Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Shutdown errors

Started by aalborgenser , Jul 01 2013 02:59 PM

  • Please log in to reply

#1
aalborgenser
Posted 01 July 2013 - 02:59 PM

aalborgenser

    Member

  • Member
  • PipPip
  • 20 posts
Hi,

I simply can't get my machine to shut down/restart properly. I have to shut it down hard, pressing the power button. Typically my machine just tries to shut down forever. One message can be "configurating ... pls wait", or there is no message during shutdown (besides "Shutting down").

Here's the log:

OTL logfile created on: 7/1/2013 10:27:25 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jens Chr. T. Olesen\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

2.87 Gb Total Physical Memory | 1.04 Gb Available Physical Memory | 36.22% Memory free
5.73 Gb Paging File | 2.92 Gb Available in Paging File | 50.90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.15 Gb Total Space | 105.27 Gb Free Space | 36.66% Space Free | Partition Type: NTFS
Drive Q: | 9.77 Gb Total Space | 2.87 Gb Free Space | 29.41% Space Free | Partition Type: NTFS

Computer Name: THINKPAD | User Name: Jens Chr. T. Olesen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/01 22:27:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jens Chr. T. Olesen\Downloads\OTL.exe
PRC - [2013/07/01 21:37:01 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Users\JENSCH~1.OLE\AppData\Local\Temp\Adobelm_Cleanup.0001
PRC - [2013/06/05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Jens Chr. T. Olesen\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/05/25 02:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jens Chr. T. Olesen\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2013/05/11 20:23:17 | 000,844,168 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/29 00:58:42 | 004,408,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2013/04/23 06:48:16 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013/04/23 06:48:12 | 001,561,968 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2013/04/18 12:09:20 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/04/04 03:15:08 | 001,117,232 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2013/03/28 02:48:36 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
PRC - [2013/03/18 02:38:48 | 000,799,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2013/03/05 20:53:14 | 000,058,152 | ---- | M] (Authentec Inc.) -- C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
PRC - [2013/02/19 04:00:58 | 000,448,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2012/11/30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/11/23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/08/23 17:01:32 | 002,778,416 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
PRC - [2012/08/23 17:00:38 | 000,500,528 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2012/08/23 16:59:58 | 000,108,336 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2012/08/23 14:41:18 | 000,104,240 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
PRC - [2012/07/18 01:52:14 | 000,509,456 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
PRC - [2011/11/04 15:37:16 | 000,330,304 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2011/10/20 17:36:06 | 000,138,304 | ---- | M] (Lenovo Group Limited) -- C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
PRC - [2011/10/20 10:58:46 | 000,101,440 | ---- | M] (Lenovo Group Limited) -- C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
PRC - [2011/07/12 18:03:32 | 000,069,568 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
PRC - [2011/07/12 16:54:02 | 000,127,336 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
PRC - [2011/07/12 16:53:50 | 000,143,720 | ---- | M] (Lenovo Group Limited) -- C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
PRC - [2011/07/12 16:53:48 | 000,131,432 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
PRC - [2011/07/12 16:53:24 | 000,101,736 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
PRC - [2011/07/12 16:53:18 | 000,142,696 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/20 13:04:14 | 000,370,688 | -H-- | M] (SanDisk Corporation) -- C:\Program Files\SanDisk\SanDisk Media Manager\SanDiskMediaManager-Launcher.EXE
PRC - [2010/05/21 00:01:34 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/05/21 00:00:32 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2010/04/23 00:16:46 | 000,128,296 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2009/12/11 13:22:06 | 000,255,336 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Access Connections\AcSvc.exe
PRC - [2009/12/11 13:22:04 | 000,124,264 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
PRC - [2009/12/11 12:58:56 | 000,344,064 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Access Connections\SvcGuiHlpr.exe
PRC - [2009/09/28 09:27:20 | 000,144,752 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Zoom\TpScrex.exe
PRC - [2009/09/24 20:54:36 | 000,430,080 | R--- | M] () -- C:\Program Files\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
PRC - [2009/08/29 00:31:14 | 000,593,920 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Scheduler\tvtsetsched.exe
PRC - [2009/08/27 01:02:26 | 001,021,240 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2009/08/20 02:38:30 | 000,062,752 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
PRC - [2009/08/07 15:29:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/08/07 15:29:36 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009/05/28 08:09:36 | 000,049,976 | ---- | M] () -- C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/04/23 02:08:13 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
PRC - [2008/01/12 03:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/02/22 18:32:12 | 000,118,784 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
PRC - [2007/01/05 05:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/07/25 11:33:54 | 019,546,112 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files\Adobe\Adobe Photoshop CS2\Photoshop.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/01 21:37:03 | 000,697,884 | ---- | M] () -- C:\Users\JENSCH~1.OLE\AppData\Local\Temp\Adobelm_Cleanup.0001.dir.0001\~df394b.tmp
MOD - [2013/07/01 21:37:02 | 000,575,488 | ---- | M] () -- C:\Users\JENSCH~1.OLE\AppData\Local\Temp\Adobelm_Cleanup.0001.dir.0000\~de2fd8.tmp
MOD - [2013/07/01 21:37:01 | 000,697,884 | ---- | M] () -- C:\Users\JENSCH~1.OLE\AppData\Local\Temp\Adobelm_Cleanup.0001.dir.0000\~df394b.tmp
MOD - [2013/06/19 07:03:56 | 000,396,240 | ---- | M] () -- C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\Application\28.0.1500.52\ppGoogleNaClPluginChrome.dll
MOD - [2013/06/19 07:03:54 | 004,052,944 | ---- | M] () -- C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\Application\28.0.1500.52\pdf.dll
MOD - [2013/06/19 07:03:04 | 000,601,552 | ---- | M] () -- C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\Application\28.0.1500.52\libglesv2.dll
MOD - [2013/06/19 07:03:03 | 000,123,344 | ---- | M] () -- C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\Application\28.0.1500.52\libegl.dll
MOD - [2013/06/19 07:03:01 | 001,597,392 | ---- | M] () -- C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\Application\28.0.1500.52\ffmpegsumo.dll
MOD - [2013/06/14 14:00:53 | 013,140,872 | ---- | M] () -- C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll
MOD - [2013/05/16 15:02:07 | 000,115,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceStoryAlbum\9ab54aea64046cd2b4ff895b1c027c05\DeviceStoryAlbum.ni.dll
MOD - [2013/05/16 15:02:05 | 000,614,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\29be5a9cc5b83e2b30e9d788ac201f83\DevicePodcast.ni.dll
MOD - [2013/05/16 15:02:03 | 000,300,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\b44e10add0a5276dc3fbbde338c4b5ea\DeviceVideo.ni.dll
MOD - [2013/05/16 15:02:02 | 000,355,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\9661c2265a6fb7782243c0633378a1e5\DevicePhoto.ni.dll
MOD - [2013/05/16 15:02:01 | 000,307,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\ec4ba3e13a88086bf95ea05919513917\DeviceMusic.ni.dll
MOD - [2013/05/16 15:02:00 | 000,474,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\df3496a7e1364e2b78bac5b4aef48ae6\VideoManager.ni.dll
MOD - [2013/05/16 15:01:59 | 000,782,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\88ec39193b34cf293d0887383c2ccde5\PhotoManager.ni.dll
MOD - [2013/05/16 15:01:56 | 001,988,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\be4228490407398b302edeed5ea57879\Phonebook.ni.dll
MOD - [2013/05/16 15:01:52 | 000,207,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\StoryAlbumManager\ea5424dfc774422fa2038d980b1642d1\StoryAlbumManager.ni.dll
MOD - [2013/05/16 15:01:51 | 000,945,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\218ed646a2ca6d2c08509295ce556260\MusicManager.ni.dll
MOD - [2013/05/16 15:01:49 | 000,404,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\fbe4134679a5506a54004cd5952d7d29\BATPlugin.ni.dll
MOD - [2013/05/16 15:01:40 | 000,534,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\730c70013610eb7e73f49213b1076bab\Kies.Common.MediaDB.ni.dll
MOD - [2013/05/16 15:01:38 | 000,066,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\1784a3c837a81be9ad8608a9405de178\Kies.Common.DBManager.ni.dll
MOD - [2013/05/16 15:01:38 | 000,063,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\94fd3d4235723a962f8b3f29d7eac567\Kies.Common.AllShare.ni.dll
MOD - [2013/05/16 15:01:36 | 001,146,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\1f04da0191d585e975a3f43548a70e2e\Podcaster.ni.dll
MOD - [2013/05/16 15:01:33 | 000,283,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\35992f641f4348746cfe0c6c1b48ece7\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2013/05/16 15:01:32 | 000,580,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f0dfcf225ea9ee5911a199d90da24d76\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2013/05/16 15:01:30 | 001,205,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\ddd3ef7293ae9ddaca67c1ab86f328c3\Kies.Common.DeviceService.ni.dll
MOD - [2013/05/16 15:01:27 | 000,995,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\99bba258903cd892a867461d55d728ff\DeviceCommonLib.ni.dll
MOD - [2013/05/16 15:01:25 | 000,743,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\d68e9699b3319f4d4a0d0fdb8855f48a\Kies.Plugin.ContentsManagerLib.ni.dll
MOD - [2013/05/16 15:01:23 | 000,205,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\50c6d0af63aa7107ec15d7ef86a62609\Kies.Common.MainUI.ni.dll
MOD - [2013/05/16 15:01:10 | 000,928,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\6704d4bac5e6b834fe7cd1502f09f2cb\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2013/05/16 15:01:04 | 002,202,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\dfc6504af8cd62a4a38a5b6ad7ca6566\Kies.Common.Multimedia.ni.dll
MOD - [2013/05/16 15:01:00 | 000,638,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\2627bfc447a741309a32dbd51ee23dbc\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2013/05/16 15:00:51 | 007,031,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\be28b9e8726e3ab319a05ee11b0bc412\DeviceHost.ni.dll
MOD - [2013/05/16 15:00:37 | 000,282,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\37bb8c2ca86bf868044bce11e73d1efc\Kies.Common.Util.ni.dll
MOD - [2013/05/16 15:00:36 | 001,899,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7aef2d5e9f446c4108ed337e465cd196\Kies.UI.ni.dll
MOD - [2013/05/16 15:00:32 | 001,273,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\0687f786aa9dd34f7dd8d26cdfdb065f\Kies.Interface.ni.dll
MOD - [2013/05/16 15:00:32 | 000,160,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\f67e1afe33aa6c76e375dbd4fa132363\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2013/05/16 14:59:51 | 002,177,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\81b8201bf1ea967ba701b63e65e75e47\Kies.ni.exe
MOD - [2013/05/16 13:10:58 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013/05/16 12:44:13 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1f0bb5336d1706c9b8ad2330f3642760\PresentationFramework.ni.dll
MOD - [2013/05/16 12:44:05 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ddc3e8c2774eaec614d6775983652980\System.Configuration.ni.dll
MOD - [2013/05/16 12:43:54 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9b2940478ec555990b37af5448b8f509\PresentationCore.ni.dll
MOD - [2013/05/16 12:43:45 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\93a17ba6cb6753328f25466bc0bf1cb1\System.Core.ni.dll
MOD - [2013/05/16 12:43:41 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a1949f57d2ec260e09768e98fecb0559\WindowsBase.ni.dll
MOD - [2013/05/11 22:36:09 | 017,554,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\71b6200b469ae31187226c5634b6d6bb\Kies.Theme.ni.dll
MOD - [2013/05/11 22:36:08 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\5face173af94a7083cea1c078a6b4938\DummyStorePlugin.ni.dll
MOD - [2013/05/11 22:35:43 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\a5bd3f2855afcc1f5bf15057c35bd48d\Kies.Common.StoreManager.ni.dll
MOD - [2013/05/11 22:35:37 | 000,109,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\fde643974d1f6bc8843237cedb262c9b\Kies.Common.CRMManager.ni.dll
MOD - [2013/05/11 22:35:31 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\94eee0f7d59880d4ff2754ad67877ac1\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2013/05/11 22:35:30 | 000,175,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\931b9596988f8d16731b691a35a25727\Interop.DevFileServiceLib.ni.dll
MOD - [2013/05/11 22:35:03 | 000,045,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bd5cbd625647b2af277b7c5c0ffb8f5b\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2013/05/11 22:34:58 | 000,080,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ZipStore\bbd37020633f9e7f190af58b7bf6138f\ZipStore.ni.dll
MOD - [2013/05/11 22:34:58 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\bfc490c6779a7a9ae85832ca58c27054\Interop.PRPLAYERCORELib.ni.dll
MOD - [2013/05/11 22:34:51 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceServi#\15fff4c0b61cdf95cf8c94850bfbde5f\Interop.DeviceServiceModelDBLib.ni.dll
MOD - [2013/05/11 22:34:49 | 000,187,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f93e893f927f890bffe924ec7e8c1323\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2013/05/11 22:34:23 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\4f4243b3bc2e4cdf0ec6e7ad5559aa20\Interop.DeviceSearchLib.ni.dll
MOD - [2013/05/11 22:34:22 | 001,644,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c5572a7e44449de16eb4e7db6b7b5b82\Kies.Locale.ni.dll
MOD - [2013/05/11 22:34:21 | 000,079,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\2cbf81c1b1b5e7bd6a4758bd057e2d4c\Kies.MVVM.ni.dll
MOD - [2013/03/13 22:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Jens Chr. T. Olesen\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/02/15 08:32:38 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll
MOD - [2013/01/10 15:54:58 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\52207264bac5068c2de665b3f41e8964\ASF_cSharpAPI.ni.dll
MOD - [2013/01/10 15:54:55 | 000,043,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.FUSCryptLib\7296ee8d41eeb2bcc543df81eea19ebe\Interop.FUSCryptLib.ni.dll
MOD - [2013/01/10 15:54:34 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\b2c7788a3e89dfe8758d6184bac1b663\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2013/01/10 15:54:33 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\111be4cc197cabb6340170eeb54ae535\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2013/01/10 15:54:33 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\5f0b67eb5313c092d5b8b56426dd30e2\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2013/01/10 15:54:21 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\af22e5bb6307e2882abe5fbdb3c00c8e\CabLib.ni.dll
MOD - [2013/01/10 15:53:25 | 000,770,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\dbe82a95ee3feebc5999138fdf36d3c9\System.Runtime.Remoting.ni.dll
MOD - [2013/01/10 15:53:09 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll
MOD - [2013/01/10 14:53:52 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/10 14:53:23 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll
MOD - [2013/01/10 14:52:34 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/10 14:52:21 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013/01/10 14:40:35 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll
MOD - [2013/01/10 14:40:05 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll
MOD - [2013/01/10 14:39:58 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll
MOD - [2012/11/14 01:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Jens Chr. T. Olesen\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2011/03/02 13:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\rarext.dll
MOD - [2011/02/28 21:42:14 | 000,652,800 | ---- | M] () -- C:\PROGRA~1\IZArc\IZArcCM.dll
MOD - [2010/11/13 04:03:29 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_da_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/05/04 15:36:28 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2010/02/26 12:56:14 | 000,133,616 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Interop.shdocvw\1.1.0.0__aafc021ca424f5ad\Interop.shdocvw.dll
MOD - [2010/02/26 12:56:14 | 000,054,768 | ---- | M] () -- C:\Windows\assembly\GAC_32\pcdtoolbar\1.0.0.160__aafc021ca424f5ad\pcdtoolbar.dll
MOD - [2009/12/11 12:58:52 | 000,655,360 | ---- | M] () -- C:\Program Files\Lenovo\Access Connections\ACDeskBand.dll
MOD - [2009/12/10 20:11:00 | 000,035,328 | ---- | M] () -- C:\PROGRA~1\ThinkPad\UTILIT~1\DK\PWMRT32V.DLL
MOD - [2009/07/09 21:35:22 | 000,251,168 | ---- | M] () -- C:\Program Files\ThinkPad\TpShocks\MUI\0406\TpShocks.dll
MOD - [2009/05/28 08:09:36 | 000,049,976 | ---- | M] () -- C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
MOD - [2005/07/30 21:00:40 | 000,114,688 | ---- | M] () -- C:\Windows\System32\OdiOlDVR.dll
MOD - [2004/06/21 10:14:54 | 000,053,248 | ---- | M] () -- C:\Windows\System32\OdiAPI.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2013/07/01 19:49:54 | 004,569,856 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_8fa3539.dll -- (Akamai)
SRV - [2013/06/12 01:17:21 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/14 00:54:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/18 12:09:20 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2013/04/18 04:34:38 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/04/11 15:30:30 | 000,022,376 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2012/10/11 03:04:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/23 17:01:32 | 002,778,416 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV - [2012/08/23 17:00:58 | 000,242,480 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2012/08/23 17:00:38 | 000,500,528 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2012/08/23 16:59:58 | 000,108,336 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2012/08/23 14:41:18 | 000,104,240 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2012/07/18 01:52:14 | 000,509,456 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2011/07/12 16:54:02 | 000,127,336 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV - [2011/07/12 16:53:48 | 000,131,432 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe -- (TPHKLOAD)
SRV - [2011/07/12 16:53:24 | 000,101,736 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe -- (LENOVO.MICMUTE)
SRV - [2011/07/12 16:53:18 | 000,142,696 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2010/05/30 12:19:08 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/12/11 13:22:06 | 000,255,336 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\Access Connections\AcSvc.exe -- (AcSvc)
SRV - [2009/12/11 13:22:04 | 000,124,264 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2009/12/10 20:11:00 | 000,075,112 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service)
SRV - [2009/09/24 20:54:36 | 000,430,080 | R--- | M] () [Auto | Running] -- C:\Program Files\Mobile Broadband Drivers\WMCore\mini_WMCore.exe -- (WMCoreService)
SRV - [2009/08/27 01:02:26 | 001,021,240 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2009/08/07 15:29:36 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
SRV - [2009/07/14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2008/01/12 03:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/01/05 05:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwl2cap.sys -- (btwl2cap)
DRV - [2013/06/20 23:40:46 | 000,045,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2013/04/18 12:09:20 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2013/04/03 09:58:16 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013/04/03 09:58:16 | 000,083,864 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/03/29 02:53:48 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/03/21 03:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/03/01 10:32:20 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/02/08 04:37:58 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/02/08 04:37:56 | 000,245,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/02/08 04:37:52 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/02/08 04:37:44 | 000,170,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/02/08 04:37:40 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/09/30 12:21:02 | 010,383,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Netwsn00.sys -- (NETwNs32)
DRV - [2012/07/18 01:48:50 | 000,143,360 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AmpPal.sys -- (AMPPALP)
DRV - [2012/07/18 01:48:50 | 000,143,360 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmpPal.sys -- (AMPPAL)
DRV - [2011/12/27 03:10:35 | 000,033,080 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)
DRV - [2011/09/23 04:04:51 | 000,140,376 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2011/08/23 20:34:39 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011/06/02 11:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2011/05/30 17:21:24 | 000,011,976 | ---- | M] (Authentec Inc.) [Kernel | Auto | Running] -- C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys -- (smihlp)
DRV - [2010/11/29 18:26:17 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010/11/29 18:26:16 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2010/11/20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/09/07 14:09:06 | 000,013,680 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\smiif32.sys -- (lenovo.smi)
DRV - [2010/05/31 12:04:30 | 006,766,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32)
DRV - [2010/03/12 19:22:18 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/12/10 20:11:00 | 000,011,552 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\TPPWR32V.SYS -- (TPPWRIF)
DRV - [2009/09/23 01:47:34 | 000,216,616 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WwanUsbMp.sys -- (WwanUsbServ)
DRV - [2009/09/22 20:09:38 | 000,014,848 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wwanussf.sys -- (ecnssndisfltr)
DRV - [2009/09/22 20:09:38 | 000,010,240 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wwanuss.sys -- (ecnssndis)
DRV - [2009/08/18 08:09:16 | 000,020,080 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PcdrNdisuio.sys -- (PcdrNdisuio)
DRV - [2009/08/18 08:08:14 | 000,020,848 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\progra~1\pc-doc~1\pcdsrvc.pkms -- (PCDSRVC{C4B36920-79E24793-06000000}_0)
DRV - [2009/08/18 08:08:14 | 000,020,848 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\program files\pc-doctor\pcdsrvc.pkms -- (PCDSRVC{3037D694-FD904ACA-06000000}_0)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 01:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/07/14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009/07/11 01:53:22 | 000,082,984 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e36wgps.sys -- (e36wgps)
DRV - [2009/07/09 23:44:52 | 000,122,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2009/07/01 01:38:52 | 000,374,272 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e36gmdm.sys -- (e36gmdm)
DRV - [2009/07/01 01:38:52 | 000,357,376 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e36gmgmt.sys -- (e36gmgmt)
DRV - [2009/07/01 01:38:52 | 000,285,056 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e36gbus.sys -- (e36gbus)
DRV - [2009/07/01 01:38:52 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e36gmdfl.sys -- (e36gmdfl)
DRV - [2009/06/29 23:51:04 | 000,117,800 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ApsX86.sys -- (Shockprf)
DRV - [2009/06/29 23:51:02 | 000,020,520 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ApsHM86.sys -- (TPDIGIMN)
DRV - [2009/06/18 20:21:06 | 000,125,568 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\5U877.sys -- (5U877)
DRV - [2009/03/23 08:58:36 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2008/05/16 12:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic)
DRV - [2008/05/16 12:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5)
DRV - [2008/05/16 12:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 12:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 12:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt)
DRV - [2008/05/16 12:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 12:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus)
DRV - [2007/04/18 06:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2006/04/07 17:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VNUSB.sys -- (VNUSB)
DRV - [2004/03/24 04:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\nsndis5.sys -- (NSNDIS5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2438727
IE - HKLM\..\SearchScopes\{B2E86836-F608-4C54-9A1E-BF3AEBDB60D7}: "URL" = http://www.bing.com/...c=IE-SearchBox;

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
IE - HKCU\..\SearchScopes,DefaultScope = {C84EC8AA-C6A6-426D-8FFC-91EA00FFCE17}
IE - HKCU\..\SearchScopes\{C84EC8AA-C6A6-426D-8FFC-91EA00FFCE17}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:4.12.22.2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files\TVUPlayer\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Jens Chr. T. Olesen\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/16 21:37:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2010/11/28 00:20:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.5\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.5\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/30 11:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\AVG\AVG2012\Thunderbird\

[2012/05/16 15:21:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jens Chr. T. Olesen\AppData\Roaming\mozilla\Extensions
[2010/05/26 23:09:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jens Chr. T. Olesen\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/11/28 00:19:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jens Chr. T. Olesen\AppData\Roaming\mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2012/05/16 15:21:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jens Chr. T. Olesen\AppData\Roaming\mozilla\Extensions\[email protected]
[2010/10/05 23:35:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jens Chr. T. Olesen\AppData\Roaming\mozilla\Firefox\Profiles\35nlpm1f.default\extensions
[2013/05/08 19:00:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jens Chr. T. Olesen\AppData\Roaming\mozilla\Firefox\Profiles\6f030jpc.default\extensions
[2013/05/08 17:14:25 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Jens Chr. T. Olesen\AppData\Roaming\mozilla\Firefox\Profiles\6f030jpc.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2010/11/28 00:19:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jens Chr. T. Olesen\AppData\Roaming\mozilla\Sunbird\Profiles\0q4nneke.default\extensions
[2013/05/08 19:00:45 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Jens Chr. T. Olesen\AppData\Roaming\mozilla\firefox\profiles\6f030jpc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/10/16 21:37:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012/10/11 03:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/10/11 03:51:31 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-co-uk.xml
[2012/10/11 03:51:32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/11 03:51:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-da.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://google.dk/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\Application\28.0.1500.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\Application\28.0.1500.52\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Program Files\TVUPlayer\npTVUAx.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Jens Chr. T. Olesen\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: FLV Runner = C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahilkiibpgjnonbhdfkkgjddddmapala\10.16.4.512_0\
CHR - Extension: Google Dokumenter = C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drev = C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-s\u00F8gning = C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Tampermonkey = C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.1.3440_0\
CHR - Extension: AdBlock = C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\
CHR - Extension: Simple Adblock = C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfjefnfnmmnkcckbjjcganphignempo\1.0.9_0\
CHR - Extension: Gmail = C:\Users\Jens Chr. T. Olesen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2010/06/17 13:39:11 | 000,408,517 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14124 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (IePasswordManagerHelper Class) - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AcWin7Hlpr] C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe ()
O4 - HKLM..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui File not found
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Daemon for Mouse Suite] C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE 60 File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe ()
O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor File not found
O4 - HKCU..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Jens Chr. T. Olesen\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Jens Chr. T. Olesen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Jens Chr. T. Olesen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Jens Chr. T. Olesen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Jens Chr. T. Olesen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Send billede til &Bluetooth-enhed... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm File not found
O8 - Extra context menu item: Send siden til &Bluetooth-enhed... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm File not found
O9 - Extra Button: PokerStars.dk - {15105F6B-80FF-40d3-B239-AEC9E0E93ACD} - C:\Program Files\PokerStars.DK\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm File not found
O9 - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: danskebank.dk ([]* in Trusted sites)
O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} http://support.lenov...AutoDetect2.cab (IASRunner Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.10.10.4 212.10.10.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{78AECDF8-BEFC-43A6-B464-E4BD9659D3C3}: DhcpNameServer = 212.10.10.4 212.10.10.5
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\psfus: DllName - (C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll) - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\Program Files\Qualcomm\Eudora\EuShlExt.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{766439a8-9f19-11e1-98e5-c417feed5ae9}\Shell - "" = AutoRun
O33 - MountPoints2\{766439a8-9f19-11e1-98e5-c417feed5ae9}\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\{8cac6a9f-7fb2-11df-bee9-d5e87d43935a}\Shell - "" = AutoRun
O33 - MountPoints2\{8cac6a9f-7fb2-11df-bee9-d5e87d43935a}\Shell\AutoRun\command - "" = E:\Startme.exe
O33 - MountPoints2\{efaed0b1-22c1-11df-ae4d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{efaed0b1-22c1-11df-ae4d-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/01 12:58:46 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{A4D99DB9-EB78-42B1-979E-339F4DBE23A5}
[2013/07/01 12:29:05 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Roaming\AVG2013
[2013/07/01 12:27:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/07/01 12:25:37 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/07/01 12:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013/07/01 12:05:05 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2013/07/01 02:20:31 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\MFAData
[2013/07/01 02:20:31 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/07/01 02:20:31 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\Avg2013
[2013/07/01 00:58:04 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{07509151-A339-4A17-BB1F-C744173509F1}
[2013/06/30 12:57:37 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{08EFD746-5264-4712-9C27-6DAC66B117E0}
[2013/06/30 00:43:27 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{43E67CFC-CCE1-42D2-A67E-BD91D7C7AB40}
[2013/06/29 12:42:58 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{C971458C-5090-472F-AF37-DC06661943B5}
[2013/06/29 00:42:30 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{4B659617-B632-418B-9C84-2C9DBCEA0449}
[2013/06/28 12:42:01 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{D2521814-367A-4215-9138-382B04EB6ECB}
[2013/06/28 00:41:34 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{674BE6C4-D826-4D00-86A7-770466CD1463}
[2013/06/27 12:41:07 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{FB1935B0-0471-4124-AB38-167652A9042E}
[2013/06/26 22:55:03 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{206AD7B6-3DDE-44E8-8440-09A25767B006}
[2013/06/26 10:54:35 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{E7572CFA-2663-4B8E-9C25-61EC6BF6F84C}
[2013/06/25 22:34:57 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{5A7710CA-7736-4D12-9A46-93BF4811CDC7}
[2013/06/25 10:34:28 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{7B2B72D6-4B04-484B-80BE-17B6EE0D8537}
[2013/06/24 22:24:30 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{54719F60-9AB3-416F-A190-1BEEE273BA0C}
[2013/06/24 20:01:01 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\Desktop\2013_06_24
[2013/06/24 20:00:54 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\Desktop\2013_06_23
[2013/06/24 10:24:03 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{EFF1596E-2172-4C9E-9D2C-123F1D6C882C}
[2013/06/23 10:23:24 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{7203EC98-7D04-4F4C-8AFE-409B72C1788A}
[2013/06/22 15:43:46 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{F01BBA51-346A-445E-8D2E-28232E89F16C}
[2013/06/22 15:11:13 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/06/22 15:10:59 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/06/22 15:10:59 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/06/22 15:10:59 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/06/22 15:10:51 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/06/22 14:22:18 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{656B808F-DC25-4F04-8275-D32CA68FFB02}
[2013/06/21 23:48:04 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{B6079374-FE4C-42CB-A71F-40AA9624EA10}
[2013/06/21 11:47:36 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{08D0520A-D71B-4B4C-B303-BCAADBBDB612}
[2013/06/20 23:40:57 | 000,045,736 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btusbflt.sys
[2013/06/20 23:19:50 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{E0329EC7-B90F-44A5-87C2-C5FE1B67BF9F}
[2013/06/20 17:12:23 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\Desktop\2013_06_20
[2013/06/20 17:08:44 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{1806BC33-7EE4-4C4B-AF88-061C00CEE7C4}
[2013/06/20 12:19:58 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{90906F01-D83B-42FA-8A20-7881DAA4BD89}
[2013/06/19 23:36:05 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{E1AAAA05-8342-475F-AC5A-221388CB58FF}
[2013/06/19 11:35:37 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{6645ABFA-B99A-4290-AD76-D9B49EF18D3A}
[2013/06/18 21:11:32 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{45864A09-44A5-4239-A1FC-E2850F71B145}
[2013/06/18 09:10:54 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{53D04BDC-6924-4F97-B641-5AA0F40CE254}
[2013/06/17 19:51:41 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{9328D1CC-45E5-4C0E-82EF-705D16DC0AC0}
[2013/06/17 07:51:13 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{9C86A8ED-C4FB-490E-9FA8-B815795CB75A}
[2013/06/16 15:19:32 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\Desktop\2013_06_16
[2013/06/16 10:28:48 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{2E73DCD1-7C8C-4C0F-8A78-E3DDD19CA92A}
[2013/06/15 11:27:10 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{B3D9E102-CEA2-490B-A110-8277EAA86947}
[2013/06/14 14:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SPBA
[2013/06/14 13:53:07 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{06D09C5A-417B-49E0-8CD5-E9093AA696F8}
[2013/06/13 13:30:29 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{2BC73E6F-EE78-42E3-9FDC-991533E02CEF}
[2013/06/13 00:26:27 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/06/13 00:26:26 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/06/13 00:21:12 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/06/13 00:21:12 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/06/13 00:21:11 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/06/13 00:21:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/06/13 00:21:10 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/06/13 00:21:10 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/06/13 00:21:10 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/06/13 00:21:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/06/12 17:02:02 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\Desktop\2013_06_12
[2013/06/12 11:32:36 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll
[2013/06/12 11:32:34 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2013/06/12 11:32:29 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2013/06/12 11:32:28 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll
[2013/06/12 11:32:24 | 003,968,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/06/12 11:32:24 | 003,913,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/06/11 13:04:23 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{90A0CF87-B7A7-45C1-95CC-B14577835C98}
[2013/06/10 23:01:52 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{4B2366A6-BE2F-4545-AB2C-D1343EAAC286}
[2013/06/10 14:46:05 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\Desktop\2013_06_10
[2013/06/10 10:52:00 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{0F85EE0E-73CB-4063-AFD7-26CE72DFCADF}
[2013/06/09 20:37:53 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{E06B01D0-2F85-4434-91EB-E6B707006828}
[2013/06/09 20:18:47 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\Desktop\2013_06_09
[2013/06/09 08:37:25 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{911530DF-AF16-4044-8C2C-E160F1754176}
[2013/06/08 16:11:33 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\Desktop\2013_06_08
[2013/06/08 10:27:46 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{1595ECD2-3F99-48A8-AF47-E4628067CF5F}
[2013/06/07 12:50:11 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{DC7CE709-1865-459D-97B3-3D89A7F44755}
[2013/06/06 12:49:29 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{F2616F1F-0B3B-4D2C-BB18-3E63EADBC532}
[2013/06/05 11:00:15 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{4DDA1D00-1C77-4B0C-8D23-7D79A14A91FB}
[2013/06/04 22:47:23 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{AA9A4BED-6C96-4E90-B411-147990483B50}
[2013/06/04 12:36:15 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\Desktop\2013_06_04
[2013/06/04 12:31:24 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{DA2A468B-D9A0-4EC0-8517-4A413A634CCF}
[2013/06/04 00:06:30 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{389BE1A4-3319-4BD8-8980-0E79AB8174F9}
[2013/06/03 12:05:58 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{543423C9-F1F2-4E3F-AA3E-F575C3034E81}
[2013/06/02 21:15:29 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{5ED0AD7E-B2AA-435F-9D93-5D1A9A6E71BE}
[2013/06/02 13:22:19 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\Desktop\2013_06_02
[2013/06/02 09:15:02 | 000,000,000 | ---D | C] -- C:\Users\Jens Chr. T. Olesen\AppData\Local\{B80E5572-E2DA-4507-A5EC-88166DF57D18}

========== Files - Modified Within 30 Days ==========

[2013/07/01 22:22:00 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-16889798-4002365027-3226851245-1004UA.job
[2013/07/01 22:17:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/01 19:56:37 | 000,016,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/01 19:56:37 | 000,016,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/01 19:49:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/01 19:49:00 | 2309,640,192 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/01 14:22:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-16889798-4002365027-3226851245-1004Core.job
[2013/07/01 12:27:15 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/07/01 11:35:46 | 000,000,017 | ---- | M] () -- C:\Users\Jens Chr. T. Olesen\AppData\Local\resmon.resmoncfg
[2013/07/01 02:01:03 | 000,662,950 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/07/01 02:01:03 | 000,517,266 | ---- | M] () -- C:\Windows\System32\perfh006.dat
[2013/07/01 02:01:03 | 000,124,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/07/01 02:01:03 | 000,097,682 | ---- | M] () -- C:\Windows\System32\perfc006.dat
[2013/06/22 15:10:54 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013/06/22 15:10:54 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013/06/22 15:10:54 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/06/22 15:10:54 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/06/22 15:10:54 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/06/22 15:10:54 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/06/20 23:40:46 | 000,045,736 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btusbflt.sys
[2013/06/17 09:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2013/06/12 01:17:20 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/06/12 01:17:20 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/06/09 08:39:45 | 000,001,075 | ---- | M] () -- C:\Users\Jens Chr. T. Olesen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/06/08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/06/08 13:13:19 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/06/04 12:31:10 | 000,000,452 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job

========== Files Created - No Company Name ==========

[2013/07/01 12:27:15 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/07/01 11:35:46 | 000,000,017 | ---- | C] () -- C:\Users\Jens Chr. T. Olesen\AppData\Local\resmon.resmoncfg
[2013/05/11 20:10:49 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2013/05/11 20:10:49 | 000,037,344 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2012/06/28 16:53:12 | 000,000,141 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/05/23 18:49:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/05/23 18:49:32 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012/05/23 18:49:32 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012/05/23 18:49:32 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012/05/23 18:49:32 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012/02/11 17:11:16 | 000,000,169 | ---- | C] () -- C:\Users\Jens Chr. T. Olesen\LAViewer.properties
[2011/10/26 20:23:23 | 000,000,264 | ---- | C] () -- C:\Users\Jens Chr. T. Olesen\AppData\Roaming\burnaware.ini
[2010/11/11 23:45:56 | 000,000,000 | ---- | C] () -- C:\Users\Jens Chr. T. Olesen\temp.dat
[2010/08/14 08:54:48 | 000,646,848 | ---- | C] () -- C:\Users\Jens Chr. T. Olesen\AppData\Local\wanancsp.dat
[2010/06/03 23:46:47 | 000,009,216 | ---- | C] () -- C:\Users\Jens Chr. T. Olesen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >


Thanks in advance,
aalborgenser
  • 0

Advertisements

#2
RKinner
Posted 02 July 2013 - 06:42 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Looking at your logs, I expect it's either Adobe Acrobat, Thunderbird or Kies. Easiest way to tell is to run msconfig. Type msconfig in the Search box and wait until you see msconfig.exe then right click on it and Run As Admin. Under Run, uncheck everything. Under Services, first check Hide Microsoft Service then uncheck everything that remains. OK. Reboot. Cancel msconfig when it comes up. Now shutdown. Does it shutdown like it should? One of the things you unchecked is the culprit so go back in and recheck about half of them OK and reboot. Keep doing that until you locate the culprit. If that's not it then let's run a few scans:

Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner. Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).

# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.


Let's also try the bitdefender quickscan.

http://quickscan.bitdefender.com/

When it finishes there is a View Report option at the bottom. Click on it and copy and paste the report (even if it says nothing found).


Ron
  • 0

#3
aalborgenser
Posted 05 July 2013 - 08:10 AM

aalborgenser

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Thanks Ron

Eset log:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=8
# iexplore.exe=10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3be77497789c6d40aaa8ebd1cfacf98c
# engine=14277
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-05 01:25:20
# local_time=2013-07-05 03:25:20 (+0100, Rom, sommertid)
# country="Denmark"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1039 16777213 100 92 11760 60164704 0 0
# compatibility_mode=5893 16776574 100 94 363976 124661911 0 0
# scanned=174954
# found=0
# cleaned=0
# scan_time=8401

_________

The two other suggestions gave no results.

Best regards,
aalborgenser
  • 0

#4
RKinner
Posted 05 July 2013 - 12:05 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
If you boot into Safe Mode and then shutdown does it shutdown OK?
(Reboot and when you see the maker's logo, hear a beep or it talks about F8, start tapping the F8 key slowly. Keep tapping until the Safe Mode Menu appears and choose Safe Mod. Login with your usual login.)

Our Internet was down yesterday and is coming and going today so expect delays.
  • 0

#5
aalborgenser
Posted 06 July 2013 - 04:28 AM

aalborgenser

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
In safe mode it does shut down properly. Sometimes it runs chkdsk afterwards - but mostly not.

Edited by aalborgenser, 06 July 2013 - 11:52 AM.

  • 0

#6
RKinner
Posted 06 July 2013 - 08:25 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Please download DDS from http://download.blee...om/sUBs/dds.com or http://download.blee...om/sUBs/dds.scr
and save it to your desktop.

* Disable any script blocking protection
* Double click dds.pif to run the tool. (Vista and Win 7 please right click and Run As Admin)
* When done, two DDS.txt's will open.
* Save both reports to your desktop.

---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt
Attach.txt.
  • 0

#7
aalborgenser
Posted 06 July 2013 - 12:15 PM

aalborgenser

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
:)

Attached Files


  • 0

#8
RKinner
Posted 06 July 2013 - 01:29 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
We need to look at the Error logs but I don't think I have a tool that works on Danish systems. There a chance it's a hung install. Let's see what the windowsupdate.log log says. It should be in C:\windows\windowsupdate.log. If it's not too big you can attach it. Or maybe zip it up and attach it.
  • 0

#9
aalborgenser
Posted 06 July 2013 - 03:03 PM

aalborgenser

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Hope this works.

Attached Files


  • 0

#10
RKinner
Posted 06 July 2013 - 05:38 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Go into Control Panel and find Windows Update and click on it. Does it find any update? If there are no critical updates is there an Optional update. Does it install?

In the search box type

cmd.exe

when it finds it right click and run as admin. Type:

sfc /scannow

This should check your critical files and correct any it finds are not right.

IF it says it couldn't fix everything then copy the next two lines:


findstr /c:"[SR]" \windows\logs\cbs\cbs.log > \windows\logs\cbs\junk.txt
notepad \windows\logs\cbs\junk.txt


go back to the command window and tight click and Paste then hit Enter. This should open a file in notepad. If it's not too big just copy and paste it into a Reply.


Does

shutdown /p

when typed into the command window cause it to shutdown like it should?
  • 0

Advertisements

#11
aalborgenser
Posted 07 July 2013 - 03:21 AM

aalborgenser

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
the machine finds 2/8 updates but cannot install

sfc /scannow: nothing happens

the file in note pad opens but is empty

it doesn't shut down using shutdown /p
  • 0

#12
RKinner
Posted 07 July 2013 - 07:26 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
That updates won't install is interesting. MS has a fixit for that so let's try it:

http://windows.micro...talling-updates

Make sure you right click on cmd.exe and Run As Admin then try sfc /scannow and shutdown /p again.
  • 0

#13
aalborgenser
Posted 07 July 2013 - 02:48 PM

aalborgenser

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Apperently everything concerning updating fails. The tools don't fix it. Now I can't even see any installed updates. Also the cmd commands continue to 'fail' (run as adm.).

When working in control panel i.e. to disable windows firewall or checking update issues windows explorer stalls. This also often happens during (re)starting the computer..

Edited by aalborgenser, 07 July 2013 - 02:48 PM.

  • 0

#14
RKinner
Posted 07 July 2013 - 03:38 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Try booting into Safe Mode with Command Prompt and see if either sfc /scannow or shutdown /p will work. If they won't then try sfc /? and see if the help message comes up.

Download ShellExView.

http://www.nirsoft.n...s/shexview.html

Use this download:
http://www.nirsoft.n...xview_setup.exe

Once you get it installed, run it and look in the third or fourth column from the RIGHT. It should say MICROSOFT. Click once or twice on MICROSOFT so that items with NO are at the top.
Select all of the NO items and then click on the red led looking icon in the upper left. This should disable all of the non-microsoft additions to Explorer. Reboot and see if you still have problems with Explorer.
  • 0

#15
aalborgenser
Posted 23 July 2013 - 10:16 AM

aalborgenser

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Hi again. Sorry for the late reply on last suggestions.

No solutions seem to work. Now Chrome also teases! Sometimes after startup all settings seem to be 'defaulted'. Addons are gone etc. :whistling:

Once again thanks for all your efforts. I'm impressed how competent and how willing to help you are :thumbsup:

Edited by aalborgenser, 23 July 2013 - 10:17 AM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP