Tjenesten Windows Sikkerhedscenter kan ikke startes
  henmou
Antal indlæg: 39

Jeg tænker på det lille flag fra Microsoft Løsningscenter, som jeg ikke kunne åbne tidligere.

Jeg kan stadig ikke køre PSI. Får samme fejlmeddelse;

“PSI-bruger-id fra Secunia kan ikke hentes.
Kontrollér, at du kan oprette forbindelse til https://psi3.secunia.com/, og genstart derefter PSI’et.
Bemærk! Proxyunderstøttelse til PSI’et er i øjeblikket ikke tilgængelig, men er planlagt til en fremtidig udgivelse. Hvis din computer kræver adgang til internettet via en proxy, vil´du ikke kunne bruge programmet på dette tidspunkt. Vi beklager ulejligheden.”

Administrator
Antal indlæg: 8435

Vil du godt prøve at geninstallere PSI.

Signatur

Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

  henmou
Antal indlæg: 39

Er hermed gjort - får samme fejl meddelelse

Administrator
Antal indlæg: 8435

Hent og gem ComboFix på dit skrivebord. <- Vigtigt

Kør så ComboFix og følg anvisningerne.

Da ComboFix kan konflikte med dine sikkerhedsprogrammer, er det vigtigt at du deaktiverer dem. <- Vigtigt

Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når ComboFix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: ComboFix.txt
Indholdet af denne fil må du gerne lægge herind.

Den kan findes her: C:\ComboFix.txt

Får du noget der ligner denne fejl.

Der blev forsøgt en ugyldig handling på en registreringsdatabasenøgle, som er blevet mærket til sletning

Så genstart, en gang mere, det burde løse det.

Signatur

Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

  henmou
Antal indlæg: 39

deaktivere sikkerhedsprogrammer - jeg har kun;
1-Microsoft Security Essentials
2-Windows sikkerhedscenter

Hvordan slår jeg det fra? syntes ikke der er mulighed derfor

Administrator
Antal indlæg: 8435

Bare deaktiver Microsoft Security Essentials.

Signatur

Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

  henmou
Antal indlæg: 39

Det vil jeg prøve - er desværre ikke ved pc’en igen førend fredag, men tak.
Vender tilbage, VH Henrik

Administrator
Antal indlæg: 8435

thumbsup grin

Signatur

Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

  henmou
Antal indlæg: 39

Hej igen

Hermed ComboFix Logfil;

ComboFix 12-11-09.02 - H Mouritsen 09-11-2012 15:37:00.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.45.1030.18.8183.6073 [GMT 1:00]
Kører fra: c:\users\H Mouritsen\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\users\Jacob\AppData\Local\._Revolution_
.
.
(((((((((((((((((((((((((((((  Filer skabt fra 2012-10-09 til 2012-11-09 )))))))))))))))))))))))))))))))))))
.
.
2012-11-09 14:42 . 2012-11-09 14:42   ————  d——-w-  c:\users\UpdatusUser\AppData\Local\temp
2012-11-09 14:42 . 2012-11-09 14:42   ————  d——-w-  c:\users\Default\AppData\Local\temp
2012-11-09 14:33 . 2012-10-12 07:19   9291768   ——a-w-  c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EEE43E07-F2D2-4881-8AA3-C61426664D08}\mpengine.dll
2012-11-05 18:35 . 2012-11-05 18:35   ————  d——-w-  C:\_OTL
2012-11-05 18:20 . 2012-10-12 07:19   9291768   ——a-w-  c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-03 12:47 . 2012-11-03 12:47   ————  d——-w-  c:\users\H Mouritsen\AppData\Local\Secunia PSI
2012-11-03 12:47 . 2012-11-03 12:47   ————  d——-w-  c:\program files (x86)\Secunia
2012-11-02 23:02 . 2012-08-24 18:13   154480   ——a-w-  c:\windows\system32\drivers\ksecpkg.sys
2012-11-02 23:02 . 2012-08-24 18:09   458712   ——a-w-  c:\windows\system32\drivers\cng.sys
2012-11-02 23:02 . 2012-08-24 18:05   340992   ——a-w-  c:\windows\system32\schannel.dll
2012-11-02 23:02 . 2012-08-24 18:04   307200   ——a-w-  c:\windows\system32\ncrypt.dll
2012-11-02 23:02 . 2012-08-24 18:03   1448448   ——a-w-  c:\windows\system32\lsasrv.dll
2012-11-02 23:02 . 2012-08-24 16:57   247808   ——a-w-  c:\windows\SysWow64\schannel.dll
2012-11-02 23:02 . 2012-08-24 16:57   22016   ——a-w-  c:\windows\SysWow64\secur32.dll
2012-11-02 23:02 . 2012-08-24 16:57   220160   ——a-w-  c:\windows\SysWow64\ncrypt.dll
2012-11-02 23:02 . 2012-08-24 16:53   96768   ——a-w-  c:\windows\SysWow64\sspicli.dll
2012-11-02 12:19 . 2012-11-02 12:19   ————  d——-w-  c:\users\H Mouritsen\AppData\Roaming\Malwarebytes
2012-11-02 12:19 . 2010-04-29 14:39   38224   ——a-w-  c:\windows\SysWow64\drivers\mbamswissarmy.sys
2012-11-02 12:19 . 2012-11-02 12:19   ————  d——-w-  c:\programdata\Malwarebytes
2012-11-02 12:19 . 2010-04-29 14:39   24664   ——a-w-  c:\windows\system32\drivers\mbam.sys
2012-11-02 12:19 . 2012-11-02 12:19   ————  d——-w-  c:\program files (x86)\Malwarebytes’ Anti-Malware
2012-11-02 12:17 . 2012-11-02 12:17   ————  d——-w-  c:\program files (x86)\Common Files\Overwolf
2012-11-02 12:01 . 2012-10-03 14:09   972192   ———w-  c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A7FEBEFA-77D1-4BAB-A22F-78F8A057DEF6}\gapaengine.dll
2012-10-14 15:21 . 2012-10-14 15:21   ————  d——-w-  c:\program files\CCleaner
2012-10-13 14:27 . 2012-08-21 11:01   33240   ——a-w-  c:\windows\system32\drivers\GEARAspiWDM.sys
2012-10-13 14:27 . 2012-10-13 14:27   ————  d——-w-  c:\program files\iPod
2012-10-13 14:27 . 2012-10-13 14:27   ————  d——-w-  c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-10-13 14:27 . 2012-10-13 14:27   ————  d——-w-  c:\program files\iTunes
2012-10-13 14:27 . 2012-10-13 14:27   ————  d——-w-  c:\program files (x86)\iTunes
2012-10-13 13:40 . 2012-10-13 13:40   ————  d——-w-  C:\NVIDIA
2012-10-13 13:30 . 2012-10-13 13:30   ————  d——-w-  c:\windows\SysWow64\Extensions
2012-10-13 13:30 . 2012-10-13 13:30   ————  d——-w-  c:\windows\SysWow64\searchplugins
2012-10-11 12:38 . 2012-08-24 18:05   220160   ——a-w-  c:\windows\system32\wintrust.dll
2012-10-11 12:38 . 2012-08-24 16:57   172544   ——a-w-  c:\windows\SysWow64\wintrust.dll
2012-10-11 12:38 . 2012-09-14 19:19   2048   ——a-w-  c:\windows\system32\tzres.dll
2012-10-11 12:38 . 2012-09-14 18:28   2048   ——a-w-  c:\windows\SysWow64\tzres.dll
2012-10-11 12:38 . 2012-08-11 00:56   715776   ——a-w-  c:\windows\system32\kerberos.dll
2012-10-11 12:38 . 2012-08-10 23:56   542208   ——a-w-  c:\windows\SysWow64\kerberos.dll
2012-10-11 12:38 . 2012-06-02 05:41   1464320   ——a-w-  c:\windows\system32\crypt32.dll
2012-10-11 12:38 . 2012-06-02 05:41   184320   ——a-w-  c:\windows\system32\cryptsvc.dll
2012-10-11 12:38 . 2012-06-02 05:41   140288   ——a-w-  c:\windows\system32\cryptnet.dll
2012-10-11 12:38 . 2012-06-02 04:36   140288   ——a-w-  c:\windows\SysWow64\cryptsvc.dll
2012-10-11 12:38 . 2012-06-02 04:36   1159680   ——a-w-  c:\windows\SysWow64\crypt32.dll
2012-10-11 12:38 . 2012-06-02 04:36   103936   ——a-w-  c:\windows\SysWow64\cryptnet.dll
2012-10-10 19:23 . 2012-10-10 19:23   1867112   ——a-w-  c:\windows\SysWow64\nvcuvenc.dll
2012-10-10 19:23 . 2012-10-10 19:23   1482600   ——a-w-  c:\windows\system32\nvdispgenco64.dll
2012-10-10 19:23 . 2012-10-10 19:23   6127464   ——a-w-  c:\windows\SysWow64\nvopencl.dll
2012-10-10 19:23 . 2012-10-10 19:23   2574696   ——a-w-  c:\windows\SysWow64\nvcuvid.dll
2012-10-10 19:23 . 2012-10-10 19:23   25256296   ——a-w-  c:\windows\system32\nvcompiler.dll
2012-10-10 19:23 . 2012-10-10 19:23   7414632   ——a-w-  c:\windows\system32\nvopencl.dll
2012-10-10 19:23 . 2012-10-10 19:23   9146728   ——a-w-  c:\windows\system32\nvcuda.dll
2012-10-10 19:23 . 2012-10-10 19:23   7697768   ——a-w-  c:\windows\SysWow64\nvcuda.dll
2012-10-10 19:23 . 2012-10-10 19:23   2218344   ——a-w-  c:\windows\system32\nvcuvenc.dll
2012-10-10 19:22 . 2012-10-10 19:22   2428776   ——a-w-  c:\windows\SysWow64\nvapi.dll
2012-10-10 19:22 . 2012-10-10 19:22   26331496   ——a-w-  c:\windows\system32\nvoglv64.dll
2012-10-10 19:22 . 2012-10-10 19:22   2747240   ——a-w-  c:\windows\system32\nvcuvid.dll
2012-10-10 19:22 . 2012-10-10 19:22   19906920   ——a-w-  c:\windows\SysWow64\nvoglv32.dll
2012-10-10 19:22 . 2012-10-10 19:22   13443944   ——a-w-  c:\windows\system32\drivers\nvlddmkm.sys
2012-10-10 19:22 . 2012-10-10 19:22   17559912   ——a-w-  c:\windows\SysWow64\nvcompiler.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-11 15:13 . 2010-02-06 11:20   65309168   ——a-w-  c:\windows\system32\MRT.exe
2012-10-10 19:23 . 2010-07-10 04:38   18252136   ——a-w-  c:\windows\system32\nvd3dumx.dll
2012-10-10 19:23 . 2009-10-12 23:01   2731880   ——a-w-  c:\windows\system32\nvapi64.dll
2012-10-10 19:23 . 2009-10-12 23:01   14922600   ——a-w-  c:\windows\system32\nvwgf2umx.dll
2012-10-10 19:23 . 2012-02-09 20:43   12501352   ——a-w-  c:\windows\SysWow64\nvwgf2um.dll
2012-10-10 19:22 . 2012-02-09 20:43   1760104   ——a-w-  c:\windows\system32\nvdispco64.dll
2012-10-10 19:22 . 2010-07-10 04:38   15309160   ——a-w-  c:\windows\SysWow64\nvd3dum.dll
2012-10-09 13:28 . 2012-06-03 18:40   696760   ——a-w-  c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-09 13:28 . 2011-11-11 15:57   73656   ——a-w-  c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-03 14:09 . 2012-06-13 10:06   972192   ———w-  c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-10-02 19:51 . 2010-07-09 15:27   3293544   ——a-w-  c:\windows\system32\nvsvc64.dll
2012-10-02 19:51 . 2010-07-09 15:27   6200680   ——a-w-  c:\windows\system32\nvcpl.dll
2012-10-02 19:50 . 2010-07-09 15:27   891240   ——a-w-  c:\windows\system32\nvvsvc.exe
2012-10-02 19:50 . 2010-07-09 15:27   118120   ——a-w-  c:\windows\system32\nvmctray.dll
2012-10-02 19:50 . 2009-07-14 17:51   63336   ——a-w-  c:\windows\system32\nvshext.dll
2012-10-02 19:50 . 2009-07-14 17:51   2557800   ——a-w-  c:\windows\system32\nvsvcr.dll
2012-10-02 11:15 . 2012-10-02 11:15   430952   ——a-w-  c:\windows\SysWow64\nvStreaming.exe
2012-09-20 14:02 . 2012-09-20 14:02   1832760   ——a-w-  c:\windows\system32\LogiLDA.DLL
2012-09-12 18:46 . 2012-09-12 18:46   108008   ——a-w-  c:\windows\system32\WindowsAccessBridge-64.dll
2012-09-12 18:46 . 2012-09-12 18:46   289768   ——a-w-  c:\windows\system32\javaws.exe
2012-09-12 18:46 . 2012-09-12 18:46   189416   ——a-w-  c:\windows\system32\javaw.exe
2012-09-12 18:46 . 2012-09-12 18:46   188904   ——a-w-  c:\windows\system32\java.exe
2012-09-12 18:46 . 2012-09-12 18:46   916456   ——a-w-  c:\windows\system32\deployJava1.dll
2012-09-12 18:46 . 2012-09-12 18:46   1034216   ——a-w-  c:\windows\system32\npDeployJava1.dll
2012-08-30 20:03 . 2012-08-30 20:03   228768   ——a-w-  c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2011-04-27 13:25   128456   ——a-w-  c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-24 11:15 . 2012-09-22 20:28   17810944   ——a-w-  c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 20:28   10925568   ——a-w-  c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 20:28   2312704   ——a-w-  c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 20:28   1346048   ——a-w-  c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 20:28   1392128   ——a-w-  c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 20:28   1494528   ——a-w-  c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 20:28   237056   ——a-w-  c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 20:28   85504   ——a-w-  c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 20:28   173056   ——a-w-  c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 20:28   816640   ——a-w-  c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 20:28   599040   ——a-w-  c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 20:28   2144768   ——a-w-  c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 20:28   729088   ——a-w-  c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 20:28   96768   ——a-w-  c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 20:28   2382848   ——a-w-  c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 20:28   248320   ——a-w-  c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 20:28   1800704   ——a-w-  c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 20:28   1129472   ——a-w-  c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 20:28   1427968   ——a-w-  c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 20:28   142848   ——a-w-  c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 20:28   420864   ——a-w-  c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-22 20:28   2382848   ——a-w-  c:\windows\SysWow64\mshtml.tlb
2012-08-24 02:05 . 2012-08-24 02:05   143360   ——a-w-  c:\windows\SysWow64\rztouchdll.dll
2012-08-24 02:04 . 2012-08-24 02:04   592384   ——a-w-  c:\windows\SysWow64\rzdevicedll.dll
2012-08-24 02:04 . 2012-08-24 02:04   165888   ——a-w-  c:\windows\SysWow64\rzaudiodll.dll
2012-08-23 10:54 . 2012-11-02 23:03   322560   ——a-w-  c:\windows\system32\aaclient.dll
2012-08-22 18:12 . 2012-09-12 11:50   1913200   ——a-w-  c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 11:50   950128   ——a-w-  c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 11:50   376688   ——a-w-  c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 11:50   288624   ——a-w-  c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 14:47   245760   ——a-w-  c:\windows\system32\OxpsConverter.exe
2012-08-21 11:01 . 2012-06-03 14:46   125872   ——a-w-  c:\windows\system32\GEARAspi64.dll
2012-08-21 11:01 . 2012-06-03 14:46   106928   ——a-w-  c:\windows\SysWow64\GEARAspi.dll
2012-08-20 17:38 . 2012-10-11 12:39   44032   ——a-w-  c:\windows\apppatch\acwow64.dll
2012-08-17 07:01 . 2012-08-17 07:01   110592   ——a-w-  c:\windows\system32\drivers\rzudd.sys
.
.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@=”{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}”
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:41   120104   ——a-w-  c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe” [2010-11-20 1475584]
“Overwolf”=“c:\program files (x86)\Overwolf\Overwolf.exe” [2012-10-17 35256]
“swg”=“c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2009-10-12 39408]
“MobileDocuments”=“c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe” [2012-02-23 59240]
“KPeerNexonEU”=“c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe” [2012-06-22 438272]
“Clownfish”=“c:\program files (x86)\Clownfish\Clownfish.exe” [2012-08-27 1121016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
“JMB36X IDE Setup”=“c:\windows\RaidTool\xInsIDE.exe” [2007-03-20 36864]
“BackupManagerTray”=“c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe” [2009-08-12 261888]
“Hotkey Utility”=“c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe” [2009-08-18 629280]
“EgisTecLiveUpdate”=“c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe” [2009-08-04 199464]
“Adobe Reader Speed Launcher”=“c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2012-07-31 38872]
“ArcadeDeluxeAgent”=“c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe” [2009-11-16 128296]
“PlayMovie”=“c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe” [2009-11-12 181480]
“Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [2012-07-11 919008]
“APSDaemon”=“c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe” [2012-08-27 59280]
“QuickTime Task”=“c:\program files (x86)\QuickTime\QTTask.exe” [2012-04-18 421888]
“SunJavaUpdateSched”=“c:\program files (x86)\Common Files\Java\Java Update\jusched.exe” [2012-01-18 254696]
“Razer Synapse”=“c:\program files (x86)\Razer\Synapse\RzSynapse.exe” [2012-10-11 336304]
“LogMeIn Hamachi Ui”=“c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe” [2012-08-29 1996200]
“iTunesHelper”=“c:\program files (x86)\iTunes\iTunesHelper.exe” [2012-09-09 421776]
.
c:\users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2012-7-16 0]
.
c:\users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2012-8-28 0]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-9-24 573536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
“LoadAppInit_DLLs”=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@=“Service”
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Microsoft Netværksinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\\OverwolfUpdater.exe [2012-10-17 16600]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys [2012-08-17 110592]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Tjenesten Windows Aktivering;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-02 1255736]
R3 X6va005;X6va005;c:\users\HMOURI~1\AppData\Local\Temp\00598A7.tmp [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2011-04-21 23680]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor;c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-12 62208]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-09-24 1328736]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2009-09-23 283824]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-06-19 712704]
.
.
Indhold af mappen ‘Planlagte Opgaver’
.
2012-11-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-03 13:28]
.
2012-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-08 07:36]
.
2012-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-08 07:36]
.
.
————- X64 Entries—————-
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@=”{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}”
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:44   137512   ——a-w-  c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“IAAnotif”=“c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe” [2009-06-05 186904]
“mwlDaemon”=“c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe” [2009-09-10 349480]
“RtHDVCpl”=“c:\program files\Realtek\Audio\HDA\RAVCpl64.exe” [2009-06-16 7883296]
“Skytel”=“c:\program files\Realtek\Audio\HDA\Skytel.exe” [2009-06-16 1833504]
“Start WingMan Profiler”=“c:\program files\Logitech\Gaming Software\LWEMon.exe” [2008-04-04 120328]
“Logitech Download Assistant”=“c:\windows\System32\LogiLDA.dll” [2012-09-20 1832760]
“MSC”=“c:\program files\Microsoft Security Client\msseces.exe” [2012-09-12 1289704]
.
———- Yderligere scanning———-
.
uStart Page = hxxp://www.google.dk/
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0406&m=aspire_m5810&r=17360210qn06973654825qj9j3y32r
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0406&m=aspire_m5810&r=17360210qn06973654825qj9j3y32r
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport; to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: danid.dk
Trusted Zone: danid.dk
TCP: DhcpNameServer = 172.16.0.1
.
- - - - TOMME GENVEJE FJERNET - - - -
.
URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-PLD_FrameworkRun - c:\windows\system32\oem\setEvent.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]
“ImagePath”=”\??\c:\users\HMOURI~1\AppData\Local\Temp\00598A7.tmp”
.
——————————- LÅSTE REGISTRERINGS NØGLER——————————-
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
“88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977”=hex:01,00,00,00,d0,8c,9d,df,01,15,
  d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e6,32,e6,dd,3e,8c,b8,4b,8a,c6,f1,\
“2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81”=hex:01,00,00,00,d0,8c,9d,df,01,15,
  d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e6,32,e6,dd,3e,8c,b8,4b,8a,c6,f1,\
.
[HKEY_USERS\S-1-5-21-937915387-3345526121-1696623123-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
“Progid”=“WindowsLiveMail.Email.1”
.
[HKEY_USERS\S-1-5-21-937915387-3345526121-1696623123-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
“Progid”=“WindowsLiveMail.VCard.1”
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=”@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101”
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
“Enabled”=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@=“c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe”
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@=”{00020424-0000-0000-C000-000000000046}”
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=”@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
“Enabled”=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@=“Shockwave Flash Object”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx”
“ThreadingModel”=“Apartment”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@=“0”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@=“ShockwaveFlash.ShockwaveFlash.11”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@=”{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@=“1.0”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@=“ShockwaveFlash.ShockwaveFlash”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@=“Macromedia Flash Factory Object”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx”
“ThreadingModel”=“Apartment”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@=“FlashFactory.FlashFactory.1”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@=”{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@=“1.0”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@=“FlashFactory.FlashFactory”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@=”{00020424-0000-0000-C000-000000000046}”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Gennemført tid: 2012-11-09 15:44:09
ComboFix-quarantined-files.txt 2012-11-09 14:44
.
Pre-Kørsel: 130.347.077.632 byte ledig
Post-Kørsel: 129.853.939.712 byte ledig
.
- - End Of File - - 0586CB6B431FBB1F730B20938F1EBF8E

  henmou
Antal indlæg: 39

Efter kørsel af ovennævnte ComboFix, kan jeg stadig ikke køre PSI. Får samme fejlmeddelse;

“PSI-bruger-id fra Secunia kan ikke hentes.
Kontrollér, at du kan oprette forbindelse til https://psi3.secunia.com/, og genstart derefter PSI’et.
Bemærk! Proxyunderstøttelse til PSI’et er i øjeblikket ikke tilgængelig, men er planlagt til en fremtidig udgivelse. Hvis din computer kræver adgang til internettet via en proxy, vil´du ikke kunne bruge programmet på dette tidspunkt. Vi beklager ulejligheden.”

Administrator
Antal indlæg: 8435

Højreklik på skrivebordet og vælg ny->tekstdokument og kopier det fremhævede ind og gem filen som CFScript

Killall::
ClearJavaCache::
File::
c:\users\HMOURI~1\AppData\Local\Temp\00598A7.tmp
Driver::
X6va005

Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem. <- Vigtigt

Tag så fat i den nye fil med musen, og før den hen over ComboFix-filen, hvorefter du “giver slip” med musen.
http://www.fromsej.saknet.dk/billeder/swfcombo.gif

Så skulle ComboFix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil combofix.txt som ligger her C:\Combofix.txt

Får du noget der ligner denne fejl.

Der blev forsøgt en ugyldig handling på en registreringsdatabasenøgle, som er blevet mærket til sletning

Så genstart, en gang mere, det burde løse det.

Indholdet af denne fil må du gerne lægge herind.

Signatur

Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

  henmou
Antal indlæg: 39

Hej igen
Har nu kørt ovennævnte og kan igen se det lille Microsoft flag nede i højre hjørne.

Jeg kan ikke paste logfilen ind, da jeg nu ikke kan åbne en browser????
Får nu flg. fejlmeddelelse;

“C:\Program Files (x86)Internet Explorer\iexplore.exe

Der blev forsøgt en ugyldig handling på en registreringsdatabasenøgle, som er blevet mærket til sletning.”


Hvad er nu det????

  henmou
Antal indlæg: 39

Okay, læste ikke ordentlig på ovennævnte!
Genstarter….., sorry

  henmou
Antal indlæg: 39

Hermed logfilen…, og nu er det lille Microsoft flag igen blevet væk, underligt! Viste ligefør 2 meddelser med ingen Antivirus og Essentials slået fra. Men som sagt, nu kan jeg ikke se det.

ComboFix 12-11-09.02 - H Mouritsen 10-11-2012 17:40:15.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.45.1030.18.8183.6175 [GMT 1:00]
Kører fra: c:\users\H Mouritsen\Desktop\ComboFix.exe
Kommandoer benyttet :: c:\users\H Mouritsen\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
“c:\users\HMOURI~1\AppData\Local\Temp\00598A7.tmp”
.
.
(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((  Drivers/Tjenester   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
———-\Legacy_X6VA005
———-\Service_X6va005
.
.
(((((((((((((((((((((((((((((  Filer skabt fra 2012-10-10 til 2012-11-10 )))))))))))))))))))))))))))))))))))
.
.
2012-11-10 16:48 . 2012-11-10 16:48   ————  d——-w-  c:\users\UpdatusUser\AppData\Local\temp
2012-11-10 16:48 . 2012-11-10 16:48   ————  d——-w-  c:\users\Jacob\AppData\Local\temp
2012-11-10 16:48 . 2012-11-10 16:48   ————  d——-w-  c:\users\Default\AppData\Local\temp
2012-11-10 16:48 . 2012-11-10 16:48   ————  d——-w-  c:\users\Christian\AppData\Local\temp
2012-11-10 16:48 . 2012-11-10 16:48   ————  d——-w-  c:\users\Anna\AppData\Local\temp
2012-11-09 14:33 . 2012-10-12 07:19   9291768   ——a-w-  c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EEE43E07-F2D2-4881-8AA3-C61426664D08}\mpengine.dll
2012-11-05 18:35 . 2012-11-05 18:35   ————  d——-w-  C:\_OTL
2012-11-05 18:20 . 2012-10-12 07:19   9291768   ——a-w-  c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-03 12:47 . 2012-11-03 12:47   ————  d——-w-  c:\users\H Mouritsen\AppData\Local\Secunia PSI
2012-11-03 12:47 . 2012-11-03 12:47   ————  d——-w-  c:\program files (x86)\Secunia
2012-11-02 23:02 . 2012-08-24 18:13   154480   ——a-w-  c:\windows\system32\drivers\ksecpkg.sys
2012-11-02 23:02 . 2012-08-24 18:09   458712   ——a-w-  c:\windows\system32\drivers\cng.sys
2012-11-02 23:02 . 2012-08-24 18:05   340992   ——a-w-  c:\windows\system32\schannel.dll
2012-11-02 23:02 . 2012-08-24 18:04   307200   ——a-w-  c:\windows\system32\ncrypt.dll
2012-11-02 23:02 . 2012-08-24 18:03   1448448   ——a-w-  c:\windows\system32\lsasrv.dll
2012-11-02 23:02 . 2012-08-24 16:57   247808   ——a-w-  c:\windows\SysWow64\schannel.dll
2012-11-02 23:02 . 2012-08-24 16:57   22016   ——a-w-  c:\windows\SysWow64\secur32.dll
2012-11-02 23:02 . 2012-08-24 16:57   220160   ——a-w-  c:\windows\SysWow64\ncrypt.dll
2012-11-02 23:02 . 2012-08-24 16:53   96768   ——a-w-  c:\windows\SysWow64\sspicli.dll
2012-11-02 12:19 . 2012-11-02 12:19   ————  d——-w-  c:\users\H Mouritsen\AppData\Roaming\Malwarebytes
2012-11-02 12:19 . 2010-04-29 14:39   38224   ——a-w-  c:\windows\SysWow64\drivers\mbamswissarmy.sys
2012-11-02 12:19 . 2012-11-02 12:19   ————  d——-w-  c:\programdata\Malwarebytes
2012-11-02 12:19 . 2010-04-29 14:39   24664   ——a-w-  c:\windows\system32\drivers\mbam.sys
2012-11-02 12:19 . 2012-11-02 12:19   ————  d——-w-  c:\program files (x86)\Malwarebytes’ Anti-Malware
2012-11-02 12:17 . 2012-11-02 12:17   ————  d——-w-  c:\program files (x86)\Common Files\Overwolf
2012-11-02 12:01 . 2012-10-03 14:09   972192   ———w-  c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A7FEBEFA-77D1-4BAB-A22F-78F8A057DEF6}\gapaengine.dll
2012-10-14 15:21 . 2012-10-14 15:21   ————  d——-w-  c:\program files\CCleaner
2012-10-13 14:27 . 2012-08-21 11:01   33240   ——a-w-  c:\windows\system32\drivers\GEARAspiWDM.sys
2012-10-13 14:27 . 2012-10-13 14:27   ————  d——-w-  c:\program files\iPod
2012-10-13 14:27 . 2012-10-13 14:27   ————  d——-w-  c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-10-13 14:27 . 2012-10-13 14:27   ————  d——-w-  c:\program files\iTunes
2012-10-13 14:27 . 2012-10-13 14:27   ————  d——-w-  c:\program files (x86)\iTunes
2012-10-13 13:40 . 2012-10-13 13:40   ————  d——-w-  C:\NVIDIA
2012-10-13 13:30 . 2012-10-13 13:30   ————  d——-w-  c:\windows\SysWow64\Extensions
2012-10-13 13:30 . 2012-10-13 13:30   ————  d——-w-  c:\windows\SysWow64\searchplugins
.
.
.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-11 15:13 . 2010-02-06 11:20   65309168   ——a-w-  c:\windows\system32\MRT.exe
2012-10-10 19:23 . 2012-10-10 19:23   1867112   ——a-w-  c:\windows\SysWow64\nvcuvenc.dll
2012-10-10 19:23 . 2010-07-10 04:38   18252136   ——a-w-  c:\windows\system32\nvd3dumx.dll
2012-10-10 19:23 . 2012-10-10 19:23   1482600   ——a-w-  c:\windows\system32\nvdispgenco64.dll
2012-10-10 19:23 . 2012-10-10 19:23   6127464   ——a-w-  c:\windows\SysWow64\nvopencl.dll
2012-10-10 19:23 . 2012-10-10 19:23   2574696   ——a-w-  c:\windows\SysWow64\nvcuvid.dll
2012-10-10 19:23 . 2012-10-10 19:23   25256296   ——a-w-  c:\windows\system32\nvcompiler.dll
2012-10-10 19:23 . 2012-10-10 19:23   7414632   ——a-w-  c:\windows\system32\nvopencl.dll
2012-10-10 19:23 . 2009-10-12 23:01   2731880   ——a-w-  c:\windows\system32\nvapi64.dll
2012-10-10 19:23 . 2009-10-12 23:01   14922600   ——a-w-  c:\windows\system32\nvwgf2umx.dll
2012-10-10 19:23 . 2012-10-10 19:23   9146728   ——a-w-  c:\windows\system32\nvcuda.dll
2012-10-10 19:23 . 2012-10-10 19:23   7697768   ——a-w-  c:\windows\SysWow64\nvcuda.dll
2012-10-10 19:23 . 2012-10-10 19:23   2218344   ——a-w-  c:\windows\system32\nvcuvenc.dll
2012-10-10 19:23 . 2012-02-09 20:43   12501352   ——a-w-  c:\windows\SysWow64\nvwgf2um.dll
2012-10-10 19:22 . 2012-10-10 19:22   2428776   ——a-w-  c:\windows\SysWow64\nvapi.dll
2012-10-10 19:22 . 2012-10-10 19:22   26331496   ——a-w-  c:\windows\system32\nvoglv64.dll
2012-10-10 19:22 . 2012-02-09 20:43   1760104   ——a-w-  c:\windows\system32\nvdispco64.dll
2012-10-10 19:22 . 2010-07-10 04:38   15309160   ——a-w-  c:\windows\SysWow64\nvd3dum.dll
2012-10-10 19:22 . 2012-10-10 19:22   2747240   ——a-w-  c:\windows\system32\nvcuvid.dll
2012-10-10 19:22 . 2012-10-10 19:22   19906920   ——a-w-  c:\windows\SysWow64\nvoglv32.dll
2012-10-10 19:22 . 2012-10-10 19:22   13443944   ——a-w-  c:\windows\system32\drivers\nvlddmkm.sys
2012-10-10 19:22 . 2012-10-10 19:22   17559912   ——a-w-  c:\windows\SysWow64\nvcompiler.dll
2012-10-09 13:28 . 2012-06-03 18:40   696760   ——a-w-  c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-09 13:28 . 2011-11-11 15:57   73656   ——a-w-  c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-03 14:09 . 2012-06-13 10:06   972192   ———w-  c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-10-02 19:51 . 2010-07-09 15:27   3293544   ——a-w-  c:\windows\system32\nvsvc64.dll
2012-10-02 19:51 . 2010-07-09 15:27   6200680   ——a-w-  c:\windows\system32\nvcpl.dll
2012-10-02 19:50 . 2010-07-09 15:27   891240   ——a-w-  c:\windows\system32\nvvsvc.exe
2012-10-02 19:50 . 2010-07-09 15:27   118120   ——a-w-  c:\windows\system32\nvmctray.dll
2012-10-02 19:50 . 2009-07-14 17:51   63336   ——a-w-  c:\windows\system32\nvshext.dll
2012-10-02 19:50 . 2009-07-14 17:51   2557800   ——a-w-  c:\windows\system32\nvsvcr.dll
2012-10-02 11:15 . 2012-10-02 11:15   430952   ——a-w-  c:\windows\SysWow64\nvStreaming.exe
2012-09-20 14:02 . 2012-09-20 14:02   1832760   ——a-w-  c:\windows\system32\LogiLDA.DLL
2012-09-14 19:19 . 2012-10-11 12:38   2048   ——a-w-  c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-11 12:38   2048   ——a-w-  c:\windows\SysWow64\tzres.dll
2012-09-12 18:46 . 2012-09-12 18:46   108008   ——a-w-  c:\windows\system32\WindowsAccessBridge-64.dll
2012-09-12 18:46 . 2012-09-12 18:46   289768   ——a-w-  c:\windows\system32\javaws.exe
2012-09-12 18:46 . 2012-09-12 18:46   189416   ——a-w-  c:\windows\system32\javaw.exe
2012-09-12 18:46 . 2012-09-12 18:46   188904   ——a-w-  c:\windows\system32\java.exe
2012-09-12 18:46 . 2012-09-12 18:46   916456   ——a-w-  c:\windows\system32\deployJava1.dll
2012-09-12 18:46 . 2012-09-12 18:46   1034216   ——a-w-  c:\windows\system32\npDeployJava1.dll
2012-08-31 18:19 . 2012-10-11 12:39   1659760   ——a-w-  c:\windows\system32\drivers\ntfs.sys
2012-08-30 20:03 . 2012-08-30 20:03   228768   ——a-w-  c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2011-04-27 13:25   128456   ——a-w-  c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-30 18:03 . 2012-10-11 12:39   5559664   ——a-w-  c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-11 12:39   3968880   ——a-w-  c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-11 12:39   3914096   ——a-w-  c:\windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05 . 2012-10-11 12:38   220160   ——a-w-  c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-11 12:38   172544   ——a-w-  c:\windows\SysWow64\wintrust.dll
2012-08-24 11:15 . 2012-09-22 20:28   17810944   ——a-w-  c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 20:28   10925568   ——a-w-  c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 20:28   2312704   ——a-w-  c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 20:28   1346048   ——a-w-  c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 20:28   1392128   ——a-w-  c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 20:28   1494528   ——a-w-  c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 20:28   237056   ——a-w-  c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 20:28   85504   ——a-w-  c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 20:28   173056   ——a-w-  c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 20:28   816640   ——a-w-  c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 20:28   599040   ——a-w-  c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 20:28   2144768   ——a-w-  c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 20:28   729088   ——a-w-  c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 20:28   96768   ——a-w-  c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 20:28   2382848   ——a-w-  c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 20:28   248320   ——a-w-  c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 20:28   1800704   ——a-w-  c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 20:28   1129472   ——a-w-  c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 20:28   1427968   ——a-w-  c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 20:28   142848   ——a-w-  c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 20:28   420864   ——a-w-  c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-22 20:28   2382848   ——a-w-  c:\windows\SysWow64\mshtml.tlb
2012-08-24 02:05 . 2012-08-24 02:05   143360   ——a-w-  c:\windows\SysWow64\rztouchdll.dll
2012-08-24 02:04 . 2012-08-24 02:04   592384   ——a-w-  c:\windows\SysWow64\rzdevicedll.dll
2012-08-24 02:04 . 2012-08-24 02:04   165888   ——a-w-  c:\windows\SysWow64\rzaudiodll.dll
2012-08-23 10:54 . 2012-11-02 23:03   322560   ——a-w-  c:\windows\system32\aaclient.dll
2012-08-22 18:12 . 2012-09-12 11:50   1913200   ——a-w-  c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 11:50   950128   ——a-w-  c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 11:50   376688   ——a-w-  c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 11:50   288624   ——a-w-  c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 14:47   245760   ——a-w-  c:\windows\system32\OxpsConverter.exe
2012-08-21 11:01 . 2012-06-03 14:46   125872   ——a-w-  c:\windows\system32\GEARAspi64.dll
2012-08-21 11:01 . 2012-06-03 14:46   106928   ——a-w-  c:\windows\SysWow64\GEARAspi.dll
2012-08-20 18:48 . 2012-10-11 12:39   243200   ——a-w-  c:\windows\system32\wow64.dll
2012-08-20 18:48 . 2012-10-11 12:39   362496   ——a-w-  c:\windows\system32\wow64win.dll
2012-08-20 18:48 . 2012-10-11 12:39   13312   ——a-w-  c:\windows\system32\wow64cpu.dll
2012-08-20 18:48 . 2012-10-11 12:39   215040   ——a-w-  c:\windows\system32\winsrv.dll
2012-08-20 18:48 . 2012-10-11 12:39   16384   ——a-w-  c:\windows\system32\ntvdm64.dll
2012-08-20 18:48 . 2012-10-11 12:39   424448   ——a-w-  c:\windows\system32\KernelBase.dll
2012-08-20 18:48 . 2012-10-11 12:39   1162240   ——a-w-  c:\windows\system32\kernel32.dll
2012-08-20 18:46 . 2012-10-11 12:39   338432   ——a-w-  c:\windows\system32\conhost.exe
2012-08-20 18:38 . 2012-10-11 12:39   4608   —-ha-w-  c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 12:39   3584   —-ha-w-  c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 12:39   3072   —-ha-w-  c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 12:39   4608   —-ha-w-  c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 12:39   4096   —-ha-w-  c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 12:39   3072   —-ha-w-  c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 12:39   4096   —-ha-w-  c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 12:39   3584   —-ha-w-  c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 12:39   6144   —-ha-w-  c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 12:39   3584   —-ha-w-  c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@=”{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}”
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:41   120104   ——a-w-  c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe” [2010-11-20 1475584]
“Overwolf”=“c:\program files (x86)\Overwolf\Overwolf.exe” [2012-10-17 35256]
“swg”=“c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2009-10-12 39408]
“MobileDocuments”=“c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe” [2012-02-23 59240]
“KPeerNexonEU”=“c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe” [2012-06-22 438272]
“Clownfish”=“c:\program files (x86)\Clownfish\Clownfish.exe” [2012-08-27 1121016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
“JMB36X IDE Setup”=“c:\windows\RaidTool\xInsIDE.exe” [2007-03-20 36864]
“BackupManagerTray”=“c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe” [2009-08-12 261888]
“Hotkey Utility”=“c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe” [2009-08-18 629280]
“EgisTecLiveUpdate”=“c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe” [2009-08-04 199464]
“Adobe Reader Speed Launcher”=“c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2012-07-31 38872]
“ArcadeDeluxeAgent”=“c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe” [2009-11-16 128296]
“PlayMovie”=“c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe” [2009-11-12 181480]
“Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [2012-07-11 919008]
“APSDaemon”=“c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe” [2012-08-27 59280]
“QuickTime Task”=“c:\program files (x86)\QuickTime\QTTask.exe” [2012-04-18 421888]
“SunJavaUpdateSched”=“c:\program files (x86)\Common Files\Java\Java Update\jusched.exe” [2012-01-18 254696]
“Razer Synapse”=“c:\program files (x86)\Razer\Synapse\RzSynapse.exe” [2012-10-11 336304]
“LogMeIn Hamachi Ui”=“c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe” [2012-08-29 1996200]
“iTunesHelper”=“c:\program files (x86)\iTunes\iTunesHelper.exe” [2012-09-09 421776]
.
c:\users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2012-7-16 0]
.
c:\users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2012-8-28 0]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-9-24 573536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
“LoadAppInit_DLLs”=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@=“Service”
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Microsoft Netværksinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\\OverwolfUpdater.exe [2012-10-17 16600]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys [2012-08-17 110592]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Tjenesten Windows Aktivering;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-02 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2011-04-21 23680]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor;c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-12 62208]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-09-24 1328736]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2009-09-23 283824]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-06-19 712704]
.
.
Indhold af mappen ‘Planlagte Opgaver’
.
2012-11-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-03 13:28]
.
2012-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-08 07:36]
.
2012-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-08 07:36]
.
.
————- X64 Entries—————-
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@=”{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}”
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:44   137512   ——a-w-  c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“IAAnotif”=“c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe” [2009-06-05 186904]
“mwlDaemon”=“c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe” [2009-09-10 349480]
“RtHDVCpl”=“c:\program files\Realtek\Audio\HDA\RAVCpl64.exe” [2009-06-16 7883296]
“Skytel”=“c:\program files\Realtek\Audio\HDA\Skytel.exe” [2009-06-16 1833504]
“PLD_FrameworkRun”=“c:\windows\system32\oem\setEvent.exe” [BU]
“Start WingMan Profiler”=“c:\program files\Logitech\Gaming Software\LWEMon.exe” [2008-04-04 120328]
“Logitech Download Assistant”=“c:\windows\System32\LogiLDA.dll” [2012-09-20 1832760]
“MSC”=“c:\program files\Microsoft Security Client\msseces.exe” [2012-09-12 1289704]
.
———- Yderligere scanning———-
.
uStart Page = hxxp://www.google.dk/
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0406&m=aspire_m5810&r=17360210qn06973654825qj9j3y32r
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0406&m=aspire_m5810&r=17360210qn06973654825qj9j3y32r
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport; to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: danid.dk
Trusted Zone: danid.dk
TCP: DhcpNameServer = 172.16.0.1
.
- - - - TOMME GENVEJE FJERNET - - - -
.
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
.
.
.
——————————- LÅSTE REGISTRERINGS NØGLER——————————-
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
“88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977”=hex:01,00,00,00,d0,8c,9d,df,01,15,
  d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e6,32,e6,dd,3e,8c,b8,4b,8a,c6,f1,\
“2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81”=hex:01,00,00,00,d0,8c,9d,df,01,15,
  d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e6,32,e6,dd,3e,8c,b8,4b,8a,c6,f1,\
.
[HKEY_USERS\S-1-5-21-937915387-3345526121-1696623123-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
“Progid”=“WindowsLiveMail.Email.1”
.
[HKEY_USERS\S-1-5-21-937915387-3345526121-1696623123-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
“Progid”=“WindowsLiveMail.VCard.1”
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=”@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101”
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
“Enabled”=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@=“c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe”
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@=”{00020424-0000-0000-C000-000000000046}”
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=”@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
“Enabled”=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@=“Shockwave Flash Object”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx”
“ThreadingModel”=“Apartment”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@=“0”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@=“ShockwaveFlash.ShockwaveFlash.11”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@=”{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@=“1.0”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@=“ShockwaveFlash.ShockwaveFlash”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@=“Macromedia Flash Factory Object”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx”
“ThreadingModel”=“Apartment”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@=“FlashFactory.FlashFactory.1”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@=”{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@=“1.0”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@=“FlashFactory.FlashFactory”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@=”{00020424-0000-0000-C000-000000000046}”
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
————————————Andre kørende processer————————————
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Gennemført tid: 2012-11-10 17:56:04 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2012-11-10 16:56
ComboFix2.txt 2012-11-09 14:44
.
Pre-Kørsel: 129.923.043.328 byte ledig
Post-Kørsel: 129.401.040.896 byte ledig
.
- - End Of File - - 5B08DF51D5C4FBF91DA00219163348CE

  henmou
Antal indlæg: 39

Har fået “Flaget” derned - flyttet/trækket det med musen, ak hvor simpelt!
Skal jeg nu prøve og køre PSI’en?