[Dragebarn]

Hi,

It feels like I'm not the one controlling my PC anymore. This has been going on for at least 3 week or more.
If I start the PC and disconnect the internet I can work without problems - I have only done this for an hour or so.

If I start the PC with internet connection, then after 5-7-10 minutes something odd happens. The computer becomes unresponsive and nothing is responding.
I have no connection to the wireless internet (even though my phone has) I can't use the start menu, I can't do a control-alt-delete. .. or .. I can sometimes do these things if I'm willing to wait several minutes for a response. When the PC starts this, I often get a "Windows pathfinder is not responsive".
Sometimes I see a quick flash of "something" that starts up, but I can not see what it is.
If I try to close the PC, it is so slow that I usually kill it after 10 minutes.
If I wait I can sometimes get to the other side of this problem and then the PC works a little worse normal.
I have tried to update my Drivers, but I made an epic fail, so now I still have old drivers and fight with Norton PC Checkup program that I can’t get rid of.
I have made a full system scan with HouseCall from Trend Micro and after 5-6 hours it came out clean.
My BF have looked at the programs running (with WinPatrol)but the things he turned off, had no effect on the problems.
It has taken me more than 5 restarts to write this and to get a full scan from OTL. I am so frustrated. Can any of you wonderful people please help me?
Kamilla




OTL logfile created on: 11-06-2012 11:38:13 - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Allan\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

3,94 Gb Total Physical Memory | 2,46 Gb Available Physical Memory | 62,38% Memory free
7,87 Gb Paging File | 6,25 Gb Available in Paging File | 79,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 30,66 Gb Free Space | 25,71% Space Free | Partition Type: NTFS

Computer Name: DV7-4050EO | User Name: Allan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-06-11 10:46:11 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Allan\Downloads\OTL.exe
PRC - [2012-05-08 00:31:08 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Allan\AppData\Local\Akamai\netsession_win.exe
PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programmer\AVAST Software\Avast\AvastUI.exe
PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programmer\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-01-02 18:14:02 | 000,325,728 | ---- | M] (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2011-12-14 13:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011-11-07 21:37:20 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
PRC - [2010-12-17 09:33:10 | 000,439,632 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
PRC - [2010-12-17 09:33:06 | 001,103,184 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
PRC - [2010-12-07 12:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010-09-16 15:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010-07-14 09:42:26 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2009-05-14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2007-04-23 05:00:00 | 000,077,824 | ---- | M] () -- C:\Programmer\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2006-05-12 13:27:16 | 000,258,103 | ---- | M] (Broadcom Corporation.) -- C:\Program Files (x86)\WIDCOMM\Bluetooth-software\bin\btwdins.exe


========== Modules (No Company Name) ==========

MOD - [2012-01-08 21:50:36 | 000,573,100 | ---- | M] () -- C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2007-04-23 05:00:00 | 000,077,824 | ---- | M] () -- C:\Programmer\Logitech\SetPoint\x86\SetPoint32.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011-05-13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010-06-21 21:57:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010-02-23 07:38:54 | 002,192,176 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-06-01 17:37:22 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-05-30 00:49:53 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll -- (Akamai)
SRV - [2012-03-26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programmer\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012-03-26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programmer\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programmer\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012-03-07 01:15:13 | 000,134,920 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Programmer\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-12-14 13:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011-11-07 21:37:20 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2011-11-07 21:36:13 | 000,135,608 | R--- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2011-03-28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010-12-17 09:33:10 | 000,439,632 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe -- (RUBotSrv)
SRV - [2010-12-07 12:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010-11-11 14:48:32 | 000,334,448 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2010-11-11 14:48:28 | 000,404,080 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2010-11-11 13:31:44 | 000,539,248 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010-09-16 15:06:22 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010-06-17 21:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programmer\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-23 07:19:02 | 001,799,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2010-01-18 15:04:08 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Programmer\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2009-10-20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-05-14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2009-03-03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programmer\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2006-05-12 13:27:16 | 000,258,103 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files (x86)\WIDCOMM\Bluetooth-software\bin\btwdins.exe -- (btwdins)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-03-20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012-03-07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012-03-07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012-03-07 01:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012-03-07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012-03-07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012-03-07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012-03-07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011-05-13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011-05-13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011-05-10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011-03-21 13:22:06 | 000,452,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-22 13:17:34 | 002,736,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010-12-17 02:28:38 | 001,403,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010-11-11 14:49:12 | 000,081,008 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2010-11-11 14:49:00 | 000,068,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2010-11-11 14:47:12 | 000,031,856 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2010-11-11 14:47:00 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2010-11-11 13:31:32 | 000,038,512 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2010-11-11 11:04:52 | 000,045,104 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2010-11-11 11:04:52 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2010-07-14 09:42:26 | 000,032,880 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010-06-25 17:08:10 | 000,036,928 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010-06-21 23:17:52 | 006,856,704 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010-06-21 21:24:12 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010-06-17 21:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010-05-06 05:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010-04-13 09:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009-11-01 20:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009-10-20 20:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009-09-10 09:50:16 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2009-08-26 12:33:00 | 000,031,744 | ---- | M] (OPTO ELECTRONICS CO.,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\optovcm.sys -- (optovcm)
DRV:64bit: - [2009-08-26 12:33:00 | 000,022,656 | ---- | M] (OPTO ELECTRONICS CO.,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\optousb.sys -- (optousb)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009-07-14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) Driver til serielt digitalt kamera (stillbilleder)
DRV:64bit: - [2009-07-14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-03-25 17:48:00 | 000,153,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdm.sys -- (s1018mdm)
DRV:64bit: - [2009-03-25 17:48:00 | 000,146,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV:64bit: - [2009-03-25 17:48:00 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2009-03-25 17:48:00 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018obex.sys -- (s1018obex)
DRV:64bit: - [2009-03-25 17:48:00 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV:64bit: - [2009-03-25 17:48:00 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV:64bit: - [2009-03-25 17:48:00 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV:64bit: - [2008-05-16 12:33:06 | 000,158,760 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdm.sys -- (s0016mdm)
DRV:64bit: - [2008-05-16 12:33:06 | 000,151,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV:64bit: - [2008-05-16 12:33:06 | 000,137,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2008-05-16 12:33:06 | 000,136,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016obex.sys -- (s0016obex)
DRV:64bit: - [2008-05-16 12:33:06 | 000,034,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV:64bit: - [2008-05-16 12:33:04 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV:64bit: - [2008-05-16 12:32:56 | 000,115,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV:64bit: - [2007-07-16 23:29:33 | 000,023,064 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hpfx64fax.sys -- (HPFXFAX)
DRV:64bit: - [2007-07-16 23:29:23 | 000,020,504 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hpfx64bulk.sys -- (HPFXBULK)
DRV:64bit: - [2007-04-11 16:35:30 | 000,056,080 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2007-04-11 16:35:22 | 000,053,520 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006-07-24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7GGLL_da
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.dk/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.1
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.91: C:\Program Files (x86)\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Allan\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Allan\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-31 11:12:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-07 22:00:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-04-13 03:33:53 | 000,000,000 | ---D | M]

[2010-09-22 09:14:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allan\AppData\Roaming\mozilla\Extensions
[2010-09-22 09:14:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allan\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012-06-08 09:10:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allan\AppData\Roaming\mozilla\Firefox\Profiles\x91mcrhb.default\extensions
[2012-06-07 22:20:17 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Allan\AppData\Roaming\mozilla\Firefox\Profiles\x91mcrhb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012-06-07 22:20:16 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Allan\AppData\Roaming\mozilla\Firefox\Profiles\x91mcrhb.default\extensions\[email protected]
[2011-06-18 09:45:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allan\AppData\Roaming\mozilla\Firefox\Profiles\x91mcrhb.default\extensions\nostmp
[2012-06-08 09:10:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allan\AppData\Roaming\mozilla\Firefox\Profiles\x91mcrhb.default\extensions\staged
[2012-06-07 22:00:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-04-01 00:14:47 | 000,164,722 | ---- | M] () (No name found) -- C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X91MCRHB.DEFAULT\EXTENSIONS\[email protected]
[2012-06-01 17:38:43 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-03-12 10:43:53 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012-06-01 18:24:48 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-co-uk.xml
[2012-06-01 18:24:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012-06-01 18:24:48 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-da.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Allan\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Allan\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Allan\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Chrome IE Tab (Enabled) = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.5.14.1_0\plugin/blackfishietab.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: getPlusPlus for Adobe 16291 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Bejeweled = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: James White = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\
CHR - Extension: Scorpion Solitaire = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfhfpojmehjcdldbclpgfclmdodpin\1.0.0.2_0\
CHR - Extension: Google-s\u00F8gning = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Mahjong Daglige = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gglcbpjnmkbgimmaooidnnlienhmldon\1.0_0\
CHR - Extension: PDF Mergy = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha\0.4.0_0\
CHR - Extension: World of Solitaire = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbnllnaaaohekjkcpfdllhhjijnidgn\1.0.1_0\
CHR - Extension: Old Maps Online = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ildefchbaikbajjccfmamfppgciacekl\1_0\
CHR - Extension: Midas Mahjong = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jigedhfmfokfponjbdljpmdjlabjklji\1_0\
CHR - Extension: Mahjong Solitaire = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\neojceinbonpjjcokpokpeobkhcpiloc\1.0.0.1_0\
CHR - Extension: Solitaire = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\odolcicinbdfkjffjobjkpdfoklnplfl\1_0\
CHR - Extension: Onion News Network = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\paolneildlfbbkcfdkokicbeodacnhfa\1.0.2_0\

O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll File not found
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Programmer\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [snp2std] C:\Windows\vsnp2std.exe File not found
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programmer\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [D-Link SharePort] C:\Program Files (x86)\D-Link\SharePort\SharePort.exe (D-Link Corporation)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Trend Micro RUBotted V2.0 Beta] C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Allan\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup File not found
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Send til &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth-software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Send til &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth-software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - CC:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - CC:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: danid.dk ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: samsungsetup.com ([www] http in Pålidelige websteder)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {5C0E257E-9DFE-4955-AA93-0A9B166BAB50} http://192.168.0.177...ct/SSObject.cab (SSObject Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.150.129.22 89.150.129.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{32AC4BC1-5317-483F-8A5C-FFE379FFE4C6}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8CD98357-412C-42D4-893C-0E9C48CCDE6E}: DhcpNameServer = 89.150.129.22 89.150.129.10
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmer\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-06-11 10:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2012-06-11 09:59:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2012-06-11 09:59:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2012-06-11 09:59:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro RUBotted
[2012-06-11 09:59:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012-06-11 09:04:09 | 000,000,000 | ---D | C] -- C:\2587a56d3583a4cae1b106bf50db
[2012-06-10 23:38:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NortonPCCheckupx64
[2012-06-10 23:38:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NortonPCCheckupx64\0200110.014
[2012-06-10 23:38:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton PC Checkup
[2012-06-10 23:38:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton PC Checkup
[2012-06-08 12:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\HardwareHelper
[2012-06-08 12:07:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft
[2012-06-08 11:41:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012-06-08 11:41:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012-06-08 11:32:05 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2012-06-08 11:31:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WIDCOMM
[2012-06-08 11:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Detective
[2012-06-07 22:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-06-07 22:00:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012-06-01 21:45:36 | 000,000,000 | ---D | C] -- C:\e65d164dfa37290fc1e0596b59a635
[2012-05-29 12:50:45 | 000,000,000 | ---D | C] -- C:\Users\Allan\Desktop\Mobil Ting
[2012-05-29 12:38:43 | 000,000,000 | ---D | C] -- C:\Users\Allan\Desktop\Mine Billeder
[2012-05-29 11:34:26 | 000,000,000 | ---D | C] -- C:\cb89aabaf8529523df5af8e2
[2012-05-24 21:44:24 | 000,000,000 | ---D | C] -- C:\Users\Allan\.pdfsam
[2012-05-23 12:17:12 | 000,000,000 | ---D | C] -- C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Protector Splitter and Merger PRO
[2012-05-23 12:17:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Protecter Splitter and Merger Pro
[2012-05-17 14:28:43 | 000,200,976 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysWow64\drivers\tmcomm.sys
[2012-05-14 13:30:58 | 000,000,000 | ---D | C] -- C:\Users\Allan\Desktop\Madopskrifter
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-06-11 11:42:30 | 000,014,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-06-11 11:42:30 | 000,014,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-06-11 11:41:21 | 001,353,556 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-06-11 11:41:21 | 000,657,188 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-06-11 11:41:21 | 000,477,842 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2012-06-11 11:41:21 | 000,123,546 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-06-11 11:41:21 | 000,099,946 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2012-06-11 11:34:12 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-06-11 11:33:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-06-11 11:33:54 | 3169,210,368 | -HS- | M] () -- C:\hiberfil.sys
[2012-06-11 10:54:00 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2555285916-205775456-1634495091-1000UA.job
[2012-06-11 10:54:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-06-07 22:00:34 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-06-07 20:54:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2555285916-205775456-1634495091-1000Core.job
[2012-06-02 15:49:29 | 001,080,182 | ---- | M] () -- C:\Users\Allan\Desktop\equilibrio_yin-yang_clean_notext.svg
[2012-05-31 20:04:21 | 000,079,060 | ---- | M] () -- C:\Users\Allan\AppData\Local\ars.cache
[2012-05-31 15:12:05 | 005,929,183 | ---- | M] () -- C:\Users\Allan\AppData\Local\census.cache
[2012-05-22 09:03:25 | 000,317,395 | ---- | M] () -- C:\Users\Allan\Desktop\Social media marketing landscape complicated - Business Insider.htm
[2012-05-19 18:55:49 | 000,000,970 | ---- | M] () -- C:\Users\Allan\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012-05-17 14:27:53 | 000,000,036 | ---- | M] () -- C:\Users\Allan\AppData\Local\housecall.guid.cache
[2012-05-16 20:28:44 | 000,004,535 | ---- | M] () -- C:\Users\Allan\Desktop\Henna hårfarve .htm
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-06-10 23:38:27 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NortonPCCheckupx64\0200110.014\isolate.ini
[2012-06-07 22:00:34 | 000,001,145 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-06-07 22:00:34 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-06-02 15:48:37 | 001,080,182 | ---- | C] () -- C:\Users\Allan\Desktop\equilibrio_yin-yang_clean_notext.svg
[2012-05-22 09:03:24 | 000,317,395 | ---- | C] () -- C:\Users\Allan\Desktop\Social media marketing landscape complicated - Business Insider.htm
[2012-05-19 18:55:49 | 000,000,970 | ---- | C] () -- C:\Users\Allan\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012-05-17 17:15:08 | 005,929,183 | ---- | C] () -- C:\Users\Allan\AppData\Local\census.cache
[2012-05-17 17:13:38 | 000,079,060 | ---- | C] () -- C:\Users\Allan\AppData\Local\ars.cache
[2012-05-17 14:27:53 | 000,000,036 | ---- | C] () -- C:\Users\Allan\AppData\Local\housecall.guid.cache
[2012-05-16 20:28:44 | 000,004,535 | ---- | C] () -- C:\Users\Allan\Desktop\Henna hårfarve .htm
[2012-05-08 11:30:26 | 000,493,432 | ---- | C] () -- C:\Windows\ssndii.exe
[2012-03-05 20:18:28 | 000,000,284 | ---- | C] () -- C:\Windows\hpbvspst.ini
[2012-03-05 20:13:39 | 000,000,705 | ---- | C] () -- C:\Windows\hpntwksetup.ini
[2012-03-05 20:09:13 | 000,193,287 | ---- | C] () -- C:\Windows\hppins12.dat
[2012-01-29 16:26:29 | 000,000,421 | ---- | C] () -- C:\Users\Allan\AppData\Roaming\freenote.ini
[2011-12-03 17:21:18 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2011-05-23 16:02:59 | 000,007,597 | ---- | C] () -- C:\Users\Allan\AppData\Local\Resmon.ResmonCfg
[2011-02-05 22:46:23 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011-01-30 21:39:22 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2011-01-30 21:37:07 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2011-01-23 16:12:29 | 000,007,680 | ---- | C] () -- C:\Users\Allan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-01-08 00:30:34 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe
[2011-01-04 18:54:05 | 000,000,000 | ---- | C] () -- C:\Windows\TMonitor_1031_64.INI
[2010-12-17 02:26:22 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2010-11-22 22:24:59 | 001,373,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010-10-30 21:46:55 | 000,000,000 | ---- | C] () -- C:\Users\Allan\AppData\Local\prvlcl.dat
[2010-09-28 16:20:13 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010-09-17 12:57:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-09-17 12:56:18 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat

========== LOP Check ==========

[2010-10-08 08:27:36 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\Acronis
[2010-09-22 15:57:48 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\CocoonSoftware
[2010-09-22 17:38:18 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\ColorCop
[2010-09-22 16:14:22 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\Cryptomathic
[2011-12-03 17:20:05 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\Epson
[2010-11-28 02:29:42 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\FOG Downloader
[2011-01-09 10:16:31 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\KeePass
[2011-05-06 17:05:18 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\MP3toiPodAudioBookConverter
[2011-02-05 22:33:48 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\Samsung
[2010-12-12 14:08:18 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\Stardock
[2012-01-29 16:14:51 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\SummaSummarum
[2011-05-22 11:03:25 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\SynoSurveillance
[2011-01-02 21:30:44 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\TeamViewer
[2012-05-27 22:39:26 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\uTorrent
[2012-01-29 17:01:02 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\WinPatrol
[2012-05-30 12:34:44 | 000,032,550 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

[Advertisements]

Hi, Dragebarn! My nick name is CompCav and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any questions or you are unsure about anything, just ask and I will help you out.

If you have resolved the issues you were originally experiencing, or have received help elsewhere, please let me know so that this topic can be closed.


Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. One of the steps I will be asking you to do requires you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.

If you are ready to get started, please review and follow these guidelines so that we resolve your issues in a timely and effective manner:

• Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
• Please make sure to carefully read any instructions that I give you. Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
• If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
• These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. These instructions are not suitable for any other computer, even if the issues are fairly similar.
• Do not do things I do not ask for, such as running a spyware scan on your computer. However, the one thing that you should always do, is to make sure your anti-virus definitions are up-to-date!
• Please do not use the Attachment feature for any log file. Just do a Copy/Paste of the entire contents of the log file inside your post and submit.
• You must reply within four days failure to reply will result in the topic being closed!
• Please do not PM me directly for help. If you have any questions, post them in this topic. PM me only if I have not responded to your last post in 2 days.
• Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to ultimately reformat your hard drive and reinstall the operating system.
  Don't worry, this only happens in severe cases, but it sadly does happen. Please have the software and storage media for backing up your data available.

Step 1.

I noticed that you have three anti-virus programs running ( RUBotted, Microsoft Security Essentials & Avast Anti-Virus). I strongly recommend that you have only one antivirus product installed and running on your computer at a time. I would recommend you uninstall RuBotted and Microsoft Security Essentials and keep Avast.

Multiple installed antivirus products can lead to a clash as products fight for access to files which are being opened since they need to be checked for viruses. In general terms, the programs may conflict and cause:
False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
System Performance Problems: Your system may lock up due to multiple products attempting to access the same file at the same time.



Step 2.

P2P Warning!:

IMPORTANT I have noticed that there are signs of uTorrent Toolbar and uTorrent P2P (Peer to Peer) File Sharing Programs on your computer.

As long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur.

Once upon a time, P2P file sharing was fairly safe. This is no longer true. P2P programs form a direct conduit inside your computer, their security measures are easily circumvented, and malware writers are increasingly exploiting them to spread their wares on to your computer. If your P2P program is not configured correctly, your computer may also be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

If you need convincing, please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
infoworld

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall uTorrent Toolbar and uTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

If you wish to keep them, please do not use either of them until your computer is cleaned.


Step 3.

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from "Start with Windows"
Reboot and then run OTL

• Please reopen on your desktop.
• Copy and Paste the following code into the textbox.
  
  

  :OTL
  IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
  FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
  FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
  FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
  FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
  [2012-03-12 10:43:53 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
  O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll File not found
  O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll File not found
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
  O4 - HKLM..\Run: [Trend Micro RUBotted V2.0 Beta] C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe (Trend Micro Inc.)
  O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
  O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
  O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
  [2012-05-27 22:39:26 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\uTorrent
  
  
  
  :files
  ipconfig /flushdns /c
  
  
  :reg
  
  
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [createrestorepoint]

• Push
• OTL may ask to reboot the machine. Please do so if asked.
• Click the OK button.
• A report will open. Copy and Paste that report in your next reply.
• If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.

Step 4.

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan



On completion of the scan click save log, save it to your desktop and post in your next reply



If it does not run rename it iexplore.exe and try it again.


Step 5.

Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Select Scan All Users
• Select Lop Check and Purity Check
• Under Extra Registry select Use SafeList
• Under the Custom Scan box paste this in
  netsvcs
  %SYSTEMDRIVE%\*.exe
  /md5start
  consrv.dll
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  /md5stop
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
  hklm\software\clients\startmenuinternet|command /rs
  hklm\software\clients\startmenuinternet|command /64 /rs
  C:\Windows\assembly\tmp\U\*.* /s
  C:\Program Files\Common Files\ComObjects\*.* /s
  C:\windows\*. /RP /s
  %Temp%\smtmp\1\*.*
  %Temp%\smtmp\2\*.*
  %Temp%\smtmp\3\*.*
  %Temp%\smtmp\4\*.*
  >C:\commands.txt echo list vol /raw /hide /c
  /wait
  >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
  /wait
  type c:\diskreport.txt /c
  /wait
  erase c:\commands.txt /hide /c
  /wait
  erase c:\diskreport.txt /hide /c
  CREATERESTOREPOINT
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Post both logs

Step 6.

Please post:

OTL fix log
aswMBR log
OTL.txt
Extras.txt


Give me an update on the computer issues you still have.

[CompCav]

Hi, Dragebarn! My nick name is CompCav and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any questions or you are unsure about anything, just ask and I will help you out.

If you have resolved the issues you were originally experiencing, or have received help elsewhere, please let me know so that this topic can be closed.


Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. One of the steps I will be asking you to do requires you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.

If you are ready to get started, please review and follow these guidelines so that we resolve your issues in a timely and effective manner:

• Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
• Please make sure to carefully read any instructions that I give you. Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
• If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
• These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. These instructions are not suitable for any other computer, even if the issues are fairly similar.
• Do not do things I do not ask for, such as running a spyware scan on your computer. However, the one thing that you should always do, is to make sure your anti-virus definitions are up-to-date!
• Please do not use the Attachment feature for any log file. Just do a Copy/Paste of the entire contents of the log file inside your post and submit.
• You must reply within four days failure to reply will result in the topic being closed!
• Please do not PM me directly for help. If you have any questions, post them in this topic. PM me only if I have not responded to your last post in 2 days.
• Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to ultimately reformat your hard drive and reinstall the operating system.
  Don't worry, this only happens in severe cases, but it sadly does happen. Please have the software and storage media for backing up your data available.

Step 1.

I noticed that you have three anti-virus programs running ( RUBotted, Microsoft Security Essentials & Avast Anti-Virus). I strongly recommend that you have only one antivirus product installed and running on your computer at a time. I would recommend you uninstall RuBotted and Microsoft Security Essentials and keep Avast.

Multiple installed antivirus products can lead to a clash as products fight for access to files which are being opened since they need to be checked for viruses. In general terms, the programs may conflict and cause:
False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
System Performance Problems: Your system may lock up due to multiple products attempting to access the same file at the same time.



Step 2.

P2P Warning!:

IMPORTANT I have noticed that there are signs of uTorrent Toolbar and uTorrent P2P (Peer to Peer) File Sharing Programs on your computer.

As long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur.

Once upon a time, P2P file sharing was fairly safe. This is no longer true. P2P programs form a direct conduit inside your computer, their security measures are easily circumvented, and malware writers are increasingly exploiting them to spread their wares on to your computer. If your P2P program is not configured correctly, your computer may also be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

If you need convincing, please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
infoworld

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall uTorrent Toolbar and uTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

If you wish to keep them, please do not use either of them until your computer is cleaned.


Step 3.

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from "Start with Windows"
Reboot and then run OTL

• Please reopen on your desktop.
• Copy and Paste the following code into the textbox.
  
  

  :OTL
  IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
  FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
  FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
  FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
  FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
  [2012-03-12 10:43:53 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
  O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll File not found
  O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll File not found
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
  O4 - HKLM..\Run: [Trend Micro RUBotted V2.0 Beta] C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe (Trend Micro Inc.)
  O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
  O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
  O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
  [2012-05-27 22:39:26 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\uTorrent
  
  
  
  :files
  ipconfig /flushdns /c
  
  
  :reg
  
  
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [createrestorepoint]

• Push
• OTL may ask to reboot the machine. Please do so if asked.
• Click the OK button.
• A report will open. Copy and Paste that report in your next reply.
• If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.

Step 4.

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan



On completion of the scan click save log, save it to your desktop and post in your next reply



If it does not run rename it iexplore.exe and try it again.


Step 5.

Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Select Scan All Users
• Select Lop Check and Purity Check
• Under Extra Registry select Use SafeList
• Under the Custom Scan box paste this in
  netsvcs
  %SYSTEMDRIVE%\*.exe
  /md5start
  consrv.dll
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  /md5stop
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
  hklm\software\clients\startmenuinternet|command /rs
  hklm\software\clients\startmenuinternet|command /64 /rs
  C:\Windows\assembly\tmp\U\*.* /s
  C:\Program Files\Common Files\ComObjects\*.* /s
  C:\windows\*. /RP /s
  %Temp%\smtmp\1\*.*
  %Temp%\smtmp\2\*.*
  %Temp%\smtmp\3\*.*
  %Temp%\smtmp\4\*.*
  >C:\commands.txt echo list vol /raw /hide /c
  /wait
  >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
  /wait
  type c:\diskreport.txt /c
  /wait
  erase c:\commands.txt /hide /c
  /wait
  erase c:\diskreport.txt /hide /c
  CREATERESTOREPOINT
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Post both logs

Step 6.

Please post:

OTL fix log
aswMBR log
OTL.txt
Extras.txt


Give me an update on the computer issues you still have.

[Dragebarn]

Hi CompCav,

I have gone through the steps and the only thing I couldn't do, was to close down Malewarebytes, because I don't seem to have it installed. (so I just skipped that).

After I ran the first OTL fix it felt like the PC became quicker and like I'm the only one pulling the strings
I have been testing the PC for an hour or so after I did all the steps and I have not found any of the above mentioned problems.

Below are the four logfiles.


Thank you for helping me - I truly appreciate your help.
Dragebarn



OTL Fix log:


OTL logfile created on: 13-06-2012 12:43:41 - Run 3
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Allan\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

3,94 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 58,72% Memory free
7,87 Gb Paging File | 6,10 Gb Available in Paging File | 77,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 32,08 Gb Free Space | 26,90% Space Free | Partition Type: NTFS

Computer Name: DV7-4050EO | User Name: Allan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-06-13 12:40:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Allan\Downloads\OTL (1).exe
PRC - [2012-05-08 00:31:08 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Allan\AppData\Local\Akamai\netsession_win.exe
PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programmer\AVAST Software\Avast\AvastUI.exe
PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programmer\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-01-02 18:14:02 | 000,325,728 | ---- | M] (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2011-12-14 13:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2010-12-07 12:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010-09-16 15:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010-07-14 09:42:26 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2009-05-14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2007-04-23 05:00:00 | 000,077,824 | ---- | M] () -- C:\Programmer\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2006-05-12 13:27:16 | 000,258,103 | ---- | M] (Broadcom Corporation.) -- C:\Program Files (x86)\WIDCOMM\Bluetooth-software\bin\btwdins.exe


========== Modules (No Company Name) ==========

MOD - [2012-01-08 21:50:36 | 000,573,100 | ---- | M] () -- C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2011-10-05 04:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
MOD - [2007-06-28 20:15:38 | 000,689,688 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\PROOF\1030\MSGR2DA.DLL
MOD - [2007-04-23 05:00:00 | 000,077,824 | ---- | M] () -- C:\Programmer\Logitech\SetPoint\x86\SetPoint32.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011-05-13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010-06-21 21:57:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010-02-23 07:38:54 | 002,192,176 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-06-01 17:37:22 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-05-30 00:49:53 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll -- (Akamai)
SRV - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programmer\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012-03-07 01:15:13 | 000,134,920 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Programmer\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-12-14 13:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011-03-28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010-12-07 12:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010-11-11 14:48:32 | 000,334,448 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2010-11-11 14:48:28 | 000,404,080 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2010-11-11 13:31:44 | 000,539,248 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010-09-16 15:06:22 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010-06-17 21:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programmer\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-23 07:19:02 | 001,799,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2010-01-18 15:04:08 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Programmer\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2009-10-20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-05-14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2009-03-03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programmer\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2006-05-12 13:27:16 | 000,258,103 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files (x86)\WIDCOMM\Bluetooth-software\bin\btwdins.exe -- (btwdins)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-03-07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012-03-07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012-03-07 01:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012-03-07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012-03-07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012-03-07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012-03-07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011-05-13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011-05-13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011-05-10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011-03-21 13:22:06 | 000,452,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-22 13:17:34 | 002,736,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010-12-17 02:28:38 | 001,403,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010-11-11 14:49:12 | 000,081,008 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2010-11-11 14:49:00 | 000,068,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2010-11-11 14:47:12 | 000,031,856 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2010-11-11 14:47:00 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2010-11-11 13:31:32 | 000,038,512 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2010-11-11 11:04:52 | 000,045,104 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2010-11-11 11:04:52 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2010-07-14 09:42:26 | 000,032,880 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010-06-25 17:08:10 | 000,036,928 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010-06-21 23:17:52 | 006,856,704 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010-06-21 21:24:12 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010-06-17 21:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010-05-06 05:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010-04-13 09:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009-11-01 20:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009-10-20 20:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009-09-10 09:50:16 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2009-08-26 12:33:00 | 000,031,744 | ---- | M] (OPTO ELECTRONICS CO.,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\optovcm.sys -- (optovcm)
DRV:64bit: - [2009-08-26 12:33:00 | 000,022,656 | ---- | M] (OPTO ELECTRONICS CO.,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\optousb.sys -- (optousb)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009-07-14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) Driver til serielt digitalt kamera (stillbilleder)
DRV:64bit: - [2009-07-14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-03-25 17:48:00 | 000,153,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdm.sys -- (s1018mdm)
DRV:64bit: - [2009-03-25 17:48:00 | 000,146,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV:64bit: - [2009-03-25 17:48:00 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2009-03-25 17:48:00 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018obex.sys -- (s1018obex)
DRV:64bit: - [2009-03-25 17:48:00 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV:64bit: - [2009-03-25 17:48:00 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV:64bit: - [2009-03-25 17:48:00 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV:64bit: - [2008-05-16 12:33:06 | 000,158,760 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdm.sys -- (s0016mdm)
DRV:64bit: - [2008-05-16 12:33:06 | 000,151,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV:64bit: - [2008-05-16 12:33:06 | 000,137,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2008-05-16 12:33:06 | 000,136,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016obex.sys -- (s0016obex)
DRV:64bit: - [2008-05-16 12:33:06 | 000,034,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV:64bit: - [2008-05-16 12:33:04 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV:64bit: - [2008-05-16 12:32:56 | 000,115,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV:64bit: - [2007-07-16 23:29:33 | 000,023,064 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hpfx64fax.sys -- (HPFXFAX)
DRV:64bit: - [2007-07-16 23:29:23 | 000,020,504 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hpfx64bulk.sys -- (HPFXBULK)
DRV:64bit: - [2007-04-11 16:35:30 | 000,056,080 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2007-04-11 16:35:22 | 000,053,520 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006-07-24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>



IE - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
IE - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7GGLL_da
IE - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.dk/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.1
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.91: C:\Program Files (x86)\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Allan\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Allan\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-31 11:12:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-07 22:00:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-06-13 12:29:18 | 000,000,000 | ---D | M]

[2010-09-22 09:14:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allan\AppData\Roaming\mozilla\Extensions
[2010-09-22 09:14:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allan\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012-06-08 09:10:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allan\AppData\Roaming\mozilla\Firefox\Profiles\x91mcrhb.default\extensions
[2012-06-07 22:20:17 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Allan\AppData\Roaming\mozilla\Firefox\Profiles\x91mcrhb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012-06-07 22:20:16 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Allan\AppData\Roaming\mozilla\Firefox\Profiles\x91mcrhb.default\extensions\[email protected]
[2011-06-18 09:45:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allan\AppData\Roaming\mozilla\Firefox\Profiles\x91mcrhb.default\extensions\nostmp
[2012-06-08 09:10:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allan\AppData\Roaming\mozilla\Firefox\Profiles\x91mcrhb.default\extensions\staged
[2012-06-07 22:00:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-04-01 00:14:47 | 000,164,722 | ---- | M] () (No name found) -- C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X91MCRHB.DEFAULT\EXTENSIONS\[email protected]
[2012-06-01 17:38:43 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-06-01 18:24:48 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-co-uk.xml
[2012-06-01 18:24:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012-06-01 18:24:48 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-da.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Allan\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Allan\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Allan\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Chrome IE Tab (Enabled) = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.5.14.1_0\plugin/blackfishietab.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: getPlusPlus for Adobe 16291 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Bejeweled = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: James White = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\
CHR - Extension: Scorpion Solitaire = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfhfpojmehjcdldbclpgfclmdodpin\1.0.0.2_0\
CHR - Extension: Google-s\u00F8gning = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Mahjong Daglige = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gglcbpjnmkbgimmaooidnnlienhmldon\1.0_0\
CHR - Extension: PDF Mergy = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha\0.4.0_0\
CHR - Extension: World of Solitaire = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbnllnaaaohekjkcpfdllhhjijnidgn\1.0.1_0\
CHR - Extension: Old Maps Online = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ildefchbaikbajjccfmamfppgciacekl\1_0\
CHR - Extension: Midas Mahjong = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jigedhfmfokfponjbdljpmdjlabjklji\1_0\
CHR - Extension: Mahjong Solitaire = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\neojceinbonpjjcokpokpeobkhcpiloc\1.0.0.1_0\
CHR - Extension: Solitaire = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\odolcicinbdfkjffjobjkpdfoklnplfl\1_0\
CHR - Extension: Onion News Network = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\paolneildlfbbkcfdkokicbeodacnhfa\1.0.2_0\

O1 HOSTS File: ([2012-06-13 12:29:27 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Programmer\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [snp2std] C:\Windows\vsnp2std.exe File not found
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programmer\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [D-Link SharePort] C:\Program Files (x86)\D-Link\SharePort\SharePort.exe (D-Link Corporation)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2555285916-205775456-1634495091-1000..\Run: [Akamai NetSession Interface] C:\Users\Allan\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-2555285916-205775456-1634495091-1000..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup File not found
O4 - HKU\S-1-5-21-2555285916-205775456-1634495091-1000..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Send til &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth-software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Send til &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth-software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - CC:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - CC:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: danid.dk ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\..Trusted Domains: samsungsetup.com ([www] http in Pålidelige websteder)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {5C0E257E-9DFE-4955-AA93-0A9B166BAB50} http://192.168.0.177...ct/SSObject.cab (SSObject Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.150.129.22 89.150.129.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{32AC4BC1-5317-483F-8A5C-FFE379FFE4C6}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8CD98357-412C-42D4-893C-0E9C48CCDE6E}: DhcpNameServer = 89.150.129.22 89.150.129.10
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmer\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012-06-13 12:29:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-06-11 09:59:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2012-06-11 09:59:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2012-06-11 09:59:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012-06-11 09:04:09 | 000,000,000 | ---D | C] -- C:\2587a56d3583a4cae1b106bf50db
[2012-06-10 23:38:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton PC Checkup
[2012-06-08 12:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\HardwareHelper
[2012-06-08 12:07:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft
[2012-06-08 11:41:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012-06-08 11:41:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012-06-08 11:32:05 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2012-06-08 11:31:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WIDCOMM
[2012-06-08 11:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Detective
[2012-06-08 08:22:44 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-06-07 22:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-06-07 22:00:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012-06-01 21:45:36 | 000,000,000 | ---D | C] -- C:\e65d164dfa37290fc1e0596b59a635
[2012-05-29 12:50:45 | 000,000,000 | ---D | C] -- C:\Users\Allan\Desktop\Mobil Ting
[2012-05-29 12:38:43 | 000,000,000 | ---D | C] -- C:\Users\Allan\Desktop\Mine Billeder
[2012-05-29 11:34:26 | 000,000,000 | ---D | C] -- C:\cb89aabaf8529523df5af8e2
[2012-05-24 21:44:24 | 000,000,000 | ---D | C] -- C:\Users\Allan\.pdfsam
[2012-05-23 12:17:12 | 000,000,000 | ---D | C] -- C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Protector Splitter and Merger PRO
[2012-05-23 12:17:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Protecter Splitter and Merger Pro
[2012-05-17 14:28:43 | 000,200,976 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysWow64\drivers\tmcomm.sys
[2012-05-14 13:30:58 | 000,000,000 | ---D | C] -- C:\Users\Allan\Desktop\Madopskrifter
[2 C:\Users\Allan\Desktop\*.tmp files -> C:\Users\Allan\Desktop\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-06-13 12:39:45 | 000,014,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-06-13 12:39:45 | 000,014,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-06-13 12:38:21 | 001,346,908 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-06-13 12:38:21 | 000,655,060 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-06-13 12:38:21 | 000,475,714 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2012-06-13 12:38:21 | 000,122,518 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-06-13 12:38:21 | 000,098,918 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2012-06-13 12:37:59 | 000,000,512 | ---- | M] () -- C:\Users\Allan\Desktop\MBR.dat
[2012-06-13 12:31:26 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-06-13 12:31:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-06-13 12:31:11 | 3169,210,368 | -HS- | M] () -- C:\hiberfil.sys
[2012-06-13 12:29:27 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012-06-13 12:19:06 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012-06-13 11:54:00 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2555285916-205775456-1634495091-1000UA.job
[2012-06-13 11:54:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-06-13 10:30:22 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2555285916-205775456-1634495091-1000Core.job
[2012-06-11 20:53:17 | 000,273,091 | ---- | M] () -- C:\Users\Allan\Desktop\web_bars_punkter.jpg
[2012-06-08 08:22:44 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-06-08 08:22:44 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-06-07 22:00:34 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-06-02 15:49:29 | 001,080,182 | ---- | M] () -- C:\Users\Allan\Desktop\equilibrio_yin-yang_clean_notext.svg
[2012-05-31 20:04:21 | 000,079,060 | ---- | M] () -- C:\Users\Allan\AppData\Local\ars.cache
[2012-05-31 15:12:05 | 005,929,183 | ---- | M] () -- C:\Users\Allan\AppData\Local\census.cache
[2012-05-22 09:03:25 | 000,317,395 | ---- | M] () -- C:\Users\Allan\Desktop\Social media marketing landscape complicated - Business Insider.htm
[2012-05-17 14:27:53 | 000,000,036 | ---- | M] () -- C:\Users\Allan\AppData\Local\housecall.guid.cache
[2012-05-16 20:28:44 | 000,004,535 | ---- | M] () -- C:\Users\Allan\Desktop\Henna hårfarve .htm
[2 C:\Users\Allan\Desktop\*.tmp files -> C:\Users\Allan\Desktop\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-06-13 12:37:59 | 000,000,512 | ---- | C] () -- C:\Users\Allan\Desktop\MBR.dat
[2012-06-11 20:53:25 | 000,273,091 | ---- | C] () -- C:\Users\Allan\Desktop\web_bars_punkter.jpg
[2012-06-07 22:00:34 | 000,001,145 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-06-07 22:00:34 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-06-02 15:48:37 | 001,080,182 | ---- | C] () -- C:\Users\Allan\Desktop\equilibrio_yin-yang_clean_notext.svg
[2012-05-22 09:03:24 | 000,317,395 | ---- | C] () -- C:\Users\Allan\Desktop\Social media marketing landscape complicated - Business Insider.htm
[2012-05-17 17:15:08 | 005,929,183 | ---- | C] () -- C:\Users\Allan\AppData\Local\census.cache
[2012-05-17 17:13:38 | 000,079,060 | ---- | C] () -- C:\Users\Allan\AppData\Local\ars.cache
[2012-05-17 14:27:53 | 000,000,036 | ---- | C] () -- C:\Users\Allan\AppData\Local\housecall.guid.cache
[2012-05-16 20:28:44 | 000,004,535 | ---- | C] () -- C:\Users\Allan\Desktop\Henna hårfarve .htm
[2012-05-08 11:30:26 | 000,493,432 | ---- | C] () -- C:\Windows\ssndii.exe
[2012-03-05 20:18:28 | 000,000,284 | ---- | C] () -- C:\Windows\hpbvspst.ini
[2012-03-05 20:13:39 | 000,000,705 | ---- | C] () -- C:\Windows\hpntwksetup.ini
[2012-03-05 20:09:13 | 000,193,287 | ---- | C] () -- C:\Windows\hppins12.dat
[2012-01-29 16:26:29 | 000,000,421 | ---- | C] () -- C:\Users\Allan\AppData\Roaming\freenote.ini
[2011-12-03 17:21:18 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2011-05-23 16:02:59 | 000,007,597 | ---- | C] () -- C:\Users\Allan\AppData\Local\Resmon.ResmonCfg
[2011-02-05 22:46:23 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011-01-30 21:39:22 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2011-01-30 21:37:07 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2011-01-23 16:12:29 | 000,007,680 | ---- | C] () -- C:\Users\Allan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-01-08 00:30:34 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe
[2011-01-04 18:54:05 | 000,000,000 | ---- | C] () -- C:\Windows\TMonitor_1031_64.INI
[2010-12-17 02:26:22 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2010-11-22 22:24:59 | 001,373,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010-10-30 21:46:55 | 000,000,000 | ---- | C] () -- C:\Users\Allan\AppData\Local\prvlcl.dat
[2010-09-28 16:20:13 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010-09-17 12:57:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-09-17 12:56:18 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat

========== LOP Check ==========

[2010-10-08 08:27:36 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\Acronis
[2010-09-22 15:57:48 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\CocoonSoftware
[2010-09-22 17:38:18 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\ColorCop
[2010-09-22 16:14:22 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\Cryptomathic
[2011-12-03 17:20:05 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\Epson
[2010-11-28 02:29:42 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\FOG Downloader
[2011-01-09 10:16:31 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\KeePass
[2011-05-06 17:05:18 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\MP3toiPodAudioBookConverter
[2011-02-05 22:33:48 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\Samsung
[2010-12-12 14:08:18 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\Stardock
[2012-01-29 16:14:51 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\SummaSummarum
[2011-05-22 11:03:25 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\SynoSurveillance
[2011-01-02 21:30:44 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\TeamViewer
[2012-01-29 17:01:02 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\WinPatrol
[2012-05-30 12:34:44 | 000,032,550 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011-02-26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011-02-26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009-07-14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011-02-26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009-10-31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011-02-26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011-02-25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011-02-25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011-02-26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010-11-20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009-08-03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009-08-03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009-10-31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010-11-20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009-10-31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009-08-03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009-07-14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009-10-31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011-02-26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009-08-03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010-11-20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010-11-20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009-07-14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009-07-14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010-11-20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010-11-20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010-11-20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010-11-20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009-10-28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009-10-28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"DisplayName" = @%SystemRoot%\system32\drivers\netbt.sys,-2
"Group" = PNP_TDI
"ImagePath" = System32\DRIVERS\netbt.sys
"Description" = @%SystemRoot%\system32\drivers\netbt.sys,-1
"ErrorControl" = 1
"Start" = 1
"Type" = 1
"DependOnService" = Tdxtcpip [binary data]
"Tag" = 87
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"CacheTimeout" = 600000
"EnableLMHOSTS" = 1
"NameServerPort" = 137
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"NbProvider" = _tcp
"SessionKeepAlive" = 3600000
"Size/Small/Medium/Large" = 1
"TransportBindName" = \Device\
"UseNewSmb" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{12BDADCF-A41A-4F71-9C92-0DB812F152B2}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{32AC4BC1-5317-483F-8A5C-FFE379FFE4C6}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{3E13DC21-3BF2-47FD-A46E-0C4CF02156C3}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{4F5ADA80-FBA5-4536-8DBB-32FABA3E0CDF}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{5437E472-E0F3-45FF-874F-6EB4C9418827}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{8CD98357-412C-42D4-893C-0E9C48CCDE6E}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{9256F6D6-2132-4E7A-8ECA-D5937F758418}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{DD986701-EEE4-47DC-95C7-4C2AC774C1B4}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{E09F7474-4DE1-4DD6-94AC-E814F0A5AA63}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 2
"ImagePath" = system32\DRIVERS\netbios.sys
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 14 01 17 01 11 01 09 01 05 01 00 01 01 01 0B 01 0D 01 19 01 08 01 10 01 04 01 16 01 15 01 0F 01 18 01 13 01 12 01 0E 01 0C 01 0A 01 07 01 06 01 03 01 02 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 25
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012-06-01 18:25:33 | 000,868,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012-06-01 18:25:33 | 000,868,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012-06-01 18:25:33 | 000,868,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012-06-01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012-06-01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012-06-01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Allan\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Allan\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Allan\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Allan\AppData\Local\Google\Chrome\Application\chrome.exe" [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011-06-19 15:40:10 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011-06-19 15:40:10 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011-06-19 15:40:10 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011-06-19 15:40:11 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011-06-19 15:40:11 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012-06-01 18:25:33 | 000,868,248 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012-06-01 18:25:33 | 000,868,248 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012-06-01 18:25:33 | 000,868,248 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012-06-01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012-06-01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012-06-01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\USERS\ALLAN\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\USERS\ALLAN\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\USERS\ALLAN\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\USERS\ALLAN\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011-06-19 15:40:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011-06-19 15:40:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011-06-19 15:40:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011-06-19 15:40:11 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011-06-19 15:40:11 | 000,748,336 | ---- | M] (Microsoft Corporation)

< C:\Windows\assembly\tmp\U\*.* /s >

< C:\Program Files\Common Files\ComObjects\*.* /s >

< C:\windows\*. /RP /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.1.7601
Copyright © 1999-2008 Microsoft Corporation.
P† computeren: DV7-4050EO
Diskenhed Bogs. Navn Fs Type Str. Status Oplysn.
--------- ---- ---------- ----- ---------- ------- --------- --------
Diskenhed 0 D DVD-ROM 0 B Intet med
Diskenhed 1 C SSD NTFS Partition 119 GB I orden System

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Oversigt] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\System32\config\systemprofile\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\windows\System32\config\systemprofile\Cookies] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\windows\System32\config\systemprofile\Lokale indstillinger] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\SysWOW64\config\systemprofile\AppData\Local\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\SysWOW64\config\systemprofile\AppData\Local\Oversigt] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\SysWOW64\config\systemprofile\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\windows\SysWOW64\config\systemprofile\Cookies] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\windows\SysWOW64\config\systemprofile\Lokale indstillinger] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction

< End of report >


aswMBR log


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-13 12:34:58
-----------------------------
12:34:58.308 OS Version: Windows x64 6.1.7601 Service Pack 1
12:34:58.308 Number of processors: 8 586 0x1E05
12:34:58.308 ComputerName: DV7-4050EO UserName: Allan
12:34:58.847 Initialize success
12:34:58.920 AVAST engine defs: 12061300
12:35:22.599 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:35:22.605 Disk 0 Vendor: KINGSTON_SNV425S2128GB D100309a Size: 122104MB BusType: 11
12:35:22.613 Disk 0 MBR read successfully
12:35:22.620 Disk 0 MBR scan
12:35:22.625 Disk 0 Windows 7 default MBR code
12:35:22.630 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 122102 MB offset 2048
12:35:22.640 Disk 0 scanning C:\Windows\system32\drivers
12:35:25.164 Service scanning
12:35:31.808 Modules scanning
12:35:31.818 Disk 0 trace - called modules:
12:35:31.824 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
12:35:31.830 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045d5790]
12:35:31.836 3 CLASSPNP.SYS[fffff88001bc443f] -> nt!IofCallDriver -> [0xfffffa80044d7b10]
12:35:31.843 5 hpdskflt.sys[fffff88001b6b189] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004381060]
12:35:32.721 AVAST engine scan C:\Windows
12:35:33.319 AVAST engine scan C:\Windows\system32
12:36:15.911 AVAST engine scan C:\Windows\system32\drivers
12:36:19.219 AVAST engine scan C:\Users\Allan
12:37:18.764 AVAST engine scan C:\ProgramData
12:37:32.804 Scan finished successfully
12:37:59.761 Disk 0 MBR has been saved successfully to "C:\Users\Allan\Desktop\MBR.dat"
12:37:59.761 The log file has been saved successfully to "C:\Users\Allan\Desktop\aswMBR.txt"


OTL.txt


OTL logfile created on: 13-06-2012 12:43:41 - Run 3
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Allan\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

3,94 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 58,72% Memory free
7,87 Gb Paging File | 6,10 Gb Available in Paging File | 77,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 32,08 Gb Free Space | 26,90% Space Free | Partition Type: NTFS

Computer Name: DV7-4050EO | User Name: Allan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-06-13 12:40:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Allan\Downloads\OTL (1).exe
PRC - [2012-05-08 00:31:08 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Allan\AppData\Local\Akamai\netsession_win.exe
PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programmer\AVAST Software\Avast\AvastUI.exe
PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programmer\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-01-02 18:14:02 | 000,325,728 | ---- | M] (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2011-12-14 13:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2010-12-07 12:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010-09-16 15:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010-07-14 09:42:26 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2009-05-14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2007-04-23 05:00:00 | 000,077,824 | ---- | M] () -- C:\Programmer\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2006-05-12 13:27:16 | 000,258,103 | ---- | M] (Broadcom Corporation.) -- C:\Program Files (x86)\WIDCOMM\Bluetooth-software\bin\btwdins.exe


========== Modules (No Company Name) ==========

MOD - [2012-01-08 21:50:36 | 000,573,100 | ---- | M] () -- C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2011-10-05 04:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
MOD - [2007-06-28 20:15:38 | 000,689,688 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\PROOF\1030\MSGR2DA.DLL
MOD - [2007-04-23 05:00:00 | 000,077,824 | ---- | M] () -- C:\Programmer\Logitech\SetPoint\x86\SetPoint32.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011-05-13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010-06-21 21:57:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010-02-23 07:38:54 | 002,192,176 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-06-01 17:37:22 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-05-30 00:49:53 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll -- (Akamai)
SRV - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programmer\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012-03-07 01:15:13 | 000,134,920 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Programmer\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-12-14 13:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011-03-28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010-12-07 12:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010-11-11 14:48:32 | 000,334,448 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2010-11-11 14:48:28 | 000,404,080 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2010-11-11 13:31:44 | 000,539,248 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010-09-16 15:06:22 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010-06-17 21:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programmer\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-23 07:19:02 | 001,799,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2010-01-18 15:04:08 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Programmer\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2009-10-20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-05-14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2009-03-03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programmer\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2006-05-12 13:27:16 | 000,258,103 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files (x86)\WIDCOMM\Bluetooth-software\bin\btwdins.exe -- (btwdins)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-03-07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012-03-07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012-03-07 01:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012-03-07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012-03-07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012-03-07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012-03-07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011-05-13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011-05-13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011-05-10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011-03-21 13:22:06 | 000,452,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-22 13:17:34 | 002,736,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010-12-17 02:28:38 | 001,403,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010-11-11 14:49:12 | 000,081,008 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2010-11-11 14:49:00 | 000,068,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2010-11-11 14:47:12 | 000,031,856 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2010-11-11 14:47:00 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2010-11-11 13:31:32 | 000,038,512 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2010-11-11 11:04:52 | 000,045,104 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2010-11-11 11:04:52 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2010-07-14 09:42:26 | 000,032,880 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010-06-25 17:08:10 | 000,036,928 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010-06-21 23:17:52 | 006,856,704 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010-06-21 21:24:12 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010-06-17 21:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010-05-06 05:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010-04-13 09:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009-11-01 20:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009-10-20 20:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009-09-10 09:50:16 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2009-08-26 12:33:00 | 000,031,744 | ---- | M] (OPTO ELECTRONICS CO.,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\optovcm.sys -- (optovcm)
DRV:64bit: - [2009-08-26 12:33:00 | 000,022,656 | ---- | M] (OPTO ELECTRONICS CO.,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\optousb.sys -- (optousb)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009-07-14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) Driver til serielt digitalt kamera (stillbilleder)
DRV:64bit: - [2009-07-14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-03-25 17:48:00 | 000,153,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdm.sys -- (s1018mdm)
DRV:64bit: - [2009-03-25 17:48:00 | 000,146,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV:64bit: - [2009-03-25 17:48:00 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2009-03-25 17:48:00 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018obex.sys -- (s1018obex)
DRV:64bit: - [2009-03-25 17:48:00 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV:64bit: - [2009-03-25 17:48:00 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV:64bit: - [2009-03-25 17:48:00 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV:64bit: - [2008-05-16 12:33:06 | 000,158,760 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdm.sys -- (s0016mdm)
DRV:64bit: - [2008-05-16 12:33:06 | 000,151,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV:64bit: - [2008-05-16 12:33:06 | 000,137,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2008-05-16 12:33:06 | 000,136,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016obex.sys -- (s0016obex)
DRV:64bit: - [2008-05-16 12:33:06 | 000,034,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV:64bit: - [2008-05-16 12:33:04 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV:64bit: - [2008-05-16 12:32:56 | 000,115,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV:64bit: - [2007-07-16 23:29:33 | 000,023,064 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hpfx64fax.sys -- (HPFXFAX)
DRV:64bit: - [2007-07-16 23:29:23 | 000,020,504 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hpfx64bulk.sys -- (HPFXBULK)
DRV:64bit: - [2007-04-11 16:35:30 | 000,056,080 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2007-04-11 16:35:22 | 000,053,520 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006-07-24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>



IE - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
IE - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7GGLL_da
IE - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.dk/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.1
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.91: C:\Program Files (x86)\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Allan\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Allan\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-31 11:12:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-07 22:00:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-06-13 12:29:18 | 000,000,000 | ---D | M]

[2010-09-22 09:14:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allan\AppData\Roaming\mozilla\Extensions
[2010-09-22 09:14:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allan\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012-06-08 09:10:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allan\AppData\Roaming\mozilla\Firefox\Profiles\x91mcrhb.default\extensions
[2012-06-07 22:20:17 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Allan\AppData\Roaming\mozilla\Firefox\Profiles\x91mcrhb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012-06-07 22:20:16 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Allan\AppData\Roaming\mozilla\Firefox\Profiles\x91mcrhb.default\extensions\[email protected]
[2011-06-18 09:45:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allan\AppData\Roaming\mozilla\Firefox\Profiles\x91mcrhb.default\extensions\nostmp
[2012-06-08 09:10:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allan\AppData\Roaming\mozilla\Firefox\Profiles\x91mcrhb.default\extensions\staged
[2012-06-07 22:00:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-04-01 00:14:47 | 000,164,722 | ---- | M] () (No name found) -- C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X91MCRHB.DEFAULT\EXTENSIONS\[email protected]
[2012-06-01 17:38:43 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-06-01 18:24:48 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-co-uk.xml
[2012-06-01 18:24:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012-06-01 18:24:48 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-da.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Allan\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Allan\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Allan\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Chrome IE Tab (Enabled) = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.5.14.1_0\plugin/blackfishietab.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: getPlusPlus for Adobe 16291 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Bejeweled = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: James White = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\
CHR - Extension: Scorpion Solitaire = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfhfpojmehjcdldbclpgfclmdodpin\1.0.0.2_0\
CHR - Extension: Google-s\u00F8gning = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Mahjong Daglige = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gglcbpjnmkbgimmaooidnnlienhmldon\1.0_0\
CHR - Extension: PDF Mergy = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha\0.4.0_0\
CHR - Extension: World of Solitaire = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbnllnaaaohekjkcpfdllhhjijnidgn\1.0.1_0\
CHR - Extension: Old Maps Online = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ildefchbaikbajjccfmamfppgciacekl\1_0\
CHR - Extension: Midas Mahjong = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jigedhfmfokfponjbdljpmdjlabjklji\1_0\
CHR - Extension: Mahjong Solitaire = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\neojceinbonpjjcokpokpeobkhcpiloc\1.0.0.1_0\
CHR - Extension: Solitaire = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\odolcicinbdfkjffjobjkpdfoklnplfl\1_0\
CHR - Extension: Onion News Network = C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\paolneildlfbbkcfdkokicbeodacnhfa\1.0.2_0\

O1 HOSTS File: ([2012-06-13 12:29:27 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Programmer\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [snp2std] C:\Windows\vsnp2std.exe File not found
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programmer\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [D-Link SharePort] C:\Program Files (x86)\D-Link\SharePort\SharePort.exe (D-Link Corporation)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2555285916-205775456-1634495091-1000..\Run: [Akamai NetSession Interface] C:\Users\Allan\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-2555285916-205775456-1634495091-1000..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup File not found
O4 - HKU\S-1-5-21-2555285916-205775456-1634495091-1000..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Send til &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth-software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Send til &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth-software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - CC:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - CC:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: danid.dk ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKU\S-1-5-21-2555285916-205775456-1634495091-1000\..Trusted Domains: samsungsetup.com ([www] http in Pålidelige websteder)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {5C0E257E-9DFE-4955-AA93-0A9B166BAB50} http://192.168.0.177...ct/SSObject.cab (SSObject Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.150.129.22 89.150.129.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{32AC4BC1-5317-483F-8A5C-FFE379FFE4C6}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8CD98357-412C-42D4-893C-0E9C48CCDE6E}: DhcpNameServer = 89.150.129.22 89.150.129.10
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmer\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012-06-13 12:29:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-06-11 09:59:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2012-06-11 09:59:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2012-06-11 09:59:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012-06-11 09:04:09 | 000,000,000 | ---D | C] -- C:\2587a56d3583a4cae1b106bf50db
[2012-06-10 23:38:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton PC Checkup
[2012-06-08 12:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\HardwareHelper
[2012-06-08 12:07:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft
[2012-06-08 11:41:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012-06-08 11:41:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012-06-08 11:32:05 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2012-06-08 11:31:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WIDCOMM
[2012-06-08 11:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Detective
[2012-06-08 08:22:44 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-06-07 22:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-06-07 22:00:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012-06-01 21:45:36 | 000,000,000 | ---D | C] -- C:\e65d164dfa37290fc1e0596b59a635
[2012-05-29 12:50:45 | 000,000,000 | ---D | C] -- C:\Users\Allan\Desktop\Mobil Ting
[2012-05-29 12:38:43 | 000,000,000 | ---D | C] -- C:\Users\Allan\Desktop\Mine Billeder
[2012-05-29 11:34:26 | 000,000,000 | ---D | C] -- C:\cb89aabaf8529523df5af8e2
[2012-05-24 21:44:24 | 000,000,000 | ---D | C] -- C:\Users\Allan\.pdfsam
[2012-05-23 12:17:12 | 000,000,000 | ---D | C] -- C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Protector Splitter and Merger PRO
[2012-05-23 12:17:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Protecter Splitter and Merger Pro
[2012-05-17 14:28:43 | 000,200,976 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysWow64\drivers\tmcomm.sys
[2012-05-14 13:30:58 | 000,000,000 | ---D | C] -- C:\Users\Allan\Desktop\Madopskrifter
[2 C:\Users\Allan\Desktop\*.tmp files -> C:\Users\Allan\Desktop\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-06-13 12:39:45 | 000,014,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-06-13 12:39:45 | 000,014,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-06-13 12:38:21 | 001,346,908 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-06-13 12:38:21 | 000,655,060 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-06-13 12:38:21 | 000,475,714 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2012-06-13 12:38:21 | 000,122,518 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-06-13 12:38:21 | 000,098,918 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2012-06-13 12:37:59 | 000,000,512 | ---- | M] () -- C:\Users\Allan\Desktop\MBR.dat
[2012-06-13 12:31:26 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-06-13 12:31:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-06-13 12:31:11 | 3169,210,368 | -HS- | M] () -- C:\hiberfil.sys
[2012-06-13 12:29:27 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012-06-13 12:19:06 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012-06-13 11:54:00 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2555285916-205775456-1634495091-1000UA.job
[2012-06-13 11:54:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-06-13 10:30:22 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2555285916-205775456-1634495091-1000Core.job
[2012-06-11 20:53:17 | 000,273,091 | ---- | M] () -- C:\Users\Allan\Desktop\web_bars_punkter.jpg
[2012-06-08 08:22:44 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-06-08 08:22:44 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-06-07 22:00:34 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-06-02 15:49:29 | 001,080,182 | ---- | M] () -- C:\Users\Allan\Desktop\equilibrio_yin-yang_clean_notext.svg
[2012-05-31 20:04:21 | 000,079,060 | ---- | M] () -- C:\Users\Allan\AppData\Local\ars.cache
[2012-05-31 15:12:05 | 005,929,183 | ---- | M] () -- C:\Users\Allan\AppData\Local\census.cache
[2012-05-22 09:03:25 | 000,317,395 | ---- | M] () -- C:\Users\Allan\Desktop\Social media marketing landscape complicated - Business Insider.htm
[2012-05-17 14:27:53 | 000,000,036 | ---- | M] () -- C:\Users\Allan\AppData\Local\housecall.guid.cache
[2012-05-16 20:28:44 | 000,004,535 | ---- | M] () -- C:\Users\Allan\Desktop\Henna hårfarve .htm
[2 C:\Users\Allan\Desktop\*.tmp files -> C:\Users\Allan\Desktop\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-06-13 12:37:59 | 000,000,512 | ---- | C] () -- C:\Users\Allan\Desktop\MBR.dat
[2012-06-11 20:53:25 | 000,273,091 | ---- | C] () -- C:\Users\Allan\Desktop\web_bars_punkter.jpg
[2012-06-07 22:00:34 | 000,001,145 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-06-07 22:00:34 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-06-02 15:48:37 | 001,080,182 | ---- | C] () -- C:\Users\Allan\Desktop\equilibrio_yin-yang_clean_notext.svg
[2012-05-22 09:03:24 | 000,317,395 | ---- | C] () -- C:\Users\Allan\Desktop\Social media marketing landscape complicated - Business Insider.htm
[2012-05-17 17:15:08 | 005,929,183 | ---- | C] () -- C:\Users\Allan\AppData\Local\census.cache
[2012-05-17 17:13:38 | 000,079,060 | ---- | C] () -- C:\Users\Allan\AppData\Local\ars.cache
[2012-05-17 14:27:53 | 000,000,036 | ---- | C] () -- C:\Users\Allan\AppData\Local\housecall.guid.cache
[2012-05-16 20:28:44 | 000,004,535 | ---- | C] () -- C:\Users\Allan\Desktop\Henna hårfarve .htm
[2012-05-08 11:30:26 | 000,493,432 | ---- | C] () -- C:\Windows\ssndii.exe
[2012-03-05 20:18:28 | 000,000,284 | ---- | C] () -- C:\Windows\hpbvspst.ini
[2012-03-05 20:13:39 | 000,000,705 | ---- | C] () -- C:\Windows\hpntwksetup.ini
[2012-03-05 20:09:13 | 000,193,287 | ---- | C] () -- C:\Windows\hppins12.dat
[2012-01-29 16:26:29 | 000,000,421 | ---- | C] () -- C:\Users\Allan\AppData\Roaming\freenote.ini
[2011-12-03 17:21:18 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2011-05-23 16:02:59 | 000,007,597 | ---- | C] () -- C:\Users\Allan\AppData\Local\Resmon.ResmonCfg
[2011-02-05 22:46:23 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011-01-30 21:39:22 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2011-01-30 21:37:07 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2011-01-23 16:12:29 | 000,007,680 | ---- | C] () -- C:\Users\Allan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-01-08 00:30:34 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe
[2011-01-04 18:54:05 | 000,000,000 | ---- | C] () -- C:\Windows\TMonitor_1031_64.INI
[2010-12-17 02:26:22 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2010-11-22 22:24:59 | 001,373,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010-10-30 21:46:55 | 000,000,000 | ---- | C] () -- C:\Users\Allan\AppData\Local\prvlcl.dat
[2010-09-28 16:20:13 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010-09-17 12:57:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-09-17 12:56:18 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat

========== LOP Check ==========

[2010-10-08 08:27:36 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\Acronis
[2010-09-22 15:57:48 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\CocoonSoftware
[2010-09-22 17:38:18 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\ColorCop
[2010-09-22 16:14:22 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\Cryptomathic
[2011-12-03 17:20:05 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\Epson
[2010-11-28 02:29:42 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\FOG Downloader
[2011-01-09 10:16:31 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\KeePass
[2011-05-06 17:05:18 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\MP3toiPodAudioBookConverter
[2011-02-05 22:33:48 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\Samsung
[2010-12-12 14:08:18 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\Stardock
[2012-01-29 16:14:51 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\SummaSummarum
[2011-05-22 11:03:25 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\SynoSurveillance
[2011-01-02 21:30:44 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\TeamViewer
[2012-01-29 17:01:02 | 000,000,000 | ---D | M] -- C:\Users\Allan\AppData\Roaming\WinPatrol
[2012-05-30 12:34:44 | 000,032,550 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011-02-26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011-02-26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009-07-14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011-02-26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009-10-31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011-02-26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011-02-25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011-02-25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011-02-26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010-11-20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009-08-03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009-08-03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009-10-31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010-11-20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009-10-31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009-08-03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009-07-14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009-10-31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011-02-26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009-08-03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010-11-20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010-11-20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009-07-14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009-07-14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010-11-20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010-11-20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010-11-20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010-11-20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009-10-28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009-10-28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"DisplayName" = @%SystemRoot%\system32\drivers\netbt.sys,-2
"Group" = PNP_TDI
"ImagePath" = System32\DRIVERS\netbt.sys
"Description" = @%SystemRoot%\system32\drivers\netbt.sys,-1
"ErrorControl" = 1
"Start" = 1
"Type" = 1
"DependOnService" = Tdxtcpip [binary data]
"Tag" = 87
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"CacheTimeout" = 600000
"EnableLMHOSTS" = 1
"NameServerPort" = 137
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"NbProvider" = _tcp
"SessionKeepAlive" = 3600000
"Size/Small/Medium/Large" = 1
"TransportBindName" = \Device\
"UseNewSmb" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{12BDADCF-A41A-4F71-9C92-0DB812F152B2}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{32AC4BC1-5317-483F-8A5C-FFE379FFE4C6}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{3E13DC21-3BF2-47FD-A46E-0C4CF02156C3}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{4F5ADA80-FBA5-4536-8DBB-32FABA3E0CDF}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{5437E472-E0F3-45FF-874F-6EB4C9418827}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{8CD98357-412C-42D4-893C-0E9C48CCDE6E}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{9256F6D6-2132-4E7A-8ECA-D5937F758418}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{DD986701-EEE4-47DC-95C7-4C2AC774C1B4}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{E09F7474-4DE1-4DD6-94AC-E814F0A5AA63}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 2
"ImagePath" = system32\DRIVERS\netbios.sys
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 14 01 17 01 11 01 09 01 05 01 00 01 01 01 0B 01 0D 01 19 01 08 01 10 01 04 01 16 01 15 01 0F 01 18 01 13 01 12 01 0E 01 0C 01 0A 01 07 01 06 01 03 01 02 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 25
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012-06-01 18:25:33 | 000,868,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012-06-01 18:25:33 | 000,868,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012-06-01 18:25:33 | 000,868,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012-06-01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012-06-01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012-06-01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Allan\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Allan\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Allan\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Allan\AppData\Local\Google\Chrome\Application\chrome.exe" [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011-06-19 15:40:10 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011-06-19 15:40:10 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011-06-19 15:40:10 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011-06-19 15:40:11 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011-06-19 15:40:11 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012-06-01 18:25:33 | 000,868,248 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012-06-01 18:25:33 | 000,868,248 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012-06-01 18:25:33 | 000,868,248 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012-06-01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012-06-01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012-06-01 17:37:13 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\USERS\ALLAN\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\USERS\ALLAN\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\USERS\ALLAN\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\USERS\ALLAN\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011-06-19 15:40:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011-06-19 15:40:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011-06-19 15:40:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011-06-19 15:40:11 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011-06-19 15:40:11 | 000,748,336 | ---- | M] (Microsoft Corporation)

< C:\Windows\assembly\tmp\U\*.* /s >

< C:\Program Files\Common Files\ComObjects\*.* /s >

< C:\windows\*. /RP /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.1.7601
Copyright © 1999-2008 Microsoft Corporation.
P† computeren: DV7-4050EO
Diskenhed Bogs. Navn Fs Type Str. Status Oplysn.
--------- ---- ---------- ----- ---------- ------- --------- --------
Diskenhed 0 D DVD-ROM 0 B Intet med
Diskenhed 1 C SSD NTFS Partition 119 GB I orden System

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Oversigt] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\System32\config\systemprofile\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\windows\System32\config\systemprofile\Cookies] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\windows\System32\config\systemprofile\Lokale indstillinger] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\SysWOW64\config\systemprofile\AppData\Local\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\SysWOW64\config\systemprofile\AppData\Local\Oversigt] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\SysWOW64\config\systemprofile\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\windows\SysWOW64\config\systemprofile\Cookies] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\windows\SysWOW64\config\systemprofile\Lokale indstillinger] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction

< End of report >


Extras.txt



OTL Extras logfile created on: 13-06-2012 12:43:41 - Run 3
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Allan\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

3,94 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 58,72% Memory free
7,87 Gb Paging File | 6,10 Gb Available in Paging File | 77,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 32,08 Gb Free Space | 26,90% Space Free | Partition Type: NTFS

Computer Name: DV7-4050EO | User Name: Allan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2555285916-205775456-1634495091-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02D3060C-939D-4A7E-B636-105DC3CC802F}" = lport=5900 | protocol=6 | dir=in | name=vnc5900 |
"{08826677-3494-4D00-A723-7702147E4937}" = lport=9303 | protocol=17 | dir=in | name=shareport udp port |
"{1CA44BB1-364A-4C8C-8B5B-887A56A76F7D}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{1CB52C13-9E61-49DC-A902-76D01FE3A140}" = lport=2869 | protocol=6 | dir=in | app=system |
"{286E1448-EDC1-4B07-8B5E-045EF3A3CF28}" = rport=137 | protocol=17 | dir=out | app=system |
"{298EDB1F-00B9-496A-AF25-3ED32BE9FA62}" = lport=5800 | protocol=6 | dir=in | name=vnc5800 |
"{321A07CD-2900-4197-BA5B-1D9512661657}" = rport=445 | protocol=6 | dir=out | app=system |
"{3DA732AF-1419-463C-A37E-DD1DC473625F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{4842F48D-C517-401F-8B93-BEA50F513B16}" = lport=49164 | protocol=6 | dir=in | name=akamai netsession interface |
"{4F4CDF51-C6F0-465E-A245-92EF901FE908}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{51E3B89A-C041-4FA8-AFC6-03226E98578E}" = rport=139 | protocol=6 | dir=out | app=system |
"{523C9706-007F-481E-BD8E-794A8C02A195}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{6A841A03-35FD-4B0E-A374-3E2F80B0D391}" = lport=57557 | protocol=6 | dir=in | name=akamai netsession interface |
"{6AACBA58-CC7D-4976-8484-1E101D4BA8C5}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{714161B6-A16E-4CE7-8CFD-D86818533A3C}" = rport=138 | protocol=17 | dir=out | app=system |
"{85528B46-3D9C-44E3-88D2-8CC5205F3293}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9A9BAC2D-45DD-4099-9359-78D6B2410BA1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A98426D8-9C42-47F4-9090-DA25AA2302D8}" = lport=9303 | protocol=17 | dir=in | name=shareport udp port |
"{B5E10C39-061A-424B-99A9-356BD6C22FCC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B941B93A-BDFA-4079-B5A1-40388F53F815}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BBF7153D-A3DD-4438-9A25-B299CF48FF82}" = lport=445 | protocol=6 | dir=in | app=system |
"{C1B48A70-B8E4-47F3-8A56-4631C5C2C712}" = lport=139 | protocol=6 | dir=in | app=system |
"{E475C7EB-4002-4A89-8903-5CA1023FD3BE}" = lport=137 | protocol=17 | dir=in | app=system |
"{E97FD2C9-A10A-4496-AB23-4619DB9744C6}" = lport=49203 | protocol=6 | dir=in | name=akamai netsession interface |
"{FB09C253-A77E-4B95-8F16-D3E4C901301D}" = lport=5900 | protocol=6 | dir=in | name=vnc5900 |
"{FD6FAFA7-2127-449C-BA29-6C031E154FFC}" = lport=138 | protocol=17 | dir=in | app=system |
"{AA723459-E111-430F-BE90-F6837A5C02CA}" = lport=5800 | protocol=6 | dir=in | name=vnc5800 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07428199-D87F-48E0-BF95-DC20B810F786}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{07BA442D-2BFA-4ACB-A3B3-B2B16C734311}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{09D5CB9F-D841-4727-B6E2-0C041054E31C}" = protocol=6 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{0B7B24A4-9C69-4059-8E89-23BEECDB6622}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"{2320FB96-E27E-4E23-A756-10658EED0CA9}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"{25795E20-18A4-43CD-A009-C01DABB4E4EB}" = protocol=17 | dir=in | app=c:\users\allan\desktop\app-en-find.exe |
"{2B1F7808-0DD5-4393-9FC3-678207E1456C}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{2F47D60F-B284-437F-A94D-261C5462E42E}" = protocol=17 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe |
"{32FEA5C7-DAC3-46B1-A369-F9DD5CA1F9BC}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"{3987D16B-81B9-4166-AC2F-6E27468363BA}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{3F33EF04-39F3-4173-8BBA-EADF75F0EBF4}" = protocol=17 | dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{44969BE7-0677-4639-8678-3F5AB7C61FFC}" = protocol=6 | dir=in | app=c:\users\allan\appdata\local\akamai\netsession_win.exe |
"{461E3A86-AD7F-4F4F-88FB-4CAB56153A50}" = protocol=17 | dir=in | app=c:\users\allan\appdata\roaming\spotify\spotify.exe |
"{48388B47-71D1-43A2-8D3B-76915B4A4EC1}" = protocol=6 | dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{4C0D65A8-8798-4446-8BC2-A71358EC7F98}" = protocol=17 | dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{4D29A8CC-32B9-46C0-A603-1AD75F404498}" = protocol=1 | dir=out | [email protected],-28544 |
"{4D5476AD-C87C-45BB-B71F-D100FAAA4D99}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{53B5FDBE-7241-4554-8F2F-6A34D0CAB64F}" = protocol=58 | dir=in | [email protected],-28545 |
"{56440CE5-543B-4FB9-8EE7-DC84BE31A9A1}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{5B85D097-9D01-4D51-8C1A-CA15B54318F8}" = protocol=6 | dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{6185319B-BC53-4C7D-A2CB-240EE570F851}" = protocol=6 | dir=in | app=c:\program files (x86)\d-link\shareport\shareport.exe |
"{6B6C1EC5-F3EC-43AD-B04B-3D58FA28D39D}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{6C1DB7E8-0F56-4C43-AF4A-ABE01DF611CE}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{6D05E051-0028-4647-B17A-40DAD62E7E20}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{6E1F99EE-488F-413D-8774-67B2DA33C910}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{6E773230-1C4E-43D5-8465-71C5A7EB7474}" = protocol=58 | dir=out | [email protected],-28546 |
"{76E745EF-AAFF-4D8B-A5BC-40DD9848CFCD}" = protocol=6 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe |
"{78EEF644-EB85-4755-95BC-5893FA7E0C3F}" = protocol=6 | dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{80599678-09B7-410D-A899-CADC335CEA1F}" = protocol=6 | dir=in | app=c:\program files (x86)\d-link\shareport\shareport.exe |
"{8F5587A9-0704-4AB0-B82E-B36674D0F6B4}" = protocol=6 | dir=in | app=c:\users\allan\appdata\roaming\spotify\spotify.exe |
"{9113C82F-AEDC-4124-8423-AA96A3FEDB2E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{92BD7AC5-F664-47D7-9338-287EC940B8DC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{9C9F1A2C-B336-48D8-AD06-AC23F9B93303}" = protocol=17 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{A7582FA4-5746-4238-9183-46044CFD9034}" = protocol=17 | dir=in | app=c:\program files (x86)\d-link\shareport\shareport.exe |
"{AE6DC490-DCA1-4619-B6A1-5818ACAB4D86}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"{AED4C7E7-E005-41C9-B09F-9DFB46A10F34}" = protocol=6 | dir=in | app=c:\users\allan\desktop\app-en-find.exe |
"{B1E100D3-C409-41DF-B124-7D8DE592F137}" = protocol=17 | dir=in | app=c:\users\allan\appdata\local\akamai\netsession_win.exe |
"{B96F58BD-9819-4FE8-A3B3-AF0AF4DDF67B}" = protocol=17 | dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{B9D09489-8510-4CEF-BA27-F2B71E8AB566}" = protocol=17 | dir=in | app=c:\program files (x86)\d-link\shareport\shareport.exe |
"{CB70BD88-430C-4D0F-8B59-216118D90664}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D20ADCB5-0A2E-4ABD-A452-D52EF54D9C1E}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"{D5B40B1F-69E0-4684-9112-D039B6E27D1F}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{DF7C68C0-256A-414B-8C8E-B7B0F1ADA857}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"{E54ED7BF-F925-4FCC-9ED0-AE889ACC6172}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{EF5C2A19-1B90-47ED-9677-FAED58CE727F}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{AA1D492B-C960-42DE-AA23-64AA10AB321D}" = protocol=1 | dir=in | [email protected],-28543 |
"TCP Query User{0F91D06F-6445-45AA-AB94-4FCE479E2CE0}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{2179EECB-104F-4E52-8706-BF607C32AF3F}C:\users\allan\desktop\app-en-find.exe" = protocol=6 | dir=in | app=c:\users\allan\desktop\app-en-find.exe |
"TCP Query User{77D0FC18-9BE8-4648-AC31-21EAFDAFDA6A}C:\program files (x86)\synology\assistant\dsassistant.exe" = protocol=6 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe |
"TCP Query User{AD40B2CF-5B2C-421B-AE49-710E2A613B40}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{C76BA4B9-C20F-4CE4-A12C-783EC887DF1A}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{CC7B2E71-D60C-4B66-974D-EB17B7633A9B}C:\users\allan\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\allan\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{DF6918AA-F57D-44A8-A3C2-B1F0A8B9C712}C:\users\allan\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\allan\appdata\local\akamai\netsession_win.exe |
"UDP Query User{063DF3FD-C8F6-46E8-9739-3FFD75856C1A}C:\users\allan\desktop\app-en-find.exe" = protocol=17 | dir=in | app=c:\users\allan\desktop\app-en-find.exe |
"UDP Query User{5651E20A-8287-480F-BE7C-564455FFE00D}C:\program files (x86)\synology\assistant\dsassistant.exe" = protocol=17 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe |
"UDP Query User{71C14B6B-C2C7-4426-B13E-2DCF8492730D}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{7A42BD2F-3F62-4EC6-A26E-E7BCCDE1577F}C:\users\allan\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\allan\appdata\local\akamai\netsession_win.exe |
"UDP Query User{7E20AB86-E127-490C-A707-913BD604F73E}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{D08044D4-79AD-46AC-91EF-9F9CF6BC13E2}C:\users\allan\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\allan\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{EF57ED80-5AD1-4DF4-9084-5E98D27287F1}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007811BF-E310-4285-BFC6-55DB29B3EDDE}" = WinPatrol
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{10F539B1-31AF-43BF-9F0C-0EB66E918922}" = HP Quick Launch
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{23401053-03B3-845A-A946-32BEB58AB5AC}" = ccc-utility64
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java™ 6 Update 23 (64-bit)
"{34DA4817-68E1-CC8B-A9A5-392095FA28C9}" = ATI Catalyst Install Manager
"{426FAE9F-7373-496E-A215-9DB7EF4398CF}" = Validity Sensors DDK
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0406-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Danish) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99830F57-829F-3185-99EF-B364AA00A216}" = Microsoft .NET Framework 4 Extended DAN Language Pack
"{9B1A8F3D-8059-43FB-A7AE-4F2C21F0AAF2}" = KhalInstallWrapper
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DA-DK Language Pack
"{ECF3E482-9188-4e29-9C31-E02FD8DC74C0}" = HP Color LaserJet CM2320 MFP Series 2.0
"{F27D5AAD-758E-460F-964D-6F2E65964C08}" = Microsoft Antimalware Service DA-DK Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83E9BF0-B8D8-3D68-9E07-7505290C2202}" = Microsoft .NET Framework 4 Client Profile DAN Language Pack
"{F8776060-6929-480C-9CD0-AD4920C354EF}" = 64 Bit HP BiDi Channel Components Installer
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CutePDF Writer Installation" = CutePDF Writer 2.8
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DAN Language Pack" = Microsoft .NET Framework 4 Client Profile DAN sprogpakke
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DAN Language Pack" = Microsoft .NET Framework 4 Extended DAN sprogpakke
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{02B8DBC1-7312-43AF-8BA7-9F29CDD6B348}" = Windows Live Sync
"{0A653E82-9056-A08A-8262-62F59FF285C7}" = CCC Help Korean
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D542538-335E-08BA-21C5-62E9A7B2BE60}" = Catalyst Control Center InstallProxy
"{11A63D4E-6512-6D57-8690-3D656A483AB0}" = CCC Help French
"{147D8BB7-FEE8-5D53-390D-7FB94FC26BC8}" = CCC Help Italian
"{16734097-34B9-C5E3-7863-7A9CAAEB391F}" = ccc-core-static
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FCAF6B3-F655-4331-847C-17B697BC49E9}" = hppScanToCM2320
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{32A72502-BC2C-4C39-ACEA-BC3D463F0697}" = EN
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{35772A32-7A3D-A8FC-840C-B84B536E62FD}" = CCC Help Swedish
"{3C232A98-B1C0-46EA-B8C5-A7F7E06E1BCC}" = SetMLM
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{42C095E5-4CE2-A376-9893-93431C6A236E}" = CCC Help Dutch
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{543F949F-2B95-448F-9F2E-56F0C5FF8E2C}" = Catalyst Control Center - Branding
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5BA6D86E-AA0D-05FF-09B5-ED3CD5277A42}" = CCC Help German
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B65BA9C-2E00-3BCB-8EA5-94A7841B39C1}" = CCC Help Thai
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{70743ADB-DD63-DA15-1E6C-32D88C54E04D}" = CCC Help English
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{778E3C06-48EB-79CA-775E-BEA3086896AD}" = CCC Help Japanese
"{7A083F0E-189D-9100-8883-3B7E75B53E3F}" = CCC Help Chinese Traditional
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AE4C1DF-D685-56CB-4B4E-181A12FFAF55}" = CCC Help Turkish
"{8BADD53C-3A6D-4D22-B8C5-56ACD699C17D}" = Digital Signatur
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0406-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Danish) 2007
"{90120000-0016-0406-0000-0000000FF1CE}_HOMESTUDENTR_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0406-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Danish) 2007
"{90120000-0018-0406-0000-0000000FF1CE}_HOMESTUDENTR_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0406-0000-0000000FF1CE}" = Microsoft Office Word MUI (Danish) 2007
"{90120000-001B-0406-0000-0000000FF1CE}_HOMESTUDENTR_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0406-0000-0000000FF1CE}" = Microsoft Office Proof (Danish) 2007
"{90120000-001F-0406-0000-0000000FF1CE}_HOMESTUDENTR_{8F771259-9037-4097-AA88-8613F3BE5627}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0406-1000-0000000FF1CE}_HOMESTUDENTR_{11584158-91C7-4B1B-BFD1-F47D680F13CF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0406-0000-0000000FF1CE}" = Microsoft Office Proofing (Danish) 2007
"{90120000-006E-0406-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Danish) 2007
"{90120000-006E-0406-0000-0000000FF1CE}_HOMESTUDENTR_{11584158-91C7-4B1B-BFD1-F47D680F13CF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0406-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Danish) 2007
"{90120000-00A1-0406-0000-0000000FF1CE}_HOMESTUDENTR_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{925BC35B-CA11-577E-95C7-67C5BD4776BA}" = Catalyst Control Center Graphics Previews Common
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93138715-2252-4107-C3C6-D7F8ACAD4956}" = CCC Help Finnish
"{95A73EEC-18CA-0C70-2E88-C6F901C69583}" = CCC Help Russian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C7243A7-5C0E-3190-A042-01D88F7BB791}" = CCC Help Portuguese
"{9F2D7562-6163-48AB-B15A-331C7A9DB17C}" = hppscanCM2320
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1030-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Dansk
"{ACF5C43A-3E69-ED63-FCF9-831B3B9D1516}" = CCC Help Polish
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{AF144D2F-E890-B537-DC7C-DE01A8AC5405}" = CCC Help Norwegian
"{B4201487-FA15-8BCC-6833-E355A43CCCDB}" = Catalyst Control Center Graphics Previews Vista
"{B4E66C9F-BE69-4626-A9AD-D2B81CE45F49}" = hppFaxUtilityCM2320
"{B5DE2511-C5D3-0AAC-0470-606067398EBB}" = CCC Help Chinese Standard
"{BF6379E6-9936-46B0-B6AC-C56EE3987D2E}" = inSSIDer
"{C22826DB-8064-4607-9816-1B5B62358C3C}" = inSSIDer 2.0
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C77A8D2F-DE6E-E548-FA06-C56251441D95}" = CCC Help Spanish
"{C8E0D4A2-A9DB-4BE9-AC02-EE4FCCFBE2DE}" = SharePort
"{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D17FDF00-50F0-4B78-923F-707D2055D29E}" = hppManualsCM2320
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DB682507-DE7E-4053-BA5D-6DC7EC865DDF}" = hppCLJCM2320
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E93EAD24-E483-52AA-2E6F-C792E51E3F92}" = CCC Help Czech
"{ECB2E743-BFBD-7C77-6C62-F54ACD0ECE6D}" = CCC Help Hungarian
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0A06BEC-E4BA-DB4F-C3DF-37A3C77780EF}" = CCC Help Danish
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{F90DE865-1A3D-D6D6-0638-F1D2EFCB5C29}" = PX Profile Update
"{FD7DDB2A-445B-78D3-EAFB-6F7BE425285E}" = CCC Help Greek
"{FF841249-0D6B-41D7-8013-953EE3A33263}" = hppQFolderCM2320
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"{AA6F75E4-1807-4AAF-8CCC-4B9A48476BA5}" = Catalyst Control Center Localization All
"7-Zip" = 7-Zip 4.65
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"Akamai" = Akamai NetSession Interface Service
"avast" = avast! Internet Security
"Digital Editions" = Adobe Digital Editions
"Fences" = Fences
"FreeNote_is1" = FreeNote v1.263
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"IrfanView" = IrfanView (remove only)
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Mozilla Firefox 13.0 (x86 da)" = Mozilla Firefox 13.0 (x86 da)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Opticon USB Installer" = Opticon USB Drivers Installer
"PDF Protector Splitter and Merger Pro" = PDF Protector Splitter and Merger Pro
"Picasa 3" = Picasa 3
"Samsung CLP-320 Series" = Vedligeholdelse Samsung CLP-320 Series
"SummaSummarum_is1" = SummaSummarum 3.81
"TeamViewer 6" = TeamViewer 6
"TeamViewer 7" = TeamViewer 7
"VLC media player" = VLC media player 2.0.1
"VMware_Workstation" = VMware Workstation
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2555285916-205775456-1634495091-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Google Chrome" = Google Chrome
"QUICKMEDIACONVERTER" = QMC

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 07-10-2011 01:46:03 | Computer Name = Dv7-4050eo | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering
på <http://www.download....uthrootstl.cab>
mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når
der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede
fil. .

Error - 07-10-2011 01:46:03 | Computer Name = Dv7-4050eo | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering
på <http://www.download....uthrootstl.cab>
mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når
der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede
fil. .

Error - 07-10-2011 02:10:25 | Computer Name = Dv7-4050eo | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 07-10-2011 02:25:35 | Computer Name = Dv7-4050eo | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering
på <http://www.download....uthrootstl.cab>
mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når
der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede
fil. .

Error - 07-10-2011 02:25:37 | Computer Name = Dv7-4050eo | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering
på <http://www.download....uthrootstl.cab>
mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når
der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede
fil. .

Error - 07-10-2011 02:25:49 | Computer Name = Dv7-4050eo | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering
på <http://www.download....uthrootstl.cab>
mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når
der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede
fil. .

Error - 07-10-2011 02:25:50 | Computer Name = Dv7-4050eo | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering
på <http://www.download....uthrootstl.cab>
mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når
der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede
fil. .

Error - 07-10-2011 02:25:52 | Computer Name = Dv7-4050eo | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering
på <http://www.download....uthrootstl.cab>
mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når
der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede
fil. .

Error - 07-10-2011 02:26:00 | Computer Name = Dv7-4050eo | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering
på <http://www.download....uthrootstl.cab>
mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når
der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede
fil. .

Error - 07-10-2011 02:59:27 | Computer Name = Dv7-4050eo | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering
på <http://www.download....uthrootstl.cab>
mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når
der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede
fil. .

[ System Events ]
Error - 13-06-2012 06:09:53 | Computer Name = Dv7-4050eo | Source = Service Control Manager | ID = 7001
Description = Tjenesten Tjenesten Netværksliste afhænger af tjenesten NLA (Network
Location Awareness), der ikke kunne starte pga. følgende fejl: %%1068

Error - 13-06-2012 06:16:06 | Computer Name = Dv7-4050eo | Source = Application Popup | ID = 1060
Description = Indlæsning af \SystemRoot\SysWow64\Drivers\StarOpen.SYS er blevet
blokeret på grund af inkompatibilitet med dette system. Kontakt softwareleverandøren
for at få en kompatibel version af driveren.

Error - 13-06-2012 06:16:20 | Computer Name = Dv7-4050eo | Source = Service Control Manager | ID = 7000
Description = Tjenesten Vstor2 WS60 Virtual Storage Driver kunne ikke starte pga.
følgende fejl: %%3

Error - 13-06-2012 06:17:42 | Computer Name = Dv7-4050eo | Source = Service Control Manager | ID = 7022
Description = Tjenesten HP-tjeneste til registrering af CUE-enheder hang ved start.

Error - 13-06-2012 06:17:42 | Computer Name = Dv7-4050eo | Source = Service Control Manager | ID = 7026
Description = Følgende boot-start- eller system-start-driver kunne ikke indlæses:
StarOpen

Error - 13-06-2012 06:31:16 | Computer Name = Dv7-4050eo | Source = EventLog | ID = 6008
Description = Den foregående systemlukning kl. 12:30:06 d. ?13-?06-?2012 var uventet.

Error - 13-06-2012 06:31:10 | Computer Name = Dv7-4050eo | Source = Application Popup | ID = 1060
Description = Indlæsning af \SystemRoot\SysWow64\Drivers\StarOpen.SYS er blevet
blokeret på grund af inkompatibilitet med dette system. Kontakt softwareleverandøren
for at få en kompatibel version af driveren.

Error - 13-06-2012 06:31:22 | Computer Name = Dv7-4050eo | Source = Service Control Manager | ID = 7000
Description = Tjenesten Vstor2 WS60 Virtual Storage Driver kunne ikke starte pga.
følgende fejl: %%3

Error - 13-06-2012 06:32:43 | Computer Name = Dv7-4050eo | Source = Service Control Manager | ID = 7022
Description = Tjenesten HP-tjeneste til registrering af CUE-enheder hang ved start.

Error - 13-06-2012 06:32:43 | Computer Name = Dv7-4050eo | Source = Service Control Manager | ID = 7026
Description = Følgende boot-start- eller system-start-driver kunne ikke indlæses:
StarOpen


< End of report >

[CompCav]

After I ran the first OTL fix it felt like the PC became quicker and like I'm the only one pulling the strings
I have been testing the PC for an hour or so after I did all the steps and I have not found any of the above mentioned problems.

Good news

Thank you for helping me - I truly appreciate your help.

You are welcome.

We still have a few things to check so let's do the next step:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• Report FF Proxy Settings
• Reset FF Proxy Settings
• List content of Hosts
• List IP configuration
• List Winsock Entries
• List last 10 Event Viewer log
• List Installed Programs
• List Devices
• List Users, Partitions and Memory size.
• List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

[Dragebarn]

Here you go




MiniToolBox by Farbar Version: 09-06-2012
Ran by Allan (administrator) on 13-06-2012 at 17:48:03
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP-konfiguration

DNS Resolver Cache blev t›mt.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR9285 802.11b/g/n WiFi Adapter = Trådløs netværksforbindelse (Connected)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)
Realtek PCIe GBE Family Controller = LAN-forbindelse (Media disconnected)
Bluetooth-enhed (Personal Area Network) = Bluetooth-netværksforbindelse (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Trådløs netværksforbindelse 2 (Media disconnected)


# ----------------------------------
# IPv4-konfiguration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="VMware Network Adapter VMnet8" address=192.168.234.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet1" address=192.168.138.1 mask=255.255.255.0


popd
# [bleep] p† IPv4-konfiguration.



Windows IP-konfiguration

V‘rtsnavn. . . . . . . . . . . . . . . . . . : Dv7-4050eo
Prim‘rt DNS-suffiks. . . . . . . . . . . . . :
Nodetype . . . . . . . . . . . . . . . . . . : Hybrid
IP-routing aktiveret . . . . . . . . . . . . : Nej
WINS-proxy aktiveret . . . . . . . . . . . . : Nej
S›geliste for DNS-suffiks. . . . . . . . . . : P-2812HNU-F1

Tr†dl›st LAN-kort Tr†dl›s netv‘rksforbindelse 2:

Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
Forbindelsesspecifikt DNS-suffiks. . . . . . :
Beskrivelse. . . . . . . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Fysisk adresse . . . . . . . . . . . . . . . : 7E-AC-4C-47-20-C0
DHCP aktiveret . . . . . . . . . . . . . . . : Ja
Automatisk konfiguration aktiveret . . . . . : Ja

Ethernet-netv‘rkskort Bluetooth-netv‘rksforbindelse:

Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
Forbindelsesspecifikt DNS-suffiks. . . . . . :
Beskrivelse. . . . . . . . . . . . . . . . . : Bluetooth-enhed (Personal Area Network)
Fysisk adresse . . . . . . . . . . . . . . . : 70-F3-95-7B-32-F4
DHCP aktiveret . . . . . . . . . . . . . . . : Ja
Automatisk konfiguration aktiveret . . . . . : Ja

Ethernet-netv‘rkskort LAN-forbindelse:

Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
Forbindelsesspecifikt DNS-suffiks. . . . . . :
Beskrivelse. . . . . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Fysisk adresse . . . . . . . . . . . . . . . : C8-0A-A9-F9-D2-12
DHCP aktiveret . . . . . . . . . . . . . . . : Ja
Automatisk konfiguration aktiveret . . . . . : Ja

Tr†dl›st LAN-kort Tr†dl›s netv‘rksforbindelse:

Forbindelsesspecifikt DNS-suffiks. . . . . . : P-2812HNU-F1
Beskrivelse. . . . . . . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
Fysisk adresse . . . . . . . . . . . . . . . : 5C-AC-4C-47-20-C0
DHCP aktiveret . . . . . . . . . . . . . . . : Ja
Automatisk konfiguration aktiveret . . . . . : Ja
Link-local-IPv6-adresse . . . . . : fe80::e565:6508:fc07:e813%10(Foretrukken)
IPv4-adresse . . . . . . . . . . . . . . . . : 192.168.1.33(Foretrukken)
Undernetmaske. . . . . . . . . . . . . . . . : 255.255.255.0
Rettigheden opn†et . . . . . . . . . . . . . : 13. juni 2012 13:38:47
Rettigheden udl›ber. . . . . . . . . . . . . : 14. juni 2012 17:07:21
Standardgateway. . . . . . . . . . . . . . . : 192.168.1.1
DHCP-server. . . . . . . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 190622796
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-24-F2-BF-C8-0A-A9-F9-D2-12
DNS-servere. . . . . . . . . . . . . . . . . : 89.150.129.22
89.150.129.10
NetBIOS over Tcpip . . . . . . . . . . . . . : Aktiveret

Ethernet-netv‘rkskort VMware Network Adapter VMnet1:

Forbindelsesspecifikt DNS-suffiks. . . . . . :
Beskrivelse. . . . . . . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1
Fysisk adresse . . . . . . . . . . . . . . . : 00-50-56-C0-00-01
DHCP aktiveret . . . . . . . . . . . . . . . : Nej
Automatisk konfiguration aktiveret . . . . . : Ja
Link-local-IPv6-adresse . . . . . : fe80::75c0:c912:8a46:2abc%16(Foretrukken)
IPv4-adresse . . . . . . . . . . . . . . . . : 192.168.138.1(Foretrukken)
Undernetmaske. . . . . . . . . . . . . . . . : 255.255.255.0
Standardgateway. . . . . . . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 352342102
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-24-F2-BF-C8-0A-A9-F9-D2-12
DNS-servere. . . . . . . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip . . . . . . . . . . . . . : Aktiveret

Ethernet-netv‘rkskort VMware Network Adapter VMnet8:

Forbindelsesspecifikt DNS-suffiks. . . . . . :
Beskrivelse. . . . . . . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8
Fysisk adresse . . . . . . . . . . . . . . . : 00-50-56-C0-00-08
DHCP aktiveret . . . . . . . . . . . . . . . : Nej
Automatisk konfiguration aktiveret . . . . . : Ja
Link-local-IPv6-adresse . . . . . : fe80::3d9c:d162:60b5:3458%17(Foretrukken)
IPv4-adresse . . . . . . . . . . . . . . . . : 192.168.234.1(Foretrukken)
Undernetmaske. . . . . . . . . . . . . . . . : 255.255.255.0
Standardgateway. . . . . . . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 369119318
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-24-F2-BF-C8-0A-A9-F9-D2-12
DNS-servere. . . . . . . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip . . . . . . . . . . . . . : Aktiveret

Tunnel-netv‘rkskort isatap.{E09F7474-4DE1-4DD6-94AC-E814F0A5AA63}:

Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
Forbindelsesspecifikt DNS-suffiks. . . . . . :
Beskrivelse. . . . . . . . . . . . . . . . . : Microsoft ISATAP-netv‘rkskort
Fysisk adresse . . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiveret . . . . . . . . . . . . . . . : Nej
Automatisk konfiguration aktiveret . . . . . : Ja

Tunnel-netv‘rkskort Teredo Tunneling Pseudo-Interface:

Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
Forbindelsesspecifikt DNS-suffiks. . . . . . :
Beskrivelse. . . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Fysisk adresse . . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiveret . . . . . . . . . . . . . . . : Nej
Automatisk konfiguration aktiveret . . . . . : Ja

Tunnel-netv‘rkskort isatap.{9256F6D6-2132-4E7A-8ECA-D5937F758418}:

Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
Forbindelsesspecifikt DNS-suffiks. . . . . . :
Beskrivelse. . . . . . . . . . . . . . . . . : Microsoft ISATAP-netv‘rkskort #2
Fysisk adresse . . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiveret . . . . . . . . . . . . . . . : Nej
Automatisk konfiguration aktiveret . . . . . : Ja

Tunnel-netv‘rkskort isatap.{F6915FF7-E796-4C32-AB1F-A0F39174B031}:

Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
Forbindelsesspecifikt DNS-suffiks. . . . . . :
Beskrivelse. . . . . . . . . . . . . . . . . : Microsoft ISATAP-netv‘rkskort #3
Fysisk adresse . . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiveret . . . . . . . . . . . . . . . : Nej
Automatisk konfiguration aktiveret . . . . . : Ja

Tunnel-netv‘rkskort isatap.{12BDADCF-A41A-4F71-9C92-0DB812F152B2}:

Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
Forbindelsesspecifikt DNS-suffiks. . . . . . :
Beskrivelse. . . . . . . . . . . . . . . . . : Microsoft ISATAP-netv‘rkskort #4
Fysisk adresse . . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiveret . . . . . . . . . . . . . . . : Nej
Automatisk konfiguration aktiveret . . . . . : Ja

Tunnel-netv‘rkskort isatap.{4F5ADA80-FBA5-4536-8DBB-32FABA3E0CDF}:

Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
Forbindelsesspecifikt DNS-suffiks. . . . . . :
Beskrivelse. . . . . . . . . . . . . . . . . : Microsoft ISATAP-netv‘rkskort #5
Fysisk adresse . . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiveret . . . . . . . . . . . . . . . : Nej
Automatisk konfiguration aktiveret . . . . . : Ja

Tunnel-netv‘rkskort isatap.{5437E472-E0F3-45FF-874F-6EB4C9418827}:

Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
Forbindelsesspecifikt DNS-suffiks. . . . . . :
Beskrivelse. . . . . . . . . . . . . . . . . : Microsoft ISATAP-netv‘rkskort #6
Fysisk adresse . . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiveret . . . . . . . . . . . . . . . : Nej
Automatisk konfiguration aktiveret . . . . . : Ja

Tunnel-netv‘rkskort isatap.P-2812HNU-F1:

Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
Forbindelsesspecifikt DNS-suffiks. . . . . . :
Beskrivelse. . . . . . . . . . . . . . . . . : Microsoft ISATAP-netv‘rkskort #7
Fysisk adresse . . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiveret . . . . . . . . . . . . . . . : Nej
Automatisk konfiguration aktiveret . . . . . : Ja
Server: ge0.ns1.dk.ip.fullrate.dk
Address: 89.150.129.22

Navn: google.com
Addresses: 2a00:1450:400f:801::1001
173.194.32.38
173.194.32.39
173.194.32.40
173.194.32.41
173.194.32.46
173.194.32.32
173.194.32.33
173.194.32.34
173.194.32.35
173.194.32.36
173.194.32.37


Pinger google.com [173.194.32.34] med 32 byte data:
Svar fra 173.194.32.34: byte=32 tid=41ms TTL=53
Svar fra 173.194.32.34: byte=32 tid=41ms TTL=53

Ping-statistikker for 173.194.32.34:
Pakker: Sendt = 2, modtaget = 2, tabt = 0 (0% tab),
Beregnet tid for rundtur i millisekunder:
Minimum = 41ms, Maksimum = 41ms, Gennemsnitlig = 41ms
Server: ge0.ns1.dk.ip.fullrate.dk
Address: 89.150.129.22

Navn: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinger yahoo.com [98.139.183.24] med 32 byte data:
Svar fra 98.139.183.24: byte=32 tid=162ms TTL=51
Svar fra 98.139.183.24: byte=32 tid=227ms TTL=51

Ping-statistikker for 98.139.183.24:
Pakker: Sendt = 2, modtaget = 2, tabt = 0 (0% tab),
Beregnet tid for rundtur i millisekunder:
Minimum = 162ms, Maksimum = 227ms, Gennemsnitlig = 194ms
Server: ge0.ns1.dk.ip.fullrate.dk
Address: 89.150.129.22

Navn: bleepingcomputer.com
Address: 208.43.87.2


Pinger bleepingcomputer.com [208.43.87.2] med 32 byte data:
Svar fra 208.43.87.2: Modtagerv‘rt ikke tilg‘ngelig.
Svar fra 208.43.87.2: Modtagerv‘rt ikke tilg‘ngelig.

Ping-statistikker for 208.43.87.2:
Pakker: Sendt = 2, modtaget = 2, tabt = 0 (0% tab),

Pinger 127.0.0.1 med 32 byte data:
Svar fra 127.0.0.1: byte=32 tid<1ms TTL=128
Svar fra 127.0.0.1: byte=32 tid<1ms TTL=128

Ping-statistikker for 127.0.0.1:
Pakker: Sendt = 2, modtaget = 2, tabt = 0 (0% tab),
Beregnet tid for rundtur i millisekunder:
Minimum = 0ms, Maksimum = 0ms, Gennemsnitlig = 0ms
===========================================================================
Liste over gr‘nseflader
24...7e ac 4c 47 20 c0 ......Microsoft Virtual WiFi Miniport Adapter #2
12...70 f3 95 7b 32 f4 ......Bluetooth-enhed (Personal Area Network)
11...c8 0a a9 f9 d2 12 ......Realtek PCIe GBE Family Controller
10...5c ac 4c 47 20 c0 ......Atheros AR9285 802.11b/g/n WiFi Adapter
16...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
17...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
1...........................Software Loopback Interface 1
26...00 00 00 00 00 00 00 e0 Microsoft ISATAP-netv‘rkskort
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
28...00 00 00 00 00 00 00 e0 Microsoft ISATAP-netv‘rkskort #2
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP-netv‘rkskort #3
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP-netv‘rkskort #4
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP-netv‘rkskort #5
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP-netv‘rkskort #6
29...00 00 00 00 00 00 00 e0 Microsoft ISATAP-netv‘rkskort #7
===========================================================================

IPv4 Rutetabel
===========================================================================
Aktive ruter:
Netv‘rksdestination Netmaske Gateway Gr‘nseflade Metrikv‘rdi
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.33 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.33 281
192.168.1.33 255.255.255.255 On-link 192.168.1.33 281
192.168.1.255 255.255.255.255 On-link 192.168.1.33 281
192.168.138.0 255.255.255.0 On-link 192.168.138.1 276
192.168.138.1 255.255.255.255 On-link 192.168.138.1 276
192.168.138.255 255.255.255.255 On-link 192.168.138.1 276
192.168.234.0 255.255.255.0 On-link 192.168.234.1 276
192.168.234.1 255.255.255.255 On-link 192.168.234.1 276
192.168.234.255 255.255.255.255 On-link 192.168.234.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.33 281
224.0.0.0 240.0.0.0 On-link 192.168.138.1 276
224.0.0.0 240.0.0.0 On-link 192.168.234.1 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.33 281
255.255.255.255 255.255.255.255 On-link 192.168.138.1 276
255.255.255.255 255.255.255.255 On-link 192.168.234.1 276
===========================================================================
Vedvarende ruter:
Ingen

IPv6 Rutetabel
===========================================================================
Aktive ruter:
Hvis Metrik Netv‘rk Destination Gateway
1 306 ::1/128 On-link
10 281 fe80::/64 On-link
16 276 fe80::/64 On-link
17 276 fe80::/64 On-link
17 276 fe80::3d9c:d162:60b5:3458/128
On-link
16 276 fe80::75c0:c912:8a46:2abc/128
On-link
10 281 fe80::e565:6508:fc07:e813/128
On-link
1 306 ff00::/8 On-link
10 281 ff00::/8 On-link
16 276 ff00::/8 On-link
17 276 ff00::/8 On-link
===========================================================================
Vedvarende ruter:
Ingen
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll [File Not found] ()
Catalog9 13 C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll [File Not found] ()
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 12 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll [File Not found] ()
x64-Catalog9 13 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/13/2012 00:17:25 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering på <http://www.download....uthrootstl.cab> mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede fil.
.

Error: (06/13/2012 00:17:25 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering på <http://www.download....uthrootstl.cab> mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede fil.
.

Error: (06/13/2012 00:17:25 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering på <http://www.download....uthrootstl.cab> mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede fil.
.

Error: (06/13/2012 00:17:25 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering på <http://www.download....uthrootstl.cab> mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede fil.
.

Error: (06/13/2012 00:17:25 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering på <http://www.download....uthrootstl.cab> mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede fil.
.

Error: (06/13/2012 00:17:25 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering på <http://www.download....uthrootstl.cab> mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede fil.
.

Error: (06/13/2012 00:16:52 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering på <http://www.download....uthrootstl.cab> mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede fil.
.

Error: (06/13/2012 00:16:51 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering på <http://www.download....uthrootstl.cab> mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede fil.
.

Error: (06/13/2012 00:16:51 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering på <http://www.download....uthrootstl.cab> mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede fil.
.

Error: (06/13/2012 00:16:51 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Udpakning af tredjepartsrodliste fra CAB-fil til automatisk opdatering på <http://www.download....uthrootstl.cab> mislykkedes. Fejl: Et krævet certifikat er ikke inden for gyldighedsperioden, når der godkendes med det aktuelle systemklokkeslæt eller tidsstemplet i den signerede fil.
.


System errors:
=============
Error: (06/13/2012 01:40:13 PM) (Source: Service Control Manager) (User: )
Description: Følgende boot-start- eller system-start-driver kunne ikke indlæses:
StarOpen

Error: (06/13/2012 01:40:13 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten HP-tjeneste til registrering af CUE-enheder hang ved start.

Error: (06/13/2012 01:38:51 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Vstor2 WS60 Virtual Storage Driver kunne ikke starte pga. følgende fejl:
%%3

Error: (06/13/2012 01:38:36 PM) (Source: Application Popup) (User: )
Description: Indlæsning af \SystemRoot\SysWow64\Drivers\StarOpen.SYS er blevet blokeret på grund af inkompatibilitet med dette system. Kontakt softwareleverandøren for at få en kompatibel version af driveren.

Error: (06/13/2012 01:38:41 PM) (Source: EventLog) (User: )
Description: Den foregående systemlukning kl. 13:36:10 d. ?13-?06-?2012 var uventet.

Error: (06/13/2012 01:16:47 PM) (Source: Service Control Manager) (User: )
Description: Følgende boot-start- eller system-start-driver kunne ikke indlæses:
StarOpen

Error: (06/13/2012 01:16:47 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten HP-tjeneste til registrering af CUE-enheder hang ved start.

Error: (06/13/2012 01:15:25 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Vstor2 WS60 Virtual Storage Driver kunne ikke starte pga. følgende fejl:
%%3

Error: (06/13/2012 01:15:10 PM) (Source: Application Popup) (User: )
Description: Indlæsning af \SystemRoot\SysWow64\Drivers\StarOpen.SYS er blevet blokeret på grund af inkompatibilitet med dette system. Kontakt softwareleverandøren for at få en kompatibel version af driveren.

Error: (06/13/2012 00:32:43 PM) (Source: Service Control Manager) (User: )
Description: Følgende boot-start- eller system-start-driver kunne ikke indlæses:
StarOpen


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
64 Bit HP BiDi Channel Components Installer (Version: 1.2.0.2)
7-Zip 4.65
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212)
Adobe Digital Editions
Adobe Download Manager (Version: 1.6.2.91)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.235)
Adobe Reader X (10.1.3) - Dansk (Version: 10.1.3)
Akamai NetSession Interface
Akamai NetSession Interface Service
Atheros Driver Installation Program (Version: 9.2)
ATI Catalyst Install Manager (Version: 3.0.778.0)
avast! Internet Security (Version: 7.0.1426.0)
BufferChm (Version: 100.0.170.000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.0621.2137.36973)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0621.2137.36973)
Catalyst Control Center InstallProxy (Version: 2010.0621.2137.36973)
Catalyst Control Center Localization All (Version: 2010.0621.2137.36973)
ccc-core-static (Version: 2010.0621.2137.36973)
ccc-utility64 (Version: 2010.0621.2137.36973)
CCC Help Chinese Standard (Version: 2010.0621.2136.36973)
CCC Help Chinese Traditional (Version: 2010.0621.2136.36973)
CCC Help Czech (Version: 2010.0621.2136.36973)
CCC Help Danish (Version: 2010.0621.2136.36973)
CCC Help Dutch (Version: 2010.0621.2136.36973)
CCC Help English (Version: 2010.0621.2136.36973)
CCC Help Finnish (Version: 2010.0621.2136.36973)
CCC Help French (Version: 2010.0621.2136.36973)
CCC Help German (Version: 2010.0621.2136.36973)
CCC Help Greek (Version: 2010.0621.2136.36973)
CCC Help Hungarian (Version: 2010.0621.2136.36973)
CCC Help Italian (Version: 2010.0621.2136.36973)
CCC Help Japanese (Version: 2010.0621.2136.36973)
CCC Help Korean (Version: 2010.0621.2136.36973)
CCC Help Norwegian (Version: 2010.0621.2136.36973)
CCC Help Polish (Version: 2010.0621.2136.36973)
CCC Help Portuguese (Version: 2010.0621.2136.36973)
CCC Help Russian (Version: 2010.0621.2136.36973)
CCC Help Spanish (Version: 2010.0621.2136.36973)
CCC Help Swedish (Version: 2010.0621.2136.36973)
CCC Help Thai (Version: 2010.0621.2136.36973)
CCC Help Turkish (Version: 2010.0621.2136.36973)
CDDRV_Installer (Version: 1.00.0000)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
CorelDRAW Graphics Suite X3
CorelDRAW Graphics Suite X3 (Version: 13.2)
CutePDF Writer 2.8
D3DX10 (Version: 15.4.2368.0902)
Destination Component (Version: 100.0.0.0)
DeviceDiscovery (Version: 100.0.190.000)
DeviceManagementQFolder (Version: 1.00.0000)
Digital Signatur (Version: 6.4.2.2)
EN (Version: 13.1)
Fences (Version: 1.0)
FontNav (Version: 5.0)
FreeNote v1.263 (Version: 1.263)
Google Chrome (Version: 19.0.1084.56)
Google Update Helper (Version: 1.3.21.111)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP Color LaserJet CM2320 MFP Series 2.0 (Version: 2.0)
HP Imaging Device Functions 10.0 (Version: 10.0)
HP Integrated Module with Bluetooth wireless technology (Version: 4.0.1.3500)
HP MediaSmart Webcam (Version: 4.1.3123)
HP Product Detection (Version: 11.14.0001)
HP Quick Launch (Version: 1.0.18)
hppCLJCM2320 (Version: 001.000.00071)
hppFaxUtilityCM2320 (Version: 001.000.00069)
hppManualsCM2320 (Version: 001.000.00071)
hppQFolderCM2320 (Version: 1.00.0000)
hppscanCM2320 (Version: 001.000.00071)
hppScanToCM2320 (Version: 001.000.00068)
HTC BMP USB Driver (Version: 1.0.5375)
HTC Driver Installer (Version: 3.0.0.005)
IDT Audio (Version: 1.0.6289.0)
inSSIDer (Version: 2.1.1)
inSSIDer 2.0 (Version: 2.0.4)
IrfanView (remove only) (Version: 4.27)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 23 (64-bit) (Version: 6.0.230)
Java™ 6 Update 31 (Version: 6.0.310)
KhalInstallWrapper (Version: 4.00.121)
LAME v3.98.3 for Audacity
Logitech SetPoint (Version: 4.00)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DAN Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DAN sprogpakke (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DAN Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DAN sprogpakke (Version: 4.0.30319)
Microsoft Antimalware Service DA-DK Language Pack (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Danish) 2007 (Version: 12.0.4518.1021)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client DA-DK Language Pack (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Windows Media Video 9 VCM
Mozilla Firefox 13.0 (x86 da) (Version: 13.0)
Mozilla Maintenance Service (Version: 13.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Opdatering til Microsoft Office Excel 2007 Help (KB963678)
Opdatering til Microsoft Office Powerpoint 2007 Help (KB963669)
Opdatering til Microsoft Office Word 2007 Help (KB963665)
Opticon USB Drivers Installer
PDF Protector Splitter and Merger Pro
Picasa 3 (Version: 3.8)
PX Profile Update (Version: 1.00.1.)
QMC
QuickTime (Version: 7.71.80.42)
SAMSUNG Mobile Composite Device Software
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Scan (Version: 10.1.0.0)
SetMLM (Version: 3.70.0000)
SharePort (Version: 1.17)
SummaSummarum 3.81 (Version: 3.81)
Synaptics Pointing Device Driver (Version: 15.2.4.4)
TeamViewer 6 (Version: 6.0.9947)
TeamViewer 7 (Version: 7.0.12313)
tools-freebsd (Version: 8.4.5.14951)
tools-linux (Version: 8.4.5.14951)
tools-netware (Version: 8.4.5.14951)
tools-solaris (Version: 8.4.5.14951)
tools-windows (Version: 8.4.5.14951)
tools-winPre2k (Version: 8.4.5.14951)
TrayApp (Version: 100.0.170.000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update Manager (Version: 4.60)
Validity Sensors DDK (Version: 4.1.139.0)
VBA (Version: 6.2)
Vedligeholdelse Samsung CLP-320 Series
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
VLC media player 2.0.1 (Version: 2.0.1)
VMware Workstation (Version: 7.1.3.14951)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinPatrol (Version: 24.0.2012.1)
WinPcap 4.1.1 (Version: 4.1.0.1753)

========================= Devices: ================================

Name: Vstor2 WS60 Virtual Storage Driver
Description: Vstor2 WS60 Virtual Storage Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vstor2-ws60
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 4029.86 MB
Available physical RAM: 1871.81 MB
Total Pagefile: 8057.91 MB
Available Pagefile: 5516.11 MB
Total Virtual: 4095.88 MB
Available Virtual: 3958.96 MB

========================= Partitions: =====================================

1 Drive c: (SSD) (Fixed) (Total:119.24 GB) (Free:31.84 GB) NTFS

========================= Users: ========================================

Brugerkonti for \\DV7-4050EO

__vmware_user__ Administrator Allan
G‘st
Kommandoen blev udf›rt.

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

[CompCav]

I want to check some of your services due to the System errors in the OTL Extras log file.

Download farbar service scanner to your desktop and then run it.



Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply

[Dragebarn]

Result of Farbar scanning is right here:



Farbar Service Scanner Version: 09-06-2012
Ran by Allan (administrator) on 13-06-2012 at 19:58:43
Running from "C:\Users\Allan\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Edited by Dragebarn, 13 June 2012 - 12:01 PM.

[CompCav]

Great They were old errors and are not an issue now!


Step 1.

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application. Please do not accept the trial right now. We just want to run it on demand.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish, so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.


Step 2.

Run ESET Online Scan

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on:

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.

• Select the option YES, I accept the Terms of Use then click on:
• When prompted allow Add-On/Active X to install.
• Make sure that the option Scan archives is checked.
• Now click on Advanced Settings and select the following:
  
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
• Now click on:
• The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
• When completed the Online Scan will begin automatically. The scan may take several hours.
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
• When completed select Uninstall application on close, make sure you copy the logfile first!
• Now click on:
• Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
• Copy and paste that log as a reply to this topic.

Step 3.

Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 4.

Please post:


mbam log
eset log
security check log

Please give me an update on how your computer is doing!

[Dragebarn]

The malwarebytes gave a clean result.

The ESET gave 1 virus in a 32 startup file, but I made a mistake and the log has not been saved..
I will run the scan once again, but I would like to get a green light before I do that.



Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.13.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Allan :: DV7-4050EO [administrator]

13-06-2012 20:14:02
mbam-log-2012-06-13 (20-14-02).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 205099
Time elapsed: 1 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

[CompCav]

Green light!

[Dragebarn]

ok, help - where do I find that logfile?
I have not closed the ESET online scanner after this scanning - so can you tell me what to do?

http://www.flickr.co...ith/7186908169/

I can't see where to go in ESET see image 1
I have tried the only other thing I could push "Manage quarantine", but with no luck - image 2
I have search the PC for anything with ECET - but no luck I think - image 3
I have looked in programfiles - see image 4.

[CompCav]

No worry there was no significant threat found and we can go on to the next step with the security scan.

[Dragebarn]

Heloo,
Here you have the last scan log

My computer is still doing fine, it had some issues shutting down once today, but it might be connected to the finished ESET scan that hang open for 12 hours. The the computer started acting up and I tried to shut it down - it took two tries, but it worked in the end.
I finally got rid of that Norton thingy. I erased it, and for once it hasn't returned! - I clearly wasn't the one controlling everything on this computer.

Generally the computer feels good, well it's a bit slow and noisy, but that's hardware issues
And once again - thank you for all your help!





security check log

Results of screen317's Security Check version 0.99.41
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.61.0.1400
Java™ 6 Update 31
Java version out of date!
Adobe Flash Player 11.2.202.235
Adobe Reader X (10.1.3)
Mozilla Firefox (13.0)
Google Chrome 19.0.1084.52
Google Chrome 19.0.1084.56
````````Process Check: objlist.exe by Laurent````````
WinPatrol winpatrol.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
BillP Studios WinPatrol WinPatrol.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

[CompCav]

We have some updates to do to improve your security.

Step 1.

UAC

• Open User Accounts by clicking the Start button, clicking Control Panel, clicking User Accounts and Family Safety (or clicking User Accounts, if you are connected to a network domain), and then clicking User Accounts.
• Click Turn User Account Control on. Administrator permission required If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

Please post a note when these steps are completed with any changes in the computer performance as well!


Step 2.

Update Java

Please download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.
Open JavaRa.exe again and select Search For Updates.
Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.

[Dragebarn]

I updated the UAC, and now it seems that the computer is a bit slower...

The javaRa didn't remove the old Java, so I went to the control panel and removed the old one, so now the Security Check is without red


Results of screen317's Security Check version 0.99.41
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.61.0.1400
Adobe Flash Player 11.2.202.235
Adobe Reader X (10.1.3)
Mozilla Firefox (13.0)
Google Chrome 19.0.1084.52
Google Chrome 19.0.1084.56
````````Process Check: objlist.exe by Laurent````````
WinPatrol winpatrol.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
BillP Studios WinPatrol WinPatrol.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````