CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede jackie18 Juniormester
28. juni 2014 - 13:05 Der er 37 kommentarer og
1 løsning

VIRUS????

Hej, jeg har brug for lidt hjælp her...

Jeg oplever som om der er en form for virus på min bærbar pc, hver gang jeg åbner en internetside så dukker der noget andet op og kokser helt vildt.

Har bla. prøvet bruge virus programmer såsom maleware bytes og har norton installeret men synes ikke det hjalp så meget eller så det bare mig som ikke kan finde ud af bruge programmerne ordentligt..

Nogen som gider se på det og hjælpe:-)

På forhånd mange tak.
Avatar billede f-arn Guru
28. juni 2014 - 14:34 #1
Hvorfor tror du det er virus ?


Hent AdwCleaner af Xplode, og gem den på dit Skrivebord.

Luk alle åbne programmer !

Deaktiver dit sikkerhedprogram, mens du kører den !

Start AdwCleaner, tryk på "Scan - lad den scanne og klik så på "Delete"

Mht.: Vista og Windows 7/8 - Højreklik på filen - Kør som Administrator.

Programmet vil automatisk genstarte PCen, og åbne en logfil som du skal kopiere herind i næste indlæg.

Logfilen kan også findes her: C:\AdwCleaner[S0].txt
Avatar billede jackie18 Juniormester
28. juni 2014 - 14:51 #2
kan mærke computeren/barbæren ikke fungere optimalt.. Der åbner helt mange andre internetsider når jeg på nettet som jeg ikke vil have bliver åbnet.. Jeg bruger éxplorer søge maskinen, nu hver gang jeg åbner Explorer så kommer Searh fra Yahoo ved ikke hvor det kom fra..

Men jeg har prøvet skanne som du bad mig om her er logen.. Håber det er rigtigt gjort..

# AdwCleaner v3.213 - Report created 28/06/2014 at 14:45:52
# Updated 23/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Khaled Chaker - KHALEDCHAKER
# Running from : C:\Users\Khaled Chaker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GR4E3YLA\adwcleaner_3.213.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : BackupStack
[#] Service Deleted : Update outobox
[#] Service Deleted : Util outobox

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files (x86)\MyPC Backup
[!] Folder Deleted : C:\Program Files (x86)\outobox
Folder Deleted : C:\Users\Khaled Chaker\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Khaled Chaker\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\Khaled Chaker\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Khaled Chaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
File Deleted : C:\Users\Khaled Chaker\Desktop\MyPC Backup.lnk

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Deleted : HKLM\SOFTWARE\5f68bd9e769ba42
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B1290521-AB01-40EB-B993-AD122BEFC9E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1EB0A0B0-CABB-495C-A85A-7C8F891799C7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B1290521-AB01-40EB-B993-AD122BEFC9E2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\outobox
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\outobox
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\outobox

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


*************************

AdwCleaner[R0].txt - [5108 octets] - [28/06/2014 14:45:01]
AdwCleaner[S0].txt - [4637 octets] - [28/06/2014 14:45:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4697 octets] ##########
Avatar billede 220661 Ekspert
28. juni 2014 - 15:20 #3
Hvis man ikke ser sig for, får man en masse af disse søgemaskiner og toolbars. De følger typisk med programmer der hentes og installeres på maskinen sideløbende med det man tror man installerer. Man glemmer nemlig at fjerne tjektegn for disse programmer under installationen.

I IE skulle du kunne administrere dine søgemaskiner. Det gøres i Funktioner-administrer tilføjelsesprogrammer-søgemaskiner. Her skal du kunne fjerne og flytte rundt på disse.
Avatar billede Slettet bruger
28. juni 2014 - 18:36 #4
Har bla. prøvet bruge virus programmer såsom maleware bytes

Blot til orientering Malwarebytes er ikke et antivirusprogram.

har norton installeret men synes ikke det hjalp så meget

Antivirus eller Internet security ?

Åben programmet op og sørg for det er opdateret, det hedder vist noget med LiveUpdate. Kør en fuld scanning.

Hold dine programmer opdateret.
Secunia
http://secunia.com/vulnerability_scanning/personal/
Heimdal
https://heimdalsecurity.com/da/
Hvad opdater Heimdal
https://csis.zendesk.com/entries/21533343-Hvad-opgraderer-Heimdal-
Avatar billede MadsHaupt Juniormester
28. juni 2014 - 21:19 #5
jackie18 har du fået løst dit problem?
Avatar billede f-arn Guru
29. juni 2014 - 08:53 #6
Running from : C:\Users\Khaled Chaker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GR4E3YLA\adwcleaner_3.213.exe

Det er ikke fra Skrivebordet, men har et hjulpet ?
Avatar billede MadsHaupt Juniormester
29. juni 2014 - 11:31 #7
Hvis du skal have det fjernet helt så er du nødt til at finde ud af hvad det er der får reklamerne frem, men du kan da starte med at fjerne alle de programmer der indeholder ordet "toolbar", du kan også prøve og installer Firefox og se om det også er galt der.

Skriv venligst hvilket resultat mit forslag gav.
Avatar billede Slettet bruger
29. juni 2014 - 12:30 #8
#7 følger du overhoved med i denne tråd ?
Avatar billede jackie18 Juniormester
29. juni 2014 - 15:48 #9
Hej igen tak for svaret..

Udefra den log jeg sendte fandt du noget der?

Det er blevet lidt bedre nu synes jeg.. Men stadigvæk de der toolbar programmer dukker op...
Avatar billede f-arn Guru
29. juni 2014 - 16:31 #10
Hent Junkware Removal Tool af Thisisu, og gem den på dit Skrivebord.

Deaktiver dit sikkerhedprogram, mens du kører den !

Start JRT

Mht.: Vista og Windows 7/8 - Højreklik på filen - Kør som Administrator.

Vær tålmodig mens den kører, da det kan ta' noget tid.

Den laver en logfil (JRT.txt) på skrivebordet, som du skal kopiere herind i næste indlæg.

------

Fjern Alle USB nøgler og Externe Harddiske før du kører programmet.

Hent og gem RogueKiller på dit skrivebord.

Den kan også hentes her

Husk at vælge den rigtige version. (64 bit)

Deaktiver dit sikkerhedprogram, mens du kører den !

Luk alle vinduer og kør "RogueKiller" (Hvis den blokeres, kør den flere gange)

Hvis den slet ikke vil køre, prøv at omdøbe den til winlogon.exe

Mht.: Vista og Windows 7/8 - Højreklik på filen - Kør som Administrator.

Lad det indledende scan køre.

Tryk SCAN.

Når den har scannet færdig, klikker du på report,gemmer den og kopierer den herind.

Du skal ikke fjerne noget  !!!!!!!!!
Avatar billede jackie18 Juniormester
29. juni 2014 - 17:07 #11
Hej når du skriver deaktiver mit sikkerhedsystem mener du så f.eks norton? Hvis ja hvordan deaktiver jeg den?
Avatar billede jackie18 Juniormester
29. juni 2014 - 17:31 #12
Hej igen.

Her har du Logfilen fra JRT.........

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Khaled Chaker on 29-06-2014 at 17:15:33,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-883682101-2181097731-975182804-1000\Software\sweetim



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29-06-2014 at 17:22:27,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






OG Logfilen fra Roguekiller........





RogueKiller V9.1.0.0 (x64) [Jun 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Khaled Chaker [Admin rights]
Mode : Scan -- Date : 06/29/2014  17:30:00

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 20 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\0231331365633399mcinstcleanup -> FOUND
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\0231331365633399mcinstcleanup -> FOUND
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\0231331365633399mcinstcleanup -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 212.10.10.4 212.10.24.252 212.10.10.5  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 212.10.10.4 212.10.24.252 212.10.10.5  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 212.10.10.4 212.10.24.252 212.10.10.5  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{98595C84-8B9F-4981-9E50-3B3F7BC76573} | DhcpNameServer : 212.10.10.4 212.10.24.252 212.10.10.5  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A41102D3-DB28-48B8-AEBD-8EC2512D96E5} | DhcpNameServer : 212.10.10.4 212.10.24.252 212.10.10.5  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{98595C84-8B9F-4981-9E50-3B3F7BC76573} | DhcpNameServer : 212.10.10.4 212.10.24.252 212.10.10.5  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{A41102D3-DB28-48B8-AEBD-8EC2512D96E5} | DhcpNameServer : 212.10.10.4 212.10.24.252 212.10.10.5  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{98595C84-8B9F-4981-9E50-3B3F7BC76573} | DhcpNameServer : 212.10.10.4 212.10.24.252 212.10.10.5  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{A41102D3-DB28-48B8-AEBD-8EC2512D96E5} | DhcpNameServer : 212.10.10.4 212.10.24.252 212.10.10.5  -> FOUND
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-883682101-2181097731-975182804-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0  -> FOUND
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-883682101-2181097731-975182804-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0  -> FOUND
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-883682101-2181097731-975182804-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0  -> FOUND
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-883682101-2181097731-975182804-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK6476GSXN +++++
--- User ---
[MBR] a8f40219615cc1fe5c972ba0561f13f6
[BSP] 33b58db251df258ccf054901f31d4f33 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 400 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 821248 | Size: 305000 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 625461248 | Size: 305078 MB
User = LL1 ... OK
User = LL2 ... OK
Avatar billede MadsHaupt Juniormester
29. juni 2014 - 17:56 #13
Prøv at afinstaller uTorrent og fjerne gemte data.
Avatar billede f-arn Guru
29. juni 2014 - 20:33 #14
Hej når du skriver deaktiver mit sikkerhedsystem mener du så f.eks norton? Hvis ja hvordan deaktiver jeg den?

Ja - jeg mener f.eks Norton, men hvilken version har du ?
Avatar billede jackie18 Juniormester
29. juni 2014 - 21:16 #15
Hej igen.

Bruger norton 360 premier edition...

Har sendt dig log filerne har du kigget dem igennem?!

TAk
Avatar billede f-arn Guru
29. juni 2014 - 21:50 #16
Har sendt dig log filerne har du kigget dem igennem?!

Ja - men vi er slet ikke færdige *S*

http://www.youtube.com/watch?v=qRewG2oTlK4

Til 64 bit Windows, hent Farbar Recovery Scan Tool x64 og gem den på Skrivebordet.

Deaktiver dit sikkerhedprogram, mens du kører den !

Start Farbar Recovery Scan Tool og klik på Scan.

Første gang der scannes, laver den automatisk Addition.txt.

Når scanningen er færdig, har du 2 log filer på Skrivebordet -  FRST.txt og Addition.txt som du bedes kopiere herind.

Send dem i separate indlæg, da de kan være meget lange :exclaim:
Avatar billede jackie18 Juniormester
30. juni 2014 - 20:22 #17
Hej igen

Her har du den første log..



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 02
Ran by Khaled Chaker at 2014-06-30 20:21:06
Running from C:\Users\Khaled Chaker\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton 360 Premier Edition (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Premier Edition (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Premier Edition (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29544 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.3.13070 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.0.3.13070 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Dansk (HKLM-x32\...\{AC76BA86-7AD7-1030-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Apple-programunderstøttelse (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{B5896016-3143-B94F-585D-DF75DAF1D879}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
AutoDesktop (HKCU\...\338250c08fe1887b) (Version: 2.6.1.82 - Biltorvet)
AVS Media Player 4.1.11.100 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.1.11.100 - Online Media Technologies Ltd.)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.10.10(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.42 - Broadcom Corporation)
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version:  - Alactro LLC)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0315.1050.17562 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help English (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help French (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help German (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0315.1049.17562 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0315.1050.17562 - Dit firmanavn) Hidden
ccc-utility64 (Version: 2010.0315.1050.17562 - ATI) Hidden
Citrix Presentation Server Client (HKLM-x32\...\{2624B680-02BC-4CBC-839C-DA20DF6EF6EC}) (Version: 10.200.2650 - Citrix Systems, Inc.)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.822 - Corel Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
DVD MovieFactory for TOSHIBA (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
DVD MovieFactory for TOSHIBA (x32 Version: 7.0.0 - Corel Corporation) Hidden
ffdshow v1.3.4515 [2013-06-12] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4515.0 - )
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.2.4.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.01.1007 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.8.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.8.5 - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DAN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (dansk) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1030) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (Danish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Danish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Danish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Danish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2010 - Danish/dansk (HKLM-x32\...\Office14.OMUI.da-dk) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office O MUI (Danish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Danish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Danish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Danish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Danish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Swedish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Danish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Danish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Danish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Danish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (Danish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Danish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (Danish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10600.6.0 - Nero AG) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.24700.31.100 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 1.0.10900 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11300.14.100 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10900 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.2.200.0.2 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 1.0.10900 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.16800.7.15 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.12100.22.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 1.0.10900 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.11400.15.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10900 - Nero AG) Hidden
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.14800.28.100 - Nero AG)
Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10900 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{0FF68F26-416C-4954-ACA5-6AD5F9DE99C1}) (Version: 10.0.15000 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.11800.26.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 1.0.10900 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.12300.27.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10900 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Norton 360 (HKLM-x32\...\N360) (Version: 21.3.0.12 - Symantec Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.0.47 - Symantec Corporation)
Photo Service - powered by myphotobook (HKLM-x32\...\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.2.0-545 - myphotobook GmbH)
Photo Service - powered by myphotobook (x32 Version: 1.2.0 - myphotobook GmbH) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.13.112.2010 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5992 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{E9B456A4-0C64-4337-AD45-2547B84043CB}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TOSHIBA Administratoradgangskode (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.10C - TOSHIBA CORPORATION)
Toshiba Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.11 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.07.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.6.07.64 - TOSHIBA Corporation) Hidden
TOSHIBA ConfigFree (HKLM-x32\...\{80F696E0-AB85-433E-99E3-8CC6D98CF167}) (Version: 8.0.35 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.11.64 - TOSHIBA Corporation)
TOSHIBA eco Utility (Version: 1.2.11.64 - TOSHIBA Corporation) Hidden
TOSHIBA eco Utility (x32 Version: 1.2.11.64 - TOSHIBA Corporation) Hidden
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.11C - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (x32 Version: 1.63.0.11C - TOSHIBA CORPORATION) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.30C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (x32 Version: 1.63.0.30C - TOSHIBA CORPORATION) Hidden
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.8.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.5.11 - TOSHIBA CORPORATION)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.09.0001 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.5 x64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Recovery Media Creator Reminder (x32 Version: 1.00.0019 - TOSHIBA) Hidden
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.6.06.64 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Supervisor Password (x32 Version: 1.63.0.10C - TOSHIBA CORPORATION) Hidden
Toshiba TEMPRO (HKLM-x32\...\{DBB7021A-3437-446F-ACE5-7261644A972C}) (Version: 3.33 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.19.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.3.19.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.3.19.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version:  - )
TRORMCLauncher (Version: 1.0.0.10 - TOSHIBA) Hidden
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.da-dk_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{FAFF5277-C8A7-47E4-85F9-FD95CDBC1171}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0406-0000-0000000FF1CE}_Office14.OMUI.da-dk_{CDB6D503-FD52-440A-A185-AB9692F2A31B}) (Version:  - Microsoft)
Utility Common Driver (x32 Version: 1.0.52.2C - TOSHIBA) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

26-05-2014 22:01:16 Windows Sikkerhedskopiering
01-06-2014 22:34:52 Windows Sikkerhedskopiering
09-06-2014 18:55:40 Windows Sikkerhedskopiering
11-06-2014 22:44:01 Windows Update
16-06-2014 12:00:24 Windows Sikkerhedskopiering
28-06-2014 10:43:52 Windows Sikkerhedskopiering
30-06-2014 15:32:12 Windows Sikkerhedskopiering

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {3440F39F-23AC-44DB-87BB-1C46E7CADDE1} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {4A6D4C04-318D-40AE-B0B0-DCB5BDCAAAE3} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-06-03] (TOSHIBA CORPORATION)
Task: {4BA9C67D-AB13-4232-9401-EA8A5817653A} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {4E39DE18-8548-429B-8159-AA8D016F3C33} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {50AAD482-4E5A-4BED-804B-C85C10FBE3D5} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\WSCStub.exe [2014-05-11] (Symantec Corporation)
Task: {6CC3F444-9D51-4299-960C-58C91AA9D0CE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {7105DD71-D7AB-47EB-9ABA-9048E7DCA0BC} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {85F58CC6-13BF-4027-B263-E4C049DA8DEA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {D19CDDDC-5B98-40C6-8C6A-719633DB1FE7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2009-10-13 11:00 - 2009-10-13 11:00 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-10 03:06 - 2013-04-10 03:06 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-02-05 18:44 - 2010-02-05 18:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Broadcom 802.11 netværksadapter
Description: Broadcom 802.11 netværksadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling-adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/30/2014 05:36:24 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Sikkerhedskopieringen blev ikke fuldført. Fejlen er: Der er ikke tilstrækkelig plads på drevet til at gemme sikkerhedskopien. Frigør plads ved at slette ældre sikkerhedskopier og unødvendige data, eller ret sikkerhedskopiindstillingerne. (0x81000005).


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (06/30/2014 05:36:24 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Der er ikke tilstrækkelig plads på drevet til at gemme sikkerhedskopien. Frigør plads ved at slette ældre sikkerhedskopier og unødvendige data, eller ret sikkerhedskopiindstillingerne. (0x81000005)


==================== Memory info ===========================

Percentage of memory in use: 35%
Total physical RAM: 3954.67 MB
Available physical RAM: 2532.17 MB
Total Pagefile: 7907.52 MB
Available Pagefile: 6282.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:297.85 GB) (Free:190.71 GB) NTFS
Drive d: (Data) (Fixed) (Total:297.93 GB) (Free:0.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: EA92E9D8)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Avatar billede jackie18 Juniormester
30. juni 2014 - 20:23 #18
Og nr 2


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02
Ran by Khaled Chaker (administrator) on KHALEDCHAKER on 30-06-2014 20:20:21
Running from C:\Users\Khaled Chaker\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Dansk (Danmark)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\nst.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\nst.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [896032 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-04-06] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-03-04] (TOSHIBA)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-15] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKU\.DEFAULT\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-04-11] (Microsoft Corporation)
HKU\S-1-5-21-883682101-2181097731-975182804-1000\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {94A1C2D5-3DB8-4286-A978-B9A4E03F6653} URL =
SearchScopes: HKCU - {66BEEE1A-250A-42FD-BE22-86BDEB549EB8} URL =
SearchScopes: HKCU - {94A1C2D5-3DB8-4286-A978-B9A4E03F6653} URL =
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.47\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Hjælp til logon til Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.47\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.47\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} http://gis.aarhus.dk/Mapguide%20viewer/v65/mgaxctrl.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 212.10.10.4 212.10.24.252 212.10.10.5

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-12-05]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-06-30]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-05-21]

==================== Services (Whitelisted) =================

R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe [265040 2014-05-11] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\NST.exe [130104 2014-05-14] (Symantec Corporation)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
S2 0231331365633399mcinstcleanup; C:\Users\KHALED~1\AppData\Local\Temp\023133~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1503000.00C\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07000.02F\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-12] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-12] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140627.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140630.001\ENG64.SYS [126040 2014-03-25] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140630.001\EX64.SYS [2099288 2014-03-25] (Symantec Corporation)
R2 regi; C:\Windows\SysWOW64\drivers\regi.sys [11032 2007-04-17] (InterVideo)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1503000.00C\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-05] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-09-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1503000.00C\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1503000.00C\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 Tosrfcom; No ImagePath
R1 {1a147621-8c9a-4d6b-a557-6513a40d3207}Gw64; C:\Windows\System32\drivers\{1a147621-8c9a-4d6b-a557-6513a40d3207}Gw64.sys [61112 2014-04-24] (StdLib)
R1 {1a147621-8c9a-4d6b-a557-6513a40d3207}w64; C:\Windows\System32\drivers\{1a147621-8c9a-4d6b-a557-6513a40d3207}w64.sys [61112 2014-05-22] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-30 20:20 - 2014-06-30 20:20 - 00019637 _____ () C:\Users\Khaled Chaker\Desktop\FRST.txt
2014-06-30 20:20 - 2014-06-30 20:20 - 00000000 ____D () C:\FRST
2014-06-30 20:19 - 2014-06-30 20:19 - 02083328 _____ (Farbar) C:\Users\Khaled Chaker\Desktop\FRST64.exe
2014-06-29 17:25 - 2014-06-29 17:25 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-29 17:22 - 2014-06-29 17:22 - 00000821 _____ () C:\Users\Khaled Chaker\Desktop\JRT.txt
2014-06-29 17:15 - 2014-06-29 17:15 - 00000000 ____D () C:\Windows\ERUNT
2014-06-29 17:14 - 2014-06-29 17:14 - 05283416 _____ () C:\Users\Khaled Chaker\Desktop\RogueKillerX64.exe
2014-06-29 17:11 - 2014-06-29 17:11 - 01016261 _____ (Thisisu) C:\Users\Khaled Chaker\Desktop\JRT.exe
2014-06-28 18:17 - 2014-06-28 18:18 - 00000000 ____D () C:\Users\Khaled Chaker\Downloads\Mandingo.Cougars.2.EnGlisH.XXX.DVDRip.XviD-WwW.Torrentesx.CoM
2014-06-28 16:38 - 2014-06-28 16:38 - 01342659 _____ () C:\Users\Khaled Chaker\Desktop\adwcleaner_3.213.exe
2014-06-28 14:39 - 2014-06-28 16:50 - 00000000 ____D () C:\AdwCleaner
2014-06-28 14:15 - 2014-06-28 16:50 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-28 13:05 - 2014-06-28 13:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-28 13:05 - 2014-06-28 13:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-28 13:05 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-28 13:05 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-16 21:01 - 2014-06-16 21:01 - 00068608 _____ () C:\Users\Khaled Chaker\Desktop\Momsafstemning 2014.xls
2014-06-16 14:05 - 2014-06-16 14:05 - 00001790 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-16 14:05 - 2014-06-16 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-16 14:05 - 2014-06-16 14:05 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-16 14:05 - 2014-06-16 14:05 - 00000000 ____D () C:\Program Files\iTunes
2014-06-16 14:05 - 2014-06-16 14:05 - 00000000 ____D () C:\Program Files\iPod
2014-06-16 14:05 - 2014-06-16 14:05 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-12 00:12 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 00:12 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 00:12 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 00:12 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 00:12 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 00:12 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 00:12 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 00:12 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 00:12 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 00:12 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 00:12 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 00:12 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 00:12 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 00:12 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 00:12 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 00:12 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 00:12 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 00:12 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 00:12 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 00:12 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 00:12 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 00:12 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 00:12 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 00:12 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 00:12 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 00:12 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 00:12 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 00:12 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 00:12 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 00:12 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 00:12 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 00:12 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 00:12 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 00:12 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 00:12 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 00:12 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 00:12 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 00:12 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 00:12 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 00:12 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 00:12 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 00:12 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 00:12 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 00:12 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 00:12 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 00:12 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 00:12 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 00:12 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 00:12 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 00:12 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 00:12 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 00:12 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 00:11 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-12 00:11 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 00:11 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 00:11 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 00:11 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 00:11 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 00:11 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 00:11 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 00:11 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 00:11 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 00:11 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 00:11 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 00:11 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 00:11 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 00:01 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 00:01 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-10 13:42 - 2014-06-10 13:42 - 00029434 _____ () C:\Users\Khaled Chaker\Desktop\Oversigt over brugtmoms 2014.xlsx

==================== One Month Modified Files and Folders =======

2014-06-30 20:20 - 2014-06-30 20:20 - 00019637 _____ () C:\Users\Khaled Chaker\Desktop\FRST.txt
2014-06-30 20:20 - 2014-06-30 20:20 - 00000000 ____D () C:\FRST
2014-06-30 20:19 - 2014-06-30 20:19 - 02083328 _____ (Farbar) C:\Users\Khaled Chaker\Desktop\FRST64.exe
2014-06-30 20:11 - 2013-10-10 20:17 - 00064988 _____ () C:\Users\Khaled Chaker\Documents\Data.txt
2014-06-30 20:04 - 2009-07-14 09:34 - 00509694 _____ () C:\Windows\system32\perfh006.dat
2014-06-30 20:04 - 2009-07-14 09:34 - 00098972 _____ () C:\Windows\system32\perfc006.dat
2014-06-30 20:04 - 2009-07-14 07:13 - 01380164 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-30 20:03 - 2013-09-17 17:59 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-30 20:03 - 2013-04-10 03:03 - 01616378 _____ () C:\Windows\WindowsUpdate.log
2014-06-30 17:28 - 2009-07-14 06:45 - 00016304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-30 17:28 - 2009-07-14 06:45 - 00016304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-30 17:21 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-30 17:21 - 2009-07-14 06:51 - 00084199 _____ () C:\Windows\setupact.log
2014-06-29 17:25 - 2014-06-29 17:25 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-29 17:22 - 2014-06-29 17:22 - 00000821 _____ () C:\Users\Khaled Chaker\Desktop\JRT.txt
2014-06-29 17:15 - 2014-06-29 17:15 - 00000000 ____D () C:\Windows\ERUNT
2014-06-29 17:14 - 2014-06-29 17:14 - 05283416 _____ () C:\Users\Khaled Chaker\Desktop\RogueKillerX64.exe
2014-06-29 17:11 - 2014-06-29 17:11 - 01016261 _____ (Thisisu) C:\Users\Khaled Chaker\Desktop\JRT.exe
2014-06-28 19:43 - 2013-04-17 15:53 - 00000000 ____D () C:\Users\Khaled Chaker\AppData\Roaming\uTorrent
2014-06-28 19:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-28 18:18 - 2014-06-28 18:17 - 00000000 ____D () C:\Users\Khaled Chaker\Downloads\Mandingo.Cougars.2.EnGlisH.XXX.DVDRip.XviD-WwW.Torrentesx.CoM
2014-06-28 17:08 - 2014-01-14 18:28 - 00000000 ____D () C:\Users\Khaled Chaker\AppData\Local\Deployment
2014-06-28 16:50 - 2014-06-28 14:39 - 00000000 ____D () C:\AdwCleaner
2014-06-28 16:50 - 2014-06-28 14:15 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-28 16:41 - 2013-04-10 22:13 - 00963412 _____ () C:\Windows\PFRO.log
2014-06-28 16:38 - 2014-06-28 16:38 - 01342659 _____ () C:\Users\Khaled Chaker\Desktop\adwcleaner_3.213.exe
2014-06-28 14:28 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-06-28 13:05 - 2014-06-28 13:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-28 13:05 - 2014-06-28 13:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-28 13:05 - 2014-03-18 22:41 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-28 13:05 - 2014-03-18 22:41 - 00000000 ____D () C:\Users\Khaled Chaker\AppData\Roaming\Malwarebytes
2014-06-28 13:05 - 2014-03-18 22:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-28 13:05 - 2014-03-18 22:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-06-16 21:01 - 2014-06-16 21:01 - 00068608 _____ () C:\Users\Khaled Chaker\Desktop\Momsafstemning 2014.xls
2014-06-16 14:05 - 2014-06-16 14:05 - 00001790 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-16 14:05 - 2014-06-16 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-16 14:05 - 2014-06-16 14:05 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-16 14:05 - 2014-06-16 14:05 - 00000000 ____D () C:\Program Files\iTunes
2014-06-16 14:05 - 2014-06-16 14:05 - 00000000 ____D () C:\Program Files\iPod
2014-06-16 14:05 - 2014-06-16 14:05 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-12 00:48 - 2013-07-18 21:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 00:46 - 2013-04-10 12:25 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 00:45 - 2013-04-10 22:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 00:44 - 2014-05-06 20:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 19:19 - 2013-04-10 19:03 - 00545064 _____ () C:\Users\Khaled Chaker\danid.log
2014-06-10 18:21 - 2014-02-28 00:39 - 00000000 ____D () C:\Users\Khaled Chaker\AppData\Local\CrashDumps
2014-06-10 13:42 - 2014-06-10 13:42 - 00029434 _____ () C:\Users\Khaled Chaker\Desktop\Oversigt over brugtmoms 2014.xlsx
2014-06-08 11:13 - 2014-06-12 00:01 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-12 00:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 19:04

==================== End Of Log ============================
Avatar billede f-arn Guru
30. juni 2014 - 21:48 #19
Drop fildeling ->
http://www.spywarefri.dk/artikel/farerne-ved-fildeling/

Afinstaller µTorrent.

------

Deaktiver dine Sikkerheds programmer, mens "Fixet" kører.

Åben Notesblok, kopier det fremhævede med fed ind, og gem filen som Fixlist på Skrivebordet ved siden af Farbar Recovery Scan Tool.


start
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {94A1C2D5-3DB8-4286-A978-B9A4E03F6653} URL =
SearchScopes: HKCU - {66BEEE1A-250A-42FD-BE22-86BDEB549EB8} URL =
SearchScopes: HKCU - {94A1C2D5-3DB8-4286-A978-B9A4E03F6653} URL =
S2 0231331365633399mcinstcleanup; C:\Users\KHALED~1\AppData\Local\Temp\023133~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service
R1 {1a147621-8c9a-4d6b-a557-6513a40d3207}Gw64; C:\Windows\System32\drivers\{1a147621-8c9a-4d6b-a557-6513a40d3207}Gw64.sys [61112 2014-04-24] (StdLib)
R1 {1a147621-8c9a-4d6b-a557-6513a40d3207}w64; C:\Windows\System32\drivers\{1a147621-8c9a-4d6b-a557-6513a40d3207}w64.sys [61112 2014-05-22] (StdLib
C:\Windows\System32\drivers\{1a147621-8c9a-4d6b-a557-6513a40d3207}Gw64.sys
C:\Windows\System32\drivers\{1a147621-8c9a-4d6b-a557-6513a40d3207}w64.sys
C:\Users\Khaled Chaker\AppData\Roaming\uTorrent
reboot:
end


Dette Fix blev skrevet specielt til denne bruger og til brug på denne PC.
Køres dette på en anden PC, kan det forårsage skade, og i værste fald vil PCen ikke starte.

Start FRST (Farbar Recovery Scan Tool) og klik på FIX (og vent til den er færdig)

Den laver Fixlog.txt, som du skal kopiere herind i dit næste indlæg.

Luk Farbar Recovery Scan Tool, og lad PCen genstarte.

Hvordan kører PCen ?
Avatar billede jackie18 Juniormester
01. juli 2014 - 03:07 #20
Hej har gjort som du bad om, håber det er gjort rigtigt?!

Her har du log filen....

Tak indtil videre, synes pcen kører noget mere bedre nu:-)



Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-06-2014 02
Ran by Khaled Chaker at 2014-07-01 03:02:58 Run:1
Running from C:\Users\Khaled Chaker\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {94A1C2D5-3DB8-4286-A978-B9A4E03F6653} URL =
SearchScopes: HKCU - {66BEEE1A-250A-42FD-BE22-86BDEB549EB8} URL =
SearchScopes: HKCU - {94A1C2D5-3DB8-4286-A978-B9A4E03F6653} URL =
S2 0231331365633399mcinstcleanup; C:\Users\KHALED~1\AppData\Local\Temp\023133~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service
R1 {1a147621-8c9a-4d6b-a557-6513a40d3207}Gw64; C:\Windows\System32\drivers\{1a147621-8c9a-4d6b-a557-6513a40d3207}Gw64.sys [61112 2014-04-24] (StdLib)
R1 {1a147621-8c9a-4d6b-a557-6513a40d3207}w64; C:\Windows\System32\drivers\{1a147621-8c9a-4d6b-a557-6513a40d3207}w64.sys [61112 2014-05-22] (StdLib
C:\Windows\System32\drivers\{1a147621-8c9a-4d6b-a557-6513a40d3207}Gw64.sys
C:\Windows\System32\drivers\{1a147621-8c9a-4d6b-a557-6513a40d3207}w64.sys
C:\Users\Khaled Chaker\AppData\Roaming\uTorrent
reboot:
end
*****************

'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{66BEEE1A-250A-42FD-BE22-86BDEB549EB8}' => Key deleted successfully.
'HKCR\CLSID\{66BEEE1A-250A-42FD-BE22-86BDEB549EB8}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{94A1C2D5-3DB8-4286-A978-B9A4E03F6653}' => Key deleted successfully.
'HKCR\CLSID\{94A1C2D5-3DB8-4286-A978-B9A4E03F6653}'=> Key not found.
0231331365633399mcinstcleanup => Service deleted successfully.
{1a147621-8c9a-4d6b-a557-6513a40d3207}Gw64 => Service stopped successfully.
{1a147621-8c9a-4d6b-a557-6513a40d3207}Gw64 => Service deleted successfully.
{1a147621-8c9a-4d6b-a557-6513a40d3207}w64 => Service stopped successfully.
{1a147621-8c9a-4d6b-a557-6513a40d3207}w64 => Service deleted successfully.
C:\Windows\System32\drivers\{1a147621-8c9a-4d6b-a557-6513a40d3207}Gw64.sys => Moved successfully.
C:\Windows\System32\drivers\{1a147621-8c9a-4d6b-a557-6513a40d3207}w64.sys => Moved successfully.
C:\Users\Khaled Chaker\AppData\Roaming\uTorrent => Moved successfully.


The system needed a reboot.

==== End of Fixlog ====
Avatar billede f-arn Guru
01. juli 2014 - 11:17 #21
Start Malwarebytes og opdater den.

Når det er færdig, går du op i Settings - "Detection and Protection" - Og sætter flueben ved - "Scan for rootkits."

Under Settings - "Detection and Protection" - "Non-Malware Protection" - "PUP" skal den sættes til "Treat detections as malware"
Gør det samme for "PUM"

Derefter - Tryk på "Scan" knappen, sæt flueben ved "Threat Scan" - Tryk så på "Scan now" knappen.

Efter scanningen popper der en boks op, hvor du trykker på "Quarantine All" , derefter tryk på "Export Log"

Hvis der ikke bliver fundet noget, gemmer du bare loggen. Giv loggen et navn, og gem den på Skrivebordet som en Txt fil.

Lad så malwarebytes genstarte, hvis nødvendigt.

Send så loggen fra malwarebytes herind.
Avatar billede 220661 Ekspert
01. juli 2014 - 16:02 #22
afmelder overvågning af tråden her.
Avatar billede jackie18 Juniormester
01. juli 2014 - 19:50 #23
Hej, min maleware version er på dansk. 2.0.2.2012

gider du måske forklar det på dansk for mig tak

Mange tak

MVh
Avatar billede f-arn Guru
02. juli 2014 - 15:40 #24
Du kan ændre sprog under indstillinger/Settings - men direkte oversat skal du kikke under "indstillinger" -> "Detektion og beskyttelse".
Avatar billede jackie18 Juniormester
02. juli 2014 - 17:39 #25
Hej igen

Tak for det

Her er log filen

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 02-07-2014
Scan Time: 17:17:59
Logfile: malware logfil.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.02.04
Rootkit Database: v2014.07.01.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Khaled Chaker

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 296768
Time Elapsed: 18 min, 42 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
Avatar billede f-arn Guru
02. juli 2014 - 21:30 #26
Deaktiver dit sikkerhedprogram, mens du kører dette ->

Hent og gem aswMBR på dit Skrivebord.

Start aswMBR og klik på "Scan"

Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator.

Hvis den spørger efter "Avast virus definitioner" klikker du "Yes"

Når den er færdig med at scanne, klikker du på "SAVE LOG" og sender loggen herind.

Hvordan kører PCen ?
Avatar billede MadsHaupt Juniormester
02. juli 2014 - 21:33 #27
jackie18 prøv at legge et skærmbillede ind af alle de installerede programmer på din computer, så kigger jeg om der måske er noget der skal afinstalleres for at løse problemet.
Avatar billede Slettet bruger
03. juli 2014 - 10:17 #28
#27 jeg tror f-arn har styr på situationen.
Avatar billede jackie18 Juniormester
03. juli 2014 - 19:31 #29
Hej igen.

Her er log filen fra AswMBR


aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-07-03 19:29:16
-----------------------------
19:29:16.683    OS Version: Windows x64 6.1.7601 Service Pack 1
19:29:16.683    Number of processors: 4 586 0x2502
19:29:16.683    ComputerName: KHALEDCHAKER  UserName:
19:29:18.742    Initialize success
19:29:18.789    VM: initialized successfully
19:29:18.820    VM: Intel CPU supported
19:29:33.084    VM: supported disk I/O iaStor.sys
19:29:44.241    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:29:44.241    Disk 0 Vendor: TOSHIBA_ GB00 Size: 610480MB BusType: 3
19:29:44.397    VM: Disk 0 MBR read successfully
19:29:44.397    Disk 0 MBR scan
19:29:44.413    Disk 0 Windows 7 default MBR code
19:29:44.413    Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS          400 MB offset 2048
19:29:44.428    Disk 0 Boot: NTFS    code=1
19:29:44.444    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS      305000 MB offset 821248
19:29:44.460    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS      305078 MB offset 625461248
19:29:44.600    Disk 0 scanning C:\Windows\system32\drivers
19:29:51.870    Service scanning
19:29:56.456    Service BHDrvx64 C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140606.001\BHDrvx64.sys **LOCKED** 5
19:29:57.642    Service ccSet_N360 C:\Windows\system32\drivers\N360x64\1503000.00C\ccSetx64.sys **LOCKED** 5
19:30:00.902    Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
19:30:01.354    Service EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
19:30:05.041    Service IDSVia64 C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140701.001\IDSvia64.sys **LOCKED** 5
19:30:12.216    Service NAVENG C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140702.001\ENG64.SYS **LOCKED** 5
19:30:12.406    Service NAVEX15 C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140702.001\EX64.SYS **LOCKED** 5
19:30:22.366    Service SRTSPX C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSPX64.SYS **LOCKED** 5
19:30:23.266    Service SymDS C:\Windows\system32\drivers\N360x64\1503000.00C\SYMDS64.SYS **LOCKED** 5
19:30:23.518    Service SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS **LOCKED** 5
19:30:23.738    Service SymIRON C:\Windows\system32\drivers\N360x64\1503000.00C\Ironx64.SYS **LOCKED** 5
19:30:23.876    Service SymNetS C:\Windows\System32\Drivers\N360x64\1503000.00C\SYMNETS.SYS **LOCKED** 5
19:30:33.312    Modules scanning
19:30:33.319    Disk 0 trace - called modules:
19:30:33.334    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
19:30:33.342    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c83060]
19:30:33.347    3 CLASSPNP.SYS[fffff88001d1143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a1d050]
19:30:33.352    Scan finished successfully
19:30:45.551    Disk 0 MBR has been saved successfully to "C:\Users\Khaled Chaker\Desktop\MBR.dat"
19:30:45.556    The log file has been saved successfully to "C:\Users\Khaled Chaker\Desktop\aswMBR.txt"
Avatar billede jackie18 Juniormester
03. juli 2014 - 19:54 #30
Har i øverigt efter installerede senest program ASWMBR bemærket at norton har fundet Trojan.Jen. og nu er den fjernet.. Ved ikke hvad det er. men tyder på det en slags virus måske.
?!
Avatar billede f-arn Guru
03. juli 2014 - 20:45 #31
AswMBR er en rootkitt scanner, og den benytter særlige teknikker for at kunne fungere - det er det Norton kan se og reagerer på :)

Det ser faktisk fint ud, men du svarede ikke på "Hvordan kører PCen ?"
Avatar billede jackie18 Juniormester
04. juli 2014 - 20:28 #32
Den kører fantastisk nu.. Takket var dem som har prøvet hjælpe, og speciel mest til dig mester:-)

Du har styrer på sådan noget kan jeg se.. Det er fantastisk..

Mange tak Mester:-)

tak tak.....
Avatar billede f-arn Guru
04. juli 2014 - 21:30 #33
Så er vi næsten færdige ;)

For at undgå infektioner, er det vigtigt du holder både Windows og dine programmer opdaterede.

Hent Security Check af screen317

Start den og følg instruktionerne.

Kopier loggen herind.
Avatar billede jackie18 Juniormester
05. juli 2014 - 03:17 #34
ok i orden:-)

her er log filen

Results of screen317's Security Check version 0.99.85 
Windows 7 Service Pack 1 x64 (UAC is enabled) 
Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Norton 360 Premier Edition 
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 55 
Java version out of Date!
Adobe Reader XI 
````````Process Check: objlist.exe by Laurent```````` 
TOSHIBA TOSHIBA Online Product Information TOPI.exe 
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
Avatar billede f-arn Guru
05. juli 2014 - 11:01 #35
I Kontrolpanelet skal du afinstallere Java 7 Update 55

Hent en ny her.
http://www.java.com/en/download/index.jsp  (husk at fraklikke Toolbars og andet skrammel)

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Hvis den stadig ligger der, skal den afinstalleres, og du skal hente en ny her.

http://get.adobe.com/flashplayer/ (husk at fraklikke Toolbars og andet skrammel)

Når du har fortalt det er gjort, kommer der en vejledning til at rydde op i de rense programmer vi har brugt :)
Avatar billede jackie18 Juniormester
06. juli 2014 - 03:18 #36
Hej det er hermed gjort.

Har installeret de nye visioner af Java og Adobe...:-)
Avatar billede f-arn Guru
06. juli 2014 - 06:22 #37
Hent DelFix af Xplode, og gem den på dit Skrivebord.

Start den og sæt flueben i følgende.

Remove disinfection tools

Create registry backup

Klik så på Run.

Den laver en log (DelFix.txt), som jeg ikke skal se :)

Det vil fjerne de fleste værktøjer vi har brugt.

Hvis der efterlades noget, må du slette det manuelt.
Avatar billede jackie18 Juniormester
09. juli 2014 - 02:29 #38
Okay mange tak for din tid og hjælp..

Du har været en stor hjælp mange mange tak.

Virkelig styrer på tingene Mester:-)

Tak tak..

God dag..
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Findes der mon et Antivirus program, som ikke, konstant, reklamerer, for at købe ? Af Ikke-ekspert i Virus 21 22/06/202419:22 23/06/202412:54
Anbefaling af antivirusprogram med firewall Af OnePlusFan i Virus 23 07/05/202421:02 13/05/202419:48
trusler Af gerhardpet i Virus 4 26/01/202410:02 27/01/202408:32
Kan ikke fjerne virus Af mik28 i Virus 16 09/01/202416:37 10/01/202419:59
virusscanning Af JetteD i Virus 2 10/11/202312:55 10/11/202316:36
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I går 22:45 Mangler jeg nogen driver?? Af xMsBx i Andet software
I går 20:37 Åbne en regnskabsfil fra Summasumarum Af ptj_11 i Økonomiprogrammer
I går 18:03 Kan en kombinationsbox formateres om til en text box og omvendt Af per2edb i Access
I går 12:41 Standard kontoplan til dynamics business central Af prof2004 i Økonomiprogrammer
20/1121:03 Kan ikke se mine cromecasts Af Malm i Browsere
White papers
Flere white papers »


Premium
Teaser billede
Københavns Kommune ansætter sin første CISO nogensinde: Skal bygge it-afdelingen op omkring 45.000 ansatte
Læs mere »
Ny EU-sikkerhedslov er offentliggjort: Nu er nedtællingen i gang
Melder alt klart med kæmpe it-projekt: Budget er steget med næsten 30 procent undervejs
Konsulenthus vil rulle Microsoft 365 Copilot ud til 200.000 ansatte
Se alle »
Computerworld
Teaser billede
Microsofts nye pc er ekstrem billig – men kan blive ekstrem sikker og fleksibel
Læs mere »
Test: Audi Q6 er en super fed SUV - men gør dig selv en tjeneste og kast flere penge efter den
Det vrimler frem med gratis-alternativer til ChatGPT Plus – her er de bedste af dem
Test: Prøv kun disse B&O-hovedtelefoner, hvis du har råd
Se alle »
CIO
Teaser billede
Danske sygehuse når ikke at opgradere tusindvis af computere til Windows 11 i tide: Får konsekvenser for it-sikkerheden
Læs mere »
Konsulenthus vil rulle Microsoft 365 Copilot ud til 200.000 ansatte
Kæmpe-opgave for Danske Bank har banet vej for fuldautomatiseret migrering til cloud: Nu udbredes metoden i hele AWS
Stor sag mod Microsoft kan være på vej: Beskyldes for at låse Azure-kunder fast med ulovlige metoder
Se alle »
Job & Karriere
Teaser billede
Microsoft klar med ny direktion for den danske forretning: Her er de nye direktører
Læs mere »
Tre Norlys-topchefer fratræder med omgående virkning: Internet-forretningen er udfordret - vil have mere fart i integrationen af Telia Danmark
Efter skelsættende møde med sportscoach: Stor dansk it-arbejdsplads indfører fredags-fri og isbade i arbejdstiden
Linus Torvalds giver russiske Linux-udviklere sparket: Vil ikke have noget med dem at gøre
Se alle »
White paper
Teaser billede
Vær proaktiv og prioritér IT-sikkerheden – før det er for sent
Læs mere »
Managed Detection & Response: Forsvar din virksomhed mod cybertrusler døgnet rundt
Cyberstatus 2024: Her er truslerne – og her forbereder virksomhederne sig
Governance, Risk & Compliance: Knyt stærke bånd mellem forretning og sikkerhed
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »