys
18:30:49.0626 4204 usbohci - ok
18:30:49.0658 4204 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint     C:\Windows\system32\DRIVERS\usbprint.sys
18:30:49.0673 4204 usbprint - ok
18:30:49.0704 4204 [ F991AB9CC6B908DB552166768176896A ] USBSTOR       C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:30:49.0720 4204 USBSTOR - ok
18:30:49.0720 4204 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci       C:\Windows\system32\drivers\usbuhci.sys
18:30:49.0736 4204 usbuhci - ok
18:30:49.0814 4204 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo     C:\Windows\system32\Drivers\usbvideo.sys
18:30:49.0829 4204 usbvideo - ok
18:30:49.0845 4204 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms       C:\Windows\System32\uxsms.dll
18:30:49.0860 4204 UxSms - ok
18:30:49.0860 4204 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc     C:\Windows\system32\lsass.exe
18:30:49.0876 4204 VaultSvc - ok
18:30:49.0892 4204 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot     C:\Windows\system32\drivers\vdrvroot.sys
18:30:49.0923 4204 vdrvroot - ok
18:30:49.0970 4204 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds         C:\Windows\System32\vds.exe
18:30:49.0985 4204 vds - ok
18:30:50.0032 4204 [ 17C408214EA61696CEC9C66E388B14F3 ] vga         C:\Windows\system32\DRIVERS\vgapnp.sys
18:30:50.0063 4204 vga - ok
18:30:50.0063 4204 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave       C:\Windows\System32\drivers\vga.sys
18:30:50.0094 4204 VgaSave - ok
18:30:50.0126 4204 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp       C:\Windows\system32\drivers\vhdmp.sys
18:30:50.0157 4204 vhdmp - ok
18:30:50.0204 4204 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp       C:\Windows\system32\drivers\viaagp.sys
18:30:50.0235 4204 viaagp - ok
18:30:50.0250 4204 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7       C:\Windows\system32\DRIVERS\viac7.sys
18:30:50.0282 4204 ViaC7 - ok
18:30:50.0313 4204 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide       C:\Windows\system32\drivers\viaide.sys
18:30:50.0328 4204 viaide - ok
18:30:50.0375 4204 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr       C:\Windows\system32\drivers\volmgr.sys
18:30:50.0422 4204 volmgr - ok
18:30:50.0438 4204 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx       C:\Windows\system32\drivers\volmgrx.sys
18:30:50.0484 4204 volmgrx - ok
18:30:50.0531 4204 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap       C:\Windows\system32\drivers\volsnap.sys
18:30:50.0594 4204 volsnap - ok
18:30:50.0640 4204 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid       C:\Windows\system32\DRIVERS\vsmraid.sys
18:30:50.0672 4204 vsmraid - ok
18:30:50.0718 4204 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS         C:\Windows\system32\vssvc.exe
18:30:50.0734 4204 VSS - ok
18:30:50.0765 4204 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus     C:\Windows\system32\DRIVERS\vwifibus.sys
18:30:50.0781 4204 vwifibus - ok
18:30:50.0796 4204 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt     C:\Windows\system32\DRIVERS\vwififlt.sys
18:30:50.0828 4204 vwififlt - ok
18:30:50.0859 4204 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp       C:\Windows\system32\DRIVERS\vwifimp.sys
18:30:50.0874 4204 vwifimp - ok
18:30:50.0906 4204 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time       C:\Windows\system32\w32time.dll
18:30:50.0921 4204 W32Time - ok
18:30:50.0937 4204 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen     C:\Windows\system32\DRIVERS\wacompen.sys
18:30:50.0968 4204 WacomPen - ok
18:30:50.0968 4204 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP       C:\Windows\system32\DRIVERS\wanarp.sys
18:30:50.0999 4204 WANARP - ok
18:30:50.0999 4204 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6     C:\Windows\system32\DRIVERS\wanarp.sys
18:30:50.0999 4204 Wanarpv6 - ok
18:30:51.0093 4204 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc   C:\Windows\system32\Wat\WatAdminSvc.exe
18:30:51.0140 4204 WatAdminSvc - ok
18:30:51.0171 4204 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine     C:\Windows\system32\wbengine.exe
18:30:51.0249 4204 wbengine - ok
18:30:51.0280 4204 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc     C:\Windows\System32\wbiosrvc.dll
18:30:51.0280 4204 WbioSrvc - ok
18:30:51.0327 4204 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc       C:\Windows\System32\wcncsvc.dll
18:30:51.0342 4204 wcncsvc - ok
18:30:51.0358 4204 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:30:51.0374 4204 WcsPlugInService - ok
18:30:51.0405 4204 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd         C:\Windows\system32\DRIVERS\wd.sys
18:30:51.0420 4204 Wd - ok
18:30:51.0467 4204 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000     C:\Windows\system32\drivers\Wdf01000.sys
18:30:51.0530 4204 Wdf01000 - ok
18:30:51.0530 4204 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:30:51.0545 4204 WdiServiceHost - ok
18:30:51.0545 4204 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:30:51.0545 4204 WdiSystemHost - ok
18:30:51.0592 4204 [ A9D880F97530D5B8FEE278923349929D ] WebClient     C:\Windows\System32\webclnt.dll
18:30:51.0592 4204 WebClient - ok
18:30:51.0608 4204 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc       C:\Windows\system32\wecsvc.dll
18:30:51.0623 4204 Wecsvc - ok
18:30:51.0639 4204 [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:30:51.0639 4204 wercplsupport - ok
18:30:51.0670 4204 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc       C:\Windows\System32\WerSvc.dll
18:30:51.0670 4204 WerSvc - ok
18:30:51.0686 4204 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf       C:\Windows\system32\DRIVERS\wfplwf.sys
18:30:51.0701 4204 WfpLwf - ok
18:30:51.0717 4204 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount     C:\Windows\system32\drivers\wimmount.sys
18:30:51.0732 4204 WIMMount - ok
18:30:51.0795 4204 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend     C:\Program Files\Windows Defender\mpsvc.dll
18:30:51.0826 4204 WinDefend - ok
18:30:51.0826 4204 WinHttpAutoProxySvc - ok
18:30:51.0888 4204 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt       C:\Windows\system32\wbem\WMIsvc.dll
18:30:51.0904 4204 Winmgmt - ok
18:30:51.0966 4204 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM       C:\Windows\system32\WsmSvc.dll
18:30:52.0013 4204 WinRM - ok
18:30:52.0091 4204 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb       C:\Windows\system32\DRIVERS\WinUsb.sys
18:30:52.0091 4204 WinUsb - ok
18:30:52.0138 4204 [ 4C69A8E2E159C1C59BC4B688E9DD7F8C ] WisLMSvc     C:\Program Files\Launch Manager\WisLMSvc.exe
18:30:52.0138 4204 WisLMSvc - ok
18:30:52.0185 4204 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc       C:\Windows\System32\wlansvc.dll
18:30:52.0200 4204 Wlansvc - ok
18:30:52.0247 4204 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi       C:\Windows\system32\drivers\wmiacpi.sys
18:30:52.0278 4204 WmiAcpi - ok
18:30:52.0294 4204 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv     C:\Windows\system32\wbem\WmiApSrv.exe
18:30:52.0310 4204 wmiApSrv - ok
18:30:52.0372 4204 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
18:30:52.0403 4204 WMPNetworkSvc - ok
18:30:52.0434 4204 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc       C:\Windows\System32\wpcsvc.dll
18:30:52.0434 4204 WPCSvc - ok
18:30:52.0481 4204 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum     C:\Windows\system32\wpdbusenum.dll
18:30:52.0481 4204 WPDBusEnum - ok
18:30:52.0512 4204 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl       C:\Windows\system32\drivers\ws2ifsl.sys
18:30:52.0528 4204 ws2ifsl - ok
18:30:52.0575 4204 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc       C:\Windows\system32\wscsvc.dll
18:30:52.0575 4204 wscsvc - ok
18:30:52.0590 4204 WSearch - ok
18:30:52.0684 4204 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv     C:\Windows\system32\wuaueng.dll
18:30:52.0731 4204 wuauserv - ok
18:30:52.0762 4204 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf       C:\Windows\system32\drivers\WudfPf.sys
18:30:52.0778 4204 WudfPf - ok
18:30:52.0840 4204 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd       C:\Windows\system32\DRIVERS\WUDFRd.sys
18:30:52.0840 4204 WUDFRd - ok
18:30:52.0887 4204 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc       C:\Windows\System32\WUDFSvc.dll
18:30:52.0887 4204 wudfsvc - ok
18:30:52.0918 4204 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc       C:\Windows\System32\wwansvc.dll
18:30:52.0934 4204 WwanSvc - ok
18:30:53.0027 4204 ================ Scan global ===============================
18:30:53.0090 4204 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
18:30:53.0152 4204 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
18:30:53.0183 4204 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
18:30:53.0214 4204 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:30:53.0246 4204 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:30:53.0261 4204 [Global] - ok
18:30:53.0261 4204 ================ Scan MBR ==================================
18:30:53.0261 4204 [ 8A1C59E4DFEF87510470928550466632 ] \Device\Harddisk0\DR0
18:30:56.0163 4204 \Device\Harddisk0\DR0 - ok
18:30:56.0163 4204 ================ Scan VBR ==================================
18:30:56.0163 4204 [ F2F6BA694AFBF739B9DA458BA56ABCFF ] \Device\Harddisk0\DR0\Partition1
18:30:56.0163 4204 \Device\Harddisk0\DR0\Partition1 - ok
18:30:56.0194 4204 [ AA3B3C10109111088A5A3B2DE62F40D0 ] \Device\Harddisk0\DR0\Partition2
18:30:56.0194 4204 \Device\Harddisk0\DR0\Partition2 - ok
18:30:56.0225 4204 [ E58753FD3CDC39CCD7A6F6B10324191C ] \Device\Harddisk0\DR0\Partition3
18:30:56.0225 4204 \Device\Harddisk0\DR0\Partition3 - ok
18:30:56.0241 4204 ============================================================
18:30:56.0241 4204 Scan finished
18:30:56.0241 4204 ============================================================
18:30:56.0256 1400 Detected object count: 0
18:30:56.0256 1400 Actual detected object count: 0

Åbn Windows Stifinder og naviger til C: \ Windows.

Højreklik på mappen   Temp og vælg Egenskaber.

Klik på fanen Sikkerhed og derefter klik på Rediger (Hvis du har UAC slået til, vil du nødt til at bekræfte denne handling ved at klikke på Fortsæt).

Vælg Brugere gruppe fra Gruppe-eller brugernavne sektion.

Kontroller, at Modify tilladelse er tilladt. Hvis ikke, tillader det. Klik på Anvend og derefter på Ja.

Klik på OK og derefter på OK igen for at gemme ændringerne.

Genstart, og se om de beskeder er væk….....

Det hjalp desværre ikke. De er der stadig. Skal jeg prøve at re-installere ESET? Tror du ESET har noget at gøre med at Firefox hænger? Det gik rimeligt fint med Firefox indtil jeg kørte Malwarebytes. Nu er den næsten langsommere end før.

Hilsen Pia