en der vil se på det her… min pc er lidt små langsom?
  soyjmh
Antal indlæg: 9

# AdwCleaner v2.011 - Logfil lavet d. 05/12/2012 kl. 14:34:22
# Opdateret d. 02/12/2012 af Xplode
# Operativ system : Windows 7 Home Premium Service Pack 1 (64 bits)
# Bruger : l mou - LMOU-PC
# Boot Mode : Normal
# Kører fra : C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WHGKGRPW\adwcleaner.exe
# Indstilling [Slet]


***** [Servicer] *****


***** [Filer / Mapper] *****

Mapper Slettet : C:\ProgramData\Partner

***** [Registeret] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Registeret er rent.

*************************

AdwCleaner[S1].txt - [634 octets] - [05/12/2012 14:34:22]

########## EOF - C:\AdwCleaner[S1].txt - [693 octets] ##########


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 26-10-2012 09:58:23
System Uptime: 05-12-2012 14:35:11 (0 hours ago)
.
Motherboard: MEDION       |  | E6224      
Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz | CPU 1 | 2100/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 658 GiB total, 617,01 GiB free.
D: is FIXED (NTFS) - 38 GiB total, 16,11 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Unknown Device
Device ID: USB\VID_0000&PID;_0000\6&1AFC4EF3;&0&2
Manufacturer: (Standard USB-værtscontroller)
Name: Unknown Device
PNP Device ID: USB\VID_0000&PID;_0000\6&1AFC4EF3;&0&2
Service:
.
==== System Restore Points ===================
.
RP5: 04-11-2012 14:33:22 - Planlagt kontrolpunkt
RP6: 16-11-2012 09:10:14 - Planlagt kontrolpunkt
RP7: 23-11-2012 16:05:58 - avast! Free Antivirus Setup
RP8: 05-12-2012 12:17:57 - Windows Update
RP9: 05-12-2012 12:40:32 - Windows Update
RP10: 05-12-2012 14:04:19 - Windows Update
RP11: 05-12-2012 14:13:14 - Windows Update
.
==== Installed Programs ======================
.
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.1.0) - Dansk
AMI VR-pulse OS Switcher
Ashampoo Burning Studio
Ashampoo Photo Commander
Ashampoo Photo Optimizer
Ashampoo Snap
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
avast! Free Antivirus
CCleaner
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Corel Graphics - Windows Shell Extension
CorelDRAW Essentials X5
CorelDRAW Essentials X5 - Common
CorelDRAW Essentials X5 - Connect
CorelDRAW Essentials X5 - Custom Data
CorelDRAW Essentials X5 - DE
CorelDRAW Essentials X5 - Draw
CorelDRAW Essentials X5 - EN
CorelDRAW Essentials X5 - ES
CorelDRAW Essentials X5 - Extra Content
CorelDRAW Essentials X5 - Filters
CorelDRAW Essentials X5 - FR
CorelDRAW Essentials X5 - IPM
CorelDRAW Essentials X5 - IT
CorelDRAW Essentials X5 - PHOTO-PAINT
CorelDRAW Essentials X5 - Redist
CorelDRAW Essentials X5 - Setup Files
CorelDRAW Essentials X5 - WT
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit
CyberLink LabelPrint
CyberLink MediaEspresso
CyberLink MediaShow
CyberLink PhotoNow
CyberLink Power2Go
CyberLink PowerDirector
CyberLink PowerDVD 10
CyberLink PowerDVD Copy
CyberLink PowerProducer
CyberLink YouCam
D3DX10
Galerie de photos Windows Live
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Intel PROSet Wireless
Intel(R) Processor Graphics
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
Intel(R) PROSet/Wireless WiFi Software
Intel(R) Rapid Storage Technology
Intel(R) Wireless Display
Java Auto Updater
Java(TM) 6 Update 37
Java(TM) 6 Update 37 (64-bit)
Junk Mail filter update
Launch Manager
Malwarebytes Anti-Malware version 1.65.1.1000
Medion Home Cinema
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVCRT
MSVCRT_amd64
PlayReady PC Runtime amd64
Realtek High Definition Audio Driver
Realtek USB 2.0 Reader Driver
Renesas Electronics USB 3.0 Host Controller Driver
Secunia PSI (3.0.0.4001)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VR-pulse Installer
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live Fotogalleri
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
Windows Live Mesh ActiveX-objekt til fjernforbindelser
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Meshin etäyhteyksien ActiveX-komponentti
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven asennustyökalu
Windows Liven sähköposti
Windows Liven valokuvavalikoima
Windows Media Encoder 9 Series
X10 Hardware(TM)
.
==== End Of File ===========================


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455
Run by l mou at 14:39:47 on 2012-12-05
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.45.1030.18.4003.2316 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
C:\Program Files (x86)\Launch Manager\OSD.exe
C:\Program Files (x86)\Launch Manager\WButton.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://jyllands-posten.dk/
uDefault_Page_URL = hxxp://www.aldi.com
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [swg] “C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
mRun: [HotkeyApp] “C:\Program Files (x86)\Launch Manager\HotkeyApp.exe”
mRun: [LMgrVolOSD] “C:\Program Files (x86)\Launch Manager\OSD.exe”
mRun: [Wbutton] “C:\Program Files (x86)\Launch Manager\Wbutton.exe”
mRun: [NUSB3MON] “C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe”
mRun: [CLMLServer] “C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe”
mRun: [avast] “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui
mRun: [SunJavaUpdateSched] “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
mRun: [Adobe ARM] “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: NameServer = 62.61.131.1 62.61.130.1
TCP: Interfaces\{43FB6CDF-625E-4C67-9F13-7BE2CE75BEA5} : DHCPNameServer = 62.61.131.1 62.61.130.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
x64-Run: [IntelWireless] “C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe” /tf Intel Wireless Tray
x64-Run: [BTMTrayAgent] rundll32.exe “C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll”,TrayApp
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-11-23 984144]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-11-23 370288]
R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-2-17 1133568]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-11-23 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-11-23 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-23 44808]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-2-11 907600]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-2-11 997712]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-2-9 134928]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-3-13 13336]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-9-24 1328736]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-9-24 656480]
R3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-2-16 261632]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-2-11 1304912]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-10-29 31088]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-2-4 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-2-4 77424]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-10 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760]
R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2011-12-16 17976]
R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2011-2-17 42392]
R3 WisLMSvc;WisLMSvc;C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [2011-3-14 118560]
R3 X10Hid;X10 Hid Device;C:\Windows\System32\drivers\x10hid.sys [2011-3-14 15896]
S3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-2-16 261632]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-1-24 58128]
S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-1-24 274944]
S3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-1-24 59904]
S3 mod7764;Tv Tuner device;C:\Windows\System32\drivers\mod77-64.sys [2011-3-14 1077416]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-2-5 340240]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-5 19456]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2011-3-14 299520]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-5 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-5 30208]
S3 WatAdminSvc;Tjenesten Windows Aktivering;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-5 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2012-12-05 13:12:26   514560   ——a-w-  C:\Windows\SysWow64\qdvd.dll
2012-12-05 13:12:26   366592   ——a-w-  C:\Windows\System32\qdvd.dll
2012-12-05 13:12:24   458712   ——a-w-  C:\Windows\System32\drivers\cng.sys
2012-12-05 13:12:24   340992   ——a-w-  C:\Windows\System32\schannel.dll
2012-12-05 13:12:24   247808   ——a-w-  C:\Windows\SysWow64\schannel.dll
2012-12-05 13:12:23   307200   ——a-w-  C:\Windows\System32\ncrypt.dll
2012-12-05 13:12:23   220160   ——a-w-  C:\Windows\SysWow64\ncrypt.dll
2012-12-05 13:12:23   154480   ——a-w-  C:\Windows\System32\drivers\ksecpkg.sys
2012-12-05 13:12:23   1448448   ——a-w-  C:\Windows\System32\lsasrv.dll
2012-12-05 13:12:22   96768   ——a-w-  C:\Windows\SysWow64\sspicli.dll
2012-12-05 13:12:22   22016   ——a-w-  C:\Windows\SysWow64\secur32.dll
2012-12-05 12:19:59   2560   ——a-w-  C:\Windows\System32\drivers\da-DK\wdf01000.sys.mui
2012-12-05 12:19:58   785512   ——a-w-  C:\Windows\System32\drivers\Wdf01000.sys
2012-12-05 12:19:57   9728   ——a-w-  C:\Windows\System32\Wdfres.dll
2012-12-05 12:19:57   54376   ——a-w-  C:\Windows\System32\drivers\WdfLdr.sys
2012-12-05 12:13:23   294912   ——a-w-  C:\Windows\System32\browserchoice.exe
2012-12-05 11:55:20   87040   ——a-w-  C:\Windows\System32\drivers\WUDFPf.sys
2012-12-05 11:55:20   198656   ——a-w-  C:\Windows\System32\drivers\WUDFRd.sys
2012-12-05 11:55:18   84992   ——a-w-  C:\Windows\System32\WUDFSvc.dll
2012-12-05 11:55:17   194048   ——a-w-  C:\Windows\System32\WUDFPlatform.dll
2012-12-05 11:55:16   45056   ——a-w-  C:\Windows\System32\WUDFCoinstaller.dll
2012-12-05 11:55:16   229888   ——a-w-  C:\Windows\System32\WUDFHost.exe
2012-12-05 11:55:15   744448   ——a-w-  C:\Windows\System32\WUDFx.dll
2012-12-05 11:49:32   81408   ——a-w-  C:\Windows\System32\imagehlp.dll
2012-12-05 11:49:32   23408   ——a-w-  C:\Windows\System32\drivers\fs_rec.sys
2012-12-05 11:49:32   159232   ——a-w-  C:\Windows\SysWow64\imagehlp.dll
2012-12-05 11:49:31   5120   ——a-w-  C:\Windows\SysWow64\wmi.dll
2012-12-05 11:49:31   5120   ——a-w-  C:\Windows\System32\wmi.dll
2012-12-05 11:40:14   142336   ——a-w-  C:\Windows\System32\poqexec.exe
2012-12-05 11:40:14   123904   ——a-w-  C:\Windows\SysWow64\poqexec.exe
2012-12-05 11:40:07   2048   ——a-w-  C:\Windows\SysWow64\tzres.dll
2012-12-05 11:40:07   2048   ——a-w-  C:\Windows\System32\tzres.dll
2012-12-05 11:38:52   3149824   ——a-w-  C:\Windows\System32\win32k.sys
2012-12-05 11:37:40   395776   ——a-w-  C:\Windows\System32\webio.dll
2012-12-05 11:36:48   1395712   ——a-w-  C:\Windows\System32\mfc42.dll
2012-12-05 11:35:58   95744   ——a-w-  C:\Windows\System32\synceng.dll
2012-12-05 11:34:56   75120   ——a-w-  C:\Windows\System32\drivers\partmgr.sys
2012-12-05 11:31:29   1292080   ——a-w-  C:\Windows\SysWow64\ntdll.dll
2012-12-05 11:31:28   1731920   ——a-w-  C:\Windows\System32\ntdll.dll
2012-12-05 11:27:41   1464320   ——a-w-  C:\Windows\System32\crypt32.dll
2012-12-05 11:27:40   184320   ——a-w-  C:\Windows\System32\cryptsvc.dll
2012-12-05 11:27:40   140288   ——a-w-  C:\Windows\SysWow64\cryptsvc.dll
2012-12-05 11:27:40   140288   ——a-w-  C:\Windows\System32\cryptnet.dll
2012-12-05 11:27:40   1159680   ——a-w-  C:\Windows\SysWow64\crypt32.dll
2012-12-05 11:27:40   103936   ——a-w-  C:\Windows\SysWow64\cryptnet.dll
2012-12-05 11:25:34   77312   ——a-w-  C:\Windows\System32\packager.dll
2012-12-05 11:25:34   67072   ——a-w-  C:\Windows\SysWow64\packager.dll
2012-12-05 11:25:32   751104   ——a-w-  C:\Windows\System32\win32spl.dll
2012-12-05 11:25:32   559104   ——a-w-  C:\Windows\System32\spoolsv.exe
2012-12-05 11:25:31   67072   ——a-w-  C:\Windows\splwow64.exe
2012-12-05 11:25:31   492032   ——a-w-  C:\Windows\SysWow64\win32spl.dll
2012-12-05 11:24:09   477168   ——a-w-  C:\Windows\SysWow64\npdeployJava1.dll
2012-12-05 11:24:03   826880   ——a-w-  C:\Windows\SysWow64\rdpcore.dll
2012-12-05 11:24:03   23552   ——a-w-  C:\Windows\System32\drivers\tdtcp.sys
2012-12-05 11:24:03   1031680   ——a-w-  C:\Windows\System32\rdpcore.dll
2012-12-05 11:21:59   404920   ——a-w-  C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-05 11:21:21   544240   ——a-w-  C:\Windows\System32\npdeployJava1.dll
2012-12-05 11:19:48   2622464   ——a-w-  C:\Windows\System32\wucltux.dll
2012-12-05 11:19:34   99840   ——a-w-  C:\Windows\System32\wudriver.dll
2012-12-05 11:19:08   36864   ——a-w-  C:\Windows\System32\wuapp.exe
2012-12-05 11:19:08   186752   ——a-w-  C:\Windows\System32\wuwebv.dll
2012-12-05 11:16:34   ————  d——-w-  C:\Users\l mou\AppData\Local\WindowsUpdate
2012-12-05 11:15:51   ————  d——-w-  C:\Users\l mou\AppData\Local\Secunia PSI
2012-12-05 11:15:27   ————  d——-w-  C:\Program Files (x86)\Secunia
2012-12-05 11:07:46   ————  d——-w-  C:\Program Files\CCleaner
2012-12-05 11:03:01   ————  d——-w-  C:\Users\l mou\AppData\Roaming\Malwarebytes
2012-12-05 11:02:33   ————  d——-w-  C:\ProgramData\Malwarebytes
2012-12-05 11:02:32   25928   ——a-w-  C:\Windows\System32\drivers\mbam.sys
2012-12-05 11:02:31   ————  d——-w-  C:\Program Files (x86)\Malwarebytes’ Anti-Malware
2012-11-23 15:07:17   54072   ——a-w-  C:\Windows\System32\drivers\aswRdr2.sys
2012-11-23 15:07:15   984144   ——a-w-  C:\Windows\System32\drivers\aswSnx.sys
2012-11-23 15:07:12   71600   ——a-w-  C:\Windows\System32\drivers\aswMonFlt.sys
2012-11-23 15:06:41   41224   ——a-w-  C:\Windows\avastSS.scr
2012-11-23 15:06:24   ————  d——-w-  C:\ProgramData\AVAST Software
2012-11-23 15:06:24   ————  d——-w-  C:\Program Files\AVAST Software
2012-11-07 22:55:00   ————  d——-w-  C:\Users\l mou\AppData\Local\Adobe
.
==================== Find3M ====================
.
2012-12-05 11:23:57   473072   ——a-w-  C:\Windows\SysWow64\deployJava1.dll
2012-12-05 11:21:11   525808   ——a-w-  C:\Windows\System32\deployJava1.dll
2012-10-26 08:05:59   85504   ——a-w-  C:\Windows\System32\iesetup.dll
2012-10-26 08:05:59   76800   ——a-w-  C:\Windows\System32\tdc.ocx
2012-10-26 08:05:59   448512   ——a-w-  C:\Windows\System32\html.iec
2012-10-26 08:05:59   30720   ——a-w-  C:\Windows\System32\licmgr10.dll
2012-10-26 08:05:59   165888   ——a-w-  C:\Windows\System32\iexpress.exe
2012-10-26 08:05:59   160256   ——a-w-  C:\Windows\System32\wextract.exe
2012-10-16 08:38:37   135168   ——a-w-  C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34   350208   ——a-w-  C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52   561664   ——a-w-  C:\Windows\apppatch\AcLayers.dll
2012-10-09 18:17:13   55296   ——a-w-  C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13   226816   ——a-w-  C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31   44032   ——a-w-  C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31   193536   ——a-w-  C:\Windows\SysWow64\dhcpcore6.dll
2012-10-08 11:31:03   2312704   ——a-w-  C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52   1392128   ——a-w-  C:\Windows\System32\wininet.dll
2012-10-08 11:22:55   1494528   ——a-w-  C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22   173056   ——a-w-  C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35   599040   ——a-w-  C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33   2382848   ——a-w-  C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24   1800704   ——a-w-  C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03   1129472   ——a-w-  C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44   1427968   ——a-w-  C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05   142848   ——a-w-  C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21   420864   ——a-w-  C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56   2382848   ——a-w-  C:\Windows\SysWow64\mshtml.tlb
2012-10-03 17:56:54   1914248   ——a-w-  C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21   70656   ——a-w-  C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21   303104   ——a-w-  C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17   246272   ——a-w-  C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17   18944   ——a-w-  C:\Windows\System32\netevent.dll
2012-10-03 17:44:16   216576   ——a-w-  C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16   569344   ——a-w-  C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24   18944   ——a-w-  C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24   175104   ——a-w-  C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23   156672   ——a-w-  C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26   45568   ——a-w-  C:\Windows\System32\drivers\tcpipreg.sys
2012-09-25 22:47:43   78336   ——a-w-  C:\Windows\SysWow64\synceng.dll
.
============= FINISH: 14:40:52,76 ===============


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:31:23, on 05-12-2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
C:\Program Files (x86)\Launch Manager\OSD.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Launch Manager\WButton.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9EGDCZBP\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://jyllands-posten.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HotkeyApp] “C:\Program Files (x86)\Launch Manager\HotkeyApp.exe”
O4 - HKLM\..\Run: [LMgrVolOSD] “C:\Program Files (x86)\Launch Manager\OSD.exe”
O4 - HKLM\..\Run: [Wbutton] “C:\Program Files (x86)\Launch Manager\Wbutton.exe”
O4 - HKLM\..\Run: [NUSB3MON] “C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe”
O4 - HKLM\..\Run: [CLMLServer] “C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe”
O4 - HKLM\..\Run: [avast] “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: [Adobe ARM] “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] “C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O9 - Extra button: eBay.dk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4 (file missing)
O9 - Extra ‘Tools’ menuitem: eBay.dk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4 (file missing)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: eBay.dk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4 (file missing) (HKCU)
O9 - Extra ‘Tools’ menuitem: eBay.dk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4 (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Tjeneste (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe


End of file - 11264 bytes

jeg takker
mvh
jacob

Administrator
Avatar
Antal indlæg: 35483

Hej  

min pc er lidt små langsom?

 

Er det så planen at vi skal gøre den rigtig langsom, eller ?        cheese


Download OTL af Oldtimer, gem den på dit skrivebord:

OTL.exe

Luk alle åbne vinduer. Klik på OTL ikonet (for Vista/win7, skal du højreklikke på ikonet og Kør som Administrator) for at starte programmet.
Når vinduet vises, under Output i toppen skift til Minimal Output.
Sæt prik i – Scan all users
Marker felterne ud for LOP check og Purity Check.


I Custom Scan boxen, kopierer du nedestående ind:

netsvcs
activex
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%windir%\system32\tasks\*.*
%systemroot%\Fonts\*.exe
%systemroot%\*. /mp /s
/md5start
consrv.dll
svchost.exe
MRESP50.SYS
CBPSp50.sys
/md5stop
C:\Windows\assembly\tmp\U\*.* /s
%Temp%\smtmp\1\*.*
%Temp%\smtmp\2\*.*
%Temp%\smtmp\3\*.*
%Temp%\smtmp\4\*.*
%Temp%\smtmp\5\*.*
>C:\commands.txt echo list vol /raw /hide /c
/wait
>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
/wait
type c:\diskreport.txt /c
/wait
erase c:\commands.txt /hide /c
/wait
erase c:\diskreport.txt /hide /c
CREATERESTOREPOINT

 

Klik så på Quick Scan.
• 


Det vil give to (2) logfiler på skrivebordet, en kaldet OTL.txt, den anden vil blive navngivet Extras.txt.
Husk, hvor du har gemt disse 2 filer.

Da de er forholdsvis lange, kan du blive nødt til at sende dem i flere indlæg.

  soyjmh
Antal indlæg: 9

OTL Extras logfile created on: 12/10/2012 9:46:21 AM - Run 1
OTL by OldTimer - Version 3.2.69.0   Folder = C:\Users\l mou\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

3.91 Gb Total Physical Memory | 2.28 Gb Available Physical Memory | 58.30% Memory free
7.82 Gb Paging File | 6.08 Gb Available in Paging File | 77.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 657.54 Gb Total Space | 614.85 Gb Free Space | 93.51% Space Free | Partition Type: NTFS
Drive D: | 38.00 Gb Total Space | 16.11 Gb Free Space | 42.40% Space Free | Partition Type: NTFS

Computer Name: LMOU-PC | User Name: l mou | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML]—C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut]—C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile]—C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML]—C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML]—Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML]—Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open]—“%1” %*
cmdfile [open]—“%1” %*
comfile [open]—“%1” %*
exefile [open]—“%1” %*
helpfile [open]—Reg Error: Key error.
htmlfile [edit]—Reg Error: Key error.
htmlfile [print]—rundll32.exe %windir%\system32\mshtml.dll,PrintHTML “%1”
http [open]—“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe”—“%1” (Google Inc.)
https [open]—“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe”—“%1” (Google Inc.)
inffile [install]—%SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation)
InternetShortcut [open]—“C:\Windows\System32\rundll32.exe” “C:\Windows\System32\ieframe.dll”,OpenURL %l (Microsoft Corporation)
InternetShortcut [print]—“C:\Windows\System32\rundll32.exe” “C:\Windows\System32\mshtml.dll”,PrintHTML “%1” (Microsoft Corporation)
piffile [open]—“%1” %*
regfile [merge]—Reg Error: Key error.
scrfile [config]—“%1”
scrfile [install]—rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open]—“%1” /S
txtfile [edit]—Reg Error: Key error.
Unknown [openas]—%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd]—cmd.exe /s /k pushd “%V” (Microsoft Corporation)
Directory [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore]—Reg Error: Value error.
Drive [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open]—“%1” %*
cmdfile [open]—“%1” %*
comfile [open]—“%1” %*
cplfile [cplopen]—%SystemRoot%\System32\control.exe “%1”,%* (Microsoft Corporation)
exefile [open]—“%1” %*
helpfile [open]—Reg Error: Key error.
htmlfile [edit]—Reg Error: Key error.
htmlfile [print]—rundll32.exe %windir%\system32\mshtml.dll,PrintHTML “%1”
http [open]—“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe”—“%1” (Google Inc.)
https [open]—“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe”—“%1” (Google Inc.)
inffile [install]—%SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation)
piffile [open]—“%1” %*
regfile [merge]—Reg Error: Key error.
scrfile [config]—“%1”
scrfile [install]—rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open]—“%1” /S
txtfile [edit]—Reg Error: Key error.
Unknown [openas]—%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd]—cmd.exe /s /k pushd “%V” (Microsoft Corporation)
Directory [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open]—%SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore]—Reg Error: Value error.
Drive [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
“cval” = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
“VistaSp1” = 28 4D B2 76 41 04 CA 01 [binary data]
“AntiVirusOverride” = 0
“AntiSpywareOverride” = 0
“FirewallOverride” = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
“EnableFirewall” = 1
“DisableNotifications” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
“EnableFirewall” = 1
“DisableNotifications” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
“EnableFirewall” = 1
“DisableNotifications” = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“{0861B9CA-0376-425E-B65F-7DE631BDF3AD}” = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
“{0AC1EC67-FE6C-4F28-9822-ABF1D3491862}” = rport=139 | protocol=6 | dir=out | app=system |
“{17C9E9BC-4A4C-4373-ADA4-A0F645271C76}” = lport=139 | protocol=6 | dir=in | app=system |
“{3556487D-3DE7-4820-AB98-4255C014FC61}” = lport=2869 | protocol=6 | dir=in | app=system |
“{3853C852-117A-4006-8A4A-47AE94FF94C5}” = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
“{3990A4B8-D4BF-4860-A49C-DA33D161D6E8}” = rport=138 | protocol=17 | dir=out | app=system |
“{3B844FB8-742B-4D12-9B3A-4FE980E5F0F3}” = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
“{5232EE12-0CB1-4144-A5C9-8FBC2AE7BFAC}” = lport=137 | protocol=17 | dir=in | app=system |
“{5BD8A78D-BB74-49B4-B6D9-224D8F47057B}” = lport=10243 | protocol=6 | dir=in | app=system |
“{641DDF86-6FAD-49E8-BBBD-C50AAC326BEA}” = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{64480256-8763-4AD9-AA39-9BBFD8642027}” = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
“{64EF526F-D106-4C36-87B5-F0A1D5BAC0EE}” = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
“{65A9FA01-0ADA-4EFA-A989-A5FEC185CE25}” = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
“{7E6C34AF-1104-4DCF-8BCD-00058D9D6167}” = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{829E4D7B-007C-41E4-A836-2F04F99A2245}” = rport=10243 | protocol=6 | dir=out | app=system |
“{8CB34936-0C93-4807-829E-DFE2DF72D506}” = rport=137 | protocol=17 | dir=out | app=system |
“{93E04124-3C63-4BAD-89CC-0EB7F5F3A1EA}” = rport=445 | protocol=6 | dir=out | app=system |
“{BB784B42-1C44-47BE-8FB4-417F3C78FFFC}” = lport=138 | protocol=17 | dir=in | app=system |
“{CEB2C2E0-E7D0-4203-AAB0-4AD93C719EFA}” = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
“{D7ECA899-C6C1-4690-AA33-B9BAFA0CDAAB}” = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{EC1B6C8E-BAED-4C05-BB3D-CC6A5F5B6D4D}” = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
“{EFB9886E-09C1-4A8E-86C1-D641CC5DD8C1}” = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{F6A1912E-2B59-4795-8E92-BB42022DE845}” = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“{03B5AA5F-8DD6-4DA3-904A-A12F51E22583}” = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
“{03ECC7B6-993B-4A38-8EBF-AF112FA9FD07}” = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
“{04903C3E-2E08-4623-B0CE-909C95212186}” = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
“{162B3BA2-CB38-4E4F-82C2-799CC4AD1FA7}” = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
“{218CFDE6-153A-48A5-8EAD-183FE965C1D5}” = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{21AEB2AB-9928-4F41-B230-5544F82B60EB}” = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
“{2239F3CF-6F3F-4DA7-813D-3ADA51E0B78B}” = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
“{2CB32764-5D3B-4601-8B95-BBCE183ABBDE}” = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
“{30509FC5-C65E-446D-883F-6AEBC9CF4C41}” = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
“{4150C1E5-A2FA-41DD-9F83-6D9A727FA760}” = protocol=6 | dir=out | app=system |
“{5E706C4D-DDC0-4C11-98F9-B9503F7542BD}” = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{681FF50F-3425-49BC-B075-5576F6A6E69E}” = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
“{7EA346E6-97D3-46A7-9EB4-3E274CEAF1E9}” = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{8CAA68F6-E4A6-450A-B7F8-47A2CC8B71AC}” = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
“{922D0ED6-05FE-49A1-A2B0-F65DEDAA2942}” = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
“{92B34D84-38AF-4943-B509-7052D4AC55C2}” = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
“{9BAF5EBC-67A8-4F50-8655-AAD3921DD86E}” = protocol=58 | dir=in | app=system |
“{A857EABA-38C0-41C1-978C-7496343D0BD1}” = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
“{A8A16AFF-F3EB-40FF-B76B-CE988386D8CC}” = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{B0678823-3EB3-4AD1-BA06-0EADFC3CECB2}” = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
“{C111E06B-42B7-4F77-A23A-5F8BC81E32E2}” = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
“{CD18C303-52D5-4A3F-924B-64E7FD3C0F7D}” = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
“{D5C13371-A27C-46F0-916F-F820B301CC83}” = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
“{DC0B667F-59D8-45AD-86E8-F2D806D3A0D3}” = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
“{DE794289-C5A2-4FFE-9D94-845A938F13A1}” = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
“{E67EC4FC-3FA3-4015-B015-0E1B58D64FFC}” = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
“{F9917739-11A1-4B93-B3A1-15526A57E100}” = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe |
“{FA57E23F-7A7E-4988-AAF7-1A25C0021777}” = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“{1685AE50-97ED-485B-80F6-145071EE14B0}” = Windows Live Remote Service Resources
“{1B8ABA62-74F0-47ED-B18C-A43128E591B8}” = Windows Live ID Sign-in Assistant
“{26A24AE4-039D-4CA4-87B4-2F86416037FF}” = Java(TM) 6 Update 37 (64-bit)
“{28EF7372-9087-4AC3-9B9F-D9751FCDF830}” = Intel(R) Wireless Display
“{2C1A6191-9804-4FDC-AB01-6F9183C91A13}” = Windows Live Remote Client Resources
“{46AE421C-BF1B-4B62-BE0E-62FE09C6D5B5}” = CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit
“{4C2E49C0-9276-4324-841D-774CCCE5DB48}” = Windows Live Remote Client Resources
“{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}” = Windows Live Remote Service Resources
“{5E2CD4FB-4538-4831-8176-05D653C3E6D4}” = Windows Live Remote Service Resources
“{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}” = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
“{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}” = Windows Live Remote Service Resources
“{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}” = Windows Live Remote Service Resources
“{794E5C90-96E5-4413-B3F5-C803205AE30C}” = Intel(R) PROSet/Wireless WiFi Software
“{7AEC844D-448A-455E-A34E-E1032196BBCD}” = Windows Live Remote Service Resources
“{821B4CA1-D404-4CCA-AEA4-C7D3F40841B1}” = Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed
“{8220EEFE-38CD-377E-8595-13398D740ACE}” = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
“{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}” = Windows Live Remote Client Resources
“{850B8072-2EA7-4EDC-B930-7FE569495E76}” = Windows Live Remote Client Resources
“{95120000-00B9-0409-1000-0000000FF1CE}” = Microsoft Application Error Reporting
“{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}” = Windows Live Remote Client Resources
“{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}” = Windows Live Remote Client Resources
“{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}” = PlayReady PC Runtime amd64
“{C7B40C35-85AE-4303-9EEA-1A1EA779664D}” = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
“{C9F05151-95A9-4B9B-B534-1760E2D014A5}” = Windows Live Remote Client Resources
“{CB3A3CAD-1083-4952-B3A6-E231359DE244}” = VR-pulse Installer
“{D07A61E5-A59C-433C-BCBD-22025FA2287B}” = Windows Live Language Selector
“{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}” = Windows Live Remote Client Resources
“{D930AF5C-5193-4616-887D-B974CEFC4970}” = Windows Live Remote Service Resources
“{DA54F80E-261C-41A2-A855-549A144F2F59}” = Windows Live MIME IFilter
“{DF6D988A-EEA0-4277-AAB8-158E086E439B}” = Windows Live Remote Client
“{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}” = Windows Live Remote Service
“{EC1369CF-15BD-4FAF-BA84-65E4788C682E}” = AMI VR-pulse OS Switcher
“{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}” = Microsoft .NET Framework 4 Client Profile
“{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}” = Windows Live Remote Service Resources
“CCleaner” = CCleaner
“Microsoft .NET Framework 4 Client Profile” = Microsoft .NET Framework 4 Client Profile
“ProInst” = Intel PROSet Wireless
“SynTPDeinstKey” = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}” = CorelDRAW Essentials X5 - Extra Content
“_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}” = Corel Graphics - Windows Shell Extension
“_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}” = CorelDRAW Essentials X5
“{00884F14-05BD-4D8E-90E5-1ABF78948CA4}” = Windows Live Mesh
“{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}” = Windows Live Messenger
“{01FB4998-33C4-4431-85ED-079E3EEFE75D}” = CyberLink YouCam
“{05E379CC-F626-4E7D-8354-463865B303BF}” = Windows Live UX Platform Language Pack
“{09B7C7EB-3140-4B5E-842F-9C79A7137139}” = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
“{0B0F231F-CE6A-483D-AA23-77B364F75917}” = Windows Live Installer
“{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}” = Windows Liven sähköposti
“{10186F1A-6A14-43DF-A404-F0105D09BB07}” = Windows Live Mail
“{110668B7-54C6-47C9-BAC4-1CE77F156AF5}” = Windows Live Mesh
“{11417707-1F72-4279-95A3-01E0B898BBF5}” = Windows Live Mesh
“{133D9D67-D475-4407-AC3C-D558087B2453}” = Windows Live Movie Maker
“{14B441B7-774D-4170-98EA-A13667AE6218}” = Windows Live Writer Resources
“{18455581-E099-4BA8-BC6B-F34B2F06600C}” = Google Toolbar for Internet Explorer
“{19BA08F7-C728-469C-8A35-BFBD3633BE08}” = Windows Live Movie Maker
“{1A72337E-D126-4BAF-AC89-E6122DB71866}” = Windows Liven valokuvavalikoima
“{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}” = Windows Live Writer Resources
“{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
“{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}” = Junk Mail filter update
“{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}” = Medion Home Cinema
“{200FEC62-3C34-4D60-9CE8-EC372E01C08F}” = Windows Live SOXE Definitions
“{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}” = Windows Live UX Platform Language Pack
“{2318C2B1-4965-11d4-9B18-009027A5CD4F}” = Google Toolbar for Internet Explorer
“{24DF33E0-F924-4D0D-9B96-11F28F0D602D}” = Windows Live UX Platform Language Pack
“{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}” = Windows Live Writer
“{26A24AE4-039D-4CA4-87B4-2F83216037FF}” = Java(TM) 6 Update 37
“{28B9D2D8-4304-483F-AD71-51890A063A74}” = Windows Live Photo Common
“{2902F983-B4C1-44BA-B85D-5C6D52E2C441}” = Windows Live Mesh ActiveX Control for Remote Connections
“{2A07C35B-8384-4DA4-9A95-442B6C89A073}” = Windows Live Essentials
“{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}” = Windows Live Writer Resources
“{2F14F550-0FFC-4285-B673-880744D428A3}” = CorelDRAW Essentials X5 - Custom Data
“{3108C217-BE83-42E4-AE9E-A56A2A92E549}” = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
“{3336F667-9049-4D46-98B6-4C743EEBC5B1}” = Windows Live Photo Gallery
“{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}” = Windows Live
“{34809713-7886-4F6A-B9D5-CC74DBC1C77E}” = CorelDRAW Essentials X5 - Redist
“{34F4D9A4-42C2-4348-BEF4-E553C84549E7}” = Windows Live Photo Gallery
“{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}” = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
“{37B33B16-2535-49E7-8990-32668708A0A3}” = Windows Live UX Platform Language Pack
“{39BDD209-5704-480C-9F4A-B69D0370DDBB}” = Windows Live Messenger
“{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}” = Windows Live Mesh
“{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}” = CorelDRAW Essentials X5 - WT
“{3B9A92DA-6374-4872-B646-253F18624D5F}” = Windows Live Writer
“{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}” = Intel(R) Rapid Storage Technology
“{3F4143A1-9C21-4011-8679-3BC1014C6886}” = Windows Live Mesh
“{40BF1E83-20EB-11D8-97C5-0009C5020658}” = CyberLink Power2Go
“{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}” = Windows Live Photo Gallery
“{4433CEC6-DA32-4D7B-BA95-B47C68498287}” = CorelDRAW Essentials X5 - Connect
“{488F0347-C4A7-4374-91A7-30818BEDA710}” = Galerie de photos Windows Live
“{4A03706F-666A-4037-7777-5F2748764D10}” = Java Auto Updater
“{4A04DB63-8F81-4EF4-9D09-61A2057EF419}” = Windows Live Essentials
“{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}” = Windows Live Meshin etäyhteyksien ActiveX-komponentti
“{5442DAB8-7177-49E1-8B22-09A049EA5996}” = Renesas Electronics USB 3.0 Host Controller Driver
“{55D003F4-9599-44BF-BA9E-95D060730DD3}” = Contrôle ActiveX Windows Live Mesh pour connexions à distance
“{57220148-3B2B-412A-A2E0-82B9DF423696}” = Windows Live Mesh ActiveX-objekt til fjernforbindelser
“{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}” = Windows Live UX Platform Language Pack
“{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}” = CorelDRAW Essentials X5 - Extra Content
“{5B46CEC7-DAD0-46A2-BCD6-B46A3CFD9B61}” = Intel(R) Wireless Display
“{5C2F5C1B-9732-4F81-8FBF-6711627DC508}” = Windows Live Fotogalleri
“{6057E21C-ABE9-4059-AE3E-3BEB9925E660}” = Windows Live Messenger
“{62687B11-58B5-4A18-9BC3-9DF4CE03F194}” = Windows Live Writer Resources
“{62BBB2F0-E220-4821-A564-730807D2C34D}” = Realtek USB 2.0 Reader Driver
“{666D7CED-12E0-4BA3-B594-5681961E7B02}” = CorelDRAW Essentials X5 - IPM
“{682B3E4F-696A-42DE-A41C-4C07EA1678B4}” = Windows Live SOXE
“{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}” = Windows Live Writer Resources
“{6A563426-3474-41C6-B847-42B39F1485B2}” = Windows Live Messenger
“{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}” = CorelDRAW Essentials X5 - DE
“{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}” = Windows Live Movie Maker
“{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}” = Windows Live Movie Maker
“{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}” = Microsoft Visual C++ 2005 Redistributable
“{72DB27D3-FE05-4227-AF5A-11CD101ECF09}” = Corel Graphics - Windows Shell Extension
“{734104DE-C2BF-412F-BB97-FCCE1EC94229}” = Windows Live Writer Resources
“{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}” = Windows Live Photo Common
“{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}” = CorelDRAW Essentials X5 - IT
“{7E017923-16F8-4E32-94EF-0A150BD196FE}” = Windows Live Writer
“{7F6021AE-E688-4D03-843A-C2260482BA0D}” = Windows Live Messenger
“{80956555-A512-4190-9CAD-B000C36D6B6B}” = Windows Live Messenger
“{80E158EA-7181-40FE-A701-301CE6BE64AB}” = CyberLink MediaShow
“{827D3E4A-0186-48B7-9801-7D1E9DD40C07}” = Windows Live Essentials
“{834F4E2F-E9DF-4FA9-8499-FF6B91012898}” = CorelDRAW Essentials X5
“{83C292B7-38A5-440B-A731-07070E81A64F}” = Windows Live PIMT Platform
“{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}” = Windows Live Mesh
“{859D4022-B76D-40DE-96EF-C90CDA263F44}” = Windows Live Writer
“{85E8F38F-0303-401E-A518-0302DF88EB07}” = CorelDRAW Essentials X5 - Draw
“{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}” = Windows Live Messenger
“{885F1BCD-C344-4758-85BD-09640CF449A5}” = Windows Live Photo Gallery
“{8909CFA8-97BF-4077-AC0F-6925243FFE08}” = Windows Liven asennustyökalu
“{89BA6E81-B60A-49BC-B283-80560A9E60DF}” = CorelDRAW Essentials X5 - PHOTO-PAINT
“{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}” = Microsoft Silverlight
“{8C6D6116-B724-4810-8F2D-D047E6B7D68E}” = Mesh Runtime
“{8CF5D47D-27B7-49D6-A14F-10550B92749D}” = Windows Live UX Platform Language Pack
“{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}” = MSVCRT
“{924B4D82-1B97-48EB-8F1E-55C4353C22DB}” = Windows Live Mail
“{92EA4134-10D1-418A-91E1-5A0453131A38}” = Windows Live Movie Maker
“{95140000-0070-0000-0000-0000000FF1CE}” = Microsoft Office 2010
“{9A25302D-30C0-39D9-BD6F-21E6EC160475}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
“{9BD262D0-B788-4546-A0A5-F4F56EC3834B}” = Windows Live Photo Common
“{9BE518E6-ECC6-35A9-88E4-87755C07200F}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
“{9D56775A-93F3-44A3-8092-840E3826DE30}” = Windows Live Mail
“{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}” = Windows Live Mail
“{A0C91188-C88F-4E86-93E6-CD7C9A266649}” = Windows Live Mesh
“{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}” = Windows Live Photo Gallery
“{A726AE06-AAA3-43D1-87E3-70F510314F04}” = Windows Live Writer
“{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}” = Google Update Helper
“{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}” = Windows Live Photo Common
“{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}” = Windows Live Writer
“{AAF454FC-82CA-4F29-AB31-6A109485E76E}” = Windows Live Writer
“{AC76BA86-7AD7-1030-7B44-AA1000000001}” = Adobe Reader X (10.1.4) - Dansk
“{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}” = Windows Live Mesh
“{B113D18C-67B0-4FB7-B329-E89B66194AE6}” = Windows Live Fotogalerie
“{B1239994-A850-44E2-BED8-E70A21124E16}” = Windows Live Mail
“{B7A0CE06-068E-11D6-97FD-0050BACBF861}” = CyberLink PowerProducer
“{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}” = Windows Live Photo Common
“{C32CE55C-12BA-4951-8797-0967FDEF556F}” = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
“{C5398A89-516C-4DAF-BA07-EE7949090E56}” = Windows Live Mesh ActiveX control for remote connections
“{C59C179C-668D-49A9-B6EA-0121CCFC1243}” = CyberLink LabelPrint
“{C66824E4-CBB3-4851-BB3F-E8CFD6350923}” = Windows Live Mail
“{C893D8C0-1BA0-4517-B11C-E89B65E72F70}” = Windows Live Photo Common
“{CB099890-1D5F-11D5-9EA9-0050BAE317E1}” = CyberLink PowerDirector
“{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}” = Windows Live Movie Maker
“{CD442136-9115-4236-9C14-278F6A9DCB3F}” = Windows Live Movie Maker
“{CD7CB1E6-267A-408F-877D-B532AD2C882E}” = Windows Live Photo Common
“{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}” = Windows Live UX Platform
“{CF671BFE-6BA3-44E7-98C1-500D9C51D947}” = Windows Live Photo Gallery
“{D0846526-66DD-4DC9-A02C-98F9A2806812}” = Launch Manager
“{D0B44725-3666-492D-BEF6-587A14BD9BD9}” = MSVCRT_amd64
“{D0BEB150-2046-4F94-AE7B-EA76772592F6}” = CorelDRAW Essentials X5 - Common
“{D31169F2-CD71-4337-B783-3E53F29F4CAD}” = Windows Live Mail
“{D36DD326-7280-11D8-97C8-000129760CBE}” = CyberLink PhotoNow
“{D436F577-1695-4D2F-8B44-AC76C99E0002}” = Windows Live Photo Common
“{D45240D3-B6B3-4FF9-B243-54ECE3E10066}” = Windows Live Communications Platform
“{D588365A-AE39-4F27-BDAE-B4E72C8E900C}” = Windows Live Mail
“{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}” = Windows Live UX Platform Language Pack
“{D7E60152-6C65-4982-8840-B6D28BF881BD}” = CorelDRAW Essentials X5 - FR
“{DA29F644-2420-4448-8128-1331BE588999}” = Windows Live Writer
“{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}” = Windows Live Movie Maker
“{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}” = Windows Live Writer
“{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}” = Windows Live Writer Resources
“{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}” = CyberLink PowerDVD 10
“{DECDCB7C-58CC-4865-91AF-627F9798FE48}” = Windows Live Mesh
“{E09C4DB7-630C-4F06-A631-8EA7239923AF}” = D3DX10
“{E3739848-5329-48E3-8D28-5BBD6E8BE384}” = CyberLink MediaEspresso
“{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}” = Windows Media Encoder 9 Series
“{E3D04529-6EDB-11D8-A372-0050BAE317E1}” = CyberLink PowerDVD Copy
“{E4BE9367-168B-4B30-B198-EE37C99FB147}” = CorelDRAW Essentials X5 - Filters
“{E4E88B54-4777-4659-967A-2EED1E6AFD83}” = Windows Live Movie Maker
“{E5DD4723-FE0B-436E-A815-DC23CF902A0B}” = Windows Live UX Platform Language Pack
“{E7BE4D1A-B529-448B-8407-889705B65185}” = CorelDRAW Essentials X5 - ES
“{E8524B28-3BBB-4763-AC83-0E83FE31C350}” = Windows Live Writer
“{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}” = Windows Live Writer Resources
“{EB4DF488-AAEF-406F-A341-CB2AAA315B90}” = Windows Live Messenger
“{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}” = CorelDRAW Essentials X5 - Setup Files
“{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}” = Microsoft SQL Server 2005 Compact Edition [ENU]
“{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}” = Intel(R) Processor Graphics
“{F0F9505B-3ACF-4158-9311-D0285136AA00}” = Windows Live Essentials
“{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}” = Realtek High Definition Audio Driver
“{F694D1F7-1F12-4550-9B7A-C871273ABAD5}” = Windows Live Messenger
“{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}” = Windows Live Essentials
“{FA6AF809-9A80-423A-A57A-C7D726A04E4C}” = CorelDRAW Essentials X5 - EN
“{FDB3B167-F4FA-461D-976F-286304A57B2A}” = Adobe AIR
“{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}” = Windows Live Essentials
“Adobe AIR” = Adobe AIR
“Adobe Flash Player ActiveX” = Adobe Flash Player 11 ActiveX
“Adobe Flash Player Plugin” = Adobe Flash Player 11 Plugin
“Ashampoo Burning Studio_is1” = Ashampoo Burning Studio
“Ashampoo Photo Commander_is1” = Ashampoo Photo Commander
“Ashampoo Photo Optimizer_is1” = Ashampoo Photo Optimizer
“Ashampoo Snap_is1” = Ashampoo Snap
“avast” = avast! Free Antivirus
“Google Chrome” = Google Chrome
“InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}” = CyberLink YouCam
“InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}” = Medion Home Cinema
“InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}” = CyberLink Power2Go
“InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}” = Renesas Electronics USB 3.0 Host Controller Driver
“InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}” = CyberLink MediaShow
“InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}” = CyberLink PowerProducer
“InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}” = CyberLink LabelPrint
“InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}” = CyberLink PowerDirector
“InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}” = CyberLink PhotoNow
“InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}” = CyberLink PowerDVD 10
“InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}” = CyberLink MediaEspresso
“InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}” = CyberLink PowerDVD Copy
“Malwarebytes’ Anti-Malware_is1” = Malwarebytes Anti-Malware version 1.65.1.1000
“Secunia PSI” = Secunia PSI (3.0.0.4001)
“Windows Media Encoder 9” = Windows Media Encoder 9 Series
“WinLiveSuite” = Windows Live Essentials
“X10Hardware” = X10 Hardware(TM)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/7/2012 7:05:06 AM | Computer Name = lmou-Pc | Source = WinMgmt | ID = 10
Description =

Error - 12/7/2012 10:51:19 AM | Computer Name = lmou-Pc | Source = Application Error | ID = 1000
Description = Navn på program med fejl: iexplore.exe, version: 9.0.8112.16455, tidsstempel:
0x5072b744 Navn på modul med fejl: aswWebRepIE64.dll, version: 7.0.1474.765, tidsstempel:
0x5090594e Undtagelseskode: 0x40000015 Forskydning med fejl 0x0000000000020566 Proces-id
0x3168 Programmets starttidspunkt 0x01cdd48195852ed7 Programsti: C:\Program Files\Internet
Explorer\iexplore.exe Modulsti: C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
Rapport-id:
8eab34fd-407d-11e2-89e1-00262dc5cc9c

Error - 12/7/2012 3:15:58 PM | Computer Name = lmou-Pc | Source = WinMgmt | ID = 10
Description =

Error - 12/7/2012 8:01:10 PM | Computer Name = lmou-Pc | Source = WinMgmt | ID = 10
Description =

Error - 12/8/2012 3:09:20 AM | Computer Name = lmou-Pc | Source = WinMgmt | ID = 10
Description =

Error - 12/8/2012 3:29:39 AM | Computer Name = lmou-Pc | Source = Microsoft-Windows-Defrag | ID = 257
Description =

Error - 12/8/2012 9:46:33 AM | Computer Name = lmou-Pc | Source = WinMgmt | ID = 10
Description =

Error - 12/9/2012 2:58:02 AM | Computer Name = lmou-Pc | Source = WinMgmt | ID = 10
Description =

Error - 12/10/2012 3:41:24 AM | Computer Name = lmou-Pc | Source = WinMgmt | ID = 10
Description =

Error - 12/10/2012 4:37:39 AM | Computer Name = lmou-Pc | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 12/5/2012 8:54:56 AM | Computer Name = lmou-Pc | Source = Service Control Manager | ID = 7034
Description = Tjenesten Secunia Update Agent afsluttede uventet. Dette er sket 1
gang(e).

Error - 12/5/2012 8:54:56 AM | Computer Name = lmou-Pc | Source = Service Control Manager | ID = 7031
Description = Tjenesten avast! Antivirus blev afbrudt uventet. Dette er sket 2 gange.
Følgende korrigerende handling foretages om 5000 millisekunder: Genstart tjenesten.

Error - 12/5/2012 8:54:56 AM | Computer Name = lmou-Pc | Source = Service Control Manager | ID = 7034
Description = Tjenesten Secunia PSI Agent afsluttede uventet. Dette er sket 1 gang(e).

Error - 12/5/2012 8:55:01 AM | Computer Name = lmou-Pc | Source = Service Control Manager | ID = 7038
Description = Tjenesten avast! Antivirus kunne ikke logge på som NT AUTHORITY\SYSTEM
med den aktuelt konfigurerede adgangskode pga. følgende fejl:  %P   Brug snap-in’en
Tjenester i Microsoft Management Console (MMC) for at sikre, at tjenesten er konfigureret
korrekt.

Error - 12/5/2012 8:55:01 AM | Computer Name = lmou-Pc | Source = Service Control Manager | ID = 7000
Description = Tjenesten avast! Antivirus kunne ikke starte pga. følgende fejl:  i

Error - 12/5/2012 8:57:47 AM | Computer Name = lmou-Pc | Source = Service Control Manager | ID = 7023
Description = Tjenesten Installationsprogram til Windows-moduler blev afbrudt med
følgende fejl:  @5

Error - 12/5/2012 8:58:07 AM | Computer Name = lmou-Pc | Source = DCOM | ID = 10010
Description =

Error - 12/5/2012 8:58:07 AM | Computer Name = lmou-Pc | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = CBS-klienten blev ikke installeret. Seneste fejl: 0x80080005

Error - 12/5/2012 8:58:07 AM | Computer Name = lmou-Pc | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = Guiden til installation af sprogpakken blev ikke startet. Genstart
systemet, og forsøg at køre guiden igen.

Error - 12/5/2012 9:21:23 AM | Computer Name = lmou-Pc | Source = Service Control Manager | ID = 7023
Description = Tjenesten Intel(R) Content Protection HECI Service blev afbrudt med
følgende fejl:  %%-2147024637


< End of report >

  soyjmh
Antal indlæg: 9

OTL logfile created on: 12/10/2012 9:46:21 AM - Run 1
OTL by OldTimer - Version 3.2.69.0   Folder = C:\Users\l mou\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

3.91 Gb Total Physical Memory | 2.28 Gb Available Physical Memory | 58.30% Memory free
7.82 Gb Paging File | 6.08 Gb Available in Paging File | 77.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 657.54 Gb Total Space | 614.85 Gb Free Space | 93.51% Space Free | Partition Type: NTFS
Drive D: | 38.00 Gb Total Space | 16.11 Gb Free Space | 42.40% Space Free | Partition Type: NTFS

Computer Name: LMOU-PC | User Name: l mou | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\l mou\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Launch Manager\HotkeyApp.exe (Wistron)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Launch Manager\WButton.exe (Wistron Corp.)
PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files (x86)\Launch Manager\OSD.exe (Wistron Corp.)
PRC - C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe (X10)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Launch Manager\WisLMSvc.exe (Wistron Corp.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus)—C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (AMPPALR3)—C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (BTHSSecurityMgr)—C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
SRV:64bit: - (EvtEng)—C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (MyWiFiDHCPDNS)—C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc)—C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (wlcrasvc)—C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend)—C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc)—C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (cphs)—C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (Secunia PSI Agent)—C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent)—C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (AdobeARMservice)—C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Bluetooth OBEX Service)—C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service)—C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor)—C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc)—C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32)—C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2)—c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (x10nets)—C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe (X10)
SRV - (WisLMSvc)—C:\Program Files (x86)\Launch Manager\WisLMSvc.exe (Wistron Corp.)
SRV - (clr_optimization_v2.0.50727_32)—C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (aswTdi)—C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx)—C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP)—C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt)—C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk)—C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr)—C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (igfx)—C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RdpVideoMiniport)—C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD)—C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt)—C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec)—C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (PSI)—C:\Windows\SysNative\drivers\psi_mf.sys (Secunia)
DRV:64bit: - (amdsata)—C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata)—C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (NETwNs64)—C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (wdkmd)—C:\Windows\SysNative\drivers\WDKMD.sys (Intel Corporation)
DRV:64bit: - (AMPPALP)—C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AMPPAL)—C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (nusb3xhc)—C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub)—C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (L1C)—C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (btmaux)—C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (iBtFltCoex)—C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (btmhsf)—C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (HpSAMD)—C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (iaStor)—C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (clwvd)—C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (RSUSBVSTOR)—C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (IntcDAud)—C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (mod7764)—C:\Windows\SysNative\drivers\mod77-64.sys (DiBcom SA)
DRV:64bit: - (SynTP)—C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (amdsbs)—C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2)—C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor)—C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv)—C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv)—C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a)—C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir)—C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (XUIF)—C:\Windows\SysNative\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV:64bit: - (X10Hid)—C:\Windows\SysNative\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (WIMMount)—C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie;={inputEncoding}&oe;={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie;={inputEncoding}&oe;={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3577927768-2273697902-945390987-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
IE - HKU\S-1-5-21-3577927768-2273697902-945390987-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3577927768-2273697902-945390987-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://jyllands-posten.dk/
IE - HKU\S-1-5-21-3577927768-2273697902-945390987-1001\..\SearchScopes,DefaultScope = {42ACCCA3-4BAA-4EC4-AA44-768F89D67C84}
IE - HKU\S-1-5-21-3577927768-2273697902-945390987-1001\..\SearchScopes\{42ACCCA3-4BAA-4EC4-AA44-768F89D67C84}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie;={inputEncoding}&oe;={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_enDE393
IE - HKU\S-1-5-21-3577927768-2273697902-945390987-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie;={inputEncoding}&oe;={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3577927768-2273697902-945390987-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru


========== Chrome ==========

CHR - homepage: http://www.google.com/ig/redirectdomain?brand=MDNC&bmod=MDNC
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie;={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl;={language}&q={searchTerms}&sugkey;={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/ig/redirectdomain?brand=MDNC&bmod=MDNC
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U37 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.370.6 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\l mou\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: Google Drive = C:\Users\l mou\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\l mou\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\l mou\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\l mou\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Users\l mou\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 |——| M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKU\S-1-5-21-3577927768-2273697902-945390987-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files (x86)\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files (x86)\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [Wbutton] C:\Program Files (x86)\Launch Manager\Wbutton.exe (Wistron Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: eBay.dk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4 File not found
O9:64bit: - Extra ‘Tools’ menuitem : eBay.dk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4 File not found
O9 - Extra Button: eBay.dk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4 File not found
O9 - Extra ‘Tools’ menuitem : eBay.dk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.61.131.1 62.61.130.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43FB6CDF-625E-4C67-9F13-7BE2CE75BEA5}: DhcpNameServer = 62.61.131.1 62.61.130.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open]—“%1” %*
O35:64bit: - HKLM\..exefile [open]—“%1” %*
O35 - HKLM\..comfile [open]—“%1” %*
O35 - HKLM\..exefile [open]—“%1” %*
O37:64bit: - HKLM\...com [@ = comfile]—“%1” %*
O37:64bit: - HKLM\...exe [@ = exefile]—“%1” %*
O37 - HKLM\...com [@ = comfile]—“%1” %*
O37 - HKLM\...exe [@ = exefile]—“%1” %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - “%ProgramFiles%\Windows Mail\WinMail.exe” OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - “C:\Windows\System32\rundll32.exe” “C:\Windows\System32\iedkcs32.dll”,BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - “%ProgramFiles(x86)%\Windows Mail\WinMail.exe” OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - “C:\Windows\SysWOW64\rundll32.exe” “C:\Windows\SysWOW64\iedkcs32.dll”,BrandIEActiveSetup SIGNUP


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/12/10 09:44:21 | 000,602,112 |——| C] (OldTimer Tools)—C:\Users\l mou\Desktop\OTL.exe
[2012/12/06 11:26:29 | 000,000,000 |—-D | C]—C:\Windows\SysNative\Macromed
[2012/12/05 14:17:21 | 000,000,000 |—-D | C]—C:\Windows\SysWow64\Wat
[2012/12/05 14:17:21 | 000,000,000 |—-D | C]—C:\Windows\SysNative\Wat
[2012/12/05 14:15:24 | 000,000,000 |—-D | C]—C:\Program Files (x86)\Common Files\Adobe
[2012/12/05 12:24:20 | 000,000,000 |—-D | C]—C:\Program Files (x86)\Common Files\Java
[2012/12/05 12:23:56 | 000,000,000 |—-D | C]—C:\Program Files (x86)\Java
[2012/12/05 12:21:09 | 000,000,000 |—-D | C]—C:\Program Files\Java
[2012/12/05 12:16:34 | 000,000,000 |—-D | C]—C:\Users\l mou\AppData\Local\WindowsUpdate
[2012/12/05 12:15:51 | 000,000,000 |—-D | C]—C:\Users\l mou\AppData\Local\Secunia PSI
[2012/12/05 12:15:27 | 000,000,000 |—-D | C]—C:\Program Files (x86)\Secunia
[2012/12/05 12:07:47 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/12/05 12:07:46 | 000,000,000 |—-D | C]—C:\Program Files\CCleaner
[2012/12/05 12:03:01 | 000,000,000 |—-D | C]—C:\Users\l mou\AppData\Roaming\Malwarebytes
[2012/12/05 12:02:33 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes’ Anti-Malware
[2012/12/05 12:02:33 | 000,000,000 |—-D | C]—C:\ProgramData\Malwarebytes
[2012/12/05 12:02:32 | 000,025,928 |——| C] (Malwarebytes Corporation)—C:\Windows\SysNative\drivers\mbam.sys
[2012/12/05 12:02:31 | 000,000,000 |—-D | C]—C:\Program Files (x86)\Malwarebytes’ Anti-Malware
[2012/11/23 16:07:18 | 000,370,288 |——| C] (AVAST Software)—C:\Windows\SysNative\drivers\aswSP.sys
[2012/11/23 16:07:18 | 000,025,232 |——| C] (AVAST Software)—C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/11/23 16:07:18 | 000,000,000 |—-D | C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/11/23 16:07:17 | 000,054,072 |——| C] (AVAST Software)—C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/11/23 16:07:16 | 000,059,728 |——| C] (AVAST Software)—C:\Windows\SysNative\drivers\aswTdi.sys
[2012/11/23 16:07:15 | 000,984,144 |——| C] (AVAST Software)—C:\Windows\SysNative\drivers\aswSnx.sys
[2012/11/23 16:07:12 | 000,285,328 |——| C] (AVAST Software)—C:\Windows\SysNative\aswBoot.exe
[2012/11/23 16:07:12 | 000,071,600 |——| C] (AVAST Software)—C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/11/23 16:06:41 | 000,041,224 |——| C] (AVAST Software)—C:\Windows\avastSS.scr
[2012/11/23 16:06:40 | 000,227,648 |——| C] (AVAST Software)—C:\Windows\SysWow64\aswBoot.exe
[2012/11/23 16:06:24 | 000,000,000 |—-D | C]—C:\ProgramData\AVAST Software
[2012/11/23 16:06:24 | 000,000,000 |—-D | C]—C:\Program Files\AVAST Software
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/10 09:44:56 | 000,016,976 | -H—| M] ()—C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/10 09:44:56 | 000,016,976 | -H—| M] ()—C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/10 09:44:21 | 000,602,112 |——| M] (OldTimer Tools)—C:\Users\l mou\Desktop\OTL.exe
[2012/12/10 09:37:24 | 000,000,928 |——| M] ()—C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/10 09:37:00 | 000,067,584 |—S- | M] ()—C:\Windows\bootstat.dat
[2012/12/10 09:36:59 | 3148,140,544 | -HS- | M] ()—C:\hiberfil.sys
[2012/12/10 09:03:00 | 000,000,932 |——| M] ()—C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/09 08:24:00 | 000,000,830 |——| M] ()—C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/06 11:16:44 | 001,264,910 |——| M] ()—C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/06 11:16:44 | 000,616,008 |——| M] ()—C:\Windows\SysNative\perfh009.dat
[2012/12/06 11:16:44 | 000,470,324 |——| M] ()—C:\Windows\SysNative\perfh006.dat
[2012/12/06 11:16:44 | 000,106,388 |——| M] ()—C:\Windows\SysNative\perfc009.dat
[2012/12/06 11:16:44 | 000,079,926 |——| M] ()—C:\Windows\SysNative\perfc006.dat
[2012/12/05 14:15:39 | 000,002,023 |——| M] ()—C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/12/05 13:59:40 | 000,001,754 |——| M] ()—C:\Users\Public\Desktop\Valg af webbrowser.lnk
[2012/12/05 13:56:08 | 000,367,840 |——| M] ()—C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/05 12:26:49 | 000,002,737 |——| M] ()—C:\Users\Public\Desktop\Google Chrome.lnk
[2012/12/05 12:15:28 | 000,001,110 |——| M] ()—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/12/05 12:11:02 | 000,092,150 |——| M] ()—C:\Users\l mou\Documents\cc_20121205_121056.reg
[2012/12/05 12:07:47 | 000,000,826 |——| M] ()—C:\Users\Public\Desktop\CCleaner.lnk
[2012/12/05 12:02:33 | 000,001,113 |——| M] ()—C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/23 16:07:18 | 000,001,962 |——| M] ()—C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/11/23 16:07:12 | 000,000,000 |——| M] ()—C:\Windows\SysWow64\config.nt
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/06 11:26:34 | 000,000,830 |——| C] ()—C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/05 14:15:39 | 000,002,441 |——| C] ()—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/12/05 14:15:39 | 000,002,023 |——| C] ()—C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/12/05 13:59:40 | 000,001,754 |——| C] ()—C:\Users\Public\Desktop\Valg af webbrowser.lnk
[2012/12/05 13:20:02 | 000,000,003 |——| C] ()—C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/12/05 12:55:15 | 000,000,003 |——| C] ()—C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/12/05 12:15:28 | 000,001,110 |——| C] ()—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/12/05 12:15:28 | 000,001,073 |——| C] ()—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2012/12/05 12:10:59 | 000,092,150 |——| C] ()—C:\Users\l mou\Documents\cc_20121205_121056.reg
[2012/12/05 12:07:47 | 000,000,826 |——| C] ()—C:\Users\Public\Desktop\CCleaner.lnk
[2012/12/05 12:02:33 | 000,001,113 |——| C] ()—C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/23 16:07:18 | 000,001,962 |——| C] ()—C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/11/23 16:07:12 | 000,000,000 |——| C] ()—C:\Windows\SysWow64\config.nt
[2012/10/10 02:22:34 | 000,064,512 |——| C] ()—C:\Windows\SysWow64\igdde32.dll
[2012/10/10 02:22:28 | 000,272,928 |——| C] ()—C:\Windows\SysWow64\igvpkrng600.bin
[2012/10/10 02:22:20 | 000,963,452 |——| C] ()—C:\Windows\SysWow64\igcodeckrng600.bin
[2011/03/14 04:23:13 | 000,127,184 |——| C] ()—C:\Windows\Unwise.exe
[2011/03/14 04:23:12 | 000,149,504 |——| C] ()—C:\Windows\unwise32_setup.exe
[2011/02/04 12:38:58 | 000,960,940 |——| C] ()—C:\Windows\SysWow64\igkrng600.bin
[2011/02/04 12:38:58 | 000,213,332 |——| C] ()—C:\Windows\SysWow64\igfcg600m.bin
[2011/02/04 12:38:56 | 000,145,804 |——| C] ()—C:\Windows\SysWow64\igcompkrng600.bin

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] ()—C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
“” = C:\Windows\SysNative\shell32.dll—[2012/06/09 06:43:10 | 014,172,672 |——| M] (Microsoft Corporation)
“ThreadingModel” = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
“” = %SystemRoot%\system32\shell32.dll—[2012/06/09 05:41:00 | 012,873,728 |——| M] (Microsoft Corporation)
“ThreadingModel” = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
“” = C:\Windows\SysNative\wbem\fastprox.dll—[2009/07/14 02:40:51 | 000,909,312 |——| M] (Microsoft Corporation)
“ThreadingModel” = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
“” = %systemroot%\system32\wbem\fastprox.dll—[2010/11/21 04:24:25 | 000,606,208 |——| M] (Microsoft Corporation)
“ThreadingModel” = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
“” = C:\Windows\SysNative\wbem\wbemess.dll—[2009/07/14 02:41:56 | 000,505,856 |——| M] (Microsoft Corporation)
“ThreadingModel” = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========


========== Purity Check ==========



========== Custom Scans ==========

<  %SYSTEMDRIVE%\*. >
[2012/10/26 08:58:39 | 000,000,000 | -HSD | M]—C:\$RECYCLE.BIN
[2012/10/26 08:50:43 | 000,000,000 | -HSD | M]—C:\Documents and Settings
[2011/03/14 03:54:58 | 000,000,000 |—-D | M]—C:\Intel
[2012/12/05 12:21:09 | 000,000,000 | R—D | M]—C:\Program Files
[2012/12/05 12:26:50 | 000,000,000 | R—D | M]—C:\Program Files (x86)
[2012/12/05 14:34:23 | 000,000,000 | -H-D | M]—C:\ProgramData
[2012/10/26 08:50:44 | 000,000,000 | -HSD | M]—C:\Recovery
[2012/12/10 09:47:59 | 000,000,000 | -HSD | M]—C:\System Volume Information
[2012/10/26 08:58:28 | 000,000,000 | R—D | M]—C:\Users
[2012/12/10 08:40:43 | 000,000,000 |—-D | M]—C:\Windows

<  %PROGRAMFILES%\*.exe >

<  %LOCALAPPDATA%\*.exe >

<  %windir%\system32\tasks\*.* >

<  %systemroot%\Fonts\*.exe >

<  %systemroot%\*. /mp /s >

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 |——| M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866—C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 |——| M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866—C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/09/29 19:54:26 | 000,218,184 |——| M] () MD5=8846E87210AD131CF71E3E2E49F647B0—C:\Program Files (x86)\Malwarebytes’ Anti-Malware\Chameleon\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 |——| M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D—C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 |——| M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D—C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

<  C:\Windows\assembly\tmp\U\*.* /s >
[2009/07/14 06:08:49 | 000,000,006 | -H—| C] ()—C:\Windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,027,028 |——| C] ()—C:\Windows\Tasks\SCHEDLGU.TXT
[2012/10/26 08:52:09 | 000,000,928 |——| C] ()—C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/10/26 08:52:11 | 000,000,932 |——| C] ()—C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/12/06 11:26:34 | 000,000,830 |——| C] ()—C:\Windows\Tasks\Adobe Flash Player Updater.job

<  %Temp%\smtmp\1\*.* >

<  %Temp%\smtmp\2\*.* >

<  %Temp%\smtmp\3\*.* >

<  %Temp%\smtmp\4\*.* >

<  %Temp%\smtmp\5\*.* >

<  type c:\diskreport.txt /c >
Microsoft DiskPart version 6.1.7601
Copyright (C) 1999-2008 Microsoft Corporation.
P† computeren: LMOU-PC
  Diskenhed Bogs. Navn     Fs   Type     Str.    Status   Oplysn.
————- —————————- ————————- ————- ————
  Diskenhed 0   E               DVD-ROM       0 B Intet med      
  Diskenhed 1               NTFS   Partition   100 MB I orden   System
  Diskenhed 2   C   Boot       NTFS   Partition   657 GB I orden   Boot  
  Diskenhed 3   D   Recover     NTFS   Partition   37 GB I orden        
  Diskenhed 4               RAW   Partition   128 MB I orden   Skjult
  Diskenhed 5               RAW   Partition   895 MB I orden   Skjult
  Diskenhed 6               RAW   Partition   1023 MB I orden   Skjult

< End of report >

og for god ordensskyld… så skal den ikke gøres langsommere hehe :D
jeg takker for jeres tid

Administrator
Avatar
Antal indlæg: 35483

og for god ordensskyld… så skal den ikke gøres langsommere hehe :D

 

Regnede jeg heller ikke med           cheese


•  Start OTL
•  Kopier nedenstånde med fed skrift ind i Custom Scan feltet

:reg
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML]—Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML]—Reg Error: Key error. File not found
:services

:otl
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O9:64bit: - Extra Button: eBay.dk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4 File not found
O9:64bit: - Extra ‘Tools’ menuitem : eBay.dk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4 File not found
O9 - Extra Button: eBay.dk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4 File not found
O9 - Extra ‘Tools’ menuitem : eBay.dk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/710-91768-17534-1/4 File not found

:Files
[2009/07/14 06:08:49 | 000,000,006 | -H—| C] ()—C:\Windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,027,028 |——| C] ()—C:\Windows\Tasks\SCHEDLGU.TXT
[2012/10/26 08:52:09 | 000,000,928 |——| C] ()—C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/10/26 08:52:11 | 000,000,932 |——| C] ()—C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/12/06 11:26:34 | 000,000,830 |——| C] ()—C:\Windows\Tasks\Adobe Flash Player Updater.job
ipconfig /flushdns /c
:Commands
[purity]
[resethosts]
[CreateRestorePoint]
[emptytemp]
[EMPTYFLASH]
[EMPTYJAVA]

 

NB -> Deaktiver dit antivirus/antispyware program. Da det/de kan ”forstyrre” og konflikte med fixet, eller fjerne vigtige filer, hvilket kan få computeren til fryse.


•  Klik på  Run Fix - Knappen
•  Hvis OTL spørger om at genstarte, så sig ja.
•  Klik på OK.
•  En log vil åbne, kopier den herind i dit næste svar.
• 
•  Ellers kan den findes her:
•    C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss

 

Hent Combofix, og gem den på dit skrivebord:
Her

NB -> Deaktiver dit antivirus/antispyware program. Da det/de kan ”forstyrre” og konflikte med combofix, eller fjerne vigtige combofix filer, hvilket kan få computeren til fryse.


Kør så combofix.exe, og følg anvisningerne.


Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.

Når combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt
Indholdet af denne fil må du gerne lægge herind.

Den kan også findes her - > C: combofix txt

  soyjmh
Antal indlæg: 9

ComboFix 12-12-10.01 - l mou 11-12-2012 13:03:31.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.45.1030.18.4003.2214 [GMT 1:00]
Kører fra: c:\users\l mou\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
(((((((((((((((((((((((((((((  Filer skabt fra 2012-11-11 til 2012-12-11 )))))))))))))))))))))))))))))))))))
.
.
2012-12-11 12:08 . 2012-12-11 12:08   ————  d——-w-  c:\users\Default\AppData\Local\temp
2012-12-11 11:52 . 2012-12-11 11:52   ————  d——-w-  C:\_OTL
2012-12-06 10:26 . 2012-12-06 11:24   696760   ——a-w-  c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-06 10:26 . 2012-12-06 10:26   ————  d——-w-  c:\windows\system32\Macromed
2012-12-05 13:17 . 2012-08-23 15:09   3072   ——a-w-  c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2012-12-05 13:15 . 2012-12-05 13:15   ————  d——-w-  c:\program files (x86)\Common Files\Adobe
2012-12-05 13:12 . 2012-05-04 11:00   366592   ——a-w-  c:\windows\system32\qdvd.dll
2012-12-05 13:12 . 2012-05-04 09:59   514560   ——a-w-  c:\windows\SysWow64\qdvd.dll
2012-12-05 13:12 . 2012-08-24 18:09   458712   ——a-w-  c:\windows\system32\drivers\cng.sys
2012-12-05 13:12 . 2012-08-24 18:05   340992   ——a-w-  c:\windows\system32\schannel.dll
2012-12-05 13:12 . 2012-08-24 16:57   247808   ——a-w-  c:\windows\SysWow64\schannel.dll
2012-12-05 13:12 . 2012-08-24 18:13   154480   ——a-w-  c:\windows\system32\drivers\ksecpkg.sys
2012-12-05 13:12 . 2012-08-24 18:04   307200   ——a-w-  c:\windows\system32\ncrypt.dll
2012-12-05 13:12 . 2012-08-24 18:03   1448448   ——a-w-  c:\windows\system32\lsasrv.dll
2012-12-05 13:12 . 2012-08-24 16:57   220160   ——a-w-  c:\windows\SysWow64\ncrypt.dll
2012-12-05 13:12 . 2012-08-24 16:57   22016   ——a-w-  c:\windows\SysWow64\secur32.dll
2012-12-05 13:12 . 2012-08-24 16:53   96768   ——a-w-  c:\windows\SysWow64\sspicli.dll
2012-12-05 12:19 . 2012-07-26 07:31   2560   ——a-w-  c:\windows\system32\drivers\da-DK\wdf01000.sys.mui
2012-12-05 12:19 . 2012-07-26 04:55   785512   ——a-w-  c:\windows\system32\drivers\Wdf01000.sys
2012-12-05 12:19 . 2012-07-26 04:55   54376   ——a-w-  c:\windows\system32\drivers\WdfLdr.sys
2012-12-05 12:19 . 2012-07-26 02:36   9728   ——a-w-  c:\windows\system32\Wdfres.dll
2012-12-05 12:13 . 2010-02-23 08:16   294912   ——a-w-  c:\windows\system32\browserchoice.exe
2012-12-05 11:55 . 2012-07-26 02:26   87040   ——a-w-  c:\windows\system32\drivers\WUDFPf.sys
2012-12-05 11:55 . 2012-07-26 02:26   198656   ——a-w-  c:\windows\system32\drivers\WUDFRd.sys
2012-12-05 11:55 . 2012-07-26 03:08   84992   ——a-w-  c:\windows\system32\WUDFSvc.dll
2012-12-05 11:55 . 2012-07-26 03:08   194048   ——a-w-  c:\windows\system32\WUDFPlatform.dll
2012-12-05 11:55 . 2012-07-26 03:08   229888   ——a-w-  c:\windows\system32\WUDFHost.exe
2012-12-05 11:55 . 2012-07-26 03:08   45056   ——a-w-  c:\windows\system32\WUDFCoinstaller.dll
2012-12-05 11:55 . 2012-07-26 03:08   744448   ——a-w-  c:\windows\system32\WUDFx.dll
2012-12-05 11:49 . 2012-03-01 06:46   23408   ——a-w-  c:\windows\system32\drivers\fs_rec.sys
2012-12-05 11:49 . 2012-03-01 06:33   81408   ——a-w-  c:\windows\system32\imagehlp.dll
2012-12-05 11:49 . 2012-03-01 05:33   159232   ——a-w-  c:\windows\SysWow64\imagehlp.dll
2012-12-05 11:49 . 2012-03-01 06:28   5120   ——a-w-  c:\windows\system32\wmi.dll
2012-12-05 11:49 . 2012-03-01 05:29   5120   ——a-w-  c:\windows\SysWow64\wmi.dll
2012-12-05 11:40 . 2011-04-09 06:58   142336   ——a-w-  c:\windows\system32\poqexec.exe
2012-12-05 11:40 . 2011-04-09 05:56   123904   ——a-w-  c:\windows\SysWow64\poqexec.exe
2012-12-05 11:40 . 2012-09-14 19:19   2048   ——a-w-  c:\windows\system32\tzres.dll
2012-12-05 11:40 . 2012-09-14 18:28   2048   ——a-w-  c:\windows\SysWow64\tzres.dll
2012-12-05 11:38 . 2012-10-18 18:25   3149824   ——a-w-  c:\windows\system32\win32k.sys
2012-12-05 11:37 . 2011-11-17 06:35   395776   ——a-w-  c:\windows\system32\webio.dll
2012-12-05 11:36 . 2011-03-11 06:34   1359872   ——a-w-  c:\windows\system32\mfc42u.dll
2012-12-05 11:35 . 2012-09-25 22:47   78336   ——a-w-  c:\windows\SysWow64\synceng.dll
2012-12-05 11:34 . 2012-03-17 07:58   75120   ——a-w-  c:\windows\system32\drivers\partmgr.sys
2012-12-05 11:31 . 2011-11-17 05:38   1292080   ——a-w-  c:\windows\SysWow64\ntdll.dll
2012-12-05 11:31 . 2011-11-17 06:41   1731920   ——a-w-  c:\windows\system32\ntdll.dll
2012-12-05 11:27 . 2012-06-02 05:41   1464320   ——a-w-  c:\windows\system32\crypt32.dll
2012-12-05 11:27 . 2012-06-02 05:41   184320   ——a-w-  c:\windows\system32\cryptsvc.dll
2012-12-05 11:27 . 2012-06-02 05:41   140288   ——a-w-  c:\windows\system32\cryptnet.dll
2012-12-05 11:27 . 2012-06-02 04:36   140288   ——a-w-  c:\windows\SysWow64\cryptsvc.dll
2012-12-05 11:27 . 2012-06-02 04:36   1159680   ——a-w-  c:\windows\SysWow64\crypt32.dll
2012-12-05 11:27 . 2012-06-02 04:36   103936   ——a-w-  c:\windows\SysWow64\cryptnet.dll
2012-12-05 11:25 . 2011-11-19 14:58   77312   ——a-w-  c:\windows\system32\packager.dll
2012-12-05 11:25 . 2011-11-19 14:01   67072   ——a-w-  c:\windows\SysWow64\packager.dll
2012-12-05 11:25 . 2012-02-11 06:43   751104   ——a-w-  c:\windows\system32\win32spl.dll
2012-12-05 11:25 . 2012-02-11 06:36   559104   ——a-w-  c:\windows\system32\spoolsv.exe
2012-12-05 11:25 . 2012-02-11 06:36   67072   ——a-w-  c:\windows\splwow64.exe
2012-12-05 11:25 . 2012-02-11 05:43   492032   ——a-w-  c:\windows\SysWow64\win32spl.dll
2012-12-05 11:24 . 2012-12-05 11:24   ————  d——-w-  c:\program files (x86)\Common Files\Java
2012-12-05 11:24 . 2012-12-05 11:23   477168   ——a-w-  c:\windows\SysWow64\npdeployJava1.dll
2012-12-05 11:24 . 2012-02-17 06:38   1031680   ——a-w-  c:\windows\system32\rdpcore.dll
2012-12-05 11:24 . 2012-02-17 05:34   826880   ——a-w-  c:\windows\SysWow64\rdpcore.dll
2012-12-05 11:24 . 2012-02-17 04:57   23552   ——a-w-  c:\windows\system32\drivers\tdtcp.sys
2012-12-05 11:23 . 2012-12-05 11:23   ————  d——-w-  c:\program files (x86)\Java
2012-12-05 11:21 . 2012-12-06 11:24   73656   ——a-w-  c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-05 11:21 . 2012-12-05 11:21   544240   ——a-w-  c:\windows\system32\npdeployJava1.dll
2012-12-05 11:21 . 2012-12-05 11:21   191984   ——a-w-  c:\windows\system32\javaws.exe
2012-12-05 11:21 . 2012-12-05 11:21   172528   ——a-w-  c:\windows\system32\javaw.exe
2012-12-05 11:21 . 2012-12-05 11:21   172528   ——a-w-  c:\windows\system32\java.exe
2012-12-05 11:21 . 2012-12-05 11:21   ————  d——-w-  c:\program files\Java
2012-12-05 11:19 . 2012-06-02 22:19   2428952   ——a-w-  c:\windows\system32\wuaueng.dll
2012-12-05 11:19 . 2012-06-02 22:19   57880   ——a-w-  c:\windows\system32\wuauclt.exe
2012-12-05 11:19 . 2012-06-02 22:19   44056   ——a-w-  c:\windows\system32\wups2.dll
2012-12-05 11:19 . 2012-06-02 22:15   2622464   ——a-w-  c:\windows\system32\wucltux.dll
2012-12-05 11:19 . 2012-06-02 22:19   38424   ——a-w-  c:\windows\system32\wups.dll
2012-12-05 11:19 . 2012-06-02 22:15   99840   ——a-w-  c:\windows\system32\wudriver.dll
2012-12-05 11:19 . 2012-06-02 22:19   701976   ——a-w-  c:\windows\system32\wuapi.dll
2012-12-05 11:19 . 2012-06-02 14:19   186752   ——a-w-  c:\windows\system32\wuwebv.dll
2012-12-05 11:19 . 2012-06-02 14:15   36864   ——a-w-  c:\windows\system32\wuapp.exe
2012-12-05 11:16 . 2012-12-05 11:16   ————  d——-w-  c:\users\l mou\AppData\Local\WindowsUpdate
2012-12-05 11:15 . 2012-12-05 11:15   ————  d——-w-  c:\users\l mou\AppData\Local\Secunia PSI
2012-12-05 11:15 . 2012-12-05 11:15   ————  d——-w-  c:\program files (x86)\Secunia
2012-12-05 11:07 . 2012-12-05 11:07   ————  d——-w-  c:\program files\CCleaner
2012-12-05 11:03 . 2012-12-05 11:03   ————  d——-w-  c:\users\l mou\AppData\Roaming\Malwarebytes
2012-12-05 11:02 . 2012-12-05 11:02   ————  d——-w-  c:\programdata\Malwarebytes
2012-12-05 11:02 . 2012-09-29 18:54   25928   ——a-w-  c:\windows\system32\drivers\mbam.sys
2012-12-05 11:02 . 2012-12-05 11:02   ————  d——-w-  c:\program files (x86)\Malwarebytes’ Anti-Malware
2012-11-23 15:07 . 2012-10-30 22:51   370288   ——a-w-  c:\windows\system32\drivers\aswSP.sys
2012-11-23 15:07 . 2012-10-30 22:51   25232   ——a-w-  c:\windows\system32\drivers\aswFsBlk.sys
2012-11-23 15:07 . 2012-10-15 16:59   54072   ——a-w-  c:\windows\system32\drivers\aswRdr2.sys
2012-11-23 15:07 . 2012-10-30 22:51   59728   ——a-w-  c:\windows\system32\drivers\aswTdi.sys
2012-11-23 15:07 . 2012-10-30 22:51   984144   ——a-w-  c:\windows\system32\drivers\aswSnx.sys
2012-11-23 15:07 . 2012-10-30 22:51   71600   ——a-w-  c:\windows\system32\drivers\aswMonFlt.sys
2012-11-23 15:07 . 2012-10-30 22:50   285328   ——a-w-  c:\windows\system32\aswBoot.exe
2012-11-23 15:06 . 2012-10-30 22:51   41224   ——a-w-  c:\windows\avastSS.scr
2012-11-23 15:06 . 2012-10-30 22:50   227648   ——a-w-  c:\windows\SysWow64\aswBoot.exe
2012-11-23 15:06 . 2012-11-23 15:06   ————  d——-w-  c:\programdata\AVAST Software
2012-11-23 15:06 . 2012-11-23 15:06   ————  d——-w-  c:\program files\AVAST Software
.
.
.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-05 11:23 . 2011-03-12 20:16   473072   ——a-w-  c:\windows\SysWow64\deployJava1.dll
2012-12-05 11:21 . 2011-03-12 20:16   525808   ——a-w-  c:\windows\system32\deployJava1.dll
2012-10-29 20:04 . 2011-03-12 19:24   66395536   ——a-w-  c:\windows\system32\MRT.exe
2012-10-26 08:06 . 2012-10-26 08:06   86528   ——a-w-  c:\windows\SysWow64\iesysprep.dll
2012-10-26 08:06 . 2012-10-26 08:06   76800   ——a-w-  c:\windows\SysWow64\SetIEInstalledDate.exe
2012-10-26 08:06 . 2012-10-26 08:06   74752   ——a-w-  c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-10-26 08:06 . 2012-10-26 08:06   74752   ——a-w-  c:\windows\SysWow64\iesetup.dll
2012-10-26 08:06 . 2012-10-26 08:06   63488   ——a-w-  c:\windows\SysWow64\tdc.ocx
2012-10-26 08:06 . 2012-10-26 08:06   48640   ——a-w-  c:\windows\SysWow64\mshtmler.dll
2012-10-26 08:06 . 2012-10-26 08:06   367104   ——a-w-  c:\windows\SysWow64\html.iec
2012-10-26 08:06 . 2012-10-26 08:06   23552   ——a-w-  c:\windows\SysWow64\licmgr10.dll
2012-10-26 08:06 . 2012-10-26 08:06   161792   ——a-w-  c:\windows\SysWow64\msls31.dll
2012-10-26 08:06 . 2012-10-26 08:06   152064   ——a-w-  c:\windows\SysWow64\wextract.exe
2012-10-26 08:06 . 2012-10-26 08:06   150528   ——a-w-  c:\windows\SysWow64\iexpress.exe
2012-10-26 08:06 . 2012-10-26 08:06   110592   ——a-w-  c:\windows\SysWow64\IEAdvpack.dll
2012-10-26 08:06 . 2012-10-26 08:06   35840   ——a-w-  c:\windows\SysWow64\imgutil.dll
2012-10-26 08:06 . 2012-10-26 08:06   11776   ——a-w-  c:\windows\SysWow64\mshta.exe
2012-10-26 08:06 . 2012-10-26 08:06   101888   ——a-w-  c:\windows\SysWow64\admparse.dll
2012-10-26 08:06 . 2012-10-26 08:06   91648   ——a-w-  c:\windows\system32\SetIEInstalledDate.exe
2012-10-26 08:06 . 2012-10-26 08:06   89088   ——a-w-  c:\windows\system32\RegisterIEPKEYs.exe
2012-10-26 08:06 . 2012-10-26 08:06   65024   ——a-w-  c:\windows\system32\pngfilt.dll
2012-10-26 08:06 . 2012-10-26 08:06   55296   ——a-w-  c:\windows\system32\msfeedsbs.dll
2012-10-26 08:06 . 2012-10-26 08:06   49664   ——a-w-  c:\windows\system32\imgutil.dll
2012-10-26 08:06 . 2012-10-26 08:06   48640   ——a-w-  c:\windows\system32\mshtmler.dll
2012-10-26 08:06 . 2012-10-26 08:06   267776   ——a-w-  c:\windows\system32\ieaksie.dll
2012-10-26 08:06 . 2012-10-26 08:06   222208   ——a-w-  c:\windows\system32\msls31.dll
2012-10-26 08:06 . 2012-10-26 08:06   197120   ——a-w-  c:\windows\system32\msrating.dll
2012-10-26 08:06 . 2012-10-26 08:06   163840   ——a-w-  c:\windows\system32\ieakui.dll
2012-10-26 08:06 . 2012-10-26 08:06   160256   ——a-w-  c:\windows\system32\ieakeng.dll
2012-10-26 08:06 . 2012-10-26 08:06   149504   ——a-w-  c:\windows\system32\occache.dll
2012-10-26 08:06 . 2012-10-26 08:06   145920   ——a-w-  c:\windows\system32\iepeers.dll
2012-10-26 08:06 . 2012-10-26 08:06   135168   ——a-w-  c:\windows\system32\IEAdvpack.dll
2012-10-26 08:06 . 2012-10-26 08:06   12288   ——a-w-  c:\windows\system32\mshta.exe
2012-10-26 08:06 . 2012-10-26 08:06   114176   ——a-w-  c:\windows\system32\admparse.dll
2012-10-26 08:06 . 2012-10-26 08:06   111616   ——a-w-  c:\windows\system32\iesysprep.dll
2012-10-26 08:06 . 2012-10-26 08:06   10752   ——a-w-  c:\windows\system32\msfeedssync.exe
2012-10-26 08:05 . 2012-10-26 08:05   89088   ——a-w-  c:\windows\system32\ie4uinit.exe
2012-10-26 08:05 . 2012-10-26 08:05   85504   ——a-w-  c:\windows\system32\iesetup.dll
2012-10-26 08:05 . 2012-10-26 08:05   82432   ——a-w-  c:\windows\system32\icardie.dll
2012-10-26 08:05 . 2012-10-26 08:05   76800   ——a-w-  c:\windows\system32\tdc.ocx
2012-10-26 08:05 . 2012-10-26 08:05   534528   ——a-w-  c:\windows\system32\ieapfltr.dll
2012-10-26 08:05 . 2012-10-26 08:05   452608   ——a-w-  c:\windows\system32\dxtmsft.dll
2012-10-26 08:05 . 2012-10-26 08:05   448512   ——a-w-  c:\windows\system32\html.iec
2012-10-26 08:05 . 2012-10-26 08:05   403248   ——a-w-  c:\windows\system32\iedkcs32.dll
2012-10-26 08:05 . 2012-10-26 08:05   39936   ——a-w-  c:\windows\system32\iernonce.dll
2012-10-26 08:05 . 2012-10-26 08:05   3695416   ——a-w-  c:\windows\system32\ieapfltr.dat
2012-10-26 08:05 . 2012-10-26 08:05   30720   ——a-w-  c:\windows\system32\licmgr10.dll
2012-10-26 08:05 . 2012-10-26 08:05   282112   ——a-w-  c:\windows\system32\dxtrans.dll
2012-10-26 08:05 . 2012-10-26 08:05   249344   ——a-w-  c:\windows\system32\webcheck.dll
2012-10-26 08:05 . 2012-10-26 08:05   165888   ——a-w-  c:\windows\system32\iexpress.exe
2012-10-26 08:05 . 2012-10-26 08:05   160256   ——a-w-  c:\windows\system32\wextract.exe
2012-10-26 08:05 . 2012-10-26 08:05   103936   ——a-w-  c:\windows\system32\inseng.dll
2012-10-26 07:58 . 2010-06-24 19:33   19720   ——a-w-  c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-10-16 08:38 . 2012-12-05 11:38   135168   ——a-w-  c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-05 11:38   350208   ——a-w-  c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-05 11:38   561664   ——a-w-  c:\windows\apppatch\AcLayers.dll
2012-10-10 01:22 . 2012-10-10 01:22   80384   ——a-w-  c:\windows\system32\igdde64.dll
2012-10-10 01:22 . 2012-10-10 01:22   437760   ——a-w-  c:\windows\system32\igfxrtrk.lrc
2012-10-10 01:22 . 2012-10-10 01:22   216064   ——a-w-  c:\windows\system32\iglhcp64.dll
2012-10-10 01:22 . 2012-10-10 01:22   180224   ——a-w-  c:\windows\SysWow64\iglhcp32.dll
2012-10-10 01:22 . 2012-10-10 01:22   5903392   ——a-w-  c:\windows\system32\GfxUI.exe
2012-10-10 01:22 . 2012-10-10 01:22   519680   ——a-w-  c:\windows\SysWow64\iglhsip32.dll
2012-10-10 01:22 . 2012-10-10 01:22   438784   ——a-w-  c:\windows\system32\igfxrdeu.lrc
2012-10-10 01:22 . 2012-10-10 01:22   438272   ——a-w-  c:\windows\system32\igfxrhun.lrc
2012-10-10 01:22 . 2012-10-10 01:22   3776512   ——a-w-  c:\windows\SysWow64\igfxcmjit32.dll
2012-10-10 01:22 . 2012-10-10 01:22   10673664   ——a-w-  c:\windows\SysWow64\ig4icd32.dll
2012-10-10 01:22 . 2012-10-10 01:22   64512   ——a-w-  c:\windows\SysWow64\igdde32.dll
2012-10-10 01:22 . 2012-10-10 01:22   501760   ——a-w-  c:\windows\system32\igfxcmrt64.dll
2012-10-10 01:22 . 2012-10-10 01:22   439296   ——a-w-  c:\windows\system32\igfxrrus.lrc
2012-10-10 01:22 . 2012-10-10 01:22   431104   ——a-w-  c:\windows\system32\igfxrkor.lrc
2012-10-10 01:22 . 2012-10-10 01:22   410624   ——a-w-  c:\windows\system32\igfxTMM.dll
2012-10-10 01:22 . 2011-02-04 11:38   12836864   ——a-w-  c:\windows\system32\igd10umd64.dll
2012-10-10 01:22 . 2011-02-04 11:38   110592   ——a-w-  c:\windows\system32\hccutils.dll
2012-10-10 01:22 . 2012-10-10 01:22   330240   ——a-w-  c:\windows\SysWow64\igfxdv32.dll
2012-10-10 01:22 . 2012-10-10 01:22   12604416   ——a-w-  c:\windows\system32\igdumd64.dll
2012-10-10 01:22 . 2012-10-10 01:22   441888   ——a-w-  c:\windows\system32\igfxpers.exe
2012-10-10 01:22 . 2012-10-10 01:22   438784   ——a-w-  c:\windows\system32\igfxrhrv.lrc
2012-10-10 01:22 . 2012-10-10 01:22   438272   ——a-w-  c:\windows\system32\igfxrcsy.lrc
2012-10-10 01:22 . 2012-10-10 01:22   25088   ——a-w-  c:\windows\SysWow64\igfxexps32.dll
2012-10-10 01:22 . 2012-10-10 01:22   5343584   ——a-w-  c:\windows\system32\drivers\igdkmd64.sys
2012-10-10 01:22 . 2012-10-10 01:22   448512   ——a-w-  c:\windows\SysWow64\igfx11cmrt32.dll
2012-10-10 01:22 . 2012-10-10 01:22   441856   ——a-w-  c:\windows\system32\igfxdev.dll
2012-10-10 01:22 . 2012-10-10 01:22   438784   ——a-w-  c:\windows\system32\igfxrnld.lrc
2012-10-10 01:22 . 2012-10-10 01:22   399392   ——a-w-  c:\windows\system32\hkcmd.exe
2012-10-10 01:22 . 2012-10-10 01:22   272928   ——a-w-  c:\windows\system32\igvpkrng600.bin
2012-10-10 01:22 . 2012-10-10 01:22   126976   ——a-w-  c:\windows\system32\igfxcpl.cpl
2012-10-10 01:22 . 2012-10-10 01:22   116224   ——a-w-  c:\windows\system32\igfxCoIn_v2867.dll
2012-10-10 01:22 . 2011-02-04 11:38   9007616   ——a-w-  c:\windows\system32\igfxress.dll
2012-10-10 01:22 . 2011-02-04 11:38   63488   ——a-w-  c:\windows\system32\igfxsrvc.dll
2012-10-10 01:22 . 2012-10-10 01:22   604160   ——a-w-  c:\windows\SysWow64\igfxcmrt32.dll
2012-10-10 01:22 . 2012-10-10 01:22   4571136   ——a-w-  c:\windows\system32\igfxcmjit64.dll
2012-10-10 01:22 . 2012-10-10 01:22   439808   ——a-w-  c:\windows\system32\igfxresn.lrc
2012-10-10 01:22 . 2012-10-10 01:22   439296   ——a-w-  c:\windows\system32\igfxrrom.lrc
2012-10-10 01:22 . 2012-10-10 01:22   437760   ——a-w-  c:\windows\system32\igfxrsve.lrc
2012-10-10 01:22 . 2012-10-10 01:22   437760   ——a-w-  c:\windows\system32\igfxrslv.lrc
2012-10-10 01:22 . 2012-10-10 01:22   437760   ——a-w-  c:\windows\system32\igfxrnor.lrc
2012-10-10 01:22 . 2012-10-10 01:22   437248   ——a-w-  c:\windows\system32\igfxrdan.lrc
2012-10-10 01:22 . 2012-10-10 01:22   277024   ——a-w-  c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-10-10 01:22 . 2012-10-10 01:22   185376   ——a-w-  c:\windows\system32\difx64.exe
2012-10-10 01:22 . 2012-10-10 01:22   173568   ——a-w-  c:\windows\system32\gfxSrvc.dll
.
.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe” [2010-11-21 1475584]
“swg”=“c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2012-10-26 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
“HotkeyApp”=“c:\program files (x86)\Launch Manager\HotkeyApp.exe” [2010-12-15 207400]
“LMgrVolOSD”=“c:\program files (x86)\Launch Manager\OSD.exe” [2009-12-11 348960]
“Wbutton”=“c:\program files (x86)\Launch Manager\Wbutton.exe” [2010-06-21 436264]
“NUSB3MON”=“c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe” [2010-11-17 113288]
“CLMLServer”=“c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe” [2009-11-02 103720]
“avast”=“c:\program files\AVAST Software\Avast\avastUI.exe” [2012-10-30 4297136]
“SunJavaUpdateSched”=“c:\program files (x86)\Common Files\Java\Java Update\jusched.exe” [2012-09-17 254896]
“Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [2012-07-27 919008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-9-24 573536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
“aux”=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-02-16 261632]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-01-24 58128]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-01-24 274944]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-01-24 59904]
R3 mod7764;Tv Tuner device;c:\windows\system32\DRIVERS\mod77-64.sys [2010-09-16 1077416]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-02-04 340240]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [2010-10-21 299520]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Tjenesten Windows Aktivering;c:\windows\system32\Wat\WatAdminSvc.exe [2012-12-05 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-02-17 1133568]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-02-11 907600]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-02-11 997712]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-02-09 134928]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-09-24 1328736]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-09-24 656480]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-02-16 261632]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-02-11 1304912]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-10-29 31088]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-01-25 77424]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2011-02-10 82432]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2011-02-10 181760]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2011-02-17 42392]
S3 WisLMSvc;WisLMSvc;c:\program files (x86)\Launch Manager\WisLMSvc.exe [2009-10-23 118560]
S3 X10Hid;X10 Hid Device;c:\windows\System32\Drivers\x10hid.sys [2009-05-13 15896]
.
.
Indhold af mappen ‘Planlagte Opgaver’
.
2012-12-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-06 11:24]
.
2012-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26 07:52]
.
2012-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26 07:52]
.
.
————- X64 Entries—————-
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@=”{472083B0-C522-11CF-8763-00608CC02F24}”
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50   133400   ——a-w-  c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“RtHDVCpl”=“c:\program files\Realtek\Audio\HDA\RAVCpl64.exe” [2011-03-09 11780712]
“RtHDVBg”=“c:\program files\Realtek\Audio\HDA\RAVBg64.exe” [2011-03-09 2189416]
“IntelWireless”=“c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe” [2011-02-04 1933584]
“BTMTrayAgent”=“c:\program files (x86)\Intel\Bluetooth\btmshell.dll” [2011-02-11 10361616]
“IgfxTray”=“c:\windows\system32\igfxtray.exe” [2012-10-10 171040]
“HotKeysCmds”=“c:\windows\system32\hkcmd.exe” [2012-10-10 399392]
“Persistence”=“c:\windows\system32\igfxpers.exe” [2012-10-10 441888]
.
———- Yderligere scanning———-
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://jyllands-posten.dk/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 62.61.131.1 62.61.130.1
.
- - - - TOMME GENVEJE FJERNET - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
——————————- LÅSTE REGISTRERINGS NØGLER——————————-
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
“Progid”=“ChromeHTML”
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
“Progid”=“ChromeHTML”
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
“Progid”=“ChromeHTML”
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
“Progid”=“ChromeHTML”
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
“Progid”=“ChromeHTML”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=”@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
“Enabled”=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@=“c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@=”{00020424-0000-0000-C000-000000000046}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=”@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
“Enabled”=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@=“Shockwave Flash Object”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx”
“ThreadingModel”=“Apartment”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@=“0”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@=“ShockwaveFlash.ShockwaveFlash.11”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@=”{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@=“1.0”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@=“ShockwaveFlash.ShockwaveFlash”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@=“Macromedia Flash Factory Object”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx”
“ThreadingModel”=“Apartment”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@=“FlashFactory.FlashFactory.1”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@=”{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@=“1.0”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@=“FlashFactory.FlashFactory”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@=”{00020424-0000-0000-C000-000000000046}”
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Gennemført tid: 2012-12-11 13:10:17
ComboFix-quarantined-files.txt 2012-12-11 12:10
.
Pre-Kørsel: 661.278.089.216 byte ledig
Post-Kørsel: 660.902.440.960 byte ledig
.
- - End Of File - - A996F566769FC9BE916B0C55026B1426


All processes killed
========== REGISTRY ==========
HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>\\.html [@ |ChromeHTML]—Reg Error: Key error. File not found[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>].html [@ = ChromeHTML]—Reg Error: Key error. File not found:services /E :invalid edit format. Invalid data type.
========== OTL ==========
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
========== FILES ==========
Invalid Switch: 14 06:08:49 | 000,000,006 | -H—| C] ()—C:\Windows\Tasks\SA.DAT
Invalid Switch: 14 06:08:49 | 000,027,028 |——| C] ()—C:\Windows\Tasks\SCHEDLGU.TXT
Invalid Switch: 26 08:52:09 | 000,000,928 |——| C] ()—C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
Invalid Switch: 26 08:52:11 | 000,000,932 |——| C] ()—C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
Invalid Switch: 06 11:26:34 | 000,000,830 |——| C] ()—C:\Windows\Tasks\Adobe Flash Player Updater.job
<  ipconfig /flushdns /c >
Windows IP-konfiguration
DNS Resolver Cache blev t›mt.
C:\Users\l mou\Desktop\cmd.bat deleted successfully.
C:\Users\l mou\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: l mou
->Temp folder emptied: 54370 bytes
->Temporary Internet Files folder emptied: 141537920 bytes
->Java cache emptied: 20363 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 58121 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 20860 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50517 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 757 bytes
RecycleBin emptied: 153502 bytes

Total Files Cleaned = 135.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: l mou
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: l mou
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12112012_125206

Files\Folders moved on Reboot…
C:\Users\l mou\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZEH4C48I\adloader[1].htm moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZEH4C48I\plusone_gadget[1].htm moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VBGCRXZV\InboxLight[1].htm moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VBGCRXZV\resourcespreload[1].htm moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VBGCRXZV\xmlProxy[1].htm moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NK5T38LQ\flextag[3].htm moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NK5T38LQ\xmlProxy[2].htm moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E7866BLQ\default[1].htm moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E7866BLQ\EditMessageLight[1].htm moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E7866BLQ\flextag[1].htm moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E7866BLQ\RteFrame_16.2.7137.1204[1].htm moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DTN51XGY\AjaxHistoryFrame[1].htm moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DTN51XGY\LocalStorage[1].htm moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DTN51XGY\Messenger[1].htm moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DTN51XGY\WebIMPop[1].htm moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BEMQ4OHU\xmlProxy[1].htm moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\l mou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

PendingFileRenameOperations files…

Registry entries deleted on Reboot…

Administrator
Avatar
Antal indlæg: 35483

Det ser godt nok ud, så fortæl om der er fremskridt             ?

  soyjmh
Antal indlæg: 9

halløj…
det er blevet betydelig bedre… min far takker mange gange….
kommer snart med min egen… den er også blevet lidt sløv…
hej hej… smile

Administrator
Avatar
Antal indlæg: 35483

Lyder godt, og velbekomme               grin


Du er velkommen med din egen computer, men jeg lukker her, så du laver bare en ny tråd…..............