Logfil

Nej.

Ok så.
Hent "Malwarebytes' Anti-Malware" her

Eller her

Installer og start programmet, klik på fanen opdater, klik Tjek for opdatering, lav "Hurtig skan" under fanebladet "skanner".
Bagefter klik på "vis resultater", tryk på "Fjern det valgte" og send loggen herind sammen med en ny hijackthis log

Mht.: Vista og Windows 7 - højreklik på filen - Kør som Administrator.

NB Når du opdaterer Malwarebytes, så klik på opdater til den skriver at der ikke er flere opdateringer.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:42:46, on 26-07-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Search Guard PlusU\sgpupdaters.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Arto\Notifier\ArtoNotifier.exe
C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php?ref=home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=81&bd=Pavilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=81&bd=Pavilion&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: (no name) - {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll
O2 - BHO: UrlHelper Class - {6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
O2 - BHO: Hjælp til tilmelding til Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ArtoNotifier] C:\Program Files\Arto\Notifier\ArtoNotifier.exe
O4 - HKCU\..\Run: [CTZDetec.exe] C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SIMBAR={9D86F83D-E44A-4DA2-BA83-6414070838FB}; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.0.30618)" -"http://ultima-hotel.org/client"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETVÆRKSTJENESTE')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/DA-DK/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Tjenesten Google Update (gupdate1ca908ba57816d5) (gupdate1ca908ba57816d5) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 14155 bytes



Malwarebytes' Anti-Malware 1.36
Database version: 1945
Windows 6.0.6002 Service Pack 2

26-07-2010 11:55:07
mbam-log-2010-07-26 (11-55-07).txt

Skan type: Hurtig skanning
Objekter skannet: 74446
Tid tilbagelagt: 10 minute(s), 43 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)


Ps: Den starter op med at skrive, IE3SH.EXE komponenten blev ikke fundet
Og så står der  BHO.DLL

Malwarebytes' Anti-Malware 1.36
Database version: 1945

Vil du godt opdatere Malwarebytes to gange.

Er pt.

Malwarebytes' Anti-Malware 1.46
Database version: 4354

Her er en frisk en ;-)
Har slettet de 3

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4354

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

26-07-2010 23:07:57
mbam-log-2010-07-26 (23-07-57).txt

Skanningstype: Hurtig skanning
Objekter skannet: 147568
Tid gået: 18 minut(ter), 3 sekund(er)

Hukommelses Processorer Inficeret: 0
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 1
Registreringsdatabaseværdier Inficeret: 1
Registreringsdatabasedata Objekter Inficeret: 1
Inficerede Mapper: 0
Inficerede Filer: 0

Hukommelses Processorer Inficeret:
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.Softomate) -> Quarantined and deleted successfully.

Registreringsdatabaseværdier Inficeret:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Worm.AutoRun) -> Quarantined and deleted successfully.

Registreringsdatabasedata Objekter Inficeret:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (explorer.exe,C:\RECYCLER\S-1-5-21-9574732883-4995145719-099830850-2014\rundll32.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.

Inficerede Mapper:
(Ingen skadelige objekter blev fundet)

Inficerede Filer:
(Ingen skadelige objekter blev fundet)


Ps: Den starter også op med at skrive, IE3SH.EXE komponenten blev ikke fundet
Og så står der  BHO.DLL

Computeren skriver også at der en opdatering til HP Wireless Assistant og en til HP BIOS, men jeg kan ikke hente nogle af dem???

Hent og gem Combofix på dit skrivebord:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Højreklik på skrivebordet og vælg ny->tekstdokument og kopier det fremhævede ind og gem filen som CFScript

Killall::
Snapshot::

Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/billeder/cfscript.gif

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt som ligger her C:\ Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

Der skete ikke rigtig mere efter jeg forsøgte at give slip
men her er noget

ComboFix 10-07-24.06 - Karina 27-07-2010  9:27.1.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.45.1030.18.1982.930 [GMT 2:00]
Kører fra: c:\users\Karina\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
c:\program files\Fast Browser Search
c:\program files\Fast Browser Search\IE\1.bat
c:\program files\Fast Browser Search\IE\about.html
c:\program files\Fast Browser Search\IE\affid.dat
c:\program files\Fast Browser Search\IE\basis.xml
c:\program files\Fast Browser Search\IE\basis_br.xml
c:\program files\Fast Browser Search\IE\basis_de.xml
c:\program files\Fast Browser Search\IE\basis_en.xml
c:\program files\Fast Browser Search\IE\basis_es.xml
c:\program files\Fast Browser Search\IE\basis_fr.xml
c:\program files\Fast Browser Search\IE\basis_it.xml
c:\program files\Fast Browser Search\IE\basis_nr.xml
c:\program files\Fast Browser Search\IE\basis_pt.xml
c:\program files\Fast Browser Search\IE\basis_ru.xml
c:\program files\Fast Browser Search\IE\basis_tr.xml
c:\program files\Fast Browser Search\IE\BHO.dll
c:\program files\Fast Browser Search\IE\ClearRecycleBin.exe
c:\program files\Fast Browser Search\IE\error.html
c:\program files\Fast Browser Search\IE\fbsProtection.xml
c:\program files\Fast Browser Search\IE\FbsSearchProvider.xml
c:\program files\Fast Browser Search\IE\FbsSearchProviderIE8.exe
c:\program files\Fast Browser Search\IE\fbstoolbar.jar
c:\program files\Fast Browser Search\IE\fbstoolbar.manifest
c:\program files\Fast Browser Search\IE\icons.bmp
c:\program files\Fast Browser Search\IE\ie3sh.exe
c:\program files\Fast Browser Search\IE\info.txt
c:\program files\Fast Browser Search\IE\local.xml
c:\program files\Fast Browser Search\IE\logobg.bmp
c:\program files\Fast Browser Search\IE\MTWBtoolbar.html
c:\program files\Fast Browser Search\IE\search.bmp
c:\program files\Fast Browser Search\IE\search_br.bmp
c:\program files\Fast Browser Search\IE\search_de.bmp
c:\program files\Fast Browser Search\IE\search_es.bmp
c:\program files\Fast Browser Search\IE\search_fr.bmp
c:\program files\Fast Browser Search\IE\search_it.bmp
c:\program files\Fast Browser Search\IE\search_pt.bmp
c:\program files\Fast Browser Search\IE\search_ru.bmp
c:\program files\Fast Browser Search\IE\SearchGuardPlus.exe
c:\program files\Fast Browser Search\IE\SearchGuardPlus.ico
c:\program files\Fast Browser Search\IE\SGPU.ico
c:\program files\Fast Browser Search\IE\sgpUpdater.exe
c:\program files\Fast Browser Search\IE\sgpUpdater.xml
c:\program files\Fast Browser Search\IE\SGPUpdaterS.exe
c:\program files\Fast Browser Search\IE\tbs_include_script_003175.js
c:\program files\Fast Browser Search\IE\tbs_include_script_005064.js
c:\program files\Fast Browser Search\IE\tbs_include_script_012817.js
c:\program files\Fast Browser Search\IE\Toolbar Help.htm
c:\program files\Fast Browser Search\IE\uninstall.exe
c:\program files\Fast Browser Search\IE\uninstalSGP.exe
c:\program files\Fast Browser Search\IE\uninstalSGPU.exe
c:\program files\Fast Browser Search\IE\update.exe
c:\program files\Fast Browser Search\IE\version.txt
c:\program files\Search Guard Plus
c:\program files\Search Guard Plus\fbsProtection.xml
c:\program files\Search Guard Plus\fbsProtectionI.xml
c:\program files\Search Guard Plus\fbsSearchProvider.xml
c:\program files\Search Guard Plus\FbsSearchProviderIE8.exe
c:\program files\Search Guard Plus\SearchGuardPlus.exe
c:\program files\Search Guard Plus\SearchGuardPlus.ico
c:\program files\Search Guard Plus\uninstalSGP.exe
c:\program files\Search Guard PlusU
c:\program files\Search Guard PlusU\SGPU.ico
c:\program files\Search Guard PlusU\sgpUpdater.exe
c:\program files\Search Guard PlusU\sgpUpdater.xml
c:\program files\Search Guard PlusU\sgpUpdaters.exe
c:\program files\Search Guard PlusU\uninstalSGPU.exe
c:\program files\SGPSA
c:\program files\SGPSA\ie3sh.exe
c:\windows\system32\KBL.LOG

.
(((((((((((((((((((((((((((((  Filer skabt fra 2010-06-27 til 2010-07-27  )))))))))))))))))))))))))))))))))))
.

2010-07-27 07:41 . 2010-07-27 07:41    --------    d-----w-    c:\users\Gæst\AppData\Local\temp
2010-07-27 07:41 . 2010-07-27 07:41    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-07-26 22:03 . 2009-07-14 17:45    445008    ----a-w-    c:\windows\system32\drivers\Wdf01000.sys
2010-07-26 22:03 . 2009-07-14 17:45    38480    ----a-w-    c:\windows\system32\drivers\WdfLdr.sys
2010-07-26 21:40 . 2010-07-26 21:40    --------    d-----w-    c:\users\Karina\AppData\Roaming\HpUpdate
2010-07-26 21:36 . 2010-07-26 21:36    --------    d-----w-    c:\windows\Hewlett-Packard
2010-07-26 20:48 . 2010-07-26 20:48    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2010-07-26 20:09 . 2010-06-28 20:32    17744    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2010-07-26 20:09 . 2010-06-28 20:37    165456    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2010-07-26 20:09 . 2010-06-28 20:33    23376    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2010-07-26 20:09 . 2010-06-28 20:37    46672    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2010-07-26 20:09 . 2010-06-28 20:32    50256    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2010-07-26 20:07 . 2010-06-28 20:57    38848    ----a-w-    c:\windows\avastSS.scr
2010-07-26 20:07 . 2010-06-28 20:57    165032    ----a-w-    c:\windows\system32\aswBoot.exe
2010-07-26 20:07 . 2010-07-26 20:07    --------    d-----w-    c:\programdata\Alwil Software
2010-07-26 20:07 . 2010-07-26 20:07    --------    d-----w-    c:\program files\Alwil Software
2010-07-26 19:19 . 2010-07-26 19:19    --------    d-sh--we    c:\windows\system32\config\systemprofile\Lokale indstillinger
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\tr
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\sv
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\ru
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\no
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\ko
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\ja
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\it
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\fr
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\es
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\de
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\DPDrv
2010-07-26 19:13 . 2010-07-26 19:13    --------    d-----w-    c:\programdata\Downloaded Installations
2010-07-26 11:30 . 2010-07-26 13:34    --------    d-----w-    c:\users\Karina\AppData\Roaming\IObit
2010-07-26 11:30 . 2010-07-26 11:30    --------    d-----w-    c:\program files\IObit
2010-07-26 10:16 . 2010-07-26 10:16    --------    d-----w-    c:\users\Karina\AppData\Local\VS Revo Group
2010-07-26 10:16 . 2009-12-30 10:21    27192    ----a-w-    c:\windows\system32\drivers\revoflt.sys
2010-07-26 10:16 . 2010-07-26 10:16    --------    d-----w-    c:\program files\VS Revo Group
2010-07-26 01:08 . 2009-11-08 08:55    99176    ----a-w-    c:\windows\system32\PresentationHostProxy.dll
2010-07-26 01:08 . 2009-11-08 08:55    49472    ----a-w-    c:\windows\system32\netfxperf.dll
2010-07-26 01:08 . 2009-11-08 08:55    297808    ----a-w-    c:\windows\system32\mscoree.dll
2010-07-26 01:08 . 2009-11-08 08:55    295264    ----a-w-    c:\windows\system32\PresentationHost.exe
2010-07-26 01:08 . 2009-11-08 08:55    1130824    ----a-w-    c:\windows\system32\dfshim.dll
2010-07-25 23:28 . 2010-04-12 15:29    411368    ----a-w-    c:\windows\system32\deployJava1.dll
2010-07-25 23:12 . 2010-07-25 23:12    2560    ----a-w-    c:\windows\_MSRSTRT.EXE
2010-07-25 23:00 . 2010-05-26 17:06    34304    ----a-w-    c:\windows\system32\atmlib.dll
2010-07-25 23:00 . 2010-05-26 14:47    289792    ----a-w-    c:\windows\system32\atmfd.dll
2010-07-25 22:59 . 2010-04-05 17:01    67072    ----a-w-    c:\windows\system32\asycfilt.dll
2010-07-25 22:59 . 2010-04-16 16:43    28672    ----a-w-    c:\windows\system32\Apphlpdm.dll
2010-07-25 22:59 . 2010-04-16 14:39    4240384    ----a-w-    c:\windows\system32\GameUXLegacyGDFs.dll
2010-07-25 21:40 . 2010-07-25 21:40    388096    ----a-r-    c:\users\Karina\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-07-25 21:39 . 2010-01-29 15:40    738816    ----a-w-    c:\windows\system32\inetcomm.dll
2010-07-25 21:38 . 2010-02-23 11:10    79360    ----a-w-    c:\windows\system32\drivers\mrxsmb20.sys
2010-07-25 21:38 . 2010-02-23 11:10    212992    ----a-w-    c:\windows\system32\drivers\mrxsmb10.sys
2010-07-25 21:38 . 2010-02-23 11:10    106496    ----a-w-    c:\windows\system32\drivers\mrxsmb.sys
2010-07-25 21:38 . 2010-02-18 14:07    3600776    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2010-07-25 21:38 . 2010-02-18 14:07    3548040    ----a-w-    c:\windows\system32\ntoskrnl.exe
2010-07-25 21:38 . 2010-03-05 14:01    420352    ----a-w-    c:\windows\system32\vbscript.dll
2010-07-25 21:38 . 2010-04-23 14:13    2048    ----a-w-    c:\windows\system32\tzres.dll
2010-07-25 21:36 . 2010-02-18 14:07    904576    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2010-07-25 21:36 . 2010-02-18 13:30    200704    ----a-w-    c:\windows\system32\iphlpsvc.dll
2010-07-25 21:36 . 2010-02-18 11:28    25088    ----a-w-    c:\windows\system32\drivers\tunnel.sys
2010-07-25 21:29 . 2009-12-23 11:33    172032    ----a-w-    c:\windows\system32\wintrust.dll
2010-07-25 21:29 . 2010-01-13 17:34    98304    ----a-w-    c:\windows\system32\cabview.dll
2010-07-25 20:08 . 2010-02-12 10:32    293376    ----a-w-    c:\windows\system32\browserchoice.exe

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-27 07:25 . 2008-10-15 14:36    2883584    --sha-w-    c:\users\Gæst\ntuser.dat
2010-07-27 07:21 . 2009-02-16 14:13    64510    ----a-w-    c:\programdata\nvModes.dat
2010-07-27 07:03 . 2010-01-08 17:54    --------    d-----w-    c:\users\Karina\AppData\Roaming\Skype
2010-07-26 22:04 . 2010-07-26 22:04    0    ---ha-w-    c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-07-26 22:04 . 2010-07-26 22:04    0    ---ha-w-    c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-07-26 22:03 . 2008-01-05 14:43    --------    d-----w-    c:\programdata\NVIDIA
2010-07-26 21:49 . 2007-11-09 05:35    77202    ----a-w-    c:\windows\system32\perfc006.dat
2010-07-26 21:49 . 2007-11-09 05:35    463344    ----a-w-    c:\windows\system32\perfh006.dat
2010-07-26 19:59 . 2008-06-07 17:14    --------    d-----w-    c:\programdata\avg8
2010-07-26 19:18 . 2008-01-05 14:42    --------    d-----w-    c:\program files\DigitalPersona
2010-07-26 13:29 . 2008-09-07 17:11    --------    d-----w-    c:\users\Karina\AppData\Roaming\zweitgeist
2010-07-26 13:29 . 2008-01-05 14:30    --------    d-----w-    c:\program files\WinTV
2010-07-26 10:23 . 2009-01-22 14:32    --------    d-----w-    c:\program files\Cheat Engine
2010-07-26 08:58 . 2009-01-04 16:57    --------    d-----w-    c:\program files\Microsoft Silverlight
2010-07-26 01:20 . 2006-11-02 11:18    --------    d-----w-    c:\program files\Windows Mail
2010-07-26 01:18 . 2008-11-23 18:26    --------    d-----w-    c:\programdata\Microsoft Help
2010-07-25 23:29 . 2007-11-09 07:59    --------    d-----w-    c:\program files\Common Files\Java
2010-07-25 23:28 . 2007-11-09 07:59    --------    d-----w-    c:\program files\Java
2010-07-25 21:58 . 2009-01-10 17:24    --------    d-----w-    c:\program files\Microsoft
2010-07-25 20:19 . 2008-04-08 13:07    103728    ----a-w-    c:\users\Karina\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-25 20:08 . 2009-02-18 20:39    --------    d-----w-    c:\users\Gæst\AppData\Roaming\LimeWire
2010-06-03 14:50 . 2008-12-06 19:07    680    ----a-w-    c:\users\Gæst\AppData\Local\d3d9caps.dat
2010-05-27 20:32 . 2010-05-27 20:32    245936    ----a-w-    c:\windows\system32\drivers\SynTP.sys
2010-05-27 20:31 . 2007-09-15 08:50    120104    ----a-w-    c:\windows\system32\SynTPCo4.dll
2010-05-27 20:31 . 2007-09-15 08:21    165160    ----a-w-    c:\windows\system32\SynTPAPI.dll
2010-05-27 20:31 . 2010-05-27 20:31    210216    ----a-w-    c:\windows\system32\SynCtrl.dll
2010-05-27 20:31 . 2007-09-15 08:13    173352    ----a-w-    c:\windows\system32\SynCOM.dll
2010-05-26 13:24 . 2010-07-26 21:23    18488    ----a-w-    c:\windows\Help\OEM\scripts\HPHC_BUY_BATTERY.exe
2010-05-21 12:14 . 2009-10-14 12:04    221568    ------w-    c:\windows\system32\MpSigStub.exe
2010-05-04 05:59 . 2010-07-25 22:58    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-07-25 22:58    109056    ----a-w-    c:\windows\system32\iesysprep.dll
2010-05-04 05:55 . 2010-07-25 22:58    71680    ----a-w-    c:\windows\system32\iesetup.dll
2010-05-04 04:31 . 2010-07-25 22:58    133632    ----a-w-    c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-07-25 22:58    2037248    ----a-w-    c:\windows\system32\win32k.sys
2008-04-09 17:05 . 2008-04-09 17:05    22    --sha-w-    c:\windows\SMINST\HPCD.sys
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2008-09-02 14:04    398768    ----a-w-    c:\program files\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2007-12-18 401408]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-10-01 181544]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-09-13 222504]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-19 30192]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-12-01 842816]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-24 13601312]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-24 92704]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages    REG_MULTI_SZ      scecli DPPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):70,9e,1f,02,18,4f,ca,01

R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [x]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [x]
R2 gupdate1ca908ba57816d5;Tjenesten Google Update (gupdate1ca908ba57816d5);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 133104]
R3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-19 30192]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S1 aswSP;aswSP; [x]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-08-18 335240]
S1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-05-07 108552]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12    REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
HPService    REG_MULTI_SZ      HPSLPSVC
hpdevmgmt    REG_MULTI_SZ      hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation    REG_MULTI_SZ      FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 15:34    451872    ----a-w-    c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Indhold af mappen 'Planlagte Opgaver'

2010-07-27 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-07-26 15:33]

2010-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 17:54]

2010-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 17:54]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.facebook.com/home.php?ref=home
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=81&bd=Pavilion&pf=laptop
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.
- - - - TOMME GENVEJE FJERNET - - - -

BHO-{6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
BHO-{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKLM-Run-FBSSA - c:\program files\SGPSA\ie3sh.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-27 09:42
Windows 6.0.6002 Service Pack 2 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  FBSSA = c:\program files\SGPSA\ie3sh.exe?.exe??t_005064.js? Search\*.*?h??????????erne??gene??lly ?? the??aw

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'lsass.exe'(696)
c:\windows\system32\DPPWDFLT.dll
.
Gennemført tid: 2010-07-27  09:49:21
ComboFix-quarantined-files.txt  2010-07-27 07:49

Pre-Kørsel: 65.606.303.744 byte ledig
Post-Kørsel: 65.942.663.168 byte ledig

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - BDDD1190D39543E5360865EC02EBB5DD

Den startede med at skrive at avg kører, men kan ikke finde den nogen steder, har prøvet at få den væk med Revo

Drop fildeling.
http://www.spywarefri.dk/artikel/farerne-ved-fildeling/

Der er, såvidt jeg kan se, ikke noget vel fungerende antivirus program på PCen.
Der er dele af både AVG og Avast.

Hent AVG Remover (32 bit)
http://www.avg.com/download-tools

Hent aswClear5.exe.
http://www.avast.com/uninstall-utility

Sørg for du har en installations fil til den antivirus der skal bruges.

Afbryd Internettet.

Kør AVG Remover.

Genstart i fejlsikret tilstand.
Kør aswClear5.exe. (pas på. Den vil slette en hvilken-somhelst mappe du udpeger)

Installer den valgte antivirus.

Tilkobl Internettet, og lad det opdatere.

Send en ny Combofix log herind.

Nu har jeg forsøgt at gøre det, men når jeg starter Combofix igen, så skriver den at AVG stadig er her :-(

Kommer der nogen fejlmeddelse når du kører AVG Remover?

Der er bl.a stadig dette fra Avast: c:\progra~1\ALWILS~1\Avast5\avastUI.exe
Har du kørt aswClear5.exe?

ComboFix 10-07-27.04 - Karina 28-07-2010  12:22:27.2.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.45.1030.18.1982.1128 [GMT 2:00]
Kører fra: c:\users\Karina\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((  Filer skabt fra 2010-06-28 til 2010-07-28  )))))))))))))))))))))))))))))))))))
.

2010-07-28 10:32 . 2010-07-28 10:32    --------    d-----w-    c:\users\Public\AppData\Local\temp
2010-07-28 10:32 . 2010-07-28 10:32    --------    d-----w-    c:\users\Gæst\AppData\Local\temp
2010-07-28 10:32 . 2010-07-28 10:32    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-07-28 10:02 . 2010-06-28 20:37    165456    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2010-07-28 10:02 . 2010-06-28 20:32    17744    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2010-07-28 10:02 . 2010-06-28 20:33    23376    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2010-07-28 10:02 . 2010-06-28 20:37    46672    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2010-07-28 10:02 . 2010-06-28 20:32    50256    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2010-07-28 10:02 . 2010-06-28 20:57    165032    ----a-w-    c:\windows\system32\aswBoot.exe
2010-07-26 22:03 . 2009-07-14 17:45    445008    ----a-w-    c:\windows\system32\drivers\Wdf01000.sys
2010-07-26 22:03 . 2009-07-14 17:45    38480    ----a-w-    c:\windows\system32\drivers\WdfLdr.sys
2010-07-26 21:40 . 2010-07-26 21:40    --------    d-----w-    c:\users\Karina\AppData\Roaming\HpUpdate
2010-07-26 21:36 . 2010-07-26 21:36    --------    d-----w-    c:\windows\Hewlett-Packard
2010-07-26 20:48 . 2010-07-26 20:48    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2010-07-26 20:07 . 2010-06-28 20:57    38848    ----a-w-    c:\windows\avastSS.scr
2010-07-26 20:07 . 2010-07-28 10:01    --------    d-----w-    c:\program files\Alwil Software
2010-07-26 20:07 . 2010-07-26 20:07    --------    d-----w-    c:\programdata\Alwil Software
2010-07-26 19:19 . 2010-07-26 19:19    --------    d-sh--we    c:\windows\system32\config\systemprofile\Lokale indstillinger
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\tr
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\sv
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\ru
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\no
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\ko
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\ja
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\it
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\fr
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\es
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\de
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\DPDrv
2010-07-26 19:13 . 2010-07-26 19:13    --------    d-----w-    c:\programdata\Downloaded Installations
2010-07-26 11:30 . 2010-07-26 13:34    --------    d-----w-    c:\users\Karina\AppData\Roaming\IObit
2010-07-26 11:30 . 2010-07-26 11:30    --------    d-----w-    c:\program files\IObit
2010-07-26 10:16 . 2010-07-26 10:16    --------    d-----w-    c:\users\Karina\AppData\Local\VS Revo Group
2010-07-26 10:16 . 2009-12-30 10:21    27192    ----a-w-    c:\windows\system32\drivers\revoflt.sys
2010-07-26 10:16 . 2010-07-26 10:16    --------    d-----w-    c:\program files\VS Revo Group
2010-07-26 01:08 . 2009-11-08 08:55    99176    ----a-w-    c:\windows\system32\PresentationHostProxy.dll
2010-07-26 01:08 . 2009-11-08 08:55    49472    ----a-w-    c:\windows\system32\netfxperf.dll
2010-07-26 01:08 . 2009-11-08 08:55    297808    ----a-w-    c:\windows\system32\mscoree.dll
2010-07-26 01:08 . 2009-11-08 08:55    295264    ----a-w-    c:\windows\system32\PresentationHost.exe
2010-07-26 01:08 . 2009-11-08 08:55    1130824    ----a-w-    c:\windows\system32\dfshim.dll
2010-07-25 23:28 . 2010-04-12 15:29    411368    ----a-w-    c:\windows\system32\deployJava1.dll
2010-07-25 23:12 . 2010-07-25 23:12    2560    ----a-w-    c:\windows\_MSRSTRT.EXE
2010-07-25 23:00 . 2010-05-26 17:06    34304    ----a-w-    c:\windows\system32\atmlib.dll
2010-07-25 23:00 . 2010-05-26 14:47    289792    ----a-w-    c:\windows\system32\atmfd.dll
2010-07-25 22:59 . 2010-04-05 17:01    67072    ----a-w-    c:\windows\system32\asycfilt.dll
2010-07-25 22:59 . 2010-04-16 16:43    28672    ----a-w-    c:\windows\system32\Apphlpdm.dll
2010-07-25 22:59 . 2010-04-16 14:39    4240384    ----a-w-    c:\windows\system32\GameUXLegacyGDFs.dll
2010-07-25 21:40 . 2010-07-25 21:40    388096    ----a-r-    c:\users\Karina\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-07-25 21:39 . 2010-01-29 15:40    738816    ----a-w-    c:\windows\system32\inetcomm.dll
2010-07-25 21:38 . 2010-02-23 11:10    79360    ----a-w-    c:\windows\system32\drivers\mrxsmb20.sys
2010-07-25 21:38 . 2010-02-23 11:10    212992    ----a-w-    c:\windows\system32\drivers\mrxsmb10.sys
2010-07-25 21:38 . 2010-02-23 11:10    106496    ----a-w-    c:\windows\system32\drivers\mrxsmb.sys
2010-07-25 21:38 . 2010-02-18 14:07    3600776    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2010-07-25 21:38 . 2010-02-18 14:07    3548040    ----a-w-    c:\windows\system32\ntoskrnl.exe
2010-07-25 21:38 . 2010-03-05 14:01    420352    ----a-w-    c:\windows\system32\vbscript.dll
2010-07-25 21:38 . 2010-04-23 14:13    2048    ----a-w-    c:\windows\system32\tzres.dll
2010-07-25 21:36 . 2010-02-18 14:07    904576    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2010-07-25 21:36 . 2010-02-18 13:30    200704    ----a-w-    c:\windows\system32\iphlpsvc.dll
2010-07-25 21:36 . 2010-02-18 11:28    25088    ----a-w-    c:\windows\system32\drivers\tunnel.sys
2010-07-25 21:29 . 2009-12-23 11:33    172032    ----a-w-    c:\windows\system32\wintrust.dll
2010-07-25 21:29 . 2010-01-13 17:34    98304    ----a-w-    c:\windows\system32\cabview.dll
2010-07-25 20:08 . 2010-02-12 10:32    293376    ----a-w-    c:\windows\system32\browserchoice.exe

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-28 10:20 . 2008-10-15 14:36    2883584    --sha-w-    c:\users\Gæst\ntuser.dat
2010-07-28 10:16 . 2009-02-16 14:13    64510    ----a-w-    c:\programdata\nvModes.dat
2010-07-28 10:13 . 2010-01-08 17:54    --------    d-----w-    c:\users\Karina\AppData\Roaming\Skype
2010-07-26 22:04 . 2010-07-26 22:04    0    ---ha-w-    c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-07-26 22:04 . 2010-07-26 22:04    0    ---ha-w-    c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-07-26 22:03 . 2008-01-05 14:43    --------    d-----w-    c:\programdata\NVIDIA
2010-07-26 21:49 . 2007-11-09 05:35    77202    ----a-w-    c:\windows\system32\perfc006.dat
2010-07-26 21:49 . 2007-11-09 05:35    463344    ----a-w-    c:\windows\system32\perfh006.dat
2010-07-26 19:59 . 2008-06-07 17:14    --------    d-----w-    c:\programdata\avg8
2010-07-26 19:18 . 2008-01-05 14:42    --------    d-----w-    c:\program files\DigitalPersona
2010-07-26 13:29 . 2008-09-07 17:11    --------    d-----w-    c:\users\Karina\AppData\Roaming\zweitgeist
2010-07-26 13:29 . 2008-01-05 14:30    --------    d-----w-    c:\program files\WinTV
2010-07-26 10:23 . 2009-01-22 14:32    --------    d-----w-    c:\program files\Cheat Engine
2010-07-26 08:58 . 2009-01-04 16:57    --------    d-----w-    c:\program files\Microsoft Silverlight
2010-07-26 01:20 . 2006-11-02 11:18    --------    d-----w-    c:\program files\Windows Mail
2010-07-26 01:18 . 2008-11-23 18:26    --------    d-----w-    c:\programdata\Microsoft Help
2010-07-25 23:29 . 2007-11-09 07:59    --------    d-----w-    c:\program files\Common Files\Java
2010-07-25 23:28 . 2007-11-09 07:59    --------    d-----w-    c:\program files\Java
2010-07-25 21:58 . 2009-01-10 17:24    --------    d-----w-    c:\program files\Microsoft
2010-07-25 20:19 . 2008-04-08 13:07    103728    ----a-w-    c:\users\Karina\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-25 20:08 . 2009-02-18 20:39    --------    d-----w-    c:\users\Gæst\AppData\Roaming\LimeWire
2010-06-03 14:50 . 2008-12-06 19:07    680    ----a-w-    c:\users\Gæst\AppData\Local\d3d9caps.dat
2010-05-27 20:32 . 2010-05-27 20:32    245936    ----a-w-    c:\windows\system32\drivers\SynTP.sys
2010-05-27 20:31 . 2007-09-15 08:50    120104    ----a-w-    c:\windows\system32\SynTPCo4.dll
2010-05-27 20:31 . 2007-09-15 08:21    165160    ----a-w-    c:\windows\system32\SynTPAPI.dll
2010-05-27 20:31 . 2010-05-27 20:31    210216    ----a-w-    c:\windows\system32\SynCtrl.dll
2010-05-27 20:31 . 2007-09-15 08:13    173352    ----a-w-    c:\windows\system32\SynCOM.dll
2010-05-26 13:24 . 2010-07-26 21:23    18488    ----a-w-    c:\windows\Help\OEM\scripts\HPHC_BUY_BATTERY.exe
2010-05-21 12:14 . 2009-10-14 12:04    221568    ------w-    c:\windows\system32\MpSigStub.exe
2010-05-04 05:59 . 2010-07-25 22:58    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-07-25 22:58    109056    ----a-w-    c:\windows\system32\iesysprep.dll
2010-05-04 05:55 . 2010-07-25 22:58    71680    ----a-w-    c:\windows\system32\iesetup.dll
2010-05-04 04:31 . 2010-07-25 22:58    133632    ----a-w-    c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-07-25 22:58    2037248    ----a-w-    c:\windows\system32\win32k.sys
2008-04-09 17:05 . 2008-04-09 17:05    22    --sha-w-    c:\windows\SMINST\HPCD.sys
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2008-09-02 14:04    398768    ----a-w-    c:\program files\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2007-12-18 401408]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-10-01 181544]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-09-13 222504]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-19 30192]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-12-01 842816]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-24 13601312]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-24 92704]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages    REG_MULTI_SZ      scecli DPPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):70,9e,1f,02,18,4f,ca,01

R2 gupdate1ca908ba57816d5;Tjenesten Google Update (gupdate1ca908ba57816d5);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 133104]
R3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-19 30192]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12    REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
HPService    REG_MULTI_SZ      HPSLPSVC
hpdevmgmt    REG_MULTI_SZ      hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation    REG_MULTI_SZ      FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 15:34    451872    ----a-w-    c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Indhold af mappen 'Planlagte Opgaver'

2010-07-28 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-07-26 15:33]

2010-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 17:54]

2010-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 17:54]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.facebook.com/home.php?ref=home
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=81&bd=Pavilion&pf=laptop
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-28 12:33
Windows 6.0.6002 Service Pack 2 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'lsass.exe'(616)
c:\windows\system32\DPPWDFLT.dll

- - - - - - - > 'Explorer.exe'(4604)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\program files\DigitalPersona\Bin\DpoSet.dll
.
Gennemført tid: 2010-07-28  12:37:52
ComboFix-quarantined-files.txt  2010-07-28 10:37
ComboFix2.txt  2010-07-27 07:49

Pre-Kørsel: 64.952.938.496 byte ledig
Post-Kørsel: 64.926.969.856 byte ledig

- - End Of File - - E8A0768DD169EC2D1970B8C7012FCC71

Kan man ikke lave sådan noget fjernsupoort?

Kan ikke finde ud af om jeg gør noget forkert :-(

Sådan skriver den ang AVG

2010-07-28 09:35:26,295 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2010-07-28 09:35:26,342 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2010-07-28 09:35:26,342 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2010-07-28 09:35:26,342 WARN AvgDir param empty.
2010-07-28 09:35:26,358 WARN AvgDataDir param empty.
2010-07-28 09:35:38,744 INFO AvgRemover runs in attempt number 1
2010-07-28 09:35:38,744 INFO *****    Services    *****
2010-07-28 09:35:38,744 INFO Processing service avg8emc
2010-07-28 09:35:38,744 INFO Service avg8emc is not running
2010-07-28 09:35:38,744 DEBUG Service avg8emc Delete
2010-07-28 09:35:38,744 DEBUG Service avg8emc RegCleanup
2010-07-28 09:35:38,744 INFO Processing service avgfws8
2010-07-28 09:35:38,760 INFO Service avgfws8 is not installed
2010-07-28 09:35:38,760 DEBUG Service avgfws8 RegCleanup
2010-07-28 09:35:38,760 DEBUG Registry keys for service avgfws8 are not present
2010-07-28 09:35:38,760 INFO Processing service avg8wd
2010-07-28 09:35:38,775 DEBUG Service avg8wd BeforeStop
2010-07-28 09:35:38,791 WARN Service avg8wd Failed to SetStoppable command (error: e0010127)
2010-07-28 09:35:38,791 DEBUG Service avg8wd BeforeStop failed
2010-07-28 09:35:38,791 INFO Service avg8wd is not running
2010-07-28 09:35:38,791 DEBUG Service avg8wd Delete
2010-07-28 09:35:38,791 DEBUG Service avg8wd RegCleanup
2010-07-28 09:35:38,791 INFO Processing service AvgWFPx
2010-07-28 09:35:38,822 INFO Service AvgWFPx is not installed
2010-07-28 09:35:38,822 DEBUG Service AvgWFPx RegCleanup
2010-07-28 09:35:38,822 DEBUG Registry keys for service AvgWFPx are not present
2010-07-28 09:35:38,822 INFO Processing service AvgWFPa
2010-07-28 09:35:38,822 INFO Service AvgWFPa is not installed
2010-07-28 09:35:38,822 DEBUG Service AvgWFPa RegCleanup
2010-07-28 09:35:38,822 DEBUG Registry keys for service AvgWFPa are not present
2010-07-28 09:35:38,822 INFO Processing service AvgMfx86
2010-07-28 09:35:38,838 DEBUG Service AvgMfx86 Stop
2010-07-28 09:35:38,853 DEBUG Service AvgMfx86 Delete
2010-07-28 09:35:38,853 DEBUG Service AvgMfx86 RegCleanup
2010-07-28 09:35:38,853 INFO Processing service AvgMfx64
2010-07-28 09:35:38,853 INFO Service AvgMfx64 is not installed
2010-07-28 09:35:38,853 DEBUG Service AvgMfx64 RegCleanup
2010-07-28 09:35:38,853 DEBUG Registry keys for service AvgMfx64 are not present
2010-07-28 09:35:38,853 INFO Processing service AvgLdx86
2010-07-28 09:35:38,853 DEBUG Service AvgLdx86 Stop
2010-07-28 09:35:38,884 DEBUG Service AvgLdx86 Delete
2010-07-28 09:35:38,884 DEBUG Service AvgLdx86 RegCleanup
2010-07-28 09:35:38,884 INFO Processing service AvgLdx64
2010-07-28 09:35:38,884 INFO Service AvgLdx64 is not installed
2010-07-28 09:35:38,900 DEBUG Service AvgLdx64 RegCleanup
2010-07-28 09:35:38,900 DEBUG Registry keys for service AvgLdx64 are not present
2010-07-28 09:35:38,900 INFO Processing service AvgTdiX
2010-07-28 09:35:38,900 DEBUG Service AvgTdiX Stop
2010-07-28 09:35:38,900 DEBUG Service AvgTdiX Stop failed (error: c007041c), RESTART planned
2010-07-28 09:35:38,900 DEBUG Service AvgTdiX Stop failed
2010-07-28 09:35:38,900 DEBUG Service AvgTdiX Delete
2010-07-28 09:35:38,900 DEBUG Service AvgTdiX Delete failed (error: c007041c)
2010-07-28 09:35:38,900 DEBUG Service AvgTdiX Delete failed
2010-07-28 09:35:38,900 DEBUG Service AvgTdiX RegCleanup
2010-07-28 09:35:38,900 INFO Processing service AvgTdiA
2010-07-28 09:35:38,900 INFO Service AvgTdiA is not installed
2010-07-28 09:35:38,900 DEBUG Service AvgTdiA RegCleanup
2010-07-28 09:35:38,900 DEBUG Registry keys for service AvgTdiA are not present
2010-07-28 09:35:38,900 INFO Processing service AvgRkx86
2010-07-28 09:35:38,900 INFO Service AvgRkx86 is not installed
2010-07-28 09:35:38,900 DEBUG Service AvgRkx86 RegCleanup
2010-07-28 09:35:38,900 DEBUG Registry keys for service AvgRkx86 are not present
2010-07-28 09:35:38,900 INFO Processing service AvgRkx64
2010-07-28 09:35:38,900 INFO Service AvgRkx64 is not installed
2010-07-28 09:35:38,900 DEBUG Service AvgRkx64 RegCleanup
2010-07-28 09:35:38,900 DEBUG Registry keys for service AvgRkx64 are not present
2010-07-28 09:35:38,900 INFO Processing service avg9emc
2010-07-28 09:35:38,900 INFO Service avg9emc is not installed
2010-07-28 09:35:38,916 DEBUG Service avg9emc RegCleanup
2010-07-28 09:35:38,916 DEBUG Registry keys for service avg9emc are not present
2010-07-28 09:35:38,916 INFO Processing service avgfws9
2010-07-28 09:35:38,916 INFO Service avgfws9 is not installed
2010-07-28 09:35:38,916 DEBUG Service avgfws9 RegCleanup
2010-07-28 09:35:38,916 DEBUG Registry keys for service avgfws9 are not present
2010-07-28 09:35:38,916 INFO Processing service avg9wd
2010-07-28 09:35:38,916 INFO Service avg9wd is not installed
2010-07-28 09:35:38,931 DEBUG Service avg9wd RegCleanup
2010-07-28 09:35:38,931 DEBUG Registry keys for service avg9wd are not present
2010-07-28 09:35:38,931 INFO Processing service AVGIDSAgent
2010-07-28 09:35:38,931 INFO Service AVGIDSAgent is not installed
2010-07-28 09:35:38,931 DEBUG Service AVGIDSAgent RegCleanup
2010-07-28 09:35:38,931 DEBUG Registry keys for service AVGIDSAgent are not present
2010-07-28 09:35:38,931 INFO Processing service AVGIDSShimxpx
2010-07-28 09:35:38,931 INFO Service AVGIDSShimxpx is not installed
2010-07-28 09:35:38,931 DEBUG Service AVGIDSShimxpx RegCleanup
2010-07-28 09:35:38,931 DEBUG Registry keys for service AVGIDSShimxpx are not present
2010-07-28 09:35:38,931 INFO Processing service AVGIDSFilterxpx
2010-07-28 09:35:38,931 INFO Service AVGIDSFilterxpx is not installed
2010-07-28 09:35:38,931 DEBUG Service AVGIDSFilterxpx RegCleanup
2010-07-28 09:35:38,931 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2010-07-28 09:35:38,931 INFO Processing service AVGIDSDriverxpx
2010-07-28 09:35:38,931 INFO Service AVGIDSDriverxpx is not installed
2010-07-28 09:35:38,947 DEBUG Service AVGIDSDriverxpx RegCleanup
2010-07-28 09:35:38,947 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2010-07-28 09:35:38,947 INFO Processing service AVGIDSShimvtx
2010-07-28 09:35:38,947 INFO Service AVGIDSShimvtx is not installed
2010-07-28 09:35:38,947 DEBUG Service AVGIDSShimvtx RegCleanup
2010-07-28 09:35:38,947 DEBUG Registry keys for service AVGIDSShimvtx are not present
2010-07-28 09:35:38,947 INFO Processing service AVGIDSFiltervtx
2010-07-28 09:35:38,947 INFO Service AVGIDSFiltervtx is not installed
2010-07-28 09:35:38,947 DEBUG Service AVGIDSFiltervtx RegCleanup
2010-07-28 09:35:38,947 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2010-07-28 09:35:38,947 INFO Processing service AVGIDSDrivervtx
2010-07-28 09:35:38,947 INFO Service AVGIDSDrivervtx is not installed
2010-07-28 09:35:38,947 DEBUG Service AVGIDSDrivervtx RegCleanup
2010-07-28 09:35:38,947 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2010-07-28 09:35:38,947 INFO Processing service AVGIDSFiltervta
2010-07-28 09:35:38,947 INFO Service AVGIDSFiltervta is not installed
2010-07-28 09:35:38,947 DEBUG Service AVGIDSFiltervta RegCleanup
2010-07-28 09:35:38,947 DEBUG Registry keys for service AVGIDSFiltervta are not present
2010-07-28 09:35:38,947 INFO Processing service AVGIDSDrivervta
2010-07-28 09:35:38,947 INFO Service AVGIDSDrivervta is not installed
2010-07-28 09:35:38,962 DEBUG Service AVGIDSDrivervta RegCleanup
2010-07-28 09:35:38,962 DEBUG Registry keys for service AVGIDSDrivervta are not present
2010-07-28 09:35:38,962 INFO Processing service AVGIDSShimw7x
2010-07-28 09:35:38,962 INFO Service AVGIDSShimw7x is not installed
2010-07-28 09:35:38,962 DEBUG Service AVGIDSShimw7x RegCleanup
2010-07-28 09:35:38,962 DEBUG Registry keys for service AVGIDSShimw7x are not present
2010-07-28 09:35:38,962 INFO Processing service AVGIDSFilterw7x
2010-07-28 09:35:38,962 INFO Service AVGIDSFilterw7x is not installed
2010-07-28 09:35:38,962 DEBUG Service AVGIDSFilterw7x RegCleanup
2010-07-28 09:35:38,962 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2010-07-28 09:35:38,962 INFO Processing service AVGIDSDriverw7x
2010-07-28 09:35:38,962 INFO Service AVGIDSDriverw7x is not installed
2010-07-28 09:35:38,962 DEBUG Service AVGIDSDriverw7x RegCleanup
2010-07-28 09:35:38,962 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2010-07-28 09:35:38,962 INFO Processing service AVGIDSFilterw7a
2010-07-28 09:35:38,978 INFO Service AVGIDSFilterw7a is not installed
2010-07-28 09:35:38,978 DEBUG Service AVGIDSFilterw7a RegCleanup
2010-07-28 09:35:38,978 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2010-07-28 09:35:38,978 INFO Processing service AVGIDSDriverw7a
2010-07-28 09:35:38,978 INFO Service AVGIDSDriverw7a is not installed
2010-07-28 09:35:38,978 DEBUG Service AVGIDSDriverw7a RegCleanup
2010-07-28 09:35:38,978 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2010-07-28 09:35:38,978 INFO Processing service AVGIDSErHrxpx
2010-07-28 09:35:38,978 INFO Service AVGIDSErHrxpx is not installed
2010-07-28 09:35:38,978 DEBUG Service AVGIDSErHrxpx RegCleanup
2010-07-28 09:35:38,978 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2010-07-28 09:35:38,978 INFO Processing service AVGIDSErHrvtx
2010-07-28 09:35:38,978 INFO Service AVGIDSErHrvtx is not installed
2010-07-28 09:35:38,978 DEBUG Service AVGIDSErHrvtx RegCleanup
2010-07-28 09:35:38,978 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2010-07-28 09:35:38,978 INFO Processing service AVGIDSErHrvta
2010-07-28 09:35:38,978 INFO Service AVGIDSErHrvta is not installed
2010-07-28 09:35:38,978 DEBUG Service AVGIDSErHrvta RegCleanup
2010-07-28 09:35:38,978 DEBUG Registry keys for service AVGIDSErHrvta are not present
2010-07-28 09:35:38,978 INFO Processing service AVGIDSErHrw7x
2010-07-28 09:35:38,978 INFO Service AVGIDSErHrw7x is not installed
2010-07-28 09:35:38,978 DEBUG Service AVGIDSErHrw7x RegCleanup
2010-07-28 09:35:38,978 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2010-07-28 09:35:38,978 INFO Processing service AVGIDSErHrw7a
2010-07-28 09:35:38,994 INFO Service AVGIDSErHrw7a is not installed
2010-07-28 09:35:38,994 DEBUG Service AVGIDSErHrw7a RegCleanup
2010-07-28 09:35:38,994 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2010-07-28 09:35:38,994 DEBUG Restart is needed (restart counter: 1)
2010-07-28 09:35:38,994 INFO *****    Registry keys and values    *****
2010-07-28 09:35:38,994 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2010-07-28 09:35:38,994 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2010-07-28 09:35:38,994 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2010-07-28 09:35:38,994 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2010-07-28 09:35:38,994 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2010-07-28 09:35:38,994 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2010-07-28 09:35:38,994 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2010-07-28 09:35:38,994 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2010-07-28 09:35:38,994 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2010-07-28 09:35:38,994 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2010-07-28 09:35:38,994 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2010-07-28 09:35:38,994 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2010-07-28 09:35:38,994 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2010-07-28 09:35:38,994 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2010-07-28 09:35:38,994 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2010-07-28 09:35:38,994 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2010-07-28 09:35:38,994 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2010-07-28 09:35:39,009 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2010-07-28 09:35:39,009 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2010-07-28 09:35:39,009 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2010-07-28 09:35:39,009 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2010-07-28 09:35:39,009 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2010-07-28 09:35:39,009 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2010-07-28 09:35:39,009 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2010-07-28 09:35:39,009 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2010-07-28 09:35:39,009 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar
2010-07-28 09:35:39,009 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2010-07-28 09:35:39,009 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2010-07-28 09:35:39,009 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2010-07-28 09:35:39,009 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2010-07-28 09:35:39,009 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2010-07-28 09:35:39,009 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2010-07-28 09:35:39,009 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2010-07-28 09:35:39,009 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2010-07-28 09:35:39,025 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2010-07-28 09:35:39,025 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present
2010-07-28 09:35:39,025 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2010-07-28 09:35:39,025 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2010-07-28 09:35:39,025 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs doesn't need to be modified
2010-07-28 09:35:39,025 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2010-07-28 09:35:39,025 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2010-07-28 09:35:39,025 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2010-07-28 09:35:39,025 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2010-07-28 09:35:39,025 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2010-07-28 09:35:39,025 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2010-07-28 09:35:39,025 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2010-07-28 09:35:39,025 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2010-07-28 09:35:39,025 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2010-07-28 09:35:39,025 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2010-07-28 09:35:39,025 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2010-07-28 09:35:39,040 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2010-07-28 09:35:39,040 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove
2010-07-28 09:35:39,040 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present
2010-07-28 09:35:39,040 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2010-07-28 09:35:39,040 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove
2010-07-28 09:35:39,040 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present
2010-07-28 09:35:39,040 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall
2010-07-28 09:35:39,040 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove
2010-07-28 09:35:39,040 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found
2010-07-28 09:35:39,040 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall
2010-07-28 09:35:39,040 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove
2010-07-28 09:35:39,056 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found
2010-07-28 09:35:39,056 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2010-07-28 09:35:39,056 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2010-07-28 09:35:39,056 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2010-07-28 09:35:39,056 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2010-07-28 09:35:39,056 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2010-07-28 09:35:39,056 INFO Processing registry SOFTWARE\Classes\.avgdi
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Classes\.avgdi not found
2010-07-28 09:35:39,056 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2010-07-28 09:35:39,056 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2010-07-28 09:35:39,056 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2010-07-28 09:35:39,056 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension
2010-07-28 09:35:39,072 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2010-07-28 09:35:39,072 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2010-07-28 09:35:39,072 INFO Processing registry SOFTWARE\AVG\Clients
2010-07-28 09:35:39,072 DEBUG Key SOFTWARE\AVG\Clients ForceRemove
2010-07-28 09:35:39,072 DEBUG Key SOFTWARE\AVG\Clients not found
2010-07-28 09:35:39,072 INFO Processing registry SOFTWARE\AVG\AVG8
2010-07-28 09:35:39,072 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2010-07-28 09:35:39,072 INFO Processing registry SOFTWARE\AVG\AVG9
2010-07-28 09:35:39,072 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2010-07-28 09:35:39,072 DEBUG Key SOFTWARE\AVG\AVG9 not found
2010-07-28 09:35:39,072 INFO Processing registry SOFTWARE\AVG\AVG IDS
2010-07-28 09:35:39,072 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove
2010-07-28 09:35:39,072 DEBUG Key SOFTWARE\AVG\AVG IDS not found
2010-07-28 09:35:39,072 INFO Processing registry SOFTWARE\AVG
2010-07-28 09:35:39,072 DEBUG Value SOFTWARE\AVG:DumpType Remove
2010-07-28 09:35:39,072 INFO Processing registry SOFTWARE\AVG
2010-07-28 09:35:39,072 DEBUG Key SOFTWARE\AVG Remove
2010-07-28 09:35:39,072 INFO Processing registry SOFTWARE\AVG Security Toolbar
2010-07-28 09:35:39,072 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2010-07-28 09:35:39,072 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2010-07-28 09:35:39,072 INFO Processing registry SOFTWARE\AVG\AVG8
2010-07-28 09:35:39,072 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2010-07-28 09:35:39,072 INFO Processing registry SOFTWARE\AVG\AVG9
2010-07-28 09:35:39,072 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2010-07-28 09:35:39,072 DEBUG Key SOFTWARE\AVG\AVG9 not found
2010-07-28 09:35:39,072 INFO Processing registry SOFTWARE\AVG
2010-07-28 09:35:39,087 DEBUG Key SOFTWARE\AVG Remove
2010-07-28 09:35:39,087 INFO Processing registry SOFTWARE\AVG Security Toolbar
2010-07-28 09:35:39,087 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2010-07-28 09:35:39,087 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2010-07-28 09:35:39,087 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
2010-07-28 09:35:39,087 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} Remove
2010-07-28 09:35:39,087 INFO Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} is not present
2010-07-28 09:35:39,087 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2010-07-28 09:35:39,087 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2010-07-28 09:35:39,118 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2010-07-28 09:35:39,118 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser
2010-07-28 09:35:39,118 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2010-07-28 09:35:39,118 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2010-07-28 09:35:39,118 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2010-07-28 09:35:39,118 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2010-07-28 09:35:39,118 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2010-07-28 09:35:39,118 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2010-07-28 09:35:39,118 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2010-07-28 09:35:39,118 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2010-07-28 09:35:39,118 INFO Processing registry aAvgAPI.AvgBro
2010-07-28 09:35:39,118 DEBUG Key aAvgAPI.AvgBro ForceRemove
2010-07-28 09:35:39,118 DEBUG Key aAvgAPI.AvgBro not found
2010-07-28 09:35:39,118 INFO Processing registry AVG.Office
2010-07-28 09:35:39,118 DEBUG Key AVG.Office ForceRemove
2010-07-28 09:35:39,118 DEBUG Key AVG.Office not found
2010-07-28 09:35:39,118 INFO Processing registry AVG.Office.8
2010-07-28 09:35:39,118 DEBUG Key AVG.Office.8 ForceRemove
2010-07-28 09:35:39,118 DEBUG Key AVG.Office.8 not found
2010-07-28 09:35:39,118 INFO Processing registry avgtoolbar.AVGTOOLBAR
2010-07-28 09:35:39,134 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove
2010-07-28 09:35:39,134 DEBUG Key avgtoolbar.AVGTOOLBAR not found
2010-07-28 09:35:39,134 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button
2010-07-28 09:35:39,134 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove
2010-07-28 09:35:39,134 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button not found
2010-07-28 09:35:39,134 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button
2010-07-28 09:35:39,134 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove
2010-07-28 09:35:39,134 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button not found
2010-07-28 09:35:39,134 INFO Processing registry LinkScannerIE.NavFilter
2010-07-28 09:35:39,134 DEBUG Key LinkScannerIE.NavFilter ForceRemove
2010-07-28 09:35:39,134 DEBUG Key LinkScannerIE.NavFilter not found
2010-07-28 09:35:39,134 INFO Processing registry LinkScannerIE.NavFilter.1
2010-07-28 09:35:39,134 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove
2010-07-28 09:35:39,134 DEBUG Key LinkScannerIE.NavFilter.1 not found
2010-07-28 09:35:39,134 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA}
2010-07-28 09:35:39,134 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove
2010-07-28 09:35:39,134 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found
2010-07-28 09:35:39,134 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}
2010-07-28 09:35:39,134 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove
2010-07-28 09:35:39,134 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found
2010-07-28 09:35:39,134 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2010-07-28 09:35:39,134 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2010-07-28 09:35:39,134 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2010-07-28 09:35:39,134 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2010-07-28 09:35:39,134 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2010-07-28 09:35:39,134 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2010-07-28 09:35:39,134 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2010-07-28 09:35:39,150 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2010-07-28 09:35:39,150 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2010-07-28 09:35:39,150 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}
2010-07-28 09:35:39,150 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove
2010-07-28 09:35:39,150 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found
2010-07-28 09:35:39,150 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}
2010-07-28 09:35:39,150 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove
2010-07-28 09:35:39,150 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found
2010-07-28 09:35:39,150 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990}
2010-07-28 09:35:39,150 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove
2010-07-28 09:35:39,150 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found
2010-07-28 09:35:39,150 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2010-07-28 09:35:39,150 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2010-07-28 09:35:39,150 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2010-07-28 09:35:39,150 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}
2010-07-28 09:35:39,150 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove
2010-07-28 09:35:39,150 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found
2010-07-28 09:35:39,150 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2010-07-28 09:35:39,150 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2010-07-28 09:35:39,150 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2010-07-28 09:35:39,150 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2010-07-28 09:35:39,150 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2010-07-28 09:35:39,150 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2010-07-28 09:35:39,150 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D}
2010-07-28 09:35:39,150 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove
2010-07-28 09:35:39,150 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found
2010-07-28 09:35:39,150 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C}
2010-07-28 09:35:39,165 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove
2010-07-28 09:35:39,165 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found
2010-07-28 09:35:39,165 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC}
2010-07-28 09:35:39,165 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove
2010-07-28 09:35:39,165 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found
2010-07-28 09:35:39,165 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}
2010-07-28 09:35:39,165 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove
2010-07-28 09:35:39,165 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found
2010-07-28 09:35:39,165 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2010-07-28 09:35:39,165 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2010-07-28 09:35:39,165 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2010-07-28 09:35:39,165 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9}
2010-07-28 09:35:39,165 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove
2010-07-28 09:35:39,165 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2010-07-28 09:35:39,165 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2010-07-28 09:35:39,165 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2010-07-28 09:35:39,165 INFO *****    Files and folders    *****
2010-07-28 09:35:39,181 DEBUG Missing ParentDir path for fileItem number 0
2010-07-28 09:35:39,181 DEBUG Missing ParentDir path for fileItem number 1
2010-07-28 09:35:39,181 DEBUG Missing ParentDir path for fileItem number 2
2010-07-28 09:35:39,181 DEBUG Missing ParentDir path for fileItem number 3
2010-07-28 09:35:39,181 DEBUG Missing ParentDir path for fileItem number 4
2010-07-28 09:35:39,181 DEBUG Missing ParentDir path for fileItem number 5
2010-07-28 09:35:39,181 DEBUG Missing ParentDir path for fileItem number 6
2010-07-28 09:35:39,181 DEBUG Missing ParentDir path for fileItem number 7
2010-07-28 09:35:39,181 DEBUG Missing ParentDir path for fileItem number 8
2010-07-28 09:35:39,181 DEBUG Missing ParentDir path for fileItem number 9
2010-07-28 09:35:39,181 DEBUG Missing ParentDir path for fileItem number 10
2010-07-28 09:35:39,181 DEBUG Missing ParentDir path for fileItem number 11
2010-07-28 09:35:39,181 DEBUG Missing ParentDir path for fileItem number 12
2010-07-28 09:35:39,181 DEBUG Missing ParentDir path for fileItem number 13
2010-07-28 09:35:39,181 DEBUG Missing ParentDir path for fileItem number 14
2010-07-28 09:35:39,181 DEBUG Missing ParentDir path for fileItem number 15
2010-07-28 09:35:39,181 DEBUG Missing ParentDir path for fileItem number 16
2010-07-28 09:35:39,181 DEBUG Processing item C:\Users\Karina\AppData\Roaming\AVGTOOLBAR
2010-07-28 09:35:39,181 INFO Directory C:\Users\Karina\AppData\Roaming\AVGTOOLBAR not found
2010-07-28 09:35:39,181 DEBUG Processing item C:\Windows\System32\Drivers
2010-07-28 09:35:39,181 DEBUG Processing item C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg 8.0
2010-07-28 09:35:39,181 INFO Directory C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg 8.0 not found
2010-07-28 09:35:39,181 DEBUG Processing item C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg free 8.0
2010-07-28 09:35:39,181 INFO Directory C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg free 8.0 not found
2010-07-28 09:35:39,181 DEBUG Processing item C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg 8.5
2010-07-28 09:35:39,181 INFO Directory C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg 8.5 not found
2010-07-28 09:35:39,181 DEBUG Processing item C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg free 8.5
2010-07-28 09:35:39,181 INFO Directory C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg free 8.5 not found
2010-07-28 09:35:39,181 DEBUG Processing item C:\Users\Public\Desktop\avg 8.0.lnk
2010-07-28 09:35:39,181 INFO File C:\Users\Public\Desktop\avg 8.0.lnk not found
2010-07-28 09:35:39,181 DEBUG Processing item C:\Users\Public\Desktop\avg free 8.0.lnk
2010-07-28 09:35:39,181 INFO File C:\Users\Public\Desktop\avg free 8.0.lnk not found
2010-07-28 09:35:39,181 DEBUG Processing item C:\Users\Public\Desktop\avg 8.5.lnk
2010-07-28 09:35:39,181 INFO File C:\Users\Public\Desktop\avg 8.5.lnk not found
2010-07-28 09:35:39,181 DEBUG Processing item C:\Users\Public\Desktop\avg free 8.5.lnk
2010-07-28 09:35:39,181 INFO File C:\Users\Public\Desktop\avg free 8.5.lnk not found
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 27
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 28
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 29
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 30
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 31
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 32
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 33
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 34
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 35
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 36
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 37
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 38
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 39
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 40
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 41
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 42
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 43
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 44
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 45
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 46
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 47
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 48
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 49
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 50
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 51
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 52
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 53
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 54
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 55
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 56
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 57
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 58
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 59
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 60
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 61
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 62
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 63
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 64
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 65
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 66
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 67
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 68
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 69
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 70
2010-07-28 09:35:39,196 DEBUG Processing item C:\ProgramData\AVG Security Toolbar\Languages
2010-07-28 09:35:39,196 INFO Directory C:\ProgramData\AVG Security Toolbar\Languages not found
2010-07-28 09:35:39,196 DEBUG Processing item C:\ProgramData\AVG Security Toolbar
2010-07-28 09:35:39,196 INFO Directory C:\ProgramData\AVG Security Toolbar not found
2010-07-28 09:35:39,196 DEBUG Processing item C:\Windows\System32\Drivers
2010-07-28 09:35:39,196 DEBUG Processing item C:\Users\Public\Desktop\avg 9.0.lnk
2010-07-28 09:35:39,196 INFO File C:\Users\Public\Desktop\avg 9.0.lnk not found
2010-07-28 09:35:39,196 DEBUG Processing item C:\Users\Public\Desktop\avg free 9.0.lnk
2010-07-28 09:35:39,196 INFO File C:\Users\Public\Desktop\avg free 9.0.lnk not found
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 76
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 77
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 78
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 79
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 80
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 81
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 82
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 83
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 84
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 85
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 86
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 87
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 88
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 89
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 90
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 91
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 92
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 93
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 94
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 95
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 96
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 97
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 98
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 99
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 100
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 101
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 102
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 103
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 104
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 105
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 106
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 107
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 108
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 109
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 110
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 111
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 112
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 113
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 114
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 115
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 116
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 117
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 118
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 119
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 120
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 121
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 122
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 123
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 124
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 125
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 126
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 127
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 128
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 129
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 130
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 131
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 132
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 133
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 134
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 135
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 136
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 137
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 138
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 139
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 140
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 141
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 142
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 143
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 144
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 145
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 146
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 147
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 148
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 149
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 150
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 151
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 152
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 153
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 154
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 155
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 156
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 157
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 158
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 159
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 160
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 161
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 162
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 163
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 164
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 165
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 166
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 167
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 168
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 169
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 170
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 171
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 172
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 173
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 174
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 175
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 176
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 177
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 178
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 179
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 180
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 181
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 182
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 183
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 184
2010-07-28 09:35:39,196 DEBUG Missing ParentDir path for fileItem number 185
2010-07-28 09:35:39,196 DEBUG Processing item C:\Windows\System32\Drivers
2010-07-28 09:35:39,196 INFO File C:\Windows\System32\Drivers\\avgldx86.sys deleted
2010-07-28 09:35:39,212 DEBUG Processing item C:\Windows\System32\Drivers
2010-07-28 09:35:39,212 DEBUG Processing item C:\Windows\System32\Drivers
2010-07-28 09:35:39,212 INFO File C:\Windows\System32\Drivers\\avgmfx86.sys deleted
2010-07-28 09:35:39,212 DEBUG Processing item C:\Windows\System32\Drivers
2010-07-28 09:35:39,212 DEBUG Processing item C:\Windows\System32\Drivers
2010-07-28 09:35:39,212 INFO File C:\Windows\System32\Drivers\\avgtdix.sys deleted
2010-07-28 09:35:39,212 DEBUG Processing item C:\Windows\System32\Drivers\avg
2010-07-28 09:35:39,212 INFO File C:\Windows\System32\Drivers\avg\avi7.avg deleted
2010-07-28 09:35:39,212 INFO File C:\Windows\System32\Drivers\avg\incavi.avm deleted
2010-07-28 09:35:39,212 INFO File C:\Windows\System32\Drivers\avg\microavi.avg deleted
2010-07-28 09:35:39,228 INFO File C:\Windows\System32\Drivers\avg\miniavi.avg deleted
2010-07-28 09:35:39,243 INFO Directory C:\Windows\System32\Drivers\avg deleted
2010-07-28 09:35:39,243 DEBUG Processing item C:\Windows\System32
2010-07-28 09:35:39,290 INFO File C:\Windows\System32\\avgrsstx.dll deleted
2010-07-28 09:35:39,290 DEBUG Processing item C:\Program Files\AVG
2010-07-28 09:35:39,290 DEBUG Directory C:\Program Files\AVG not deleted (error c0070091)
2010-07-28 09:35:39,290 DEBUG Missing ParentDir path for fileItem number 194
2010-07-28 09:35:39,290 DEBUG Restarting...
2010-07-28 09:38:58,496 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2010-07-28 09:38:58,574 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2010-07-28 09:38:58,574 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2010-07-28 09:38:58,574 INFO Command line: /run_number=2 /ndis_nextstep=1
2010-07-28 09:38:58,574 WARN AvgDir param empty.
2010-07-28 09:38:58,574 WARN AvgDataDir param empty.
2010-07-28 09:38:58,574 INFO AvgRemover runs in attempt number 2
2010-07-28 09:38:58,574 INFO *****    Services    *****
2010-07-28 09:38:58,574 INFO Processing service avg8emc
2010-07-28 09:38:58,574 INFO Service avg8emc is not installed
2010-07-28 09:38:58,574 DEBUG Service avg8emc RegCleanup
2010-07-28 09:38:58,574 DEBUG Registry keys for service avg8emc are not present
2010-07-28 09:38:58,574 INFO Processing service avgfws8
2010-07-28 09:38:58,574 INFO Service avgfws8 is not installed
2010-07-28 09:38:58,574 DEBUG Service avgfws8 RegCleanup
2010-07-28 09:38:58,574 DEBUG Registry keys for service avgfws8 are not present
2010-07-28 09:38:58,574 INFO Processing service avg8wd
2010-07-28 09:38:58,574 INFO Service avg8wd is not installed
2010-07-28 09:38:58,574 DEBUG Service avg8wd RegCleanup
2010-07-28 09:38:58,574 DEBUG Registry keys for service avg8wd are not present
2010-07-28 09:38:58,574 INFO Processing service AvgWFPx
2010-07-28 09:38:58,574 INFO Service AvgWFPx is not installed
2010-07-28 09:38:58,574 DEBUG Service AvgWFPx RegCleanup
2010-07-28 09:38:58,574 DEBUG Registry keys for service AvgWFPx are not present
2010-07-28 09:38:58,574 INFO Processing service AvgWFPa
2010-07-28 09:38:58,574 INFO Service AvgWFPa is not installed
2010-07-28 09:38:58,574 DEBUG Service AvgWFPa RegCleanup
2010-07-28 09:38:58,574 DEBUG Registry keys for service AvgWFPa are not present
2010-07-28 09:38:58,574 INFO Processing service AvgMfx86
2010-07-28 09:38:58,574 INFO Service AvgMfx86 is not installed
2010-07-28 09:38:58,574 DEBUG Service AvgMfx86 RegCleanup
2010-07-28 09:38:58,574 DEBUG Registry keys for service AvgMfx86 are not present
2010-07-28 09:38:58,574 INFO Processing service AvgMfx64
2010-07-28 09:38:58,574 INFO Service AvgMfx64 is not installed
2010-07-28 09:38:58,574 DEBUG Service AvgMfx64 RegCleanup
2010-07-28 09:38:58,574 DEBUG Registry keys for service AvgMfx64 are not present
2010-07-28 09:38:58,574 INFO Processing service AvgLdx86
2010-07-28 09:38:58,574 INFO Service AvgLdx86 is not installed
2010-07-28 09:38:58,590 DEBUG Service AvgLdx86 RegCleanup
2010-07-28 09:38:58,590 DEBUG Registry keys for service AvgLdx86 are not present
2010-07-28 09:38:58,590 INFO Processing service AvgLdx64
2010-07-28 09:38:58,590 INFO Service AvgLdx64 is not installed
2010-07-28 09:38:58,590 DEBUG Service AvgLdx64 RegCleanup
2010-07-28 09:38:58,590 DEBUG Registry keys for service AvgLdx64 are not present
2010-07-28 09:38:58,590 INFO Processing service AvgTdiX
2010-07-28 09:38:58,590 INFO Service AvgTdiX is not installed
2010-07-28 09:38:58,590 DEBUG Service AvgTdiX RegCleanup
2010-07-28 09:38:58,590 DEBUG Registry keys for service AvgTdiX are not present
2010-07-28 09:38:58,590 INFO Processing service AvgTdiA
2010-07-28 09:38:58,590 INFO Service AvgTdiA is not installed
2010-07-28 09:38:58,590 DEBUG Service AvgTdiA RegCleanup
2010-07-28 09:38:58,590 DEBUG Registry keys for service AvgTdiA are not present
2010-07-28 09:38:58,590 INFO Processing service AvgRkx86
2010-07-28 09:38:58,590 INFO Service AvgRkx86 is not installed
2010-07-28 09:38:58,590 DEBUG Service AvgRkx86 RegCleanup
2010-07-28 09:38:58,590 DEBUG Registry keys for service AvgRkx86 are not present
2010-07-28 09:38:58,590 INFO Processing service AvgRkx64
2010-07-28 09:38:58,590 INFO Service AvgRkx64 is not installed
2010-07-28 09:38:58,590 DEBUG Service AvgRkx64 RegCleanup
2010-07-28 09:38:58,590 DEBUG Registry keys for service AvgRkx64 are not present
2010-07-28 09:38:58,590 INFO Processing service avg9emc
2010-07-28 09:38:58,590 INFO Service avg9emc is not installed
2010-07-28 09:38:58,590 DEBUG Service avg9emc RegCleanup
2010-07-28 09:38:58,590 DEBUG Registry keys for service avg9emc are not present
2010-07-28 09:38:58,590 INFO Processing service avgfws9
2010-07-28 09:38:58,590 INFO Service avgfws9 is not installed
2010-07-28 09:38:58,590 DEBUG Service avgfws9 RegCleanup
2010-07-28 09:38:58,590 DEBUG Registry keys for service avgfws9 are not present
2010-07-28 09:38:58,590 INFO Processing service avg9wd
2010-07-28 09:38:58,590 INFO Service avg9wd is not installed
2010-07-28 09:38:58,590 DEBUG Service avg9wd RegCleanup
2010-07-28 09:38:58,590 DEBUG Registry keys for service avg9wd are not present
2010-07-28 09:38:58,590 INFO Processing service AVGIDSAgent
2010-07-28 09:38:58,590 INFO Service AVGIDSAgent is not installed
2010-07-28 09:38:58,590 DEBUG Service AVGIDSAgent RegCleanup
2010-07-28 09:38:58,590 DEBUG Registry keys for service AVGIDSAgent are not present
2010-07-28 09:38:58,590 INFO Processing service AVGIDSShimxpx
2010-07-28 09:38:58,590 INFO Service AVGIDSShimxpx is not installed
2010-07-28 09:38:58,590 DEBUG Service AVGIDSShimxpx RegCleanup
2010-07-28 09:38:58,590 DEBUG Registry keys for service AVGIDSShimxpx are not present
2010-07-28 09:38:58,590 INFO Processing service AVGIDSFilterxpx
2010-07-28 09:38:58,590 INFO Service AVGIDSFilterxpx is not installed
2010-07-28 09:38:58,590 DEBUG Service AVGIDSFilterxpx RegCleanup
2010-07-28 09:38:58,590 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2010-07-28 09:38:58,590 INFO Processing service AVGIDSDriverxpx
2010-07-28 09:38:58,590 INFO Service AVGIDSDriverxpx is not installed
2010-07-28 09:38:58,590 DEBUG Service AVGIDSDriverxpx RegCleanup
2010-07-28 09:38:58,590 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2010-07-28 09:38:58,590 INFO Processing service AVGIDSShimvtx
2010-07-28 09:38:58,590 INFO Service AVGIDSShimvtx is not installed
2010-07-28 09:38:58,590 DEBUG Service AVGIDSShimvtx RegCleanup
2010-07-28 09:38:58,590 DEBUG Registry keys for service AVGIDSShimvtx are not present
2010-07-28 09:38:58,590 INFO Processing service AVGIDSFiltervtx
2010-07-28 09:38:58,590 INFO Service AVGIDSFiltervtx is not installed
2010-07-28 09:38:58,590 DEBUG Service AVGIDSFiltervtx RegCleanup
2010-07-28 09:38:58,590 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2010-07-28 09:38:58,590 INFO Processing service AVGIDSDrivervtx
2010-07-28 09:38:58,590 INFO Service AVGIDSDrivervtx is not installed
2010-07-28 09:38:58,590 DEBUG Service AVGIDSDrivervtx RegCleanup
2010-07-28 09:38:58,590 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2010-07-28 09:38:58,590 INFO Processing service AVGIDSFiltervta
2010-07-28 09:38:58,590 INFO Service AVGIDSFiltervta is not installed
2010-07-28 09:38:58,590 DEBUG Service AVGIDSFiltervta RegCleanup
2010-07-28 09:38:58,590 DEBUG Registry keys for service AVGIDSFiltervta are not present
2010-07-28 09:38:58,590 INFO Processing service AVGIDSDrivervta
2010-07-28 09:38:58,606 INFO Service AVGIDSDrivervta is not installed
2010-07-28 09:38:58,606 DEBUG Service AVGIDSDrivervta RegCleanup
2010-07-28 09:38:58,606 DEBUG Registry keys for service AVGIDSDrivervta are not present
2010-07-28 09:38:58,606 INFO Processing service AVGIDSShimw7x
2010-07-28 09:38:58,606 INFO Service AVGIDSShimw7x is not installed
2010-07-28 09:38:58,606 DEBUG Service AVGIDSShimw7x RegCleanup
2010-07-28 09:38:58,606 DEBUG Registry keys for service AVGIDSShimw7x are not present
2010-07-28 09:38:58,606 INFO Processing service AVGIDSFilterw7x
2010-07-28 09:38:58,606 INFO Service AVGIDSFilterw7x is not installed
2010-07-28 09:38:58,606 DEBUG Service AVGIDSFilterw7x RegCleanup
2010-07-28 09:38:58,606 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2010-07-28 09:38:58,606 INFO Processing service AVGIDSDriverw7x
2010-07-28 09:38:58,606 INFO Service AVGIDSDriverw7x is not installed
2010-07-28 09:38:58,606 DEBUG Service AVGIDSDriverw7x RegCleanup
2010-07-28 09:38:58,606 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2010-07-28 09:38:58,606 INFO Processing service AVGIDSFilterw7a
2010-07-28 09:38:58,606 INFO Service AVGIDSFilterw7a is not installed
2010-07-28 09:38:58,606 DEBUG Service AVGIDSFilterw7a RegCleanup
2010-07-28 09:38:58,606 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2010-07-28 09:38:58,606 INFO Processing service AVGIDSDriverw7a
2010-07-28 09:38:58,606 INFO Service AVGIDSDriverw7a is not installed
2010-07-28 09:38:58,606 DEBUG Service AVGIDSDriverw7a RegCleanup
2010-07-28 09:38:58,606 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2010-07-28 09:38:58,606 INFO Processing service AVGIDSErHrxpx
2010-07-28 09:38:58,606 INFO Service AVGIDSErHrxpx is not installed
2010-07-28 09:38:58,606 DEBUG Service AVGIDSErHrxpx RegCleanup
2010-07-28 09:38:58,606 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2010-07-28 09:38:58,606 INFO Processing service AVGIDSErHrvtx
2010-07-28 09:38:58,606 INFO Service AVGIDSErHrvtx is not installed
2010-07-28 09:38:58,606 DEBUG Service AVGIDSErHrvtx RegCleanup
2010-07-28 09:38:58,606 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2010-07-28 09:38:58,606 INFO Processing service AVGIDSErHrvta
2010-07-28 09:38:58,606 INFO Service AVGIDSErHrvta is not installed
2010-07-28 09:38:58,606 DEBUG Service AVGIDSErHrvta RegCleanup
2010-07-28 09:38:58,606 DEBUG Registry keys for service AVGIDSErHrvta are not present
2010-07-28 09:38:58,606 INFO Processing service AVGIDSErHrw7x
2010-07-28 09:38:58,606 INFO Service AVGIDSErHrw7x is not installed
2010-07-28 09:38:58,606 DEBUG Service AVGIDSErHrw7x RegCleanup
2010-07-28 09:38:58,606 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2010-07-28 09:38:58,606 INFO Processing service AVGIDSErHrw7a
2010-07-28 09:38:58,606 INFO Service AVGIDSErHrw7a is not installed
2010-07-28 09:38:58,606 DEBUG Service AVGIDSErHrw7a RegCleanup
2010-07-28 09:38:58,606 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2010-07-28 09:38:58,606 INFO *****    Registry keys and values    *****
2010-07-28 09:38:58,606 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2010-07-28 09:38:58,606 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2010-07-28 09:38:58,606 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2010-07-28 09:38:58,606 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2010-07-28 09:38:58,606 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2010-07-28 09:38:58,606 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2010-07-28 09:38:58,606 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2010-07-28 09:38:58,606 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2010-07-28 09:38:58,606 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2010-07-28 09:38:58,606 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2010-07-28 09:38:58,606 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2010-07-28 09:38:58,606 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2010-07-28 09:38:58,606 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2010-07-28 09:38:58,606 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2010-07-28 09:38:58,606 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found
2010-07-28 09:38:58,606 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2010-07-28 09:38:58,606 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2010-07-28 09:38:58,606 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2010-07-28 09:38:58,606 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2010-07-28 09:38:58,606 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2010-07-28 09:38:58,606 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2010-07-28 09:38:58,606 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2010-07-28 09:38:58,606 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2010-07-28 09:38:58,606 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2010-07-28 09:38:58,606 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2010-07-28 09:38:58,606 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2010-07-28 09:38:58,606 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2010-07-28 09:38:58,606 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar
2010-07-28 09:38:58,606 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2010-07-28 09:38:58,606 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2010-07-28 09:38:58,606 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2010-07-28 09:38:58,606 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2010-07-28 09:38:58,606 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2010-07-28 09:38:58,606 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2010-07-28 09:38:58,606 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2010-07-28 09:38:58,606 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension is not present
2010-07-28 09:38:58,606 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2010-07-28 09:38:58,606 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2010-07-28 09:38:58,606 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present
2010-07-28 09:38:58,606 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2010-07-28 09:38:58,606 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2010-07-28 09:38:58,606 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs doesn't need to be modified
2010-07-28 09:38:58,606 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2010-07-28 09:38:58,606 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2010-07-28 09:38:58,606 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2010-07-28 09:38:58,606 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2010-07-28 09:38:58,606 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2010-07-28 09:38:58,606 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2010-07-28 09:38:58,606 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell

Start regedit og find denne: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Højreklik på den og vælg eksporter. Derefter højreklikker du igen og vælger tilladelser. Sørg for at der ikke er nogen restriktioner. Kør så AVG Remover igen.

Hvordan finder/starter jeg regedit?

Hent og kør Reset_Access

Prøv så igen.

jeg opgiver snart, de er der i nu ;-(

Har du kørt AVG Remover efter Reset_Access?

ja

Har du kørt aswClear5.exe? Hvis ikke, så gør det lige. Send så en ny Combofix log herind.

har kørt den asw, her er logen


ComboFix 10-07-27.04 - Karina 28-07-2010  16:13:03.4.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.45.1030.18.1982.1098 [GMT 2:00]
Kører fra: c:\users\Karina\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((  Filer skabt fra 2010-06-28 til 2010-07-28  )))))))))))))))))))))))))))))))))))
.

2010-07-28 14:26 . 2010-07-28 14:26    --------    d-----w-    c:\users\Public\AppData\Local\temp
2010-07-28 14:26 . 2010-07-28 14:26    --------    d-----w-    c:\users\Gæst\AppData\Local\temp
2010-07-28 14:26 . 2010-07-28 14:26    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-07-28 12:27 . 2010-07-28 12:27    --------    d-----w-    C:\AVGTemp
2010-07-28 11:47 . 2010-06-28 20:32    17744    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2010-07-28 11:47 . 2010-06-28 20:37    165456    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2010-07-28 11:47 . 2010-06-28 20:33    23376    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2010-07-28 11:47 . 2010-06-28 20:37    46672    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2010-07-28 11:47 . 2010-06-28 20:32    50256    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2010-07-28 11:47 . 2010-06-28 20:57    38848    ----a-w-    c:\windows\avastSS.scr
2010-07-28 11:47 . 2010-06-28 20:57    165032    ----a-w-    c:\windows\system32\aswBoot.exe
2010-07-26 22:03 . 2009-07-14 17:45    445008    ----a-w-    c:\windows\system32\drivers\Wdf01000.sys
2010-07-26 22:03 . 2009-07-14 17:45    38480    ----a-w-    c:\windows\system32\drivers\WdfLdr.sys
2010-07-26 21:40 . 2010-07-26 21:40    --------    d-----w-    c:\users\Karina\AppData\Roaming\HpUpdate
2010-07-26 21:36 . 2010-07-26 21:36    --------    d-----w-    c:\windows\Hewlett-Packard
2010-07-26 20:48 . 2010-07-26 20:48    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2010-07-26 20:07 . 2010-07-28 11:46    --------    d-----w-    c:\programdata\Alwil Software
2010-07-26 20:07 . 2010-07-28 10:01    --------    d-----w-    c:\program files\Alwil Software
2010-07-26 19:19 . 2010-07-26 19:19    --------    d-sh--we    c:\windows\system32\config\systemprofile\Lokale indstillinger
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\tr
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\sv
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\ru
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\no
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\ko
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\ja
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\it
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\fr
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\es
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\de
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\DPDrv
2010-07-26 19:13 . 2010-07-26 19:13    --------    d-----w-    c:\programdata\Downloaded Installations
2010-07-26 11:30 . 2010-07-26 13:34    --------    d-----w-    c:\users\Karina\AppData\Roaming\IObit
2010-07-26 11:30 . 2010-07-26 11:30    --------    d-----w-    c:\program files\IObit
2010-07-26 10:16 . 2010-07-26 10:16    --------    d-----w-    c:\users\Karina\AppData\Local\VS Revo Group
2010-07-26 10:16 . 2009-12-30 10:21    27192    ----a-w-    c:\windows\system32\drivers\revoflt.sys
2010-07-26 10:16 . 2010-07-26 10:16    --------    d-----w-    c:\program files\VS Revo Group
2010-07-26 01:08 . 2009-11-08 08:55    99176    ----a-w-    c:\windows\system32\PresentationHostProxy.dll
2010-07-26 01:08 . 2009-11-08 08:55    49472    ----a-w-    c:\windows\system32\netfxperf.dll
2010-07-26 01:08 . 2009-11-08 08:55    297808    ----a-w-    c:\windows\system32\mscoree.dll
2010-07-26 01:08 . 2009-11-08 08:55    295264    ----a-w-    c:\windows\system32\PresentationHost.exe
2010-07-26 01:08 . 2009-11-08 08:55    1130824    ----a-w-    c:\windows\system32\dfshim.dll
2010-07-25 23:28 . 2010-04-12 15:29    411368    ----a-w-    c:\windows\system32\deployJava1.dll
2010-07-25 23:12 . 2010-07-25 23:12    2560    ----a-w-    c:\windows\_MSRSTRT.EXE
2010-07-25 23:00 . 2010-05-26 17:06    34304    ----a-w-    c:\windows\system32\atmlib.dll
2010-07-25 23:00 . 2010-05-26 14:47    289792    ----a-w-    c:\windows\system32\atmfd.dll
2010-07-25 22:59 . 2010-04-05 17:01    67072    ----a-w-    c:\windows\system32\asycfilt.dll
2010-07-25 22:59 . 2010-04-16 16:43    28672    ----a-w-    c:\windows\system32\Apphlpdm.dll
2010-07-25 22:59 . 2010-04-16 14:39    4240384    ----a-w-    c:\windows\system32\GameUXLegacyGDFs.dll
2010-07-25 21:40 . 2010-07-25 21:40    388096    ----a-r-    c:\users\Karina\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-07-25 21:39 . 2010-01-29 15:40    738816    ----a-w-    c:\windows\system32\inetcomm.dll
2010-07-25 21:38 . 2010-02-23 11:10    79360    ----a-w-    c:\windows\system32\drivers\mrxsmb20.sys
2010-07-25 21:38 . 2010-02-23 11:10    212992    ----a-w-    c:\windows\system32\drivers\mrxsmb10.sys
2010-07-25 21:38 . 2010-02-23 11:10    106496    ----a-w-    c:\windows\system32\drivers\mrxsmb.sys
2010-07-25 21:38 . 2010-02-18 14:07    3600776    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2010-07-25 21:38 . 2010-02-18 14:07    3548040    ----a-w-    c:\windows\system32\ntoskrnl.exe
2010-07-25 21:38 . 2010-03-05 14:01    420352    ----a-w-    c:\windows\system32\vbscript.dll
2010-07-25 21:38 . 2010-04-23 14:13    2048    ----a-w-    c:\windows\system32\tzres.dll
2010-07-25 21:36 . 2010-02-18 14:07    904576    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2010-07-25 21:36 . 2010-02-18 13:30    200704    ----a-w-    c:\windows\system32\iphlpsvc.dll
2010-07-25 21:36 . 2010-02-18 11:28    25088    ----a-w-    c:\windows\system32\drivers\tunnel.sys
2010-07-25 21:29 . 2009-12-23 11:33    172032    ----a-w-    c:\windows\system32\wintrust.dll
2010-07-25 21:29 . 2010-01-13 17:34    98304    ----a-w-    c:\windows\system32\cabview.dll
2010-07-25 20:08 . 2010-02-12 10:32    293376    ----a-w-    c:\windows\system32\browserchoice.exe

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-28 14:10 . 2009-02-16 14:13    64510    ----a-w-    c:\programdata\nvModes.dat
2010-07-28 13:26 . 2010-01-08 17:54    --------    d-----w-    c:\users\Karina\AppData\Roaming\Skype
2010-07-28 13:12 . 2008-10-15 14:36    2883584    --sha-w-    c:\users\Gæst\ntuser.dat
2010-07-26 22:04 . 2010-07-26 22:04    0    ---ha-w-    c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-07-26 22:04 . 2010-07-26 22:04    0    ---ha-w-    c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-07-26 22:03 . 2008-01-05 14:43    --------    d-----w-    c:\programdata\NVIDIA
2010-07-26 21:49 . 2007-11-09 05:35    77202    ----a-w-    c:\windows\system32\perfc006.dat
2010-07-26 21:49 . 2007-11-09 05:35    463344    ----a-w-    c:\windows\system32\perfh006.dat
2010-07-26 19:59 . 2008-06-07 17:14    --------    d-----w-    c:\programdata\avg8
2010-07-26 19:18 . 2008-01-05 14:42    --------    d-----w-    c:\program files\DigitalPersona
2010-07-26 13:29 . 2008-09-07 17:11    --------    d-----w-    c:\users\Karina\AppData\Roaming\zweitgeist
2010-07-26 13:29 . 2008-01-05 14:30    --------    d-----w-    c:\program files\WinTV
2010-07-26 10:23 . 2009-01-22 14:32    --------    d-----w-    c:\program files\Cheat Engine
2010-07-26 08:58 . 2009-01-04 16:57    --------    d-----w-    c:\program files\Microsoft Silverlight
2010-07-26 01:20 . 2006-11-02 11:18    --------    d-----w-    c:\program files\Windows Mail
2010-07-26 01:18 . 2008-11-23 18:26    --------    d-----w-    c:\programdata\Microsoft Help
2010-07-25 23:29 . 2007-11-09 07:59    --------    d-----w-    c:\program files\Common Files\Java
2010-07-25 23:28 . 2007-11-09 07:59    --------    d-----w-    c:\program files\Java
2010-07-25 21:58 . 2009-01-10 17:24    --------    d-----w-    c:\program files\Microsoft
2010-07-25 20:19 . 2008-04-08 13:07    103728    ----a-w-    c:\users\Karina\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-25 20:08 . 2009-02-18 20:39    --------    d-----w-    c:\users\Gæst\AppData\Roaming\LimeWire
2010-06-03 14:50 . 2008-12-06 19:07    680    ----a-w-    c:\users\Gæst\AppData\Local\d3d9caps.dat
2010-05-27 20:32 . 2010-05-27 20:32    245936    ----a-w-    c:\windows\system32\drivers\SynTP.sys
2010-05-27 20:31 . 2007-09-15 08:50    120104    ----a-w-    c:\windows\system32\SynTPCo4.dll
2010-05-27 20:31 . 2007-09-15 08:21    165160    ----a-w-    c:\windows\system32\SynTPAPI.dll
2010-05-27 20:31 . 2010-05-27 20:31    210216    ----a-w-    c:\windows\system32\SynCtrl.dll
2010-05-27 20:31 . 2007-09-15 08:13    173352    ----a-w-    c:\windows\system32\SynCOM.dll
2010-05-26 13:24 . 2010-07-26 21:23    18488    ----a-w-    c:\windows\Help\OEM\scripts\HPHC_BUY_BATTERY.exe
2010-05-21 12:14 . 2009-10-14 12:04    221568    ------w-    c:\windows\system32\MpSigStub.exe
2010-05-04 05:59 . 2010-07-25 22:58    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-07-25 22:58    109056    ----a-w-    c:\windows\system32\iesysprep.dll
2010-05-04 05:55 . 2010-07-25 22:58    71680    ----a-w-    c:\windows\system32\iesetup.dll
2010-05-04 04:31 . 2010-07-25 22:58    133632    ----a-w-    c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-07-25 22:58    2037248    ----a-w-    c:\windows\system32\win32k.sys
2008-04-09 17:05 . 2008-04-09 17:05    22    --sha-w-    c:\windows\SMINST\HPCD.sys
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2008-09-02 14:04    398768    ----a-w-    c:\program files\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2007-12-18 401408]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-10-01 181544]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-09-13 222504]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-19 30192]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-12-01 842816]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-24 13601312]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-24 92704]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages    REG_MULTI_SZ      scecli DPPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):70,9e,1f,02,18,4f,ca,01

R2 gupdate1ca908ba57816d5;Tjenesten Google Update (gupdate1ca908ba57816d5);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 133104]
R3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-19 30192]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12    REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
HPService    REG_MULTI_SZ      HPSLPSVC
hpdevmgmt    REG_MULTI_SZ      hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation    REG_MULTI_SZ      FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 15:34    451872    ----a-w-    c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Indhold af mappen 'Planlagte Opgaver'

2010-07-28 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-07-26 15:33]

2010-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 17:54]

2010-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 17:54]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.facebook.com/home.php?ref=home
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=81&bd=Pavilion&pf=laptop
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-28 16:26
Windows 6.0.6002 Service Pack 2 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'lsass.exe'(680)
c:\windows\system32\DPPWDFLT.dll

- - - - - - - > 'Explorer.exe'(2224)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\program files\DigitalPersona\Bin\DpoSet.dll
.
Gennemført tid: 2010-07-28  16:31:17
ComboFix-quarantined-files.txt  2010-07-28 14:31
ComboFix2.txt  2010-07-28 13:06
ComboFix3.txt  2010-07-28 10:37
ComboFix4.txt  2010-07-27 07:49

Pre-Kørsel: 65.088.716.800 byte ledig
Post-Kørsel: 65.199.702.016 byte ledig

- - End Of File - - 19B61E451993BF46A28B0F1405790BF2

Klik start>søg skriv:services.msc
Højreklik på den -> kør som administrator
Find Windows Management Instrumentation. Højreklik på denne, og vælg stop
Start stifinder men husk at få den til at vise skjulte filer og mapper
Find mappen wbem den ligger i c:\Windows\system32. der finder du mappen repository
http://www.it-artikler.dk/2008/06/12/vis-skjulte-filer-og-mapper-i-windows-vista/
Slet den.
Klik start>søg skriv:services.msc
Højreklik på den -> kør som administrator
Højreklik på Windows Management Instrumentation og vælg start.
Genstart
Så er sikkerhedcenteret nulstillet

Jeg opgiver snart, den vil ikke få den AVG væk

ComboFix 10-07-27.05 - Karina 28-07-2010  23:55:34.6.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.45.1030.18.1982.1085 [GMT 2:00]
Kører fra: c:\users\Karina\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((  Filer skabt fra 2010-06-28 til 2010-07-28  )))))))))))))))))))))))))))))))))))
.

2010-07-28 22:06 . 2010-07-28 22:06    --------    d-----w-    c:\users\Public\AppData\Local\temp
2010-07-28 22:06 . 2010-07-28 22:06    --------    d-----w-    c:\users\Gæst\AppData\Local\temp
2010-07-28 22:06 . 2010-07-28 22:06    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-07-28 12:27 . 2010-07-28 12:27    --------    d-----w-    C:\AVGTemp
2010-07-28 11:47 . 2010-06-28 20:32    17744    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2010-07-28 11:47 . 2010-06-28 20:37    165456    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2010-07-28 11:47 . 2010-06-28 20:33    23376    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2010-07-28 11:47 . 2010-06-28 20:37    46672    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2010-07-28 11:47 . 2010-06-28 20:32    50256    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2010-07-28 11:47 . 2010-06-28 20:57    38848    ----a-w-    c:\windows\avastSS.scr
2010-07-28 11:47 . 2010-06-28 20:57    165032    ----a-w-    c:\windows\system32\aswBoot.exe
2010-07-26 22:03 . 2009-07-14 17:45    445008    ----a-w-    c:\windows\system32\drivers\Wdf01000.sys
2010-07-26 22:03 . 2009-07-14 17:45    38480    ----a-w-    c:\windows\system32\drivers\WdfLdr.sys
2010-07-26 21:40 . 2010-07-26 21:40    --------    d-----w-    c:\users\Karina\AppData\Roaming\HpUpdate
2010-07-26 21:36 . 2010-07-26 21:36    --------    d-----w-    c:\windows\Hewlett-Packard
2010-07-26 20:48 . 2010-07-26 20:48    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2010-07-26 20:07 . 2010-07-28 11:46    --------    d-----w-    c:\programdata\Alwil Software
2010-07-26 20:07 . 2010-07-28 10:01    --------    d-----w-    c:\program files\Alwil Software
2010-07-26 19:19 . 2010-07-26 19:19    --------    d-sh--we    c:\windows\system32\config\systemprofile\Lokale indstillinger
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\tr
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\sv
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\ru
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\no
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\ko
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\ja
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\it
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\fr
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\es
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\de
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\DPDrv
2010-07-26 19:13 . 2010-07-26 19:13    --------    d-----w-    c:\programdata\Downloaded Installations
2010-07-26 11:30 . 2010-07-26 13:34    --------    d-----w-    c:\users\Karina\AppData\Roaming\IObit
2010-07-26 11:30 . 2010-07-26 11:30    --------    d-----w-    c:\program files\IObit
2010-07-26 10:16 . 2010-07-26 10:16    --------    d-----w-    c:\users\Karina\AppData\Local\VS Revo Group
2010-07-26 10:16 . 2009-12-30 10:21    27192    ----a-w-    c:\windows\system32\drivers\revoflt.sys
2010-07-26 10:16 . 2010-07-26 10:16    --------    d-----w-    c:\program files\VS Revo Group
2010-07-26 01:08 . 2009-11-08 08:55    99176    ----a-w-    c:\windows\system32\PresentationHostProxy.dll
2010-07-26 01:08 . 2009-11-08 08:55    49472    ----a-w-    c:\windows\system32\netfxperf.dll
2010-07-26 01:08 . 2009-11-08 08:55    297808    ----a-w-    c:\windows\system32\mscoree.dll
2010-07-26 01:08 . 2009-11-08 08:55    295264    ----a-w-    c:\windows\system32\PresentationHost.exe
2010-07-26 01:08 . 2009-11-08 08:55    1130824    ----a-w-    c:\windows\system32\dfshim.dll
2010-07-25 23:28 . 2010-04-12 15:29    411368    ----a-w-    c:\windows\system32\deployJava1.dll
2010-07-25 23:12 . 2010-07-25 23:12    2560    ----a-w-    c:\windows\_MSRSTRT.EXE
2010-07-25 23:00 . 2010-05-26 17:06    34304    ----a-w-    c:\windows\system32\atmlib.dll
2010-07-25 23:00 . 2010-05-26 14:47    289792    ----a-w-    c:\windows\system32\atmfd.dll
2010-07-25 22:59 . 2010-04-05 17:01    67072    ----a-w-    c:\windows\system32\asycfilt.dll
2010-07-25 22:59 . 2010-04-16 16:43    28672    ----a-w-    c:\windows\system32\Apphlpdm.dll
2010-07-25 22:59 . 2010-04-16 14:39    4240384    ----a-w-    c:\windows\system32\GameUXLegacyGDFs.dll
2010-07-25 21:40 . 2010-07-25 21:40    388096    ----a-r-    c:\users\Karina\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-07-25 21:39 . 2010-01-29 15:40    738816    ----a-w-    c:\windows\system32\inetcomm.dll
2010-07-25 21:38 . 2010-02-23 11:10    79360    ----a-w-    c:\windows\system32\drivers\mrxsmb20.sys
2010-07-25 21:38 . 2010-02-23 11:10    212992    ----a-w-    c:\windows\system32\drivers\mrxsmb10.sys
2010-07-25 21:38 . 2010-02-23 11:10    106496    ----a-w-    c:\windows\system32\drivers\mrxsmb.sys
2010-07-25 21:38 . 2010-02-18 14:07    3600776    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2010-07-25 21:38 . 2010-02-18 14:07    3548040    ----a-w-    c:\windows\system32\ntoskrnl.exe
2010-07-25 21:38 . 2010-03-05 14:01    420352    ----a-w-    c:\windows\system32\vbscript.dll
2010-07-25 21:38 . 2010-04-23 14:13    2048    ----a-w-    c:\windows\system32\tzres.dll
2010-07-25 21:36 . 2010-02-18 14:07    904576    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2010-07-25 21:36 . 2010-02-18 13:30    200704    ----a-w-    c:\windows\system32\iphlpsvc.dll
2010-07-25 21:36 . 2010-02-18 11:28    25088    ----a-w-    c:\windows\system32\drivers\tunnel.sys
2010-07-25 21:29 . 2009-12-23 11:33    172032    ----a-w-    c:\windows\system32\wintrust.dll
2010-07-25 21:29 . 2010-01-13 17:34    98304    ----a-w-    c:\windows\system32\cabview.dll
2010-07-25 20:08 . 2010-02-12 10:32    293376    ----a-w-    c:\windows\system32\browserchoice.exe

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-28 21:54 . 2008-10-15 14:36    2883584    --sha-w-    c:\users\Gæst\ntuser.dat
2010-07-28 21:50 . 2009-02-16 14:13    64510    ----a-w-    c:\programdata\nvModes.dat
2010-07-28 21:43 . 2010-01-08 17:54    --------    d-----w-    c:\users\Karina\AppData\Roaming\Skype
2010-07-26 22:04 . 2010-07-26 22:04    0    ---ha-w-    c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-07-26 22:04 . 2010-07-26 22:04    0    ---ha-w-    c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-07-26 22:03 . 2008-01-05 14:43    --------    d-----w-    c:\programdata\NVIDIA
2010-07-26 21:49 . 2007-11-09 05:35    77202    ----a-w-    c:\windows\system32\perfc006.dat
2010-07-26 21:49 . 2007-11-09 05:35    463344    ----a-w-    c:\windows\system32\perfh006.dat
2010-07-26 19:59 . 2008-06-07 17:14    --------    d-----w-    c:\programdata\avg8
2010-07-26 19:18 . 2008-01-05 14:42    --------    d-----w-    c:\program files\DigitalPersona
2010-07-26 13:29 . 2008-09-07 17:11    --------    d-----w-    c:\users\Karina\AppData\Roaming\zweitgeist
2010-07-26 13:29 . 2008-01-05 14:30    --------    d-----w-    c:\program files\WinTV
2010-07-26 10:23 . 2009-01-22 14:32    --------    d-----w-    c:\program files\Cheat Engine
2010-07-26 08:58 . 2009-01-04 16:57    --------    d-----w-    c:\program files\Microsoft Silverlight
2010-07-26 01:20 . 2006-11-02 11:18    --------    d-----w-    c:\program files\Windows Mail
2010-07-26 01:18 . 2008-11-23 18:26    --------    d-----w-    c:\programdata\Microsoft Help
2010-07-25 23:29 . 2007-11-09 07:59    --------    d-----w-    c:\program files\Common Files\Java
2010-07-25 23:28 . 2007-11-09 07:59    --------    d-----w-    c:\program files\Java
2010-07-25 21:58 . 2009-01-10 17:24    --------    d-----w-    c:\program files\Microsoft
2010-07-25 20:19 . 2008-04-08 13:07    103728    ----a-w-    c:\users\Karina\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-25 20:08 . 2009-02-18 20:39    --------    d-----w-    c:\users\Gæst\AppData\Roaming\LimeWire
2010-06-03 14:50 . 2008-12-06 19:07    680    ----a-w-    c:\users\Gæst\AppData\Local\d3d9caps.dat
2010-05-27 20:32 . 2010-05-27 20:32    245936    ----a-w-    c:\windows\system32\drivers\SynTP.sys
2010-05-27 20:31 . 2007-09-15 08:50    120104    ----a-w-    c:\windows\system32\SynTPCo4.dll
2010-05-27 20:31 . 2007-09-15 08:21    165160    ----a-w-    c:\windows\system32\SynTPAPI.dll
2010-05-27 20:31 . 2010-05-27 20:31    210216    ----a-w-    c:\windows\system32\SynCtrl.dll
2010-05-27 20:31 . 2007-09-15 08:13    173352    ----a-w-    c:\windows\system32\SynCOM.dll
2010-05-26 13:24 . 2010-07-26 21:23    18488    ----a-w-    c:\windows\Help\OEM\scripts\HPHC_BUY_BATTERY.exe
2010-05-21 12:14 . 2009-10-14 12:04    221568    ------w-    c:\windows\system32\MpSigStub.exe
2010-05-04 05:59 . 2010-07-25 22:58    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-07-25 22:58    109056    ----a-w-    c:\windows\system32\iesysprep.dll
2010-05-04 05:55 . 2010-07-25 22:58    71680    ----a-w-    c:\windows\system32\iesetup.dll
2010-05-04 04:31 . 2010-07-25 22:58    133632    ----a-w-    c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-07-25 22:58    2037248    ----a-w-    c:\windows\system32\win32k.sys
2008-04-09 17:05 . 2008-04-09 17:05    22    --sha-w-    c:\windows\SMINST\HPCD.sys
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2008-09-02 14:04    398768    ----a-w-    c:\program files\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2007-12-18 401408]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-10-01 181544]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-09-13 222504]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-19 30192]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-12-01 842816]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-24 13601312]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-24 92704]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages    REG_MULTI_SZ      scecli DPPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):70,9e,1f,02,18,4f,ca,01

R2 gupdate1ca908ba57816d5;Tjenesten Google Update (gupdate1ca908ba57816d5);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 133104]
R3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-19 30192]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12    REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
HPService    REG_MULTI_SZ      HPSLPSVC
hpdevmgmt    REG_MULTI_SZ      hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation    REG_MULTI_SZ      FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 15:34    451872    ----a-w-    c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Indhold af mappen 'Planlagte Opgaver'

2010-07-28 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-07-26 15:33]

2010-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 17:54]

2010-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 17:54]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.facebook.com/home.php?ref=home
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=81&bd=Pavilion&pf=laptop
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-29 00:06
Windows 6.0.6002 Service Pack 2 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'lsass.exe'(648)
c:\windows\system32\DPPWDFLT.dll

- - - - - - - > 'Explorer.exe'(5348)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\program files\DigitalPersona\Bin\DpoSet.dll
.
Gennemført tid: 2010-07-29  00:11:25
ComboFix-quarantined-files.txt  2010-07-28 22:11
ComboFix2.txt  2010-07-28 19:39
ComboFix3.txt  2010-07-28 14:31
ComboFix4.txt  2010-07-28 13:06
ComboFix5.txt  2010-07-28 21:52

Pre-Kørsel: 65.596.747.776 byte ledig
Post-Kørsel: 65.573.298.176 byte ledig

- - End Of File - - FA56235284237E65CEB5063076BC5690

Jeg går ud fra den Pc ikke er på "nettet"

Fik du kørt mit indlæg fra ons. d. 28. juli 2010 kl. 16:52:36?

------

Højreklik på skrivebordet og vælg ny->tekstdokument og kopier det fremhævede ind og gem filen som CFScript

Killall::
Snapshot::
Folder::
c:\users\Gæst\AppData\Roaming\LimeWire
c:\program files\iMesh Applications
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"=-
Driver::
aswSP
aswFsBlk
aswMonFlt
SecCenter::
{17DDD097-36FF-435F-9E1B-52D74245D6BF}

Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/billeder/cfscript.gif

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil combofix.txt som ligger her C:\Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

Den er på nettet
Prøver lige igen

Når jeg vil sætte det dukoment ind i Combofix, så sker der ikke noget.

aComboFix 10-07-28.01 - Karina 29-07-2010  10:54:08.7.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.45.1030.18.1982.1078 [GMT 2:00]
Kører fra: c:\users\Karina\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((  Filer skabt fra 2010-06-28 til 2010-07-29  )))))))))))))))))))))))))))))))))))
.

2010-07-29 09:04 . 2010-07-29 09:04    --------    d-----w-    c:\users\Public\AppData\Local\temp
2010-07-29 09:04 . 2010-07-29 09:04    --------    d-----w-    c:\users\Gæst\AppData\Local\temp
2010-07-29 09:04 . 2010-07-29 09:04    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-07-28 12:27 . 2010-07-28 12:27    --------    d-----w-    C:\AVGTemp
2010-07-28 11:47 . 2010-06-28 20:32    17744    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2010-07-28 11:47 . 2010-06-28 20:37    165456    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2010-07-28 11:47 . 2010-06-28 20:33    23376    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2010-07-28 11:47 . 2010-06-28 20:37    46672    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2010-07-28 11:47 . 2010-06-28 20:32    50256    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2010-07-28 11:47 . 2010-06-28 20:57    38848    ----a-w-    c:\windows\avastSS.scr
2010-07-28 11:47 . 2010-06-28 20:57    165032    ----a-w-    c:\windows\system32\aswBoot.exe
2010-07-26 22:03 . 2009-07-14 17:45    445008    ----a-w-    c:\windows\system32\drivers\Wdf01000.sys
2010-07-26 22:03 . 2009-07-14 17:45    38480    ----a-w-    c:\windows\system32\drivers\WdfLdr.sys
2010-07-26 21:40 . 2010-07-26 21:40    --------    d-----w-    c:\users\Karina\AppData\Roaming\HpUpdate
2010-07-26 21:36 . 2010-07-26 21:36    --------    d-----w-    c:\windows\Hewlett-Packard
2010-07-26 20:48 . 2010-07-29 08:25    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2010-07-26 20:07 . 2010-07-28 11:46    --------    d-----w-    c:\programdata\Alwil Software
2010-07-26 20:07 . 2010-07-28 10:01    --------    d-----w-    c:\program files\Alwil Software
2010-07-26 19:19 . 2010-07-26 19:19    --------    d-sh--we    c:\windows\system32\config\systemprofile\Lokale indstillinger
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\tr
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\sv
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\ru
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\no
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\ko
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\ja
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\it
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\fr
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\es
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\system32\de
2010-07-26 19:18 . 2010-07-26 19:18    --------    d-----w-    c:\windows\DPDrv
2010-07-26 19:13 . 2010-07-26 19:13    --------    d-----w-    c:\programdata\Downloaded Installations
2010-07-26 11:30 . 2010-07-26 13:34    --------    d-----w-    c:\users\Karina\AppData\Roaming\IObit
2010-07-26 11:30 . 2010-07-26 11:30    --------    d-----w-    c:\program files\IObit
2010-07-26 10:16 . 2010-07-26 10:16    --------    d-----w-    c:\users\Karina\AppData\Local\VS Revo Group
2010-07-26 10:16 . 2009-12-30 10:21    27192    ----a-w-    c:\windows\system32\drivers\revoflt.sys
2010-07-26 10:16 . 2010-07-26 10:16    --------    d-----w-    c:\program files\VS Revo Group
2010-07-26 01:08 . 2009-11-08 08:55    99176    ----a-w-    c:\windows\system32\PresentationHostProxy.dll
2010-07-26 01:08 . 2009-11-08 08:55    49472    ----a-w-    c:\windows\system32\netfxperf.dll
2010-07-26 01:08 . 2009-11-08 08:55    297808    ----a-w-    c:\windows\system32\mscoree.dll
2010-07-26 01:08 . 2009-11-08 08:55    295264    ----a-w-    c:\windows\system32\PresentationHost.exe
2010-07-26 01:08 . 2009-11-08 08:55    1130824    ----a-w-    c:\windows\system32\dfshim.dll
2010-07-25 23:28 . 2010-04-12 15:29    411368    ----a-w-    c:\windows\system32\deployJava1.dll
2010-07-25 23:12 . 2010-07-25 23:12    2560    ----a-w-    c:\windows\_MSRSTRT.EXE
2010-07-25 23:00 . 2010-05-26 17:06    34304    ----a-w-    c:\windows\system32\atmlib.dll
2010-07-25 23:00 . 2010-05-26 14:47    289792    ----a-w-    c:\windows\system32\atmfd.dll
2010-07-25 22:59 . 2010-04-05 17:01    67072    ----a-w-    c:\windows\system32\asycfilt.dll
2010-07-25 22:59 . 2010-04-16 16:43    28672    ----a-w-    c:\windows\system32\Apphlpdm.dll
2010-07-25 22:59 . 2010-04-16 14:39    4240384    ----a-w-    c:\windows\system32\GameUXLegacyGDFs.dll
2010-07-25 21:40 . 2010-07-25 21:40    388096    ----a-r-    c:\users\Karina\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-07-25 21:39 . 2010-01-29 15:40    738816    ----a-w-    c:\windows\system32\inetcomm.dll
2010-07-25 21:38 . 2010-02-23 11:10    79360    ----a-w-    c:\windows\system32\drivers\mrxsmb20.sys
2010-07-25 21:38 . 2010-02-23 11:10    212992    ----a-w-    c:\windows\system32\drivers\mrxsmb10.sys
2010-07-25 21:38 . 2010-02-23 11:10    106496    ----a-w-    c:\windows\system32\drivers\mrxsmb.sys
2010-07-25 21:38 . 2010-02-18 14:07    3600776    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2010-07-25 21:38 . 2010-02-18 14:07    3548040    ----a-w-    c:\windows\system32\ntoskrnl.exe
2010-07-25 21:38 . 2010-03-05 14:01    420352    ----a-w-    c:\windows\system32\vbscript.dll
2010-07-25 21:38 . 2010-04-23 14:13    2048    ----a-w-    c:\windows\system32\tzres.dll
2010-07-25 21:36 . 2010-02-18 14:07    904576    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2010-07-25 21:36 . 2010-02-18 13:30    200704    ----a-w-    c:\windows\system32\iphlpsvc.dll
2010-07-25 21:36 . 2010-02-18 11:28    25088    ----a-w-    c:\windows\system32\drivers\tunnel.sys
2010-07-25 21:29 . 2009-12-23 11:33    172032    ----a-w-    c:\windows\system32\wintrust.dll
2010-07-25 21:29 . 2010-01-13 17:34    98304    ----a-w-    c:\windows\system32\cabview.dll
2010-07-25 20:08 . 2010-02-12 10:32    293376    ----a-w-    c:\windows\system32\browserchoice.exe

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-29 08:52 . 2008-10-15 14:36    2883584    --sha-w-    c:\users\Gæst\ntuser.dat
2010-07-29 08:44 . 2009-02-16 14:13    64510    ----a-w-    c:\programdata\nvModes.dat
2010-07-29 08:27 . 2010-01-08 17:54    --------    d-----w-    c:\users\Karina\AppData\Roaming\Skype
2010-07-26 22:04 . 2010-07-26 22:04    0    ---ha-w-    c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-07-26 22:04 . 2010-07-26 22:04    0    ---ha-w-    c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-07-26 22:03 . 2008-01-05 14:43    --------    d-----w-    c:\programdata\NVIDIA
2010-07-26 21:49 . 2007-11-09 05:35    77202    ----a-w-    c:\windows\system32\perfc006.dat
2010-07-26 21:49 . 2007-11-09 05:35    463344    ----a-w-    c:\windows\system32\perfh006.dat
2010-07-26 19:59 . 2008-06-07 17:14    --------    d-----w-    c:\programdata\avg8
2010-07-26 19:18 . 2008-01-05 14:42    --------    d-----w-    c:\program files\DigitalPersona
2010-07-26 13:29 . 2008-09-07 17:11    --------    d-----w-    c:\users\Karina\AppData\Roaming\zweitgeist
2010-07-26 13:29 . 2008-01-05 14:30    --------    d-----w-    c:\program files\WinTV
2010-07-26 10:23 . 2009-01-22 14:32    --------    d-----w-    c:\program files\Cheat Engine
2010-07-26 08:58 . 2009-01-04 16:57    --------    d-----w-    c:\program files\Microsoft Silverlight
2010-07-26 01:20 . 2006-11-02 11:18    --------    d-----w-    c:\program files\Windows Mail
2010-07-26 01:18 . 2008-11-23 18:26    --------    d-----w-    c:\programdata\Microsoft Help
2010-07-25 23:29 . 2007-11-09 07:59    --------    d-----w-    c:\program files\Common Files\Java
2010-07-25 23:28 . 2007-11-09 07:59    --------    d-----w-    c:\program files\Java
2010-07-25 21:58 . 2009-01-10 17:24    --------    d-----w-    c:\program files\Microsoft
2010-07-25 20:19 . 2008-04-08 13:07    103728    ----a-w-    c:\users\Karina\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-25 20:08 . 2009-02-18 20:39    --------    d-----w-    c:\users\Gæst\AppData\Roaming\LimeWire
2010-06-03 14:50 . 2008-12-06 19:07    680    ----a-w-    c:\users\Gæst\AppData\Local\d3d9caps.dat
2010-05-27 20:32 . 2010-05-27 20:32    245936    ----a-w-    c:\windows\system32\drivers\SynTP.sys
2010-05-27 20:31 . 2007-09-15 08:50    120104    ----a-w-    c:\windows\system32\SynTPCo4.dll
2010-05-27 20:31 . 2007-09-15 08:21    165160    ----a-w-    c:\windows\system32\SynTPAPI.dll
2010-05-27 20:31 . 2010-05-27 20:31    210216    ----a-w-    c:\windows\system32\SynCtrl.dll
2010-05-27 20:31 . 2007-09-15 08:13    173352    ----a-w-    c:\windows\system32\SynCOM.dll
2010-05-26 13:24 . 2010-07-26 21:23    18488    ----a-w-    c:\windows\Help\OEM\scripts\HPHC_BUY_BATTERY.exe
2010-05-21 12:14 . 2009-10-14 12:04    221568    ------w-    c:\windows\system32\MpSigStub.exe
2010-05-04 05:59 . 2010-07-25 22:58    916480    ----a-w-    c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-07-25 22:58    109056    ----a-w-    c:\windows\system32\iesysprep.dll
2010-05-04 05:55 . 2010-07-25 22:58    71680    ----a-w-    c:\windows\system32\iesetup.dll
2010-05-04 04:31 . 2010-07-25 22:58    133632    ----a-w-    c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-07-25 22:58    2037248    ----a-w-    c:\windows\system32\win32k.sys
2008-04-09 17:05 . 2008-04-09 17:05    22    --sha-w-    c:\windows\SMINST\HPCD.sys
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2008-09-02 14:04    398768    ----a-w-    c:\program files\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2007-12-18 401408]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-10-01 181544]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-09-13 222504]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-19 30192]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-12-01 842816]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-24 13601312]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-24 92704]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages    REG_MULTI_SZ      scecli DPPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):70,9e,1f,02,18,4f,ca,01

R2 gupdate1ca908ba57816d5;Tjenesten Google Update (gupdate1ca908ba57816d5);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 133104]
R3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-19 30192]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12    REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
HPService    REG_MULTI_SZ      HPSLPSVC
hpdevmgmt    REG_MULTI_SZ      hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation    REG_MULTI_SZ      FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 15:34    451872    ----a-w-    c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Indhold af mappen 'Planlagte Opgaver'

2010-07-29 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-07-26 15:33]

2010-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 17:54]

2010-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 17:54]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.facebook.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=81&bd=Pavilion&pf=laptop
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-29 11:04
Windows 6.0.6002 Service Pack 2 NTFS

scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'lsass.exe'(624)
c:\windows\system32\DPPWDFLT.dll

- - - - - - - > 'Explorer.exe'(5056)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\program files\DigitalPersona\Bin\DpoSet.dll
.
Gennemført tid: 2010-07-29  11:08:48
ComboFix-quarantined-files.txt  2010-07-29 09:08
ComboFix2.txt  2010-07-28 22:11
ComboFix3.txt  2010-07-28 19:39
ComboFix4.txt  2010-07-28 14:31
ComboFix5.txt  2010-07-29 08:51

Pre-Kørsel: 65.625.866.240 byte ledig
Post-Kørsel: 65.599.164.416 byte ledig

- - End Of File - - 3A0A766CD3428B9477C8C8415B4E154F

Kan du finde en mulighed for at køre det som administrator?

jamen jeg højreklikker på den og kører som administrator?
Så det forstår jeg ikke

Bruger du Notesblok til at lave den?
Højreklik på den. Under egenskaber skal den hedde CFScript.txt

Under egenskaber står der tekstdokument (txt) hvis jeg trykker skift, så er der kun Wordpad at vælge
Kan ikke få det frem du skriver

Start Notesblok. Skal være Notesblok, ellers virker det ikke !!!

Notesblok finder du under Start -> Programmer -> Tilbehør.

Kopier så det CFScript ind jeg lagde her: http://www.eksperten.dk/spm/914873#reply_7624853
Gem den som CFScript. Du skal ikke skrive txt, det tilføjer den selv.

Jeg kan ikke få lov til at gemme det, der står heller ikke CFScript nogen steder

Jeg forstår simpelthen ikke hvad du mener.


Det skriver/kopierer du selv ind.

Nu har jeg gjort det, men når jeg skal flytte filen over i Combofix, skriver den at CFScript muligvis er stavet forkert, og så sker der ikke mere

CFScipt navne fejl

Forsøgr du at køre et CFScrift?
Navnet, CFScript synes at være stavet forkert

Ligger CFScript på Skrivebordet. Hvis den gør, så prøv at genstarte og hente en ny Combofix. Prøv så igen.

Ja det ligger på skrivebordet.

Har nu hentet en ny Combofix, prøvede at Tage fat i filen med musen, og førte den hen over Combofix-filen, hvorefter jeg  "gav slip" med musen.
Den gik også i gang, nåede at se der stod noget med 1 fil i det blå felt, men så forsvandt det igen og så skete der ikke mere
Skal jeg/vi snart opgive?

Men det er jo ikke godt med 2 virus programmer :-(

Prøv at genstarte i fejlsikret tilstand. (tryk F8 flere gange med det samme)
Prøv så derfra.

Øv det hjalp ikke, men kunne ikke komme på nettet bagefter.

Jeg ved ikke om dette vil virke, da forum software flere gange har redigeret i loggen, så den blev ubruelig. Jeg har også set det virke. Men vi prøver  :-)

Hent OTS af oldtimer:

Dobbeltklik på OTS -> Klik på "Extras" i det lilla område og klik herefter på "Run Scan" i det mørke-grå område. Din computer vil nu blive scannet og efter et stykke tid vil en log åbne sig. Kopier OTS.txt herind i næste indlæg, Da den er lang skal du bruge flere indlæg, så vær opmærksom på at du får dert hele med.

ok. prøver ;-)
Og takker for din tålmodighed

[code]
OTS logfile created on: 30-07-2010 11:01:48 - Run 1
OTS by OldTimer - Version 3.1.34.0    Folder = C:\Users\Karina\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

2,00 Gb Total Physical Memory | 0,00 Gb Available Physical Memory | 15,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 49,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,24 Gb Total Space | 59,80 Gb Free Space | 42,95% Space Free | Partition Type: NTFS
Drive D: | 9,81 Gb Total Space | 2,89 Gb Free Space | 29,52% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KARINA-PC
Current User Name: Karina
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days

[Processes - Safe List]
ots.exe -> C:\Users\Karina\Desktop\OTS.exe -> [2010-07-30 10:59:40 | 000,641,536 | ---- | M] (OldTimer Tools)
awc.exe -> C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe -> [2010-07-02 17:33:10 | 002,347,216 | ---- | M] (IObit)
avastsvc.exe -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software)
googledesktop.exe -> C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -> [2009-12-19 21:31:03 | 000,030,192 | ---- | M] (Google)
dphostw.exe -> C:\Program Files\DigitalPersona\Bin\DpHostW.exe -> [2009-12-01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.)
dpagent.exe -> C:\Program Files\DigitalPersona\Bin\DpAgent.exe -> [2009-12-01 13:37:46 | 000,842,816 | ---- | M] (DigitalPersona, Inc.)
flashutil10d.exe -> C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe -> [2009-10-28 05:31:14 | 000,257,440 | R--- | M] (Adobe Systems, Inc.)
wlidsvc.exe -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -> [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation)
wlidsvcm.exe -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe -> [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation)
werfault.exe -> C:\Windows\System32\WerFault.exe -> [2009-04-11 08:28:11 | 000,217,088 | ---- | M] (Microsoft Corporation)
explorer.exe -> C:\Windows\explorer.exe -> [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
wlcomm.exe -> C:\Program Files\Windows Live\Contacts\wlcomm.exe -> [2009-02-06 18:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation)
hpqbam08.exe -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe -> [2008-10-16 20:12:28 | 000,569,344 | ---- | M] (Hewlett-Packard Co.)
hpqste08.exe -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe -> [2008-03-25 20:49:02 | 000,184,320 | ---- | M] (Hewlett-Packard Co.)
hpqtra08.exe -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe -> [2008-03-25 20:40:42 | 000,214,360 | ---- | M] (Hewlett-Packard Co.)
msascui.exe -> C:\Program Files\Windows Defender\MSASCui.exe -> [2008-01-19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation)
ctzdetec.exe -> C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe -> [2007-12-18 15:20:00 | 000,401,408 | ---- | M] (Creative Technology Ltd.)
syntpstart.exe -> C:\Program Files\Synaptics\SynTP\SynTPStart.exe -> [2007-09-15 10:29:10 | 000,102,400 | ---- | M] (Synaptics, Inc.)
ctdevsrv.exe -> C:\Program Files\Creative\Shared Files\CTDevSrv.exe -> [2007-04-02 15:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd)
isuspm.exe -> C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe -> [2007-03-30 01:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation)

[Modules - Safe List]
ots.exe -> C:\Users\Karina\Desktop\OTS.exe -> [2010-07-30 10:59:40 | 000,641,536 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll -> [2009-04-11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation)
msscript.ocx -> C:\Windows\System32\msscript.ocx -> [2008-01-19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation)

[Win32 Services - Safe List]
(avast! Web Scanner) avast! Web Scanner [On_Demand | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software)
(avast! Mail Scanner) avast! Mail Scanner [On_Demand | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software)
(avast! Antivirus) avast! Antivirus [Auto | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software)
(GoogleDesktopManager-110309-193829) Google Desktop Manager 5.9.911.3589 [On_Demand | Stopped] -> C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -> [2009-12-19 21:31:03 | 000,030,192 | ---- | M] (Google)
(DpHost) Biometric Authentication Service [Auto | Running] -> C:\Program Files\DigitalPersona\Bin\DpHostW.exe -> [2009-12-01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.)
(FontCache) Tjenesten Windows-skrifttypecache [On_Demand | Stopped] -> C:\Windows\System32\FntCache.dll -> [2009-09-25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation)
(wlidsvc) Windows Live ID Sign-in Assistant [Auto | Running] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -> [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation)
(hpqcxs08) hpqcxs08 [On_Demand | Running] -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -> [2008-11-19 19:23:16 | 000,217,088 | ---- | M] (Hewlett-Packard Co.)
(hpqddsvc) HP-tjeneste til registrering af CUE-enheder [Auto | Running] -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -> [2008-03-25 21:27:36 | 000,135,168 | ---- | M] (Hewlett-Packard Co.)
(HPSLPSVC) HP Network Devices Support [Auto | Running] -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\HPSLPSVC32.DLL -> [2008-03-25 21:25:50 | 000,630,784 | ---- | M] (Hewlett-Packard Co.)
(WinDefend) Windows Defender [Auto | Running] -> C:\Program Files\Windows Defender\mpsvc.dll -> [2008-01-19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation)
(CTDevice_Srv) CT Device Query service [Auto | Running] -> C:\Program Files\Creative\Shared Files\CTDevSrv.exe -> [2007-04-02 15:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd)
(Com4Qlb) Com4Qlb [On_Demand | Stopped] -> C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -> [2007-03-05 20:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.)

[Driver Services - Safe List]
(NwlnkFwd) IPX Traffic Forwarder Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\nwlnkfwd.sys -> File not found
(NwlnkFlt) IPX Traffic Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\nwlnkflt.sys -> File not found
(IpInIp) IP in IP Tunnel Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\ipinip.sys -> File not found
(catchme) catchme [Kernel | On_Demand | Stopped] -> C:\Users\Karina\AppData\Local\Temp\catchme.sys -> File not found
(blbdrive) blbdrive [Kernel | Disabled | Stopped] -> C:\Windows\System32\drivers\blbdrive.sys -> File not found
(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\Windows\System32\drivers\aswTdi.sys -> [2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software)
(aswSP) aswSP [Kernel | System | Running] -> C:\Windows\System32\drivers\aswSP.sys -> [2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software)
(aswRdr) aswRdr [Kernel | System | Running] -> C:\Windows\System32\drivers\aswRdr.sys -> [2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software)
(aswMonFlt) aswMonFlt [File_System | Auto | Running] -> C:\Windows\System32\drivers\aswMonFlt.sys -> [2010-06-28 22:32:56 | 000,050,256 | ---- | M] (ALWIL Software)
(aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\Windows\System32\drivers\aswFsBlk.sys -> [2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software)
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\SynTP.sys -> [2010-05-27 22:32:58 | 000,245,936 | ---- | M] (Synaptics Incorporated)
(Revoflt) Revoflt [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\revoflt.sys -> [2009-12-30 12:21:16 | 000,027,192 | ---- | M] (VS Revo Group)
(athr) Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\athr.sys -> [2009-09-05 16:55:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.)
(nvlddmkm) nvlddmkm [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nvlddmkm.sys -> [2009-06-24 06:08:00 | 007,542,208 | ---- | M] (NVIDIA Corporation)
(KMWDFILTER) HIDUASDesc [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\KMWDFILTER.sys -> [2008-10-09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider)
(CnxtHdAudService) Conexant UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\CHDRT32.sys -> [2008-03-04 02:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.)
(s217unic) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s217unic.sys -> [2007-11-02 14:22:38 | 000,105,896 | ---- | M] (MCCI)
(s217mgmt) Sony Ericsson Device 217 USB WMC Device Management Drivers (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s217mgmt.sys -> [2007-11-02 14:22:38 | 000,103,976 | ---- | M] (MCCI Corporation)
(s217obex) Sony Ericsson Device 217 USB WMC OBEX Interface [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s217obex.sys -> [2007-11-02 14:22:38 | 000,100,008 | ---- | M] (MCCI Corporation)
(s217nd5) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (NDIS) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s217nd5.sys -> [2007-11-02 14:22:38 | 000,024,872 | ---- | M] (MCCI Corporation)
(s217mdm) Sony Ericsson Device 217 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s217mdm.sys -> [2007-11-02 14:22:36 | 000,109,992 | ---- | M] (MCCI Corporation)
(s217bus) Sony Ericsson Device 217 driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s217bus.sys -> [2007-11-02 14:22:36 | 000,083,496 | ---- | M] (MCCI Corporation)
(s217mdfl) Sony Ericsson Device 217 USB WMC Modem Filter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s217mdfl.sys -> [2007-11-02 14:22:36 | 000,015,016 | ---- | M] (MCCI Corporation)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HSX_DPV.sys -> [2007-11-01 08:51:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.)
(HSXHWAZL) HSXHWAZL [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HSXHWAZL.sys -> [2007-11-01 08:47:54 | 000,208,896 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HSX_CNXT.sys -> [2007-11-01 08:47:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.)
(XAudio) XAudio [Kernel | Auto | Running] -> C:\Windows\System32\drivers\XAudio.sys -> [2007-10-18 06:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.)
(HdAudAddService) Microsoft UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\CHDART.sys -> [2007-09-10 00:12:28 | 000,176,640 | ---- | M] (Conexant Systems Inc.)
(ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\atswpdrv.sys -> [2007-08-29 01:47:36 | 000,146,560 | ---- | M] (AuthenTec, Inc.)
(HpqRemHid) HP Remote Control HID Device [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HpqRemHid.sys -> [2007-07-11 20:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.)
(HpqKbFiltr) HpqKbFilter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HpqKbFiltr.sys -> [2007-06-19 03:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.)
(rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> C:\Windows\System32\drivers\rixdptsk.sys -> [2007-03-22 08:02:04 | 000,037,376 | ---- | M] (REDC)
(NVENETFD) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nvmfdx32.sys -> [2007-03-07 04:15:58 | 001,059,112 | ---- | M] (NVIDIA Corporation)
(rimmptsk) rimmptsk [Kernel | Auto | Running] -> C:\Windows\System32\drivers\rimmptsk.sys -> [2007-02-25 00:42:22 | 000,039,936 | ---- | M] (REDC)
(nvsmu) nvsmu [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nvsmu.sys -> [2007-02-16 23:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation)
(rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\Windows\System32\drivers\rimsptsk.sys -> [2007-01-24 02:40:20 | 000,042,496 | ---- | M] (REDC)
(ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql2300.sys -> [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation)
(adp94xx) adp94xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adp94xx.sys -> [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.)
(elxstor) elxstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\elxstor.sys -> [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex)
(adpahci) adpahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpahci.sys -> [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.)
(uliahci) uliahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\uliahci.sys -> [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.)
(iaStorV) Intel RAID Controller Vista [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iastorv.sys -> [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation)
(adpu320) adpu320 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu320.sys -> [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.)
(ulsata2) ulsata2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata2.sys -> [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.)
(vsmraid) vsmraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\vsmraid.sys -> [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd)
(ql40xx) QLogic iSCSI Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql40xx.sys -> [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation)
(UlSata) UlSata [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata.sys -> [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.)
(adpu160m) adpu160m [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu160m.sys -> [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.)
(nvraid) nvraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvraid.sys -> [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation)
(nfrd960) nfrd960 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nfrd960.sys -> [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation)
(iirsp) iirsp [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iirsp.sys -> [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH)
(SiSRaid4) SiSRaid4 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid4.sys -> [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems)
(nvstor) nvstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvstor.sys -> [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation)
(aic78xx) aic78xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\djsvs.sys -> [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.)
(arcsas) arcsas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arcsas.sys -> [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.)
(LSI_SCSI) LSI_SCSI [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_scsi.sys -> [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic)
(SiSRaid2) SiSRaid2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid2.sys -> [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.)
(HpCISSs) HpCISSs [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\hpcisss.sys -> [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company)
(arc) arc [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arc.sys -> [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.)
(iteraid) ITERAID_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteraid.sys -> [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(iteatapi) ITEATAPI_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteatapi.sys -> [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(LSI_SAS) LSI_SAS [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_sas.sys -> [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic)
(Symc8xx) Symc8xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\symc8xx.sys -> [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic)
(LSI_FC) LSI_FC [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_fc.sys -> [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic)
(Sym_u3) Sym_u3 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_u3.sys -> [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic)
(Mraid35x) Mraid35x [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\mraid35x.sys -> [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation)
(Sym_hi) Sym_hi [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_hi.sys -> [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic)
(megasas) megasas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasas.sys -> [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation)
(viaide) viaide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\viaide.sys -> [2006-11-02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.)
(cmdide) cmdide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\cmdide.sys -> [2006-11-02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.)
(aliide) aliide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\aliide.sys -> [2006-11-02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.)
(Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserid.sys -> [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.)
(BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brusbser.sys -> [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.)
(BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltup.sys -> [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.)
(BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltlo.sys -> [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.)
(BrSerWdm) Brother WDM Serial driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserwdm.sys -> [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.)
(BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brusbmdm.sys -> [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.)
(HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\VSTAZL3.SYS -> [2006-11-02 09:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.)
(ntrigdigi) N-trig HID Tablet Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ntrigdigi.sys -> [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies)
(E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\E1G60I32.sys -> [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation)
(BCM43XV) Broadcom Extensible 802.11 Network Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\BCMWL6.SYS -> [2006-11-02 09:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation)
(ialm) ialm [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\igdkmd32.sys -> [2006-10-19 04:10:57 | 001,380,864 | ---- | M] (Intel Corporation)

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=81&bd=Pavilion&pf=laptop ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.facebook.com/ ->
HKEY_CURRENT_USER\: Main\\"StartPageCache" -> 1 ->
HKEY_CURRENT_USER\: SearchURL\\"" -> http://www.google.com/keyword/%s ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  ->
HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com -> C:\PROGRAM FILES\DIGITALPERSONA\BIN\FIREFOXEXT\ [C:\PROGRAM FILES\DIGITALPERSONA\BIN\FIREFOXEXT\] -> [2010-07-26 21:18:32 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
  -> C:\Users\Karina\AppData\Roaming\mozilla\Extensions -> [2009-05-18 22:05:37 | 000,000,000 | ---D | M]
  -> C:\Users\Karina\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org -> [2009-05-18 22:05:37 | 000,000,000 | ---D | M]
< HOSTS File > ([2010-07-27 09:42:00 | 000,000,027 | ---- | M] - 1 lines) -> C:\Windows\System32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1      localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006-10-22 23:08:42 | 000,062,080 | ---- | M] (Adobe Systems Incorporated)
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> [2009-08-04 16:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.)
{395610AE-C624-4f58-B89E-23733EA00F9A} [HKLM] -> C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [DigitalPersona Personal Extension] -> [2009-12-01 13:37:48 | 001,256,512 | ---- | M] (DigitalPersona, Inc.)
{474597C5-AB09-49d6-A4D5-2E8D7341384E} [HKLM] -> C:\Program Files\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll [UrlHelper Class] -> [2008-09-02 16:04:02 | 000,398,768 | ---- | M] ()
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> c:\program files\google\googletoolbar2.dll [Google Toolbar Helper] -> [2008-04-09 13:37:53 | 002,403,392 | R--- | M] (Google Inc.)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"" [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> c:\program files\google\googletoolbar2.dll [&Google] -> [2008-04-09 13:37:53 | 002,403,392 | R--- | M] (Google Inc.)
"{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}" [HKLM] -> C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll [BearShare MediaBar] -> File not found
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> c:\program files\google\googletoolbar2.dll [&Google] -> [2008-04-09 13:37:53 | 002,403,392 | R--- | M] (Google Inc.)
WebBrowser\\"{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}" [HKLM] -> C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll [BearShare MediaBar] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Adobe Reader Speed Launcher" -> C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2008-10-15 01:04:34 | 000,039,792 | ---- | M] (Adobe Systems Incorporated)
"DpAgent" -> C:\Program Files\DigitalPersona\Bin\dpagent.exe [C:\Program Files\DigitalPersona\Bin\dpagent.exe] -> [2009-12-01 13:37:46 | 000,842,816 | ---- | M] (DigitalPersona, Inc.)
"Google Desktop Search" -> C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe ["C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup] -> [2009-12-19 21:31:03 | 000,030,192 | ---- | M] (Google)
"HP Health Check Scheduler" -> c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe] -> [2008-10-09 07:58:56 | 000,075,008 | ---- | M] (Hewlett-Packard)
"NvCplDaemon" -> C:\Windows\System32\NvCpl.DLL [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup] -> [2009-06-24 06:08:00 | 013,601,312 | ---- | M] (NVIDIA Corporation)
"NvMediaCenter" -> C:\Windows\System32\NvMcTray.DLL [RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit] -> [2009-06-24 06:08:00 | 000,092,704 | ---- | M] (NVIDIA Corporation)
"SynTPStart" -> C:\Program Files\Synaptics\SynTP\SynTPStart.exe [C:\Program Files\Synaptics\SynTP\SynTPStart.exe] -> [2007-09-15 10:29:10 | 000,102,400 | ---- | M] (Synaptics, Inc.)
"UCam_Menu" -> C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"] -> [2007-09-13 16:32:50 | 000,222,504 | ---- | M] (CyberLink Corp.)
"Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008-01-19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"CTZDetec.exe" -> C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe [C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe] -> [2007-12-18 15:20:00 | 000,401,408 | ---- | M] (Creative Technology Ltd.)
"ISUSPM" -> C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe ["C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler] -> [2007-03-30 01:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation)
< RunOnce [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"Shockwave Updater" -> C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident\4.0;  [C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SIMBAR={9D86F83D-E44A-4DA2-BA83-6414070838FB}; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.0.30618)" -"http://ultima-hotel.org/client"] -> File not found
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer ->
< Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer ->
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Add to Google Photos Screensa&ver -> C:\Windows\System32\GPhotos.scr [res://C:\Windows\system32\GPhotos.scr/200] -> [2009-05-01 20:30:36 | 003,366,912 | ---- | M] (Google Inc.)
E&ksporter til Microsoft Excel -> C:\Programmer\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [Button: Blog det] -> [2009-07-26 20:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Blog det i Windows Live Writer] -> [2009-07-26 20:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll [Button: Send til OneNote] -> [2009-02-26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll [Menu: S&end til OneNote] -> [2009-02-26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation)
{5067A26B-1337-4436-8AFE-EE169C2DA79F}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Menu: Skype add-on for Internet Explorer] -> [2009-08-04 16:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.)
{77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Button: Skype] -> [2009-08-04 16:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL [Button: Research] -> [2009-03-06 04:04:56 | 000,039,464 | ---- | M] (Microsoft Corporation)
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4810 domain(s) found. ->
localhost .[http] -> Local intranet ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 1 range(s) found. ->
GD [:Range = 127.0.0.1] -> http = Local intranet |  ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{0CCA191D-13A6-4E29-B746-314DEE697D83} [HKLM] -> http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab [Reg Error: Value error.] ->
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] ->
{33564D57-9980-0010-8000-00AA00389B71} [HKLM] -> http://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab [Reg Error: Value error.] ->
{5C051655-FCD5-4969-9182-770EA5AA5565} [HKLM] -> http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab [Solitaire Showdown Class] ->
{5D6F45B3-9043-443D-A792-115447494D24} [HKLM] -> http://messenger.zone.msn.com/DA-DK/a-UNO1/GAME_UNO1.cab [UnoCtrl Class] ->
{6F15128C-E66A-490C-B848-5000B5ABEEAC} [HKLM] -> https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab [Reg Error: Value error.] ->
{8100D56A-5661-482C-BEE8-AFECE305D968} [HKLM] -> http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab [Facebook Photo Uploader 5 Control] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab [Reg Error: Value error.] ->
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} [HKLM] -> http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab [MessengerStatsClient Class] ->
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] ->
{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} [HKLM] -> http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab [Minesweeper Flags Class] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 212.242.40.3 212.242.40.51 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{148B8747-0816-47CC-B025-DFA038B0CEAF}\\DhcpNameServer -> 212.242.40.3 212.242.40.51  (Atheros AR5007 802.11b/g WiFi Adapter) ->
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll -> C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll -> [2009-12-19 21:31:03 | 000,123,392 | ---- | M] (Google)
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\Windows\explorer.exe -> [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}" [HKLM] -> Reg Error: Key error. [] -> File not found
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> Cd-rom-driver ->
"ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > ->  ->
C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2006-09-18 23:43:36 | 000,000,024 | ---- | M] ()
D:\AUTOMODE [@echo off | IF EXIST C:\ST_RP\MANUALMODE ECHO MANUAL BATCH MODE ALREADY SET ! | IF NOT EXIST C:\ST_RP\MANUALMODE ECHO SET TO MANUAL BATCH EXECUTION ! | IF NOT EXIST C:\ST_RP\MANUALMODE IF EXIST C:\ST_RP\AUTOMODE DEL C:\ST_RP\AUTOMODE /F > NUL | IF NOT EXIST C:\ST_RP\MANUALMODE COPY C:\ST_RP\SET_AUTO_MODE.CMD C:\ST_RP\MANUALMODE > NUL | ECHO. | ] -> D:\AUTOMODE [ NTFS ] -> [2005-09-11 17:18:54 | 000,000,340 | -HS- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = ComFile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->

[Registry - Additional Scans - Safe List]
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> "%1" %* ->
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = ComFile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
.hlp [@ = hlpfile] -> C:\Windows\winhlp32.exe -> [2006-11-02 11:45:57 | 000,009,216 | ---- | M] (Microsoft Corporation)
.pif [@ = piffile] -> "%1" %* ->
.scr [@ = scrfile] -> "%1" /S ->
< Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ ->
text/xml:{807563E5-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2008-10-25 09:27:54 | 000,044,408 | ---- | M] (Microsoft Corporation)
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL[Reg Error: Value error.] -> [2009-07-26 16:44:54 | 000,061,264 | ---- | M] (Microsoft Corporation)
ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll[HxProtocol Class] -> [2006-10-26 14:45:02 | 000,873,216 | ---- | M] (Microsoft Corporation)
msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL[Reg Error: Value error.] -> [2009-07-26 16:44:54 | 000,061,264 | ---- | M] (Microsoft Corporation)
skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL[IEProtocolHandler Class] -> [2009-10-09 14:11:14 | 001,959,208 | R--- | M] (Skype Technologies)
wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} [HKLM] -> C:\Program Files\Windows Live\Mail\mailcomm.dll[Windows Live Mail HTML Asynchronous Pluggable Protocol Handler] -> [2009-07-26 16:44:48 | 000,789,824 | ---- | M] (Microsoft Corporation)
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"cval" ->  [1] -> File not found
\\"FirewallDisableNotify" ->  [0] -> File not found
\\"AntiVirusDisableNotify" ->  [0] -> File not found
\\"UpdatesDisableNotify" ->  [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring
\Monitoring\\"DisableMonitoring" ->  [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus
\Monitoring\SymantecAntiVirus\\"DisableMonitoring" ->  [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall
\Monitoring\SymantecFirewall\\"DisableMonitoring" ->  [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc
\Svc\\"AntiVirusOverride" ->  [0] -> File not found
\Svc\\"AntiSpywareOverride" ->  [0] -> File not found
\Svc\\"FirewallOverride" ->  [0] -> File not found
\Svc\\"VistaSp1" -> Reg Error: Unknown registry data type [Reg Error: Unknown registry data type] -> File not found
\Svc\\"VistaSp2" -> Reg Error: Unknown registry data type [Reg Error: Unknown registry data type] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"DisableNotifications" ->  [0] -> File not found
\\"EnableFirewall" ->  [1] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> ->
< Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
ldap -> 4 = Restricted sites (Not a Default Protocol) ->
news -> 4 = Restricted sites (Not a Default Protocol) ->
nntp -> 4 = Restricted sites (Not a Default Protocol) ->
oecmd -> 4 = Restricted sites (Not a Default Protocol) ->
snews -> 4 = Restricted sites (Not a Default Protocol) ->
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{01FB4998-33C4-4431-85ED-079E3EEFE75D} -> CyberLink YouCam
{0289B35E-DC07-4c7a-9710-BBD686EA4B7D} -> Status
{082702D5-5DD8-4600-BCE5-48B15174687F} -> HP Doc Viewer
{0840B4D6-7DD1-4187-8523-E6FC0007EFB7} -> Tilmeldingsassistent til Windows Live ID
{0D2E9DCB-9938-475E-B4DD-8851738852FF} -> AIO_Scan
{13F2B82E-9F78-4518-826F-2DF37B58AEDD} -> 3200
{1746EA69-DCB6-4408-B5A5-E75F55439CDF} -> Scan
{179C56A4-F57F-4561-8BBF-F911D26EB435} -> WebReg
{197A3012-8C85-4FD3-AB66-9EC7E13DB92E} -> Adobe AIR
{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A} -> Adobe Shockwave Player
{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} -> DVD Suite
{205C6BDD-7B73-42DE-8505-9A093F35A238} -> Overførselsværktøj til Windows Live
{228C6B46-64E2-404E-898A-EF0830603EF4} -> HPNetworkAssistant
{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} -> MSVCRT
{2318C2B1-4965-11d4-9B18-009027A5CD4F} -> Google Toolbar for Internet Explorer
{254C37AA-6B72-4300-84F6-98A82419187E} -> ActiveCheck component for HP Active Support Library
{2614F54E-A828-49FA-93BA-45A3F756BFAA} -> 32 Bit HP CIO Components Installer
{26A24AE4-039D-4CA4-87B4-2F83216011FF} -> Java(TM) 6 Update 20
{28006915-2739-4EBE-B5E8-49B25D32EB33} -> Atheros Driver Installation Program
{2CDC68A4-3CE7-4F7B-A5BE-ECB05ABB8719} -> Windows Live Movie Maker
{2F3082BF-4A3B-45CA-805F-52DBBFD3C645} -> Windows Live Essentials
{31216452-5540-4C96-B754-94890A63D5AB} -> HP Help and Support
{3248F0A8-6813-11D6-A77B-00B0D0160070} -> Java(TM) 6 Update 7
{34D2AB40-150D-475D-AE32-BD23FB5EE355} -> HP Quick Launch Buttons 6.30 E1
{36FDBE6E-6684-462B-AE98-9A39A1B200CC} -> HP Product Assistant
{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD} -> Copy
{3B4E636E-9D65-4D67-BA61-189800823F52} -> Windows Live Communications Platform
{3F92ABBB-6BBF-11D5-B229-002078017FBF} -> NetWaiting
{40BF1E83-20EB-11D8-97C5-0009C5020658} -> Power2Go
{45A2D49C-8124-4015-A8B3-073A827EC5C1} -> Windows Live Sync
{45A66726-69BC-466B-A7A4-12FCBA4883D7} -> HiJackThis
{45D707E9-F3C4-11D9-A373-0050BAE317E1} -> HP QuickPlay 3.6
{47F3EDF5-C821-49E6-B9B3-D00BF0A9BAB8} -> DigitalPersona Personal 4.11
{49F2B650-2D7B-4F59-B33D-346F63776BD3} -> DocProc
{4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater
{4D49757C-367A-4333-BDB3-68966162B14E} -> HP User Guides 0087
{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748} -> Skype web features
{59F6A514-9813-47A3-948C-8A155460CC2A} -> RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
{5D9B17E4-5C34-45B2-9C95-8B9DB4CF7AF3} -> HP_Network_UserGuide
{669D4A35-146B-4314-89F1-1AC3D7B88367} -> HPAsset component for HP Active Support Library
{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8} -> eSupportQFolder
{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1 -> Revo Uninstaller Pro 2.2.3
{67D3F1A0-A1F2-49b7-B9EE-011277B170CD} -> HPProductAssistant
{68471BF2-F1F7-4C89-BBBA-400B94996596} -> ESU for Microsoft Vista
{6E7DD182-9FC6-4651-0095-2E666CC6AF35} -> The Sims 2
{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15} -> CustomerResearchQFolder
{7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable
{770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
{7DC4A410-9986-4329-9E5D-687B2C42CA39} -> HP QuickTouch 1.00 C4
{7F362F06-A9A3-440F-8B19-6A01A72723C4} -> AuthenTec Fingerprint Sensor Minimum Install
{87E2B986-07E8-477a-93DC-AF0B6758B192} -> DocProcQFolder
{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight
{90120000-0016-0406-0000-0000000FF1CE} -> Microsoft Office Excel MUI (Danish) 2007
{90120000-0016-0406-0000-0000000FF1CE}_HOMESTUDENTR_{652017DD-E99F-4420-9CC8-AC25CE8375A5} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0018-0406-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (Danish) 2007
{90120000-0018-0406-0000-0000000FF1CE}_HOMESTUDENTR_{652017DD-E99F-4420-9CC8-AC25CE8375A5} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001B-0406-0000-0000000FF1CE} -> Microsoft Office Word MUI (Danish) 2007
{90120000-001B-0406-0000-0000000FF1CE}_HOMESTUDENTR_{652017DD-E99F-4420-9CC8-AC25CE8375A5} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001F-0406-0000-0000000FF1CE} -> Microsoft Office Proof (Danish) 2007
{90120000-001F-0406-0000-0000000FF1CE}_HOMESTUDENTR_{25E093C2-374E-44A9-9BCE-3881BD442F3F} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-0407-0000-0000000FF1CE} -> Microsoft Office Proof (German) 2007
{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007
{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-002C-0406-0000-0000000FF1CE} -> Microsoft Office Proofing (Danish) 2007
{90120000-006E-0406-0000-0000000FF1CE} -> Microsoft Office Shared MUI (Danish) 2007
{90120000-006E-0406-0000-0000000FF1CE}_HOMESTUDENTR_{50865937-2EBB-4BBF-8861-BF5972C95D4B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-008A-0406-0000-0000000FF1CE} -> Gadget til seneste dokumenter i Microsoft Office 2007
{90120000-00A1-0406-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (Danish) 2007
{90120000-00A1-0406-0000-0000000FF1CE}_HOMESTUDENTR_{652017DD-E99F-4420-9CC8-AC25CE8375A5} -> Microsoft Office 2007 Service Pack 2 (SP2)
{91120000-002F-0000-0000-0000000FF1CE} -> Microsoft Office Home and Student 2007
{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF} -> Security Update for Microsoft Office system 2007 (972581)
{94B8F069-F223-4F48-BC88-7104CBA77F30} -> Windows Live Messenger
{95120000-00AF-0406-0000-0000000FF1CE} -> Microsoft Office PowerPoint Viewer 2007 (Danish)
{95120000-00B9-0409-0000-0000000FF1CE} -> Microsoft Application Error Reporting
{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9} -> MarketResearch
{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90} -> Google Earth
{9885A11E-60E4-417C-B58B-8B31B21C0B8A} -> HP Easy Setup - Frontend
{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03} -> TrayApp
{A0724A7E-F4E7-498e-B3F9-6FB2B909E56E} -> 3100_3200_3300_Help
{A36CD345-625C-4d6c-B3E2-76E1248CB451} -> SolutionCenter
{A4EE4223-98B1-4874-BA6E-E8A574F9C0FF} -> Adobe Photoshop Lightroom 2.2
{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} -> Google Update Helper
{AB5D51AE-EBC3-438D-872C-705C7C2084B0} -> DeviceManagementQFolder
{AC76BA86-7AD7-1030-7B44-A81300000003} -> Adobe Reader 8.1.3 - Dansk
{AC76BA86-7AD7-5464-3428-800000000003} -> Spelling Dictionaries Support For Adobe Reader 8
{B238D61F-3EEF-4716-BFEA-9903DEF045D9} -> Microsoft Works
{B2544A03-10D0-4E5E-BA69-0362FFC20D18} -> OGA Notifier 2.0.0048.0
{B69349AE-2D41-3708-8BA4-4DC22645CA04} -> Microsoft .NET Framework 3.5 Language Pack SP1 - dan
{BD0E2B92-3814-46F0-893B-4612EA010C7E} -> HP Customer Experience Enhancements
{BE77A81F-B315-4666-9BF3-AE70C0ADB057} -> BufferChm
{BFD09E5B-6D40-4CAD-A349-103BFEF1C574} -> Windows Live Mail
{C59C179C-668D-49A9-B6EA-0121CCFC1243} -> LabelPrint
{C716522C-3731-4667-8579-40B098294500} -> Toolbox
{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2} -> HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
{CB099890-1D5F-11D5-9EA9-0050BAE317E1} -> PowerDirector
{CBAE4F50-9FC9-4557-AB36-9826DF3C103C} -> HP Wireless Assistant
{CC4A73BF-938E-4C19-A553-853C035C9BA1} -> LightScribe System Software  1.10.13.1
{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1
{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF} -> HP Active Support Library
{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E} -> Destination Component
{D103C4BA-F905-437A-8049-DB24763BBE36} -> Skype™ 4.1
{D7EC54D8-3D95-4F9D-A191-59C9BB7F5AC9} -> Windows Live Photo Gallery
{DBEA1034-5882-4A88-8033-81C4EF0CFA29} -> Google Toolbar for Internet Explorer
{E06F04B9-45E6-4AC0-8083-85F7515F40F7} -> UnloadSupport
{E09575B2-498D-4C8B-A9D2-623F78574F29} -> AIO_CDB_Software
{E0A43EF2-46A5-4de2-916A-C515D8AA1618} -> 3100_3200_3300trb
{E2DFE069-083E-4631-9B6C-43C48E991DE5} -> Junk Mail filter update
{E2F43AFC-95FF-43A3-95C2-8F55D41CDEC0} -> KKopy
{E7112940-5F8E-4918-B9FE-251F2F8DC81F} -> AIO_CDB_ProductContext
{EB21A812-671B-4D08-B974-2A347F0D8F70} -> HP Photosmart Essential
{EB3D2F14-C178-11D6-B49B-0020183A6529} -> eGames GOG Red
{EB75DE50-5754-4F6F-875D-126EDF8E4CB3} -> HPSSupply
{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B} -> Adobe Flash Player 10 Plugin
{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F} -> Fax
{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65} -> DeviceDiscovery
{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} -> Microsoft SQL Server 2005 Compact Edition [ENU]
{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} -> Microsoft Choice Guard
{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262} -> Microsoft Office Live Add-in 1.5
{F7529650-B9DB-481B-0089-A2AC3C2821C1} -> The Sims 2 Nightlife
{F7F3B252-E772-48AA-93EB-7964BC326067} -> MSCU for Microsoft Vista
{F95F178B-56AD-4fab-87F8-FA81E66C7D68} -> Network
{FC0C6E54-BCD4-42C5-BEAA-4FFFEC499EE0} -> Windows Live Writer
{FE0646A7-19D0-41B4-A2BB-2C35D644270D} -> Windows Live OneCare safety scanner
{FE57DE70-95DE-4B64-9266-84DA811053DB} -> HP Update
Adobe AIR -> Adobe AIR
Adobe Shockwave Player -> Adobe Shockwave Player 11.5
Advanced SystemCare 3_is1 -> Advanced SystemCare 3
avast5 -> avast! Free Antivirus
CCleaner -> CCleaner (remove only)
Cheat Engine 5.5_is1 -> Cheat Engine 5.5
CNXT_AUDIO_HDA -> Conexant HD Audio
CNXT_MODEM_HDAUDIO_HERMOSA_HSF -> HDAUDIO Soft Data Fax Modem with SmartCP
Creative Media Lite -> Creative Media Lite
Discover Painting for Kids Special Edition -> Discover Painting for Kids Special Edition
FaceOnBody -> FaceOnBody
FastStone Image Viewer -> FastStone Image Viewer 3.9
FxFoto -> FxFoto by Triscape
Google Chrome -> Google Chrome
Google Desktop -> Google Desktop
Hauppauge MCE2005 Software Encoder -> Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
HijackThis -> HijackThis 2.0.2
HOMESTUDENTR -> Microsoft Office Home and Student 2007
HP Imaging Device Functions -> HP Imaging Device Functions 8.0
HP Solution Center & Imaging Support Tools -> HP Solution Center 8.0
HPExtendedCapabilities -> HP Customer Participation Program 8.0
HPOCR -> HP OCR Software 8.0
Icy Tower v1.3.1_is1 -> Icy Tower v1.3.1
iMesh -> iMesh
iMesh MediaBar -> MediaBar 2.0
InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} -> CyberLink YouCam
InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} -> PowerDirector
InstallShield_{E2F43AFC-95FF-43A3-95C2-8F55D41CDEC0} -> KKopy
IrfanView -> IrfanView (remove only)
Microsoft .NET Framework 3.5 Language Pack SP1 - dan -> Sprogpakke til Microsoft .NET Framework 3.5 SP1 - dansk
Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1
NVIDIA Drivers -> NVIDIA Drivers
PhotoFiltre -> PhotoFiltre
PhotoPad -> PhotoPad Image Editor
PhotoScape -> PhotoScape
Picasa 3 -> Picasa 3
SlingMedia.QPSlingPlayer_is1 -> QuickPlay SlingPlayer 0.4.4
SynTPDeinstKey -> Synaptics Pointing Device Driver
TriscapeFxFoto -> Triscape FxFoto
WinGimp-2.0_is1 -> GIMP 2.4.5
WinLiveSuite_Wave3 -> Windows Live Essentials
XnView_is1 -> XnView 1.96.5
ZENStoneUG -> Creative ZEN Stone User's Guide
< Uninstall List [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 17-03-2009 13:40:03 Computer Name = Karina-PC | Source = VSS | ID = 8194 -> Description =
Application [ Error ] 20-03-2009 17:47:44 Computer Name = Karina-PC | Source = Windows Search Service | ID = 3026 -> Description =
Application [ Error ] 27-03-2009 08:55:06 Computer Name = Karina-PC | Source = VSS | ID = 8194 -> Description =
Application [ Error ] 08-04-2009 15:47:28 Computer Name = Karina-PC | Source = Application Error | ID = 1000 -> Description = Program med fejl svchost.exe_HPSLPSVC, version 6.0.6001.18000, tidsstempel 0x47918b89, modul med fejl hpslpsvc32.dll, version 82.0.173.0, tidsstempel 0x457ce164, undtagelseskode 0xc000000d, forskydning med fejl 0x0004178c,  proces-id 0xbf8, programmets starttidspunkt 0x01c9b87eb1b9aa6b.
Application [ Error ] 11-04-2009 09:44:29 Computer Name = Karina-PC | Source = EventSystem | ID = 4609 -> Description =
Application [ Error ] 11-04-2009 10:35:55 Computer Name = Karina-PC | Source = EventSystem | ID = 4609 -> Description =
Application [ Error ] 15-04-2009 15:06:00 Computer Name = Karina-PC | Source = VSS | ID = 8194 -> Description =
Application [ Error ] 16-04-2009 12:32:26 Computer Name = Karina-PC | Source = EventSystem | ID = 4609 -> Description =
Application [ Error ] 16-04-2009 14:20:35 Computer Name = Karina-PC | Source = Application Error | ID = 1000 -> Description = Program med fejl iexplore.exe, version 7.0.6001.18000, tidsstempel 0x47918f11, modul med fejl unknown, version 0.0.0.0, tidsstempel 0x00000000, undtagelseskode 0xc0000005, forskydning med fejl 0x00000008,  proces-id 0xdfc, programmets starttidspunkt 0x01c9beb2793db429.
Application [ Error ] 16-04-2009 16:26:33 Computer Name = Karina-PC | Source = EventSystem | ID = 4609 -> Description =
DigitalPersona Pro [ Error ] 30-10-2009 03:22:47 Computer Name = Karina-PC | Source = DigitalPersona Pro | ID = 17827075 -> Description = Agent cannot start.    Description: Found other running Agent. 
DigitalPersona Pro [ Error ] 30-10-2009 07:26:14 Computer Name = Karina-PC | Source = DigitalPersona Pro | ID = 17827075 -> Description = Agent cannot start.    Description: Found other running Agent. 
DigitalPersona Pro [ Error ] 30-10-2009 18:35:34 Computer Name = Karina-PC | Source = DigitalPersona Pro | ID = 17827075 -> Description = Agent cannot start.    Description: Found other running Agent. 
DigitalPersona Pro [ Error ] 31-10-2009 05:40:26 Computer Name = Karina-PC | Source = DigitalPersona Pro | ID = 17827075 -> Description = Agent cannot start.    Description: Found other running Agent. 
DigitalPersona Pro [ Error ] 01-11-2009 04:29:49 Computer Name = Karina-PC | Source = DigitalPersona Pro | ID = 17827075 -> Description = Agent cannot start.    Description: Found other running Agent. 
DigitalPersona Pro [ Error ] 01-11-2009 11:46:27 Computer Name = Karina-PC | Source = DigitalPersona Pro | ID = 17827075 -> Description = Agent cannot start.    Description: Found other running Agent. 
DigitalPersona Pro [ Error ] 02-11-2009 09:49:46 Computer Name = Karina-PC | Source = DigitalPersona Pro | ID = 17827075 -> Description = Agent cannot start.    Description: Found other running Agent. 
DigitalPersona Pro [ Error ] 03-11-2009 02:51:42 Computer Name = Karina-PC | Source = DigitalPersona Pro | ID = 17827075 -> Description = Agent cannot start.    Description: Found other running Agent. 
DigitalPersona Pro [ Error ] 03-11-2009 15:09:41 Computer Name = Karina-PC | Source = DigitalPersona Pro | ID = 17827075 -> Description = Agent cannot start.    Description: Found other running Agent. 
DigitalPersona Pro [ Error ] 04-11-2009 09:06:33 Computer Name = Karina-PC | Source = DigitalPersona Pro | ID = 17827075 -> Description = Agent cannot start.    Description: Found other running Agent. 
OSession [ Error ] 27-10-2009 17:24:53 Computer Name = Karina-PC | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 30870 seconds with 1020 seconds of active time.  This session ended with a crash.
System [ Error ] 13-06-2008 17:01:48 Computer Name = Karina-PC | Source = Service Control Manager | ID = 7000 -> Description =
System [ Error ] 14-06-2008 04:33:20 Computer Name = Karina-PC | Source = HTTP | ID = 15016 -> Description =
System [ Error ] 14-06-2008 04:34:08 Computer Name = Karina-PC | Source = Service Control Manager | ID = 7000 -> Description =
System [ Error ] 14-06-2008 11:54:56 Computer Name = Karina-PC | Source = HTTP | ID = 15016 -> Description =
System [ Error ] 14-06-2008 11:55:42 Computer Name = Karina-PC | Source = Service Control Manager | ID = 7000 -> Description =
System [ Error ] 14-06-2008 14:45:27 Computer Name = Karina-PC | Source = HTTP | ID = 15016 -> Description =
System [ Error ] 14-06-2008 16:12:16 Computer Name = Karina-PC | Source = Service Control Manager | ID = 7000 -> Description =
System [ Error ] 15-06-2008 04:24:29 Computer Name = Karina-PC | Source = HTTP | ID = 15016 -> Description =
System [ Error ] 15-06-2008 04:24:31 Computer Name = Karina-PC | Source = Dhcp | ID = 1002 -> Description = Rettigheden til IP-adressen 192.168.1.3 for netværkskortet med netværksadressen 001F3A06B847 blev nægtet af DHCP-serveren 0.0.0.0 (DHCP-serveren sendte en DHCPNACK-meddelelse).
System [ Error ] 15-06-2008 04:26:04 Computer Name = Karina-PC | Source = Service Control Manager | ID = 7000 -> Description =

[Files/Folders - Created Within 30 Days]
OTS.exe -> C:\Users\Karina\Desktop\OTS.exe -> [2010-07-30 10:59:22 | 000,641,536 | ---- | C] (OldTimer Tools)
temp -> C:\Windows\temp -> [2010-07-29 22:29:24 | 000,000,000 | ---D | C]
temp -> C:\Users\Karina\AppData\Local\temp -> [2010-07-29 22:29:24 | 000,000,000 | ---D | C]
$RECYCLE.BIN -> C:\$RECYCLE.BIN -> [2010-07-29 22:28:48 | 000,000,000 | -HSD | C]
NIRCMD.exe -> C:\Windows\NIRCMD.exe -> [2010-07-29 22:15:54 | 000,031,232 | ---- | C] (NirSoft)
ComboFix -> C:\ComboFix -> [2010-07-29 22:15:48 | 000,000,000 | ---D | C]
SWXCACLS.exe -> C:\Windows\SWXCACLS.exe -> [2010-07-29 22:15:31 | 000,212,480 | ---- | C] (SteelWerX)
AVGTemp -> C:\AVGTemp -> [2010-07-28 14:27:09 | 000,000,000 | ---D | C]
aswFsBlk.sys -> C:\Windows\System32\drivers\aswFsBlk.sys -> [2010-07-28 13:47:48 | 000,017,744 | ---- | C] (ALWIL Software)
aswSP.sys -> C:\Windows\System32\drivers\aswSP.sys -> [2010-07-28 13:47:47 | 000,165,456 | ---- | C] (ALWIL Software)
aswRdr.sys -> C:\Windows\System32\drivers\aswRdr.sys -> [2010-07-28 13:47:43 | 000,023,376 | ---- | C] (ALWIL Software)
aswTdi.sys -> C:\Windows\System32\drivers\aswTdi.sys -> [2010-07-28 13:47:39 | 000,046,672 | ---- | C] (ALWIL Software)
aswMonFlt.sys -> C:\Windows\System32\drivers\aswMonFlt.sys -> [2010-07-28 13:47:35 | 000,050,256 | ---- | C] (ALWIL Software)
aswBoot.exe -> C:\Windows\System32\aswBoot.exe -> [2010-07-28 13:47:04 | 000,165,032 | ---- | C] (AVAST Software)
avastSS.scr -> C:\Windows\avastSS.scr -> [2010-07-28 13:47:04 | 000,038,848 | ---- | C] (ALWIL Software)
SWREG.exe -> C:\Windows\SWREG.exe -> [2010-07-27 09:22:17 | 000,161,792 | ---- | C] (SteelWerX)
SWSC.exe -> C:\Windows\SWSC.exe -> [2010-07-27 09:22:17 | 000,136,704 | ---- | C] (SteelWerX)
ERDNT -> C:\Windows\ERDNT -> [2010-07-27 09:22:05 | 000,000,000 | ---D | C]
Qoobox -> C:\Qoobox -> [2010-07-27 09:17:01 | 000,000,000 | ---D | C]
WdfLdr.sys -> C:\Windows\System32\drivers\WdfLdr.sys -> [2010-07-27 00:03:22 | 000,038,480 | ---- | C] (Microsoft Corporation)
WindowsPowerShell -> C:\Windows\System32\WindowsPowerShell -> [2010-07-26 23:54:11 | 000,000,000 | ---D | C]
winrsmgr.dll -> C:\Windows\System32\winrsmgr.dll -> [2010-07-26 23:51:59 | 000,002,048 | ---- | C] (Microsoft Corporation)
winrs.exe -> C:\Windows\System32\winrs.exe -> [2010-07-26 23:51:27 | 000,040,448 | ---- | C] (Microsoft Corporation)
winrshost.exe -> C:\Windows\System32\winrshost.exe -> [2010-07-26 23:51:27 | 000,020,480 | ---- | C] (Microsoft Corporation)
wsmprovhost.exe -> C:\Windows\System32\wsmprovhost.exe -> [2010-07-26 23:51:27 | 000,012,800 | ---- | C] (Microsoft Corporation)
wsmplpxy.dll -> C:\Windows\System32\wsmplpxy.dll -> [2010-07-26 23:51:23 | 000,010,240 | ---- | C] (Microsoft Corporation)
winrssrv.dll -> C:\Windows\System32\winrssrv.dll -> [2010-07-26 23:51:23 | 000,010,240 | ---- | C] (Microsoft Corporation)
wevtfwd.dll -> C:\Windows\System32\wevtfwd.dll -> [2010-07-26 23:51:20 | 000,081,408 | ---- | C] (Microsoft Corporation)
wecutil.exe -> C:\Windows\System32\wecutil.exe -> [2010-07-26 23:51:20 | 000,079,872 | ---- | C] (Microsoft Corporation)
wecapi.dll -> C:\Windows\System32\wecapi.dll -> [2010-07-26 23:51:20 | 000,056,320 | ---- | C] (Microsoft Corporation)
WsmRes.dll -> C:\Windows\System32\WsmRes.dll -> [2010-07-26 23:51:20 | 000,054,272 | ---- | C] (Microsoft Corporation)
pwrshplugin.dll -> C:\Windows\System32\pwrshplugin.dll -> [2010-07-26 23:51:18 | 000,041,472 | ---- | C] (Microsoft Corporation)
winrscmd.dll -> C:\Windows\System32\winrscmd.dll -> [2010-07-26 23:51:05 | 000,241,152 | ---- | C] (Microsoft Corporation)
WsmWmiPl.dll -> C:\Windows\System32\WsmWmiPl.dll -> [2010-07-26 23:51:05 | 000,214,016 | ---- | C] (Microsoft Corporation)
WsmAuto.dll -> C:\Windows\System32\WsmAuto.dll -> [2010-07-26 23:51:05 | 000,145,408 | ---- | C] (Microsoft Corporation)
WSManMigrationPlugin.dll -> C:\Windows\System32\WSManMigrationPlugin.dll -> [2010-07-26 23:51:04 | 000,252,416 | ---- | C] (Microsoft Corporation)
WSManHTTPConfig.exe -> C:\Windows\System32\WSManHTTPConfig.exe -> [2010-07-26 23:51:04 | 000,246,272 | ---- | C] (Microsoft Corporation)
HpUpdate -> C:\Users\Karina\AppData\Roaming\HpUpdate -> [2010-07-26 23:40:05 | 000,000,000 | ---D | C]
Hewlett-Packard -> C:\Windows\Hewlett-Packard -> [2010-07-26 23:36:27 | 000,000,000 | ---D | C]
Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010-07-26 22:48:29 | 000,000,000 | ---D | C]
My Received Files -> C:\Users\Karina\Documents\My Received Files -> [2010-07-26 22:11:00 | 000,000,000 | ---D | C]
iMesh -> C:\Users\Karina\Documents\iMesh -> [2010-07-26 22:11:00 | 000,000,000 | ---D | C]
Alwil Software -> C:\ProgramData\Alwil Software -> [2010-07-26 22:07:03 | 000,000,000 | ---D | C]
Alwil Software -> C:\Program Files\Alwil Software -> [2010-07-26 22:07:03 | 000,000,000 | ---D | C]
Ting til com -> C:\Users\Karina\Desktop\Ting til com -> [2010-07-26 21:31:20 | 000,000,000 | ---D | C]
tr -> C:\Wind

tr -> C:\Windows\System32\tr -> [2010-07-26 21:18:38 | 000,000,000 | ---D | C]
sv -> C:\Windows\System32\sv -> [2010-07-26 21:18:38 | 000,000,000 | ---D | C]
ru -> C:\Windows\System32\ru -> [2010-07-26 21:18:38 | 000,000,000 | ---D | C]
no -> C:\Windows\System32\no -> [2010-07-26 21:18:38 | 000,000,000 | ---D | C]
ko -> C:\Windows\System32\ko -> [2010-07-26 21:18:33 | 000,000,000 | ---D | C]
ja -> C:\Windows\System32\ja -> [2010-07-26 21:18:33 | 000,000,000 | ---D | C]
it -> C:\Windows\System32\it -> [2010-07-26 21:18:33 | 000,000,000 | ---D | C]
fr -> C:\Windows\System32\fr -> [2010-07-26 21:18:33 | 000,000,000 | ---D | C]
es -> C:\Windows\System32\es -> [2010-07-26 21:18:33 | 000,000,000 | ---D | C]
de -> C:\Windows\System32\de -> [2010-07-26 21:18:33 | 000,000,000 | ---D | C]
DPDrv -> C:\Windows\DPDrv -> [2010-07-26 21:18:31 | 000,000,000 | ---D | C]
Downloaded Installations -> C:\ProgramData\Downloaded Installations -> [2010-07-26 21:13:39 | 000,000,000 | ---D | C]
IObit -> C:\Users\Karina\AppData\Roaming\IObit -> [2010-07-26 13:30:44 | 000,000,000 | ---D | C]
IObit -> C:\Program Files\IObit -> [2010-07-26 13:30:44 | 000,000,000 | ---D | C]
VS Revo Group -> C:\Users\Karina\AppData\Local\VS Revo Group -> [2010-07-26 12:16:10 | 000,000,000 | ---D | C]
revoflt.sys -> C:\Windows\System32\drivers\revoflt.sys -> [2010-07-26 12:16:02 | 000,027,192 | ---- | C] (VS Revo Group)
VS Revo Group -> C:\Program Files\VS Revo Group -> [2010-07-26 12:16:00 | 000,000,000 | ---D | C]
PresentationHost.exe -> C:\Windows\System32\PresentationHost.exe -> [2010-07-26 03:08:08 | 000,295,264 | ---- | C] (Microsoft Corporation)
PresentationHostProxy.dll -> C:\Windows\System32\PresentationHostProxy.dll -> [2010-07-26 03:08:08 | 000,099,176 | ---- | C] (Microsoft Corporation)
netfxperf.dll -> C:\Windows\System32\netfxperf.dll -> [2010-07-26 03:08:08 | 000,049,472 | ---- | C] (Microsoft Corporation)
Sun -> C:\ProgramData\Sun -> [2010-07-26 01:29:01 | 000,000,000 | ---D | C]
deployJava1.dll -> C:\Windows\System32\deployJava1.dll -> [2010-07-26 01:28:12 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.)
javaws.exe -> C:\Windows\System32\javaws.exe -> [2010-07-26 01:28:12 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.)
javaw.exe -> C:\Windows\System32\javaw.exe -> [2010-07-26 01:28:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
java.exe -> C:\Windows\System32\java.exe -> [2010-07-26 01:28:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
atmfd.dll -> C:\Windows\System32\atmfd.dll -> [2010-07-26 01:00:03 | 000,289,792 | ---- | C] (Adobe Systems Incorporated)
atmlib.dll -> C:\Windows\System32\atmlib.dll -> [2010-07-26 01:00:03 | 000,034,304 | ---- | C] (Adobe Systems)
asycfilt.dll -> C:\Windows\System32\asycfilt.dll -> [2010-07-26 00:59:37 | 000,067,072 | ---- | C] (Microsoft Corporation)
Apphlpdm.dll -> C:\Windows\System32\Apphlpdm.dll -> [2010-07-26 00:59:20 | 000,028,672 | ---- | C] (Microsoft Corporation)
GameUXLegacyGDFs.dll -> C:\Windows\System32\GameUXLegacyGDFs.dll -> [2010-07-26 00:59:19 | 004,240,384 | ---- | C] (Microsoft)
msfeeds.dll -> C:\Windows\System32\msfeeds.dll -> [2010-07-26 00:58:48 | 000,599,040 | ---- | C] (Microsoft Corporation)
iedkcs32.dll -> C:\Windows\System32\iedkcs32.dll -> [2010-07-26 00:58:47 | 000,387,584 | ---- | C] (Microsoft Corporation)
mstime.dll -> C:\Windows\System32\mstime.dll -> [2010-07-26 00:58:46 | 000,611,840 | ---- | C] (Microsoft Corporation)
inetcpl.cpl -> C:\Windows\System32\inetcpl.cpl -> [2010-07-26 00:58:45 | 001,469,440 | ---- | C] (Microsoft Corporation)
ieui.dll -> C:\Windows\System32\ieui.dll -> [2010-07-26 00:58:44 | 000,164,352 | ---- | C] (Microsoft Corporation)
iepeers.dll -> C:\Windows\System32\iepeers.dll -> [2010-07-26 00:58:43 | 000,184,320 | ---- | C] (Microsoft Corporation)
ieUnatt.exe -> C:\Windows\System32\ieUnatt.exe -> [2010-07-26 00:58:43 | 000,133,632 | ---- | C] (Microsoft Corporation)
ie4uinit.exe -> C:\Windows\System32\ie4uinit.exe -> [2010-07-26 00:58:42 | 000,173,056 | ---- | C] (Microsoft Corporation)
iesysprep.dll -> C:\Windows\System32\iesysprep.dll -> [2010-07-26 00:58:42 | 000,109,056 | ---- | C] (Microsoft Corporation)
msfeedsbs.dll -> C:\Windows\System32\msfeedsbs.dll -> [2010-07-26 00:58:42 | 000,055,296 | ---- | C] (Microsoft Corporation)
jsproxy.dll -> C:\Windows\System32\jsproxy.dll -> [2010-07-26 00:58:42 | 000,025,600 | ---- | C] (Microsoft Corporation)
msfeedssync.exe -> C:\Windows\System32\msfeedssync.exe -> [2010-07-26 00:58:42 | 000,013,312 | ---- | C] (Microsoft Corporation)
mshtml.tlb -> C:\Windows\System32\mshtml.tlb -> [2010-07-26 00:58:41 | 001,638,912 | ---- | C] (Microsoft Corporation)
iesetup.dll -> C:\Windows\System32\iesetup.dll -> [2010-07-26 00:58:41 | 000,071,680 | ---- | C] (Microsoft Corporation)
iernonce.dll -> C:\Windows\System32\iernonce.dll -> [2010-07-26 00:58:41 | 000,055,808 | ---- | C] (Microsoft Corporation)
win32k.sys -> C:\Windows\System32\win32k.sys -> [2010-07-26 00:58:31 | 002,037,248 | ---- | C] (Microsoft Corporation)
ntkrnlpa.exe -> C:\Windows\System32\ntkrnlpa.exe -> [2010-07-25 23:38:32 | 003,600,776 | ---- | C] (Microsoft Corporation)
ntoskrnl.exe -> C:\Windows\System32\ntoskrnl.exe -> [2010-07-25 23:38:32 | 003,548,040 | ---- | C] (Microsoft Corporation)
vbscript.dll -> C:\Windows\System32\vbscript.dll -> [2010-07-25 23:38:28 | 000,420,352 | ---- | C] (Microsoft Corporation)
tzres.dll -> C:\Windows\System32\tzres.dll -> [2010-07-25 23:38:12 | 000,002,048 | ---- | C] (Microsoft Corporation)
l3codecp.acm -> C:\Windows\System32\l3codecp.acm -> [2010-07-25 23:36:13 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS)
l3codeca.acm -> C:\Windows\System32\l3codeca.acm -> [2010-07-25 23:36:13 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS)
browserchoice.exe -> C:\Windows\System32\browserchoice.exe -> [2010-07-25 22:08:11 | 000,293,376 | ---- | C] (Microsoft Corporation)

[Files/Folders - Modified Within 30 Days]
ntuser.dat -> C:\Users\Karina\ntuser.dat -> [2010-07-30 11:03:35 | 006,029,312 | -HS- | M] ()
OTS.exe -> C:\Users\Karina\Desktop\OTS.exe -> [2010-07-30 10:59:40 | 000,641,536 | ---- | M] (OldTimer Tools)
GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2010-07-30 10:49:04 | 000,000,920 | ---- | M] ()
hpqp.ini -> C:\Users\Public\Documents\hpqp.ini -> [2010-07-30 10:03:30 | 000,000,163 | ---- | M] ()
nvModes.001 -> C:\ProgramData\nvModes.001 -> [2010-07-30 10:02:54 | 000,064,510 | ---- | M] ()
GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2010-07-30 10:02:04 | 000,000,916 | ---- | M] ()
AWC Startup.job -> C:\Windows\tasks\AWC Startup.job -> [2010-07-30 10:02:01 | 000,000,372 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2010-07-30 10:00:56 | 000,003,168 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2010-07-30 10:00:56 | 000,003,168 | -H-- | M] ()
SA.DAT -> C:\Windows\tasks\SA.DAT -> [2010-07-30 10:00:52 | 000,000,006 | -H-- | M] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2010-07-30 10:00:47 | 000,067,584 | --S- | M] ()
ntuser.dat{78e52992-d5c6-11dd-b054-001b24fc014d}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Karina\ntuser.dat{78e52992-d5c6-11dd-b054-001b24fc014d}.TMContainer00000000000000000001.regtrans-ms -> [2010-07-29 23:19:09 | 000,524,288 | -HS- | M] ()
ntuser.dat{78e52992-d5c6-11dd-b054-001b24fc014d}.TM.blf -> C:\Users\Karina\ntuser.dat{78e52992-d5c6-11dd-b054-001b24fc014d}.TM.blf -> [2010-07-29 23:19:09 | 000,065,536 | -HS- | M] ()
IconCache.db -> C:\Users\Karina\AppData\Local\IconCache.db -> [2010-07-29 23:19:03 | 001,551,100 | -H-- | M] ()
nvModes.dat -> C:\ProgramData\nvModes.dat -> [2010-07-29 22:42:52 | 000,064,510 | ---- | M] ()
system.ini -> C:\Windows\system.ini -> [2010-07-29 22:27:05 | 000,000,215 | ---- | M] ()
ComboFix - Genvej (2).lnk -> C:\Users\Karina\Desktop\ComboFix - Genvej (2).lnk -> [2010-07-29 21:46:49 | 000,000,848 | ---- | M] ()
Revo Uninstaller Pro.lnk -> C:\Users\Karina\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk -> [2010-07-28 22:06:39 | 000,000,985 | ---- | M] ()
Revo Uninstaller Pro.lnk -> C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk -> [2010-07-28 22:06:39 | 000,000,961 | ---- | M] ()
avast! Free Antivirus.lnk -> C:\Users\Public\Desktop\avast! Free Antivirus.lnk -> [2010-07-28 13:47:49 | 000,001,840 | ---- | M] ()
config.nt -> C:\Windows\System32\config.nt -> [2010-07-28 13:47:35 | 000,002,577 | ---- | M] ()
hosts -> C:\Windows\System32\drivers\etc\hosts -> [2010-07-27 09:42:00 | 000,000,027 | ---- | M] ()
Msft_Kernel_SynTP_01009.Wdf -> C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf -> [2010-07-27 00:04:54 | 000,000,000 | -H-- | M] ()
MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf -> C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf -> [2010-07-27 00:04:38 | 000,000,000 | -H-- | M] ()
PerfStringBackup.INI -> C:\Windows\System32\PerfStringBackup.INI -> [2010-07-26 23:49:14 | 001,218,672 | ---- | M] ()
perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2010-07-26 23:49:14 | 000,587,178 | ---- | M] ()
perfh006.dat -> C:\Windows\System32\perfh006.dat -> [2010-07-26 23:49:14 | 000,463,344 | ---- | M] ()
perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2010-07-26 23:49:14 | 000,101,250 | ---- | M] ()
perfc006.dat -> C:\Windows\System32\perfc006.dat -> [2010-07-26 23:49:14 | 000,077,202 | ---- | M] ()
Malwarebytes.docx -> C:\Users\Karina\Documents\Malwarebytes.docx -> [2010-07-26 23:06:20 | 000,009,964 | ---- | M] ()
CyberLink YouCam.lnk -> C:\Users\Karina\Desktop\CyberLink YouCam.lnk -> [2010-07-26 22:21:32 | 000,000,928 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Karina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010-07-26 13:52:36 | 000,065,536 | ---- | M] ()
Advanced SystemCare.lnk -> C:\Users\Karina\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk -> [2010-07-26 13:30:55 | 000,001,038 | ---- | M] ()
IObit Freeware.url -> C:\Users\Karina\Desktop\IObit Freeware.url -> [2010-07-26 13:30:55 | 000,000,136 | ---- | M] ()
FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2010-07-26 11:00:31 | 002,312,880 | ---- | M] ()
_MSRSTRT.EXE -> C:\Windows\_MSRSTRT.EXE -> [2010-07-26 01:12:36 | 000,002,560 | ---- | M] ()
GDIPFONTCACHEV1.DAT -> C:\Users\Karina\AppData\Local\GDIPFONTCACHEV1.DAT -> [2010-07-25 22:19:57 | 000,103,728 | ---- | M] ()
Valg af webbrowser.lnk -> C:\Users\Public\Desktop\Valg af webbrowser.lnk -> [2010-07-25 22:19:07 | 000,001,589 | ---- | M] ()

[Files - No Company Name]
IconCache.db -> C:\Users\Karina\AppData\Local\IconCache.db -> [2010-07-29 22:36:53 | 001,551,100 | -H-- | C] ()
ComboFix - Genvej (2).lnk -> C:\Users\Karina\Desktop\ComboFix - Genvej (2).lnk -> [2010-07-29 21:46:49 | 000,000,848 | ---- | C] ()
Revo Uninstaller Pro.lnk -> C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk -> [2010-07-28 22:06:39 | 000,000,961 | ---- | C] ()
avast! Free Antivirus.lnk -> C:\Users\Public\Desktop\avast! Free Antivirus.lnk -> [2010-07-28 13:47:49 | 000,001,840 | ---- | C] ()
PEV.exe -> C:\Windows\PEV.exe -> [2010-07-27 09:22:17 | 000,256,512 | ---- | C] ()
sed.exe -> C:\Windows\sed.exe -> [2010-07-27 09:22:17 | 000,098,816 | ---- | C] ()
grep.exe -> C:\Windows\grep.exe -> [2010-07-27 09:22:17 | 000,080,412 | ---- | C] ()
MBR.exe -> C:\Windows\MBR.exe -> [2010-07-27 09:22:17 | 000,077,312 | ---- | C] ()
zip.exe -> C:\Windows\zip.exe -> [2010-07-27 09:22:17 | 000,068,096 | ---- | C] ()
Msft_Kernel_SynTP_01009.Wdf -> C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf -> [2010-07-27 00:04:54 | 000,000,000 | -H-- | C] ()
MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf -> C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf -> [2010-07-27 00:04:38 | 000,000,000 | -H-- | C] ()
MsftWdf_Kernel_01009_Inbox_Critical.Wdf -> C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf -> [2010-07-27 00:03:28 | 000,000,003 | ---- | C] ()
winrm.vbs -> C:\Windows\System32\winrm.vbs -> [2010-07-26 23:51:08 | 000,201,184 | ---- | C] ()
wsmanconfig_schema.xml -> C:\Windows\System32\wsmanconfig_schema.xml -> [2010-07-26 23:51:08 | 000,004,675 | ---- | C] ()
WsmTxt.xsl -> C:\Windows\System32\WsmTxt.xsl -> [2010-07-26 23:51:08 | 000,002,426 | ---- | C] ()
CyberLink YouCam.lnk -> C:\Users\Karina\Desktop\CyberLink YouCam.lnk -> [2010-07-26 22:21:32 | 000,000,928 | ---- | C] ()
desktop.ini -> C:\Users\Karina\AppData\Roaming\desktop.ini -> [2010-07-26 21:19:10 | 000,000,006 | -HS- | C] ()
desktop.ini -> C:\Users\Karina\AppData\Local\desktop.ini -> [2010-07-26 21:19:10 | 000,000,006 | -HS- | C] ()
AWC Startup.job -> C:\Windows\tasks\AWC Startup.job -> [2010-07-26 13:31:06 | 000,000,372 | ---- | C] ()
Advanced SystemCare.lnk -> C:\Users\Karina\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk -> [2010-07-26 13:30:55 | 000,001,038 | ---- | C] ()
IObit Freeware.url -> C:\Users\Karina\Desktop\IObit Freeware.url -> [2010-07-26 13:30:55 | 000,000,136 | ---- | C] ()
Revo Uninstaller Pro.lnk -> C:\Users\Karina\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk -> [2010-07-26 12:16:07 | 000,000,985 | ---- | C] ()
_MSRSTRT.EXE -> C:\Windows\_MSRSTRT.EXE -> [2010-07-26 01:12:34 | 000,002,560 | ---- | C] ()
Malwarebytes.docx -> C:\Users\Karina\Documents\Malwarebytes.docx -> [2010-07-25 23:54:34 | 000,009,964 | ---- | C] ()
Valg af webbrowser.lnk -> C:\Users\Public\Desktop\Valg af webbrowser.lnk -> [2010-07-25 22:19:07 | 000,001,589 | ---- | C] ()
EhStorAuthn.dll -> C:\Windows\System32\EhStorAuthn.dll -> [2009-09-17 20:57:38 | 000,117,248 | ---- | C] ()
OGACheckControl.dll -> C:\Windows\System32\OGACheckControl.dll -> [2009-08-03 15:07:42 | 000,403,816 | ---- | C] ()
d3dx9.dll -> C:\Windows\System32\d3dx9.dll -> [2009-01-22 16:32:00 | 001,970,176 | ---- | C] ()
rixdicon.dll -> C:\Windows\System32\rixdicon.dll -> [2008-01-05 16:27:48 | 000,016,480 | ---- | C] ()
GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2006-11-02 14:37:35 | 000,037,665 | ---- | C] ()
GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2006-11-02 14:37:35 | 000,029,779 | ---- | C] ()
GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2006-11-02 14:37:35 | 000,026,489 | ---- | C] ()
GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2006-11-02 14:37:35 | 000,026,040 | ---- | C] ()
sysprepMCE.dll -> C:\Windows\System32\sysprepMCE.dll -> [2006-11-02 14:35:32 | 000,005,632 | ---- | C] ()
igfxTMM.dll -> C:\Windows\System32\igfxTMM.dll -> [2006-11-02 12:25:21 | 000,061,440 | ---- | C] ()
pacerprf.ini -> C:\Windows\System32\pacerprf.ini -> [2006-11-02 09:40:29 | 000,013,750 | ---- | C] ()
WdfCoInstaller01000.dll -> C:\Windows\System32\WdfCoInstaller01000.dll -> [2006-03-10 00:58:00 | 001,060,424 | ---- | C] ()
sysgtime.dll -> C:\Windows\sysgtime.dll -> [2000-01-07 02:00:00 | 000,024,448 | ---- | C] ()
proclsvr.drv -> C:\Windows\System32\proclsvr.drv -> [2000-01-07 02:00:00 | 000,024,448 | ---- | C] ()

[Alternate Data Streams]
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
[/code]

Da jeg kan se der mangler nogle Windows filer skal du lige gøre dette.

1. Gå i Start - Skriv i søgefeltet > cmd > vælg det program som hedder > cmd.exe > og højreklik på den og sig "Kør som administrator"
2. Skriv: SFC.exe /Scannow > Enter
3. Indsæt din Windows CD/DVD, hvis du bliver bedt om det
4. Genstart computeren

------

Der er ingen tegn på at AVG bliver statet, så vil du godt finde Sikkerhedsceteret i Kontrolpanelet.

Hvis der står AVG skal du gøre dette igen:

Klik start>søg skriv:services.msc
Højreklik på den -> kør som administrator
Find Windows Management Instrumentation. Højreklik på denne, og vælg stop
Start stifinder men husk at få den til at vise skjulte filer og mapper
http://www.it-artikler.dk/2008/06/12/vis-skjulte-filer-og-mapper-i-windows-vista/
Find mappen wbem den ligger i c:\Windows\system32. der finder du mappen repository
Slet den.
Klik start>søg skriv:services.msc
Højreklik på den -> kør som administrator
Højreklik på Windows Management Instrumentation og vælg start.
Genstart
Så er sikkerhedcenteret nulstillet.

Tjek så Sikkerhedscenteret igen, fortæl hvad der står.

Der er ikke fundet nogen integritetsfejl.
I sikkerhedscenteret, kan jeg ikke finde AVG ;-)
Men under firewall, står det to eller flere firewall, der kører på samme tid, kan være i konflikt med hinanden.

Hvad siger Sikkerhedscenteret om antivirus?

CCleaner ligger på maskinen. Kør en tur med den. (Både Renser og Register)
http://vistaguide.dk/?Artikler/CCleaner-GuideTilOptimeringAfVista/763

Se om det hjælper i Sikkerhedscenteret.

Avast! Antivirus rapportere at det er opdateret, og virusscanning er aktiveret.

Windows Defender og avast! Rapportere begge, at de er aktive

Har kørt CCleaner

Er den så i orden nu?

Har du et Avast ikon, nede ved siden af uret?
Hvis ikke så hent Avast free her:
http://www.avast.com/free-antivirus-download

Afbryd "nettet"
Afinstaller Avast
Geninstaller Avast
Tilslut "nettet"
Opdateter Avast.

------

Rapporterer Sikkerhedscenteret stadig om to Firewalls?

Vil du standse kørslen at denne chift, da det kan gøre computeren langsom.
Det kommer frem hver gang jeg genstarter computeren, hvordan får jeg det væk?
Nu er ikonet ved siden af uret, men når jeg går i sikkerhedscenter, så står der at det er forældet, selv om det lige har hentet opdateringer?
Det ser ud til at der kun er en firewall som kører nu ;-)

Ups  script

Den fejl har irriteret mig det meste af dagen. Ved mig kommer den dog kun når jeg er på E. Ikke når jeg genstarter, eller er på andre sider.


Nogen gange skal der mange opdateringer til  :)

------

Deaktiver dit antivirus-program, kør en online scanning med ESET Online Scanner:
http://www.eset.com/onlinescan/

Du skal acceptere betingelserne for brug, og klik på Start.
Efter ActiveX Control er indlæst, vil det tage et par minutter for scanneren at blive klar.
Dernæst skal du sætte flueben i følgende felter: (ikke andre)
Scan archives

under advanced settings
Scan for potentialy unwanted applications
Scan for potentially unsafe applications
enable anti-stealth technology

Klik på Start. Denne scanning kan tage et stykke tid, så vær tålmodig.
En log vil åbne, når scanningen er færdig.

(hvis ikke, skal du gå til C:\Programmer\EsetOnlineScanner\ og åbne filen Log.txt).

Kopier den herind i næste indlæg.

Den scanner på livet løs, men smutter i seng nu, smider den herind i morgen tidlig.
Tager nemlig på ferie i morgen eftermiddag ;.)

Hvor finder jeg C:\Programmer\EsetOnlineScanner\

Har fundet det, men det er ikke blevet gemt, så er i gang igen, den fandt 2 viruser i går aftes :-(

Øv den har ikke gemt en logfil :-(

Jeg vil gerne ha' en ny log fra OTS

Så er jeg tilbage fra ferie ;-)

Her er en ny log fra OTS

[code]
OTS logfile created on: 10-08-2010 15:15:33 - Run 2
OTS by OldTimer - Version 3.1.34.0    Folder = C:\Users\Karina\Desktop\Til Com
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,24 Gb Total Space | 60,67 Gb Free Space | 43,57% Space Free | Partition Type: NTFS
Drive D: | 9,81 Gb Total Space | 2,89 Gb Free Space | 29,52% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KARINA-PC
Current User Name: Karina
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days

[Processes - Safe List]
ots.exe -> C:\Users\Karina\Desktop\Til Com\OTS.exe -> [2010-07-30 10:59:40 | 000,641,536 | ---- | M] (OldTimer Tools)
avastui.exe -> C:\Program Files\Alwil Software\Avast5\AvastUI.exe -> [2010-06-28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software)
avastsvc.exe -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software)
googledesktop.exe -> C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -> [2009-12-19 21:31:03 | 000,030,192 | ---- | M] (Google)
dphostw.exe -> C:\Program Files\DigitalPersona\Bin\DpHostW.exe -> [2009-12-01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.)
dpagent.exe -> C:\Program Files\DigitalPersona\Bin\DpAgent.exe -> [2009-12-01 13:37:46 | 000,842,816 | ---- | M] (DigitalPersona, Inc.)
wlidsvc.exe -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -> [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation)
wlidsvcm.exe -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe -> [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation)
explorer.exe -> C:\Windows\explorer.exe -> [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
wlcomm.exe -> C:\Program Files\Windows Live\Contacts\wlcomm.exe -> [2009-02-06 18:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation)
hpqbam08.exe -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe -> [2008-10-16 20:12:28 | 000,569,344 | ---- | M] (Hewlett-Packard Co.)
reader_sl.exe -> C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe -> [2008-10-15 01:04:34 | 000,039,792 | ---- | M] (Adobe Systems Incorporated)
hphc_scheduler.exe -> C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe -> [2008-10-09 07:58:56 | 000,075,008 | ---- | M] (Hewlett-Packard)
hpqste08.exe -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe -> [2008-03-25 20:49:02 | 000,184,320 | ---- | M] (Hewlett-Packard Co.)
hpqtra08.exe -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe -> [2008-03-25 20:40:42 | 000,214,360 | ---- | M] (Hewlett-Packard Co.)
msascui.exe -> C:\Program Files\Windows Defender\MSASCui.exe -> [2008-01-19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation)
ctzdetec.exe -> C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe -> [2007-12-18 15:20:00 | 000,401,408 | ---- | M] (Creative Technology Ltd.)
ctdevsrv.exe -> C:\Program Files\Creative\Shared Files\CTDevSrv.exe -> [2007-04-02 15:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd)
isuspm.exe -> C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe -> [2007-03-30 01:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation)

[Modules - Safe List]
ots.exe -> C:\Users\Karina\Desktop\Til Com\OTS.exe -> [2010-07-30 10:59:40 | 000,641,536 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll -> [2009-04-11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation)
msscript.ocx -> C:\Windows\System32\msscript.ocx -> [2008-01-19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation)

[Win32 Services - Safe List]
(avast! Web Scanner) avast! Web Scanner [On_Demand | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software)
(avast! Mail Scanner) avast! Mail Scanner [On_Demand | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software)
(avast! Antivirus) avast! Antivirus [Auto | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software)
(GoogleDesktopManager-110309-193829) Google Desktop Manager 5.9.911.3589 [On_Demand | Stopped] -> C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -> [2009-12-19 21:31:03 | 000,030,192 | ---- | M] (Google)
(DpHost) Biometric Authentication Service [Auto | Running] -> C:\Program Files\DigitalPersona\Bin\DpHostW.exe -> [2009-12-01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.)
(FontCache) Tjenesten Windows-skrifttypecache [On_Demand | Stopped] -> C:\Windows\System32\FntCache.dll -> [2009-09-25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation)
(wlidsvc) Windows Live ID Sign-in Assistant [Auto | Running] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -> [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation)
(hpqcxs08) hpqcxs08 [On_Demand | Running] -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -> [2008-11-19 19:23:16 | 000,217,088 | ---- | M] (Hewlett-Packard Co.)
(hpqddsvc) HP-tjeneste til registrering af CUE-enheder [Auto | Running] -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -> [2008-03-25 21:27:36 | 000,135,168 | ---- | M] (Hewlett-Packard Co.)
(HPSLPSVC) HP Network Devices Support [Auto | Running] -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\HPSLPSVC32.DLL -> [2008-03-25 21:25:50 | 000,630,784 | ---- | M] (Hewlett-Packard Co.)
(WinDefend) Windows Defender [Auto | Running] -> C:\Program Files\Windows Defender\mpsvc.dll -> [2008-01-19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation)
(CTDevice_Srv) CT Device Query service [Auto | Running] -> C:\Program Files\Creative\Shared Files\CTDevSrv.exe -> [2007-04-02 15:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd)
(Com4Qlb) Com4Qlb [On_Demand | Stopped] -> C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -> [2007-03-05 20:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.)

[Driver Services - Safe List]
(NwlnkFwd) IPX Traffic Forwarder Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\nwlnkfwd.sys -> File not found
(NwlnkFlt) IPX Traffic Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\nwlnkflt.sys -> File not found
(IpInIp) IP in IP Tunnel Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\ipinip.sys -> File not found
(catchme) catchme [Kernel | On_Demand | Stopped] -> C:\Users\Karina\AppData\Local\Temp\catchme.sys -> File not found
(blbdrive) blbdrive [Kernel | Disabled | Stopped] -> C:\Windows\System32\drivers\blbdrive.sys -> File not found
(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\Windows\System32\drivers\aswTdi.sys -> [2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software)
(aswSP) aswSP [Kernel | System | Running] -> C:\Windows\System32\drivers\aswSP.sys -> [2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software)
(aswRdr) aswRdr [Kernel | System | Running] -> C:\Windows\System32\drivers\aswRdr.sys -> [2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software)
(aswMonFlt) aswMonFlt [File_System | Auto | Running] -> C:\Windows\System32\drivers\aswMonFlt.sys -> [2010-06-28 22:32:56 | 000,050,256 | ---- | M] (ALWIL Software)
(aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\Windows\System32\drivers\aswFsBlk.sys -> [2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software)
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\SynTP.sys -> [2010-05-27 22:32:58 | 000,245,936 | ---- | M] (Synaptics Incorporated)
(Revoflt) Revoflt [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\revoflt.sys -> [2009-12-30 12:21:16 | 000,027,192 | ---- | M] (VS Revo Group)
(athr) Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\athr.sys -> [2009-09-05 16:55:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.)
(nvlddmkm) nvlddmkm [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nvlddmkm.sys -> [2009-06-24 06:08:00 | 007,542,208 | ---- | M] (NVIDIA Corporation)
(KMWDFILTER) HIDUASDesc [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\KMWDFILTER.sys -> [2008-10-09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider)
(CnxtHdAudService) Conexant UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\CHDRT32.sys -> [2008-03-04 02:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.)
(s217unic) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s217unic.sys -> [2007-11-02 14:22:38 | 000,105,896 | ---- | M] (MCCI)
(s217mgmt) Sony Ericsson Device 217 USB WMC Device Management Drivers (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s217mgmt.sys -> [2007-11-02 14:22:38 | 000,103,976 | ---- | M] (MCCI Corporation)
(s217obex) Sony Ericsson Device 217 USB WMC OBEX Interface [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s217obex.sys -> [2007-11-02 14:22:38 | 000,100,008 | ---- | M] (MCCI Corporation)
(s217nd5) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (NDIS) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s217nd5.sys -> [2007-11-02 14:22:38 | 000,024,872 | ---- | M] (MCCI Corporation)
(s217mdm) Sony Ericsson Device 217 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s217mdm.sys -> [2007-11-02 14:22:36 | 000,109,992 | ---- | M] (MCCI Corporation)
(s217bus) Sony Ericsson Device 217 driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s217bus.sys -> [2007-11-02 14:22:36 | 000,083,496 | ---- | M] (MCCI Corporation)
(s217mdfl) Sony Ericsson Device 217 USB WMC Modem Filter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\s217mdfl.sys -> [2007-11-02 14:22:36 | 000,015,016 | ---- | M] (MCCI Corporation)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HSX_DPV.sys -> [2007-11-01 08:51:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.)
(HSXHWAZL) HSXHWAZL [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HSXHWAZL.sys -> [2007-11-01 08:47:54 | 000,208,896 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HSX_CNXT.sys -> [2007-11-01 08:47:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.)
(XAudio) XAudio [Kernel | Auto | Running] -> C:\Windows\System32\drivers\XAudio.sys -> [2007-10-18 06:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.)
(HdAudAddService) Microsoft UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\CHDART.sys -> [2007-09-10 00:12:28 | 000,176,640 | ---- | M] (Conexant Systems Inc.)
(ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\atswpdrv.sys -> [2007-08-29 01:47:36 | 000,146,560 | ---- | M] (AuthenTec, Inc.)
(HpqRemHid) HP Remote Control HID Device [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HpqRemHid.sys -> [2007-07-11 20:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.)
(HpqKbFiltr) HpqKbFilter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HpqKbFiltr.sys -> [2007-06-19 03:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.)
(rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> C:\Windows\System32\drivers\rixdptsk.sys -> [2007-03-22 08:02:04 | 000,037,376 | ---- | M] (REDC)
(NVENETFD) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nvmfdx32.sys -> [2007-03-07 04:15:58 | 001,059,112 | ---- | M] (NVIDIA Corporation)
(rimmptsk) rimmptsk [Kernel | Auto | Running] -> C:\Windows\System32\drivers\rimmptsk.sys -> [2007-02-25 00:42:22 | 000,039,936 | ---- | M] (REDC)
(nvsmu) nvsmu [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nvsmu.sys -> [2007-02-16 23:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation)
(rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\Windows\System32\drivers\rimsptsk.sys -> [2007-01-24 02:40:20 | 000,042,496 | ---- | M] (REDC)
(ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql2300.sys -> [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation)
(adp94xx) adp94xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adp94xx.sys -> [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.)
(elxstor) elxstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\elxstor.sys -> [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex)
(adpahci) adpahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpahci.sys -> [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.)
(uliahci) uliahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\uliahci.sys -> [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.)
(iaStorV) Intel RAID Controller Vista [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iastorv.sys -> [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation)
(adpu320) adpu320 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu320.sys -> [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.)
(ulsata2) ulsata2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata2.sys -> [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.)
(vsmraid) vsmraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\vsmraid.sys -> [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd)
(ql40xx) QLogic iSCSI Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql40xx.sys -> [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation)
(UlSata) UlSata [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata.sys -> [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.)
(adpu160m) adpu160m [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu160m.sys -> [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.)
(nvraid) nvraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvraid.sys -> [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation)
(nfrd960) nfrd960 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nfrd960.sys -> [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation)
(iirsp) iirsp [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iirsp.sys -> [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH)
(SiSRaid4) SiSRaid4 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid4.sys -> [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems)
(nvstor) nvstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvstor.sys -> [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation)
(aic78xx) aic78xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\djsvs.sys -> [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.)
(arcsas) arcsas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arcsas.sys -> [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.)
(LSI_SCSI) LSI_SCSI [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_scsi.sys -> [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic)
(SiSRaid2) SiSRaid2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid2.sys -> [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.)
(HpCISSs) HpCISSs [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\hpcisss.sys -> [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company)
(arc) arc [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arc.sys -> [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.)
(iteraid) ITERAID_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteraid.sys -> [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(iteatapi) ITEATAPI_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteatapi.sys -> [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(LSI_SAS) LSI_SAS [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_sas.sys -> [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic)
(Symc8xx) Symc8xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\symc8xx.sys -> [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic)
(LSI_FC) LSI_FC [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_fc.sys -> [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic)
(Sym_u3) Sym_u3 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_u3.sys -> [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic)
(Mraid35x) Mraid35x [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\mraid35x.sys -> [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation)
(Sym_hi) Sym_hi [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_hi.sys -> [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic)
(megasas) megasas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasas.sys -> [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation)
(viaide) viaide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\viaide.sys -> [2006-11-02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.)
(cmdide) cmdide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\cmdide.sys -> [2006-11-02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.)
(aliide) aliide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\aliide.sys -> [2006-11-02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.)
(Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserid.sys -> [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.)
(BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brusbser.sys -> [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.)
(BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltup.sys -> [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.)
(BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltlo.sys -> [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.)
(BrSerWdm) Brother WDM Serial driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserwdm.sys -> [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.)
(BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brusbmdm.sys -> [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.)
(HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\VSTAZL3.SYS -> [2006-11-02 09:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.)
(ntrigdigi) N-trig HID Tablet Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ntrigdigi.sys -> [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies)
(E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\E1G60I32.sys -> [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation)
(BCM43XV) Broadcom Extensible 802.11 Network Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\BCMWL6.SYS -> [2006-11-02 09:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation)
(ialm) ialm [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\igdkmd32.sys -> [2006-10-19 04:10:57 | 001,380,864 | ---- | M] (Intel Corporation)

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=da_dk&c=81&bd=Pavilion&pf=laptop ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.facebook.com/ ->
HKEY_CURRENT_USER\: Main\\"StartPageCache" -> 1 ->
HKEY_CURRENT_USER\: SearchURL\\"" -> http://www.google.com/keyword/%s ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  ->
HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com -> C:\PROGRAM FILES\DIGITALPERSONA\BIN\FIREFOXEXT\ [C:\PROGRAM FILES\DIGITALPERSONA\BIN\FIREFOXEXT\] -> [2010-07-26 21:18:32 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
  -> C:\Users\Karina\AppData\Roaming\mozilla\Extensions -> [2009-05-18 22:05:37 | 000,000,000 | ---D | M]
  -> C:\Users\Karina\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org -> [2009-05-18 22:05:37 | 000,000,000 | ---D | M]
< HOSTS File > ([2010-07-27 09:42:00 | 000,000,027 | ---- | M] - 1 lines) -> C:\Windows\System32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1      localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006-10-22 23:08:42 | 000,062,080 | ---- | M] (Adobe Systems Incorporated)
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> [2009-08-04 16:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.)
{395610AE-C624-4f58-B89E-23733EA00F9A} [HKLM] -> C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [DigitalPersona Personal Extension] -> [2009-12-01 13:37:48 | 001,256,512 | ---- | M] (DigitalPersona, Inc.)
{474597C5-AB09-49d6-A4D5-2E8D7341384E} [HKLM] -> C:\Program Files\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll [UrlHelper Class] -> [2008-09-02 16:04:02 | 000,398,768 | ---- | M] ()
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> c:\program files\google\googletoolbar2.dll [Google Toolbar Helper] -> [2008-04-09 13:37:53 | 002,403,392 | R--- | M] (Google Inc.)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"" [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> c:\program files\google\googletoolbar2.dll [&Google] -> [2008-04-09 13:37:53 | 002,403,392 | R--- | M] (Google Inc.)
"{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> c:\program files\google\googletoolbar2.dll [&Google] -> [2008-04-09 13:37:53 | 002,403,392 | R--- | M] (Google Inc.)
WebBrowser\\"{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Adobe Reader Speed Launcher" -> C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2008-10-15 01:04:34 | 000,039,792 | ---- | M] (Adobe Systems Incorporated)
"avast5" -> C:\Programmer\Alwil Software\Avast5\AvastUI.exe [C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui] -> File not found
"DpAgent" -> C:\Program Files\DigitalPersona\Bin\dpagent.exe [C:\Program Files\DigitalPersona\Bin\dpagent.exe] -> [2009-12-01 13:37:46 | 000,842,816 | ---- | M] (DigitalPersona, Inc.)
"Google Desktop Search" -> C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe ["C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup] -> [2009-12-19 21:31:03 | 000,030,192 | ---- | M] (Google)
"HP Health Check Scheduler" -> c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe] -> [2008-10-09 07:58:56 | 000,075,008 | ---- | M] (Hewlett-Packard)
"NvCplDaemon" -> C:\Windows\System32\NvCpl.DLL [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup] -> [2009-06-24 06:08:00 | 013,601,312 | ---- | M] (NVIDIA Corporation)
"NvMediaCenter" -> C:\Windows\System32\NvMcTray.DLL [RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit] -> [2009-06-24 06:08:00 | 000,092,704 | ---- | M] (NVIDIA Corporation)
"SynTPStart" -> C:\Program Files\Synaptics\SynTP\SynTPStart.exe [C:\Program Files\Synaptics\SynTP\SynTPStart.exe] -> [2007-09-15 10:29:10 | 000,102,400 | ---- | M] (Synaptics, Inc.)
"UCam_Menu" -> C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"] -> [2007-09-13 16:32:50 | 000,222,504 | ---- | M] (CyberLink Corp.)
"Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008-01-19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"CTZDetec.exe" -> C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe [C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe] -> [2007-12-18 15:20:00 | 000,401,408 | ---- | M] (Creative Technology Ltd.)
"ISUSPM" -> C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe ["C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler] -> [2007-03-30 01:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation)
< RunOnce [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"Shockwave Updater" -> C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident\4.0;  [C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SIMBAR={9D86F83D-E44A-4DA2-BA83-6414070838FB}; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.0.30618)" -"http://ultima-hotel.org/client"] -> File not found
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer ->
< Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer ->
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDrives" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Add to Google Photos Screensa&ver -> C:\Windows\System32\GPhotos.scr [res://C:\Windows\system32\GPhotos.scr/200] -> [2009-05-01 20:30:36 | 003,366,912 | ---- | M] (Google Inc.)
E&ksporter til Microsoft Excel -> C:\Programmer\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [Button: Blog det] -> [2009-07-26 20:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Blog det i Windows Live Writer] -> [2009-07-26 20:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll [Button: Send til OneNote] -> [2009-02-26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll [Menu: S&end til OneNote] -> [2009-02-26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation)
{5067A26B-1337-4436-8AFE-EE169C2DA79F}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Menu: Skype add-on for Internet Explorer] -> [2009-08-04 16:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.)
{77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Button: Skype] -> [2009-08-04 16:47:42 | 001,586,472 | ---- | M] (Skype Technologies S.A.)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL [Button: Research] -> [2009-03-06 04:04:56 | 000,039,464 | ---- | M] (Microsoft Corporation)
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4810 domain(s) found. ->
localhost .[http] -> Local intranet ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 1 range(s) found. ->
GD [:Range = 127.0.0.1] -> http = Local intranet |  ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{0CCA191D-13A6-4E29-B746-314DEE697D83} [HKLM] -> http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab [Reg Error: Value error.] ->
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] ->
{33564D57-9980-0010-8000-00AA00389B71} [HKLM] -> http://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab [Reg Error: Value error.] ->
{5C051655-FCD5-4969-9182-770EA5AA5565} [HKLM] -> http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab [Solitaire Showdown Class] ->
{5D6F45B3-9043-443D-A792-115447494D24} [HKLM] -> http://messenger.zone.msn.com/DA-DK/a-UNO1/GAME_UNO1.cab [UnoCtrl Class] ->
{6F15128C-E66A-490C-B848-5000B5ABEEAC} [HKLM] -> https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab [Reg Error: Value error.] ->
{7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> http://download.eset.com/special/eos/OnlineScanner.cab [OnlineScanner Control] ->
{8100D56A-5661-482C-BEE8-AFECE305D968} [HKLM] -> http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab [Facebook Photo Uploader 5 Control] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab [Reg Error: Value error.] ->
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} [HKLM] -> http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab [MessengerStatsClient Class] ->
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab [Java Plug-in 1.6.0_20] ->
{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} [HKLM] -> http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab [Minesweeper Flags Class] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 212.242.40.3 212.242.40.51 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{148B8747-0816-47CC-B025-DFA038B0CEAF}\\DhcpNameServer -> 212.242.40.3 212.242.40.51  (Atheros AR5007 802.11b/g WiFi Adapter) ->
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll -> C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll -> [2009-12-19 21:31:03 | 000,123,392 | ---- | M] (Google)
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\Windows\explorer.exe -> [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}" [HKLM] -> Reg Error: Key error. [] -> File not found
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> Cd-rom-driver ->
"ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > ->  ->
C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2006-09-18 23:43:36 | 000,000,024 | ---- | M] ()
D:\AUTOMODE [@echo off | IF EXIST C:\ST_RP\MANUALMODE ECHO MANUAL BATCH MODE ALREADY SET ! | IF NOT EXIST C:\ST_RP\MANUALMODE ECHO SET TO MANUAL BATCH EXECUTION ! | IF NOT EXIST C:\ST_RP\MANUALMODE IF EXIST C:\ST_RP\AUTOMODE DEL C:\ST_RP\AUTOMODE /F > NUL | IF NOT EXIST C:\ST_RP\MANUALMODE COPY C:\ST_RP\SET_AUTO_MODE.CMD C:\ST_RP\MANUALMODE > NUL | ECHO. | ] -> D:\AUTOMODE [ NTFS ] -> [2005-09-11 17:18:54 | 000,000,340 | -HS- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = ComFile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->


[Files/Folders - Created Within 30 Days]
ESET -> C:\Program Files\ESET -> [2010-07-30 22:46:12 | 000,000,000 | ---D | C]
aswFsBlk.sys -> C:\Windows\System32\drivers\aswFsBlk.sys -> [2010-07-30 21:35:17 | 000,017,744 | ---- | C] (ALWIL Software)
aswSP.sys -> C:\Windows\System32\drivers\aswSP.sys -> [2010-07-30 21:35:16 | 000,165,456 | ---- | C] (ALWIL Software)
aswRdr.sys -> C:\Windows\System32\drivers\aswRdr.sys -> [2010-07-30 21:35:13 | 000,023,376 | ---- | C] (ALWIL Software)
aswTdi.sys -> C:\Windows\System32\drivers\aswTdi.sys -> [2010-07-30 21:35:12 | 000,046,672 | ---- | C] (ALWIL Software)
aswMonFlt.sys -> C:\Windows\System32\drivers\aswMonFlt.sys -> [2010-07-30 21:35:10 | 000,050,256 | ---- | C] (ALWIL Software)
aswBoot.exe -> C:\Windows\System32\aswBoot.exe -> [2010-07-30 21:34:40 | 000,165,032 | ---- | C] (AVAST Software)
avastSS.scr -> C:\Windows\avastSS.scr -> [2010-07-30 21:34:40 | 000,038,848 | ---- | C] (ALWIL Software)
Til Com -> C:\Users\Karina\Desktop\Til Com -> [2010-07-30 16:15:48 | 000,000,000 | ---D | C]
temp -> C:\Windows\temp -> [2010-07-29 22:29:24 | 000,000,000 | ---D | C]
temp -> C:\Users\Karina\AppData\Local\temp -> [2010-07-29 22:29:24 | 000,000,000 | ---D | C]
$RECYCLE.BIN -> C:\$RECYCLE.BIN -> [2010-07-29 22:28:48 | 000,000,000 | -HSD | C]
NIRCMD.exe -> C:\Windows\NIRCMD.exe -> [2010-07-29 22:15:54 | 000,031,232 | ---- | C] (NirSoft)
ComboFix -> C:\ComboFix -> [2010-07-29 22:15:48 | 000,000,000 | ---D | C]
SWXCACLS.exe -> C:\Windows\SWXCACLS.exe -> [2010-07-29 22:15:31 | 000,212,480 | ---- | C] (SteelWerX)
SWREG.exe -> C:\Windows\SWREG.exe -> [2010-07-27 09:22:17 | 000,161,792 | ---- | C] (SteelWerX)
SWSC.exe -> C:\Windows\SWSC.exe -> [2010-07-27 09:22:17 | 000,136,704 | ---- | C] (SteelWerX)
ERDNT -> C:\Windows\ERDNT -> [2010-07-27 09:22:05 | 000,000,000 | ---D | C]
Qoobox -> C:\Qoobox -> [2010-07-27 09:17:01 | 000,000,000 | ---D | C]
WdfLdr.sys -> C:\Windows\System32\drivers\WdfLdr.sys -> [2010-07-27 00:03:22 | 000,038,480 | ---- | C] (Microsoft Corporation)
WindowsPowerShell -> C:\Windows\System32\WindowsPowerShell -> [2010-07-26 23:54:11 | 000,000,000 | ---D | C]
winrsmgr.dll -> C:\Windows\System32\winrsmgr.dll -> [2010-07-26 23:51:59 | 000,002,048 | ---- | C] (Microsoft Corporation)
winrs.exe -> C:\Windows\System32\winrs.exe -> [2010-07-26 23:51:27 | 000,040,448 | ---- | C] (Microsoft Corporation)
winrshost.exe -> C:\Windows\System32\winrshost.exe -> [2010-07-26 23:51:27 | 000,020,480 | ---- | C] (Microsoft Corporation)
wsmprovhost.exe -> C:\Windows\System32\wsmprovhost.exe -> [2010-07-26 23:51:27 | 000,012,800 | ---- | C] (Microsoft Corporation)
wsmplpxy.dll -> C:\Windows\System32\wsmplpxy.dll -> [2010-07-26 23:51:23 | 000,010,240 | ---- | C] (Microsoft Corporation)
winrssrv.dll -> C:\Windows\System32\winrssrv.dll -> [2010-07-26 23:51:23 | 000,010,240 | ---- | C] (Microsoft Corporation)
wevtfwd.dll -> C:\Windows\System32\wevtfwd.dll -> [2010-07-26 23:51:20 | 000,081,408 | ---- | C] (Microsoft Corporation)
wecutil.exe -> C:\Windows\System32\wecutil.exe -> [2010-07-26 23:51:20 | 000,079,872 | ---- | C] (Microsoft Corporation)
wecapi.dll -> C:\Windows\System32\wecapi.dll -> [2010-07-26 23:51:20 | 000,056,320 | ---- | C] (Microsoft Corporation)
WsmRes.dll -> C:\Windows\System32\WsmRes.dll -> [2010-07-26 23:51:20 | 000,054,272 | ---- | C] (Microsoft Corporation)
pwrshplugin.dll -> C:\Windows\System32\pwrshplugin.dll -> [2010-07-26 23:51:18 | 000,041,472 | ---- | C] (Microsoft Corporation)
winrscmd.dll -> C:\Windows\System32\winrscmd.dll -> [2010-07-26 23:51:05 | 000,241,152 | ---- | C] (Microsoft Corporation)
WsmWmiPl.dll -> C:\Windows\System32\WsmWmiPl.dll -> [2010-07-26 23:51:05 | 000,214,016 | ---- | C] (Microsoft Corporation)
WsmAuto.dll -> C:\Windows\System32\WsmAuto.dll -> [2010-07-26 23:51:05 | 000,145,408 | ---- | C] (Microsoft Corporation)
WSManMigrationPlugin.dll -> C:\Windows\System32\WSManMigrationPlugin.dll -> [2010-07-26 23:51:04 | 000,252,416 | ---- | C] (Microsoft Corporation)
WSManHTTPConfig.exe -> C:\Windows\System32\WSManHTTPConfig.exe -> [2010-07-26 23:51:04 | 000,246,272 | ---- | C] (Microsoft Corporation)
HpUpdate -> C:\Users\Karina\AppData\Roaming\HpUpdate -> [2010-07-26 23:40:05 | 000,000,000 | ---D | C]
Hewlett-Packard -> C:\Windows\Hewlett-Packard -> [2010-07-26 23:36:27 | 000,000,000 | ---D | C]
Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010-07-26 22:48:29 | 000,000,000 | ---D | C]
My Received Files -> C:\Users\Karina\Documents\My Received Files -> [2010-07-26 22:11:00 | 000,000,000 | ---D | C]
iMesh -> C:\Users\Karina\Documents\iMesh -> [2010-07-26 22:11:00 | 000,000,000 | ---D | C]
Alwil Software -> C:\ProgramData\Alwil Software -> [2010-07-26 22:07:03 | 000,000,000 | ---D | C]
Alwil Software -> C:\Program Files\Alwil Software -> [2010-07-26 22:07:03 | 000,000,000 | ---D | C]
Ting til com -> C:\Users\Karina\Desktop\Ting til com -> [2010-07-26 21:31:20 | 000,000,000 | ---D | C]
tr -> C:\Windows\System32\tr -> [2010-07-26 21:18:38 | 000,000,000 | ---D | C]
sv -> C:\Windows\System32\sv -> [2010-07-26 21:18:38 | 000,000,000 | ---D | C]
ru -> C:\Windows\System32\ru -> [2010-07-26 21:18:38 | 000,000,000 | ---D | C]
no -> C:\Windows\System32\no -> [2010-07-26 21:18:38 | 000,000,000 | ---D | C]
ko -> C:\Windows\System32\ko -> [2010-07-26 21:18:33 | 000,000,000 | ---D | C]
ja -> C:\Windows\System32\ja -> [2010-07-26 21:18:33 | 000,000,000 | ---D | C]
it -> C:\Windows\System32\it -> [2010-07-26 21:18:33 | 000,000,000 | ---D | C]
fr -> C:\Windows\System32\fr -> [2010-07-26 21:18:33 | 000,000,000 | ---D | C]
es -> C:\Windows\System32\es -> [2010-07-26 21:18:33 | 000,000,000 | ---D | C]
de -> C:\Windows\System32\de -> [2010-07-26 21:18:33 | 000,000,000 | ---D | C]
DPDrv -> C:\Windows\DPDrv -> [2010-07-26 21:18:31 | 000,000,000 | ---D | C]
Downloaded Installations -> C:\ProgramData\Downloaded Installations -> [2010-07-26 21:13:39 | 000,000,000 | ---D | C]
IObit -> C:\Users\Karina\AppData\Roaming\IObit -> [2010-07-26 13:30:44 | 000,000,000 | ---D | C]
IObit -> C:\Program Files\IObit -> [2010-07-26 13:30:44 | 000,000,000 | ---D | C]
VS Revo Group -> C:\Users\Karina\AppData\Local\VS Revo Group -> [2010-07-26 12:16:10 | 000,000,000 | ---D | C]
revoflt.sys -> C:\Windows\System32\drivers\revoflt.sys -> [2010-07-26 12:16:02 | 000,027,192 | ---- | C] (VS Revo Group)
VS Revo Group -> C:\Program Files\VS Revo Group -> [2010-07-26 12:16:00 | 000,000,000 | ---D | C]
PresentationHost.exe -> C:\Windows\System32\PresentationHost.exe -> [2010-07-26 03:08:08 | 000,295,264 | ---- | C] (Microsoft Corporation)
PresentationHostProxy.dll -> C:\Windows\System32\PresentationHostProxy.dll -> [2010-07-26 03:08:08 | 000,099,176 | ---- | C] (Microsoft Corporation)
netfxperf.dll -> C:\Windows\System32\netfxperf.dll -> [2010-07-26 03:08:08 | 000,049,472 | ---- | C] (Microsoft Corporation)
Sun -> C:\ProgramData\Sun -> [2010-07-26 01:29:01 | 000,000,000 | ---D | C]
deployJava1.dll -> C:\Windows\System32\deployJava1.dll -> [2010-07-26 01:28:12 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.)
javaws.exe -> C:\Windows\System32\javaws.exe -> [2010-07-26 01:28:12 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.)
javaw.exe -> C:\Windows\System32\javaw.exe -> [2010-07-26 01:28:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
java.exe -> C:\Windows\System32\java.exe -> [2010-07-26 01:28:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
atmfd.dll -> C:\Windows\System32\atmfd.dll -> [2010-07-26 01:00:03 | 000,289,792 | ---- | C] (Adobe Systems Incorporated)
atmlib.dll -> C:\Windows\System32\atmlib.dll -> [2010-07-26 01:00:03 | 000,034,304 | ---- | C] (Adobe Systems)
asycfilt.dll -> C:\Windows\System32\asycfilt.dll -> [2010-07-26 00:59:37 | 000,067,072 | ---- | C] (Microsoft Corporation)
Apphlpdm.dll -> C:\Windows\System32\Apphlpdm.dll -> [2010-07-26 00:59:20 | 000,028,672 | ---- | C] (Microsoft Corporation)
GameUXLegacyGDFs.dll -> C:\Windows\System32\GameUXLegacyGDFs.dll -> [2010-07-26 00:59:19 | 004,240,384 | ---- | C] (Microsoft)
msfeeds.dll -> C:\Windows\System32\msfeeds.dll -> [2010-07-26 00:58:48 | 000,599,040 | ---- | C] (Microsoft Corporation)
iedkcs32.dll -> C:\Windows\System32\iedkcs32.dll -> [2010-07-26 00:58:47 | 000,387,584 | ---- | C] (Microsoft Corporation)
mstime.dll -> C:\Windows\System32\mstime.dll -> [2010-07-26 00:58:46 | 000,611,840 | ---- | C] (Microsoft Corporation)
inetcpl.cpl -> C:\Windows\System32\inetcpl.cpl -> [2010-07-26 00:58:45 | 001,469,440 | ---- | C] (Microsoft Corporation)
ieui.dll -> C:\Windows\System32\ieui.dll -> [2010-07-26 00:58:44 | 000,164,352 | ---- | C] (Microsoft Corporation)
iepeers.dll -> C:\Windows\System32\iepeers.dll -> [2010-07-26 00:58:43 | 000,184,320 | ---- | C] (Microsoft Corporation)
ieUnatt.exe -> C:\Windows\System32\ieUnatt.exe -> [2010-07-26 00:58:43 | 000,133,632 | ---- | C] (Microsoft Corporation)
ie4uinit.exe -> C:\Windows\System32\ie4uinit.exe -> [2010-07-26 00:58:42 | 000,173,056 | ---- | C] (Microsoft Corporation)
iesysprep.dll -> C:\Windows\System32\iesysprep.dll -> [2010-07-26 00:58:42 | 000,109,056 | ---- | C] (Microsoft Corporation)
msfeedsbs.dll -> C:\Windows\System32\msfeedsbs.dll -> [2010-07-26 00:58:42 | 000,055,296 | ---- | C] (Microsoft Corporation)
jsproxy.dll -> C:\Windows\System32\jsproxy.dll -> [2010-07-26 00:58:42 | 000,025,600 | ---- | C] (Microsoft Corporation)
msfeedssync.exe -> C:\Windows\System32\msfeedssync.exe -> [2010-07-26 00:58:42 | 000,013,312 | ---- | C] (Microsoft Corporation)
mshtml.tlb -> C:\Windows\System32\mshtml.tlb -> [2010-07-26 00:58:41 | 001,638,912 | ---- | C] (Microsoft Corporation)
iesetup.dll -> C:\Windows\System32\iesetup.dll -> [2010-07-26 00:58:41 | 000,071,680 | ---- | C] (Microsoft Corporation)
iernonce.dll -> C:\Windows\System32\iernonce.dll -> [2010-07-26 00:58:41 | 000,055,808 | ---- | C] (Microsoft Corporation)
win32k.sys -> C:\Windows\System32\win32k.sys -> [2010-07-26 00:58:31 | 002,037,248 | ---- | C] (Microsoft Corporation)
ntkrnlpa.exe -> C:\Windows\System32\ntkrnlpa.exe -> [2010-07-25 23:38:32 | 003,600,776 | ---- | C] (Microsoft Corporation)
ntoskrnl.exe -> C:\Windows\System32\ntoskrnl.exe -> [2010-07-25 23:38:32 | 003,548,040 | ---- | C] (Microsoft Corporation)
vbscript.dll -> C:\Windows\System32\vbscript.dll -> [2010-07-25 23:38:28 | 000,420,352 | ---- | C] (Microsoft Corporation)
tzres.dll -> C:\Windows\System32\tzres.dll -> [2010-07-25 23:38:12 | 000,002,048 | ---- | C] (Microsoft Corporation)
l3codecp.acm -> C:\Windows\System32\l3codecp.acm -> [2010-07-25 23:36:13 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS)
l3codeca.acm -> C:\Windows\System32\l3codeca.acm -> [2010-07-25 23:36:13 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS)
browserchoice.exe -> C:\Windows\System32\browserchoice.exe -> [2010-07-25 22:08:11 | 000,293,376 | ---- | C] (Microsoft Corporation)

[Files/Folders - Modified Within 30 Days]
ntuser.dat -> C:\Users\Karina\ntuser.dat -> [2010-08-10 15:17:05 | 006,029,312 | -HS- | M] ()
hpqp.ini -> C:\Users\Public\Documents\hpqp.ini -> [2010-08-10 15:12:24 | 000,000,163 | ---- | M] ()
nvModes.001 -> C:\ProgramData\nvModes.001 -> [2010-08-10 15:12:08 | 000,064,448 | ---- | M] ()
GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2010-08-10 15:11:52 | 000,000,916 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2010-08-10 15:09:34 | 000,003,168 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2010-08-10 15:09:34 | 000,003,168 | -H-- | M] ()
SA.DAT -> C:\Windows\tasks\SA.DAT -> [2010-08-10 15:09:33 | 000,000,006 | -H-- | M] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2010-08-10 15:09:26 | 000,067,584 | --S- | M] ()
GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2010-08-10 01:08:48 | 000,000,920 | ---- | M] ()
nvModes.dat -> C:\ProgramData\nvModes.dat -> [2010-08-10 01:07:56 | 000,064,448 | ---- | M] ()
ntuser.dat{78e52992-d5c6-11dd-b054-001b24fc014d}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Karina\ntuser.dat{78e52992-d5c6-11dd-b054-001b24fc014d}.TMContainer00000000000000000001.regtrans-ms -> [2010-07-31 14:21:59 | 000,524,288 | -HS- | M] ()
ntuser.dat{78e52992-d5c6-11dd-b054-001b24fc014d}.TM.blf -> C:\Users\Karina\ntuser.dat{78e52992-d5c6-11dd-b054-001b24fc014d}.TM.blf -> [2010-07-31 14:21:59 | 000,065,536 | -HS- | M] ()
IconCache.db -> C:\Users\Karina\AppData\Local\IconCache.db -> [2010-07-31 14:21:49 | 002,899,232 | -H-- | M] ()
avast! Free Antivirus.lnk -> C:\Users\Public\Desktop\avast! Free Antivirus.lnk -> [2010-07-30 21:35:19 | 000,001,840 | ---- | M] ()
config.nt -> C:\Windows\System32\config.nt -> [2010-07-30 21:35:10 | 000,002,577 | ---- | M] ()
system.ini -> C:\Windows\system.ini -> [2010-07-29 22:27:05 | 000,000,215 | ---- | M] ()
Revo Uninstaller Pro.lnk -> C:\Users\Karina\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk -> [2010-07-28 22:06:39 | 000,000,985 | ---- | M] ()
hosts -> C:\Windows\System32\drivers\etc\hosts -> [2010-07-27 09:42:00 | 000,000,027 | ---- | M] ()
Msft_Kernel_SynTP_01009.Wdf -> C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf -> [2010-07-27 00:04:54 | 000,000,000 | -H-- | M] ()
MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf -> C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf -> [2010-07-27 00:04:38 | 000,000,000 | -H-- | M] ()
PerfStringBackup.INI -> C:\Windows\System32\PerfStringBackup.INI -> [2010-07-26 23:49:14 | 001,218,672 | ---- | M] ()
perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2010-07-26 23:49:14 | 000,587,178 | ---- | M] ()
perfh006.dat -> C:\Windows\System32\perfh006.dat -> [2010-07-26 23:49:14 | 000,463,344 | ---- | M] ()
perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2010-07-26 23:49:14 | 000,101,250 | ---- | M] ()
perfc006.dat -> C:\Windows\System32\perfc006.dat -> [2010-07-26 23:49:14 | 000,077,202 | ---- | M] ()
Malwarebytes.docx -> C:\Users\Karina\Documents\Malwarebytes.docx -> [2010-07-26 23:06:20 | 000,009,964 | ---- | M] ()
CyberLink YouCam.lnk -> C:\Users\Karina\Desktop\CyberLink YouCam.lnk -> [2010-07-26 22:21:32 | 000,000,928 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Karina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010-07-26 13:52:36 | 000,065,536 | ---- | M] ()
Advanced SystemCare.lnk -> C:\Users\Karina\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk -> [2010-07-26 13:30:55 | 000,001,038 | ---- | M] ()
FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2010-07-26 11:00:31 | 002,312,880 | ---- | M] ()
_MSRSTRT.EXE -> C:\Windows\_MSRSTRT.EXE -> [2010-07-26 01:12:36 | 000,002,560 | ---- | M] ()
GDIPFONTCACHEV1.DAT -> C:\Users\Karina\AppData\Local\GDIPFONTCACHEV1.DAT -> [2010-07-25 22:19:57 | 000,103,728 | ---- | M] ()
Valg af webbrowser.lnk -> C:\Users\Public\Desktop\Valg af webbrowser.lnk -> [2010-07-25 22:19:07 | 000,001,589 | ---- | M] ()

[Files - No Company Name]
avast! Free Antivirus.lnk -> C:\Users\Public\Desktop\avast! Free Antivirus.lnk -> [2010-07-30 21:35:19 | 000,001,840 | ---- | C] ()
IconCache.db -> C:\Users\Karina\AppData\Local\IconCache.db -> [2010-07-29 22:36:53 | 002,899,232 | -H-- | C] ()
PEV.exe -> C:\Windows\PEV.exe -> [2010-07-27 09:22:17 | 000,256,512 | ---- | C] ()
sed.exe -> C:\Windows\sed.exe -> [2010-07-27 09:22:17 | 000,098,816 | ---- | C] ()
grep.exe -> C:\Windows\grep.exe -> [2010-07-27 09:22:17 | 000,080,412 | ---- | C] ()
MBR.exe -> C:\Windows\MBR.exe -> [2010-07-27 09:22:17 | 000,077,312 | ---- | C] ()
zip.exe -> C:\Windows\zip.exe -> [2010-07-27 09:22:17 | 000,068,096 | ---- | C] ()
Msft_Kernel_SynTP_01009.Wdf -> C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf -> [2010-07-27 00:04:54 | 000,000,000 | -H-- | C] ()
MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf -> C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf -> [2010-07-27 00:04:38 | 000,000,000 | -H-- | C] ()
MsftWdf_Kernel_01009_Inbox_Critical.Wdf -> C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf -> [2010-07-27 00:03:28 | 000,000,003 | ---- | C] ()
winrm.vbs -> C:\Windows\System32\winrm.vbs -> [2010-07-26 23:51:08 | 000,201,184 | ---- | C] ()
wsmanconfig_schema.xml -> C:\Windows\System32\wsmanconfig_schema.xml -> [2010-07-26 23:51:08 | 000,004,675 | ---- | C] ()
WsmTxt.xsl -> C:\Windows\System32\WsmTxt.xsl -> [2010-07-26 23:51:08 | 000,002,426 | ---- | C] ()
CyberLink YouCam.lnk -> C:\Users\Karina\Desktop\CyberLink YouCam.lnk -> [2010-07-26 22:21:32 | 000,000,928 | ---- | C] ()
desktop.ini -> C:\Users\Karina\AppData\Roaming\desktop.ini -> [2010-07-26 21:19:10 | 000,000,006 | -HS- | C] ()
desktop.ini -> C:\Users\Karina\AppData\Local\desktop.ini -> [2010-07-26 21:19:10 | 000,000,006 | -HS- | C] ()
Advanced SystemCare.lnk -> C:\Users\Karina\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk -> [2010-07-26 13:30:55 | 000,001,038 | ---- | C] ()
Revo Uninstaller Pro.lnk -> C:\Users\Karina\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk -> [2010-07-26 12:16:07 | 000,000,985 | ---- | C] ()
_MSRSTRT.EXE -> C:\Windows\_MSRSTRT.EXE -> [2010-07-26 01:12:34 | 000,002,560 | ---- | C] ()
Malwarebytes.docx -> C:\Users\Karina\Documents\Malwarebytes.docx -> [2010-07-25 23:54:34 | 000,009,964 | ---- | C] ()
Valg af webbrowser.lnk -> C:\Users\Public\Desktop\Valg af webbrowser.lnk -> [2010-07-25 22:19:07 | 000,001,589 | ---- | C] ()
EhStorAuthn.dll -> C:\Windows\System32\EhStorAuthn.dll -> [2009-09-17 20:57:38 | 000,117,248 | ---- | C] ()
OGACheckControl.dll -> C:\Windows\System32\OGACheckControl.dll -> [2009-08-03 15:07:42 | 000,403,816 | ---- | C] ()
d3dx9.dll -> C:\Windows\System32\d3dx9.dll -> [2009-01-22 16:32:00 | 001,970,176 | ---- | C] ()
rixdicon.dll -> C:\Windows\System32\rixdicon.dll -> [2008-01-05 16:27:48 | 000,016,480 | ---- | C] ()
GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2006-11-02 14:37:35 | 000,037,665 | ---- | C] ()
GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2006-11-02 14:37:35 | 000,029,779 | ---- | C] ()
GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2006-11-02 14:37:35 | 000,026,489 | ---- | C] ()
GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2006-11-02 14:37:35 | 000,026,040 | ---- | C] ()
sysprepMCE.dll -> C:\Windows\System32\sysprepMCE.dll -> [2006-11-02 14:35:32 | 000,005,632 | ---- | C] ()
igfxTMM.dll -> C:\Windows\System32\igfxTMM.dll -> [2006-11-02 12:25:21 | 000,061,440 | ---- | C] ()
pacerprf.ini -> C:\Windows\System32\pacerprf.ini -> [2006-11-02 09:40:29 | 000,013,750 | ---- | C] ()
WdfCoInstaller01000.dll -> C:\Windows\System32\WdfCoInstaller01000.dll -> [2006-03-10 00:58:00 | 001,060,424 | ---- | C] ()
sysgtime.dll -> C:\Windows\sysgtime.dll -> [2000-01-07 02:00:00 | 000,024,448 | ---- | C] ()
proclsvr.drv -> C:\Windows\System32\proclsvr.drv -> [2000-01-07 02:00:00 | 000,024,448 | ---- | C] ()

[Alternate Data Streams]
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
[/code]

klik