Last time I received incrediblely good help and therefor in advance: Thank You!
Unfortunately, I'm infected again.
This time the virus sometimes turns my Avira protection off and furthermore it freezes my computer or shuts it down while the PC is doing simple CPU tasks.
I hope you're able to help me. I have ran Avira a couple of time and Malwarebytes, but it doesn't seem to help.
OTL log:
OTL logfile created on: 11/26/2012 3:23:34 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mathias\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy
5.87 Gb Total Physical Memory | 3.42 Gb Available Physical Memory | 58.23% Memory free
11.73 Gb Paging File | 8.73 Gb Available in Paging File | 74.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.66 Gb Total Space | 285.92 Gb Free Space | 63.30% Space Free | Partition Type: NTFS
Computer Name: PC-MATHIAS | User Name: Mathias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/11/26 15:20:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mathias\Desktop\OTL.exe
PRC - [2012/11/09 16:36:51 | 000,638,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
PRC - [2012/11/07 00:14:48 | 001,199,576 | ---- | M] (Spotify Ltd) -- C:\Users\Mathias\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/11/06 18:30:45 | 000,561,952 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012/11/06 18:29:54 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/11/06 18:29:20 | 000,387,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
PRC - [2012/10/29 17:34:28 | 000,300,480 | ---- | M] (Abine Inc.) -- C:\Program Files (x86)\Ask.com\AbineSDK\IE\DNTPService.exe
PRC - [2012/10/29 17:34:26 | 001,185,872 | ---- | M] (CallingID Ltd.) -- C:\Program Files (x86)\Ask.com\CallingIDSDK\CIDGlobalLight.exe
PRC - [2012/10/29 17:33:28 | 001,573,584 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012/10/16 17:06:12 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/10/16 16:57:04 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/09/29 18:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/09/29 18:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/29 18:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/05/24 19:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Mathias\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/02/01 15:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/02/01 15:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/05/03 23:15:42 | 001,480,032 | ---- | M] (Suyin) -- C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
PRC - [2010/04/09 17:49:02 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010/04/08 05:18:40 | 000,908,368 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/04/08 05:18:40 | 000,312,400 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/04/08 05:18:40 | 000,298,064 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/03/18 05:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/18 05:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/03/09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
PRC - [2010/03/09 00:56:08 | 000,258,560 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
PRC - [2010/01/29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
PRC - [2010/01/08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
PRC - [2009/05/20 16:59:44 | 000,013,624 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe
PRC - [2009/05/20 16:59:34 | 000,057,672 | ---- | M] (Alienware Corporation) -- C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
========== Modules (No Company Name) ==========
MOD - [2012/11/15 20:13:09 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll
MOD - [2012/11/15 20:13:09 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\c2683adc75724d36e8ecc26e9baa97bf\IAStorCommon.ni.dll
MOD - [2012/11/15 20:13:08 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\b5917ee962b86d4a567088585607807f\IAStorUtil.ni.dll
MOD - [2012/11/15 20:12:52 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\239d84cfdb9de9730c1efb43840ef2eb\System.Core.ni.dll
MOD - [2012/11/15 09:05:41 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll
MOD - [2012/11/15 09:05:32 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012/11/15 09:05:29 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll
MOD - [2012/11/15 09:05:17 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll
MOD - [2012/11/15 09:04:58 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012/11/15 09:04:50 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012/11/15 09:04:47 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll
MOD - [2012/11/15 09:04:33 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012/11/15 09:04:26 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012/11/15 09:04:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012/11/15 09:04:20 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012/11/15 09:04:09 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012/10/29 17:34:28 | 000,925,120 | ---- | M] () -- C:\Program Files (x86)\Ask.com\AbineSDK\IE\DNTPContentFilter.dll
MOD - [2012/10/29 17:34:28 | 000,245,696 | ---- | M] () -- C:\Program Files (x86)\Ask.com\AbineSDK\IE\DNTPButton.dll
MOD - [2012/10/29 17:34:28 | 000,051,136 | ---- | M] () -- C:\Program Files (x86)\Ask.com\AbineSDK\IE\DNTPServicePS.dll
MOD - [2011/07/29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/12/30 12:32:30 | 007,158,096 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienwareAlienFXModelResources\1.0.51.0__bebb3c8816410241\AlienwareAlienFXModelResources.dll
MOD - [2010/12/30 12:32:30 | 000,444,224 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienwareAlienFXTools\1.0.51.0__bebb3c8816410241\AlienwareAlienFXTools.dll
MOD - [2010/12/30 12:32:30 | 000,073,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienLabsTools\1.0.49.0__bebb3c8816410241\AlienLabsTools.dll
MOD - [2010/12/30 12:32:30 | 000,031,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Alienlabs.CommandCenter.Tools\1.0.49.0__bebb3c8816410241\Alienlabs.CommandCenter.Tools.dll
MOD - [2010/12/30 12:32:30 | 000,024,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.DeviceDiscovery\1.0.51.0__bebb3c8816410241\AlienFX.DeviceDiscovery.dll
MOD - [2010/12/30 12:32:29 | 000,036,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x511\1.0.51.0__bebb3c8816410241\AlienFX.Communication.PID0x511.dll
MOD - [2010/12/30 12:32:29 | 000,035,664 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x512\1.0.51.0__bebb3c8816410241\AlienFX.Communication.PID0x512.dll
MOD - [2010/12/30 12:32:29 | 000,027,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x516\1.0.51.0__bebb3c8816410241\AlienFX.Communication.PID0x516.dll
MOD - [2010/12/30 12:32:29 | 000,027,472 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x515\1.0.51.0__bebb3c8816410241\AlienFX.Communication.PID0x515.dll
MOD - [2010/12/30 12:32:29 | 000,024,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.XPS\1.0.51.0__bebb3c8816410241\AlienFX.Communication.XPS.dll
MOD - [2010/12/30 12:32:29 | 000,019,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.Core\1.0.51.0__bebb3c8816410241\AlienFX.Communication.Core.dll
MOD - [2010/12/30 12:32:29 | 000,014,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication\1.0.51.0__bebb3c8816410241\AlienFX.Communication.dll
MOD - [2010/11/13 03:03:52 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_da_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/05 02:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/07/03 00:10:28 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_da_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010/05/03 23:15:46 | 000,038,136 | ---- | M] () -- C:\Program Files (x86)\VideoWebCamera\VWC_ENG.dll
MOD - [2010/05/03 23:15:34 | 000,046,328 | ---- | M] () -- C:\Program Files (x86)\VideoWebCamera\sy_Utility.dll
MOD - [2010/04/09 17:49:02 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2010/03/09 01:18:10 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\sqlite3.dll
MOD - [2010/01/09 19:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/05/20 07:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
MOD - [2008/06/10 03:07:18 | 000,714,000 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\PROOF\1030\MSGR2DA.DLL
========== Services (SafeList) ==========
SRV:64bit: - [2010/08/19 16:43:24 | 000,386,344 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:64bit: - [2010/03/17 18:56:12 | 000,866,336 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/01/29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)
SRV - [2012/11/25 20:09:15 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/17 16:10:47 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/06 18:30:45 | 000,561,952 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012/10/16 17:06:12 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/10/16 16:57:04 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/09/29 18:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 18:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/01 15:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/12/14 16:10:29 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2010/10/30 17:07:24 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/04/08 05:18:40 | 000,312,400 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 05:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/18 05:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/11/07 16:03:24 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/11/07 16:03:24 | 000,098,888 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/10/16 15:16:15 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012/09/29 18:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/09/24 08:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/01 15:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012/01/17 13:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/07/12 19:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/04/19 09:56:42 | 000,245,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/03/21 10:59:08 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2009/12/10 12:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/09/17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/06 00:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/06 00:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009/04/22 17:10:56 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2009/04/22 17:10:40 | 000,058,384 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/04/22 17:10:32 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2000/01/01 01:00:00 | 001,108,000 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.pack...34z175f4692c581
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.pack...34z175f4692c581
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.pack...34z175f4692c581
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.pack...34z175f4692c581
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACPW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.pack...34z175f4692c581
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKCU\..\URLSearchHook: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...PW_daDK403DK403
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{6C98150D-5964-4101-8170-5F0483CB3AF4}: "URL" = http://search.condui...&ctid=CT3196716
IE - HKCU\..\SearchScopes\{C7F937AD-D70B-47E1-9D43-D23D26B12315}: "URL" = http://websearch.ask...51-E318A1229D68
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..extensions.enabledAddons: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.15.1.0
FF - prefs.js..extensions.enabledAddons: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:3.3.3.2
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..keyword.URL: "http://websearch.ask...YYYY^YY^DK&&q="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Mathias\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/20 22:21:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/17 16:10:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/11/20 16:57:05 | 000,000,000 | ---D | M]
[2010/11/01 15:45:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mathias\AppData\Roaming\mozilla\Extensions
[2012/11/20 16:37:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mathias\AppData\Roaming\mozilla\Firefox\Profiles\aes4uofn.default\extensions
[2012/09/07 08:18:44 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Mathias\AppData\Roaming\mozilla\Firefox\Profiles\aes4uofn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012/10/31 20:49:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mathias\AppData\Roaming\mozilla\Firefox\Profiles\aes4uofn.default\extensions\staged
[2012/11/20 16:37:35 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Mathias\AppData\Roaming\mozilla\Firefox\Profiles\aes4uofn.default\extensions\[email protected]
[2012/10/31 20:49:59 | 002,042,908 | ---- | M] () (No name found) -- C:\Users\Mathias\AppData\Roaming\mozilla\firefox\profiles\aes4uofn.default\extensions\[email protected]
[2012/11/20 16:37:34 | 000,002,344 | ---- | M] () -- C:\Users\Mathias\AppData\Roaming\mozilla\firefox\profiles\aes4uofn.default\searchplugins\askcom.xml
[2012/11/17 16:10:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/11/17 16:10:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/02/20 22:21:32 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/11/17 16:10:48 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/17 16:10:44 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-co-uk.xml
[2012/11/17 16:10:44 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/17 16:10:44 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-da.xml
O1 HOSTS File: ([2011/01/27 14:00:57 | 000,001,211 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AlienFX Controller] C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VideoWebCamera] C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe (Suyin)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Mathias\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - HKCU..\Run: [Spotify] "C:\Users\Mathias\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W45AU5O8\Spotify Installer.exe" /uri spotify:autostart File not found
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Mathias\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Mathias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Google Sidewiki ... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: danskebank.dk ([]* in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} https://netbank.dans...B/e-Safekey.cab (e-Safekey)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DBED4A35-6E24-42C8-A044-DCA2CFF7401C}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{43c22cee-e5cc-11df-9c41-88ae1d0a9f8e}\Shell - "" = AutoRun
O33 - MountPoints2\{43c22cee-e5cc-11df-9c41-88ae1d0a9f8e}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/11/26 15:20:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mathias\Desktop\OTL.exe
[2012/11/22 16:33:56 | 000,000,000 | ---D | C] -- C:\Users\Mathias\Desktop\Film Festudvalg
[2012/11/20 16:56:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/11/20 16:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012/11/20 16:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/11/20 16:43:06 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Roaming\Avira
[2012/11/20 16:37:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/11/20 16:37:38 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\DoNotTrackPlus
[2012/11/20 16:37:19 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\AskToolbar
[2012/11/20 16:37:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012/11/20 16:36:43 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012/11/20 16:36:43 | 000,098,888 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012/11/20 16:36:43 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012/11/20 16:36:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012/11/20 16:36:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012/11/20 16:19:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileHippo.com
[2012/11/17 16:10:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/11/11 16:48:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/11/11 16:48:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2 C:\Users\Mathias\Documents\*.tmp files -> C:\Users\Mathias\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/11/26 15:29:03 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/26 15:20:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mathias\Desktop\OTL.exe
[2012/11/26 14:57:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/11/26 14:08:19 | 001,559,974 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/11/26 14:08:19 | 000,718,498 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/11/26 14:08:19 | 000,573,600 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2012/11/26 14:08:19 | 000,146,520 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/11/26 14:08:19 | 000,122,920 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2012/11/26 13:34:19 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/26 13:34:19 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/26 13:26:33 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/26 13:26:26 | 000,000,414 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012/11/26 13:26:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/26 13:25:20 | 436,634,631 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/11/26 13:25:18 | 428,904,447 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/26 12:10:14 | 097,259,276 | ---- | M] () -- C:\Users\Mathias\Desktop\Fest og ballade .m4v
[2012/11/25 21:37:01 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1709520675-535397089-2455195078-1001UA.job
[2012/11/25 21:37:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1709520675-535397089-2455195078-1001Core.job
[2012/11/24 18:02:47 | 000,262,144 | ---- | M] () -- C:\Users\Mathias\Desktop\PrintProcess.pdf
[2012/11/24 16:34:30 | 000,285,807 | ---- | M] () -- C:\Users\Mathias\Documents\PDR.dmp
[2012/11/20 16:57:05 | 000,001,991 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012/11/20 16:56:06 | 000,001,266 | ---- | M] () -- C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skærmklipper og startprogram til OneNote 2010.lnk
[2012/11/20 16:49:39 | 000,000,883 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/11/20 16:37:40 | 000,002,038 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012/11/20 16:19:05 | 000,001,941 | ---- | M] () -- C:\Users\Mathias\Desktop\Update Checker.lnk
[2012/11/17 17:59:32 | 000,002,223 | ---- | M] () -- C:\Users\Mathias\Desktop\GeoGebraPrim.lnk
[2012/11/15 08:56:19 | 005,040,904 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/11/14 20:05:54 | 000,863,421 | ---- | M] () -- C:\Users\Mathias\Desktop\Respiration (Beat).mp3
[2012/11/13 20:25:25 | 000,000,001 | ---- | M] () -- C:\Users\Mathias\temp.dat
[2012/11/11 16:48:32 | 000,001,817 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/11/07 16:03:24 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012/11/07 16:03:24 | 000,098,888 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2 C:\Users\Mathias\Documents\*.tmp files -> C:\Users\Mathias\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/11/26 13:05:08 | 097,259,276 | ---- | C] () -- C:\Users\Mathias\Desktop\Fest og ballade .m4v
[2012/11/24 18:02:47 | 000,262,144 | ---- | C] () -- C:\Users\Mathias\Desktop\PrintProcess.pdf
[2012/11/20 16:57:05 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012/11/20 16:57:05 | 000,001,991 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012/11/20 16:37:40 | 000,002,038 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012/11/20 16:19:05 | 000,001,971 | ---- | C] () -- C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
[2012/11/20 16:19:05 | 000,001,941 | ---- | C] () -- C:\Users\Mathias\Desktop\Update Checker.lnk
[2012/11/14 21:22:20 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/14 21:12:54 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/14 20:05:45 | 000,863,421 | ---- | C] () -- C:\Users\Mathias\Desktop\Respiration (Beat).mp3
[2012/11/13 20:24:24 | 000,000,001 | ---- | C] () -- C:\Users\Mathias\temp.dat
[2012/11/11 16:48:32 | 000,001,817 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/10/16 12:55:37 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012/05/18 11:27:17 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/05/18 09:31:07 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012/04/08 18:43:46 | 000,000,132 | ---- | C] () -- C:\Users\Mathias\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012/03/05 18:44:31 | 000,004,608 | ---- | C] () -- C:\Users\Mathias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/15 15:50:53 | 000,002,528 | ---- | C] () -- C:\Windows\FCIC.INI
[2011/09/12 17:54:46 | 000,000,132 | ---- | C] () -- C:\Users\Mathias\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/09/11 15:57:57 | 000,001,456 | ---- | C] () -- C:\Users\Mathias\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/05/30 13:22:53 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/12/14 16:11:22 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2010/12/14 11:01:18 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
========== ZeroAccess Check ==========
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Users\Mathias\AppData\Local\{237f4d47-54a7-a343-2afd-b1c745049339}\n.
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/11/26 13:33:24 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\BitTorrent
[2011/01/09 17:38:42 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/11/03 17:05:18 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/03/14 21:04:02 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\com.guppyworks.TrafficTestAIR-Class.F1F6615D691280F0EDF23ED8129A4EBEED86EA96.1
[2012/11/26 15:31:20 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\Dropbox
[2012/11/25 21:00:51 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\FileZilla
[2012/10/16 15:45:33 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\ImgBurn
[2011/12/04 20:56:39 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\Maple
[2011/07/05 18:28:14 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\Mumble
[2012/05/04 14:47:27 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\No Company Name
[2012/11/20 16:20:42 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\Notepad++
[2011/02/13 12:44:15 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\Packard Bell
[2011/05/19 11:28:27 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\SNS
[2012/11/25 15:32:08 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\Spotify
[2011/09/11 17:09:02 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/03/04 19:19:28 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\TS3Client
[2010/12/04 14:44:44 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\Windows Live Writer
[2011/12/28 01:11:19 | 000,000,000 | -HSD | M] -- C:\Users\Mathias\AppData\Roaming\wyUpdate AU
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> C:\Windows:DAE68457715B921D
< End of report >
Avira Antivrus:
Avira Free Antivirus
Report file date: 25. november 2012 11:14
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : SYSTEM
Computer name : PC-MATHIAS
Version information:
BUILD.DAT : 13.0.0.2761 48279 Bytes 09-11-2012 16:45:00
AVSCAN.EXE : 13.4.0.262 638752 Bytes 09-11-2012 15:36:51
AVSCANRC.DLL : 13.4.0.219 54560 Bytes 09-10-2012 15:19:07
LUKE.DLL : 13.4.0.251 67360 Bytes 05-11-2012 09:12:42
AVSCPLR.DLL : 13.4.0.262 93984 Bytes 09-11-2012 15:37:00
AVREG.DLL : 13.4.0.244 245536 Bytes 30-10-2012 13:06:23
avlode.dll : 13.4.0.255 426272 Bytes 06-11-2012 17:30:03
avlode.rdf : 13.0.0.24 7196 Bytes 27-09-2012 09:30:38
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06-11-2009 13:50:29
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14-12-2010 13:50:31
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20-12-2011 13:50:34
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01-02-2012 13:50:36
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28-03-2012 13:50:37
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29-06-2012 13:42:40
VBASE006.VDF : 7.11.41.250 4902400 Bytes 06-09-2012 13:42:40
VBASE007.VDF : 7.11.50.230 3904512 Bytes 22-11-2012 15:37:23
VBASE008.VDF : 7.11.50.231 2048 Bytes 22-11-2012 15:37:23
VBASE009.VDF : 7.11.50.232 2048 Bytes 22-11-2012 15:37:23
VBASE010.VDF : 7.11.50.233 2048 Bytes 22-11-2012 15:37:23
VBASE011.VDF : 7.11.50.234 2048 Bytes 22-11-2012 15:37:23
VBASE012.VDF : 7.11.50.235 2048 Bytes 22-11-2012 15:37:23
VBASE013.VDF : 7.11.50.236 2048 Bytes 22-11-2012 15:37:23
VBASE014.VDF : 7.11.51.27 133632 Bytes 23-11-2012 02:18:36
VBASE015.VDF : 7.11.51.28 2048 Bytes 23-11-2012 02:18:36
VBASE016.VDF : 7.11.51.29 2048 Bytes 23-11-2012 02:18:36
VBASE017.VDF : 7.11.51.30 2048 Bytes 23-11-2012 02:18:36
VBASE018.VDF : 7.11.51.31 2048 Bytes 23-11-2012 02:18:36
VBASE019.VDF : 7.11.51.32 2048 Bytes 23-11-2012 02:18:36
VBASE020.VDF : 7.11.51.33 2048 Bytes 23-11-2012 02:18:36
VBASE021.VDF : 7.11.51.34 2048 Bytes 23-11-2012 02:18:36
VBASE022.VDF : 7.11.51.35 2048 Bytes 23-11-2012 02:18:36
VBASE023.VDF : 7.11.51.36 2048 Bytes 23-11-2012 02:18:36
VBASE024.VDF : 7.11.51.37 2048 Bytes 23-11-2012 02:18:36
VBASE025.VDF : 7.11.51.38 2048 Bytes 23-11-2012 02:18:36
VBASE026.VDF : 7.11.51.39 2048 Bytes 23-11-2012 02:18:36
VBASE027.VDF : 7.11.51.40 2048 Bytes 23-11-2012 02:18:36
VBASE028.VDF : 7.11.51.41 2048 Bytes 23-11-2012 02:18:36
VBASE029.VDF : 7.11.51.42 2048 Bytes 23-11-2012 02:18:36
VBASE030.VDF : 7.11.51.43 2048 Bytes 23-11-2012 02:18:36
VBASE031.VDF : 7.11.51.70 62976 Bytes 25-11-2012 10:06:08
Engine version : 8.2.10.204
AEVDF.DLL : 8.1.2.10 102772 Bytes 19-09-2012 13:42:55
AESCRIPT.DLL : 8.1.4.68 467324 Bytes 22-11-2012 15:37:28
AESCN.DLL : 8.1.9.4 131445 Bytes 20-11-2012 15:38:17
AESBX.DLL : 8.2.5.12 606578 Bytes 28-08-2012 15:58:06
AERDL.DLL : 8.2.0.74 643445 Bytes 07-11-2012 10:09:14
AEPACK.DLL : 8.3.0.40 815479 Bytes 20-11-2012 15:38:17
AEOFFICE.DLL : 8.1.2.50 201084 Bytes 05-11-2012 14:00:38
AEHEUR.DLL : 8.1.4.142 5566841 Bytes 22-11-2012 15:37:28
AEHELP.DLL : 8.1.25.2 258423 Bytes 12-10-2012 14:52:32
AEGEN.DLL : 8.1.6.10 438646 Bytes 20-11-2012 15:38:15
AEEXP.DLL : 8.2.0.12 119158 Bytes 22-11-2012 15:37:28
AEEMU.DLL : 8.1.3.2 393587 Bytes 19-09-2012 13:42:55
AECORE.DLL : 8.1.29.2 201079 Bytes 07-11-2012 10:09:14
AEBB.DLL : 8.1.1.4 53619 Bytes 05-11-2012 14:00:38
AVWINLL.DLL : 13.4.0.163 25888 Bytes 19-09-2012 17:09:30
AVPREF.DLL : 13.4.0.163 50464 Bytes 19-09-2012 17:07:51
AVREP.DLL : 13.4.0.244 177952 Bytes 30-10-2012 13:06:41
AVARKT.DLL : 13.4.0.232 260384 Bytes 16-10-2012 15:55:29
AVEVTLOG.DLL : 13.4.0.232 167200 Bytes 16-10-2012 15:56:35
SQLITE3.DLL : 3.7.0.1 397088 Bytes 19-09-2012 17:17:40
AVSMTP.DLL : 13.4.0.163 62240 Bytes 19-09-2012 17:08:55
NETNT.DLL : 13.4.0.163 15648 Bytes 19-09-2012 17:16:26
RCIMAGE.DLL : 13.4.0.163 4782880 Bytes 19-09-2012 18:40:13
RCTEXT.DLL : 13.4.0.163 66336 Bytes 19-10-2012 10:56:26
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\program files (x86)\avira\antivir desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Start of the scan: 25. november 2012 11:14
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting search for hidden objects.
Hidden driver
[NOTE] A memory modification has been detected, which could potentially be used to hide file access attempts.
The scan of running processes will be started:
Scan process 'svchost.exe' - '56' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '35' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'svchost.exe' - '66' Module(s) have been scanned
Scan process 'svchost.exe' - '100' Module(s) have been scanned
Scan process 'svchost.exe' - '145' Module(s) have been scanned
Scan process 'svchost.exe' - '76' Module(s) have been scanned
Scan process 'svchost.exe' - '76' Module(s) have been scanned
Scan process 'nvxdsync.exe' - '49' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '49' Module(s) have been scanned
Scan process 'spoolsv.exe' - '84' Module(s) have been scanned
Scan process 'sched.exe' - '47' Module(s) have been scanned
Scan process 'armsvc.exe' - '29' Module(s) have been scanned
Scan process 'avguard.exe' - '78' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '70' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'dsiwmis.exe' - '45' Module(s) have been scanned
Scan process 'ePowerSvc.exe' - '45' Module(s) have been scanned
Scan process 'GREGsvc.exe' - '16' Module(s) have been scanned
Scan process 'LMS.exe' - '34' Module(s) have been scanned
Scan process 'mbamscheduler.exe' - '38' Module(s) have been scanned
Scan process 'mbamservice.exe' - '47' Module(s) have been scanned
Scan process 'sqlservr.exe' - '61' Module(s) have been scanned
Scan process 'IScheduleSvc.exe' - '66' Module(s) have been scanned
Scan process 'RichVideo64.exe' - '25' Module(s) have been scanned
Scan process 'avshadow.exe' - '29' Module(s) have been scanned
Scan process 'c2c_service.exe' - '41' Module(s) have been scanned
Scan process 'sqlwriter.exe' - '33' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'UpdaterService.exe' - '28' Module(s) have been scanned
Scan process 'AVWEBGRD.EXE' - '67' Module(s) have been scanned
Scan process 'svchost.exe' - '48' Module(s) have been scanned
Scan process 'taskhost.exe' - '54' Module(s) have been scanned
Scan process 'mbamgui.exe' - '40' Module(s) have been scanned
Scan process 'Dwm.exe' - '35' Module(s) have been scanned
Scan process 'Explorer.EXE' - '182' Module(s) have been scanned
Scan process 'PLFSetI.exe' - '42' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '49' Module(s) have been scanned
Scan process 'ePowerTray.exe' - '52' Module(s) have been scanned
Scan process 'AlienwareAlienFXController.exe' - '115' Module(s) have been scanned
Scan process 'taskeng.exe' - '30' Module(s) have been scanned
Scan process 'itype.exe' - '61' Module(s) have been scanned
Scan process 'RAVCpl64.exe' - '47' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '60' Module(s) have been scanned
Scan process 'BitTorrent.exe' - '97' Module(s) have been scanned
Scan process 'Skype.exe' - '131' Module(s) have been scanned
Scan process 'SpotifyWebHelper.exe' - '42' Module(s) have been scanned
Scan process 'UpdateChecker.exe' - '74' Module(s) have been scanned
Scan process 'AWMouseCI.exe' - '46' Module(s) have been scanned
Scan process 'BackupManagerTray.exe' - '39' Module(s) have been scanned
Scan process 'SynTPHelper.exe' - '17' Module(s) have been scanned
Scan process 'VideoWebCamera.exe' - '45' Module(s) have been scanned
Scan process 'KHALMNPR.EXE' - '38' Module(s) have been scanned
Scan process 'Dropbox.exe' - '76' Module(s) have been scanned
Scan process 'LManager.exe' - '71' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '49' Module(s) have been scanned
Scan process 'DivXUpdate.exe' - '76' Module(s) have been scanned
Scan process 'MMDx64Fx.exe' - '29' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '60' Module(s) have been scanned
Scan process 'ONENOTEM.EXE' - '27' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '75' Module(s) have been scanned
Scan process 'LMworker.exe' - '27' Module(s) have been scanned
Scan process 'Updater.exe' - '42' Module(s) have been scanned
Scan process 'unsecapp.exe' - '31' Module(s) have been scanned
Scan process 'avgnt.exe' - '91' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '33' Module(s) have been scanned
Scan process 'iPodService.exe' - '33' Module(s) have been scanned
Scan process 'IAStorIcon.exe' - '61' Module(s) have been scanned
Scan process 'ePowerEvent.exe' - '21' Module(s) have been scanned
Scan process 'IAStorDataMgrSvc.exe' - '58' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '64' Module(s) have been scanned
Scan process 'UNS.exe' - '60' Module(s) have been scanned
Scan process 'AlienFXHook32Mngr.exe' - '51' Module(s) have been scanned
Scan process 'conhost.exe' - '22' Module(s) have been scanned
Scan process 'AlienFXHook64Mngr.exe' - '45' Module(s) have been scanned
Scan process 'conhost.exe' - '22' Module(s) have been scanned
Scan process 'iexplore.exe' - '115' Module(s) have been scanned
Scan process 'DNTPService.exe' - '96' Module(s) have been scanned
Scan process 'CIDGlobalLight.exe' - '57' Module(s) have been scanned
Scan process 'iexplore.exe' - '146' Module(s) have been scanned
Scan process 'avcenter.exe' - '93' Module(s) have been scanned
Scan process 'avscan.exe' - '120' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'iexplore.exe' - '158' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '29' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '27' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'services.exe' - '34' Module(s) have been scanned
Module is infected -> <C:\Windows\system32\services.exe>
[DETECTION] Contains code of the W32/Patched.UA Windows virus
[NOTE] Process 'services.exe' was terminated
[WARNING] This process is a system process. The associated file will not be deleted.
Scan process 'lsass.exe' - '63' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'winlogon.exe' - '31' Module(s) have been scanned
Scan process 'wmplayer.exe' - '118' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '29' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '27' Module(s) have been scanned
Starting the file scan:
Begin scan in 'C:\' <Packard Bell>
C:\Windows\System32\services.exe
[DETECTION] Contains code of the W32/Patched.UA Windows virus
Beginning disinfection:
C:\Windows\System32\services.exe
[DETECTION] Contains code of the W32/Patched.UA Windows virus
[NOTE] A backup was created as '589d83fb.qua' ( QUARANTINE )
End of the scan: 25. november 2012 14:50
Used time: 3:33:26 Hour(s)
The scan has been done completely.
45368 Scanned directories
1296201 Files were scanned
2 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
1296199 Files not concerned
10662 Archives were scanned
1 Warnings
3 Notes
951491 Objects were scanned with rootkit scan
1 Hidden objects were found
Extras:
OTL Extras logfile created on: 11/26/2012 3:23:34 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mathias\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy
5.87 Gb Total Physical Memory | 3.42 Gb Available Physical Memory | 58.23% Memory free
11.73 Gb Paging File | 8.73 Gb Available in Paging File | 74.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.66 Gb Total Space | 285.92 Gb Free Space | 63.30% Space Free | Partition Type: NTFS
Computer Name: PC-MATHIAS | User Name: Mathias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}" = SmartSound Premiere Elements 10 x64 Plugin
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8125F749-B244-4F7B-811E-532165C5F2D5}" = Microsoft SQL Server 2008 RsFx Driver
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0406-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Danish) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0406-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Danish) 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE1E0DFB-A3D9-451C-AA7F-46FD390400D4}" = Command Center
"{B0D59FDC-FEAB-49A2-9B5A-E5E0A8F9D7E0}" = Alienware TactX Mouse CI 1.00
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Kontrolpanel 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafikdriver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-lyddriver 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{C0C690C8-F335-4BA4-A2AD-675EAD1DFA90}" = Microsoft SQL Server 2008 Setup Support Files
"{C3AF5BD8-30D5-41F5-AF61-705D98146B0F}" = Microsoft SQL Server 2008 Native Client
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DA-DK Language Pack
"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F27D5AAD-758E-460F-964D-6F2E65964C08}" = Microsoft Antimalware Service DA-DK Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"Maple 15" = Maple 15
"Maple 16" = Maple 16
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.4
"WinRAR archiver" = WinRAR archiver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03B3C771-9456-4334-9F7A-C3A258F8FC0B}_is1" = Gyldendals Røde Ordbøger - Dansk
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D273D91-D7D5-4036-8B84-EB4615FF5F81}" = SmartSound Sonicfire Pro 5
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23E445D5-FD83-4C50-A211-EB26A2975317}" = Adobe Flash Professional CS5.5
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{45A2D49C-8124-4015-A8B3-073A827EC5C1}" = Windows Live Sync
"{46F8CF66-AB83-38A7-99B2-A5BE507EE472}" = Microsoft Visual C++ 2010 Express - ENU
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5B35C417-2649-11D6-83D1-0050FC01225C}" = FirstClass® Client
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6D9021DC-CF1B-4148-8C80-6D8E8A8A33EB}" = Video Web Camera
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{76E89E45-9B28-4117-A60C-F64A4CBE5CE3}_is1" = Gyldendals Røde Ordbøger - Dansk Fremmedordbog
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90120000-0015-0406-0000-0000000FF1CE}" = Microsoft Office Access MUI (Danish) 2007
"{90120000-0015-0406-0000-0000000FF1CE}_OMUI.da-dk_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0406-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Danish) 2007
"{90120000-0016-0406-0000-0000000FF1CE}_OMUI.da-dk_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0406-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Danish) 2007
"{90120000-0017-0406-0000-0000000FF1CE}_OMUI.da-dk_{6127DAC2-962C-44CA-9ABD-0D5A65473A1C}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0406-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Danish) 2007
"{90120000-0018-0406-0000-0000000FF1CE}_OMUI.da-dk_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0406-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Danish) 2007
"{90120000-0019-0406-0000-0000000FF1CE}_OMUI.da-dk_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0406-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Danish) 2007
"{90120000-001A-0406-0000-0000000FF1CE}_OMUI.da-dk_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0406-0000-0000000FF1CE}" = Microsoft Office Word MUI (Danish) 2007
"{90120000-001B-0406-0000-0000000FF1CE}_OMUI.da-dk_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0406-0000-0000000FF1CE}" = Microsoft Office Proof (Danish) 2007
"{90120000-001F-0406-0000-0000000FF1CE}_OMUI.da-dk_{8F771259-9037-4097-AA88-8613F3BE5627}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.da-dk_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.da-dk_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0406-0000-0000000FF1CE}" = Kompatibilitetspakke til Office 2007-systemet
"{90120000-002A-0406-1000-0000000FF1CE}_OMUI.da-dk_{11584158-91C7-4B1B-BFD1-F47D680F13CF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0406-0000-0000000FF1CE}" = Microsoft Office Proofing (Danish) 2007
"{90120000-0044-0406-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Danish) 2007
"{90120000-0044-0406-0000-0000000FF1CE}_OMUI.da-dk_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0406-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Danish) 2007
"{90120000-006E-0406-0000-0000000FF1CE}_OMUI.da-dk_{11584158-91C7-4B1B-BFD1-F47D680F13CF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0406-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Danish) 2007
"{90120000-00A1-0406-0000-0000000FF1CE}_OMUI.da-dk_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0406-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Danish) 2007
"{90120000-00BA-0406-0000-0000000FF1CE}_OMUI.da-dk_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0406-0000-0000000FF1CE}" = Microsoft Office O MUI (Danish) 2007
"{90120000-0100-0406-0000-0000000FF1CE}_OMUI.da-dk_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0406-0000-0000000FF1CE}" = Microsoft Office X MUI (Danish) 2007
"{90120000-0101-0406-0000-0000000FF1CE}_OMUI.da-dk_{8D25149C-FFF5-42E1-BF6D-1CED49BDB182}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0406-0000-0000000FF1CE}" = Microsoft Office Access MUI (Danish) 2010
"{90140000-0015-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0406-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Danish) 2010
"{90140000-0016-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0017-0406-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Danish) 2010
"{90140000-0017-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{7ED77DEC-F3CD-44D5-8B8A-508741757B1E}" = Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)
"{90140000-0018-0406-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Danish) 2010
"{90140000-0018-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0406-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Danish) 2010
"{90140000-0019-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0406-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Danish) 2010
"{90140000-001A-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0406-0000-0000000FF1CE}" = Microsoft Office Word MUI (Danish) 2010
"{90140000-001B-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0406-0000-0000000FF1CE}" = Microsoft Office Proof (Danish) 2010
"{90140000-001F-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{59BCA417-5095-450B-931A-AE6194728386}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.da-dk_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-041D-0000-0000000FF1CE}" = Microsoft Office Proof (Swedish) 2010
"{90140000-001F-041D-0000-0000000FF1CE}_Office14.OMUI.da-dk_{D00E944F-5ECB-42FF-B58E-8FDCF2219DE8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002A-0406-1000-0000000FF1CE}_Office14.OMUI.da-dk_{2AE96E9C-E4F4-4D18-8A54-C4FABBEA0CDD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0406-0000-0000000FF1CE}" = Microsoft Office Proofing (Danish) 2010
"{90140000-002C-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{EC231F64-29AF-4FBD-85B8-EAFFFAE8B7A5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0406-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Danish) 2010
"{90140000-0044-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0406-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Danish) 2010
"{90140000-006E-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{63CDEDB9-50F5-4C35-9219-72C4F31A61FE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0406-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Danish) 2010
"{90140000-00A1-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0406-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Danish) 2010
"{90140000-00BA-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CCB7569F-D761-4341-BCF2-0219BA60EA4D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0100-0406-0000-0000000FF1CE}" = Microsoft Office O MUI (Danish) 2010
"{90140000-0100-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{3C9024A8-26A9-4769-B3EE-C1489421B8E5}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0101-0406-0000-0000000FF1CE}" = Microsoft Office X MUI (Danish) 2010
"{90140000-0101-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{1ED268C2-9EA5-462D-A303-1EB550953ACB}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0406-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Danish)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9E8821E3-D5FC-48CE-B45A-A8387B42A03E}" = Logger Pro 3.5.0
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B238D61F-3EEF-4716-BFEA-9903DEF045D9}" = Microsoft Works
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D8F46E66-E2EF-4A50-95F2-737A2FE1B06C}_is1" = Gyldendals Røde Ordbøger - Retskrivningsordbog
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E1845F1C-068C-F8F4-D31D-D3540D47C453}" = Adobe Download Assistant
"{E2898DC0-E1C7-4ED4-862B-FFF256AAE26D}" = Politikens Franskordbog
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6341627-E67F-4959-890A-8349F3A69B77}_is1" = Gyldendals Røde Ordbøger - Synonymordbog
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple-programunderstøttelse
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"AC3Filter" = AC3Filter (remove only)
"ACD/Labs Software(1)" = ACD/Labs Software 5 (C:\ACDFREE5)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"BitTorrent" = BitTorrent
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Diablo III Beta" = Diablo III Beta
"DivX Setup" = DivX Setup
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"FileHippo.com" = FileHippo.com Update Checker
"FileZilla Client" = FileZilla Client 3.6.0.1
"Gyldendals Røde Ordbøger - Engelsk_is1" = Gyldendals Røde Ordbøger - Engelsk
"Gyldendals Røde Ordbøger - Fransk_is1" = Gyldendals Røde Ordbøger - Fransk
"Identity Card" = Identity Card
"ImgBurn" = ImgBurn
"InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}" = SmartSound Sonicfire Pro 5
"InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Packard Bell MyBackup
"InstallShield_{AE1E0DFB-A3D9-451C-AA7F-46FD390400D4}" = Command Center
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Maple 15" = Maple 15
"Maple 16" = Maple 16
"Microsoft Visual C++ 2010 Express - ENU" = Microsoft Visual C++ 2010 Express - ENU
"Mozilla Firefox 16.0.2 (x86 da)" = Mozilla Firefox 16.0.2 (x86 da)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"Office14.OMUI.da-dk" = Microsoft Office Language Pack 2010 - Danish/dansk
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OMUI.da-dk" = Microsoft Office Language Pack 2007 - Danish/dansk
"Packard Bell InfoCentre" = Packard Bell InfoCentre
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"Packard Bell Welcome Center" = Welcome Center
"VLC media player" = VLC media player 2.0.3
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"Dropbox" = Dropbox
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11/24/2012 8:07:31 AM | Computer Name = PC-Mathias | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3448
Error - 11/24/2012 8:07:32 AM | Computer Name = PC-Mathias | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 11/24/2012 8:07:32 AM | Computer Name = PC-Mathias | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4540
Error - 11/24/2012 8:07:32 AM | Computer Name = PC-Mathias | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4540
Error - 11/24/2012 8:18:40 AM | Computer Name = PC-Mathias | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 11/24/2012 8:18:40 AM | Computer Name = PC-Mathias | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 672458
Error - 11/24/2012 8:18:40 AM | Computer Name = PC-Mathias | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 672458
Error - 11/24/2012 11:34:25 AM | Computer Name = PC-Mathias | Source = Application Error | ID = 1000
Description = Navn på program med fejl: PDR9.exe, version: 9.0.0.2330, tidsstempel:
0x4cf4e322 Navn på modul med fejl: WorkSpace.dll, version: 9.0.0.2330, tidsstempel:
0x4cf4e2d7 Undtagelseskode: 0xc0000094 Forskydning med fejl 0x0000000000006e7b Proces-id
0x8b4 Programmets starttidspunkt 0x01cdca4ffeeced3e Programsti: C:\Program Files\CyberLink\PowerDirector\PDR9.exe
Modulsti:
C:\Program Files\CyberLink\PowerDirector\WorkSpace.dll Rapport-id: 6c8a0ee3-364c-11e2-bb94-88ae1d0a9f8e
Error - 11/24/2012 11:34:30 AM | Computer Name = PC-Mathias | Source = Application Error | ID = 1000
Description = Navn på program med fejl: PDR9.exe, version: 9.0.0.2330, tidsstempel:
0x4cf4e322 Navn på modul med fejl: ntdll.dll, version: 6.1.7601.17725, tidsstempel:
0x4ec4aa8e Undtagelseskode: 0xc0150010 Forskydning med fejl 0x000000000006f892 Proces-id
0x8b4 Programmets starttidspunkt 0x01cdca4ffeeced3e Programsti: C:\Program Files\CyberLink\PowerDirector\PDR9.exe
Modulsti:
C:\Windows\SYSTEM32\ntdll.dll Rapport-id: 6fcdfb80-364c-11e2-bb94-88ae1d0a9f8e
Error - 11/24/2012 1:54:36 PM | Computer Name = PC-Mathias | Source = Application Error | ID = 1000
Description = Navn på program med fejl: PDHanumanSvr.exe, version: 3.0.0.3428, tidsstempel:
0x4cc92a2f Navn på modul med fejl: CLVidEnc.ax, version: 7.0.1.1118, tidsstempel:
0x4ce4eb01 Undtagelseskode: 0xc0000005 Forskydning med fejl 0x000000000001f791 Proces-id
0x5c8 Programmets starttidspunkt 0x01cdca5935750540 Programsti: C:\Program Files\CyberLink\PowerDirector\PDHanumanSvr.exe
Modulsti:
C:\Program Files\CyberLink\PowerDirector\runtime\encoderPack\CLVidEnc.ax Rapport-id:
021505e0-3660-11e2-bb94-88ae1d0a9f8e
[ System Events ]
Error - 11/26/2012 8:26:12 AM | Computer Name = PC-MATHIAS | Source = BugCheck | ID = 1005
Description =
Error - 11/26/2012 8:26:12 AM | Computer Name = PC-MATHIAS | Source = BugCheck | ID = 1001
Description =
Error - 11/26/2012 8:26:20 AM | Computer Name = PC-Mathias | Source = Service Control Manager | ID = 7023
Description =
Error - 11/26/2012 8:26:27 AM | Computer Name = PC-Mathias | Source = Service Control Manager | ID = 7003
Description =
Error - 11/26/2012 8:26:27 AM | Computer Name = PC-Mathias | Source = Service Control Manager | ID = 7023
Description =
Error - 11/26/2012 8:26:36 AM | Computer Name = PC-Mathias | Source = Service Control Manager | ID = 7003
Description =
Error - 11/26/2012 8:26:50 AM | Computer Name = PC-Mathias | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Der er opstået en alvorlig hardwarefejl. Rapporteret af komponent:
Processorkerne Fejlkilde: 3 Fejltype: 9 Processor-id: 0 Du kan finde flere oplysninger
i detaljevisningen for denne post.
Error - 11/26/2012 8:28:19 AM | Computer Name = PC-Mathias | Source = Service Control Manager | ID = 7023
Description =
Error - 11/26/2012 8:28:19 AM | Computer Name = PC-Mathias | Source = Service Control Manager | ID = 7001
Description =
Error - 11/26/2012 9:05:05 AM | Computer Name = PC-Mathias | Source = Disk | ID = 262155
Description = Driveren detekterede en controllerfejl på \Device\Harddisk1\DR2.
< End of report >
Kind regards,
Mathias Weis Damkjær