CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede escape4ever Novice
27. december 2013 - 14:05 Der er 13 kommentarer og
1 løsning

windows 32 filer mangler

hej jeg har et problem ifølge en hijackthis log så er der nogle system32 filer der mangler og nogle der har en ukendt ejer

logen er her
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 13:59:09, on 27-12-2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16384)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Jesper\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.dk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1386510044&from=cor&uid=TOSHIBAXMK7559GSXP_125LC13TTXX125LC13TT&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1386510044&from=cor&uid=TOSHIBAXMK7559GSXP_125LC13TTXX125LC13TT&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Jesper\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: S&end til OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Sammenkædede OneNote-noter - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Sammenkædede OneNote-noter - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\AdminService.exe (file missing)
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Tjeneste (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Tjeneste (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10410 bytes

nogle med et forslag til hvad jeg kan gøre? eller er et bare et frisk OS på den

styresystemet er Windows 8.1 pro x64
Avatar billede magictouch Nybegynder
27. december 2013 - 14:55 #1
Hej


Filerne mangler ikke, årsagen er at hijackthis er er et ældre program, som ikke er blevet opdateret til nutidens styresystemer  ☺


Har du ellers nogen "problemer" ?
Avatar billede escape4ever Novice
27. december 2013 - 15:58 #2
ja den har det med at fryse når jeg bruger nettet, både på Explorer og Chrome
Avatar billede magictouch Nybegynder
27. december 2013 - 17:30 #3
Ok, så lad os lige tjekke om du har nogen "spændende" værktøjsl inger, eller andet skrammel    ;-)


Hent: http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

af Xplode, og gem den på dit Skrivebord.

AdwCleaner Fjerner:
· Adwares (software annoncer)
· PUP / LPI (Potentielt Uønsket Program)
· UønskedeVærktøjslinjer
· Hijacker (Hijack af browseren hjemmeside)


Dobbeltklik på adwcleaner.exe.
Klik på Scan, derefter på Clean.
Bekræft hver gang med OK.
Din computer vil (muligvis) blive genstartet automatisk.
En tekstfil åbnes efter genstart.
Kopier venligst indholdet af denne logfil i dit næste svar.
Du kan finde logfilen her C: \ AdwCleaner [Sn]


Hent:  http://thisisudax.org/downloads/JRT.exe     

Til skrivebordet.


Højreklik museklik JRT.exe og vælge Kør som administrator
Værktøjet vil åbne og begynde at scanne dit system.
Vær tålmodig, da det kan tage et stykke tid at fuldføre.
Ved afslutningen er en log (JRT.txt) gemt på dit skrivebord og vil automatisk åbne.
Kopier indholdet af JRT.txt ind i din næste besked.
Avatar billede escape4ever Novice
27. december 2013 - 21:03 #4
log adw
# AdwCleaner v3.016 - Report created 27/12/2013 at 20:19:17
# Updated 23/12/2013 by Xplode
# Operating System : Windows 8.1 Pro  (64 bits)
# Username : Jesper - NINJA
# Running from : C:\Users\Jesper\Desktop\adwcleaner (1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\WPM
File Deleted : C:\Users\Jesper\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
File Deleted : C:\Users\Jesper\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
File Deleted : C:\Users\Jesper\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\aartemisSoftware
Key Deleted : HKLM\Software\supWPM

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Jesper\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R1].txt - [2396 octets] - [27/12/2013 20:17:34]
AdwCleaner[S0].txt - [1851 octets] - [27/12/2013 20:19:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1911 octets] ##########

log jrt
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8.1 Pro x64
Ran by Jesper on 27-12-2013 at 20:18:19,99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27-12-2013 at 20:22:06,35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Avatar billede magictouch Nybegynder
28. december 2013 - 07:40 #5
Har det hjulpet på tingene  ?
Avatar billede escape4ever Novice
28. december 2013 - 09:46 #6
den gjorde ikke rigtig noget så nej desværre :( den har det stadig med at fryse især når den bruger shockwave, tror måske det er fordi der er problemer med det i win 8, men den har også lige sagt skærmkort er stoppet med at fungere, det kom så igen nogle sec efter men der er noget galt, når den gør det
Avatar billede magictouch Nybegynder
28. december 2013 - 09:59 #7
Skammeligt, men så lad os tage et nærmere kig på tingene.



Hent Farbar Recovery Scan:



Til 64 bit Windows, hent:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Og den skal gemmes på skrivebordet



Åbn Farbar Recovery Scan, sæt flueben ved Addition.txt  Kør så en scan med Farbar Recovery Scan.

Når scanningen er færdig, har du to (2) log filer på skrivebordet -  FRST.txt  og  Addition.txt som du bedes kopiere herind.


Da de er forholdsvis lange, skal du nok sende dem i flere indlæg.
Avatar billede escape4ever Novice
29. december 2013 - 12:40 #8
FRST
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013
Ran by Jesper (administrator) on NINJA on 29-12-2013 12:32:02
Running from C:\Users\Jesper\Downloads
Windows 8.1 Pro (X64) OS Language: Danish
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [vmware-tray.exe] - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104528 2013-02-26] (VMware, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Jesper\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-11-23] (Spotify Ltd)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563096 2013-12-20] (SUPERAntiSpyware)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.dk/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Tcpip\Parameters: [DhcpNameServer] 77.68.254.42 77.68.254.170 192.168.1.1

Chrome:
=======
CHR HomePage: hxxp://www.google.dk/
CHR RestoreOnStartup: "hxxp://www.google.dk/"
CHR Extension: (Floorplanner) - C:\Users\Jesper\AppData\Local\Google\Chrome\User Data\Default\Extensions\abopacaefhbognnmeigicfpgnmpideag\13_0
CHR Extension: (Angry Birds) - C:\Users\Jesper\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (Google Docs) - C:\Users\Jesper\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Jesper\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Jesper\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Jesper\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Hola Better Internet) - C:\Users\Jesper\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.2.258_0
CHR Extension: (Google Wallet) - C:\Users\Jesper\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Jesper\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR Extension: (RSS Feed Reader) - C:\Users\Jesper\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp\5.2.2_0

==================== Services (Whitelisted) =================

S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
S2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2013-06-25] (Atheros Commnucations)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [13242960 2013-02-26] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 VMSMP; \SystemRoot\system32\DRIVERS\vmswitch.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-29 12:32 - 2013-12-29 12:33 - 00010908 _____ C:\Users\Jesper\Downloads\FRST.txt
2013-12-29 12:31 - 2013-12-29 12:31 - 00000000 ____D C:\FRST
2013-12-29 12:30 - 2013-12-29 12:30 - 01931262 _____ (Farbar) C:\Users\Jesper\Downloads\FRST64.exe
2013-12-29 10:27 - 2013-12-29 10:27 - 00819176 _____ (Google Inc.) C:\Users\Jesper\Downloads\ChromeSetup.exe
2013-12-28 20:34 - 2013-12-28 20:34 - 00000000 ____D C:\WINDOWS\LastGood
2013-12-28 20:30 - 2013-12-28 20:30 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-12-28 10:07 - 2013-12-29 10:13 - 00002215 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-27 20:18 - 2013-12-27 20:18 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-27 20:17 - 2013-12-27 20:17 - 01034531 _____ (Thisisu) C:\Users\Jesper\Desktop\JRT.exe
2013-12-27 20:16 - 2013-12-27 20:19 - 00000000 ____D C:\AdwCleaner
2013-12-27 20:16 - 2013-12-27 20:15 - 01233962 _____ C:\Users\Jesper\Desktop\adwcleaner (1).exe
2013-12-27 12:51 - 2013-12-27 12:51 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2013-12-26 20:01 - 2013-12-26 20:01 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2013-12-26 20:01 - 2013-12-26 20:01 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2013-12-26 20:01 - 2013-12-26 20:01 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2013-12-26 20:01 - 2013-12-26 20:01 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2013-12-26 20:00 - 2013-12-26 20:11 - 00000000 ____D C:\Users\Jesper\Documents\GTA San Andreas User Files
2013-12-23 21:56 - 2013-12-23 21:56 - 00003112 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2013-12-23 21:53 - 2013-12-23 21:56 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-12-23 21:15 - 2013-12-23 21:15 - 00000000 ____D C:\ProgramData\Intel
2013-12-23 21:15 - 2013-12-23 21:15 - 00000000 ____D C:\Program Files\Intel
2013-12-23 21:15 - 2012-07-02 15:16 - 00062784 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\HECIx64.sys
2013-12-23 21:14 - 2013-12-23 21:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-23 21:14 - 2013-12-23 21:14 - 00000000 ____D C:\Users\Jesper\AppData\Roaming\InstallShield
2013-12-23 21:00 - 2013-12-23 21:00 - 00000885 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2013-12-23 21:00 - 2013-12-23 21:00 - 00000000 ____D C:\Program Files\CPUID
2013-12-22 22:08 - 2013-12-22 22:18 - 49542265 _____ C:\Users\Jesper\Downloads\Beach Town Project 2.0.zip
2013-12-22 14:35 - 2013-12-22 14:40 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-22 14:35 - 2013-12-22 14:35 - 00089304 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2013-12-22 13:23 - 2013-12-22 13:23 - 00001820 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-12-22 13:23 - 2013-12-22 13:23 - 00000000 ____D C:\Users\Jesper\AppData\Roaming\SUPERAntiSpyware.com
2013-12-22 13:23 - 2013-12-22 13:23 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-12-22 13:23 - 2013-12-22 13:23 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-12-22 13:22 - 2013-12-22 13:22 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-22 13:22 - 2013-12-22 13:22 - 00000000 ____D C:\Users\Jesper\AppData\Roaming\Malwarebytes
2013-12-22 13:22 - 2013-12-22 13:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-22 13:22 - 2013-12-22 13:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-22 13:22 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-22 13:16 - 2013-12-22 13:16 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jesper\Desktop\HijackThis.exe
2013-12-22 09:55 - 2013-12-22 09:55 - 00000000 ____D C:\Users\Jesper\AppData\Local\NBTExplorer
2013-12-22 09:54 - 2013-12-22 09:54 - 00000000 ____D C:\Program Files (x86)\NBTExplorer
2013-12-18 22:35 - 2013-12-27 14:16 - 00000000 ____D C:\Users\Jesper\Downloads\Hair (1979) BDRip 1080p DTS multisub HUN HighCode-PHD
2013-12-17 21:30 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2013-12-17 21:30 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2013-12-17 21:30 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2013-12-17 21:30 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2013-12-17 21:29 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2013-12-17 21:29 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2013-12-17 21:28 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2013-12-17 21:28 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2013-12-17 20:11 - 2013-12-17 20:11 - 00000501 _____ C:\Users\Jesper\Desktop\Software (Nas).lnk
2013-12-17 20:11 - 2013-12-17 20:11 - 00000489 _____ C:\Users\Jesper\Desktop\Spil (Nas).lnk
2013-12-17 20:11 - 2013-12-17 20:11 - 00000489 _____ C:\Users\Jesper\Desktop\Film (Nas).lnk
2013-12-17 19:29 - 2013-12-17 19:37 - 27590656 _____ C:\WINDOWS\system32\vmguest.iso
2013-12-15 08:48 - 2013-11-12 00:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-15 08:48 - 2013-11-12 00:24 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-15 08:48 - 2013-11-09 07:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-15 08:48 - 2013-11-08 11:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-15 08:48 - 2013-11-08 05:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-15 08:48 - 2013-11-08 05:28 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-15 08:48 - 2013-11-08 05:26 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-15 08:48 - 2013-11-08 05:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-15 08:48 - 2013-11-08 04:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-15 08:48 - 2013-11-05 15:03 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-15 08:48 - 2013-11-05 14:57 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-15 08:48 - 2013-11-05 14:32 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-15 08:48 - 2013-11-04 18:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-15 08:48 - 2013-11-04 11:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-15 08:48 - 2013-11-01 07:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-15 08:48 - 2013-10-31 01:58 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-15 08:48 - 2013-10-31 01:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-15 08:48 - 2013-10-17 12:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-15 08:47 - 2013-11-12 00:41 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-15 08:47 - 2013-11-12 00:40 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-15 08:47 - 2013-11-11 03:48 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-15 08:47 - 2013-11-09 12:55 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-15 08:47 - 2013-11-09 06:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-15 08:47 - 2013-11-08 06:23 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2013-12-15 08:47 - 2013-11-08 05:42 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2013-12-15 08:47 - 2013-11-08 05:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-15 08:47 - 2013-11-08 05:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-15 08:47 - 2013-11-08 04:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-15 08:47 - 2013-11-05 15:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-15 08:47 - 2013-11-05 14:33 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-15 08:47 - 2013-11-04 18:13 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-15 08:47 - 2013-11-04 14:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-15 08:47 - 2013-11-04 12:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-15 08:47 - 2013-11-04 03:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-15 08:47 - 2013-11-04 02:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-15 08:47 - 2013-11-01 12:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-15 08:47 - 2013-11-01 06:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-15 08:47 - 2013-10-31 01:33 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-15 08:47 - 2013-10-31 01:33 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-15 08:47 - 2013-10-31 01:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-15 08:47 - 2013-10-31 01:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-15 08:47 - 2013-10-26 02:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-15 08:47 - 2013-10-24 10:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-15 08:47 - 2013-10-24 10:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-15 08:47 - 2013-10-17 11:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-15 08:47 - 2013-10-05 15:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-15 08:47 - 2013-10-05 15:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-15 08:47 - 2013-10-05 13:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-15 08:47 - 2013-10-05 13:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-13 20:39 - 2013-11-23 05:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-13 20:39 - 2013-11-23 05:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-13 20:38 - 2013-11-23 04:32 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-13 20:38 - 2013-11-23 04:10 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-13 20:38 - 2013-11-09 07:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-13 20:38 - 2013-11-09 07:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-13 20:38 - 2013-11-09 06:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-12 21:41 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-12 21:41 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-12 21:41 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-12 21:41 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-12 21:41 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-12 21:41 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-12 21:41 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-12 21:41 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-12 21:41 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-12 21:41 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-12 21:41 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-12 21:41 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-12 21:41 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-12 21:41 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-12 21:41 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-12 21:41 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-12 21:41 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-12 21:41 - 2013-11-08 08:21 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-12 21:41 - 2013-10-19 09:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-12 21:41 - 2013-10-19 08:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-12 21:41 - 2013-10-15 09:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-12 21:41 - 2013-10-15 09:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-09 10:12 - 2013-12-15 10:22 - 00000000 ____D C:\Users\Jesper\AppData\Roaming\FileZilla
2013-12-09 10:11 - 2013-12-09 10:11 - 00002016 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2013-12-09 10:11 - 2013-12-09 10:11 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2013-12-08 14:52 - 2013-12-10 20:32 - 00000000 ____D C:\Users\Jesper\Downloads\MAME
2013-12-02 21:11 - 2013-12-02 21:12 - 00000000 ____D C:\Users\Jesper\AppData\Local\NVIDIA Corporation
2013-11-29 20:53 - 2013-11-29 20:57 - 00000000 ____D C:\Users\Jesper\Documents\RCT3
2013-11-29 20:53 - 2013-11-29 20:53 - 00000000 ____D C:\Users\Jesper\AppData\Roaming\Atari
2013-11-29 16:40 - 2013-11-29 16:40 - 00000000 ____D C:\Users\Jesper\AppData\Local\Unity

==================== One Month Modified Files and Folders =======

2013-12-29 12:33 - 2013-12-29 12:32 - 00010908 _____ C:\Users\Jesper\Downloads\FRST.txt
2013-12-29 12:31 - 2013-12-29 12:31 - 00000000 ____D C:\FRST
2013-12-29 12:30 - 2013-12-29 12:30 - 01931262 _____ (Farbar) C:\Users\Jesper\Downloads\FRST64.exe
2013-12-29 12:22 - 2013-11-10 16:35 - 00003916 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F8C3545C-6CF6-4727-B91E-76AEE3ECD9CE}
2013-12-29 12:01 - 2013-11-10 16:21 - 01914107 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-29 12:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-29 11:50 - 2013-11-10 16:39 - 00000944 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-29 11:46 - 2013-11-11 19:44 - 00000000 ____D C:\Users\Jesper\AppData\Roaming\.minecraft
2013-12-29 11:43 - 2013-11-20 19:26 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-29 11:20 - 2013-11-10 11:18 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2185787897-1016093282-3948508204-1001
2013-12-29 11:06 - 2013-11-10 16:23 - 01314860 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-29 11:06 - 2013-09-30 04:56 - 00432072 _____ C:\WINDOWS\system32\perfh006.dat
2013-12-29 11:06 - 2013-09-30 04:56 - 00072990 _____ C:\WINDOWS\system32\perfc006.dat
2013-12-29 10:27 - 2013-12-29 10:27 - 00819176 _____ (Google Inc.) C:\Users\Jesper\Downloads\ChromeSetup.exe
2013-12-29 10:13 - 2013-12-28 10:07 - 00002215 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-29 10:13 - 2013-11-10 16:39 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-28 20:34 - 2013-12-28 20:34 - 00000000 ____D C:\WINDOWS\LastGood
2013-12-28 20:31 - 2013-11-14 21:01 - 00000000 ____D C:\ProgramData\VMware
2013-12-28 20:31 - 2013-11-10 11:38 - 00000000 ____D C:\Program Files (x86)\Intel
2013-12-28 20:31 - 2013-09-29 20:02 - 00009140 _____ C:\WINDOWS\PFRO.log
2013-12-28 20:31 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-28 20:31 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2013-12-28 20:30 - 2013-12-28 20:30 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-12-28 19:27 - 2013-11-10 16:31 - 00000000 __RDO C:\Users\Jesper\SkyDrive
2013-12-28 18:53 - 2013-11-10 16:11 - 00000000 ____D C:\Users\Jesper
2013-12-28 10:07 - 2013-11-10 16:39 - 00000000 ____D C:\Users\Jesper\AppData\Local\Google
2013-12-28 09:54 - 2013-11-14 22:40 - 00208896 ___SH C:\Users\Jesper\Downloads\Thumbs.db
2013-12-28 09:42 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2013-12-27 20:19 - 2013-12-27 20:16 - 00000000 ____D C:\AdwCleaner
2013-12-27 20:18 - 2013-12-27 20:18 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-27 20:17 - 2013-12-27 20:17 - 01034531 _____ (Thisisu) C:\Users\Jesper\Desktop\JRT.exe
2013-12-27 20:17 - 2013-11-13 21:55 - 00000000 ____D C:\Users\Jesper\AppData\Roaming\uTorrent
2013-12-27 20:15 - 2013-12-27 20:16 - 01233962 _____ C:\Users\Jesper\Desktop\adwcleaner (1).exe
2013-12-27 17:58 - 2013-11-26 19:48 - 393150464 ____R C:\Users\Jesper\Downloads\Il.Sole.Dentro.2012.DVD5.TRL.iso
2013-12-27 15:55 - 2013-11-22 18:44 - 00000000 ____D C:\Users\Jesper\AppData\Roaming\vlc
2013-12-27 14:16 - 2013-12-18 22:35 - 00000000 ____D C:\Users\Jesper\Downloads\Hair (1979) BDRip 1080p DTS multisub HUN HighCode-PHD
2013-12-27 12:51 - 2013-12-27 12:51 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2013-12-27 12:46 - 2012-07-26 06:37 - 00000000 ____D C:\Users\Default.migrated
2013-12-27 11:31 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-27 11:04 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-27 10:59 - 2013-11-10 11:10 - 00000000 ____D C:\Users\Jesper\AppData\Local\Packages
2013-12-26 20:11 - 2013-12-26 20:00 - 00000000 ____D C:\Users\Jesper\Documents\GTA San Andreas User Files
2013-12-26 20:01 - 2013-12-26 20:01 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2013-12-26 20:01 - 2013-12-26 20:01 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2013-12-26 20:01 - 2013-12-26 20:01 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2013-12-26 20:01 - 2013-12-26 20:01 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2013-12-26 20:01 - 2013-12-26 20:01 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2013-12-23 21:56 - 2013-12-23 21:56 - 00003112 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2013-12-23 21:56 - 2013-12-23 21:53 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-12-23 21:15 - 2013-12-23 21:15 - 00000000 ____D C:\ProgramData\Intel
2013-12-23 21:15 - 2013-12-23 21:15 - 00000000 ____D C:\Program Files\Intel
2013-12-23 21:15 - 2012-07-24 11:16 - 00645952 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorA.sys
2013-12-23 21:14 - 2013-12-23 21:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-23 21:14 - 2013-12-23 21:14 - 00000000 ____D C:\Users\Jesper\AppData\Roaming\InstallShield
2013-12-23 21:00 - 2013-12-23 21:00 - 00000885 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2013-12-23 21:00 - 2013-12-23 21:00 - 00000000 ____D C:\Program Files\CPUID
2013-12-22 22:18 - 2013-12-22 22:08 - 49542265 _____ C:\Users\Jesper\Downloads\Beach Town Project 2.0.zip
2013-12-22 14:40 - 2013-12-22 14:35 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-22 14:35 - 2013-12-22 14:35 - 00089304 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2013-12-22 13:23 - 2013-12-22 13:23 - 00001820 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-12-22 13:23 - 2013-12-22 13:23 - 00000000 ____D C:\Users\Jesper\AppData\Roaming\SUPERAntiSpyware.com
2013-12-22 13:23 - 2013-12-22 13:23 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-12-22 13:23 - 2013-12-22 13:23 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-12-22 13:22 - 2013-12-22 13:22 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-22 13:22 - 2013-12-22 13:22 - 00000000 ____D C:\Users\Jesper\AppData\Roaming\Malwarebytes
2013-12-22 13:22 - 2013-12-22 13:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-22 13:22 - 2013-12-22 13:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-22 13:16 - 2013-12-22 13:16 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jesper\Desktop\HijackThis.exe
2013-12-22 09:55 - 2013-12-22 09:55 - 00000000 ____D C:\Users\Jesper\AppData\Local\NBTExplorer
2013-12-22 09:54 - 2013-12-22 09:54 - 00000000 ____D C:\Program Files (x86)\NBTExplorer
2013-12-18 22:09 - 2013-11-14 21:05 - 00000000 ____D C:\Users\Jesper\AppData\Roaming\VMware
2013-12-18 22:09 - 2013-11-14 21:05 - 00000000 ____D C:\Users\Jesper\AppData\Local\VMware
2013-12-18 20:18 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2013-12-17 21:29 - 2013-08-22 15:46 - 00337728 _____ C:\WINDOWS\setupact.log
2013-12-17 20:37 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\schemas
2013-12-17 20:34 - 2013-11-14 21:08 - 00000000 ____D C:\Users\Jesper\Documents\Virtual Machines
2013-12-17 20:11 - 2013-12-17 20:11 - 00000501 _____ C:\Users\Jesper\Desktop\Software (Nas).lnk
2013-12-17 20:11 - 2013-12-17 20:11 - 00000489 _____ C:\Users\Jesper\Desktop\Spil (Nas).lnk
2013-12-17 20:11 - 2013-12-17 20:11 - 00000489 _____ C:\Users\Jesper\Desktop\Film (Nas).lnk
2013-12-17 19:57 - 2013-11-14 20:50 - 00000000 ____D C:\Users\Jesper\MEDION NAS TOOL
2013-12-17 19:37 - 2013-12-17 19:29 - 27590656 _____ C:\WINDOWS\system32\vmguest.iso
2013-12-16 20:02 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-16 20:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-12-16 20:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-12-16 20:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-12-16 20:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-12-16 20:01 - 2013-11-10 13:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-16 20:00 - 2013-11-10 13:16 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-15 10:22 - 2013-12-09 10:12 - 00000000 ____D C:\Users\Jesper\AppData\Roaming\FileZilla
2013-12-13 20:05 - 2013-08-22 15:44 - 00473920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-12 22:21 - 2013-11-19 18:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-10 20:32 - 2013-12-08 14:52 - 00000000 ____D C:\Users\Jesper\Downloads\MAME
2013-12-10 03:13 - 2013-11-21 20:57 - 01100248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2013-12-10 03:13 - 2013-11-21 20:57 - 00982232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2013-12-09 10:11 - 2013-12-09 10:11 - 00002016 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2013-12-09 10:11 - 2013-12-09 10:11 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2013-12-08 14:41 - 2013-11-10 16:29 - 00001450 _____ C:\Users\Jesper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-07 14:23 - 2013-11-10 18:47 - 00000000 ____D C:\Users\Jesper\AppData\Local\Adobe
2013-12-05 19:45 - 2013-11-10 11:11 - 00000000 ____D C:\Users\Jesper\AppData\Local\VirtualStore
2013-12-05 16:16 - 2013-11-19 18:21 - 00000000 ____D C:\Users\Jesper\Citrix
2013-12-05 09:42 - 2013-12-17 21:28 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2013-12-05 09:42 - 2013-12-17 21:28 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2013-12-05 09:42 - 2013-11-21 20:54 - 00035104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2013-12-04 01:05 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:05 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-03 16:45 - 2013-11-10 16:39 - 00003916 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-03 16:45 - 2013-11-10 16:39 - 00003680 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-02 21:13 - 2013-11-21 21:03 - 00000000 ____D C:\Users\Jesper\AppData\Local\NVIDIA
2013-12-02 21:12 - 2013-12-02 21:11 - 00000000 ____D C:\Users\Jesper\AppData\Local\NVIDIA Corporation
2013-12-02 21:11 - 2013-11-10 11:31 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-02 21:11 - 2013-11-10 11:30 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-02 21:11 - 2013-11-10 11:29 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-02 21:11 - 2013-11-10 11:29 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-01 13:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-11-29 20:57 - 2013-11-29 20:53 - 00000000 ____D C:\Users\Jesper\Documents\RCT3
2013-11-29 20:53 - 2013-11-29 20:53 - 00000000 ____D C:\Users\Jesper\AppData\Roaming\Atari
2013-11-29 16:40 - 2013-11-29 16:40 - 00000000 ____D C:\Users\Jesper\AppData\Local\Unity

Files to move or delete:
====================
C:\Users\Jesper\CTX.DAT


Some content of TEMP:
====================
C:\Users\Jesper\AppData\Local\Temp\805F030E.dll
C:\Users\Jesper\AppData\Local\Temp\815CEC50.dll
C:\Users\Jesper\AppData\Local\Temp\8A7F614F.dll
C:\Users\Jesper\AppData\Local\Temp\8A8D0EA2.dll
C:\Users\Jesper\AppData\Local\Temp\ose00000.exe
C:\Users\Jesper\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-28 19:27

==================== End Of Log ============================
Avatar billede escape4ever Novice
29. december 2013 - 12:41 #9
ADDITION
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2013
Ran by Jesper at 2013-12-29 12:35:56
Running from C:\Users\Jesper\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU Version: 3.3.2.30303)
Adobe AIR (x32 Version: 3.9.0.1030)
Adobe Reader XI (11.0.05) - Dansk (x32 Version: 11.0.05)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.7.148)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Apple-programunderstøttelse (x32 Version: 2.3.6)
ASUS Live Update (x32 Version: 3.1.9)
ATK Package (x32 Version: 1.0.0023)
Bonjour (Version: 3.0.0.10)
CPUID CPU-Z 1.67.1
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Desperados - Wanted Dead or Alive (x32)
Desperados 2: Cooper's Revenge (x32)
FileZilla Client 3.7.3 (x32 Version: 3.7.3)
GeForce Experience NvStream Client Components (Version: 1.6.28)
Google Chrome (x32 Version: 31.0.1650.63)
Google Earth (x32 Version: 7.1.2.2041)
Google Update Helper (x32 Version: 1.3.22.3)
Grand Theft Auto: San Andreas (x32)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MEDION NAS TOOL (x32)
Microsoft Office Access MUI (Danish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (Danish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (Danish) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (Danish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (Danish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (Danish) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (Danish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Professionel Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Danish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Swedish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (Danish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (Danish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 32-bit MUI (Danish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (Danish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (Danish) 2010 (Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
NBTExplorer (x32 Version: 2.6.1.0)
NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1)
NVIDIA Grafikdriver 331.82 (Version: 331.82)
NVIDIA HD-lyddriver 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.142.992)
NVIDIA Kontrolpanel 331.82 (Version: 331.82)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA Network Service (Version: 1.0)
NVIDIA Opdateringer 10.11.15 (Version: 10.11.15)
NVIDIA Optimus Update 10.11.15 (Version: 10.11.15)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15)
NVIDIA Update Core (Version: 10.11.15)
NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19)
Oracle VM VirtualBox 4.3.2 (Version: 4.3.2)
RollerCoaster Tycoon 3: Platinum! (x32)
SABnzbd 0.7.16 (x32 Version: 0.7.16)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
SHIELD Streaming (Version: 1.6.85)
Spotify (HKCU Version: 0.9.6.72.ge389c074)
Steam (x32)
SUPERAntiSpyware (Version: 5.7.1016)
swMSM (x32 Version: 12.0.0.1)
tools-freebsd (x32 Version: 9.2.3.1031769)
tools-linux (x32 Version: 9.2.3.1031769)
tools-netware (x32 Version: 9.2.3.1031769)
tools-solaris (x32 Version: 9.2.3.1031769)
tools-windows (x32 Version: 9.2.3.1031769)
tools-winPre2k (x32 Version: 9.2.3.1031769)
Unity Web Player (HKCU Version: )
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition
VLC media player 2.1.1 (Version: 2.1.1)
VMware Workstation (Version: 9.0.2)
VMware Workstation (x32 Version: 9.0.2)

==================== Restore Points  =========================

12-12-2013 21:05:26 Windows Update
14-12-2013 07:37:16 Installationsprogram til Windows-moduler
17-12-2013 18:21:11 Installationsprogram til Windows-moduler
22-12-2013 08:53:54 Installed NBTExplorer
23-12-2013 20:23:19 Installed ASUS Live Update
26-12-2013 19:01:07 Installationsprogram til Windows-moduler

==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {339F637F-1731-4D07-9C32-D32FBE20FF45} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-10] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4049F2EC-76CC-4DF2-B9C8-81E170C84C85} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6004D885-2B55-47B9-822F-D63E81BA4954} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\System32\MRT.exe [2013-12-16] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C0D94DF5-A70E-47BD-A479-37227406F938} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-10] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DBAE5C67-E90A-4C6E-BD75-7E82A7ED6D95} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 02:36 - 2013-11-14 12:58 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-20 20:19 - 2013-11-20 20:19 - 00183808 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\ErrorReporting.dll
2013-12-29 11:46 - 2013-12-29 11:46 - 00306176 _____ () C:\Users\Jesper\AppData\Roaming\.minecraft\versions\1.7.2\1.7.2-natives-54938097758082\lwjgl64.dll
2013-12-29 11:46 - 2013-12-29 11:46 - 00382464 _____ () C:\Users\Jesper\AppData\Roaming\.minecraft\versions\1.7.2\1.7.2-natives-54938097758082\OpenAL64.dll
2013-11-21 20:54 - 2013-11-14 12:58 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-12-28 10:07 - 2013-12-04 03:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-28 10:07 - 2013-12-04 03:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-28 10:07 - 2013-12-04 03:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-28 10:07 - 2013-12-04 03:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-28 10:07 - 2013-12-04 03:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-28 10:07 - 2013-12-04 03:48 - 13586896 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Jesper\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth-enhed (Personal Area Network)
Description: Bluetooth-enhed (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/29/2013 10:33:21 AM) (Source: Application Hang) (User: )
Description: Programmet chrome.exe version 31.0.1650.63 afbrød kommunikationen med Windows og blev afsluttet. Hvis du vil se, om der findes flere oplysninger om problemet, kan du læse om problemets historik via Løsningscenter.

Proces-id: a40

Starttidspunkt: 01cf04763b60138b

Afslutningstidspunkt: 12

Programsti: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Rapport-id: 1aea797d-706c-11e3-be82-0008ca5938fe

Fuldt navn på program med fejl:

Relativt program-id for program med fejl:

Error: (12/28/2013 08:35:21 PM) (Source: Desktop Window Manager) (User: )
Description: Styring af skrivebordsvindue har fundet en alvorlig fejl (0x8898008d)

Error: (12/28/2013 08:32:18 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (12/28/2013 08:32:18 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (12/28/2013 07:02:19 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (12/28/2013 07:02:19 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (12/28/2013 06:52:26 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (12/28/2013 06:52:26 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (12/28/2013 06:52:19 PM) (Source: Perflib) (User: )
Description: rdyboost4

Error: (12/28/2013 06:52:19 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4


System errors:
=============
Error: (12/29/2013 10:33:48 AM) (Source: Service Control Manager) (User: )
Description: Tjenesten VMware USB Arbitration Service blev afbrudt uventet. Dette er sket 1 gange. Følgende korrigerende handling foretages om 10000 millisekunder: Genstart tjenesten.

Error: (12/29/2013 10:33:39 AM) (Source: Service Control Manager) (User: )
Description: Tjenesten Intel(R) Management and Security Application Local Management Service blev afbrudt uventet. Dette er sket 1 gange. Følgende korrigerende handling foretages om 10000 millisekunder: Genstart tjenesten.

Error: (12/29/2013 10:33:36 AM) (Source: Service Control Manager) (User: )
Description: Tjenesten Apple Mobile Device blev afbrudt uventet. Dette er sket 1 gange. Følgende korrigerende handling foretages om 60000 millisekunder: Genstart tjenesten.

Error: (12/29/2013 10:33:34 AM) (Source: Service Control Manager) (User: )
Description: Tjenesten Intel(R) Capability Licensing Service Interface blev afbrudt uventet. Dette er sket 1 gange. Følgende korrigerende handling foretages om 0 millisekunder: Genstart tjenesten.

Error: (12/29/2013 10:15:55 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: standard for computerenLokalAktivering{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOKAL TJENESTES-1-5-19LocalHost (via LRPC)Ikke tilgængeligIkke tilgængelig

Error: (12/28/2013 08:41:34 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten VMware USB Arbitration Service blev afbrudt uventet. Dette er sket 1 gange. Følgende korrigerende handling foretages om 10000 millisekunder: Genstart tjenesten.

Error: (12/28/2013 08:41:32 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten VMware Authorization Service afsluttede uventet. Dette er sket 1 gang(e).

Error: (12/28/2013 08:41:08 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Bonjour tjeneste afsluttede uventet. Dette er sket 1 gang(e).

Error: (12/28/2013 08:41:04 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten ASLDR Service afsluttede uventet. Dette er sket 1 gang(e).

Error: (12/28/2013 08:35:23 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: standard for computerenLokalAktivering{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOKAL TJENESTES-1-5-19LocalHost (via LRPC)Ikke tilgængeligIkke tilgængelig


Microsoft Office Sessions:
=========================
Error: (12/29/2013 10:33:21 AM) (Source: Application Hang)(User: )
Description: chrome.exe31.0.1650.63a4001cf04763b60138b12C:\Program Files (x86)\Google\Chrome\Application\chrome.exe1aea797d-706c-11e3-be82-0008ca5938fe

Error: (12/28/2013 08:35:21 PM) (Source: Desktop Window Manager)(User: )
Description: 0x8898008d

Error: (12/28/2013 08:32:18 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (12/28/2013 08:32:18 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (12/28/2013 07:02:19 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (12/28/2013 07:02:19 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (12/28/2013 06:52:26 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (12/28/2013 06:52:26 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (12/28/2013 06:52:19 PM) (Source: Perflib)(User: )
Description: rdyboost4

Error: (12/28/2013 06:52:19 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll4


CodeIntegrity Errors:
===================================
  Date: 2013-12-27 12:02:58.477
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-12-27 12:02:58.450
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-12-27 12:02:58.437
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-12-27 12:02:58.399
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-12-27 12:02:58.381
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-12-27 12:02:57.266
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-12-27 12:02:51.168
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-12-27 12:02:51.127
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-12-27 11:55:17.869
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-12-20 16:57:52.208
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Percentage of memory in use: 30%
Total physical RAM: 8102.62 MB
Available physical RAM: 5647.95 MB
Total Pagefile: 9382.62 MB
Available Pagefile: 6154.63 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.29 GB) (Free:604.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 055A4C71)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Avatar billede magictouch Nybegynder
30. december 2013 - 07:56 #10
Kopier nedenstående ind i et notesblok dokument:



start
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Jesper\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-11-23] (Spotify Ltd)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563096 2013-12-20] (SUPERAntiSpyware
S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
C:\Users\Jesper\CTX.DAT
C:\Users\Jesper\AppData\Local\Temp\805F030E.dll
C:\Users\Jesper\AppData\Local\Temp\815CEC50.dll
C:\Users\Jesper\AppData\Local\Temp\8A7F614F.dll
C:\Users\Jesper\AppData\Local\Temp\8A8D0EA2.dll
C:\Users\Jesper\AppData\Local\Temp\ose00000.exe
C:\Users\Jesper\AppData\Local\Temp\Quarantine.exe
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {339F637F-1731-4D07-9C32-D32FBE20FF45} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-10] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4049F2EC-76CC-4DF2-B9C8-81E170C84C85} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6004D885-2B55-47B9-822F-D63E81BA4954} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\System32\MRT.exe [2013-12-16] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C0D94DF5-A70E-47BD-A479-37227406F938} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-10] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DBAE5C67-E90A-4C6E-BD75-7E82A7ED6D95} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
end



^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Og gem filen med navnet Fixlist  samme sted hvor FRST (Farbar Recovery Scan Tool) filen  også ligger - På skrivebordet

Start FRST (Farbar Recovery Scan Tool) og klikker på FIX (og vent til den er færdig)

Den laver Fixlog.txt, som du skal kopiere herind i dit næste indlæg.
Avatar billede escape4ever Novice
30. december 2013 - 10:17 #11
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-12-2013 01
Ran by Jesper at 2013-12-30 10:17:09 Run:1
Running from C:\Users\Jesper\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Jesper\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-11-23] (Spotify Ltd)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563096 2013-12-20] (SUPERAntiSpyware
S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
C:\Users\Jesper\CTX.DAT
C:\Users\Jesper\AppData\Local\Temp\805F030E.dll
C:\Users\Jesper\AppData\Local\Temp\815CEC50.dll
C:\Users\Jesper\AppData\Local\Temp\8A7F614F.dll
C:\Users\Jesper\AppData\Local\Temp\8A8D0EA2.dll
C:\Users\Jesper\AppData\Local\Temp\ose00000.exe
C:\Users\Jesper\AppData\Local\Temp\Quarantine.exe
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {339F637F-1731-4D07-9C32-D32FBE20FF45} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-10] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4049F2EC-76CC-4DF2-B9C8-81E170C84C85} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6004D885-2B55-47B9-822F-D63E81BA4954} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\System32\MRT.exe [2013-12-16] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C0D94DF5-A70E-47BD-A479-37227406F938} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-10] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DBAE5C67-E90A-4C6E-BD75-7E82A7ED6D95} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
end
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HotKeysCmds => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware => Value deleted successfully.
!SASCORE => Service deleted successfully.
C:\Users\Jesper\CTX.DAT => Moved successfully.
C:\Users\Jesper\AppData\Local\Temp\805F030E.dll => Moved successfully.
C:\Users\Jesper\AppData\Local\Temp\815CEC50.dll => Moved successfully.
C:\Users\Jesper\AppData\Local\Temp\8A7F614F.dll => Moved successfully.
C:\Users\Jesper\AppData\Local\Temp\8A8D0EA2.dll => Moved successfully.
C:\Users\Jesper\AppData\Local\Temp\ose00000.exe => Moved successfully.
C:\Users\Jesper\AppData\Local\Temp\Quarantine.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05293577-D647-4185-B859-C94839A0B2E3} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05293577-D647-4185-B859-C94839A0B2E3} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SettingSync\NetworkStateChangeTask => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B545118-B563-42FC-8D07-B78F602FCF34} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B545118-B563-42FC-8D07-B78F602FCF34} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2085BF56-520D-4951-B7C0-DF34AF90CC6A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2085BF56-520D-4951-B7C0-DF34AF90CC6A} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C9C0C6C-2A74-46F2-858A-4389D253EAD0} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C9C0C6C-2A74-46F2-858A-4389D253EAD0} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{339F637F-1731-4D07-9C32-D32FBE20FF45} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{339F637F-1731-4D07-9C32-D32FBE20FF45} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{352E6CA0-7314-4DF4-89C4-682368D80D57} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352E6CA0-7314-4DF4-89C4-682368D80D57} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B6D8A73-F20B-4C93-B8FB-56A154F172D2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B6D8A73-F20B-4C93-B8FB-56A154F172D2} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Time Zone\SynchronizeTimeZone => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4049F2EC-76CC-4DF2-B9C8-81E170C84C85} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4049F2EC-76CC-4DF2-B9C8-81E170C84C85} => Key deleted successfully.
C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49754026-21E1-41FC-94FD-727AFE414FE7} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49754026-21E1-41FC-94FD-727AFE414FE7} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6004D885-2B55-47B9-822F-D63E81BA4954} => Key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RemovalTools\MRT_HB => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AA91E8C-DDBD-4979-8464-4062F7681A19} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AA91E8C-DDBD-4979-8464-4062F7681A19} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Plug and Play\Plug and Play Cleanup => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6DFCB649-0769-4F83-BB10-F60F235F6D3D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DFCB649-0769-4F83-BB10-F60F235F6D3D} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73B1B253-CE67-4501-AE1A-377DD1D68B65} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73B1B253-CE67-4501-AE1A-377DD1D68B65} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\StartupAppTask => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77F1D869-6E65-4079-A2A0-E2023408EF97} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77F1D869-6E65-4079-A2A0-E2023408EF97} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{872D0E53-FD2E-41E3-B431-698AF82882CE} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{872D0E53-FD2E-41E3-B431-698AF82882CE} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SkyDrive\Routine Maintenance Task => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8CC813C9-712A-41EF-9512-B233444FC669} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CC813C9-712A-41EF-9512-B233444FC669} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9FF4C139-5234-410C-B7FA-23EE2FD2AB53} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FF4C139-5234-410C-B7FA-23EE2FD2AB53} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Work Folders\Work Folders Maintenance Work => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0D94DF5-A70E-47BD-A479-37227406F938} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0D94DF5-A70E-47BD-A479-37227406F938} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFD7C21A-808B-487B-A6EC-8A10E44E8360} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFD7C21A-808B-487B-A6EC-8A10E44E8360} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\SettingSync\BackupTask => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SettingSync\BackupTask => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\WS\License Validation => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WS\License Validation => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DBAE5C67-E90A-4C6E-BD75-7E82A7ED6D95} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBAE5C67-E90A-4C6E-BD75-7E82A7ED6D95} => Key deleted successfully.
C:\Windows\System32\Tasks\ASUS Live Update => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Live Update => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6D378FA-E068-4BCB-80DE-56D43A249507} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6D378FA-E068-4BCB-80DE-56D43A249507} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE => Key deleted successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

==== End of Fixlog ====
Avatar billede magictouch Nybegynder
30. december 2013 - 14:16 #12
Hent og installer Ccleaner: http://www.filehippo.com/download_ccleaner.html

Klik på Download Latest Version

Fjern flueben ved -  forskellige toolbars du bliver tilbudt

Når du åbner programmet for første gang, vil der være flueben i alle felter.
Hvis du ønsker at bevare cookies, kan du fjerne dette flueben.

Klik på Kør Cleaner, for at få renset din computer.

Du vil nu få en advarsel, om at disse filer slettes fuldstændigt fra dit system, og om du ønsker at fortsætte. Klik på Ok for at svare ja til det. Sæt flueben ved ->  Vis mig ikke denne besked igen.


Fortæl så om det har hjulpet  ?
Avatar billede escape4ever Novice
27. januar 2014 - 08:35 #13
sorry har haft travlt, men nej det virkede ikke så om installerede windows, men tak fordi du prøvede
Avatar billede escape4ever Novice
13. februar 2014 - 12:07 #14
lukker selv efter mig
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Andre styresystemer kategorien

Titel Indlæg Oprettet Seneste aktivitet
klon din gamle disk ned på et virtuelt drev i w 10 Af edbjohn i Andre styresystemer 1 03/09/202417:14 03/09/202417:45
Hvilket styresystem på en gammel Pc ??? Af Jan Post i Andre styresystemer 17 18/05/202411:43 21/05/202414:11
Ps4 - Fortnite fejl Af Larsen123 i Andre styresystemer 2 08/01/202400:08 10/01/202409:22
onnote på chromebook ? Af rapsine i Andre styresystemer 3 06/12/202323:26 07/12/202310:49
2 forskellige styresystemer Af susej14 i Andre styresystemer 3 08/11/202316:14 08/11/202323:41
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I går 20:49 pop up black friday Af Malm i Virus
I går 18:31 Hvor finder jeg en netværksdriver? Af jcr18 i Wifi
I går 16:49 Identificér og hent del af tekststreng Af TheLibrarian i Excel
I går 16:30 Smart vægt til fitness tracking Af Henrik i Fitness & Smartwatches
I går 08:08 touchpad virker ikke Af Malm i PC
White papers
Flere white papers »


Premium
Teaser billede
Vil købe tele-løsninger til det offentlige for 370 millioner kroner
Læs mere »
Efterspørgslen på AI-regnekraft er enorm - og det smitter af på priserne: "Vi kan sælge næsten alt, hvad vi får ind"
Nyt værtøj fra Microsoft: Snart kan du reparere nedbrudte Windows-enheder på distancen
Politiet skriver kontrakt på 75 millioner kroner med dansk it-firma: Medarbejdere skal flytte ind hos politiet
Se alle »
Computerworld
Teaser billede
Microsofts nye pc er ekstrem billig – men kan blive ekstrem sikker og fleksibel
Læs mere »
Test: Audi Q6 er en super fed SUV - men gør dig selv en tjeneste og kast flere penge efter den
Test: Prøv kun disse B&O-hovedtelefoner, hvis du har råd
Kæmpe datalæk på hospital: 750.000 patienters fortrolige data lækket
Se alle »
CIO
Teaser billede
Konsulenthus vil rulle Microsoft 365 Copilot ud til 200.000 ansatte
Læs mere »
Kæmpe-opgave for Danske Bank har banet vej for fuldautomatiseret migrering til cloud: Nu udbredes metoden i hele AWS
Stor sag mod Microsoft kan være på vej: Beskyldes for at låse Azure-kunder fast med ulovlige metoder
Microsofts store årlige event: De tre vigtigste nøglebudskaber fra Satya Nadella om Microsofts fremtid
Se alle »
Job & Karriere
Teaser billede
Microsoft klar med ny direktion for den danske forretning: Her er de nye direktører
Læs mere »
Tre Norlys-topchefer fratræder med omgående virkning: Internet-forretningen er udfordret - vil have mere fart i integrationen af Telia Danmark
Efter skelsættende møde med sportscoach: Stor dansk it-arbejdsplads indfører fredags-fri og isbade i arbejdstiden
Linus Torvalds giver russiske Linux-udviklere sparket: Vil ikke have noget med dem at gøre
Se alle »
White paper
Teaser billede
Sådan gør du: Elektronisk dokumentudveksling i praksis
Læs mere »
Governance, Risk & Compliance: Knyt stærke bånd mellem forretning og sikkerhed
Er din cybersikkerhed klar til AI-revolutionen?
Sådan får du overblik og beskytter dine cloudapplikationer
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »